公开(公告)号：US20160170885A1

公开(公告)日：2016-06-16

申请号：US15050408

申请日：2016-02-22

Applicant: Amazon Technologies, Inc.

Inventor： DAVID CARL SALYERS ,  PRADEEP VINCENT ,  ANKUR KHETRAPAL ,  KESTUTIS PATIEJUNAS

IPC: G06F12/08

CPC classification number: G06F12/0802 ,  G06F3/0619 ,  G06F3/0647 ,  G06F3/0685 ,  G06F11/1435 ,  G06F11/1438 ,  G06F11/1441 ,  G06F11/1464 ,  G06F12/08 ,  G06F12/0804 ,  G06F12/0813 ,  G06F12/0868 ,  G06F12/0871 ,  G06F12/0893 ,  G06F17/30575 ,  G06F2212/1016 ,  G06F2212/154 ,  G06F2212/284 ,  G06F2212/452 ,  G06F2212/461 ,  G06F2212/466 ,  G06F2212/468 ,  G06F2212/60

Abstract: Methods and apparatus for supporting cached volumes at storage gateways are disclosed. A storage gateway appliance is configured to cache at least a portion of a storage object of a remote storage service at local storage devices. In response to a client's write request, directed to at least a portion of a data chunk of the storage object, the appliance stores a data modification indicated in the write request at a storage device, and asynchronously uploads the modification to the storage service. In response to a client's read request, directed to a different portion of the data chunk, the appliance downloads the requested data from the storage service to the storage device, and provides the requested data to the client.

Abstract translation: 公开了用于在存储网关处支持缓存卷的方法和装置。 存储网关设备被配置为在本地存储设备上缓存远程存储服务的存储对象的至少一部分。 响应于客户端的写入请求，指向存储对象的数据块的至少一部分，设备将在写入请求中指示的数据修改存储在存储设备处，并将修改异步地上传到存储服务。 响应于客户端的读取请求，指向数据块的不同部分，设备将请求的数据从存储服务下载到存储设备，并将所请求的数据提供给客户端。

公开(公告)号：US20160179839A1

公开(公告)日：2016-06-23

申请号：US15056648

申请日：2016-02-29

Applicant: Amazon Technologies, Inc.

Inventor： ARUN SUNDARAM ,  YUN LIN ,  DAVID CARL SALYERS

IPC: G06F17/30

CPC classification number: G06F17/30174 ,  G06F3/0604 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/065 ,  G06F3/067 ,  G06F17/30088 ,  G06F17/30575 ,  G06F21/6218 ,  G06F21/78 ,  H04L29/06 ,  H04L67/1097

Abstract: Methods, apparatus, and computer-accessible storage media for controlling export of snapshots to external networks in service provider environments. Methods are described that may be used to prevent customers of a service provider from downloading snapshots of volumes, such as boot images created by the service provider or provided by third parties, to which the customer does not have the appropriate rights. A request may be received from a user to access one or more snapshots, for example a request to export the snapshot or a request for a listing of snapshots. For each snapshot, the service provider may determine if the user has rights to the snapshot, for example by checking a manifest for the snapshot to see if entries in the snapshot manifest belong to an account other than the customer's. If the user has rights to the snapshot, the request is granted; otherwise, the request is not granted.

Abstract translation: 方法，设备和计算机可访问的存储介质，用于控制服务提供商环境中的快照到外部网络的导出。 描述了可以用于防止服务提供商的客户下载卷的快照，诸如由服务提供商创建或由第三方提供的引导映像，客户不具有适当权限。 可以从用户接收到访问一个或多个快照的请求，例如导出快照的请求或快照列表的请求。 对于每个快照，服务提供商可以确定用户是否拥有快照的权限，例如通过检查快照的清单来查看快照清单中的条目是否属于除客户之外的其他帐户。 如果用户拥有快照权限，则授予该请求; 否则，请求不被授予。

公开(公告)号：US20180152503A1

公开(公告)日：2018-05-31

申请号：US15881545

申请日：2018-01-26

Applicant: Amazon Technologies, Inc.

Inventor： TOBIAS LARS-OLOV HOLGERS ,  KEVIN CHRISTOPHER MILLER ,  ANDREW BRUCE DICKINSON ,  DAVID CARL SALYERS ,  XIAO ZHANG ,  SHANE ASHLEY HALL ,  CHRISTOPHER IAN HENDRIE ,  ANIKET DEEPAK DIVECHA ,  RALPH WILLIAM FLORA

IPC: H04L29/08 ,  G06F9/455 ,  H04L29/06

CPC classification number: H04L67/10 ,  G06F9/45533 ,  H04L67/42

Abstract: A control-plane component of a virtual network interface (VNI) multiplexing service assigns one or more VNIs as members of a first interface group. A first VNI of the interface group is attached to a first compute instance. Network traffic directed to a particular endpoint address associated with the first interface group is to be distributed among members of the first interface group by client-side components of the service. The control-plane component propagates membership metadata of the first interface group to the client-side components. In response to a detection of an unhealthy state of the first compute instance, the first VNI is attached to a different compute instance by the control-plane component.

