Using different TCP/IP stacks for different tenants on a multi-tenant host
First Claim
1. A method of separating tenant data on an electronic computing device that implements a plurality of virtual machines (VMs) for a plurality of tenants, the method comprising:
- implementing a plurality of TCP/IP stack processors, on the electronic computing device, outside of any VMs;
for a first set of non-tenant VM processes implemented for a first tenant, sending data from the first set of processes through a first TCP/IP stack processor; and
for a second set of non-tenant VM processes implemented for a second tenant, sending data from the second set of processes through a second TCP/IP stack processor,wherein the first and second sets of processes execute outside of any tenant VM.
1 Assignment
0 Petitions
Accused Products
Abstract
Multiple TCP/IP stack processors on a host. The multiple TCP/IP stack processors are provided independently of TCP/IP stack processors implemented by virtual machines on the host. The TCP/IP stack processors provide multiple different default gateway addresses for use with multiple processes. The default gateway addresses allow a service to communicate across an L3 network. Processes outside of virtual machines that utilize the TCP/IP stack processor on a first host can benefit from using their own gateway, and communicate with their peer process on a second host, regardless of whether the second host is located within the same subnet or a different subnet. The multiple TCP/IP stack processors can use separately allocated resources. Separate TCP/IP stack processors can be provided for each of multiple tenants on the host. Separate loopback interfaces of multiple TCP/IP stack processors can be used to create separate containment for separate sets of processes on a host.
47 Citations
20 Claims
-
1. A method of separating tenant data on an electronic computing device that implements a plurality of virtual machines (VMs) for a plurality of tenants, the method comprising:
-
implementing a plurality of TCP/IP stack processors, on the electronic computing device, outside of any VMs; for a first set of non-tenant VM processes implemented for a first tenant, sending data from the first set of processes through a first TCP/IP stack processor; and for a second set of non-tenant VM processes implemented for a second tenant, sending data from the second set of processes through a second TCP/IP stack processor, wherein the first and second sets of processes execute outside of any tenant VM. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory machine readable medium storing a program which when executed by at least one processing unit separates tenant data on an electronic computing device that implements virtual machines (VMs) for a plurality of tenants, the program comprising sets of instructions for:
-
implementing a plurality of TCP/IP stack processors, on the electronic computing device, outside of any VMs; for a first set of non-tenant VM processes implemented for a first tenant, sending data from the first set of processes through a first TCP/IP stack processor; and for a second set of non-tenant VM processes implemented for a second tenant, sending data from the second set of processes through a second TCP/IP stack processor, wherein the first and second sets of processes execute outside of any tenant VM. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. An electronic device that implements a plurality of virtual machines (VMs) for a plurality of tenants, the electronic device comprising:
-
at least one processing unit; a non-transitory machine readable medium storing a program which when executed by the processing unit keeps the tenant data of each tenant separate from the tenant data of other tenants, the program comprising sets of instructions for; implementing a plurality of TCP/IP stack processors, on the electronic computing device, outside of any VMs; for a first set of non-tenant VM processes implemented for a first tenant, sending data from the first set of processes through a first TCP/IP stack processor to prevent data from being sent to a second tenant; and for a second set of non-tenant VM processes implemented for the second tenant, sending data from the second set of processes through a second TCP/IP stack processor to prevent data from being sent to the first tenant wherein the first and second sets of processes execute outside of any tenant VM. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification