公开(公告)号：US11314541B2

公开(公告)日：2022-04-26

申请号：US16894395

申请日：2020-06-05

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Singh ,  Anthony Joseph Suarez ,  William Andrew Thurston ,  Anirudh Balachandra Aithal ,  Daniel Robert Gerdesmeier ,  Euan Skyler Kemp ,  Kiran Kumar Meduri ,  Muhammad Umer Azad

IPC: G06F9/455 ,  G06F9/50

Abstract: A task definition is received. The task definition indicates at least a location from which one or more software image can be obtained and information usable to determine an amount of resources to allocate to one or more software containers for the one or more software image. A set of virtual machine instances in which to launch the one or more software containers is determined, the one or more software image is obtained from the location included in the task definition and is launched as the one or more of software containers within the set of virtual machine instances.

公开(公告)号：US20200301726A1

公开(公告)日：2020-09-24

申请号：US16894395

申请日：2020-06-05

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Singh ,  Anthony Joseph Suarez ,  William Andrew Thurston ,  Anirudh Balachandra Aithal ,  Daniel Robert Gerdesmeier ,  Euan Skyler Kemp ,  Kiran Kumar Meduri ,  Muhammad Umer Azad

IPC: G06F9/455 ,  G06F9/50

Abstract: A task definition is received. The task definition indicates at least a location from which one or more software image can be obtained and information usable to determine an amount of resources to allocate to one or more software containers for the one or more software image. A set of virtual machine instances in which to launch the one or more software containers is determined, the one or more software image is obtained from the location included in the task definition and is launched as the one or more of software containers within the set of virtual machine instances.

公开(公告)号：US10678582B2

公开(公告)日：2020-06-09

申请号：US16004050

申请日：2018-06-08

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Singh ,  Anthony Joseph Suarez ,  William Andrew Thurston ,  Anirudh Balachandra Aithal ,  Daniel Robert Gerdesmeier ,  Euan Skyler Kemp ,  Kiran Kumar Meduri ,  Muhammad Umer Azad

IPC: G06F9/455 ,  G06F9/50

Abstract: A task definition is received. The task definition indicates at least a location from which one or more software image can be obtained and information usable to determine an amount of resources to allocate to one or more software containers for the one or more software image. A set of virtual machine instances in which to launch the one or more software containers is determined, the one or more software image is obtained from the location included in the task definition and is launched as the one or more of software containers within the set of virtual machine instances.

公开(公告)号：US09256467B1

公开(公告)日：2016-02-09

申请号：US14538663

申请日：2014-11-11

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Singh ,  Anthony Joseph Suarez ,  William Andrew Thurston ,  Anirudh Balachandra Aithal ,  Daniel Robert Gerdesmeier ,  Euan Skyler Kemp ,  Kiran Kumar Meduri ,  Muhammad Umer Azad

IPC: G06F9/46 ,  G06F9/50 ,  G06F9/455

CPC classification number: G06F9/45558 ,  G06F9/45533 ,  G06F9/5005 ,  G06F9/5055 ,  G06F9/5077 ,  G06F2009/4557 ,  G06F2009/45595

Abstract: A system and method for a container service that obtains a software image of a software container that has been configured to be executed within a computer system instance registered to a cluster by one or more processors. The container service is configured to receive a request to launch the software image in accordance with a task definition, wherein the task definition specifies an allocation of resources for the software container. The container service may then determine, according to a placement scheme, a subset of a set of container instances registered to the cluster in which to launch the software image in accordance with the task definition. Upon determining the subset of the set of container instances, the container service may launch the software image as one or more running software containers in the set of container instances in accordance with the task definition.

Abstract translation: 一种用于容器服务的系统和方法，其获得已被配置为在由一个或多个处理器注册到集群的计算机系统实例内执行的软件容器的软件映像。 容器服务被配置为接收根据任务定义启动软件映像的请求，其中任务定义指定软件容器的资源分配。 然后，容器服务可以根据放置方案来确定根据任务定义在其中发布软件映像的集群注册的一组容器实例的子集。 在确定容器实例集合的子集之后，容器服务可以根据任务定义将软件映像作为容器实例集中的一个或多个运行的软件容器启动。

公开(公告)号：US11487530B2

公开(公告)日：2022-11-01

申请号：US16940261

申请日：2020-07-27

Applicant: Amazon Technologies, Inc.

Inventor： Anthony Joseph Suarez ,  Scott Kerns Windsor ,  Nare Hayrapetyan ,  Daniel Robert Gerdesmeier ,  Pooja Kalpana Prakash

IPC: G06F21/00 ,  G06F8/71 ,  G06F9/455 ,  G06F21/53 ,  G06F8/61 ,  G06F21/62

Abstract: A request to update a software container image within a container registry hosted by a computing resource service provider is received from an entity associated with a customer account with the computing resource service provider, where the container registry is a scalable distributed data storage service. The software container image is stored in the container registry in association with the customer account. A layer of the software container image stored in the container registry is scanned for a reference identifier associated with a security vulnerability as a result of said scan finding the reference identifier within the software container image, notice is provided to the entity indicating that the security vulnerability was found. Software within the software container image is updated based at least in part on the vulnerability scan; and the update software is deployed.

公开(公告)号：US10725775B2

公开(公告)日：2020-07-28

申请号：US16383523

申请日：2019-04-12

Applicant: Amazon Technologies, Inc.

