Patents by Inventor Zhengsheng Zhou
Zhengsheng Zhou has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11936546Abstract: The disclosure provides an example method for live packet tracing. Some embodiments of the method include configuring a first network interface of a first pod to mark each of a plurality of packets, with a corresponding flow tag and a corresponding packet identifier, receiving, from one or more observation points, at least one of copies or metadata of the plurality of packets each marked with the corresponding flow tag and the corresponding packet identifier. In some embodiments, the method further includes displaying data indicative of the at least one of the copies or the metadata of the plurality of packets.Type: GrantFiled: March 22, 2023Date of Patent: March 19, 2024Assignee: VMware, Inc.Inventors: Hang Yan, Zhengsheng Zhou, Wenfeng Liu, Donghai Han
-
Publication number: 20240028431Abstract: A computer-implemented method for electing a leader in a computing system is provided. In one aspect, a method includes identifying a computing resource for multiple container groups that each include one or more containers. A determination is made, from applications running in containers of the container groups, of multiple election candidate applications. Each election candidate application has an instance deployed in a corresponding container in each container group. For each container group, an election runner process is established within the container group. For each instance of each of the election candidate applications, a corresponding election watcher process is established. A communication link is established between the election runner process and each election watcher process. A request for leader election is transmitted from the election runner process to the computing resource. A response received from the computing resource.Type: ApplicationFiled: October 5, 2022Publication date: January 25, 2024Inventors: Xiaopei LIU, Zhengsheng ZHOU, Wenfeng LIU, Donghai HAN
-
Publication number: 20240031267Abstract: Some embodiments of the invention provide a method for performing data traffic monitoring for a system that includes a set of heterogeneous networks that includes at least an overlay first network layer that is built on top of an underlay second network layer. The method is performed at a federation controller for the system. The method directs (1) a first set of components in the overlay first network layer to perform a first trace operation to trace a packet exchanged between two machines and passing through network components defined in the overlay first network layer and underlay second network layer and (2) a second set of components in the underlay second network layer to perform a second trace operation to trace the packet. The method receives, from the first and second sets of components, first and second sets of trace data collected during the first and second trace operations. The collected trace data includes correlation data for correlating the first and second sets of data.Type: ApplicationFiled: August 29, 2022Publication date: January 25, 2024Inventors: Ran Gu, Wenfeng Liu, Donghai Han, Jianjun Shen, Zhengsheng Zhou
-
Publication number: 20240031268Abstract: Some embodiments of the invention provide a method for performing data traffic monitoring for a system that includes a set of heterogeneous networks that includes at least an overlay first network layer that is built on top of an underlay second network layer. The method is performed at a federation controller for the system. The method directs (1) a first set of components in the overlay first network layer to perform a first trace operation to trace a packet exchanged between two machines and passing through network components defined in the overlay first network layer and underlay second network layer and (2) a second set of components in the underlay second network layer to perform a second trace operation to trace the packet. The method receives, from the first and second sets of components, first and second sets of trace data collected during the first and second trace operations. The collected trace data includes correlation data for correlating the first and second sets of data.Type: ApplicationFiled: August 29, 2022Publication date: January 25, 2024Inventors: Ran Gu, Wenfeng Liu, Donghai Han, Jianjun Shen, Zhengsheng Zhou
-
Patent number: 11831511Abstract: Some embodiments provide a novel method for enforcing service policies at different container clusters configured by several SDN controller clusters. A first SDN controller cluster defines a particular service policy to be enforced for machines in first, second, and third container clusters. First, second, and third sets of network elements for the first, second, and third container clusters are managed by the first, a second, and a third SDN controller cluster respectively. For data message flows exchanged between machines in the first and second container clusters, the first SDN controller cluster distributes the particular service policy to service nodes only in the first container cluster. For data message flows exchanged between machines in the second and third container clusters, the first SDN controller cluster distributes the particular service policy to service nodes in at least one of the second and third container clusters.Type: GrantFiled: January 17, 2023Date of Patent: November 28, 2023Assignee: VMWARE, INC.Inventors: Zhengsheng Zhou, Wenfeng Liu, Donghai Han
-
Patent number: 11792159Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.Type: GrantFiled: June 10, 2020Date of Patent: October 17, 2023Assignee: VMWARE, INC.Inventors: Zhengsheng Zhou, Qian Sun, Danting Liu, Donghai Han
