Applying policies to schedule network bandwidth among virtual machines
First Claim
1. One or more computer-storage memory having computer-executable instructions embodied thereon that, when executed, perform a method for metering various data flows of packets originating from a plurality of virtual machines (VMs) instantiated on a single physical node, the method comprising:
- inspecting one or more quality of service (QoS) policies written to a contract, wherein the contract governs allocation of network resources to a first client;
depositing tokens into a first token-bucket queue based, in part, on the one or more QoS policies of the first-client contract, wherein the first token-bucket queue is assigned to a first VM instantiated on the physical node;
detecting the first VM is in an active state based on a depletion of the deposited tokens from the first token-bucket queue, wherein a portion of the deposited tokens are withdrawn from the first token-bucket queue as a function of a rate of the data flow from the first VM;
reloading tokens into the first token-bucket queue based, in part, on the one or more QoS policies and a portion of the deposited tokens remaining in the first token-bucket queuedetecting the first VM is in an idle state based on a lack of usage of the deposited tokens from the first token-bucket queue, wherein the deposited tokens are not withdrawn from the first token-bucket queue when the first VM ceases transmitting packets therefrom; and
abstaining from reloading tokens into the first token-bucket queue based, in part, on the idle state of the first VM, wherein inspecting one or more QoS policies written to a contract comprises determining a minimal amount of tokens to reserve for the first token-bucket queue when the first VM has assumed the idle state.
3 Assignments
0 Petitions
Accused Products
Abstract
Computerized methods, systems, and computer-storage media for allowing virtual machines (VMs) residing on a common physical node to fairly share network bandwidth are provided. Restrictions on resource consumption are implemented to ameliorate stressing the network bandwidth or adversely affecting the quality of service (QoS) guaranteed to tenants of the physical node. The restrictions involves providing a scheduler that dynamically controls networking bandwidth allocated to each of the VMs as a function of QoS policies. These QoS policies are enforced by controlling a volume of traffic being sent from the VMs. Controlling traffic includes depositing tokens into token-bucket queues assigned to the VMs, respectively. The tokens are consumed as packets pass through the token-bucket queues. Upon consumption, packets are held until sufficient tokens are reloaded to the token-bucket queues.
-
Citations
14 Claims
-
1. One or more computer-storage memory having computer-executable instructions embodied thereon that, when executed, perform a method for metering various data flows of packets originating from a plurality of virtual machines (VMs) instantiated on a single physical node, the method comprising:
-
inspecting one or more quality of service (QoS) policies written to a contract, wherein the contract governs allocation of network resources to a first client; depositing tokens into a first token-bucket queue based, in part, on the one or more QoS policies of the first-client contract, wherein the first token-bucket queue is assigned to a first VM instantiated on the physical node; detecting the first VM is in an active state based on a depletion of the deposited tokens from the first token-bucket queue, wherein a portion of the deposited tokens are withdrawn from the first token-bucket queue as a function of a rate of the data flow from the first VM; reloading tokens into the first token-bucket queue based, in part, on the one or more QoS policies and a portion of the deposited tokens remaining in the first token-bucket queue detecting the first VM is in an idle state based on a lack of usage of the deposited tokens from the first token-bucket queue, wherein the deposited tokens are not withdrawn from the first token-bucket queue when the first VM ceases transmitting packets therefrom; and abstaining from reloading tokens into the first token-bucket queue based, in part, on the idle state of the first VM, wherein inspecting one or more QoS policies written to a contract comprises determining a minimal amount of tokens to reserve for the first token-bucket queue when the first VM has assumed the idle state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer system capable of metering a rate at which packets from a virtual machine are injected into a network utilizing one or more policies specified by tenants of a data center, the computer system comprising a computer storage medium having a plurality of computer software components embodied thereon, the computer software components comprising:
-
a first VM instantiated on a physical node; a second VM instantiated on the physical node; a first token-bucket queue assigned to the first VM; a second token-bucket queue assigned to the second VM, wherein the first token-bucket queue and the second token-bucket queue represent distinct memory buffers located on the physical node; and a scheduler that reads a first-client contract and a second-client contract associated with the first VM and the second VM, respectively, that deposits a first amount of tokens into the first token-bucket queue as a function of the one or more policies within the first-client contract, and that deposits a second amount of tokens into the second token-bucket queue as a function of the one or more policies within the second-client contract, wherein the first amount of tokens and the second amount of tokens each represent a portion of network bandwidth that is allocated to the first VM and the second VM, respectively, wherein the first amount and the second amount of tokens differ in value, wherein the first VM transmits a first data flow of packets to the first token-bucket queue prior to the packets of the first data flow being released from the physical node, wherein the second VM transmits a second data flow of packets to the second token-bucket queue prior to the packets of the second data flow being released from the physical node, wherein, upon receiving the first data flow, the first token-bucket queue deducts a prescribed amount of tokens deposited therein for each packet within the first data flow, wherein, upon receiving the second data flow, the second token-bucket queue deducts a prescribed amount of tokens deposited therein for each packet within the second data flow; and a routing component that accesses a mapping between the first VM and the first token-bucket queue when the first VM is attempting to transmit the first data flow to an endpoint external to the physical node, and that routes the first data flow to the first token-bucket queue based on the mapping, wherein the routing component routes the first data flow from first VM to the second VM without passing through the first token-bucket queue when the first VM is attempting to transmit the first data flow directly to the second VM. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A computerized method for imposing a limit on a rate of data flowing from a subject virtual machine (VM), the method comprising:
-
accepting a first deposit of tokens from a scheduler, wherein an amount of tokens provided within the first deposit is based on determining whether the subject VM is in an active state, based on a depletion of the first deposit of tokens, or an idle state, based on a lack of usage of the first deposit of tokens, wherein, when in the active state, a token-bucket queue of the subject VM is reloaded as a function of a portion of the first deposit of tokens remaining in the first token-bucket queue, and wherein, when in the idle state, the token-bucket queue is reloaded with a minimal amount of tokens reserved for the subject VM; consuming the tokens according to a rate of the data flow from the subject VM; and dynamically metering the data-flow rate upon substantially depleting the tokens, wherein metering comprises; (a) forwarding to a network interface component packets within the data flow that are received prior to the tokens being substantially depleted from the token-bucket queue; (b) enqueueing packets within the data flow that are received subsequent to the tokens being substantially depleted from the token-bucket queue; and (c) forwarding the enqueued packets to the network interface component upon the token-bucket queue accepting a second deposit of tokens from the scheduler.
-
Specification