External health checking of virtual private cloud network environments
First Claim
1. A system for verifying functionality of computing devices within a virtual private cloud network environment (VPC), wherein the VPC includes one or more virtual computing devices arranged within a virtualized local area network, the virtualized local area network generated by a substrate network hosting the VPC, the system comprising:
- at least one first computing device implementing a health check system, wherein the health check system is external to the VPC and is configured with computer-executable instructions to;
generate health check data for transmission to a target virtual computing device within the VPC, wherein the health check data is generated to elicit an expected response from the target virtual computing device;
associate the health check data with an identifier of the VPC; and
transmit the health check data and associated identifier to a communications manager in communication with the health checking system and the VPC;
at least one second computing device implementing the communications manager, wherein the communications manager is external to the VPC and is configured with computer-executable instructions to;
obtain the health check data from the health check system;
determine, from at least the identifier of the VPC, a network address of the substrate network that is assigned to an endpoint of the VPC; and
transmit the health check data to the endpoint and;
at least one third computing device implementing the endpoint of the VPC, wherein the endpoint is configured with computer-executable instructions to;
obtain the health check data from the communications manager;
transmit the health check data to the target virtual computing device within the VPC;
obtain a response to the health check data; and
transmit the response to the health check system.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an external health checking system via a substrate network. The endpoint handles communications between the heath checking system and the VPC, and can modify data originating from the health checking system such that it appears to originate from the endpoint. Thus, from the viewpoint of the VPC, the endpoint itself may appear to be conducting health checking. Thus, external health checking can be used on a VPC without compromising the security of the VPC by requiring that a portion of the VPC be externally addressable.
1312 Citations
20 Claims
-
1. A system for verifying functionality of computing devices within a virtual private cloud network environment (VPC), wherein the VPC includes one or more virtual computing devices arranged within a virtualized local area network, the virtualized local area network generated by a substrate network hosting the VPC, the system comprising:
-
at least one first computing device implementing a health check system, wherein the health check system is external to the VPC and is configured with computer-executable instructions to; generate health check data for transmission to a target virtual computing device within the VPC, wherein the health check data is generated to elicit an expected response from the target virtual computing device; associate the health check data with an identifier of the VPC; and transmit the health check data and associated identifier to a communications manager in communication with the health checking system and the VPC; at least one second computing device implementing the communications manager, wherein the communications manager is external to the VPC and is configured with computer-executable instructions to; obtain the health check data from the health check system; determine, from at least the identifier of the VPC, a network address of the substrate network that is assigned to an endpoint of the VPC; and transmit the health check data to the endpoint and; at least one third computing device implementing the endpoint of the VPC, wherein the endpoint is configured with computer-executable instructions to; obtain the health check data from the communications manager; transmit the health check data to the target virtual computing device within the VPC; obtain a response to the health check data; and transmit the response to the health check system. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-implemented method for verifying functionality of computing devices within a virtual private cloud network environment (VPC), wherein the VPC includes one or more computing devices arranged within a virtualized local area network, the virtualized local area network generated by a substrate network hosting the VPC, the computer-implemented method comprising:
-
generating, at a health check system external to the VPC, health check data for transmission to a target computing device within the VPC; determining, at the health check system, an identifier of the VPC; routing, on the substrate network, the health check data from the health check system to an endpoint within the VPC, wherein the routing occurs based at least partly on the identifier of the VPC; modifying, at the endpoint, the health check data to designate the endpoint as a source of the health check data; transmitting the health check data from the endpoint to the target computing device within the VPC; obtaining, at the endpoint, a response from the target computing device; and routing the response, on the substrate network, from the endpoint to the health check system external to the VPC. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for verifying functionality of computing devices within a virtual private cloud network environment (VPC), wherein the VPC includes one or more computing devices arranged within a virtualized local area network, the virtualized local area network generated by a substrate network hosting the VPC, the system comprising:
-
one or more computing devices external to the VPC and configured with computer-executable instructions to; generate health check data for transmission to a target computing device within the VPC; route the health check data from the one or more computing devices external to the VPC to an endpoint of the VPC, wherein the routing occurs based at least partly on an identifier of the VPC; one or more computing device implementing the endpoint of the VPC, wherein one or more computing device implementing the endpoint of the VPC are configured with computer-executable instructions to; modify the health check data to designate the endpoint as a source of the health check data; transmit the health check data to the target computing device within the VPC; obtain a response from the target device; and transmit the response to the one or more computing devices external to the VPC. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification