Creating and maintaining multi-tenant applications in a platform-as-a-service (PaaS) environment of a cloud computing system
First Claim
1. A method, comprising:
- receiving, by a processing device of a virtual machine (VM) executing on a computing device in a Platform as a Service (PaaS) environment of a cloud computing system, a request to start an application on the VM, wherein the VM executes a plurality of multi-tenant applications that are each different software applications and each correspond to application owners that are different than an application owner of the requested application;
in response to receiving the request to start the application, creating, by the VM, a plurality of unique kernel namespace directories for a respective plurality of owners of the application, wherein each unique kernel namespace directory of the plurality of the unique kernel namespace directories corresponds to a separate owner of the plurality of owners of the application, wherein the plurality of unique kernel namespace directories for the plurality of owners of the application correspond to directories of an OS of the VM, and wherein each of the unique kernel namespace directories is different than other unique namespace directories corresponding to the plurality of owners of the application;
isolating resources of the application to the corresponding unique kernel namespace directories of the application;
providing, by the processing device of the VM, identification of the created unique namespace directories to the application, wherein the application does not update code of the application to access the unique kernel namespace directories of the application;
receiving, by the VM from the application, an access request to one of the directories on the OS;
mapping, by the VM, the requested directory to a corresponding unique kernel namespace directory of the application;
directing, by the VM in response to the access request, the application to the corresponding unique kernel namespace directory; and
wherein when the application is executed on the VM, the plurality of unique namespace directories corresponding to the plurality of owners of the application cause resources of the application to be isolated from other owners of the plurality of multi-tenant applications executing on the VM.
1 Assignment
0 Petitions
Accused Products
Abstract
A mechanism for creating and maintaining multi-tenant applications in a Platform-as-a-Service (PaaS) environment of a cloud computing system is disclosed. A method includes receiving, by a virtual machine (VM), a request to start an application on the VM, wherein the VM hosts multi-tenant applications associated with owners different than an owner of the requested application, creating unique kernel namespace directories for the application, wherein each unique kernel namespace directory corresponds to one of a plurality of standard directories on an OS of the VM, providing identification of the created unique namespace directories to the application, wherein the application does not update code of the application to access the unique kernel namespace directories, receiving an access request to one of the standard directories, mapping the requested standard directory to a corresponding unique kernel namespace directory of the application, and directing the application to the corresponding unique kernel namespace directory.
60 Citations
20 Claims
-
1. A method, comprising:
-
receiving, by a processing device of a virtual machine (VM) executing on a computing device in a Platform as a Service (PaaS) environment of a cloud computing system, a request to start an application on the VM, wherein the VM executes a plurality of multi-tenant applications that are each different software applications and each correspond to application owners that are different than an application owner of the requested application; in response to receiving the request to start the application, creating, by the VM, a plurality of unique kernel namespace directories for a respective plurality of owners of the application, wherein each unique kernel namespace directory of the plurality of the unique kernel namespace directories corresponds to a separate owner of the plurality of owners of the application, wherein the plurality of unique kernel namespace directories for the plurality of owners of the application correspond to directories of an OS of the VM, and wherein each of the unique kernel namespace directories is different than other unique namespace directories corresponding to the plurality of owners of the application; isolating resources of the application to the corresponding unique kernel namespace directories of the application; providing, by the processing device of the VM, identification of the created unique namespace directories to the application, wherein the application does not update code of the application to access the unique kernel namespace directories of the application; receiving, by the VM from the application, an access request to one of the directories on the OS; mapping, by the VM, the requested directory to a corresponding unique kernel namespace directory of the application; directing, by the VM in response to the access request, the application to the corresponding unique kernel namespace directory; and wherein when the application is executed on the VM, the plurality of unique namespace directories corresponding to the plurality of owners of the application cause resources of the application to be isolated from other owners of the plurality of multi-tenant applications executing on the VM. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. An apparatus, comprising:
-
a memory; a processing device communicably coupled to the memory; and a virtual machine (VM), in a Platform as a Service (PaaS) environment of a cloud computing system, to virtualize resources of the memory and the processing device, the VM to; receive a request to start an application on the VM, wherein the VM executes a plurality of multi-tenant applications that are each different software applications and each correspond to application owners that are different than an application owner of the requested application; in response to receiving the request to start the application, create a plurality of unique kernel namespace directories for a respective plurality of owners of the application, wherein each unique kernel namespace directory of the plurality of the unique kernel namespace directories corresponds to a separate owner of the plurality of owners of the application, wherein the plurality of unique kernel namespace directories for the plurality of owners of the application correspond to directories of an operating system (OS) of the VM, and wherein each of the unique kernel namespace directories is different than other unique namespace directories corresponding to the plurality of owners of the application; isolate resources of the application to the corresponding unique kernel namespace directories of the application; provide identification of the created unique namespace directories to the application, wherein the application does not update code of the application to access the unique kernel namespace directories of the application; receive, from the application, an access request to one of the directories on the OS; map the requested directory to a corresponding unique kernel namespace directory of the application; direct, in response to the access request, the application to the corresponding unique kernel namespace directory; and wherein when the application is executed on the VM, the plurality of unique namespace directories corresponding to the plurality of owners of the application cause resources of the application to be isolated from other owners of the plurality of multi-tenant applications executing on the VM. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory machine-readable storage medium including instructions that, when accessed by a processing device, cause the processing device to:
-
receive, by a virtual machine (VM) executing by the processing device on a computing device in a Platform as a Service (PaaS) environment of a cloud computing system, a request to start an application on the VM, wherein the VM executes a plurality of multi-tenant applications that are each different software applications and each correspond to application owners that are different than an application owner of the requested application; in response to receiving the request to start the application, create a plurality of unique kernel namespace directories for a respective plurality of owners of the application, wherein each unique kernel namespace directory of the plurality of the unique kernel namespace directories corresponds to a separate owner of the plurality of owners of the application, wherein the plurality of unique kernel namespace directories for the plurality of owners of the application correspond to directories of an operating system (OS) of the VM, and wherein each of the unique kernel namespace directories is different than other unique namespace directories corresponding to the plurality of owners of the application; isolate resources of the application to the corresponding unique kernel namespace directories of the application; provide, by the VM, identification of the created unique namespace directories to the application, wherein the application does not update code of the application to access the unique kernel namespace directories of the application; receive, by the VM from the application, an access request to one of the directories on the OS; map, by the VM, the requested directory to a corresponding unique kernel namespace directory of the application; direct, by the VM in response to the access request, the application to the corresponding unique kernel namespace directory; and wherein when the application is executed on the VM, the plurality of unique namespace directories corresponding to the plurality of owners of the application cause resources of the application to be isolated from other owners of the plurality of multi-tenant applications executing on the VM. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification