公开(公告)号：US12106121B1

公开(公告)日：2024-10-01

申请号：US18497716

申请日：2023-10-30

Applicant: Oracle International Corporation

Inventor： Nathaniel Martin Glass ,  Gregory Mark Jablonski

IPC: G06F9/50 ,  G06F9/445

CPC classification number: G06F9/44505

Abstract: Techniques are disclosed for utilizing directed acyclic graphs for deployment instructions. A computer-implemented method can include various operations. Instructions may be executed by a computing device to perform parses of configuration data associated with a deployment. The computing device may cause a first directed acyclic graph (DAG) to be generated, the first DAG being utilized for deploying a first resource based on the parses. A second DAG may be generated for deploying execution targets based on the parses, the second DAG specifying dependencies between execution targets of the deployment. The computing device may generate a linked list data structure based on the parses and may deploy the computing system by traversal of the linked list data structure.

公开(公告)号：US20240020175A1

公开(公告)日：2024-01-18

申请号：US18373743

申请日：2023-09-27

Applicant: Oracle International Corporation

Inventor： Eric Tyler Barsalou ,  Nathaniel Martin Glass

IPC: G06F9/50 ,  G06F8/71 ,  H04L41/5054 ,  H04L41/0816 ,  G06F8/60 ,  H04L41/5041 ,  H04L41/50 ,  G06F9/38 ,  G06F9/4401 ,  H04L41/0806 ,  G06F9/48 ,  G06F11/07 ,  G06F11/32 ,  G06F16/901 ,  G06F9/445 ,  G06F9/451 ,  G06F3/0484 ,  H04L67/00 ,  G06F11/14 ,  G06F11/36 ,  H04L67/10 ,  H04L67/1008 ,  H04L67/1031 ,  H04L67/566

CPC classification number: G06F9/5061 ,  G06F8/71 ,  H04L41/5054 ,  H04L41/0816 ,  G06F8/60 ,  H04L41/5048 ,  H04L41/5096 ,  G06F9/3836 ,  G06F9/4411 ,  G06F9/5027 ,  G06F9/5072 ,  G06F9/5022 ,  G06F9/5077 ,  H04L41/0806 ,  G06F9/4856 ,  G06F9/5038 ,  G06F9/505 ,  G06F11/0757 ,  G06F11/327 ,  G06F16/9024 ,  G06F9/5011 ,  G06F9/44505 ,  G06F9/485 ,  G06F9/451 ,  G06F3/0484 ,  H04L67/34 ,  G06F11/1469 ,  G06F11/3664 ,  G06F11/3684 ,  H04L67/10 ,  H04L67/1008 ,  H04L67/1031 ,  H04L41/5041 ,  H04L67/566 ,  G06F8/61

Abstract: Techniques for implementing an infrastructure orchestration service are described. A configuration file for a deployment to a first execution target and a second execution target can be received. A first safety plan can be generated for the first execution target that comprises a first list of resources and operations associated with deployment at the first execution target. Approval of the first safety plan can be received. A second safety plan can be generated for the second execution target that comprises a second list of resources and operations associated with deployment at the second execution target. A determination can be made whether the second safety plan is a subset of the first safety plan. If the determination is that the second safety plan is a subset of the first safety plan, the second safety plan can automatically be approved and transmitted to the second execution target for deployment.

公开(公告)号：US11740943B2

公开(公告)日：2023-08-29

申请号：US17939813

申请日：2022-09-07

Applicant: Oracle International Corporation

Inventor： Phillip Vassenkov ,  Nathaniel Martin Glass ,  Eric Tyler Barsalou ,  Caleb Dockter

IPC: G06F9/50 ,  G06F8/71 ,  H04L41/5054 ,  H04L41/0816 ,  G06F8/60 ,  H04L41/5041 ,  H04L41/50 ,  G06F9/38 ,  G06F9/4401 ,  H04L41/0806 ,  G06F9/48 ,  G06F11/07 ,  G06F11/32 ,  G06F16/901 ,  G06F9/445 ,  G06F9/451 ,  G06F3/0484 ,  H04L67/00 ,  G06F11/14 ,  G06F11/36 ,  H04L67/10 ,  H04L67/1008 ,  H04L67/1031 ,  H04L67/566 ,  G06F8/61

