Automated establishment of access to remote services

US 9,602,344 B1
Filed: 12/30/2013
Issued: 03/21/2017
Est. Priority Date: 12/30/2013
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method performed by an enterprise system for enabling a remote application server hosted by a cloud provider system to access services local to the enterprise system, the method comprising:

establishing a first tunnel between the enterprise system and the cloud provider system;

establishing a secure connection over the first tunnel, the secure connection being encrypted;

obtaining configuration data from the cloud provider system over the secure connection, the configuration data including information on one or more services local to the enterprise system, the obtaining comprising sending a packet containing a file copy command to be executed by a process implementing the secure connection, wherein the process implementing the secure connection is SSH (Secure Shell), and the file copy command is the SSH copy command; and

enabling access to the one or more services by the remote application server, using the obtained configuration data.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A software application designed to operate within an enterprise system is modified to operate properly within a system of a third-party provider. In one embodiment, a site manager obtains pertinent information about the software application from the source systems that make up the enterprise system and provides it to a cloud manager, and the cloud manager uses the information to generate a modified version of the software application for use on the cloud provider. The modification may include operations such as driver injection, file system mounting customization, customization of hostname-to-network address mappings, and boot image creation. Secure connections may also be established between the enterprise system and third-party provider to allow the application running on the third-party provider to access the services of the enterprise system.

35 Citations

View as Search Results

18 Claims

1. A computer-implemented method performed by an enterprise system for enabling a remote application server hosted by a cloud provider system to access services local to the enterprise system, the method comprising:
- establishing a first tunnel between the enterprise system and the cloud provider system;
  
  establishing a secure connection over the first tunnel, the secure connection being encrypted;
  
  obtaining configuration data from the cloud provider system over the secure connection, the configuration data including information on one or more services local to the enterprise system, the obtaining comprising sending a packet containing a file copy command to be executed by a process implementing the secure connection, wherein the process implementing the secure connection is SSH (Secure Shell), and the file copy command is the SSH copy command; and
  
  enabling access to the one or more services by the remote application server, using the obtained configuration data.
- View Dependent Claims (2, 3, 4, 17, 18)
- - 2. The computer-implemented method of claim 1, further comprising:
    - receiving a request for one of the services from the remote application server; and
      
      responsive to the enabling;
      
      invoking the requested service, andproviding a result of the invocation of the requested service to the remote application server over the secure connection.
  - 3. The computer-implemented method of claim 1, wherein establishing the first tunnel comprises:
    - receiving, from the cloud provider system, public address information of a tunneling module of the cloud provider system; and
      
      establishing forwarding of packets received by a tunneling module of the enterprise system on a first port, to a public network address of the tunneling module on a second port specified in the public address information.
  - 4. The computer-implemented method of claim 3, wherein establishing the secure connection comprises:
    - sending a request for the secure connection to the tunneling module of the enterprise system, a body of the request including a private network address of the remote application server; and
      
      forwarding the request from the tunneling module of the enterprise system over the first tunnel to the tunneling module of the cloud provider system.
  - 17. The computer-implemented method of claim 1, further comprising establishing a second tunnel between the remote application server hosted by the cloud provider system and an application server of the enterprise system.
  - 18. The computer-implemented method of claim 1, further comprising:
    - for at least one source system of a plurality of source systems of the enterprise system that together provide an enterprise-based computer software application to users;
      
      obtaining configuration information associated with the source system;
      
      obtaining file system information describing one or more file systems of the source system, a first one of the file systems storing operating system files in a boot directory;
      
      replicating the file systems and files of the file systems within a cloud manager system located remotely from the enterprise system, using the obtained file system information;
      
      identifying, based on a version of an operating system of the source system, a set of boot files;
      
      replacing operating system files in the boot directory of the first one of the replicated file systems with the identified set of boot files;
      
      causing generation of an image of the source system using the obtained configuration information and the replaced files in the boot directory of the replicated file system, the generated image executable within a virtual machine of the remote application server hosted by the cloud provider system; and
      
      receiving a plurality of requests to execute the enterprise-based application on the remote application server hosted by the cloud provider system; and
      
      for each of the plurality of requests, causing the remote application server to execute the images generated for the plurality of source systems; and
      
      wherein the requests cause the executed images to request the services local to the enterprise system.

5. A non-transitory computer-readable storage medium storing instructions executable by a processor, the instructions comprising:
- instructions for establishing a first tunnel between the enterprise system and the cloud provider system;
  
  instructions for establishing a secure connection over the first tunnel;
  
  instructions for obtaining configuration data from the cloud provider system over the secure connection, the configuration data including information on one or more services local to the enterprise system, the obtaining comprising sending a packet containing a file copy command to be executed by a process implementing the secure connection, wherein the process implementing the secure connection is SSH (Secure Shell), and the file copy command is the SSH copy command; and
  
  instructions for enabling access to the one or more services by the remote application server, using the obtained configuration data.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The non-transitory computer-readable storage medium of claim 5, the instructions further comprising:
    - instructions for receiving a request for one of the services from the remote application server; and
      
      instructions for, responsive to the enabling;
      
      invoking the requested service, andproviding a result of the invocation of the requested service to the remote application server over the secure connection.
  - 7. The non-transitory computer-readable storage medium of claim 5, wherein establishing the first tunnel comprises:
    - receiving, from the cloud provider system, public address information of a tunneling module of the cloud provider system; and
      
      establishing forwarding of packets received by a tunneling module of the enterprise system on a first port, to a public network address of the tunneling module on a second port specified in the public address information.
  - 8. The non-transitory computer-readable storage medium of claim 7, wherein establishing the secure connection comprises:
    - sending a request for the secure connection to the tunneling module of the enterprise system, a body of the request including a private network address of the remote application server; and
      
