Interconnecting external networks with overlay networks in a shared computing environment
First Claim
1. A computer-implemented method comprising:
- obtaining, by one or more processors, data from a network connection to a remote resource of a remote network of a first tenant, a first tenant identifier for the network connection of the first tenant, additional data from a network connection to a remote resource of a remote network of a second tenant, and a second tenant identifier for the network connection of the second tenant, wherein the network connection to the remote resource of the remote network of the first tenant and the network connection to the remote resource of the remote network of the second tenant comprise a shared virtual private network tunnel over a public Internet connection, wherein the virtual private network tunnel is coupled to remote networks of at least two tenants of at least two virtual networks;
based on the first tenant identifier for the network connection of the first tenant, setting, by the one or more processors, an identifier of the first tenant in metadata associated with the data;
based on the second tenant identifier for the network connection of the second tenant, setting, by the one or more processors, an identifier of the second tenant in metadata associated with the additional data;
obtaining, by the one or more processors, the data and the identifier in the metadata associated with the data and matching the tenant identifier to the first tenant of the shared computing environment;
based on identifying the first tenant of the shared computing environment, inserting, by the one or more processors, the data into an access virtual network of the first tenant of the shared computing environment, wherein the access virtual network of the first tenant of the shared computing environment is associated with one virtual network of the at least two virtual networks in the shared computing environment, and wherein the at least two virtual networks overlay a physical network, and wherein each virtual network of the at least two virtual networks is a virtual network of a tenant;
obtaining, by the one or more processors, the additional data and the identifier in the metadata associated with the additional data and matching the tenant identifier to the second tenant of the shared computing environment; and
based on identifying the second tenant of the shared computing environment, inserting, by the one or more processors, the data into an access virtual network of the second tenant of the shared computing environment, wherein the access virtual network of the second tenant of the shared computing environment is associated with another virtual network of the at least two virtual networks in the shared computing environment.
2 Assignments
0 Petitions
Accused Products
Abstract
A method includes obtaining, by one or more processor, data from a virtual network of a tenant and an identifier of the tenant, where the virtual network of the tenant is one of at least two virtual networks in a shared computing environment where the at least two virtual networks overlay a physical network. Based on obtaining the identifier of the tenant, the method includes setting, by one or more processor, the identifier in metadata of the data and based on the identifier in the metadata, identifying, by the one or more processor, a network connection associated with the tenant. The method also includes identifying, by the one or more processor, a policy of the network connection and processing the data with the policy to create processed data and transmitting, by the one or more processor, the processed data through the network connection.
26 Citations
16 Claims
-
1. A computer-implemented method comprising:
-
obtaining, by one or more processors, data from a network connection to a remote resource of a remote network of a first tenant, a first tenant identifier for the network connection of the first tenant, additional data from a network connection to a remote resource of a remote network of a second tenant, and a second tenant identifier for the network connection of the second tenant, wherein the network connection to the remote resource of the remote network of the first tenant and the network connection to the remote resource of the remote network of the second tenant comprise a shared virtual private network tunnel over a public Internet connection, wherein the virtual private network tunnel is coupled to remote networks of at least two tenants of at least two virtual networks; based on the first tenant identifier for the network connection of the first tenant, setting, by the one or more processors, an identifier of the first tenant in metadata associated with the data; based on the second tenant identifier for the network connection of the second tenant, setting, by the one or more processors, an identifier of the second tenant in metadata associated with the additional data; obtaining, by the one or more processors, the data and the identifier in the metadata associated with the data and matching the tenant identifier to the first tenant of the shared computing environment; based on identifying the first tenant of the shared computing environment, inserting, by the one or more processors, the data into an access virtual network of the first tenant of the shared computing environment, wherein the access virtual network of the first tenant of the shared computing environment is associated with one virtual network of the at least two virtual networks in the shared computing environment, and wherein the at least two virtual networks overlay a physical network, and wherein each virtual network of the at least two virtual networks is a virtual network of a tenant; obtaining, by the one or more processors, the additional data and the identifier in the metadata associated with the additional data and matching the tenant identifier to the second tenant of the shared computing environment; and based on identifying the second tenant of the shared computing environment, inserting, by the one or more processors, the data into an access virtual network of the second tenant of the shared computing environment, wherein the access virtual network of the second tenant of the shared computing environment is associated with another virtual network of the at least two virtual networks in the shared computing environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer program product comprising:
