Drift management of images

US 9,552,198 B2
Filed: 01/23/2015
Issued: 01/24/2017
Est. Priority Date: 09/26/2014
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

storing an end state definition that identifies a standard set of source components for a software image that is subscribed to by a plurality of target software deployments;

receiving a new patch from a service provider for a particular software system;

adding the new patch from the service provider to the standard set of source components;

determining that at least one target software deployment of the plurality of target software deployments has applied a set of one or more patches that do not comply with the end state definition thereby causing the at least one target software deployment to have drifted from the standard set of source components identified by the end state definition;

determining whether to add the set of one or more patches that do not comply with the end state definition to the standard set of source components identified by the end state definition; and

in response to determining to add the set of one or more patches that do not comply to the standard set of source components, generating an updated version of the software image that includes the set of one or more patches and the new patch from the service provider.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques are described for managing drift within a standardized environment. According to one embodiment, an end state definition is stored that identifies a standard set of source components for a plurality of targets. A drift manager determines that at least one target of the plurality of targets has drifted from the standard set of source components identified by the end state definition. After determining that the at least one target of the plurality of targets has drifted from the standard set of source components identified by the end state definition, the drift manager reconciles the at least one target with the end state definition.

31 Citations

36 Claims

1. A method comprising:
- storing an end state definition that identifies a standard set of source components for a software image that is subscribed to by a plurality of target software deployments;
  
  receiving a new patch from a service provider for a particular software system;
  
  adding the new patch from the service provider to the standard set of source components;
  
  determining that at least one target software deployment of the plurality of target software deployments has applied a set of one or more patches that do not comply with the end state definition thereby causing the at least one target software deployment to have drifted from the standard set of source components identified by the end state definition;
  
  determining whether to add the set of one or more patches that do not comply with the end state definition to the standard set of source components identified by the end state definition; and
  
  in response to determining to add the set of one or more patches that do not comply to the standard set of source components, generating an updated version of the software image that includes the set of one or more patches and the new patch from the service provider.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - updating one or more target software deployments of the plurality of target software deployments based on the updated version of the software image.
  - 3. The method of claim 1, further comprising:
    - reconciling the at least one target software deployment with the end state definition;
      
      wherein the at least one target software deployment of the plurality of target software deployments is missing at least one patch that is identified by the end state definition; and
      
      wherein reconciling the at least one target software deployment with the end state definition comprises updating the at least one target software deployment such that the at least one target software deployment includes the at least one patch.
  - 4. The method of claim 1, wherein determining that at least one target software deployment of the plurality of target software deployments has drifted from the standard set of source components identified by the end state definition comprises:
    - generating a configuration level signature for a gold image that represents the end state definition;
      
      comparing the configuration level signature with a respective configuration level signature for each respective target software deployment in the plurality of target software deployments;
      
      in response to determining that the configuration level signature does not match the respective configuration level signature for the at least one target software deployment, determining that the at least one target software deployment has drifted from the standard set of source components identified by the end state definition.
  - 5. The method of claim 1, further comprising:
    - in response to detecting a patch that would cause the at least one target software deployment to drift from the standard set of source components identified by the end state definition, notifying a user about the patch.
  - 6. The method of claim 5, further comprising:
    - preventing the patch from being applied at the at least one target software deployment in response to a request from the user to block the patch.
  - 7. The method of claim 1, further comprising determining a compliance rate for the plurality of target software deployments based on how many target software deployments of the plurality of target software deployments have drifted from the standard set of source components identified by the end state definition.
  - 8. The method of claim 7, further comprising causing display of the compliance rate for the plurality of target software deployments to a user.

9. One or more non-transitory computer-readable media storing instructions including:
- instructions, which when executed by one or more hardware processors, cause storing an end state definition that identifies a standard set of source components for a software image that is subscribed to by a plurality of target software deployments;
  
  instructions, which when executed by one or more hardware processors, cause receiving a new patch from a service provider for a particular software system;
  
  instructions, which when executed by one or more hardware processors, cause adding the new patch from the service provider to the standard set of source components;
  
  instructions, which when executed by one or more hardware processors, cause determining that at least one target software deployment of the plurality of target software deployments has applied a set of one or more patches that do not comply with the end state definition thereby causing the at least one target software deployment to have drifted from the standard set of source components identified by the end state definition;
  
  instructions, which when executed by one or more hardware processors, cause determining whether to add the set of one or more patches that do not comply with the end state definition to the standard set of source components identified by the end state definition; and
  
  instructions, which when executed by one or more hardware processors, cause in response to determining to add the set of one or more patches that do not comply to the standard set of source components, generating an updated version of the software image that includes the set of one or more patches and the new patch from the service provider.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The one or more non-transitory computer-readable media of claim 9, wherein the instructions further include:
    - instructions, which when executed by one or more hardware processors, cause updating one or more target software deployments of the plurality of target software deployments based on the updated version of the software image.
  - 11. The one or more non-transitory computer-readable media of claim 9, wherein the instructions further include:
    - instructions, which when executed by one or more hardware processors, cause reconciling the at least one target software deployment with the end state definition;
      
      wherein the at least one target software deployment of the plurality of target software deployments is missing at least one patch that is identified by the end state definition; and
      
      wherein instructions for reconciling the at least one target software deployment with the end state definition comprise instructions for updating the at least one target software deployment such that at least one target software deployment includes the at least one patch.
  - 12. The one or more non-transitory computer-readable media of claim 9, wherein instructions for determining that at least one target software deployment of the plurality of target software deployments has drifted from the standard set of source components identified by the end state definition comprise instructions for:
    - generating a configuration level signature for a gold image that represents the end state definition;
      
      comparing the configuration level signature with a respective configuration level signature for each respective target software deployment in the plurality of target software deployments;
      
      in response to determining that the configuration level signature does not match the respective configuration level signature for the at least one target software deployment, determining that the at least one target software deployment has drifted from the standard set of source components identified by the end state definition.
  - 13. The one or more non-transitory computer-readable media of claim 9, wherein the instructions further include:
    - instructions, which when executed by one or more hardware processors, cause in response to detecting a patch that would cause the at least one target software deployment to drift from the standard set of source components identified by the end state definition, notifying a user of the patch.
  - 14. The one or more non-transitory computer-readable media of claim 13, wherein the instructions further include:
    - instructions, which when executed by one or more hardware processors, cause preventing the patch from being applied at the at least one target software deployment in response to a request from the user to block the patch.
  - 15. The one or more non-transitory computer-readable media of claim 9, wherein the instructions further include:
    - instructions, which when executed by one or more hardware processors, cause determining a compliance rate for the plurality of target software deployments based on how many target software deployments of the plurality of target software deployments have drifted from the standard set of source components identified by the end state definition.
  - 16. The one or more non-transitory computer-readable media of claim 15, wherein the instructions further include:
    - instructions, which when executed by one or more hardware processors, cause display of the compliance rate for the plurality of target software deployments to a user.

17. A method comprising:
- storing a set of end state definitions including a first end state definition that identifies a first standard level of configuration and a second end state definition that identifies a second standard level of configuration;
  
  wherein a first group of targets follow updates to the first end state definition;
  
  wherein a second group of target follow updates to the second end state definition;
  
  receiving a request to initialize a new target;
  
  in response to the request;
  
  assigning the new target to the first group instead of the second group based at least in part on a set of attributes associated with the new target;
  
  determining that a level of configuration of the new target differs from the first standard level of configuration identified by the first end state definition; and
  
  in response to determining that the level of configuration of the new target differs from the first standard level of configuration identified by the first end state definition, causing display of information that indicates in what way the new target differs from the first standard level of configuration;
  
  wherein the information identifies a set of patches identified in the first end state definition that have not been applied to the new target.
- View Dependent Claims (19, 20, 21)
- - 19. The method of claim 17, wherein the information further identifies an incompatible patch that has been applied to the new target.
  - 20. The method of claim 17, further comprising updating the new target by applying the set of patches to bring the new target into compliance with the first end state definition.
  - 21. The method of claim 17, wherein the set of attributes associated with the new target includes a software release version.

18. One or more non-transitory computer-readable media storing instructions including:
- instructions, which when executed by one or more hardware processors, cause storing a set of end state definitions including a first end state definition that identifies a first standard level of configuration and a second end state definition that identifies a second standard level of configuration;
  
  wherein a first group of targets follow updates to the first end state definition;
  
  wherein a second group of target follow updates to the second end state definition;
  
  instructions, which when executed by one or more hardware processors, cause receiving a request to initialize a new target;
  
  instructions, which when executed by one or more hardware processors, cause in response to the request;
  
  assigning the new target to the first group instead of the second group based at least in part on a set of attributes associated with the new target;
  
  determining that a level of configuration of the new target differs from the first standard level of configuration identified by the first end state definition; and
  
  in response to determining that the level of configuration of the new target differs from the first standard level of configuration identified by the first end state definition, causing display of information that indicates in what way the new target differs from the first standard level of configuration;
  
  wherein the information identifies a set of patches identified in the first end state definition that have not been applied to the new target.
- View Dependent Claims (22, 23, 24)
- - 22. The one or more non-transitory computer-readable media of claim 18, wherein the information further identifies an incompatible patch that has been applied to the new target.
  - 23. The one or more non-transitory computer-readable media of claim 18, wherein the instructions further include:
    - instructions, which when executed by one or more hardware processors, cause updating the new target by applying the set of patches to bring the new target into compliance with the first end state definition.
  - 24. The one or more non-transitory computer-readable media of claim 18, wherein the set of attributes associated with the new target includes a software release version.

