DISTRIBUTED VIRTUAL SWITCH ARCHITECTURE FOR A HYBRID CLOUD

US 20130283364A1
Filed: 04/24/2012
Published: 10/24/2013
Est. Priority Date: 04/24/2012
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

establishing a secure transport layer tunnel over a public network between a first cloud gateway in a private cloud and a second cloud gateway in a public cloud, the secure transport layer tunnel configured to provide a link layer network extension between the private cloud and the public cloud; and

executing a cloud virtual Ethernet module (cVEM) within the public cloud, the cVEM configured to switch inter-virtual-machine (VM) traffic between the private cloud and one or more private application VMs in the public cloud connected to the cVEM.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment, a secure transport layer tunnel may be established over a public network between a first cloud gateway in a private cloud and a second cloud gateway in a public cloud, where the secure transport layer tunnel is configured to provide a link layer network extension between the private cloud and the public cloud. In addition, a cloud virtual Ethernet module (cVEM) may be executed (instantiated) within the public cloud, where the cVEM is configured to switch inter-virtual-machine (VM) traffic between the private cloud and one or more private application VMs in the public cloud connected to the cVEM.

322 Citations

20 Claims

1. A method, comprising:
- establishing a secure transport layer tunnel over a public network between a first cloud gateway in a private cloud and a second cloud gateway in a public cloud, the secure transport layer tunnel configured to provide a link layer network extension between the private cloud and the public cloud; and
  
  executing a cloud virtual Ethernet module (cVEM) within the public cloud, the cVEM configured to switch inter-virtual-machine (VM) traffic between the private cloud and one or more private application VMs in the public cloud connected to the cVEM.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method as in claim 1, further comprising:
    - managing the one or more private application VMs in the public cloud by a virtual supervisor module (VSM) in the private cloud as though the cVEM and VMs in the public cloud were within the private cloud.
  - 3. The method as in claim 2, further comprising:
    - managing a virtual network interface card (vNIC) of each of the one or more private application VMs in the public cloud as a virtual Ethernet interfaces (veth) on the VSM.
  - 4. The method as in claim 3, further comprising:
    - configuring a particular veth using a port-profile applicable to an instance of a particular private application VM whether instantiated within the public cloud or within the private cloud.
  - 5. The method as in claim 1, further comprising:
    - migrating an instance of a particular private application VM between a virtual Ethernet module (VEM) of the private cloud and the cVEM of the public cloud.
  - 6. The method as in claim 1, further comprising:
    - instantiating the first cloud gateway and second cloud gateway by a cloud manager within the public cloud.
  - 7. The method as in claim 1, further comprising:
    - monitoring health of the first and second cloud gateways, the one or more private application VMs, the cVEM, and the secure transport layer tunnel by a cloud manager within the public cloud.
  - 8. The method as in claim 1, further comprising:
    - embedding the cVEM within the second cloud gateway.
  - 9. The method as in claim 1, further comprising:
    - attaching the first cloud gateway as a VM to one of either a switch of the private cloud or to a virtual Ethernet module (VEM) of the private cloud that is attached to the switch.

10. A system, comprising:
- a first cloud gateway in a private cloud;
  
  a second cloud gateway in a public cloud;
  
  a secure transport layer tunnel over a public network between the first cloud gateway in the private cloud and the second cloud gateway in the public cloud, the secure transport layer tunnel configured to provide a link layer network extension between the private cloud and the public cloud; and
  
  a cloud virtual Ethernet module (cVEM) executed within the public cloud; and
  
  one or more private application virtual machines (VMs) in the public cloud connected to the cVEM, wherein the cVEM is configured to switch inter-VM traffic between the private cloud and the one or more private application VMs.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system as in claim 10, further comprising:
    - a virtual supervisor module (VSM) in the private cloud configured to manage the one or more private application VMs in the public cloud as though the cVEM and VMs in the public cloud were within the private cloud.
  - 12. The system as in claim 11, wherein the VSM is further configured to manage a virtual network interface card (vNIC) of each of the one or more private application VMs in the public cloud as a virtual Ethernet interfaces (veth) on the VSM.
  - 13. The system as in claim 12, wherein the VSM is further configured to configure a particular veth using a port-profile applicable to an instance of a particular private application VM whether instantiated within the public cloud or within the private cloud.
  - 14. The system as in claim 10, further comprising:
    - a cloud manager within the public cloud and configured to migrate an instance of a particular private application VM between a virtual Ethernet module (VEM) of the private cloud and the cVEM of the public cloud.
  - 15. The system as in claim 10, further comprising:
    - a cloud manager within the private cloud and configured to instantiate the first cloud gateway and second cloud gateway.
  - 16. The system as in claim 10, further comprising:
    - a cloud manager within the private cloud and configured to monitor health of the first and second cloud gateways, the one or more private application VMs, the cVEM, and the secure transport layer tunnel.
  - 17. The system as in claim 10, wherein the cVEM is embedded within the second cloud gateway.
  - 18. The system as in claim 10, further comprising:
    - a switch of the private cloud, wherein the first cloud gateway is attached as a VM to one of either the switch or to a virtual Ethernet module (VEM) of the private cloud that is attached to the switch.

19. A tangible, non-transitory, computer-readable media having software encoded thereon, the software when executed by a processor operable to:
- establish a secure transport layer tunnel over a public network between a first cloud gateway in a private cloud and a second cloud gateway in a public cloud, the secure transport layer tunnel configured to provide a link layer network extension between the private cloud and the public cloud; and
  
  instantiate a cloud virtual Ethernet module (cVEM) within the public cloud, the cVEM configured to switch inter-virtual-machine (VM) traffic between the private cloud and one or more private application VMs in the public cloud connected to the cVEM.
- View Dependent Claims (20)
- - 20. The computer-readable media as in claim 19, wherein the software when executed is further operable to:
    - migrate an instance of a particular private application VM between a virtual Ethernet module (VEM) of the private cloud and the cVEM of the public cloud, wherein the particular private application VM is managed by a virtual supervisor module (VSM) of the private cloud as though the cVEM and VMs in the public cloud were within the private cloud.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Chang, David W., Patra, Abhijit, Bagepalli, Nagaraj A., Mestery, Kyle

Granted Patent

US 9,203,784 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/12
CPC Class Codes

G06F 2009/4557   Distribution of virtual mac...

G06F 2009/45595   Network integration; Enabli...

G06F 9/45558   Hypervisor-specific managem...

H04L 12/462   LAN interconnection over a ...

H04L 12/4625   Single bridge functionality...

H04L 12/4633   Interconnection of networks...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 2012/5617   Virtual LANs; Emulation of ...

H04L 49/70   Virtual switches

DISTRIBUTED VIRTUAL SWITCH ARCHITECTURE FOR A HYBRID CLOUD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

322 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

DISTRIBUTED VIRTUAL SWITCH ARCHITECTURE FOR A HYBRID CLOUD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

322 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links