Cloud-based middlebox management system

US 9,104,492 B2
Filed: 09/04/2012
Issued: 08/11/2015
Est. Priority Date: 09/04/2012
Status: Active Grant

First Claim

Patent Images

1. A computing system comprising a plurality of network connected computers implementing virtual machines and controlled by a cloud application that dynamically allocates virtual machines to different enterprises and monitors costs of the virtual machines against an account for each enterprise;

the virtual machines for at least one enterprise including;

(1) application virtual machines executing software to implement an application for the enterprise;

(2) middlebox virtual machines executing software enforcing rules related to transport of data between application virtual machines; and

(3) at least one virtual network virtual machine (VNVM) executing software to dynamically control a virtual network interconnecting the application virtual machines and middlebox virtual machines;

wherein the at least one VNVM;

(i) intercommunicates with the application virtual machines and middlebox virtual machines to control a flow of data therebetween;

(ii) monitors a performance metric of the enterprise to request additional middlebox virtual machines from the cloud application according to that monitoring; and

(iii) monitors a performance metric of the enterprise to determine where among multiple locations to add additional middlebox virtual machines to the enterprise according to that monitoring.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A virtual network virtual machine may be implemented on a cloud computing facility to control communication among virtual machines executing applications and virtual machines executing middlebox functions. This virtual network virtual machine may provide for automatic scaling of middleboxes according to a heuristic algorithm that monitors the effectiveness of each middlebox on the network performance as application virtual machines are scaled. The virtual machine virtual network may also locate virtual machines in actual hardware to further optimize performance.

Citations

19 Claims

1. A computing system comprising a plurality of network connected computers implementing virtual machines and controlled by a cloud application that dynamically allocates virtual machines to different enterprises and monitors costs of the virtual machines against an account for each enterprise;
- the virtual machines for at least one enterprise including;
  
  (1) application virtual machines executing software to implement an application for the enterprise;
  
  (2) middlebox virtual machines executing software enforcing rules related to transport of data between application virtual machines; and
  
  (3) at least one virtual network virtual machine (VNVM) executing software to dynamically control a virtual network interconnecting the application virtual machines and middlebox virtual machines;
  
  wherein the at least one VNVM;
  
  (i) intercommunicates with the application virtual machines and middlebox virtual machines to control a flow of data therebetween;
  
  (ii) monitors a performance metric of the enterprise to request additional middlebox virtual machines from the cloud application according to that monitoring; and
  
  (iii) monitors a performance metric of the enterprise to determine where among multiple locations to add additional middlebox virtual machines to the enterprise according to that monitoring.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computing system of claim 1 wherein the VNVM controls the flow between application virtual machines and middlebox virtual machines by inter-communicating with the application virtual machines and middlebox virtual machines to establish tunnels on the network therebetween.
  - 3. The computing system of claim 2 wherein the tunnels are between application virtual machines and middlebox virtual machines.
  - 4. The computing system of claim 2 wherein the tunnels are between the VNVM and one of the application virtual machines and middlebox virtual machines.
  - 5. The computing system of claim 1 wherein the performance metric is requests per second handled by at least one application virtual machine.
  - 6. The computing system of claim 1 wherein the VNVM further monitors a performance metric of at least one application virtual machine while changing a number of middlebox virtual machines of a given type operating in parallel on a path of data flowing to at least one application virtual machine to determine where to increase a number of middlebox virtual machines on the path to at least one application virtual machine and adding middleboxes according to this determination.
  - 7. The computing system of claim 1 wherein the VNVM intercommunicates with the application virtual machines and middlebox virtual machines to provide a splitting of data directed to multiple middlebox applications operating in parallel on a path of data flowing to at least one application virtual machine, the splitting of data preferentially assigning new data flows to a new middlebox until flows to the parallel middleboxes are substantially equal.
  - 8. The computing system of claim 1 wherein the plurality of network connected computers are connected in a hierarchy of sub-networks and wherein the VNVM further(iii) communicates with the cloud application to control placement of the middlebox virtual machines in particular sub-networks according to at least one of:
    - (a) intended connections of middlebox virtual machines to associated application virtual machines on the virtual network so that middlebox virtual machines are close to associated application virtual machines on a physical network;
      
      (b) predicted scaling required by middlebox virtual machines so that middlebox virtual machines requiring substantial future scaling are separated from other middlebox virtual machines requiring substantial future scaling; and
      
      (c) a ratio of input to output traffic for middlebox virtual machines so that middlebox virtual machines with a high ratio are close to virtual machines providing input to the middlebox virtual machine with a high ratio.
  - 9. The computing system of claim 8 wherein the VNVM controls placement of the middlebox virtual machines within the sub-networks by at least one of:
    - (a) encouraging placement of virtual machines in the same sub-network by making the virtual machines the same size; and
      
      (b) encouraging placement of virtual machines in the same sub-network by instantiating them at the same time.

