公开(公告)号：US09557792B1

公开(公告)日：2017-01-31

申请号：US13907073

申请日：2013-05-31

Applicant: Amazon Technologies, Inc.

Inventor： Nachiketh Rao Potlapally ,  James R. Hamilton

IPC: G06F1/28 ,  G06F9/50

CPC classification number: G06F1/329 ,  G06F1/20 ,  G06F1/26 ,  G06F1/3206 ,  G06F9/5088 ,  G06F9/5094 ,  G06F11/3062 ,  Y02D10/24

Abstract: Methods and apparatus for datacenter power management optimization are disclosed. Metrics, including workload data, thermal measurements and the like are collected from numerous endpoints within a datacenter. System profiles of a plurality of servers, and application workload profiles for various workloads, are stored. Based on analysis of collected metrics, power optimization operations comprising either workload scheduling operations, power configuration change operations, or both, are initiated.

Abstract translation: 披露了数据中心功率管理优化的方法和装置。 从数据中心内的众多端点收集指标，包括工作负载数据，热测量等。 存储多个服务器的系统配置文件和各种工作负载的应用程序工作负载配置文件。 基于收集的指标的分析，启动包括工作负载调度操作，电力配置更改操作或两者的功率优化操作。

公开(公告)号：US09385956B2

公开(公告)日：2016-07-05

申请号：US13926697

申请日：2013-06-25

Applicant: Amazon Technologies, Inc.

Inventor： Wei Xiao ,  Bjorn Patrick Swift ,  Kiran-Kumar Muniswamy-Reddy ,  Miguel Mascarenhas Filipe ,  Yijun Lu ,  Stefano Stefani ,  James R. Hamilton

IPC: H04J1/16 ,  H04L12/26 ,  H04J3/14 ,  H04L12/801

CPC classification number: H04L47/12

Abstract: Methods and apparatus for compound token buckets usable for burst-mode admission control are disclosed. A peak burst rate and a sustained burst rate of work requests that are to be supported at a work target are determined. The maximum token populations of a peak-burst token bucket and a sustained-burst token bucket are configured, based on the peak burst rate and the sustained burst rate respectively. In response to receiving a work request directed at the work target, a determination to accept the work request for execution is made based at least in part on the token population of the peak-burst token bucket and/or the sustained-burst token bucket.

Abstract translation: 公开了可用于突发模式准入控制的复合令牌桶的方法和装置。 确定要在工作目标中支持的峰值突发速率和工作请求的持续突发速率。 基于峰值突发速率和持续突发速率，配置峰值突发令牌桶和持续突​​发令牌桶的最大标记量。 响应于接收到针对工作目标的工作请求，至少部分地基于峰 - 突发令牌桶和/或持续突发令牌桶的令牌总数进行接受执行工作请求的确定。

公开(公告)号：US09282032B2

公开(公告)日：2016-03-08

申请号：US14632962

申请日：2015-02-26

Applicant: Amazon Technologies, Inc.

Inventor： Alan M. Judge ,  David J. McGaugh ,  James R. Hamilton ,  Justin O. Pietsch ,  David J. O'Meara

IPC: H04L12/28 ,  H04L12/58 ,  H04L12/721 ,  H04L12/715 ,  H04L12/775 ,  H04L12/56 ,  H04L12/741

CPC classification number: H04L45/04 ,  H04L45/30 ,  H04L45/44 ,  H04L45/58 ,  H04L45/741 ,  H04L45/745 ,  H04L47/33 ,  H04L69/22 ,  H04L69/323

Abstract: A routing management component is provided for distributing routing information among a hierarchical distributed routing architecture. The routing management component can function to associate levels of the routing architecture with subsets of a network address format. The routing management component can further assign routers of the routing architecture to portions of network addresses defined at least in part by the network address format. For example, a router may be assigned to route packets addressed to a network address with a first octet between a range of values. The router management component may further distribute, to the routers of the hierarchical distributed routing architecture, sections of routing information associated with their assigned portions of network addresses. Because routing information can be distributed between various routers, the memory requirements of individual routers can be reduced comparatively to systems in which a single router maintains an entire set of forwarding information.

Abstract translation: 提供路由管理组件用于在分级分布式路由体系结构中分发路由信息。 路由管理组件可以用于将路由架构的级别与网络地址格式的子集相关联。 路由管理组件可进一步将路由体系结构的路由器分配至少部分地由网络地址格式定义的网络地址部分。 例如，可以分配路由器来路由寻址到具有值范围之间的第一个八位字节的网络地址的数据包。 路由器管理组件还可以向分层分布式路由架构的路由器分发与其分配的网络地址部分相关联的路由信息​​的部分。 由于路由信息可以分布在不同的路由器之间，因此可以将单个路由器的存储器需求相对于单个路由器维护一整套转发信息的系统来降低。

公开(公告)号：US20160019050A1

公开(公告)日：2016-01-21

申请号：US14866643

申请日：2015-09-25

Applicant: Amazon Technologies, Inc.