Inventor： Anthony Joseph Suarez ,  Scott Kerns Windsor ,  Nare Hayrapetyan ,  Daniel Robert Gerdesmeier ,  Pooja Kalpana Prakash

IPC: G06F21/00 ,  G06F8/71 ,  G06F9/455 ,  G06F21/53 ,  G06F8/61 ,  G06F21/62

Abstract: A request to store a container image is received from a device associated with a customer of a computing resource service provider. Validity of a security token associated with the request is authenticated using a cryptographic key maintained as a secret by the computing resource service provider. One or more layers of the container image is built based at least in part on at least one build artifact to form a set of built layers. The software image including the set of built layers is stored in a repository associated with the customer. A manifest of metadata for the set of built layers is stored in a database of a structured data store. The container image is obtained in the form of an obtained container image. The obtained container image is deployed as the software container in at least one virtual machine instance associated with the customer.

公开(公告)号：US10261782B2

公开(公告)日：2019-04-16

申请号：US14975631

申请日：2015-12-18

Applicant: Amazon Technologies, Inc.

Inventor： Anthony Joseph Suarez ,  Scott Kerns Windsor ,  Nare Hayrapetyan ,  Daniel Robert Gerdesmeier ,  Pooja Kalpana Prakash

IPC: H04L29/06 ,  G06F8/71 ,  G06F9/455 ,  G06F21/53 ,  G06F8/61 ,  G06F21/62

Abstract: A request to store, in first data store associated with a customer of a computing resource service provider, a software image is received, the request including a set of layers of the software image to be stored. As a result of successful authentication of the request, based at least in part on a security token included with the request, a subset of layers of the software image that have not previously been stored in the first data store are determined, based at least in part on first metadata obtained from a second data store, the subset of layers in the first data store are stored, second metadata about the subset of layers are stored in the second data store, and the software image is caused to be launched in a software container of an instance based at least in part on the subset of layers.

公开(公告)号：US20190108049A1

公开(公告)日：2019-04-11

申请号：US16004050

申请日：2018-06-08

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Singh ,  Anthony Joseph Suarez ,  William Andrew Thurston ,  Anirudh Balachandra Aithal ,  Daniel Robert Gerdesmeier ,  Euan Skyler Kemp ,  Kiran Kumar Meduri ,  Muhammad Umer Azad

IPC: G06F9/455 ,  G06F9/50

Abstract: A task definition is received. The task definition indicates at least a location from which one or more software image can be obtained and information usable to determine an amount of resources to allocate to one or more software containers for the one or more software image. A set of virtual machine instances in which to launch the one or more software containers is determined, the one or more software image is obtained from the location included in the task definition and is launched as the one or more of software containers within the set of virtual machine instances.

公开(公告)号：US20160162320A1

公开(公告)日：2016-06-09

申请号：US15007113

申请日：2016-01-26

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Singh ,  Anthony Joseph Suarez ,  William Andrew Thurston ,  Anirudh Balachandra Aithal ,  Daniel Robert Gerdesmeier ,  Euan Skyler Kemp ,  Kiran Kumar Meduri ,  Muhammad Umer Azad

IPC: G06F9/455 ,  G06F9/50

CPC classification number: G06F9/45558 ,  G06F9/45533 ,  G06F9/5005 ,  G06F9/5055 ,  G06F9/5077 ,  G06F2009/4557 ,  G06F2009/45595

Abstract: A task definition is received. The task definition indicates at least a location from which one or more software image can be obtained and information usable to determine an amount of resources to allocate to one or more software containers for the one or more software image. A set of virtual machine instances in which to launch the one or more software containers is determined, the one or more software image is obtained from the location included in the task definition and is launched as the one or more of software containers within the set of virtual machine instances.

Abstract translation: 接收到任务定义。 任务定义至少指示可以从其获得一个或多个软件映像的位置，以及可用于确定要分配给一个或多个软件映像的一个或多个软件容器的资源量的信息。 确定在其中启动一个或多个软件容器的一组虚拟机实例，从包括在任务定义中的位置获得一个或多个软件映像，并作为该组内的一个或多个软件容器发起 虚拟机实例。

公开(公告)号：US11789723B2

公开(公告)日：2023-10-17

申请号：US17941613

申请日：2022-09-09

Applicant: Amazon Technologies, Inc.

Inventor： Anthony Joseph Suarez ,  Scott Kerns Windsor ,  Nare Hayrapetyan ,  Daniel Robert Gerdesmeier ,  Pooja Kalpana Prakash

IPC: G06F21/00 ,  G06F8/71 ,  G06F9/455 ,  G06F21/53 ,  G06F8/61 ,  G06F21/62

CPC classification number: G06F8/71 ,  G06F8/63 ,  G06F9/45558 ,  G06F21/53 ,  G06F21/6209 ,  G06F2009/4557 ,  G06F2221/033

Abstract: A request to store a container image is received from a device associated with a customer of a computing resource service provider. Validity of a security token associated with the request is authenticated using a cryptographic key maintained as a secret by the computing resource service provider. One or more layers of the container image is built based at least in part on at least one build artifact to form a set of built layers. The software image including the set of built layers is stored in a repository associated with the customer. A manifest of metadata for the set of built layers is stored in a database of a structured data store. The container image is obtained in the form of an obtained container image. The obtained container image is deployed as the software container in at least one virtual machine instance associated with the customer.