Embodiments of the disclosure relate to systems and methods that facilitate interaction with backup file structures, and more specifically, but not by way of limitation, to the management of cloud-based virtual machines and virtual offices.
Remote backup systems often comprise snapshots and incremental files that are generated for a target source such as a filesystem, database or other digital storage media. These files may be backed up to a cloud-based storage environment and may be accessed upon the occurrence of a failure event. Unfortunately, system administrators may be unable to determine the content included in the snapshots or incremental files, the difference between snapshots, or other pertinent information, and may therefore be unable to readily determine an appropriate backup to access for recovering a particular machine state or application. Restoration of file system backups are an expensive and time-consuming process, and indiscriminate restoration only increases such deleterious effects.
According to some embodiments, the present technology may be directed to methods comprising: (a) selecting one or more virtual machines for which configurations will be included in a runbook, the runbook being used to establish a virtual office; (b) selecting, for each of the one or more virtual machines, computing device configurations; (c) specifying a dependency between at least two of the one or more virtual machines, the dependency comprising a hierarchical relationship between the at least one of the one or more virtual machines and another of the one or more virtual machines; (d) generating the runbook that comprises the computing device configurations and the dependency; and (e) storing the runbook in a replication system.
According to some embodiments, the present technology may be directed to methods comprising: (a) executing a runbook to establish a virtual private cloud, the runbook comprising an identification of computing devices to be replicated as virtual machines of the virtual private cloud, one or more subnets, where each of the virtual machines is assigned to the one or more subnets, and computing device configurations for each of the virtual machines; (b) obtaining restore points the virtual machines, the restore points being associated with the computing devices; (c) preparing the virtual private cloud by establishing the virtual machines using the restore points and the computing device configurations in the runbook; and (d) providing access to the virtual private cloud to a user.
The accompanying drawings, where like reference numerals refer to identical or functionally similar elements throughout the separate views, together with the detailed description below, are incorporated in and form part of the specification, and serve to further illustrate embodiments of concepts that include the claimed disclosure, and explain various principles and advantages of those embodiments.
The methods and systems disclosed herein have been represented where appropriate by conventional symbols in the drawings, showing only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the disclosure with details that will be readily apparent to those of ordinary skill in the art having the benefit of the description herein.
In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the disclosure. It will be apparent, however, to one skilled in the art, that the disclosure may be practiced without these specific details. In other instances, structures and devices are shown at block diagram form only in order to avoid obscuring the disclosure.
Generally described, the present technology offers end users protection in the case of a site disaster by providing a virtual office in the “cloud,” that supports servers running as failover virtual machines (VMs) in an exemplary data center. As will be described in greater detail herein, the present technology also allows end users to configure and/or manage these virtual offices by way of user interfaces that are simple to utilize, yet powerful.
The present technology may allow end users, such as system administrators, to establish and/or manage a virtual office, also known as a cloud-based virtual office or network. A cloud-based virtual office may comprise two or more virtual machines that are arranged into a networked computing system architecture. Thus, in the event of a failure of a physical (e.g., bare metal, hardware-based) computing network, the present technology may allow for failover to a cloud-based virtual office that provides the functionalities of the physical computing network.
Prior to the creation of a cloud-based virtual office, the present technology may generate file system backups for a plurality of computing systems of a network such as servers. More specifically, the present technology may process incremental files such as reverse incremental delta increments, along with other reverse differential backup functionalities such as methods for restoring a file or disk as described in U.S. patent application Ser. No. 12/895,275, filed on Sep. 30, 2010, entitled “Systems and Methods for Restoring a File”—which is hereby incorporated by reference herein in its entirety.
Additionally, prior to creating a cloud-based virtual office, the present technology may allow end users to browse the backed-up files as described in U.S. patent application Ser. No. 13/437,738, filed on Apr. 2, 2012, entitled “Systems, Methods, and Media for Synthesizing Views of File System Backups”, now U.S. Pat. No. 8,589,350, issued on Nov. 19, 2013—which is hereby incorporated by reference herein in its entirety.
