Live migration of virtual machines in a hybrid network environment

US 9,197,489 B1
Filed: 03/30/2012
Issued: 11/24/2015
Est. Priority Date: 03/30/2012
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable storage medium having computer-executable instructions stored thereon that, when executed by a computer, cause the computer to:

establish a first network tunnel between a first border device in a private network and a second border device in a public network;

establish a second network tunnel between the source host computer and the first border device and a third network tunnel between the second border device and the target host computer;

initiate migration of one or more storage devices from the private network to the public network over the first network tunnel;

establish a secure communication channel through the first, second, and third network tunnels between a source host computer hosting a virtual machine in the private network and a target host computer in the public network;

perform a migration of the virtual machine from the source host computer to the target host computer utilizing the secure communication channel;

transfer a network address of the virtual machine from the source host computer to the target host computer via fast IP migration; and

resume operation of the virtual machine on the target host computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies are described herein for performing live migration of virtual machines in a hybrid network environment. A network tunnel infrastructure is established between a first network and a second network. A secure communication channel is then created over the network tunnel infrastructure between a source host computer hosting the virtual machine and a target host computer. Live migration of the virtual machine from the source host computer to the target host computer is performed using the secure communication channel, and the network address of the virtual machine is transferred to the target host computer. The operation of the fully migrated virtual machine may then be resumed on the target host computer.

96 Citations

View as Search Results

20 Claims

1. A non-transitory computer-readable storage medium having computer-executable instructions stored thereon that, when executed by a computer, cause the computer to:
- establish a first network tunnel between a first border device in a private network and a second border device in a public network;
  
  establish a second network tunnel between the source host computer and the first border device and a third network tunnel between the second border device and the target host computer;
  
  initiate migration of one or more storage devices from the private network to the public network over the first network tunnel;
  
  establish a secure communication channel through the first, second, and third network tunnels between a source host computer hosting a virtual machine in the private network and a target host computer in the public network;
  
  perform a migration of the virtual machine from the source host computer to the target host computer utilizing the secure communication channel;
  
  transfer a network address of the virtual machine from the source host computer to the target host computer via fast IP migration; and
  
  resume operation of the virtual machine on the target host computer.
- View Dependent Claims (2, 3)
- - 2. The computer-readable storage medium of claim 1, wherein establishing the secure communication channel comprises implementing a protocol adaptor to convert migration communication in a first protocol supported by a virtualization architecture of the source host computer to a second protocol supported by a virtualization architecture of the target host computer.
  - 3. The computer-readable storage medium of claim 1, having further computer-executable instructions stored thereon that cause the computer to:
    - call a first API of a mapping service to prepare a networking infrastructure in the private network and the public network for transfer of the network address of the virtual machine from the source host computer to the target host computer;
      
      call a second API of the mapping service to effect the transfer of the network address of the virtual machine from the source host computer to the target host computer; and
      
      call a third API of the mapping service to complete the transfer of the network address of the virtual machine from the source host computer to the target host computer.

4. A computer-implemented method of migrating a virtual machine, the method comprising executing instructions in a computer system to perform the operations of:
- establishing a communication channel between a source host computer hosting a virtual machine in a first network and a target host computer in a second network, the communication channel comprising a first network tunnel between the source host computer and a first border device accessible to the source host computer, a second network tunnel between the first border device and a second border device accessible to the target host computer host computer, and a third network tunnel between the second border device and the target host computer;
  
  performing a migration of the virtual machine from the source host computer to the target host computer utilizing the communication channel;
  
  transferring a network address of the virtual machine from the source host computer to the target host computer; and
  
  resuming operation of the virtual machine on the target host computer.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 5. The computer-implemented method of claim 4, wherein establishing the communication channel comprises implementing a protocol adaptor to convert migration communications in a first protocol supported by a virtualization architecture of the source host computer to a second protocol supported by a virtualization architecture of the target host computer.
  - 6. The computer-implemented method of claim 4, further comprising initiating migration of one or more storage devices between the first network and the second network over the network tunnel.
  - 7. The computer-implemented method of claim 4, wherein initiating migration of one or more storage devices comprises starting a first local storage device connected to the source host computer and a second local storage device connected to the target host computer in synchronous mode.
  - 8. The computer-implemented method of claim 4, wherein initiating migration of one or more storage devices comprises:
    - attaching the target host computer to a first network storage device in the first network;
      
