What technology area does this patent fall under?

Primary CPC classification G06F9/45558. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Aug 23 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Image registry resource sharing among container orchestrators in a virtualized computing system

US11422846B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11422846-B2
Application number	US-202016933823-A
Country	US
Kind code	B2
Filing date	Jul 20, 2020
Priority date	Jul 20, 2020
Publication date	Aug 23, 2022
Grant date	Aug 23, 2022

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A virtualized computing system according to an example includes: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); a container image registry configured to manage container images for deploying containers in the host cluster; an orchestration control plane integrated with the virtualization layer, the orchestration control plane including a master server executing in a first VM of the VMs, the master server configured to manage image secrets based on accounts in the container image registry; and a guest cluster, managed by the orchestration control plane and executing in second VMs of the VMs, the guest cluster configured to receive the image secrets from the master server and access the container image registry using the image secrets.

First claim

Opening claim text (preview).

What is claimed is: 1. A virtualized computing system, comprising: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); a container image registry configured to manage container images for deploying containers in the host cluster; an orchestration control plane cooperating with control plane agents in the virtualization layer to provide a supervisor cluster, the orchestration control plane including a master server executing in a first VM of the VMs, the master server configured to manage image secrets based on accounts in the container image registry; and a guest cluster, managed by the orchestration control plane as a virtual extension of the supervisor cluster and executing in second VMs of the VMs, the guest cluster configured to receive the image secrets from the master server and access the container image registry using the image secrets. 2. The virtualized computing system of claim 1 , wherein the master server is configured to create a project in the container image registry for a namespace of the orchestration control plane, wherein the container image registry includes a robot account associated with the project, and wherein the image secrets are based on the robot account. 3. The virtualized computing system of claim 2 , wherein the guest cluster is deployed in the namespace of the orchestration control plane. 4. The virtualized computing system of claim 2 , wherein the master server is configured to create a guest cluster project for the guest cluster in the container image registry. 5. The virtualized computing system of claim 4 , wherein the master server is configured to add project members to the guest cluster project, the project members corresponding to user accounts of the virtualized computing system having access to the guest cluster. 6. The virtualized computing system of claim 4 , wherein the master server is configured to create a guest cluster robot account for the guest cluster project and guest cluster image secrets for the guest cluster robot account. 7. The virtualized computing system of claim 1 , wherein the master server is configured to update the image secrets and provide the image secrets as updated to the guest cluster. 8. A method of managing access to a container image registry in a virtualized computing system, the container image registry managing container images for deploying containers in a host cluster, the host cluster including hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs), the method comprising: creating, by a registry agent, a robot account in the container image registry; creating, by the registry agent, image secrets in a master server of an orchestration control plane control plane agents in the virtualization layer to provide a supervisor cluster, the orchestration control plane including a master server executing in a first VM of the VMs; and providing the image secrets to a guest cluster managed by the orchestration control plane as a virtual extension of the supervisor cluster and executing in second VMs of the VMs, the image secrets enabling the guest cluster to access the container image registry through the robot account. 9. The method of claim 8 , further comprising: creating, by the registry agent, a project in the container image registry for a namespace of the orchestration control plane, wherein the robot account is associated with the project. 10. The method of claim 8 , wherein the guest cluster is deployed in the namespace of the orchestration control plane. 11. The method of claim 8 , further comprising: creating, by the master server, a guest cluster project for the guest cluster in the container image registry. 12. The method of claim 11 , further comprising: adding, by the master server, project members to the guest cluster project, the project members corresponding to user accounts of the virtualized computing system having access to the guest cluster. 13. The method of claim 11 , further comprising: creating, by the registry agent, a guest cluster robot account for the guest cluster project and guest cluster image secrets for the guest cluster robot account. 14. The method of claim 8 , further comprising: updating, by the master server, the image secrets; and providing, by the master server, the image secrets as updated to the guest cluster. 15. A non-transitory computer readable medium comprising instructions to be executed in a computing device to cause the computing device to carry out a method of managing access to a container image registry in a virtualized computing system, the container image registry managing container images for deploying containers in a host cluster, the host cluster including hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs), the method comprising: creating, by a registry agent, a robot account in the container image registry; creating, by the registry agent, image secrets in a master server of an orchestration control plane cooperating with control plane agents in the virtualization layer to provide a supervisor cluster, the orchestration control plane including a master server executing in a first VM of the VMs; and providing the image secrets to a guest cluster managed by the orchestration control plane as a virtual extension of the supervisor cluster and executing in second VMs of the VMs, the image secrets enabling the guest cluster to access the container image registry through the robot account. 16. The non-transitory computer readable medium of claim 15 , further comprising: creating, by the registry agent, a project in the container image registry for a namespace of the orchestration control plane, wherein the robot account is associated with the project. 17. The non-transitory computer readable medium of claim 15 , wherein the guest cluster is deployed in the namespace of the orchestration control plane. 18. The non-transitory computer readable medium of claim 15 , further comprising: creating, by the master server, a guest cluster project for the guest cluster in the container image registry. 19. The non-transitory computer readable medium of claim 18 , further comprising: adding, by the master server, project members to the guest cluster project, the project members corresponding to user accounts of the virtualized computing system having access to the guest cluster. 20. The non-transitory computer readable medium of claim 18 , further comprising: creating, by the registry agent, a guest cluster robot account for the guest cluster project and guest cluster image secrets for the guest cluster robot account.

Assignees

Vmware Inc

Inventors

Classifications

G06F9/45545
Guest-host, i.e. hypervisor is an application program itself, e.g. VirtualBox · CPC title
G06F9/45558Primary
Hypervisor-specific management and integration aspects · CPC title
G06F2009/45587
Isolation or security of virtual machine instances · CPC title
G06F21/6218Primary
to a system of files or objects, e.g. local or distributed file system or database · CPC title
G06F2009/45562
Creating, deleting, cloning virtual machine instances · CPC title

Patent family

Related publications grouped by family.

View patent family 79292414

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11422846B2 cover?: A virtualized computing system according to an example includes: a host cluster having hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs); a container image registry configured to manage container images for deploying containers in the host cluster; an orchestration control plane integrated with …
Who is the assignee on this patent?: Vmware Inc
What technology area does this patent fall under?: Primary CPC classification G06F9/45558. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Aug 23 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 6 related publications on this page (citations in our corpus or others sharing the same primary CPC).

How to read this patent

Abstract

First claim

Assignees

Inventors

Classifications

Patent family

External sources

Related patents

Location Based Test Agent Deployment In Virtual Processing Environments

Seamless Provision of Authentication Credential Data to Cloud-Based Assets on Demand

Multi-cluster dashboard for distributed virtualization infrastructure element monitoring and policy control

Managing containers and container hosts in a virtualized computer system

Software container registry service

Container migration and provisioning

Frequently asked questions