Monitoring containerized applications
US-10503623-B2 · Dec 10, 2019 · US
System and method for computing cluster seeding and security using kubernetes immutable resource log
US11516015B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11516015-B2 |
| Application number | US-202117232958-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 16, 2021 |
| Priority date | Apr 16, 2021 |
| Publication date | Nov 29, 2022 |
| Grant date | Nov 29, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method of reporting differences between a plurality of computing cluster configurations for executing containerized software applications may comprise routinely retrieving, at preset time intervals, cluster configuration files stored at computing clusters for configuring the computing clusters for execution of a containerized software application, receiving a user selection of a first cluster configuration file and a second cluster configuration file within the stored cluster configuration files, and comparing the first cluster configuration file and the second cluster configuration file. The method may also include displaying a difference between the first cluster configuration file and the second cluster configuration file resulting in the first cluster configuration file configuring one or more computing clusters for execution of the containerized software application differently than the second cluster configuration file configures one or more computing clusters for execution of the containerized software application.
First claim
Opening claim text (preview).
What is claimed is: 1. An information handling system operating a Kubernetes® Immutable Resource Log (KIRL) cluster seeding and security system comprising: a processor, executing KIRL cluster seeding and security system code instructions to: receive, via user input, a first cluster configuration file configuring a computing cluster for execution of a containerized software application and a first user credentials file for the computing cluster, defining a user authorized via the KIRL cluster seeding and security system to deploy the containerized software application at the computing cluster; store in a KIRL root directory a first credential set identifying the computing cluster and identifying the first user credentials file for the computing cluster; store the first cluster configuration file within a user-commit instruction folder within the KIRL root directory; a network interface device configured to receive from the computing cluster a currently enforced cluster configuration file configuring the computing cluster for execution of a currently executing software application, and a current user credentials file for the computing cluster; the processor, executing KIRL cluster seeding and security system code instructions to: determine the first user credentials file identified in the first credential set associated with the containerized software application does not match the current user credentials file, or the first cluster configuration file does not match the currently enforced cluster configuration file for the currently executing software application; and a display device configured to display a warning message indicating an unauthorized reconfiguration of the computing cluster has occurred. 2. The information handling system of claim 1 , wherein the network interface device is configured to routinely receive from the computing cluster updated cluster configuration files. 3. The information handling system of claim 1 further comprising: the processor executing KIRL cluster seeding and security system code instructions to store the currently enforced cluster configuration file and an image of the currently executing software application in a cluster backup file of the KIRL root directory. 4. The information handling system of claim 1 further comprising: the processor configured to receive a user instruction to save the first cluster configuration file, and generate a simple hashing algorithm (SHA) identifier based on a timestamp identifying the time of receipt of the user instruction to save; and the processor executing KIRL cluster seeding and security system code instructions to store an association between a user-specified code editing label within the first cluster configuration file and SHA identifier in a label index of the KIRL root directory. 5. The information handling system of claim 1 further comprising: the processor configured to receive a user instruction to write the first cluster configuration file to the computing cluster; and the network interface device configured to transmit the first cluster configuration file to a master node of the computing cluster for configuring the computing cluster to execute the containerized software application. 6. The information handling system of claim 1 further comprising: the processor configured to receive a user instruction to add a new authorized user; the processor executing KIRL cluster seeding and security system code instructions to: edit the first user credentials file to include an identification of the new authorized user, a location of a client certificate for the new authorized user, and a location of a client key for the new authorized user; and the network interface device configured to transmit the edited first user credentials file to a master node of the computing cluster. 7. The information handling system of claim 1 further comprising: the processor configured to receive a user instruction to remove the user; the processor executing KIRL cluster seeding and security system code instructions to: edit the first user credentials file to remove an identification of the user, a location of a client certificate for the user, and a location of a client key for the user; and the network interface device configured to transmit the edited first user credentials file to a master node of the computing cluster. 8. A method of operating a Kubernetes® Immutable Resource Log (KIRL) cluster seeding and security system comprising: receiving, via user input, a first cluster configuration file configuring a computing cluster for execution of a containerized software application and a first user credentials file for the computing cluster, defining a user authorized via the KIRL cluster seeding and security system to deploy the containerized software application at the computing cluster; storing in a KIRL root directory in a memory a first credential set identifying the computing cluster and identifying the first user credentials file for the computing cluster and the first cluster configuration file; receiving from the computing cluster at a network interface device a currently enforced cluster configuration file configuring the computing cluster for execution of a currently executing software application, and a current user credentials file for the computing cluster; determining, via a processor, the first user credentials file identified in the first credential set associated with the containerized software application does not match the current user credentials file, or the first cluster configuration file does not match the currently enforced cluster configuration file for the currently executing software application; and displaying, via a display device, a warning message indicating an unauthorized reconfiguration of the computing cluster has occurred. 9. The method of claim 8 further comprising: routinely receiving from the computing cluster, at the network interface device, updated cluster configuration files. 10. The method of claim 8 further comprising: storing the currently enforced cluster configuration file and an image of the currently executing software application in a cluster backup file of the KIRL root directory in memory. 11. The method of claim 8 further comprising: receiving a user instruction at the processor to save the first cluster configuration file, and generate a simple hashing algorithm (SHA) identifier based on a timestamp identifying the time of receipt of the user instruction to save; and storing an association between a user-specified code editing label within the first cluster configuration file and SHA identifier in a label index of the KIRL root directory in memory. 12. The method of claim 8 further comprising: receiving a user instruction at the processor to write the first cluster configuration file to the computing cluster; and transmitting, via the network interface device, to the first cluster configuration file to a master node of the computing cluster for configuring the computing cluster to execute the containerized software application. 13. The method of claim 8 further comprising: receiving a user instruction to add a new authorized user; editing, via the processor, the first user credentials file to include an identification of the new authorized user, a location of a client certificate for the new authorized user, and a location of a client key for the new authorized user; and transmitting, via the network interface device, the edited first user credentials file to a master node of the computing cluster. 14. The method of claim 8 further comprising: receiving a use
Assignees
Inventors
Classifications
involving the movement of software or configuration parameters (network booting or remote initial program loading [RIPL] G06F9/4416) · CPC title
- H04L67/1097Primary
for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS] · CPC title
for controlling access to devices or network resources · CPC title
Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) (network architectures or network communication protocols for key distribution in a packet data network H04L63/062) · CPC title
- H04L9/3226Primary
using a predetermined code, e.g. password, passphrase or PIN (network architectures or network communication protocols for supporting authentication of entities using passwords in a packet data network H04L63/083) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11516015B2 cover?
- A method of reporting differences between a plurality of computing cluster configurations for executing containerized software applications may comprise routinely retrieving, at preset time intervals, cluster configuration files stored at computing clusters for configuring the computing clusters for execution of a containerized software application, receiving a user selection of a first cluster…
- Who is the assignee on this patent?
- Dell Products Lp
- What technology area does this patent fall under?
- Primary CPC classification H04L67/1097. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 29 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).