公开(公告)号：US11593252B2

公开(公告)日：2023-02-28

申请号：US17551680

申请日：2021-12-15

Applicant: Cisco Technology, Inc.

Inventor： Kiran Chunduri ,  Rajasekhar Manam

IPC: G06F11/36 ,  G06F11/34 ,  H04L67/30 ,  H04L67/51

Abstract: Disclosed are systems, computer-readable media and methods for monitoring performance data across microservices. One example method includes establishing a service policy configured on a centralized switch controller, applying the service profile to a virtual interface associated with a microservice, mapping a microservice name for the microservice to an IP address and a port number, tracking a protocol flow for the microservice, wherein the protocol flow is associated with a virtual switch, to yield data, aggregating the data to yield aggregated data and presenting the aggregated data on a user interface.

公开(公告)号：US11968198B2

公开(公告)日：2024-04-23

申请号：US18147448

申请日：2022-12-28

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Suresh Patwardhan ,  Jalaja Padma ,  Srinivasan Krishnamurthy ,  Rajasekhar Manam

IPC: G06F21/44 ,  G06F9/455 ,  G06F21/45 ,  H04L9/40

CPC classification number: H04L63/08 ,  G06F9/45558 ,  G06F21/44 ,  G06F21/45 ,  H04L63/10 ,  G06F2009/45562 ,  G06F2009/4557 ,  G06F2009/45587 ,  G06F2009/45595

Abstract: The disclosed technology provides solutions for performing rapid authentication and authorization for distributed containerized microservices. In some aspects, a process of the technology can include steps for: associating a service type with a set of microservices or service pods, detecting deployment of a first microservice on a first host, and receiving an authentication and authorization state from a first virtual network edge (VNE) of the first host. In some aspects, the process can further include steps for distributing the authentication state to a second VNE on a second host, wherein the authentication state is configured to facilitate authentication of one or more subsequent microservices instantiated on the second host by the second VNE. Systems and machine readable media are also provided.

公开(公告)号：US20200097391A1

公开(公告)日：2020-03-26

申请号：US16692950

申请日：2019-11-22

Applicant: Cisco Technology, Inc.

Inventor： Kiran Chunduri ,  Rajasekhar Manam

IPC: G06F11/36 ,  H04L29/08 ,  G06F11/34

Abstract: Disclosed are systems, computer-readable media and methods for monitoring performance data across microservices. One example method includes establishing a service policy configured on a centralized switch controller, applying the service profile to a virtual interface associated with a microservice, mapping a microservice name for the microservice to an IP address and a port number, tracking a protocol flow for the microservice, wherein the protocol flow is associated with a virtual switch, to yield data, aggregating the data to yield aggregated data and presenting the aggregated data on a user interface.

公开(公告)号：US20190386973A1

公开(公告)日：2019-12-19

申请号：US16012597

申请日：2018-06-19

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Suresh Patwardhan ,  Jalaja Padma ,  Srinivasan Krishnamurthy ,  Rajasekhar Manam

IPC: H04L29/06 ,  G06F9/455 ,  G06F21/44 ,  G06F21/45

Abstract: The disclosed technology provides solutions for performing rapid authentication and authorization for distributed containerized microservices. In some aspects, a process of the technology can include steps for: associating a service type with a set of microservices or service pods, detecting deployment of a first microservice on a first host, and receiving an authentication and authorization state from a first virtual network edge (VNE) of the first host. In some aspects, the process can further include steps for distributing the authentication state to a second VNE on a second host, wherein the authentication state is configured to facilitate authentication of one or more subsequent microservices instantiated on the second host by the second VNE. Systems and machine readable media are also provided.

公开(公告)号：US10432532B2

公开(公告)日：2019-10-01

申请号：US15208133

申请日：2016-07-12

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Patwardhan ,  Rajasekhar Manam

IPC: H04L12/803 ,  H04L12/859 ,  H04L12/723 ,  H04L12/927 ,  H04L12/46

Abstract: A virtual networking switch on a host computing device can receive a first data packet of a micro-service data flow from a virtual machine running on the host computing device. The first data packet can include micro-service flow data identifying a first container instance that transmitted the first data packet. The virtual networking switch can provide a subset of the micro-service flow data to a container orchestrator, that utilizes the first subset of the micro-service flow data to assign a label to the first micro-service data flow. The virtual networking switch can pin the first micro-service data flow to a first uplink port of the host computing device based on the label assigned to the first micro-service data flow, causing data packets received from the virtual machine as part of the first micro-service data flow to be forwarded to their intended recipient via the first uplink port.