Inventor： Michael David Marr ,  Matthew T. Corddry ,  James R. Hamilton

IPC: G06F9/445 ,  G06F21/62 ,  H04L29/06

CPC classification number: G06F8/65 ,  G06F21/572 ,  G06F21/629 ,  H04L63/0428 ,  H04L63/08 ,  H04L63/20

Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. For example, a clock or a timer mechanism can be used by a network interface card to define a mutability period. During the mutability period, firmware update to a peripheral device can be allowed. Once the mutability period has expired, firmware update to a peripheral device will no longer be allowed.

Abstract translation: 当向用户提供对至少一部分设备硬件的本地访问时，可以通过控制用于更新该信息的机制来阻止用户修改固件和其他配置信息。 例如，网络接口卡可以使用时钟或定时器机制来定义可变性周期。 在可变性期间，可以允许对外围设备的固件更新。 一旦可变性时间段到期，将不再允许对外围设备的固件更新。

公开(公告)号：US09141156B2

公开(公告)日：2015-09-22

申请号：US13958382

申请日：2013-08-02

Applicant: Amazon Technologies, Inc.

Inventor： Peter George Ross ,  Darin Lee Frink ,  James R. Hamilton ,  Michael David Marr

IPC: H05K7/20 ,  G06F1/20

CPC classification number: H05K13/00 ,  G06F1/20 ,  G11B33/142 ,  H05K7/1489 ,  H05K7/20 ,  H05K7/20145 ,  H05K7/20736 ,  Y10T29/49002

Abstract: A computing system includes a chassis, one or more backplanes coupled to the chassis. Computing devices are coupled to the one or more backplanes. The one or more backplanes include backplane openings that allow air to pass from one side of the backplane to the other side of the backplane. Air channels are formed by adjacent circuit board assemblies of the computing devices and the one or more backplanes. Channel capping elements at least partially close the air channels.

Abstract translation: 计算系统包括底盘，耦合到底盘的一个或多个背板。 计算设备耦合到一个或多个背板。 一个或多个背板包括允许空气从背板的一侧通过到背板的另一侧的背板开口。 空气通道由计算设备和一个或多个背板的相邻电路板组件形成。 通道封盖元件至少部分地关闭空气通道。

公开(公告)号：US20150199519A1

公开(公告)日：2015-07-16

申请号：US14671933

申请日：2015-03-27

Applicant: Amazon Technologies, Inc.

Inventor： Michael David Marr ,  Pradeep Vincent ,  Matthew T. Corddry ,  James R. Hamilton

IPC: G06F21/57 ,  H04L29/08 ,  G06F9/445

CPC classification number: G06F21/572 ,  G06F8/65 ,  G06F11/3003 ,  G06F11/3051 ,  G06F21/57 ,  G06F21/575 ,  G06F21/577 ,  G06F2201/865 ,  G06F2201/88 ,  G06F2221/033 ,  H04L67/10

Abstract: Attempts to update confirmation information or firmware for a hardware device can be monitored using a secure counter that is configured to monotonically adjust a current value of the secure counter for each update or update attempt. The value of the counter can be determined every time the validity of the firmware is confirmed, and this value can be stored to a secure location. At subsequent times, such as during a boot process, the actual value of the counter can be determined and compared with the expected value. If the values do not match, such that the firmware may be in an unexpected state, an action can be taken, such as to prevent access to, or isolate, the hardware until such time as the firmware can be validated or updated to an expected state.

Abstract translation: 可以使用安全计数器监视硬件设备的更新确认信息或固件的尝试，该计数器被配置为对每次更新或更新尝试单调地调整安全计数器的当前值。 每次确认固件的有效性时，可以确定计数器的值，并将该值存储到安全位置。 在随后的时间，例如在引导过程期间，可以确定计数器的实际值并将其与预期值进行比较。 如果值不匹配，使得固件可能处于意外状态，则可以采取措施，例如防止访问或隔离硬件，直到固件可以被验证或更新为预期的时间 州。

公开(公告)号：US20150160948A1

公开(公告)日：2015-06-11

申请号：US14537786

申请日：2014-11-10

Applicant: Amazon Technologies, Inc.

Inventor： Michael David Marr ,  Matthew R. Corddry ,  James R. Hamilton

IPC: G06F9/44 ,  H04L12/24

CPC classification number: G06F9/4416 ,  G06F8/65 ,  G06F21/572 ,  H04L41/082 ,  H04L63/126 ,  H04L67/34

Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. In some embodiments, an asymmetric keying approach can be used to encrypt or sign the firmware. In other cases access can be controlled by enabling firmware updates only through a channel or port that is not exposed to the customer, or by mapping only those portions of the hardware that are to be accessible to the user. In other embodiments, the user can be prevented from modifying firmware by only provisioning the user on a machine after an initial mutability period wherein firmware can be modified, such that the user never has access to a device when firmware can be updated. Combinations and variations of the above also can be used.

