Software container recommendation service
US-9122562-B1 · Sep 1, 2015 · US
Systems and methods for isolating applications associated with multiple tenants within a computing platform
US11683394B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11683394-B2 |
| Application number | US-202217714722-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 6, 2022 |
| Priority date | Feb 8, 2019 |
| Publication date | Jun 20, 2023 |
| Grant date | Jun 20, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods for isolating applications associated with multiple tenants within a computing platform receive a request from a client associated with a tenant for running an application on a computing platform. Hosts connected to the platform are associated with a network address and configured to run applications associated with multiple tenants. A host is identified based at least in part on the request. One or more broadcast domain(s) including the identified hosts are generated. The broadcast domains are isolated in the network at a data link layer. A unique tenant identification number corresponding to the tenant is assigned to the broadcast domains. In response to launching the application on the host: the unique tenant identification number is assigned to the launched application and is added to the network address of the host; and the network address of the host is sent to the client associated with the tenant.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for isolating applications associated with multiple tenants within a computing platform, the method comprising: receiving a request from a client associated with a tenant for running an application on a computing platform, the computing platform including a plurality of hosts connected through a network, each host of the plurality of hosts being associated with a network address and configured to run applications associated with one or more tenants; generating one or more broadcast domains based at least in part on the request, the one or more broadcast domains being isolated in the network at a data link layer; launching the application on at least one host of the plurality of hosts; and assigning a unique tenant identification number corresponding to the tenant to the launched application; and adding the unique tenant identification number to the network address of the at least one host; wherein the method is performed by one or more processors. 2. The method of claim 1 wherein: the network address further includes a unique cluster identification number; the unique cluster identification number is associated with a cluster of the computing platform; and the cluster is associated with the tenant. 3. The method of claim 2 wherein the unique tenant identification number includes the unique cluster identification number. 4. The method of claim 1 wherein: the network address includes a plurality of bit sequences; and one bit sequence of the plurality of bit sequences includes the unique tenant identification number. 5. The method of claim 4 wherein the plurality of bit sequences of the network address includes at least 128 bits. 6. The method of claim 1 wherein the one or more broadcast domains include one or more virtual local area networks. 7. The method of claim 1 wherein: the launched application is included in a container; and the container is associated with the unique tenant identification number. 8. The method of claim 7 wherein: the container is included in a pod running on the at least one host; the pod includes one or more containers; and each container of the one or more containers is associated with one tenant of the computing platform. 9. The method of claim 8 wherein each container of the one or more containers is associated with a respective tenant of the computing platform. 10. The method of claim 8 wherein the pod maps to the network address. 11. The method of claim 1 wherein the network address further includes at least one in a group consisting of a region identification number, a network device identification number, and a virtual interface of the at least one host. 12. The method of claim 1 wherein the one or more broadcast domains map to the network address. 13. A system for isolating applications associated with multiple tenants within a computing platform, the system comprising: a plurality of hosts connected through a network, each host of the plurality of hosts being associated with a network address and configured to run applications associated with one or more tenants; and a fleet controller; wherein the fleet controller is configured to: receive a first request from a client associated with a tenant for running an application on the computing platform; generate one or more broadcast domains based at least in part on the first request, the one or more broadcast domains being isolated in the network at a data link layer; send a second request to a scheduler for launching the application on at least one host of the plurality of hosts; and in response to receiving a confirmation from the scheduler of the application being launched on the at least one host: assign a unique tenant identification number corresponding to the tenant to the launched application; and add the unique tenant identification number to the network address of the at least one host. 14. The system of claim 13 wherein: the network address further includes a unique cluster identification number; the unique cluster identification number is associated with a cluster of the computing platform; and the cluster is associated with the tenant. 15. The system of claim 13 wherein: the network address includes a plurality of bit sequences; and one bit sequence of the plurality of bit sequences includes the unique tenant identification number. 16. The system of claim 15 wherein the plurality of bit sequences of the network address includes at least 128 bits. 17. The system of claim 13 wherein the one or more broadcast domains include one or more virtual local area networks. 18. A system for isolating applications associated with multiple tenants within a computing platform, the system comprising: a client associated with a tenant and configured to request running an application on a computing platform, the computing platform including a plurality of hosts connected through a network, each host of the plurality of hosts being associated with a network address and configured to run applications associated with one or more tenants; wherein the client is further configured to: send a request for running the application on the computing platform; and receive the network address of at least one host of the plurality of hosts, the application being launched on the at least one host; wherein: one or more broadcast domains are generated based at least in part on the request, the one or more broadcast domains being isolated in the network at a data link layer; the launched application is assigned to a unique tenant identification number corresponding to the tenant; and the unique tenant identification number is added to the network address of the at least one host. 19. The system of claim 18 wherein: the network address further includes a unique cluster identification number; the unique cluster identification number is associated with a cluster of the computing platform; and the cluster is associated with the tenant. 20. The system of claim 19 wherein: the network address includes a plurality of bit sequences; and one bit sequence of the plurality of bit sequences includes the unique tenant identification number.
Assignees
Inventors
Classifications
- H04L67/60Primary
Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources (admission control or resource allocation H04L47/70) · CPC title
Scheduling strategies for dispatcher, e.g. round robin, multi-level priority queues · CPC title
in which an application is distributed across nodes in the network (software deployment G06F8/60; multiprogramming arrangements G06F9/46) · CPC title
- H04L63/0272Primary
Virtual private networks · CPC title
Details on frame tagging (routing of packets H04L45/00; support for virtual LAN H04L49/354) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11683394B2 cover?
- Systems and methods for isolating applications associated with multiple tenants within a computing platform receive a request from a client associated with a tenant for running an application on a computing platform. Hosts connected to the platform are associated with a network address and configured to run applications associated with multiple tenants. A host is identified based at least in pa…
- Who is the assignee on this patent?
- Palantir Technologies Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L67/60. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jun 20 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).