主权项 |
1. A method of replicating firewall rules for a tenant having a plurality of data compute nodes (DCNs) across a plurality of data centers, each data center comprising a set of hosts and a network manager, each host configured to host one or more DCNs, the method comprising:
receiving a first set of firewall rules referencing first and second sets of objects, each of the first set of objects comprising an identifier identifiable by a first network manager in a first data center, each of the second set of objects comprising an identifier not identifiable by the first network manager; translating the first set of objects by searching a first inventory of objects, the first inventory of objects mapping the identifiers of the first set of objects into a first set of identifiers that are identifiable by the network managers of the plurality of data centers; translating the second set of objects by searching a second inventory of objects, the second inventory of objects mapping the identifiers of the second set of objects into a second set of identifiers identifiable by the network managers of the plurality of data centers; translating the first set of firewall rules into a second set of firewall rules using the first and second sets of identifiers; and replicating the second set of firewall rules to the network managers across the plurality of data centers. |