公开(公告)号：US09244969B1

公开(公告)日：2016-01-26

申请号：US12828284

申请日：2010-06-30

Applicant: Philip C. Love ,  Udaya Bhaskar Yalamanchi ,  Per Brashers

Inventor： Philip C. Love ,  Udaya Bhaskar Yalamanchi ,  Per Brashers

IPC: G06F17/30

CPC classification number: G06F17/30386 ,  G06F9/46 ,  G06F17/30194 ,  G06F17/30233

Abstract: A method, article of manufacture, and apparatus for mounting virtual machine disks. In some embodiments, this includes accessing, by a client, a first repository of virtual machine disks, selecting a virtual machine disk from the first repository, using a file level referral to redirect the client to a second repository, receiving the selected virtual machine disk from the second repository.

Abstract translation: 一种用于安装虚拟机盘的方法，制品和装置。 在一些实施例中，这包括由客户端访问虚拟机磁盘的第一存储库，从第一存储库中选择虚拟机磁盘，使用文件级引用将客户端重定向到第二存储库，接收所选择的虚拟机磁盘 从第二个存储库。

公开(公告)号：US08086585B1

公开(公告)日：2011-12-27

申请号：US12242618

申请日：2008-09-30

Applicant: Per Brashers ,  Sorin Faibish ,  Jason Glasgow ,  Xiaoye Jiang ,  Mario Wurzl

Inventor： Per Brashers ,  Sorin Faibish ,  Jason Glasgow ,  Xiaoye Jiang ,  Mario Wurzl

IPC: G06F17/30

CPC classification number: G06F17/30097 ,  G06F17/30171

Abstract: For enhanced access control, a client includes a token in each read or write command sent to a block storage device. The block storage device evaluates the token to determine whether or not read or write access is permitted at a specified logical block address. For example, the token is included in the logical block address field of a SCSI read or write command. The client may compute the token as a function of the logical block address of a data block to be accessed, or a metadata server may include the token in each block address of each extent reported to the client in response to a metadata request. For enhanced security, the token also is a function of a client identifier, a logical unit number, and access rights of the client to a particular extent of file system data blocks.

Abstract translation: 对于增强的访问控制，客户端在发送到块存储设备的每个读取或写入命令中包含令牌。 块存储设备评估令牌以确定在指定的逻辑块地址是否允许读取或写入访问。 例如，令牌包含在SCSI读或写命令的逻辑块地址字段中。 客户端可以根据要访问的数据块的逻辑块地址来计算令牌，或者元数据服务器可以响应于元​​数据请求向客户端报告的每个区段的每个块地址中包括令牌。 为了增强安全性，令牌还是客户端标识符，逻辑单元号以及客户端对文件系统数据块的特定范围的访问权限的函数。

公开(公告)号：US09497257B1

公开(公告)日：2016-11-15

申请号：US12828277

申请日：2010-06-30

Applicant: Philip C. Love ,  Udaya Bhaskar Yalamanchi ,  Per Brashers

Inventor： Philip C. Love ,  Udaya Bhaskar Yalamanchi ,  Per Brashers

IPC: G06F15/16 ,  H04L29/08 ,  G06F15/173

CPC classification number: H04L67/06 ,  G06F9/45558 ,  G06F2009/45579 ,  H04L67/1097 ,  H04L67/2814 ,  H04L67/2823

Abstract: A method, article of manufacture, and apparatus for accessing data. In some embodiments, this includes sending an I/O request from a client to a first server, determining, by the first server, if an object requested is in the first server, and redirecting the client to a second server if the object is not in the first server.