a computer readable storage medium readable by one or more processors and storing instructions for execution by the one or more processors for performing a method comprising; obtaining, by the one or more processors, data from a network connection to a remote resource of a remote network of a first tenant, a first tenant identifier for the network connection of the first tenant, additional data from a network connection to a remote resource of a remote network of a second tenant, and a second tenant identifier for the network connection of the second tenant, wherein the network connection to the remote resource of the remote network of the first tenant and the network connection to the remote resource of the remote network of the second tenant comprise a shared virtual private network tunnel over a public Internet connection, wherein the virtual private network tunnel is coupled to remote networks of at least two tenants of at least two virtual networks; based on the first tenant identifier for the network connection of the first tenant, setting, by the one or more processors, an identifier of the first tenant in metadata associated with the data; based on the second tenant identifier for the network connection of the second tenant, setting, by the one or more processors, an identifier of the second tenant in metadata associated with the additional data; obtaining, by the one or more processors, the data and the identifier in the metadata associated with the data and matching the tenant identifier to the first tenant of the shared computing environment; based on identifying the first tenant of the shared computing environment, inserting, by the one or more processors, the data into an access virtual network of the first tenant of the shared computing environment, wherein the access virtual network of the first tenant of the shared computing environment is associated with one virtual network of the at least two virtual networks in the shared computing environment, and wherein the at least two virtual networks overlay a physical network, and wherein each virtual network of the at least two virtual networks is a virtual network of a tenant; obtaining, by the one or more processors, the additional data and the identifier in the metadata associated with the additional data and matching the tenant identifier to the second tenant of the shared computing environment; and based on identifying the second tenant of the shared computing environment, inserting, by the one or more processors, the data into an access virtual network of the second tenant of the shared computing environment, wherein the access virtual network of the second tenant of the shared computing environment is associated with another virtual network of the at least two virtual networks in the shared computing environment. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
16. A system comprising:
-
a memory; one or more processors in communication with the memory; and program instructions executable by the one or more processors via the memory to perform a method, the method comprising; obtaining, by the one or more processors, data from a network connection to a remote resource of a remote network of a first tenant, a first tenant identifier for the network connection of the first tenant, additional data from a network connection to a remote resource of a remote network of a second tenant, and a second tenant identifier for the network connection of the second tenant, wherein the network connection to the remote resource of the remote network of the first tenant and the network connection to the remote resource of the remote network of the second tenant comprise a shared virtual private network tunnel over a public Internet connection, wherein the virtual private network tunnel is coupled to remote networks of at least two tenants of at least two virtual networks; based on the first tenant identifier for the network connection of the first tenant, setting, by the one or more processors, an identifier of the first tenant in metadata associated with the data; based on the second tenant identifier for the network connection of the second tenant, setting, by the one or more processors, an identifier of the second tenant in metadata associated with the additional data; obtaining, by the one or more processors, the data and the identifier in the metadata associated with the data and matching the tenant identifier to the first tenant of the shared computing environment; based on identifying the first tenant of the shared computing environment, inserting, by the one or more processors, the data into an access virtual network of the first tenant of the shared computing environment, wherein the access virtual network of the first tenant of the shared computing environment is associated with one virtual network of the at least two virtual networks in the shared computing environment, and wherein the at least two virtual networks overlay a physical network, and wherein each virtual network of the at least two virtual networks is a virtual network of a tenant; obtaining, by the one or more processors, the additional data and the identifier in the metadata associated with the additional data and matching the tenant identifier to the second tenant of the shared computing environment; and based on identifying the second tenant of the shared computing environment, inserting, by the one or more processors, the data into an access virtual network of the second tenant of the shared computing environment, wherein the access virtual network of the second tenant of the shared computing environment is associated with another virtual network of the at least two virtual networks in the shared computing environment.
-
Specification