Virtual input-output connections for machine virtualization
First Claim
1. A computing method, comprising:
- specifying a virtual computer system comprising at least one virtual or physical compute node, which produces data packets having respective source attributes;
defining at least one Virtual Input-Output Connection (VIOC) that is uniquely associated with the values of the source attributes;
defining a policy specifying an operation to be performed with regard to the VIOC;
implementing the virtual computer system on a physical computer system that includes at least one physical packet switching element; and
configuring the physical packet switching element to identify the data packets whose source attributes have the values that are associated with the VIOC and to perform the operation on the identified data packets, so as to enforce the policy on the VIOC,wherein configuring the physical packet switching element comprises detecting a change in one of the physical computer system and the virtual computer system, and re-configuring the physical packet switching element responsively to the detected change, so as to cause the physical packet switching element to continue enforcing the policy,wherein the at least one physical packet switching element comprises first and second physical packet switching elements, wherein configuring the physical packet switching element comprises initially configuring the first physical packet switching element to enforce the policy, and wherein re-configuring the physical packet switching element comprises, responsively to detecting the change, configuring the second physical packet switching element to enforce the policy.
5 Assignments
0 Petitions
Accused Products
Abstract
A computing method includes specifying a virtual computer system including at least one virtual or physical compute node, which produces data packets having respective source attributes. At least one Virtual Input-Output Connection (VIOC) that is uniquely associated with the values of the source attributes is defined. A policy specifying an operation to be performed with regard to the VIOC is defined. The virtual computer system is implemented on a physical computer system, which includes at least one physical packet switching element. The physical packet switching element is configured to identify the data packets whose source attributes have the values that are associated with the VIOC and to perform the operation on the identified data packets, so as to enforce the policy on the VIOC.
-
Citations
31 Claims
-
1. A computing method, comprising:
-
specifying a virtual computer system comprising at least one virtual or physical compute node, which produces data packets having respective source attributes; defining at least one Virtual Input-Output Connection (VIOC) that is uniquely associated with the values of the source attributes; defining a policy specifying an operation to be performed with regard to the VIOC; implementing the virtual computer system on a physical computer system that includes at least one physical packet switching element; and configuring the physical packet switching element to identify the data packets whose source attributes have the values that are associated with the VIOC and to perform the operation on the identified data packets, so as to enforce the policy on the VIOC, wherein configuring the physical packet switching element comprises detecting a change in one of the physical computer system and the virtual computer system, and re-configuring the physical packet switching element responsively to the detected change, so as to cause the physical packet switching element to continue enforcing the policy, wherein the at least one physical packet switching element comprises first and second physical packet switching elements, wherein configuring the physical packet switching element comprises initially configuring the first physical packet switching element to enforce the policy, and wherein re-configuring the physical packet switching element comprises, responsively to detecting the change, configuring the second physical packet switching element to enforce the policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computing apparatus, comprising:
-
an interface, which is operative to communicate with a physical computer system that includes at least one physical packet switching element; and a processor, which is coupled to accept a specification of a virtual computer system comprising at least one virtual or physical compute node, which produces data packets having respective source attributes, to accept a definition of at least one Virtual Input-Output Connection (VIOC) that is uniquely associated with the values of the source attributes, to accept a policy specifying an operation to be performed with regard to the VIOC, to implement the virtual computer system on the physical computer system, and to configure the physical packet switching element to identify the data packets whose source attributes have the values that are associated with the VIOC and to perform the operation on the identified data packets, so as to enforce the policy on the VIOC, wherein the processor is coupled to detect a change in one of the physical computer system and the virtual computer system, and to re-configure the physical packet switching element responsively to the detected change so as to cause the physical packet switching element to continue enforcing the policy, wherein the at least one physical packet switching element comprises first and second physical packet switching elements, and wherein the processor is coupled to initially configure the first physical packet switching element to enforce the policy, and, responsively to detecting the change, to configure the second physical packet switching element to enforce the policy. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A non-transitory computer-readable medium in which program instructions are stored, which instructions, when read by a processor, cause the processor to communicate with a physical computer system that includes at least one physical packet switching element, to accept a specification of a virtual computer system comprising at least one virtual or physical compute node, which produces data packets having respective source attributes, to accept a definition of at least one Virtual Input-Output Connection (VIOC) that is uniquely associated with the values of the source attributes, to accept a policy specifying an operation to be performed with regard to the VIOC, to implement the virtual computer system on the physical computer system, and to configure the physical packet switching element to identify the data packets whose source attributes have the values that are associated with the VIOC and to perform the operation on the identified data packets, so as to enforce the policy on the VIOC, to detect a change in one of the physical computer system and the virtual computer system, and to re-configure the physical packet switching element responsively to the detected change so as to cause the physical packet switching element to continue enforcing the policy,
wherein the at least one physical packet switching element comprises first and second physical packet switching elements, and wherein the instructions cause the processor to initially configure the first physical packet switching element to enforce the policy, and, responsively to detecting the change, to configure the second physical packet switching element to enforce the policy.
Specification