Network policy implementation for a multi-virtual machine appliance within a virtualization environtment

摘要

A networking policy implementation for a multi-virtual machine appliance that includes a method for selecting a network implementation by applying a network policy to existing network configurations within a virtualization environment of a computing device. A control program that executes within the virtualization environment, receives an event notification generated by a virtual machine in response to a lifecycle event. The control program, in response to receiving the notification, invokes a policy engine that applies a network policy to existing network configurations of the virtualization environment. This network policy can correspond to the virtual machine or to a network object connected to virtual interface objects of the virtual machine. The policy engine then identifies an existing network configuration that has attributes which satisfy the network policy, and selects a network implementation that satisfies the network policy and the network configuration.

主权项

1. A method for selecting a network implementation using network policies within a virtualization environment, the method comprising: receiving, by a control program executing within a virtualization environment on a computing device, an event notification generated by a virtual machine responsive to a lifecycle event; invoking, by the control program responsive to receiving the event notification, a policy engine; identifying, by the policy engine, virtual interface objects of the virtual machine that generated the lifecycle event; identifying, by the policy engine, network objects connected to the identified virtual interface objects; identifying one or more network configurations comprising the virtual interface objects and the network objects, wherein identifying the one or more network configurations further comprises parsing metadata of a tool stack of the control program; and selecting, by the policy engine, based on the identified virtual interface objects and the identified network objects, a network policy that satisfies an existing network configuration between the network objects and virtual interface objects.