公开(公告)号：US10270711B2

公开(公告)日：2019-04-23

申请号：US15460411

申请日：2017-03-16

Applicant: Red Hat, Inc.

Inventor： Huamin Chen ,  Jay Vyas

IPC: G06F9/46 ,  H04L12/911 ,  G06F9/48 ,  G06F9/50

Abstract: Efficient cloud service capacity scaling is disclosed. For example, a plurality of services are configured to execute on a plurality of isolated guests, each service being in a real-time latency tolerance or a retriable latency tolerance. A first service in the real-time latency tolerance is added to a scheduling queue while second and third services in the retriable latency tolerance and execute in the plurality of isolated guests. A scheduler determines that a current computing capacity of the plurality of isolated guests is below a minimum capacity threshold. The scheduler determines whether to elevate the second and/or the third service to the real-time latency tolerance. The scheduler determines to, and then elevates the second service to the real-time latency tolerance. The scheduler determines not to elevate the third service, which is then terminated, freeing computing capacity. The first service is then executed in the plurality of isolated guests.

公开(公告)号：US10205675B2

公开(公告)日：2019-02-12

申请号：US15297871

申请日：2016-10-19

Applicant: Red Hat, Inc.

Inventor： Huamin Chen ,  Jay Vyas

IPC: G06F15/173 ,  H04L12/911 ,  G06F9/00 ,  G06F11/00 ,  H04L12/24

Abstract: The present disclosure provides for dynamic resource allocation to a container on a host. For example, in a first directed acyclic graph (“DAG”), a CPU resource usage of a container may be detected. In a second DAG, an I/O resource usage of the container may be detected. In a third DAG, a network traffic resource usage of the container may be detected. Each detected resource may be associated with a distinct control group. Each detected resource usage may be compared to a detected service level objective (“SLO”). Resources that fail to meet the SLO may be adjusted. Each adjusted resource usage may be compared to the SLO, and any resources that continue to fail to meet the SLO may be further adjusted. An orchestrator may be notified when a resource has been adjusted to a threshold limit and the container may be migrated to a second host.

公开(公告)号：US20190028490A1

公开(公告)日：2019-01-24

申请号：US15656712

申请日：2017-07-21

Applicant: Red Hat, Inc.

Inventor： Huamin Chen ,  Jay Vyas

IPC: H04L29/06

Abstract: A container intrusion detection and prevention system includes a memory, a physical processor in communication with the memory, and an image scanner executing on the physical processor. The image scanner scans an image of a container in a container image registry. The container includes an application. The image scanner creates an image tag of the container and a set of generic rules for the container. The image scanner packages the image tag of the container with the set of generic rules to form a tuple and stores the tuple in an application rule registry.

公开(公告)号：US20180359338A1

公开(公告)日：2018-12-13

申请号：US15618511

申请日：2017-06-09

Applicant: Red Hat, Inc.

Inventor： Jay Vyas ,  Huamin Chen

IPC: H04L29/08

CPC classification number: H04L67/325 ,  H04L41/0806 ,  H04L43/08 ,  H04L67/10 ,  H04L67/34

Abstract: A method includes receiving, by a processing device executing a scheduler, a first request to provision a software application, the request comprising a resource requirement associated with executing the software application, requesting, from a node of a data center, a performance degradation index value of the node, the performance degradation index value reflecting performance degradation of at least one of a processor resource, a memory resource, or a network resource, determining, in view of the performance degradation index values, whether the node meets the resource requirement associated with executing the software application, and responsive to determining that the node meets the resource requirement, provisioning the software application to execute on the node.

公开(公告)号：US20180341414A1

公开(公告)日：2018-11-29

申请号：US15604077

申请日：2017-05-24

Applicant: Red Hat, Inc.

Inventor： Jay Vyas ,  Huamin Chen

IPC: G06F3/06

Abstract: Managing data throughput for a shared storage volumes using variable volatility is provided. In one example, a node comprising a processor-based device and managing a shared storage volume within a network receives a volatility request via a volatility gateway. The node updates a volatility setting based on the volatility request. The node receives a read request directed to the shared storage volume, and determines whether strict data consistency for the shared storage volume should be enforced for the read request based on the volatility request. If so, the node acquires a write lock on the shared storage volume. Otherwise, the node performs a dirty read operation on the shared storage volume in response to the read request. In some examples, the volatility request may be received from an administrative endpoint, or may be automatically transmitted by a volume controller agent in response to network traffic exceeding a network traffic threshold.

公开(公告)号：US20180225182A1

公开(公告)日：2018-08-09

申请号：US15428525

申请日：2017-02-09

Applicant: Red Hat, Inc.

