Distributed virtual switch architecture for a hybrid cloud

摘要

In one embodiment, a secure transport layer tunnel may be established over a public network between a first cloud gateway in a private cloud and a second cloud gateway in a public cloud, where the secure transport layer tunnel is configured to provide a link layer network extension between the private cloud and the public cloud. In addition, a cloud virtual Ethernet module (cVEM) may be executed (instantiated) within the public cloud, where the cVEM is configured to switch inter-virtual-machine (VM) traffic between the private cloud and one or more private application VMs in the public cloud connected to the cVEM.

主权项

1. A method, comprising:
establishing a secure transport layer tunnel over a public network between a first cloud gateway in a private cloud and a second cloud gateway in a public cloud, the secure transport layer tunnel configured to provide a link layer network extension between the private cloud and the public cloud that creates a secure link layer network overlay infrastructure at a cloud data center on demand, wherein the secure link layer network overlay infrastructure allows for same customer network polices to be applied to the cloud resources without requiring application re-architecting; executing a cloud virtual Ethernet module (cVEM) within the public cloud, the cVEM configured to switch inter-virtual-machine (VM) traffic between the private cloud and one or more private application VMs in the public cloud connected to the cVEM; managing the one or more private application VMs in the public cloud by a virtual supervisor module (VSM) in the private cloud as though the cVEM and VMs in the public cloud were within the private cloud; and migrating an instance of a particular private application VM between a virtual Ethernet module (VEM) of the private cloud and the cVEM of the public cloud on demand.