-
Patent number: 11671400Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML, files.Type: GrantFiled: June 10, 2020Date of Patent: June 6, 2023Assignee: VMWARE, INC.Inventors: Zhengsheng Zhou, Abhishek Raut, Jianjun Shen, Donghai Han
-
Publication number: 20230171291Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing access to network security policies. One of the methods includes determining, for a policy access request i) received from a device and ii) that requests access to a network security policy that defines a rule for controlling network traffic, whether there is an entitlement for the network security policy, wherein the entitlement indicates one or more types of operations that a subset of user accounts can perform on the network security policy; in response to determining that there is an entitlement, determining, using a mapping for the entitlement that identifies the subset of user accounts that have access to the network security policy, whether a user account for the device is included in the subset of user accounts; and selectively allowing or denying the policy access request using the entitlement and a result of the determination.Type: ApplicationFiled: January 6, 2022Publication date: June 1, 2023Inventors: Abhishek Raut, Yang Ding, Kai Su, Donghai Han, Zhengsheng Zhou, Wenfeng Liu
-
Publication number: 20220182439Abstract: Some embodiments of the invention provide a method for identifying network resources related to an intent-based Application Programming Interface (API) request for a service to be implemented for a network. The method, in some embodiments, is performed by an API server (e.g., executing on a master node) in a Kubernetes network. The API server receives sets of criteria for identifying network resources related to the requested service and sets of instructions for retrieving information associated with network resources identified by the sets of criteria. The sets of criteria and sets of instructions are based on an API request for a resource selector object. The resource selector object, in some embodiments, is a custom resource that is used to define the sets of criteria and the sets of instructions and is based on a custom resource definition (CRD) provided by a user.Type: ApplicationFiled: December 4, 2020Publication date: June 9, 2022Inventors: Zhengsheng Zhou, Xiaopei Liu, Wenfeng Liu, Donghai Han
-
Publication number: 20210349765Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.Type: ApplicationFiled: June 10, 2020Publication date: November 11, 2021Inventors: Zhengsheng Zhou, Qian Sun, Danting Liu, Donghai Han
-
Publication number: 20210314388Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.Type: ApplicationFiled: June 10, 2020Publication date: October 7, 2021Inventors: Zhengsheng Zhou, Jianjun Shen, Abhishek Raut, Yang Liu
-
Publication number: 20210311803Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.Type: ApplicationFiled: June 10, 2020Publication date: October 7, 2021Inventors: Zhengsheng Zhou, Kai Su, Jackie Lan, Danting Liu, Qian Sun, Donghai Han
-
Publication number: 20210314361Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML, files.Type: ApplicationFiled: June 10, 2020Publication date: October 7, 2021Inventors: Zhengsheng Zhou, Abhishek Raut, Jianjun Shen, Donghai Han
-
Patent number: 8998359Abstract: Disclosed are a multicolor overprint control method and device applicable to an intermittent printing apparatus. According to the operating characteristic of the intermittent printing apparatus, the method solves the problems of overlap and inaccurate overprint of various colors during intermittent printing by controlling the relationship between the distance between adjacent color group modules of different colors and the motion distance between uniform segments of the intermittent printing apparatus. In addition, the method also sets different inkjet printing modes in accordance with whether the detected inkjet printing of the same color group module is in a first period, thereby solving the problems of printing media waste and discontinuous printing data. The method achieves multicolor digital inkjet printing by combining the unique motion mode of the printing media thereof, and makes printing contents flexible and changeable on the basis of guaranteeing printing efficiency.Type: GrantFiled: December 28, 2012Date of Patent: April 7, 2015Assignees: Peking University Founder Group Co., Ltd., Peking University, Beijing Founder Electronics Co., Ltd.Inventors: Zhengsheng Zhou, Hong Shen, Feng Chen, Zhihong Liu
-
Publication number: 20140313249Abstract: Disclosed are a multicolour overprint control method and device applicable to an intermittent printing apparatus. According to the operating characteristic of the intermittent printing apparatus, the method solves the problems of overlap and inaccurate overprint of various colours during intermittent printing by controlling the relationship between the distance between adjacent colour group modules of different colours and the motion distance between uniform segments of the intermittent printing apparatus. In addition, the method also sets different inkjet printing modes in accordance with whether the detected inkjet printing of the same colour group module is in a first period, thereby solving the problems of printing media waste and discontinuous printing data. The method achieves multicolour digital inkjet printing by combining the unique motion mode of the printing media thereof, and makes printing contents flexible and changeable on the basis of guaranteeing printing efficiency.Type: ApplicationFiled: December 28, 2012Publication date: October 23, 2014Inventors: Zhengsheng Zhou, Hong Shen, Feng Chen, Zhihong Liu