Abstract translation: 用于访问数据的方法，制品和设备。 在一些实施例中，这包括从客户端向第一服务器发送I / O请求，由第一服务器确定所请求的对象是否在第一服务器中，并且如果对象不是，将客户端重定向到第二服务器 在第一台服务器。

公开(公告)号：US08819344B1

公开(公告)日：2014-08-26

申请号：US11836735

申请日：2007-08-09

Applicant: Sorin Faibish ,  Per Brashers ,  James Pedone ,  Jason Glasgow ,  Xiaoye Jiang

Inventor： Sorin Faibish ,  Per Brashers ,  James Pedone ,  Jason Glasgow ,  Xiaoye Jiang

IPC: G06F12/10

CPC classification number: G06F3/0689 ,  G06F3/061 ,  G06F3/064 ,  G06F3/0659 ,  G06F3/067 ,  G06F11/1076

Abstract: A data processing system includes host data processors, a data storage system including data storage shared among the host data processors, and a data switch coupling the host data processors to the data storage system. The data storage system has host adapter ports coupled to the data switch. The data switch is programmed for distributing block I/O requests from the host data processors over the operable host adapter ports for load balancing of the block I/O requests among the operable host adapter ports. The shared data storage can be a file system striped across RAID sets of disk drives for load balancing upon disk director ports of the data storage system. The data processing system can be expanded by adding more data storage systems, switches for the additional data storage systems, and switches for routing block I/O requests from the host processors to the data storage systems.

Abstract translation: 数据处理系统包括主机数据处理器，包括在主机数据处理器之间共享的数据存储器的数据存储系统以及将主机数据处理器耦合到数据存储系统的数据交换机。 数据存储系统具有耦合到数据交换机的主机适配器端口。 数据交换机被编程为通过可操作的主机适配器端口从主机数据处理器分发块I / O请求，以便在可操作的主机适配器端口之间进行块I / O请求的负载平衡。 共享数据存储可以是跨RAID磁盘阵列分割的文件系统，用于在数据存储系统的磁盘导向器端口上进行负载平衡。 可以通过添加更多的数据存储系统，用于附加数据存储系统的交换机和用于将块I / O请求从主机处理器路由到数据存储系统的交换机来扩展数据处理系统。

公开(公告)号：US07930487B1

公开(公告)日：2011-04-19

申请号：US11854616

申请日：2007-09-13

Applicant: Sorin Faibish ,  Per Brashers ,  Jason Glasgow

Inventor： Sorin Faibish ,  Per Brashers ,  Jason Glasgow

IPC: G06F12/00

CPC classification number: G06F21/805

Abstract: An access control agent is advantageously deployed at a host device to prevent malicious use of a storage system by unauthorized hosts and users. In one embodiment the access control agent is disposed in a processing path between the application and the storage device. An application is mounted as an image file by a loop device to provide a virtual file system. The virtual file system is populated with access control information for each block of the file. Application I/O requests are mapped to physical blocks of the storage by the loop device, and the access control information is used to filter the access requests to preclude unauthorized requests from being forwarded to the storage client (and consequently the storage devices). With such an arrangement, access rights can be determined at I/O accesses, file and block granularity for each user.

Abstract translation: 访问控制代理有利地部署在主机设备中，以防止未经授权的主机和用户恶意使用存储系统。 在一个实施例中，访问控制代理被布置在应用程序和存储设备之间的处理路径中。 应用程序通过循环设备作为映像文件安装，以提供虚拟文件系统。 虚拟文件系统填充有文件的每个块的访问控制信息。 应用程序I / O请求被环路设备映射到存储的物理块，并且访问控制信息用于过滤访问请求，以防止未经授权的请求被转发到存储客户端（以及因此存储设备）。 通过这样的安排，可以在I / O访问，每个用户的文件和块粒度上确定访问权限。