Abstract translation: 当向用户提供对至少一部分设备硬件的本地访问时，可以通过控制用于更新该信息的机制来阻止用户修改固件和其他配置信息。 在一些实施例中，可以使用非对称密钥方法来加密或签名固件。 在其他情况下，只能通过不暴露给客户的通道或端口启用固件更新，或仅映射用户可访问的硬件部分来控制访问。 在其他实施例中，可以通过在可修改固件的初始可变性周期之后仅在机器上提供用户来防止用户修改固件，使得当固件可以被更新时，用户永远不能访问设备。 上述的组合和变化也可​​以使用。

公开(公告)号：US08996744B1

公开(公告)日：2015-03-31

申请号：US14094642

申请日：2013-12-02

Applicant: Amazon Technologies, Inc.

Inventor： Michael David Marr ,  Pradeep Vincent ,  Matthew T. Corddry ,  James R. Hamilton

IPC: G06F3/00 ,  G06F13/28 ,  G06F11/30 ,  G06F9/44 ,  G06F21/57

CPC classification number: G06F21/572 ,  G06F8/65 ,  G06F11/3003 ,  G06F11/3051 ,  G06F21/57 ,  G06F21/575 ,  G06F21/577 ,  G06F2201/865 ,  G06F2201/88 ,  G06F2221/033 ,  H04L67/10

Abstract: Attempts to update confirmation information or firmware for a hardware device can be monitored using a secure counter that is configured to monotonically adjust a current value of the secure counter for each update or update attempt. The value of the counter can be determined every time the validity of the firmware is confirmed, and this value can be stored to a secure location. At subsequent times, such as during a boot process, the actual value of the counter can be determined and compared with the expected value. If the values do not match, such that the firmware may be in an unexpected state, an action can be taken, such as to prevent access to, or isolate, the hardware until such time as the firmware can be validated or updated to an expected state.

Abstract translation: 可以使用安全计数器监视硬件设备的更新确认信息或固件的尝试，该计数器被配置为对每次更新或更新尝试单调地调整安全计数器的当前值。 每次确认固件的有效性时，可以确定计数器的值，并将该值存储到安全位置。 在随后的时间，例如在引导过程期间，可以确定计数器的实际值并将其与预期值进行比较。 如果值不匹配，使得固件可能处于意外状态，则可以采取措施，例如防止访问或隔离硬件，直到固件可以被验证或更新为预期的时间 州。

公开(公告)号：US11374873B2

公开(公告)日：2022-06-28

申请号：US17104295

申请日：2020-11-25

Applicant: Amazon Technologies, Inc.

Inventor： Tate Andrew Certain ,  Roland Paterson-Jones ,  James R. Hamilton ,  Sachin Jain ,  Matthew S. Garman ,  David N. Sunderland ,  Danny Wei ,  Fiorenzo Cattaneo

IPC: G06F15/173 ,  H04L47/70 ,  G06Q30/02 ,  G06Q30/04 ,  G06Q10/00 ,  H04L67/02 ,  H04L67/10

Abstract: Commitments against various resources can be dynamically adjusted for customers in a shared-resource environment. A customer can provision a data volume with a committed rate of Input/Output Operations Per Second (IOPS) and pay only for that commitment (plus any overage), for example, as well as the amount of storage requested. The customer can subsequently adjust the committed rate of IOPS by submitting an appropriate request, or the rate can be adjusted automatically based on any of a number of criteria. Data volumes for the customer can be migrated, split, or combined in order to provide the adjusted rate. The interaction of the customer with the data volume does not need to change, independent of adjustments in rate or changes in the data volume, other than the rate at which requests are processed.

公开(公告)号：US10776395B2

公开(公告)日：2020-09-15

申请号：US15694828

申请日：2017-09-03

Applicant: Amazon Technologies, Inc.

Inventor： Swaminathan Sivasubramanian ,  Stefano Stefani ,  Chiranjeeb Buragohain ,  Rande A. Blackman ,  Timothy Andrew Rath ,  Raymond S. Bradford ,  Grant Alexander MacDonald McAlister ,  Jakub Kulesza ,  James R. Hamilton ,  Luis Felipe Cabrera

IPC: G06F16/27 ,  G06F16/20 ,  G06F16/21 ,  G06F16/215 ,  G06F16/25 ,  G06F16/22 ,  G06F9/50 ,  H04L29/08 ,  G06F12/0846

Abstract: A system that implements a scalable data storage service may maintain tables in a non-relational data store on behalf of clients. The system may provide a Web services interface through which service requests are received, and an API usable to request that a table be created, deleted, or described; that an item be stored, retrieved, deleted, or its attributes modified; or that a table be queried (or scanned) with filtered items and/or their attributes returned. An asynchronous workflow may be invoked to create or delete a table. Items stored in tables may be partitioned and indexed using a simple or composite primary key. The system may not impose pre-defined limits on table size, and may employ a flexible schema. The service may provide a best-effort or committed throughput model. The system may automatically scale and/or re-partition tables in response to detecting workload changes, node failures, or other conditions or anomalies.