10. A method of managing a plurality of network connected computers implementing virtual machines and controlled by a cloud application that dynamically allocates virtual machines to different enterprises and monitors costs of the virtual machines against an account for each enterprise;
- the virtual machines for at least one enterprise including;
  
  (1) application virtual machines executing software to implement an application for the enterprise; and
  
  (2) middlebox virtual machines executing software enforcing rules related to transport of data between application virtual machines;
  
  comprising the steps of;
  
  (1) instantiating at least one virtual network virtual machine (VNVM) executing software to dynamically control a virtual network interconnecting the application virtual machines and middlebox virtual machines; and
  
  (2) operating the VNVM to intercommunicate with the application virtual machines and middlebox virtual machines to control the flow of data therebetween;
  
  (3) using the VNVM to monitor a performance metric of the enterprise to request additional middlebox virtual machines from the cloud application according to that monitoring; and
  
  (4) using the VNVM to monitor a performance metric of the enterprise to determine where among multiple locations to add additional middlebox virtual machines to the enterprise according to that monitoring.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The method of claim 10 wherein the VNVM controls the flow between application virtual machines and middlebox virtual machines by inter-communicating with the application virtual machines and middlebox virtual machines to establish tunnels on the network therebetween.
  - 12. The method of claim 11 wherein the tunnels are between application virtual machines and middlebox virtual machines.
  - 13. The method of claim 11 wherein the tunnels are between the VNVM and one of the application virtual machines and metal box virtual machines.
  - 14. The method of claim 10 wherein the performance metric is requests per second handled by at least one application virtual machine.
  - 15. The method of claim 10 further including the steps of using the VNVM to monitor a performance metric of at least one application virtual machine while changing a number of middlebox virtual machines of a given type operating in parallel on a path of data flowing to at least one application virtual machine to determine where to increase a number of middlebox virtual machines on the path to at least one application virtual machine and adding middleboxes according to this determination.
  - 16. The method of claim 10 further including the step of using the VNVM to intercommunicate with the application virtual machines and middlebox virtual machines to provide a splitting of data directed to multiple middlebox applications operating in parallel on a path of data flowing to at least one application virtual machine, the splitting of data preferentially assigning new data flows to a new middlebox until flows to the parallel middleboxes are substantially equal.
  - 17. The method of claim 16 wherein the network connected computers are held in different racks and wherein the splitting of data preferentially assigns data flows to reduce dataflows passing between different racks.
  - 18. The method of claim 10 wherein the plurality of network connected computers are connected in a hierarchy of sub-networks and further including the step of:
    - (4) using the VNVM to communicate with the cloud application to control placement of the middlebox virtual machines in particular sub-networks according to at least one of;
      
      (a) intended connections of middlebox virtual machines to associated application virtual machines on the virtual network so that middlebox virtual machines are close to associated application virtual machines on the physical network;
      
      (b) predicted scaling required by middlebox virtual machines so that middlebox virtual machines requiring substantial future scaling are separated from other middlebox virtual machines requiring substantial future scaling; and
      
      (c) a ratio of input to output traffic for middlebox virtual machines so that middlebox virtual machines with a high ratio are close to virtual machines providing input to the middlebox virtual machine with a high ratio.
  - 19. The method of claim 18 wherein the VNVM controls placement of the middlebox virtual machines within the sub-networks by at least one of:
    - (a) encouraging placement of virtual machines in the same sub-network by making the virtual machines the same size; and
      
      (b) encouraging placement of virtual machines in the same sub-network by instantiating them at the same time.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wisconsin Alumni Research Foundation (University of Wisconsin System)
Original Assignee
Wisconsin Alumni Research Foundation (University of Wisconsin System)
Inventors
Gember, Aaron Robert, Grandl, Robert Daniel, Benson, Theophilus Aderemi, Anand, Ashok, Akella, Srinivasa Aditya
Primary Examiner(s)
NGUYEN, VAN H

Application Number

US13/602,791
Publication Number

US 20140068602A1
Time in Patent Office

1,071 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 2009/45595   Network integration; Enabli...

G06F 9/45558   Hypervisor-specific managem...

G06F 9/5072   Grid computing

H04L 12/4633   Interconnection of networks...

Cloud-based middlebox management system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud-based middlebox management system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links