Non-overlay resource access in datacenters using overlay networks
US-2016094650-A1 · Mar 31, 2016 · US
Endpoint group containing heterogeneous workloads
US11792159B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11792159-B2 |
| Application number | US-202016897680-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 10, 2020 |
| Priority date | Apr 1, 2020 |
| Publication date | Oct 17, 2023 |
| Grant date | Oct 17, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.
First claim
Opening claim text (preview).
We claim: 1. A method of deploying a group of machines in a datacenter, the method comprising: receiving a Custom Resource Definition (CRD) that defines an endpoint group of machines as a custom-specified resource in the datacenter, the endpoint group of machines serving as source machines or destination machines for data message flows passing through a network of the datacenter; receiving an intent-based API (Application Programming Interface) request that refers to the CRD and defines a set of one or more attributes of a plurality of machines that are members of the endpoint group of machines; performing an automated process to parse the intent-based API request and process the CRD to define the plurality of machines as members of the endpoint group; using an identifier of the endpoint group to specify a middlebox service policy; and distributing the middlebox service policy to a set of one or more middlebox services that apply the policy to at least a subset of the data message flows passing through the datacenter network. 2. The method of claim 1 , wherein the plurality of machines comprises virtual machines and containers. 3. The method of claim 1 , wherein the middlebox service policy is a firewall rule or a load balancing rule. 4. The method of claim 3 , wherein the set of attributes of the endpoint group is defined through one or more selectors, the selectors comprising one or more of a virtual interface selector, a machine selector, a namespace selector, and service selector. 5. The method of claim 4 , wherein at least one of the selectors is defined by reference to a label that is associated with one or more machines. 6. The method of claim 1 , wherein the intent-based API request defines a set of one or more pairs of ports/protocols, each port/protocol pair specifying one or more ports and a protocol along which the endpoint group is to be accessed. 7. The method of claim 1 , wherein the plurality of machines serve as data compute end nodes for performing a compute operation. 8. The method of claim 7 , wherein the compute operation performed by the plurality of machines is one of a webserver operation, an application server operation, or a database server operation. 9. The method of claim 7 further comprising configuring a set of load balancers to distribute a data message load for the compute operation across the plurality of machines that are members of the endpoint group based on the specified middlebox service policy. 10. The method of claim 9 , wherein the endpoint group is part of a cluster of machines that includes a set of one or more gateway routers, and the set of load balancers are associated with the set of gateway routers of the cluster of machines. 11. The method of claim 9 , wherein the set of load balancers are load balancing engines executing on host computers that also execute a plurality of machines that send data message flows to the compute end nodes in the endpoint group. 12. The method of claim 1 , wherein the plurality of machines are associated with virtual interfaces (VIFs), and the endpoint group is defined to include a plurality of VIFs. 13. The method of claim 12 , wherein the machines comprise virtual machines and Pods. 14. The method of claim 12 , wherein the machines comprise virtual machines and containers.
Assignees
Inventors
Classifications
Assignment of logical groups to network elements · CPC title
Policy-based network configuration management · CPC title
Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements · CPC title
using virtualisation of network functions or resources, e.g. SDN or NFV entities · CPC title
- H04L61/50Primary
Address allocation · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11792159B2 cover?
- Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform servic…
- Who is the assignee on this patent?
- Vmware Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L61/50. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Oct 17 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).