CPC classification number: G06F9/5061 ,  G06F3/0484 ,  G06F8/60 ,  G06F8/71 ,  G06F9/3836 ,  G06F9/4411 ,  G06F9/44505 ,  G06F9/451 ,  G06F9/485 ,  G06F9/4856 ,  G06F9/505 ,  G06F9/5011 ,  G06F9/5022 ,  G06F9/5027 ,  G06F9/5038 ,  G06F9/5072 ,  G06F9/5077 ,  G06F11/0757 ,  G06F11/1469 ,  G06F11/327 ,  G06F11/3664 ,  G06F11/3684 ,  G06F16/9024 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/5041 ,  H04L41/5048 ,  H04L41/5054 ,  H04L41/5096 ,  H04L67/10 ,  H04L67/1008 ,  H04L67/1031 ,  H04L67/34 ,  H04L67/566 ,  G06F8/61

Abstract: Techniques for implementing an infrastructure orchestration service are described. In some examples, a declarative provisioner of the infrastructure orchestration service receives instructions for deployment of a resource. The declarative provisioner identifies that the deployment of the resource is a long-running task stores state information corresponding to the deployment of the resource. In certain embodiments, upon identifying that the deployment of the resource is a long-running task, the declarative provisioner pauses its execution of the long-running task. Responsive to a trigger received from the infrastructure orchestration service, the declarative provisioner resumes execution of the deployment of the resource using the state information and transmits deployment information corresponding to the deployment of the resource to the infrastructure orchestration service.

公开(公告)号：US11693712B2

公开(公告)日：2023-07-04

申请号：US17710823

申请日：2022-03-31

Applicant: Oracle International Corporation

Inventor： Nathaniel Martin Glass

IPC: H04L67/566 ,  G06F9/50 ,  G06F8/71 ,  H04L41/5054 ,  H04L41/0816 ,  G06F8/60 ,  H04L41/5041 ,  H04L41/50 ,  G06F9/38 ,  G06F9/4401 ,  H04L41/0806 ,  G06F9/48 ,  G06F11/07 ,  G06F11/32 ,  G06F16/901 ,  G06F9/445 ,  G06F9/451 ,  G06F3/0484 ,  H04L67/00 ,  G06F11/14 ,  G06F11/36 ,  H04L67/10 ,  H04L67/1008 ,  H04L67/1031 ,  G06F8/61

CPC classification number: G06F9/5061 ,  G06F3/0484 ,  G06F8/60 ,  G06F8/71 ,  G06F9/3836 ,  G06F9/4411 ,  G06F9/44505 ,  G06F9/451 ,  G06F9/485 ,  G06F9/4856 ,  G06F9/505 ,  G06F9/5011 ,  G06F9/5022 ,  G06F9/5027 ,  G06F9/5038 ,  G06F9/5072 ,  G06F9/5077 ,  G06F11/0757 ,  G06F11/1469 ,  G06F11/327 ,  G06F11/3664 ,  G06F11/3684 ,  G06F16/9024 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/5041 ,  H04L41/5048 ,  H04L41/5054 ,  H04L41/5096 ,  H04L67/10 ,  H04L67/1008 ,  H04L67/1031 ,  H04L67/34 ,  H04L67/566 ,  G06F8/61

Abstract: Techniques for preventing concurrent execution of an infrastructure orchestration service are described. Worker nodes can receive instructions, or tasks, for deploying infrastructure resources and can provide heartbeat notifications to scheduler nodes, also considered a lease. A signing proxy can track the heartbeat notifications sent from the worker nodes to the scheduler node. The signing proxy can receive requests corresponding to a performance of the tasks assigned to the worker nodes. The signing proxy can determine whether the lease between each worker node and the scheduler is valid. If the lease is valid, the signing proxy may make a call to services on behalf of the worker node, and if the lease is not valid, the signing proxy may not make a call to services on behalf of the worker node. Instead, the signing proxy may cut off all outgoing network traffic, blocking access of the worker node to services.