Inventor： Huamin Chen ,  Jay Vyas

IPC: G06F11/20 ,  G06F11/16

CPC classification number: G06F11/2038 ,  G06F11/1487 ,  G06F11/1629

Abstract: A method for identifying and isolating faults in versioned microservices includes a request replicator receiving an original request, and determining whether to replicate the original request. The request replicator replicates the original request creating one or more replicated requests, including a first replicated request. In an example, the request replicator dispatches the original request to a stable production system, and dispatches the first replicated request to a first modified production system. The stable production system produces a first reply to the original request. The first modified production system produces a second reply to the first replicated request. A fault detector performs a comparison of the second reply and the first reply and determines, based on the comparison, that the first modified production system has a verification status. Then, the stable production system is replaced with first modified production system.

公开(公告)号：US20180167487A1

公开(公告)日：2018-06-14

申请号：US15377174

申请日：2016-12-13

Applicant: Red Hat, Inc.

Inventor： Jay Vyas ,  Huamin Chen ,  Timothy Charles St. Clair

IPC: H04L29/08 ,  H04L12/911 ,  H04L12/743 ,  H04L29/12 ,  G06F9/48 ,  G06F9/50

CPC classification number: G06F9/5027 ,  G06F9/4881

Abstract: Container deployment scheduling with constant time rejection request filtering is disclosed. For example, each node in a multi-node system includes system resources with available amounts quantitatively represented by values. An amplified label set with multiple labels representing each node is created. Labels are generated for first and second nodes, each label representing a system resource and a searchable value of the system resource of a node, searchable values being less than or equal to the value of the respective system resource. A hash value is generated for each label creating a hash filter. A scheduler filter receives a request to launch an isolated guest then generates a new hash value of system resource requirements of the isolated guest to query the hash filter thereby determining whether to submit the request to a scheduler based on a match between the new hash value and a hash value of the hash filter.

公开(公告)号：US20180124055A1

公开(公告)日：2018-05-03

申请号：US15339334

申请日：2016-10-31

Applicant: Red Hat, Inc.

Inventor： Huamin Chen ,  Jay Vyas

IPC: H04L29/06 ,  G06F21/62

CPC classification number: G06F21/6218 ,  G06F21/6209 ,  H04L63/0407

Abstract: An example system includes a memory, one or more processors in communication with the memory, and a container image generator. The container image generator receives a first set of information. The container image generator receives a second set of information, including secure information that requires validation to be accessed. The container image generator generates a first container layer, including a first URL associated with the first set of information. The container image generator generates a second container layer, including a second URL associated with the second set of information. The container image generator stores the first container layer and the second container layer at a storage location.

公开(公告)号：US20180107729A1

公开(公告)日：2018-04-19

申请号：US15294142

申请日：2016-10-14

Applicant: Red Hat, Inc.

Inventor： Jay Vyas ,  Ronald Nowling ,  Huamin Chen

IPC: G06F17/30 ,  G06N99/00

CPC classification number: G06F16/285 ,  G06N20/00

Abstract: An example system includes a first machine and a second machine, a clustering module, and a training module. The clustering module receives a plurality of data sets, each including attributes. The clustering module partitions the plurality of data sets into a first clustered data set and a second clustered data set. Each data set of the plurality of data sets is partitioned. The training module assigns a first stochastic model to the first clustered data set and a second stochastic model to the second clustered data set. The first machine selects the first clustered data set and the first stochastic model and generates a first synthetic data set having generated data for each one of the attributes. The second machine selects the second clustered data set and the second stochastic model and generates a second synthetic data set having generated data for each one of the attributes.

公开(公告)号：US09760349B1

公开(公告)日：2017-09-12

申请号：US15347355

申请日：2016-11-09

Applicant: Red Hat, Inc.

Inventor： Huamin Chen ,  Jay Vyas

IPC: G06F9/45 ,  G06F9/44

CPC classification number: G06F8/433 ,  G06F8/71

Abstract: Software dependencies can be managed by a system. For example, the system can determine multiple dependencies associated with source code for software. A dependency can be a segment of program code that is separate from the source code and to be incorporated into the source code. The system can determine multiple attributes associated with the multiple dependencies. Each attribute can be associated with a respective dependency and indicate if the respective dependency is at least one of (i) an essential dependency that is necessary to create executable code from the source code, (ii) a nonessential dependency that is unnecessary to create the executable code from the source code, or (iii) an expiring dependency for which there is a newer version of the dependency available that is incompatible with the source code. The system can sort the multiple dependencies based on the multiple attributes.