| 发明名称 |
COMPLIANCE-BASED ADAPTATIONS IN MANAGED VIRTUAL SYSTEMS |
| 摘要 |
Techniques are disclosed for controlling and managing virtual machines and other such virtual systems. VM execution approval is based on compliance with policies controlling various aspects of VM. The techniques can be employed to benefit all virtual environments, such as virtual machines, virtual appliances, and virtual applications. For ease of discussion herein, assume that a virtual machine (VM) represents each of these environments. In one particular embodiment, a systems management partition (SMP) is created inside the VM to provide a persistent and resilient storage for management information (e.g., logical and physical VM metadata). The SMP can also be used as a staging area for installing additional content or agentry on the VM when the VM is executed. Remote storage of management information can also be used. The VM management information can then be made available for pre-execution processing, including policy-based compliance testing. |
| 申请公布号 |
US2014380412(A1) |
申请公布日期 |
2014.12.25 |
| 申请号 |
US201414479464 |
申请日期 |
2014.09.08 |
| 申请人 |
ManageIQ, Inc. |
发明人 |
Fitzgerald Joseph;Barenboim Oleg |
| 分类号 |
G06F9/455;H04L29/06 |
主分类号 |
G06F9/455 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method for enforcing a policy associated with a virtual machine, the method comprising:
receiving a virtual machine event request; receiving first data from within the virtual machine in response to receiving the virtual machine event request, wherein the first data was extracted from within the virtual machine prior to receiving the virtual machine event request, and the first data was stored prior to receiving the virtual machine event request for later processing after receiving the virtual machine event request; receiving second different data from an environment outside the virtual machine in response to receiving the virtual machine event request; determining whether an internal non-compliance by the virtual machine of a first policy-based compliance scheme exists based on the first data that was stored prior to receiving the virtual machine event request; determining whether an external non-compliance by the virtual machine as provided in the environment of a second different policy-based compliance scheme exists based on the second different data; and in response to determining that at least one of the internal non-compliance and the external non-compliance exists, denying the virtual machine event request unless at least one of (i) the virtual machine and (ii) the environment is adapted. |
| 地址 |
Raleigh NC US |