公开(公告)号：US20220060517A1

公开(公告)日：2022-02-24

申请号：US17393347

申请日：2021-08-03

Applicant: Oracle International Corporation

Inventor： Igor Dozorets ,  Thoulfekar Alrahem ,  Jun Tong ,  Leonid Kuperman ,  Nachiketh Rao Potlapally ,  Bala Ganesh Chandran ,  Brian Pratt ,  Nathaniel Martin Glass ,  Girish Nagaraja ,  Jonathan Jorge Nadal

IPC: H04L29/06

Abstract: A cloud-based security solution that provides a robust and secure framework for managing and enforcing security policies related to various resources managed in the cloud is disclosed. The cloud-based security solution is implemented by a security zone policy enforcement system in a cloud service provider infrastructure. The system receives a request to perform an operation on a resource and determines a compartment associated with the resource. The system determines that the compartment is associated with a security zone and determines a set of one or more security zone policies applicable to the resource. The system then determines that the operation on the resource is permitted based on the set of one or more security zone policies and responsive to determining that the operation on the resource is permitted, allows the operation to be performed on the resource.

公开(公告)号：US20210224134A1

公开(公告)日：2021-07-22

申请号：US17016754

申请日：2020-09-10

Applicant: Oracle International Corporation

Inventor： Nathaniel Martin Glass

IPC: G06F9/50 ,  H04L12/24

Abstract: Techniques for implementing an infrastructure orchestration service are described. A scheduler can receive a configuration file, which can include a first release identifier, for a first deployment of resources at an execution target. The resources can be deployed at the execution target according to the file. A current state of the resources can be stored. The scheduler can receive a second version of the file, which can include a second release identifier, for a new deployment at the execution target. At least one worker node can execute a plugin to compare the first identifier to the second identifier. If the first identifier is different than the second identifier, the plugin can compare a current state of the resources with a desired state according to the second identifier. If the desired state is different than the current state, the resources are deployed at the execution target according to the second identifier.

公开(公告)号：US20210224076A1

公开(公告)日：2021-07-22

申请号：US17150778

申请日：2021-01-15

Applicant: Oracle International Corporation

Inventor： Caleb Dockter ,  Nathaniel Martin Glass ,  Eric Tyler Barsalou

IPC: G06F9/4401 ,  G06F16/901 ,  G06F9/48

Abstract: Techniques are disclosed for managing dependencies in an orchestration service. A computer-implemented method can include operations performed by a declarative infrastructure provisioner (DIP). In some embodiments, the DIP parses configuration data associated with a computing system and generates a directed acyclic graph (DAG) for booting a first resource. The DAG may specify a dependency of the first resource on a capability of a second resource. The DIP may traverse the DAG and determine, based at least in part on the traversal, that the dependency has been reached. The DIP may publish, to a scheduling process, an indication that the first resource is awaiting availability of the capability of the second resource. In some embodiments, the DIP receives a subsequent indication that the capability is available, regenerates the DAG, and recommences traversal of the DAG. Additional operations for booting the first resource may be performed in accordance with the recommenced traversal.

公开(公告)号：US12153934B2

公开(公告)日：2024-11-26

申请号：US18334681

申请日：2023-06-14

Applicant: Oracle International Corporation

Inventor： Caleb Dockter ,  Nathaniel Martin Glass ,  Eric Tyler Barsalou

IPC: G06F16/00 ,  G06F8/61 ,  G06F9/4401 ,  G06F9/48 ,  G06F9/50

Abstract: Techniques are disclosed for managing dependencies in an orchestration service. A computer-implemented method can include operations performed by a declarative infrastructure provisioner (DIP). In some embodiments, the DIP parses configuration data associated with a computing system and generates a directed acyclic graph (DAG) for booting a first resource. The DAG may specify a dependency of the first resource on a capability of a second resource. The DIP may traverse the DAG and determine, based at least in part on the traversal, that the dependency has been reached. The DIP may publish, to a scheduling process, an indication that the first resource is awaiting availability of the capability of the second resource. In some embodiments, the DIP receives a subsequent indication that the capability is available, regenerates the DAG, and recommences traversal of the DAG. Additional operations for booting the first resource may be performed in accordance with the recommenced traversal.