公开(公告)号：US08595586B2

公开(公告)日：2013-11-26

申请号：US13456102

申请日：2012-04-25

Applicant: Dhrubajyoti Borthakur ,  Per Brashers ,  Jason Matthew Taylor

Inventor： Dhrubajyoti Borthakur ,  Per Brashers ,  Jason Matthew Taylor

IPC: H03M13/00

CPC classification number: G06F11/2053 ,  G06F11/1076 ,  G06F2211/1028

Abstract: Fault-tolerant storage is provided using a distributed data storage system that receives input data from clients and divides that data into data blocks for storage. The data blocks are processed using a coding scheme that generates redundant level one error correction blocks (L1EC Blocks). The L1EC blocks enable the reconstruction of one or more damaged or inaccessible data blocks, so long as sufficient undamaged elements are still accessible. The L1EC blocks and the data blocks are divided into distribution sets and these sets are stored at a plurality of data storage locations. At each data storage location additional level two error correction blocks (L2EC blocks) are generated that provide local data redundancy. The L2EC blocks enable reconstruction of damaged elements at a data storage location without requiring communication with the other data storage locations.

Abstract translation: 使用分布式数据存储系统提供容错存储，该系统从客户端接收输入数据，并将该数据划分成数据块进行存储。 使用生成冗余级别1错误校正块（L1EC块）的编码方案来处理数据块。 只要足够的未损坏的元素仍然可以访问，L1EC块可以重构一个或多个损坏或无法访问的数据块。 L1EC块和数据块被划分为分布集合，并且这些集合被存储在多个数据存储位置。 在每个数据存储位置，生成提供本地数据冗余的附加级别的两个纠错块（L2EC块）。 L2EC模块能够在数据存储位置重建损坏的元件，而不需要与其他数据存储位置进行通信。

公开(公告)号：US20130290805A1

公开(公告)日：2013-10-31

申请号：US13456102

申请日：2012-04-25

Applicant: Dhrubajyoti Borthakur ,  Per Brashers ,  Jason Matthew Taylor

Inventor： Dhrubajyoti Borthakur ,  Per Brashers ,  Jason Matthew Taylor

IPC: H03M13/05 ,  G06F11/10

CPC classification number: G06F11/2053 ,  G06F11/1076 ,  G06F2211/1028

Abstract: Fault-tolerant storage is provided using a distributed data storage system that receives input data from clients and divides that data into data blocks for storage. The data blocks are processed using a coding scheme that generates redundant level one error correction blocks (L1EC Blocks). The L1EC blocks enable the reconstruction of one or more damaged or inaccessible data blocks, so long as sufficient undamaged elements are still accessible. The L1EC blocks and the data blocks are divided into distribution sets and these sets are stored at a plurality of data storage locations. At each data storage location additional level two error correction blocks (L2EC blocks) are generated that provide local data redundancy. The L2EC blocks enable reconstruction of damaged elements at a data storage location without requiring communication with the other data storage locations.

Abstract translation: 使用分布式数据存储系统提供容错存储，该系统从客户端接收输入数据，并将该数据划分成数据块进行存储。 使用生成冗余级别1错误校正块（L1EC块）的编码方案来处理数据块。 只要足够的未损坏的元素仍然可以访问，L1EC块可以重构一个或多个损坏或无法访问的数据块。 L1EC块和数据块被划分为分布集合，并且这些集合被存储在多个数据存储位置。 在每个数据存储位置，生成提供本地数据冗余的附加级别的两个纠错块（L2EC块）。 L2EC模块能够在数据存储位置重建损坏的元件，而不需要与其他数据存储位置进行通信。

公开(公告)号：US08555014B1

公开(公告)日：2013-10-08

申请号：US12005640

申请日：2007-12-27

Applicant: James M. Pedone, Jr. ,  Sorin Faibish ,  Xiaoye Jiang ,  Per Brashers ,  Jason R. Glasgow

Inventor： James M. Pedone, Jr. ,  Sorin Faibish ,  Xiaoye Jiang ,  Per Brashers ,  Jason R. Glasgow

IPC: G06F12/00

CPC classification number: G06F9/468 ,  G06F3/0611 ,  G06F3/0622 ,  G06F3/0659 ,  G06F3/067

Abstract: Embodiments of the present invention provide a method of managing access of multiple client computers to a storage system that supports a limited number of logins. The method comprises, in response to a request to enable a subset of the clients to access resources of the storage system to perform a task, automatically configuring the storage system to provide the subset of the clients access to the resources, and, when the task is completed, automatically re-configuring the storage system so that the subset of the clients is no longer provided with access to the resources of the storage system.