25. A system comprising:
- one or more hardware processors;
  
  one or more non-transitory media storing instructions, which when executed by the one or more hardware processors, cause operations comprising;
  
  storing an end state definition that identifies a standard set of source components for a software image that is subscribed to by a plurality of target software deployments;
  
  receiving a new patch from a service provider for a particular software system;
  
  adding the new patch from the service provider to the standard set of source components;
  
  determining that at least one target software deployment of the plurality of target software deployments has applied a set of one or more patches that do not comply with the end state definition thereby causing the at least one target software deployment to have drifted from the standard set of source components identified by the end state definition;
  
  determining whether to add the set of one or more patches that do not comply with the end state definition to the standard set of source components identified by the end state definition; and
  
  in response to determining to add the set of one or more patches that do not comply to the standard set of source components, generating an updated version of the software image that includes the set of one or more patches and the new patch from the service provider.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. The system of claim 25, wherein the instructions further causing operations comprising updating one or more target software deployments of the plurality of target software deployments based on the updated version of the software image.
  - 27. The system of claim 25, the instructions further causing operations comprising:
    - reconciling the at least one target software deployment with the end state definition;
      
      wherein the at least one target software deployment of the plurality of target software deployments is missing at least one patch that is identified by the end state definition; and
      
      wherein instructions for reconciling the at least one target software deployment with the end state definition comprise instructions for updating the at least one target software deployment such that at least one target software deployment includes the at least one patch.
  - 28. The system of claim 25, the instructions further causing operations comprising:
    - determining that at least one target software deployment of the plurality of target software deployments has drifted from the standard set of source components identified by the end state definition comprise instructions for;
      
      generating a configuration level signature for a gold image that represents the end state definition;
      
      comparing the configuration level signature with a respective configuration level signature for each respective target software deployment in the plurality of target software deployments;
      
      in response to determining that the configuration level signature does not match the respective configuration level signature for the at least one target software deployment, determining that the at least one target software deployment has drifted from the standard set of source components identified by the end state definition.
  - 29. The system of claim 25, the instructions further causing operations comprising:
    - in response to detecting a patch that would cause the at least one target software deployment to drift from the standard set of source components identified by the end state definition, notifying a user of the patch.
  - 30. The system of claim 29, the instructions further causing operations comprising preventing the patch from being applied at the at least one target software deployment in response to a request from the user to block the patch.
  - 31. The system of claim 25, the instructions further causing operations comprising determining a compliance rate for the plurality of target software deployments based on how many target software deployments of the plurality of target software deployments have drifted from the standard set of source components identified by the end state definition.
  - 32. The system of claim 31, the instructions further causing operations comprising causing display of the compliance rate for the plurality of target software deployments to a user.

33. A system comprising:
- one or more hardware processors;
  
  one or more non-transitory media storing instructions, which when executed by the one or more hardware processors, cause operations comprising;
  
  storing a set of end state definitions including a first end state definition that identifies a first standard level of configuration and a second end state definition that identifies a second standard level of configuration;
  
  wherein a first group of targets follow updates to the first end state definition;
  
  wherein a second group of target follow updates to the second end state definition;
  
  receiving a request to initialize a new target;
  
  in response to the request;
  
  assigning the new target to the first group instead of the second group based at least in part on a set of attributes associated with the new target;
  
  determining that a level of configuration of the new target differs from the first standard level of configuration identified by the first end state definition; and
  
  in response to determining that the level of configuration of the new target differs from the first standard level of configuration identified by the first end state definition, causing display of information that indicates in what way the new target differs from the first standard level of configuration;
  
  wherein the information identifies a set of patches identified in the first end state definition that have not been applied to the new target.
- View Dependent Claims (34, 35, 36)
- - 34. The system of claim 33, wherein the information further identifies an incompatible patch that has been applied to the new target.
  - 35. The system of claim 33, wherein the instructions further cause operations comprising:
    - updating the new target by applying the set of patches to bring the new target into compliance with the first end state definition.
  - 36. The system of claim 33, wherein the set of attributes associated with the new target includes a software release version.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Kuchibhotla, Balasubrahmanyam, Paliwal, Bharat, Srinivasan, Hariprasanna, Khanuja, Kamaldeep, Sanklecha, Shachi, Vaidhiyanathan, Ramalakshmi
Primary Examiner(s)
Dao, Thuy
Assistant Examiner(s)
BERMAN, STEPHEN DAVID

Application Number

US14/603,804
Publication Number

US 20160092188A1
Time in Patent Office

732 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 8/60   Software deployment

G06F 8/61   Installation

G06F 8/63   Image based installation; C...

G06F 8/65   Updates security arrangemen...

G06F 8/71   Version control security ar...

H04L 67/10   in which an application is ...

H04W 4/60   Subscription-based services...

Drift management of images

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

31 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Drift management of images

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links