Inventory service for distributed infrastructure

US 10,333,801 B2
Filed: 03/14/2013
Issued: 06/25/2019
Est. Priority Date: 03/14/2013
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium embodying instructions executable in at least one computing device, the instructions, when executed by the at least one computing device, causing the at least one computing device to at least:

execute a plurality of machine instances within a computing environment that implements a split security model, a service provider of the computing environment and an inventory service being excluded from root access to the machine instance based on the split security model, wherein a monitoring service is executed within a respective machine instance of the plurality of machine instances;

generate, by the monitoring service executed in the respective machine instance, data that identifies a plurality of applications executed in the respective machine instance based at least in part on a plurality of process identifiers and an application table that relates process identifiers to applications, wherein a respective one of the plurality of process identifiers is associated with one of the plurality of applications;

query, by the monitoring service executed within the respective machine instance, a metadata service executed external to the computing environment of the plurality of machine instances, to obtain instance metadata corresponding to the respective machine instance, wherein the instance metadata obtained from the metadata service comprises a unique identifier of the respective machine instance and a customer identifier;

communicate, by the monitoring service, the instance metadata and data that identifies the plurality of applications to an inventory service that is executed external to the computing environment of the plurality of machine instances; and

generate, by the inventory service, a network site that provides analytics as a function of the data that identifies the plurality of applications and the instance metadata.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are various embodiments for an inventory application. Machine instances execute a monitoring service to determine the process names of applications executed in the machine instance. An inventory application identifies the applications executed on the machine instances as a function of data obtained from the monitoring services. Analytics reports can be generated from data embodying the identified applications.

Citations

21 Claims

1. A non-transitory computer-readable medium embodying instructions executable in at least one computing device, the instructions, when executed by the at least one computing device, causing the at least one computing device to at least:
- execute a plurality of machine instances within a computing environment that implements a split security model, a service provider of the computing environment and an inventory service being excluded from root access to the machine instance based on the split security model, wherein a monitoring service is executed within a respective machine instance of the plurality of machine instances;
  
  generate, by the monitoring service executed in the respective machine instance, data that identifies a plurality of applications executed in the respective machine instance based at least in part on a plurality of process identifiers and an application table that relates process identifiers to applications, wherein a respective one of the plurality of process identifiers is associated with one of the plurality of applications;
  
  query, by the monitoring service executed within the respective machine instance, a metadata service executed external to the computing environment of the plurality of machine instances, to obtain instance metadata corresponding to the respective machine instance, wherein the instance metadata obtained from the metadata service comprises a unique identifier of the respective machine instance and a customer identifier;
  
  communicate, by the monitoring service, the instance metadata and data that identifies the plurality of applications to an inventory service that is executed external to the computing environment of the plurality of machine instances; and
  
  generate, by the inventory service, a network site that provides analytics as a function of the data that identifies the plurality of applications and the instance metadata.
- View Dependent Claims (2, 3)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the customer identifier comprises an account identifier.
  - 3. The non-transitory computer-readable medium of claim 1, wherein an analytics report provided by the network site embodies an application usage with respect to a data center region or a customer account.

4. A system, comprising:
- a computing environment comprising at least one computing device configured to at least;
  
  execute a machine instance within the computing environment, wherein the computing environment implements a split security model, a service provider of the computing environment and an inventory service being excluded from root access to the machine instance based on the split security model;
  
  generate, by a monitoring service executed within the machine instance, data that identifies at least one application being executed in the machine instance based at least in part on at least one process identifier and an application table that relates process identifiers to applications, wherein the at least one process identifier is associated with one of the applications;
  
  query, by the monitoring service, a metadata service executed external to the computing environment, to obtain metadata corresponding to the machine instance, the metadata comprising a unique identifier of the machine instance and a customer identifier;
  
  transmit, by the monitoring service, the metadata obtained from the metadata service and the data that identifies the at least one application to the inventory service external to the machine instance; and
  
