Control and management of virtual systems
First Claim
1. An apparatus for enforcing a policy associated with a virtual machine, the apparatus comprising:
- a memory storing instructions; and
a computing device communicatively coupled to a first virtual machine, the computing device including a processor operably coupled to the memory device, the processor executing the instructions to;
receive a virtual machine event request;
detect non-compliance by the first virtual machine of a policy-based compliance scheme of a managed system in response to receiving the virtual machine event request, wherein the policy-based compliance scheme of the managed system includes a plurality of compliance policies which are defined to enforce system wide control of execution of virtual machines within the managed system;
adapt the first virtual machine to comply with the policy-based compliance scheme;
process the virtual machine event request after adapting the first virtual machine; and
analyze adaptations made to the first virtual machine, after adapting the first virtual machine, to derive an optimized variant of the adapted first virtual machine to create a second different virtual machine,wherein adapting the first virtual machine includes validating adaptations made to the first virtual machine, andwherein validating adaptations made includes repeating policy-based compliance testing that was used to determine the first virtual machine was non-compliant.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques are disclosed for controlling and managing virtual machines and other such virtual systems. VM execution approval is based on compliance with policies controlling various aspects of VM. The techniques can be employed to benefit all virtual environments, such as virtual machines, virtual appliances, and virtual applications. For ease of discussion herein, assume that a virtual machine (VM) represents each of these environments. In one particular embodiment, a systems management partition (SMP) is created inside the VM to provide a persistent and resilient storage for management information (e.g., logical and physical VM metadata). The SMP can also be used as a staging area for installing additional content or agentry on the VM when the VM is executed. Remote storage of management information can also be used. The VM management information can then be made available for pre-execution processing, including policy-based compliance testing.
149 Citations
26 Claims
-
1. An apparatus for enforcing a policy associated with a virtual machine, the apparatus comprising:
-
a memory storing instructions; and a computing device communicatively coupled to a first virtual machine, the computing device including a processor operably coupled to the memory device, the processor executing the instructions to; receive a virtual machine event request; detect non-compliance by the first virtual machine of a policy-based compliance scheme of a managed system in response to receiving the virtual machine event request, wherein the policy-based compliance scheme of the managed system includes a plurality of compliance policies which are defined to enforce system wide control of execution of virtual machines within the managed system; adapt the first virtual machine to comply with the policy-based compliance scheme; process the virtual machine event request after adapting the first virtual machine; and analyze adaptations made to the first virtual machine, after adapting the first virtual machine, to derive an optimized variant of the adapted first virtual machine to create a second different virtual machine, wherein adapting the first virtual machine includes validating adaptations made to the first virtual machine, and wherein validating adaptations made includes repeating policy-based compliance testing that was used to determine the first virtual machine was non-compliant. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. An apparatus for enforcing a policy associated with a virtual machine, the apparatus comprising:
-
a memory storing instructions; and a computing device communicatively coupled to a first virtual machine, the computing device including a processor operably coupled to the memory device, the processor executing the instructions to; receive a virtual machine event request; detect non-compliance by the first virtual machine of a policy-based compliance scheme of a managed system in response to receiving the virtual machine event request, wherein the policy-based compliance scheme of the managed system includes a plurality of compliance policies which are defined to enforce system wide control of execution of virtual machines within the managed system; adapt the first virtual machine to comply with the policy-based compliance scheme; process the virtual machine event request after adapting the first virtual machine; and analyze adaptations made to the first virtual machine, after adapting the first virtual machine, to derive an optimized variant of the adapted first virtual machine to create a second different virtual machine, wherein the adaptations made to the first virtual machine include at least a first adaptation which occurred a plurality of times during a plurality of executions of the first virtual machine. - View Dependent Claims (26)
-
Specification