公开(公告)号：US12131194B2

公开(公告)日：2024-10-29

申请号：US18340335

申请日：2023-06-23

Applicant: Oracle International Corporation

Inventor： Eric Tyler Barsalou ,  Nathaniel Martin Glass

IPC: G06F9/50 ,  G06F3/0484 ,  G06F8/60 ,  G06F8/71 ,  G06F9/38 ,  G06F9/4401 ,  G06F9/445 ,  G06F9/451 ,  G06F9/48 ,  G06F11/07 ,  G06F11/14 ,  G06F11/32 ,  G06F11/36 ,  G06F16/901 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/50 ,  H04L41/5041 ,  H04L41/5054 ,  H04L67/00 ,  H04L67/10 ,  H04L67/1008 ,  H04L67/1031 ,  H04L67/566 ,  G06F8/61

CPC classification number: G06F9/5061 ,  G06F3/0484 ,  G06F8/60 ,  G06F8/71 ,  G06F9/3836 ,  G06F9/4411 ,  G06F9/44505 ,  G06F9/451 ,  G06F9/485 ,  G06F9/4856 ,  G06F9/5011 ,  G06F9/5022 ,  G06F9/5027 ,  G06F9/5038 ,  G06F9/505 ,  G06F9/5072 ,  G06F9/5077 ,  G06F11/0757 ,  G06F11/1469 ,  G06F11/327 ,  G06F11/3664 ,  G06F11/3684 ,  G06F16/9024 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/5041 ,  H04L41/5048 ,  H04L41/5054 ,  H04L41/5096 ,  H04L67/10 ,  H04L67/1008 ,  H04L67/1031 ,  H04L67/34 ,  H04L67/566 ,  G06F8/61 ,  G06F11/0709 ,  G06F11/0751 ,  G06F11/0793

Abstract: Techniques for implementing an infrastructure orchestration service are described. A safety plan comprising a list of resources and operations based at least in part on a deployment configuration file can be received. Upon receiving approval of the safety plan, an operation corresponding to at least one of the list of resources can be prepared to be performed. The operation can be compared to the safety plan. If the operation is part of the safety plan, the operation can be performed. If the operation is not part of the safety plan, the deployment can be halted, and a notification that the deployment is not in compliance with the safety plan can be transmitted.

公开(公告)号：US20240187478A1

公开(公告)日：2024-06-06

申请号：US18444202

申请日：2024-02-16

Applicant: Oracle International Corporation

Inventor： Mohamed Saber Abdelfattah Hassan ,  Jonathan Jorge Nadal ,  Nathaniel Martin Glass ,  Yu Wu ,  Daniel Music Vogel ,  Geoff Hopcraft

IPC: H04L67/10 ,  G06F9/46 ,  G06F9/50 ,  G06F16/951 ,  H04L47/10 ,  H04L47/70

CPC classification number: H04L67/10 ,  G06F9/466 ,  G06F9/50 ,  G06F16/951 ,  H04L47/10 ,  H04L47/70

Abstract: Techniques for managing network-accessible infrastructure metadata are provided. A method includes receiving a resource request comprising resource metadata corresponding to a network-accessible infrastructure resource, determining whether to commit the resource request based at least in part on a constraint associated with the network-accessible infrastructure resource, and, in accordance with a determination to commit the resource request: generating, by the computer system, a resource identifier describing resource metadata in accordance with the resource request, storing, by the computer system, the resource metadata in a data store in communication with the computer system, receiving, by the computer system, a data request to provide the resource metadata described by the resource identifier, and providing, by the computer system, the resource metadata described by the resource identifier in accordance with the data request.