      initiating a migration of a volume on the first network storage device to a second network storage device in the second network; and
      
      upon completion of the migration of the volume, attaching the target host computer to the second network storage device.
  - 9. The computer-implemented method of claim 4, wherein transferring the network address of the virtual machine to the target host computer comprises performing a fast IP migration of the network address.
  - 10. The computer-implemented method of claim 9, wherein performing the fast IP migration of the network address comprises:
    - calling a first API of a mapping service to prepare networking infrastructures in the first network and the second network for the transfer of the network address of the virtual machine from the source host computer to the target host computer;
      
      calling a second API of the mapping service to effect the transfer of the network address from the source host computer to the target host computer; and
      
      calling a third API of the mapping service to complete the transfer of the network address.
  - 11. The computer-implemented method of claim 10, wherein the first API call causes an address translation module on a host in the second network to operate in a fast polling mode, and wherein the third API call causes the address translation module on the host to return to normal operation.
  - 12. The computer-implemented method of claim 10, wherein each API call is split into an internal call for the networking infrastructure of the second network and an external call for the networking infrastructure of the first network.
  - 13. The computer-implemented method of claim 4, wherein transferring a network address of the virtual machine to the target host computer comprises:
    - establishing a redirection of network packets addressed to the virtual machine received at the source host computer across the network tunnel and to the target host computer for consumption by the virtual machine; and
      
      upon completion of a reconfiguration of a networking infrastructure of the first network and a networking infrastructure of the second network to effect transfer of the network address, tearing down the redirection.
  - 14. The computer-implemented method of claim 4, further comprising performing a pre-migration compatibility check to determine if live migration is possible between the source host computer and the target host computer.

15. A system for migrating a virtual machine in a hybrid network environment, the system comprising:
- one or more processors; and
  
  a main memory coupled to the one or more processors and configured with one or more software modules that cause the one or more processors toestablish a first network tunnel between a source host computer hosting a virtual machine and a first border device accessible to the source host computer,establish a second network tunnel between the first border device and a second border device accessible to a target host,establish a third network tunnel between the second border device and a target host computer,establish a secure communication channel between the source host computer and the target host computer over the first, second, and third network tunnels,perform a migration of the virtual machine from the source host computer to the target host computer utilizing the secure communication channel,transfer a network address of the virtual machine from the source host computer to the target host computer, andresume operation of the virtual machine on the target host computer.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The system of claim 15, wherein the secure communication channel comprises a protocol adaptor configured to convert migration communications in a first protocol supported by a virtualization architecture of the source host computer to a second protocol supported by a virtualization architecture of the target host computer.
  - 17. The system of claim 15, wherein the one or software module further cause the one or more processors to initiate migration of one or more storage devices between a private network and a public network over the second network tunnel.
  - 18. The system of claim 15, wherein the one or software module further cause the one or more processors to transfer the network address of the virtual machine to the target host computer via fast IP migration of the network address.
  - 19. The system of claim 15, wherein the source host computer hosting the virtual machine and the first border device are in a private network and the target host computer and the second border device are in a public network.
  - 20. The system of claim 15, wherein the source host computer hosting the virtual machine and the first border device are in a private network and the target host computer and the second border device are in a virtual private network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Vincent, Pradeep
Primary Examiner(s)
Patel, Chirag R

Application Number

US13/435,220
Time in Patent Office

1,334 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 2009/4557   Distribution of virtual mac...

G06F 2009/45595   Network integration; Enabli...

G06F 9/45558   Hypervisor-specific managem...

H04L 12/4641   Virtual LANs, VLANs, e.g. v...

H04L 41/0226   Mapping or translating mult...

H04L 63/0272   Virtual private networks

H04L 67/131   Protocols for games, networ...

H04L 67/148   Migration or transfer of se...

Live migration of virtual machines in a hybrid network environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

96 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Live migration of virtual machines in a hybrid network environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

96 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links