公开(公告)号：US20150304407A1

公开(公告)日：2015-10-22

申请号：US14733890

申请日：2015-06-08

Applicant: Amazon Technologies, Inc.

Inventor： JAMES CHRISTOPHER `SORENSON, III ,  DAVID CARL SALYERS

IPC: H04L29/08

CPC classification number: H04L67/101 ,  H04L67/1002 ,  H04L67/1004 ,  H04L67/1008 ,  H04L67/1029

Abstract: Embodiments may include a load balancer configured to, for a given packet received from a remote client, select a host computer of a plurality of host computers according to a load balancing protocol, the selection based on load information updates received from the plurality of host computers. Each load information update may indicate a measure of the respective host computer's capacity to service additional connections with remote clients. The load balancer may provide the given packet to the selected host computer for processing by an application component on the selected host computer, and subsequent to determining that a specific application component on one of the plurality of host computers does not have capacity for additional connections based on the load information updates, continue to send packets for existing connections serviced by the specific application component to the respective host computer without sending packets for new connections to that host computer.

Abstract translation: 实施例可以包括：负载平衡器，被配置为，对于从远程客户端接收的给定分组，根据负载平衡协议选择多个主机计算机的主计算机，所述选择基于从所述多个主机计算机接收的负载信息更新 。 每个负载信息更新可以指示相应主计算机服务于与远程客户端的附加连接的能力的度量。 负载平衡器可以向所选择的主计算机提供给定的分组以供所选择的主计算机上的应用组件处理，然后在确定多个主计算机之一上的特定应用组件不具有用于附加连接的能力的基础上 在负载信息更新中，继续向特定应用程序组件发送的现有连接的数据包发送到相应的主机，而不会向该主机发送新连接的数据包。

公开(公告)号：US20140330784A1

公开(公告)日：2014-11-06

申请号：US14336768

申请日：2014-07-21

Applicant: Amazon Technologies, Inc.

Inventor： ARUN SUNDARAM ,  YUN LIN ,  DAVID CARL SALYERS

IPC: G06F17/30

CPC classification number: G06F17/30174 ,  G06F3/0604 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/065 ,  G06F3/067 ,  G06F17/30088 ,  G06F17/30575 ,  G06F21/6218 ,  G06F21/78 ,  H04L29/06 ,  H04L67/1097

Abstract: Methods, apparatus, and computer-accessible storage media for controlling export of snapshots to external networks in service provider environments. Methods are described that may be used to prevent customers of a service provider from downloading snapshots of volumes, such as boot images created by the service provider or provided by third parties, to which the customer does not have the appropriate rights. A request may be received from a user to access one or more snapshots, for example a request to export the snapshot or a request for a listing of snapshots. For each snapshot, the service provider may determine if the user has rights to the snapshot, for example by checking a manifest for the snapshot to see if entries in the snapshot manifest belong to an account other than the customer's. If the user has rights to the snapshot, the request is granted; otherwise, the request is not granted.

Abstract translation: 方法，设备和计算机可访问的存储介质，用于控制服务提供商环境中的快照到外部网络的导出。 描述了可以用于防止服务提供商的客户下载卷的快照，诸如由服务提供商创建或由第三方提供的引导映像，客户不具有适当权限。 可以从用户接收到访问一个或多个快照的请求，例如导出快照的请求或快照列表的请求。 对于每个快照，服务提供商可以确定用户是否拥有快照的权限，例如通过检查快照的清单来查看快照清单中的条目是否属于除客户之外的其他帐户。 如果用户拥有快照权限，则授予该请求; 否则，请求不被授予。

公开(公告)号：US20170177479A1

公开(公告)日：2017-06-22

申请号：US15451262

申请日：2017-03-06

Applicant: Amazon Technologies, Inc.