To increase protection and integrity of the file system backups stored in the backup node, the system 100 may also include an intermediary node 115 disposed between the backup node 105 and the client node 110. The intermediary node 115 may be communicatively couplable with the backup node 105 via a network connection 120. The network connection 120 may include any one of a number of public or private communications mediums, although in one embodiment, the network connection 120 may employ a secure protocol that encrypts data transmitted between the backup node 105 and the intermediary node 115.
Additionally, the client node 110 may interact with the intermediary node 115 via any one of a number of authentication methods, for example, a private/public key pair, or any other means of authentication that would be known to one of ordinary skill in the art with the present disclosure before them, such as a username and password.
In some embodiments, the backup node 105 may expose views of a backed up file system to the intermediary node 115, rather than exposing the views directly to the client node 110. The exposing of the view to the intermediary node 115 may preserve the integrity of the file system backup by preventing direct access to the file system backups. In short, the intermediary node 115 limits access to the data stored on the backup node 105.
In some embodiments, the backup node 105 may comprise a cloud-based computing environment, which is a resource that typically combines the computational power of a large grouping of processors and/or that combines the storage capacity of a large grouping of computer memories or storage devices. For example, systems that provide a cloud resource may be utilized exclusively by their owners, such as Google™ or Yahoo! ™, or such systems may be accessible to outside users who deploy applications within the computing infrastructure to obtain the benefit of large computational or storage resources.
The cloud may be formed, for example, by a network of web servers, with each web server (or at least a plurality thereof) providing processor and/or storage resources. These servers may manage workloads provided by multiple users (e.g., cloud resource customers or other users). Typically, each user places workload demands upon the cloud that vary in real-time, sometimes dramatically. The nature and extent of these variations typically depend on the type of business associated with the user.
In the event of a server failure (e.g., failover event), end users can failover that server as a virtual machine (VM) on a local failover appliance (not shown herein but described in greater detail in U.S. patent application Ser. No. 13/030,073, filed on Feb. 17, 2011, entitled “Systems and Methods for Maintaining a Virtual Failover Volume of a Target Computing System”). However, if there is a site disaster (e.g., failure of at least a portion of the networked computing environment) or the local failover appliance fails, end users can still failover a server or the entire network as a VM in the “cloud,” that is running, for example, on the backup node 105.
According to some embodiments, the present technology allows end users to create a cloud-based virtual office running on the backup (e.g., the backup cloud) of intermediary node. The operational characteristics of the cloud-based virtual office may substantially match the operational characteristics of the physical network of the end user. Additionally, end users may configure network settings for the cloud-based virtual office to provide secure access to the cloud-based virtual office by configuring virtual private network (VPN). Additionally, end users may allow network access to VMs of the cloud-based virtual office by configuring port forwarding, and/or allow VMs access to the Internet by enabling outbound connections. For security purposes, VM access to the Internet may be disabled by default. In some instances, the present technology may also provide dynamic host configuration protocol (DHCP) functionality for the cloud-based virtual office.
The present technology may allow end users to start the VMs (however many) of the cloud-based virtual office from restore points (backup versions) of the end user's choosing.
Referring now to
It will be understood that an image backup job may be created for each server of the actual office 205, and the backups may be saved both onsite and offsite, such as on the backup node 105. Assume that the actual office 205 is next to a river that overflows and floods the machine room. The following steps are an exemplary method for recovering from the disaster. A system administrator may log into the backup node 105 (from home or any available location) and begin the process of establishing a cloud-based failover, such as the virtual office 210. Utilizing various graphical user interfaces, which will be described in greater detail herein, the systems administrator may configure the characteristics of the virtual office 210.
According to some embodiments, an IP address for a cloud-based gateway VM 235 of the virtual office 210 may be set to 10.3.3.1 to match the IP address of the gateway server 230 of the actual office 205. For security purposes, the system administrator may desire secure access to the virtual office 210, to configure a VPN for the virtual office 210 and establish access credentials for at least a portion of the employees of the actual office 205.