      forwarding the request from the tunneling module of the enterprise system over the first tunnel to the tunneling module of the cloud provider system.
  - 9. The non-transitory computer-readable storage medium of claim 5, the instructions further comprising instructions for establishing a second tunnel between the remote application server hosted by the cloud provider system and an application server of the enterprise system.
  - 10. The non-transitory computer-readable storage medium of claim 5, the instructions further comprising:
    - instructions for, for at least one source system of a plurality of source systems of the enterprise system that together provide an enterprise-based computer software application to users;
      
      obtaining configuration information associated with the source system;
      
      obtaining file system information describing one or more file systems of the source system, a first one of the file systems storing operating system files in a boot directory;
      
      replicating the file systems and files of the file systems within a cloud manager system located remotely from the enterprise system, using the obtained file system information;
      
      identifying, based on a version of an operating system of the source system, a set of boot files;
      
      replacing operating system files in the boot directory of the first one of the replicated file systems with the identified set of boot files;
      
      causing generation of an image of the source system using the obtained configuration information and the replaced files in the boot directory of the replicated file system, the generated image executable within a virtual machine of the remote application server hosted by the cloud provider system; and
      
      instructions for receiving a plurality of requests to execute the enterprise-based application on the remote application server hosted by the cloud provider system; and
      
      instructions for, for each of the plurality of requests, causing the remote application server to execute the images generated for the plurality of source systems; and
      
      instructions for wherein the requests cause the executed images to request the services local to the enterprise system.

11. A computer system comprising:
- a computer processor; and
  
  a computer program stored on a non-transitory computer-readable storage medium and executable by the computer processor, and comprising;
  
  instructions for establishing a first tunnel between the enterprise system and the cloud provider system;
  
  instructions for establishing a secure connection over the first tunnel;
  
  instructions for obtaining configuration data from the cloud provider system over the secure connection, the configuration data including information on one or more services local to the enterprise system, the obtaining comprising sending a packet containing a file copy command to be executed by a process implementing the secure connection, wherein the process implementing the secure connection is SSH (Secure Shell), and the file copy command is the SSH copy command; and
  
  instructions for enabling access to the one or more services by the remote application server, using the obtained configuration data.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The computer system of claim 11, the computer program further comprising:
    - instructions for receiving a request for one of the services from the remote application server; and
      
      instructions for, responsive to the enabling;
      
      invoking the requested service, andproviding a result of the invocation of the requested service to the remote application server over the secure connection.
  - 13. The computer system of claim 11, wherein establishing the first tunnel comprises:
    - receiving, from the cloud provider system, public address information of a tunneling module of the cloud provider system; and
      
      establishing forwarding of packets received by a tunneling module of the enterprise system on a first port, to a public network address of the tunneling module on a second port specified in the public address information.
  - 14. The computer system of claim 13, wherein establishing the secure connection comprises:
    - sending a request for the secure connection to the tunneling module of the enterprise system, a body of the request including a private network address of the remote application server; and
      
      forwarding the request from the tunneling module of the enterprise system over the first tunnel to the tunneling module of the cloud provider system.
  - 15. The computer system of claim 11, the non-transitory computer-readable storage medium further comprising instructions for establishing a second tunnel between the remote application server hosted by the cloud provider system and an application server of the enterprise system.
  - 16. The computer system of claim 11, the non-transitory computer-readable storage medium further comprising:
    - instructions for, for at least one source system of a plurality of source systems of the enterprise system that together provide an enterprise-based computer software application to users;
      
      obtaining configuration information associated with the source system;
      
      obtaining file system information describing one or more file systems of the source system, a first one of the file systems storing operating system files in a boot directory;
      
      replicating the file systems and files of the file systems within a cloud manager system located remotely from the enterprise system, using the obtained file system information;
      
      identifying, based on a version of an operating system of the source system, a set of boot files;
      
      replacing operating system files in the boot directory of the first one of the replicated file systems with the identified set of boot files;
      
      causing generation of an image of the source system using the obtained configuration information and the replaced files in the boot directory of the replicated file system, the generated image executable within a virtual machine of the remote application server hosted by the cloud provider system; and
      
      instructions for receiving a plurality of requests to execute the enterprise-based application on the remote application server hosted by the cloud provider system; and
      
      instructions for, for each of the plurality of requests, causing the remote application server to execute the images generated for the plurality of source systems; and
      
      instructions for wherein the requests cause the executed images to request the services local to the enterprise system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vmware LLC (Broadcom, Inc.)
Original Assignee
CloudVelox, Inc. (Broadcom, Inc.)
Inventors
Chin, Jun Kang, Iyengar, Anand, Chawla, Rajeev, Chawla, Raman, Tsirigotis, Panagiotis, Shao, Chung-Shang
Primary Examiner(s)
BOUTAH, ALINA A

Application Number

US14/144,485
Time in Patent Office

1,177 Days
Field of Search

709201-203, 709217-219, 709/220, 709227-229, 709249-250, 726/14, 726/1, 726/11, 726/27
US Class Current

1/1
CPC Class Codes

G06F 8/76   Adapting program code to ru...

G06F 9/45533   Hypervisors; Virtual machin...

H04L 63/00   Network architectures or ne...

H04L 63/0272   Virtual private networks

H04L 63/0428   wherein the data content is...

H04L 67/34   involving the movement of s...

Automated establishment of access to remote services

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Automated establishment of access to remote services

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links