CROSS-CLOUD NAMESPACE MANAGEMENT FOR MULTI-TENANT ENVIRONMENTS
First Claim
1. A method of supporting independent addressing for multiple tenants in a cloud computing system, comprising:
- for each tenant, configuring a private network between the tenant and the cloud computing system, wherein the private network is managed by a tenant-facing cloud gateway;
configuring the tenant-facing cloud gateways to preserve the source addresses of packets originating from the cloud computing system; and
configuring a multi-tenant cloud gateway to a public network to translate the source addresses of packets originating from the cloud computing system to addresses that are unique within the public network.
2 Assignments
0 Petitions
Accused Products
Abstract
Conditional address translation is performed in a multi-tenant cloud infrastructure to effectively support tenant-assigned addresses. For each tenant, the multi-tenant cloud infrastructure deploys both a private network used to communicate between the tenant and the cloud and a tenant-facing gateway to manage the private network. The multi-tenant cloud infrastructure also includes an externally-facing gateway used to communicate between the multi-tenant cloud and a public network. The tenant-facing gateways are configured to bypass address translation—providing consistent addressing across each private network irrespective of the physical location of resources linked by the private network. By contrast, the public-facing gateway is configured to translate source addresses in outgoing packets to addresses that are unique within the public network. Advantageously, discriminately mapping addresses enables multiple tenants to interact in a uniform fashion with both on-premises resources and cloud-hosted resources without incurring undesirable address collisions between tenants.
-
Citations
20 Claims
-
1. A method of supporting independent addressing for multiple tenants in a cloud computing system, comprising:
-
for each tenant, configuring a private network between the tenant and the cloud computing system, wherein the private network is managed by a tenant-facing cloud gateway; configuring the tenant-facing cloud gateways to preserve the source addresses of packets originating from the cloud computing system; and configuring a multi-tenant cloud gateway to a public network to translate the source addresses of packets originating from the cloud computing system to addresses that are unique within the public network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer readable storage medium comprising instructions, which when executed in a multi-tenant cloud computing system causes the computing system to carry out the steps of:
-
for each tenant, configuring a private network between the tenant and the cloud computing system, wherein the private network is managed by a tenant-facing cloud gateway; configuring the tenant-facing cloud gateways to preserve the source addresses of packets originating from the cloud computing system; and configuring a multi-tenant cloud gateway to a public network to translate the source addresses of packets originating from the cloud computing system to addresses that are unique within the public network. - View Dependent Claims (10, 11, 12, 13, 14, 15, 17, 18, 19, 20)
-
-
16. A hybrid cloud computing system comprising:
-
virtualized computing systems that each include a plurality of physical host computers in which one or more virtual machines are running, wherein each virtualized computing system corresponds to a different tenant; a cloud computing system that includes a plurality of physical host computers in which one or more virtual machines are running; and a hybridity director that allocate resources of cloud computing system between the tenants, wherein the hybridity director is configured to; for each tenant, configure a private network between the corresponding virtualized computing system and the cloud computing system, wherein the private network is managed by a tenant-facing cloud gateway; configure the tenant-facing cloud gateways to preserve the source addresses of packets originating from the cloud computing system; and configure a multi-tenant cloud gateway to a public network to translate the source addresses of packets originating from the cloud computing system to addresses that are unique within the public network.
-
Specification