Securing live migration of a virtual machine from a secure virtualized computing environment, over an unsecured network, to a different virtualized computing environment
First Claim
1. A method for secure live migration of a virtual machine (VM) in a virtualized computing environment, the method comprising:
- selecting a VM in a secure virtualized computing environment for live migration to a different virtualized computing environment coupled to the secure virtualized environment over an unsecured computer communications network and blocking data communications between the selected VM and other VMs in the secure virtualized computing environment;
live migrating the selected VM to the different virtualized computing environment and restarting the selected VM in the different virtualized computing environment;
establishing a secure communicative link between the different virtualized computing environment and the secure virtualized computing environment; and
,enabling data communications between the restarted VM and the other VMs over the secure communicative link.
1 Assignment
0 Petitions
Accused Products
Abstract
In an embodiment of the invention, a method for secure live migration of a virtual machine (VM) in a virtualized computing environment can include selecting a VM in a secure virtualized computing environment for live migration to a different virtualized computing environment and blocking data communications with the selected VM and other VMs in the secure virtualized computing environment. The selected VM can be live migrated to the different virtualized computing environment and the VM can be restarted in the different virtualized computing environment. Notably, a secure communicative link can be established between the restarted VM and at least one other of the VMs in the secure virtualized computing environment. Finally, data communications between the restarted VM and the at least one other of the VMs can be enabled over the secure communicative link.
-
Citations
6 Claims
-
1. A method for secure live migration of a virtual machine (VM) in a virtualized computing environment, the method comprising:
-
selecting a VM in a secure virtualized computing environment for live migration to a different virtualized computing environment coupled to the secure virtualized environment over an unsecured computer communications network and blocking data communications between the selected VM and other VMs in the secure virtualized computing environment; live migrating the selected VM to the different virtualized computing environment and restarting the selected VM in the different virtualized computing environment; establishing a secure communicative link between the different virtualized computing environment and the secure virtualized computing environment; and
,enabling data communications between the restarted VM and the other VMs over the secure communicative link. - View Dependent Claims (2, 3, 4)
-
-
5. A virtualized computing data processing system comprising:
-
a secure virtualized computing environment comprising a host server including a hypervisor managing a plurality of virtual machines (VMs) within the secure virtualized computing environment; a different virtualized computing environment coupled to the secure virtualized environment over an unsecured computer communications network, the different virtualized computing environment comprising a host server including a hypervisor managing a plurality of VMs within the different virtualized computing environment; and live migration logic executing in a computer and communicating with each of the secure virtualized computing environment and the different virtualized computing environment, the logic comprising program code enabled to select one of the VMs in the secure virtualized computing environment for live migration to the different virtualized computing environment and to block data communications between the selected VM and other VMs in the secure virtualized computing environment, to live migrate the selected VM to the different virtualized computing environment and to restart the selected VM in the different virtualized computing environment, to establish a secure communicative link between the different virtualized computing environment and the secure virtualized computing environment, and to enable data communications between the restarted VM and the other VMs in the secure virtualized computing environment over the secure communicative link. - View Dependent Claims (6)
-
Specification