公开(公告)号：US20230231839A1

公开(公告)日：2023-07-20

申请号：US18147448

申请日：2022-12-28

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Suresh Patwardhan ,  Jalaja Padma ,  Srinivasan Krishnamurthy ,  Rajasekhar Manam

IPC: H04L9/40 ,  G06F9/455 ,  G06F21/45 ,  G06F21/44

CPC classification number: H04L63/08 ,  G06F9/45558 ,  H04L63/10 ,  G06F21/45 ,  G06F21/44 ,  G06F2009/45587 ,  G06F2009/45595 ,  G06F2009/45562 ,  G06F2009/4557

Abstract: The disclosed technology provides solutions for performing rapid authentication and authorization for distributed containerized microservices. In some aspects, a process of the technology can include steps for: associating a service type with a set of microservices or service pods, detecting deployment of a first microservice on a first host, and receiving an authentication and authorization state from a first virtual network edge (VNE) of the first host. In some aspects, the process can further include steps for distributing the authentication state to a second VNE on a second host, wherein the authentication state is configured to facilitate authentication of one or more subsequent microservices instantiated on the second host by the second VNE. Systems and machine readable media are also provided.

公开(公告)号：US09148367B2

公开(公告)日：2015-09-29

申请号：US13633716

申请日：2012-10-02

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Sridar Kandaswamy ,  Rajasekhar Manam ,  Ramesh V. N. Ponnapalli

IPC: H04L12/721 ,  H04L29/06

CPC classification number: H04L45/38 ,  H04L69/22

Abstract: A method is provided in one example and includes receiving a first packet of a connection between a client and a server. The first packet is tagged with a tag comprising a member id of a service node in a service cluster that includes a plurality of nodes having distinct member ids. The method can also include mapping the member id to the service node in a tag-to-node map; receiving a second packet of the connection, where the second packet is tagged with the tag comprising the member id; determining the service node from the tag-to-node map; and forwarding the second packet to the service node.

Abstract translation: 在一个示例中提供了一种方法，并且包括接收客户端和服务器之间的连接的第一分组。 第一个分组被标记有包括服务集群中的服务节点的成员ID的标签，该服务集群包括具有不同成员ID的多个节点。 该方法还可以包括将成员标识映射到标签到节点映射中的服务节点; 接收所述连接的第二分组，其中所述第二分组被标签包括所述成员id的所述标签; 从所述标签到节点映射确定所述服务节点; 并将所述第二分组转发到所述服务节点。

公开(公告)号：US20230205675A1

公开(公告)日：2023-06-29

申请号：US18114976

申请日：2023-02-27

Applicant: Cisco Technology, Inc.

Inventor： Kiran Chunduri ,  Rajasekhar Manam

IPC: G06F11/36 ,  G06F11/34 ,  H04L67/30 ,  H04L67/51

CPC classification number: G06F11/3664 ,  G06F11/34 ,  H04L67/30 ,  H04L67/51

Abstract: Disclosed are systems, computer-readable media and methods for monitoring performance data across microservices. One example method includes establishing a service policy configured on a centralized switch controller, applying the service profile to a virtual interface associated with a microservice, mapping a microservice name for the microservice to an IP address and a port number, tracking a protocol flow for the microservice, wherein the protocol flow is associated with a virtual switch, to yield data, aggregating the data to yield aggregated data and presenting the aggregated data on a user interface.

公开(公告)号：US11552937B2

公开(公告)日：2023-01-10

申请号：US16997483

申请日：2020-08-19

Applicant: Cisco Technology, Inc.

Inventor： Sourabh Suresh Patwardhan ,  Jalaja Padma ,  Srinivasan Krishnamurthy ,  Rajasekhar Manam

IPC: G06F21/44 ,  H04L9/40 ,  G06F9/455 ,  G06F21/45

Abstract: The disclosed technology provides solutions for performing rapid authentication and authorization for distributed containerized microservices. In some aspects, a process of the technology can include steps for: associating a service type with a set of microservices or service pods, detecting deployment of a first microservice on a first host, and receiving an authentication and authorization state from a first virtual network edge (VNE) of the first host. In some aspects, the process can further include steps for distributing the authentication state to a second VNE on a second host, wherein the authentication state is configured to facilitate authentication of one or more subsequent microservices instantiated on the second host by the second VNE. Systems and machine readable media are also provided.

公开(公告)号：US20220107881A1

公开(公告)日：2022-04-07

申请号：US17551680

申请日：2021-12-15

Applicant: Cisco Technology, Inc.

Inventor： Kiran Chunduri ,  Rajasekhar Manam

IPC: G06F11/36 ,  H04L29/08 ,  G06F11/34

Abstract: Disclosed are systems, computer-readable media and methods for monitoring performance data across microservices. One example method includes establishing a service policy configured on a centralized switch controller, applying the service profile to a virtual interface associated with a microservice, mapping a microservice name for the microservice to an IP address and a port number, tracking a protocol flow for the microservice, wherein the protocol flow is associated with a virtual switch, to yield data, aggregating the data to yield aggregated data and presenting the aggregated data on a user interface.