Compliance-based adaptations in managed virtual systems
First Claim
1. A method for enforcing a policy associated with a virtual machine, the method comprising:
- receiving a virtual machine event request;
receiving first data from within the virtual machine in response to receiving the virtual machine event request;
receiving second different data from an environment outside the virtual machine in response to receiving the virtual machine event request;
detecting internal non-compliance by the virtual machine of a first policy-based compliance scheme based on the first data;
detecting external non-compliance by the virtual machine as provided in the environment of a second different policy-based compliance scheme based on the second different data;
adapting the virtual machine to comply with the first policy-based compliance scheme by manipulating the virtual machine;
adapting the environment to comply with the second policy-based compliance scheme; and
processing the virtual machine event request after adapting (i) the virtual machine and (ii) the environment.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques are disclosed for controlling and managing virtual machines and other such virtual systems. VM execution approval is based on compliance with policies controlling various aspects of VM. The techniques can be employed to benefit all virtual environments, such as virtual machines, virtual appliances, and virtual applications. For ease of discussion herein, assume that a virtual machine (VM) represents each of these environments. In one particular embodiment, a systems management partition (SMP) is created inside the VM to provide a persistent and resilient storage for management information (e.g., logical and physical VM metadata). The SMP can also be used as a staging area for installing additional content or agentry on the VM when the VM is executed. Remote storage of management information can also be used. The VM management information can then be made available for pre-execution processing, including policy-based compliance testing.
-
Citations
22 Claims
-
1. A method for enforcing a policy associated with a virtual machine, the method comprising:
-
receiving a virtual machine event request; receiving first data from within the virtual machine in response to receiving the virtual machine event request; receiving second different data from an environment outside the virtual machine in response to receiving the virtual machine event request; detecting internal non-compliance by the virtual machine of a first policy-based compliance scheme based on the first data; detecting external non-compliance by the virtual machine as provided in the environment of a second different policy-based compliance scheme based on the second different data; adapting the virtual machine to comply with the first policy-based compliance scheme by manipulating the virtual machine; adapting the environment to comply with the second policy-based compliance scheme; and processing the virtual machine event request after adapting (i) the virtual machine and (ii) the environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A non-transitory computer readable medium storing instructions for enforcing a policy associated with a virtual machine which, when executed, cause a processing device to:
-
receive a virtual machine event request; receive first data from within the virtual machine in response to receiving the virtual machine event request; receive second different data from an environment outside the virtual machine in response to receiving the virtual machine event request; detect internal non-compliance by the virtual machine of a first policy-based compliance scheme based on the first data; detect external non-compliance by the virtual machine as provided in the environment of a second different policy-based compliance scheme based on the second different data; adapt the virtual machine to comply with the first policy-based compliance scheme by manipulating the virtual machine; adapt the environment to comply with the second policy-based compliance scheme; and process the virtual machine event request after adapting (i) the virtual machine and (ii) the environment.
-
Specification