Controller driven reconfiguration of a multi-layered application or service model
First Claim
1. A method of reconfiguring a multi-layer server deployment model in a datacenter comprising a plurality of host computers executing a plurality of servers, the method comprising:
- at a controller first computer,providing a first service chain comprising at least two service operations with a flow identifier to a host second computer, said host second computer using the first service chain and the flow identifier to configure a filter that (i) executes on the host second computer, (ii) identifies data messages along an egress datapath of a first server executing on the host second computer, and (iii) directs identified data messages to a first plurality of servers identified by the first service chain for performing the service operations of the first service chain when the data messages have a set of header values that match the flow identifier;
modifying the first service chain to produce a second service chain comprising at least three service operations by adding a service operation to the first service chain; and
providing the second service chain with the flow identifier to the host second computer to reconfigure the filter to distribute data messages that match the flow identifier to a second plurality of servers identified by the second service chain for performing the service operations of the second service chain instead of the first plurality of servers;
the first service chain including a first service operation to be performed on matching data messages and a second service operation to be performed on matching data messages immediately after the first service operation, andthe second service chain including the first and second service operations and the added service operation, wherein the added service operation is to be performed on matching data messages before the second service operation but after the first service operation and after receiving a data message reply from a set of one or more servers that has performed the first service operation on the matching data messages.
1 Assignment
0 Petitions
Accused Products
Abstract
Some embodiments provide novel inline switches that distribute data messages from source compute nodes (SCNs) to different groups of destination service compute nodes (DSCNs). In some embodiments, the inline switches are deployed in the source compute nodes datapaths (e.g., egress datapath). The inline switches in some embodiments are service switches that (1) receive data messages from the SCNs, (2) identify service nodes in a service-node cluster for processing the data messages based on service policies that the switches implement, and (3) use tunnels to send the received data messages to their identified service nodes. Alternatively, or conjunctively, the inline service switches of some embodiments (1) identify service-nodes cluster for processing the data messages based on service policies that the switches implement, and (2) use tunnels to send the received data messages to the identified service-node clusters. The service-node clusters can perform the same service or can perform different services in some embodiments. This tunnel-based approach for distributing data messages to service nodes/clusters is advantageous for seamlessly implementing in a datacenter a cloud-based XaaS model (where XaaS stands for X as a service, and X stands for anything), in which any number of services are provided by service providers in the cloud.
353 Citations
16 Claims
-
1. A method of reconfiguring a multi-layer server deployment model in a datacenter comprising a plurality of host computers executing a plurality of servers, the method comprising:
-
at a controller first computer, providing a first service chain comprising at least two service operations with a flow identifier to a host second computer, said host second computer using the first service chain and the flow identifier to configure a filter that (i) executes on the host second computer, (ii) identifies data messages along an egress datapath of a first server executing on the host second computer, and (iii) directs identified data messages to a first plurality of servers identified by the first service chain for performing the service operations of the first service chain when the data messages have a set of header values that match the flow identifier; modifying the first service chain to produce a second service chain comprising at least three service operations by adding a service operation to the first service chain; and providing the second service chain with the flow identifier to the host second computer to reconfigure the filter to distribute data messages that match the flow identifier to a second plurality of servers identified by the second service chain for performing the service operations of the second service chain instead of the first plurality of servers; the first service chain including a first service operation to be performed on matching data messages and a second service operation to be performed on matching data messages immediately after the first service operation, and the second service chain including the first and second service operations and the added service operation, wherein the added service operation is to be performed on matching data messages before the second service operation but after the first service operation and after receiving a data message reply from a set of one or more servers that has performed the first service operation on the matching data messages. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory machine readable medium storing a program for execution by a set of processing units of a host first computer, the program comprising sets of instructions for:
-
receiving, from a controller second computer, a first service chain comprising at least three service operations with a flow identifier; using the first service chain and the flow identifier to configure a filter that (i) executes on the host first computer, (ii) identifies data messages along an egress datapath of a first server executing on the host first computer, and (iii) directs identified data messages to a first plurality of servers identified by the first service chain for performing the service operations of the first service chain when the data messages have a set of header values that match the flow identifier; receiving, from the controller second computer, a second service chain comprising at least two service operations and produced by removing a particular service operation from the first service chain; and using the second service chain and the flow identifier to reconfigure the filter to distribute data messages that match the flow identifier to a second plurality of servers identified by the second service chain for performing the service operations of the second service chain instead of the first plurality of servers; the second service chain including a first service operation to be performed on matching data messages and a second service operation to be performed on matching data messages immediately after the first service operation, and the first service chain including the first and second service operations and the particular service operation, wherein the particular service operation is to be performed on matching data messages before the second service operation but after the first service operation and after receiving a data message reply from a set of one or more servers that has performed the first service operation on the matching data messages. - View Dependent Claims (9, 10, 11)
-
-
12. A non-transitory machine readable medium storing a controller program for execution on a first computer and for reconfiguring a multi-layer service node deployment model in a datacenter comprising a plurality of host computers executing a plurality of servers, the controller program comprising sets of instructions for:
-
providing a first service chain comprising at least two service operations with a flow identifier to a host second computer, said host second computer using the first service chain and the flow identifier to configure a filter that (i) executes on the host second computer, (ii) identifies data messages along an egress datapath of a first server executing on the host second computer, and (iii) directs identified data messages to a first plurality of service nodes identified by the first service chain for performing the service operations of the first service chain when the data messages have a set of header values that match the flow identifier; modifying the first service chain to produce a second service chain comprising at least three service operations by adding a service operation to the first service chain; and providing the second service chain with the flow identifier to the host second computer to reconfigure the filter to distribute data messages that match the flow identifier to a second plurality of service nodes identified by the second service chain for performing the service operations of the second service chain instead of the first plurality of service nodes; the first service chain including a first service operation to be performed on matching data messages and a second service operation to be performed on matching data messages immediately after the first service operation, and the second service chain including the first and second service operations and the added service operation, wherein the added service operation is to be performed on matching data messages before the second service operation but after the first service operation and after receiving a data message reply from a set of one or more service nodes that has performed the first service operation on the matching data messages. - View Dependent Claims (13, 14, 15, 16)
-
Specification