Inventor： DAVID CARL SALYERS ,  PRADEEP VINCENT ,  ANKUR KHETRAPAL ,  KESTUTIS PATIEJUNAS

IPC: G06F12/0802 ,  G06F17/30 ,  G06F11/14 ,  G06F3/06

CPC classification number: G06F12/0802 ,  G06F3/0619 ,  G06F3/0647 ,  G06F3/0685 ,  G06F11/1435 ,  G06F11/1438 ,  G06F11/1441 ,  G06F11/1464 ,  G06F12/08 ,  G06F12/0804 ,  G06F12/0813 ,  G06F12/0868 ,  G06F12/0871 ,  G06F12/0893 ,  G06F17/30575 ,  G06F2212/1016 ,  G06F2212/154 ,  G06F2212/284 ,  G06F2212/452 ,  G06F2212/461 ,  G06F2212/466 ,  G06F2212/468 ,  G06F2212/60

Abstract: Methods and apparatus for supporting cached volumes at storage gateways are disclosed. A storage gateway appliance is configured to cache at least a portion of a storage object of a remote storage service at local storage devices. In response to a client's write request, directed to at least a portion of a data chunk of the storage object, the appliance stores a data modification indicated in the write request at a storage device, and asynchronously uploads the modification to the storage service. In response to a client's read request, directed to a different portion of the data chunk, the appliance downloads the requested data from the storage service to the storage device, and provides the requested data to the client.

公开(公告)号：US20160205187A1

公开(公告)日：2016-07-14

申请号：US15076571

申请日：2016-03-21

Applicant: Amazon Technologies, Inc.

Inventor： JAMES CHRISTOPHER SORENSON, III ,  YUN LIN ,  DAVID CARL SALYERS ,  ANKUR KHETRAPAL

IPC: H04L29/08

Abstract: Methods, apparatus, and computer-accessible storage media for shadowing data stored on a local store to a remote store provided by a service provider. A gateway may be configured as a shadowing gateway on a customer network in response to receiving configuration information. The shadowing gateway may receive reads and writes to the local store. The gateway passes the requests to the local store, and also uploads write data indicated by the writes to the service provider to update a snapshot of the local store maintained by the service provider on the remote store. The write data may be buffered to a write log for uploading, and may be uploaded as blocks according to a block storage format used by the service provider. The shadowing process may be transparent to processes on the customer network. The shadowed data may be used to recover data on the local store.

Abstract translation: 方法，装置和计算机可访问的存储介质，用于将存储在本地存储器上的数据映射到由服务提供商提供的远程存储器。 响应于接收配置信息，网关可以被配置为客户网络上的遮蔽网关。 阴影网关可以接收对本地商店的读取和写入。 网关将请求传递到本地商店，并将写入指示的写入数据上传到服务提供商以更新由远程商店上的服务提供商维护的本地商店的快照。 写入数据可以被缓冲到用于上传的写入日志中，并且可以根据服务提供商使用的块存储格式作为块上传。 阴影过程对客户网络上的流程可能是透明的。 阴影数据可用于恢复本地存储上的数据。

公开(公告)号：US20140351906A1

公开(公告)日：2014-11-27

申请号：US14455525

申请日：2014-08-08

Applicant: Amazon Technologies, Inc.

Inventor： JAMES CHRISTOPHER SORENSON, III ,  YUN LIN ,  DAVID CARL SALYERS ,  ANKUR KHETRAPAL ,  MARK J. CAVAGE

IPC: H04L29/06

CPC classification number: H04L63/061 ,  H04L63/0807 ,  H04L63/0823 ,  H04L63/10 ,  H04L63/20 ,  H04L67/1097 ,  H04L67/16 ,  H04L67/2842

Abstract: Methods, apparatus, and computer-accessible storage media for activating a gateway to a remote service provider. The gateway serves as an interface between processes on a customer network and the provider, for example to store customer data to a remote data store. A gateway sends a public key and metadata describing the gateway to the provider. The gateway receives an activation key from the provider and exposes the activation key on the customer network. The customer obtains the key and communicates to the provider using the key to provide customer information including a name for the gateway and to authorize registration of the gateway. The provider provides the customer information to the gateway. The gateway requests security credentials from the provider using the customer information and the key. The provider sends a security credential to the gateway. The gateway may then obtain configuration information from the customer via the provider.

Abstract translation: 用于激活到远程服务提供商的网关的方法，装置和计算机可访问的存储介质。 网关用作客户网络和提供商之间的进程之间的接口，例如将客户数据存储到远程数据存储。 网关向提供商发送描述网关的公开密钥和元数据。 网关从提供商接收激活密钥，并在客户网络上公开激活密钥。 客户获得密钥并使用密钥向提供商进行通信，以提供客户信息，包括网关的名称并授权网关的注册。 提供商向网关提供客户信息。 网关使用客户信息和密钥从提供商请求安全凭证。 提供商向网关发送安全凭证。 然后，网关可以经由提供商从客户获得配置信息。