  generate, by the inventory service, a network site that provides analytics as a function of the data that identifies the at least one application and the metadata.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 5. The system of claim 4, wherein the monitoring service is further configured to:
    - determine at least one process name of at least one process corresponding to the at least one application executed in the machine instance.
  - 6. The system of claim 4, wherein the data is generated as a function of a customer preference that is defined with respect to a customer account associated with the machine instance.
  - 7. The system of claim 4, wherein the monitoring service accesses the application table through a web service.
  - 8. The system of claim 4, wherein the inventory service is further configured to compare the data to at least one of a security policy or a best practices policy.
  - 9. The system of claim 4, wherein the monitoring service is further configured to:
    - determine a version number of the at least one application; and
      
      wherein the data further comprises the version number.
  - 10. The system of claim 9, wherein the inventory service is further configured to:
    - determine whether an update for the application is available as a function of the version number; and
      
      communicate a notification to a customer associated with the machine instance indicating the update.
  - 11. The system of claim 4, wherein the inventory service is further configured to:
    - add the data to a data aggregation; and
      
      generate an analytics report as a function of the data aggregation.
  - 12. The system of claim 11, wherein the analytics report embodies an application usage distribution with respect to a distributed data center region, an account identifier, or an identifier of the machine instance.
  - 13. The system of claim 4, wherein the metadata service executed external to the machine instance is configured to expose an application program interface enabling a web service call to return metadata associated with the machine instance.

14. A method, comprising:
- executing a plurality of machine instances within a computing environment comprising at least one computing device, wherein the computing environment implements a split security model, a service provider of the computing environment and an inventory service being excluded from root access to a respective machine instance of the plurality of machine instances based on the split security model;
  
  generating, by a monitoring service executed in the respective machine instance, data that identifies a particular application executed in the respective machine instance based at least in part on a plurality of process identifiers and an application table that relates process identifiers to applications, wherein a particular process identifier is associated with the particular application;
  
  querying, by the monitoring service executed in the respective machine instance, a metadata service executed external to the computing environment of the machine instance to obtain instance metadata associated with the respective machine instance, wherein the instance metadata obtained from the metadata service comprises a unique identifier of the respective machine instance and a customer identifier;
  
  communicating, by the monitoring service, the instance metadata and the data that identifies the particular application to the inventory service executed external to the machine instance; and
  
  generating, by the inventory service, a network site that provides analytics as a function of the data that identifies the particular application and the instance metadata.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
- - 15. The method of claim 14, further comprising:
    - adding, in the at least one computing device, the data that identifies the particular application to an identification aggregation by the inventory service; and
      
      generating, in the at least one computing device, by the inventory service, an analytics report as a function of the identification aggregation.
  - 16. The method of claim 14, wherein the method further comprises comparing, in the at least one computing device, the data that identifies the particular application to at least one of a security policy or a best practice policy.
  - 17. The method of claim 14, wherein the metadata service enables a web service call to obtain the instance metadata associated with the respective machine instance.
  - 18. The method of claim 17, wherein the instance metadata comprises at least one of a unique identifier of the respective machine instance or an account identifier associated with the machine instance.
  - 19. The method of claim 16, wherein a customer preference defines that the particular application is permitted to be included in the data that identifies the particular application.
  - 20. The method of claim 14, further comprising generating, in the at least one computing device, by the inventory service, an analytics report comprising a usage rate for the particular application in a particular region associated with the respective machine instance.
  - 21. The method of claim 14, wherein the metadata service is configured to expose an application program interface that returns metadata associated with the respective machine instance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Stickle, Thomas Charles
Primary Examiner(s)
Chea, Philip J
Assistant Examiner(s)
Chen, Wuji

Application Number

US13/827,693
Publication Number

US 20140280872A1
Time in Patent Office

2,294 Days
Field of Search

709224
US Class Current
CPC Class Codes

H04L 41/40   using virtualisation of net...

H04L 41/5058   Service discovery by the se...

H04L 43/045   for graphical visualisation...

H04L 43/20   the monitoring system or th...

H04L 67/51   Discovery or management the...

H04L 67/535   Tracking the activity of th...

Inventory service for distributed infrastructure

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Inventory service for distributed infrastructure

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links