Abstract translation: 本发明的实施例提供了一种管理多个客户端计算机到支持有限数量登录的存储系统的访问的方法。 该方法包括响应于使得客户端子集能够访问存储系统的资源以执行任务的请求，自动地配置存储系统以提供客户端子集对资源的访问，以及当任务 完成后，自动重新配置存储系统，以便客户端的子集不再被提供给存储系统资源的访问。

公开(公告)号：US09239860B1

公开(公告)日：2016-01-19

申请号：US12828279

申请日：2010-06-30

Applicant: Philip C. Love ,  Udaya Bhaskar Yalamanchi ,  Per Brashers

Inventor： Philip C. Love ,  Udaya Bhaskar Yalamanchi ,  Per Brashers

IPC: G06F17/30

CPC classification number: G06F17/30424 ,  G06F17/30194 ,  G06F17/30233

Abstract: A method, article of manufacture, and apparatus for linking data. In some embodiments, this includes creating a virtual directory in a first server, creating a symbolic link for an object in the virtual directory, and storing the symbolic link in the first server. In some embodiments, the symbolic link is unknown to a client until the client requests access to the object.

Abstract translation: 一种用于链接数据的方法，制品和装置。 在一些实施例中，这包括在第一服务器中创建虚拟目录，为虚拟目录中的对象创建符号链接，以及将符号链接存储在第一服务器中。 在一些实施例中，在客户端请求对对象的访问之前，客户端的符号链接是未知的。

公开(公告)号：US20140052764A1

公开(公告)日：2014-02-20

申请号：US13585967

申请日：2012-08-15

Applicant: Amir Meir Michael ,  Song Liu ,  Jason Matthew Taylor ,  Yael Maguire ,  Per Brashers ,  Eitan Frachtenberg

Inventor： Amir Meir Michael ,  Song Liu ,  Jason Matthew Taylor ,  Yael Maguire ,  Per Brashers ,  Eitan Frachtenberg

IPC: G06F17/30

CPC classification number: G06F17/30168 ,  G06F17/30194 ,  G06F17/30221

Abstract: A file storage system may be implemented by coordinating non-exhaustible and exhaustible storage devices. The exhaustible storage devices may be lower grade flash based storage devices. The non-exhaustible storage devices may be storage devices based on magnetic recording mechanisms or higher grade flash storage. The file storage system may store received content items on the exhaustible storage devices. The file storage system may additionally store metadata for the content items and/or the file storage system on the non-exhaustible storage devices. During operation, the file storage system may globally optimize the content items on the exhaustible storage devices such that more heavily accessed items are moved to exhaustible storage devices that have experienced relatively few data operations. The file storage system can move less frequently accessed content items to exhaustible storage devices that have experienced a relatively large number of data operations. As such, the operation lifetime of the exhaustible storage devices as a whole can be prolonged.

Abstract translation: 文件存储系统可以通过协调不可耗尽和可耗尽的存储设备来实现。 可耗尽的存储设备可以是较低级别的闪存存储设备。 不可耗尽的存储设备可以是基于磁记录机构或更高等级的闪存存储的存储设备。 文件存储系统可以将可接收的内容项存储在可耗尽的存储设备上。 文件存储系统还可以在不可耗尽的存储设备上存储用于内容项目和/或文件存储系统的元数据。 在操作期间，文件存储系统可以全局优化可耗尽存储设备上的内容项目，使得更多访问的项目被移动到经历相对较少的数据操作的可耗尽的存储设备。 文件存储系统可以将经常访问的内容项目移动到经历相对大量数据操作的可耗尽存储设备。 因此，可以延长整个可消耗的存储装置的操作寿命。