Patents by Inventor Abhishek Raut
Abhishek Raut has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11671400Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML, files.Type: GrantFiled: June 10, 2020Date of Patent: June 6, 2023Assignee: VMWARE, INC.Inventors: Zhengsheng Zhou, Abhishek Raut, Jianjun Shen, Donghai Han
-
Publication number: 20230171291Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing access to network security policies. One of the methods includes determining, for a policy access request i) received from a device and ii) that requests access to a network security policy that defines a rule for controlling network traffic, whether there is an entitlement for the network security policy, wherein the entitlement indicates one or more types of operations that a subset of user accounts can perform on the network security policy; in response to determining that there is an entitlement, determining, using a mapping for the entitlement that identifies the subset of user accounts that have access to the network security policy, whether a user account for the device is included in the subset of user accounts; and selectively allowing or denying the policy access request using the entitlement and a result of the determination.Type: ApplicationFiled: January 6, 2022Publication date: June 1, 2023Inventors: Abhishek Raut, Yang Ding, Kai Su, Donghai Han, Zhengsheng Zhou, Wenfeng Liu
-
Patent number: 11570146Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.Type: GrantFiled: June 10, 2020Date of Patent: January 31, 2023Assignee: VMWARE, INC.Inventors: Danting Liu, Jianjun Shen, Abhishek Raut, Wenfeng Liu, Donghai Han
-
Patent number: 11190424Abstract: Example methods and systems for container-based connectivity check in a software-defined networking (SDN) environment are disclosed. One example method may comprise detecting, a request for a connectivity check between a first container-based resource and a second container-based resource; identifying a first logical network element and a second logical network element; and injecting a connectivity check packet at the first logical network element for forwarding towards the second logical network element. The example method also may comprise: obtaining report information associated with one or more intermediate logical network elements located along a path that is traversed by the connectivity check packet; and determining a connectivity status associated with the first container-based resource and the second container-based resource based on the report information.Type: GrantFiled: January 15, 2020Date of Patent: November 30, 2021Assignee: VMWARE, INC.Inventors: Abhishek Raut, Kai Su, Jianjun Shen, Salvatore Orlando, Tong Liu, Shih-Hao Li
-
Publication number: 20210314388Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.Type: ApplicationFiled: June 10, 2020Publication date: October 7, 2021Inventors: Zhengsheng Zhou, Jianjun Shen, Abhishek Raut, Yang Liu
-
Publication number: 20210314240Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML files.Type: ApplicationFiled: June 10, 2020Publication date: October 7, 2021Inventors: Danting Liu, Jianjun Shen, Abhishek Raut, Wenfeng Liu, Donghai Han
-
Publication number: 20210314361Abstract: Some embodiments of the invention provide a method for deploying network elements for a set of machines in a set of one or more datacenters. The datacenter set is part of one availability zone in some embodiments. The method receives intent-based API (Application Programming Interface) requests, and parses these API requests to identify a set of network elements to connect and/or perform services for the set of machines. In some embodiments, the API is a hierarchical document that can specify multiple different compute and/or network elements at different levels of compute and/or network element hierarchy. The method performs automated processes to define a virtual private cloud (VPC) to connect the set of machines to a logical network that segregates the set of machines from other machines in the datacenter set. In some embodiments, the set of machines include virtual machines and containers, the VPC is defined with a supervisor cluster namespace, and the API requests are provided as YAML, files.Type: ApplicationFiled: June 10, 2020Publication date: October 7, 2021Inventors: Zhengsheng Zhou, Abhishek Raut, Jianjun Shen, Donghai Han
-
Publication number: 20210218652Abstract: Example methods and systems for container-based connectivity check in a software-defined networking (SDN) environment are disclosed. One example method may comprise detecting, a request for a connectivity check between a first container-based resource and a second container-based resource; identifying a first logical network element and a second logical network element; and injecting a connectivity check packet at the first logical network element for forwarding towards the second logical network element. The example method also may comprise: obtaining report information associated with one or more intermediate logical network elements located along a path that is traversed by the connectivity check packet; and determining a connectivity status associated with the first container-based resource and the second container-based resource based on the report information.Type: ApplicationFiled: January 15, 2020Publication date: July 15, 2021Applicant: VMware, Inc.Inventors: Abhishek RAUT, Kai SU, Jianjun SHEN, Salvatore ORLANDO, Tong LIU, Shih-Hao LI
-
Patent number: 10944691Abstract: Example methods and systems for container-based network policy configuration in a software-defined networking (SDN) environment are disclosed. One example method may comprise: in response to detecting a first request to assign a container-based resource with a first label via a container orchestration system, assigning a logical network element associated with the container-based resource with a second label. The example method may also comprise: in response to detecting a second request to configure a container-based network policy associated with the container-based resource via the container orchestration system, identifying the logical network element by mapping the first label to the second label; and configuring the container-based network policy to be applicable to network traffic that is forwarded via the logical network element.Type: GrantFiled: January 15, 2020Date of Patent: March 9, 2021Assignee: VMWARE, INC.Inventors: Abhishek Raut, Kai Su, Jianjun Shen, Salvatore Orlando, Tong Liu, Shih-Hao Li