POLICY AND IDENTITY BASED WORKLOAD PROVISIONING

US 20120173728A1
Filed: 01/03/2011
Published: 07/05/2012
Est. Priority Date: 01/03/2011
Status: Active Grant

First Claim

Patent Images

1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:

interrogating a resource infrastructure to acquire resource identities for resources within the resource infrastructure and to determine a stage of readiness for each resource within the resource infrastructure;

managing policy specifications assigned to workload identities for workloads and assigned to requestor identities for requestors of the workloads; and

dynamically provisioning the resources for handling the workloads based on;

requests from the requestors, the stage of readiness for each of the resources, enforcement of the policy specifications, and the resource identities within the resource infrastructure.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for policy and identity-based workload provisioning are presented. Identities for requestors or workloads and identities for workloads are tied to specific policies. The specific policies are evaluated based on a stage of readiness for resources within a resource pool and based on resource identities for the resources within the resource pool. Resources are then dynamically provisioned based on the identity-based policy evaluation to handle workloads from the resource pool.

105 Citations

View as Search Results

20 Claims

1. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
- interrogating a resource infrastructure to acquire resource identities for resources within the resource infrastructure and to determine a stage of readiness for each resource within the resource infrastructure;
  
  managing policy specifications assigned to workload identities for workloads and assigned to requestor identities for requestors of the workloads; and
  
  dynamically provisioning the resources for handling the workloads based on;
  
  requests from the requestors, the stage of readiness for each of the resources, enforcement of the policy specifications, and the resource identities within the resource infrastructure.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 19)
- - 2. The method of claim 1 further comprising, visually presenting a state of the resource infrastructure via a display.
  - 3. The method of claim 1 further comprising, tracking usage of each resource within the resource infrastructure via the requestor identities, workload identities, and the resource identities.
  - 4. The method of claim 1, wherein interrogating further includes performing a hardware search within the resource infrastructure.
  - 5. The method of claim 1, wherein interrogating further includes dynamically interrogating specific resources at a known stage of readiness within the resource infrastructure or dynamically discovering specific resources for a given stage of readiness within the resource infrastructure and annotating those discovered resources within a resource pool.
  - 6. The method of claim 1, wherein interrogating further includes dynamically detecting an event indicating that a new resource is present within and interfaced to the resource infrastructure.
  - 7. The method of claim 1, wherein managing further includes permitting some of the policy specifications to be interactively created by a principal subject to access rights, privileges, and/or roles associated with:
    - the workload identities, the requestor identities, and an identity associated with the principal.
  - 8. The method of claim 1, wherein dynamically provisioning further includes one or more of:
    - annotating metadata associated with select resources to reserve those resources for specific types of the workloads;
      
      modifying a resource pool defining the resource infrastructure to ensure that some resources are restricted to the specific types; and
      
      preparing some resources at a particular stage of readiness for another stage of readiness.
  - 9. The method of claim 1, wherein dynamically provisioning further includes dynamically dereferencing a policy hierarchy associated with the resource infrastructure and enforcing the policy hierarchy when provisioning the resources for handling the workloads.
  - 19. The system of claim 1, wherein the workload deployment service is configured to:
    - reserve particular resources for particular types of workloads, prepare the particular resources in advance of handling particular workloads, and authorize the particular resources to handle the particular workloads.

10. A method implemented in a non-transitory machine-readable storage medium and processed by one or more processors configured to perform the method, comprising:
- receiving a request to provision a resource from a requestor;
  
  identifying a workload associated with the request;
  
  obtaining a policy specification having policies to resolve the request in response to;
  
  a requestor identity for the requestor and a workload identity for the workload;
  
  evaluating the policies in view of a resource pool of available resources within a resource infrastructure, each resource annotated within the resource pool with a stage of readiness attribute; and
  
  provisioning a particular resource to handle the workload based on evaluation of the policies.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method of claim 10, wherein receiving further includes assigning access rights, privileges, and/or roles to the requestor with respect to the request.
  - 12. The method of claim 10, wherein identifying further includes accessing a workload catalogue based on the request to identify the workload.
  - 13. The method of claim 10, wherein obtaining further includes interacting with an administrator to define the policy specification.
  - 14. The method of claim 10, wherein evaluating further includes organizing the available resources within the resource pool based on the stages of readiness attributes for the available resources.
  - 15. The method of claim 10, wherein provisioning further includes configuring and initiating the particular resource for use within the resource infrastructure.
  - 16. The method of claim 10, wherein provisioning further includes reserving the particular resource for handling the workload within the resource infrastructure.

17. A multi-processor implemented system, comprising:
- a workload deployment service configured to execute on one or more processors;
  
  a resource prospector service configured to execute on one or more of the processors; and
  
  a plurality of resource scouting services configured to execute on one or more of the processors;
  
  the workload deployment service configured to dynamically provision resources within a resource infrastructure to handle workloads based on policies and identities associated with requestors, the workloads, and the resources, and the resource prospector service is configured to interrogate the resource infrastructure to identify the resources and a stage of readiness associated with each of the resources, each stage of readiness for a particular resource including a particular scouting service that is configured to communicate with that particular resource in that resource'"'"'s particular stage of readiness, the scouting services communicate with the resource prospector service and the resource prospector service communicates with the workload deployment service to dynamically provision the resources and to annotate particular stages or readiness within a resource pool for each resource of the resource infrastructure.
- View Dependent Claims (18, 20)
- - 18. The system of claim 17, wherein the workload deployment service is configured to schedule a particular resource for handling a particular workload based on a particular policy.
  - 20. The system of claim 17 further comprising, a resource monitor configured to execute on one or more of the processors, the resource monitor configured to monitor the resource infrastructure and report status of the resources individually, in groups, and/or as a whole for the entire resource infrastructure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micro Focus Software, Inc. (Open Text Corporation)
Original Assignee
Novell Incorporated (Open Text Corporation)
Inventors
Bultmeyer, Jonathan Paul, Carter, Stephen R., Haskins, Gregory Matthew, Bahi, David H., Westervelt, Daniel Edward

Granted Patent

US 8,788,669 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/226
CPC Class Codes

G06F 2209/5011   Pool

G06F 2209/503   Resource availability

G06F 9/5011   the resources being hardwar...

G06F 9/505   considering the load

H04L 67/1008   based on parameters of serv...

POLICY AND IDENTITY BASED WORKLOAD PROVISIONING

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

105 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

POLICY AND IDENTITY BASED WORKLOAD PROVISIONING

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

105 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links