Method and system for checking permissions compatibility between a configuration management system and an orchestration system of a computing cluster
US-2022131865-A1 · Apr 28, 2022 · US
Method and apparatus for change automation
US11507358B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11507358-B2 |
| Application number | US-202117144589-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jan 8, 2021 |
| Priority date | Jan 8, 2021 |
| Publication date | Nov 22, 2022 |
| Grant date | Nov 22, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method, comprising: receiving, by an admission controller, a deployment object associated with code that is desired to be deployed to a production system; detecting, by a first responder, whether the deployment object is associated with a change ticket and, when the deployment object is not associated with a change ticket, submitting a change ticket that is associated with the deployment object, the change ticket being submitted by the first responder; detecting, by a second responder, whether the change ticket, that is associated with the deployment object, is allowed, and, when the change ticket is allowed, authorizing a deployment of the code, the deployment being authorized by the second responder; and deploying the code to a production system when the deployment of the code has been authorized by the second responder, the code being deployed by the admission controller.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method, comprising: receiving, by an admission controller, a deployment object associated with code that is desired to be deployed to a production system; detecting, by a first responder, whether the deployment object is associated with a change ticket and, when the deployment object is not associated with a change ticket, submitting a change ticket that is associated with the deployment object, the change ticket being submitted by the first responder, wherein the first responder is executed by the admission controller, the change ticket is obtained by the first responder after the deployment object is received by the admission controller, and the submission of the change ticket is performed based on information that is retrieved by the first responder from at least one of the deployment object or a configuration map that is associated with the deployment object; detecting, by a second responder, whether the change ticket, that is associated with the deployment object, is allowed, and, when the change ticket is allowed, authorizing a deployment of the code, the deployment being authorized by the second responder; and deploying the code to a production system when the deployment of the code has been authorized by the second responder, the code being deployed by the admission controller. 2. The method of claim 1 , wherein the first responder and the second responder are invoked by the admission controller by using different webhooks, and the admission controller includes a process that is configured to: (i) detect a change request that is associated with the deployment object and (ii) process the deployment object by using the first responder and the second responder. 3. The method of claim 1 , wherein the admission controller includes an admission controller for a container orchestration system that is configured to force registration of deployment objects with a change management system that is used by the container orchestration system, the registration of each deployment object being forced following a submission of change request that is associated with the deployment object. 4. The method of claim 1 , further comprising, when the change ticket has not been allowed, putting the deployment object on hold by the second responder, wherein putting the deployment object on hold includes: storing the deployment object in a buffer storage; detecting whether the change ticket is allowed after the deployment object is stored in the buffer storage; and when the change ticket is allowed, retrieving the deployment object from the buffer storage and triggering a deployment of the code to the production system by the admissions controller. 5. The method of claim 1 , further comprising, when the change ticket has not been allowed, putting the deployment object on hold by the second responder, wherein putting the deployment object on hold includes: storing the deployment object in a buffer storage; detecting whether a moratorium on code deployments is over; in response to detecting that a moratorium is over, retrieving the deployment object from the buffer storage and triggering a deployment of the code to the production system by the admissions controller. 6. The method of claim 1 , further comprising, when the change ticket has not been allowed, putting the deployment object on hold by the second responder, wherein putting the deployment object on hold includes: storing the deployment object in a buffer storage; detecting whether installation window has started; when the installation window has started, retrieving the deployment object from the buffer storage and triggering a deployment of the code to the production system by the admissions controller. 7. The method of claim 1 , wherein the first responder includes a mutating responder and the second responder include a validating responder. 8. A system, comprising: a memory; and at least one processor operatively coupled to the memory, the at least one processor being configured to perform the operations of: receiving, by an admission controller, a deployment object associated with code that is desired to be deployed to a production system; detecting, by a first responder, whether the deployment object is associated with a change ticket and, when the deployment object is not associated with a change ticket, submitting a change ticket that is associated with the deployment object, the change ticket being submitted by the first responder, wherein the first responder is executed by the admission controller, the change ticket is obtained by the first responder after the deployment object is received by the admission controller, and the submission of the change ticket is performed based on information that is retrieved by the first responder from at least one of the deployment object or a configuration map that is associated with the deployment object; detecting, by a second responder, whether the change ticket, that is associated with the deployment object, is allowed, and, when the change ticket is allowed, authorizing a deployment of the code, the deployment being authorized by the second responder; and deploying the code to a production system when the deployment of the code has been authorized by the second responder, the code being deployed by the admission controller. 9. The system of claim 8 , wherein the first responder and the second responder are invoked by the admission controller by using different webhooks, and the admission controller includes a process that is configured to: (i) detect a change request that is associated with the deployment object and (ii) process the deployment object by using the first responder and the second responder. 10. The system of claim 8 , wherein the admission controller includes an admission controller for a container orchestration system that is configured to force registration of deployment objects with a change management system that is used by the container orchestration system, the registration of each deployment object being forced following a submission of change request that is associated with the deployment object. 11. The system of claim 8 , wherein the at least one processor is further configured to perform the operation of, when the change ticket has not been allowed, putting the deployment object on hold by the second responder, wherein putting the deployment object on hold includes: storing the deployment object in a buffer storage; detecting whether the change ticket is allowed after the deployment object is stored in the buffer storage; and when the change ticket is allowed, retrieving the deployment object from the buffer storage and triggering a deployment of the code to the production system by the admissions controller. 12. The system of claim 8 , wherein the at least one processor is further configured to perform the operation of, when the change ticket has not been allowed, putting the deployment object on hold by the second responder, wherein putting the deployment object on hold includes: storing the deployment object in a buffer storage; detecting whether a moratorium on code deployments is over; in response to detecting that a moratorium is over, retrieving the deployment object from the buffer storage and triggering a deployment of the code to the production system by the admissions controller. 13. The system of claim 8 , wherein the at least one processor is further configured to perform the operation of, when the change ticket has not been allowed, putting the deployment object on hold by the second responder, wherein putting the deployment object on hold includes: storing the deployment obj
Assignees
Inventors
Classifications
Version control (security arrangements therefor G06F21/57); Configuration management · CPC title
- G06F8/61Primary
Installation · CPC title
- H04L67/34Primary
involving the movement of software or configuration parameters (network booting or remote initial program loading [RIPL] G06F9/4416) · CPC title
using tickets, e.g. Kerberos (cryptographic mechanisms or cryptographic arrangements for entity authentication using tickets or tokens H04L9/3213) · CPC title
for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11507358B2 cover?
- A method, comprising: receiving, by an admission controller, a deployment object associated with code that is desired to be deployed to a production system; detecting, by a first responder, whether the deployment object is associated with a change ticket and, when the deployment object is not associated with a change ticket, submitting a change ticket that is associated with the deployment obje…
- Who is the assignee on this patent?
- Dell Products Lp
- What technology area does this patent fall under?
- Primary CPC classification G06F8/61. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 22 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).