In some instances, the system administrator may establish port forwarding for the standard web ports for the servers of the virtual office, although any types of ports may likewise be utilized in accordance with the present technology. For example, the system administrator may map exemplary external ports such as 80 and 443, on one or more allocated internet accessible IP addresses, to the internal ports 8000 and 8443 on the cloud-based exchange server VM 240. Similarly, an active directory server VM 250 and a share point server 245 may also be configured to communicatively couple with the cloud-based gateway VM 235. Once exemplary ports have been forwarded to the necessary servers within the virtual office 210, the system administrator may then start a cloud-based VM for each of the servers. It will be understood that the port forwarding rules can be created at anytime before or after the VMs have been started. Once the VMs have been started, the employees can now work from home and access the virtual office 210 while the flood damage is being repaired.
Following on with the example, three weeks later the location of the actual office 205 is repaired and ready for use. While the cloud server VMs continue to run, the system administrator may begin repairing or replacing damaged hardware such as the physical servers or the failover appliance(s). In the case of failover appliances, the failover appliances may be seeded with data from the intermediary node (or the backup node), such as snapshots and incremental files. Once the replacement appliance(s) has been installed, the replacement appliance(s) may then communicatively couple with the intermediary node or backup node via the Internet, where a synchronization of data occurs. The synchronization provides the latest version of snapshot and incremental files for the VMs running within the virtual office 210. The cloud-based VM servers may then be shut down such that the failover appliance(s) may resume the primary role. Finally, a bare metal restore may be performed for each replacement server to complete the physical recovery of the actual office 205.
More specifically, the management of a cloud-based failover (e.g., virtual office) may include the steps of starting a virtual office in a cloud-based backup system. The starting of the virtual office may comprise executing a test failover (virtual office), in either an automatically on a scheduled basis, or manually, to verify that the virtual office is operational. Once the test is completed and the virtual office is determined to be operational, the system administrator may then start a production failover when a site disaster occurs (e.g., upon the occurrence of a failover event). It will be understood that an administrator can start a production failover without first creating a test failover.
Once initiated, the virtual office may be configured by specifying details, such as Network Configuration, VPN, DHCP, and port forwarding, each of which will be described in greater detail below. Once properly configured, the system administrator may start server VMs in the virtual office and then monitor the status of the server VMs. In some instances, system administrators may manage individual server VMs and even terminate operation of the cloud-based virtual office. The termination of a cloud-based virtual office may comprise the discarding of a test failover and/or a migration of a production failover to a new local failover appliance.
The detail interface 300 for that client may then be displayed. The system administrator may check a box 310 for the target appliance and then click the Failover Selected Appliances button 315.
The Failover type of Production may be selected to create a complete cloud failover environment (e.g., virtual office, virtual cloud-based VM). It is noteworthy that in some instances the cloud failover may comprise a plurality of virtualized machines in an office or in some instances the cloud failover may only comprise a single computing system such as a desktop computer or a laptop computer.
The Production 525 failover may be backed up while running and may be used to repopulate a replacement failover appliance (when ready). The Production 525 failover may be used as an interim solution during a disaster. For example, a virtual office may be utilized until the physical site is once again operational (e.g., servers are replaced or repaired).
A “Start Virtual Office” message box may appear as the virtual office is configured. After the virtual office environment set up is completed, the client detail interface reappears with a new virtual office display 600 (see
To configure virtual office network settings, or VLAN, the system administrator may utilize a section 605 positioned on the left side of the new virtual office display 600. According to some embodiments, the section 605 may include a plurality of tabs that allow for configuration of the virtual office. In some instances the section 605 may comprise a “What's Next?” textual content section that provides a brief description of configuration (and start) options, and provides a navigation mechanism to each configuration section. A Network Settings tab 610 (
According to some embodiments, the gateway and netmask settings may be automatically configured when the cloud failover is started. However, the system administrator can change those settings at any time. Clicking the Network Settings tab 610 of
Additionally, the Network Settings section may comprise Internet Connectivity 720 (optional). This option may enable outbound access to the Internet by the VMs of the virtual network. It is noteworthy that enabling Internet connectivity may allow both outbound and inbound messages between external devices and the server VMs in the virtual office. Conversely, disabling Internet connectivity allows only inbound (not outbound) messages from external devices. This means that server VMs within the virtual office can communicate with each other and external traffic can be received (if port forwarding is enabled), but the server VMs may not be allowed to send messages outside the virtual office.
Clicking the VPN Settings tab 615 of
A Client IP Range may be established by entering a range (beginning and ending values) of available IP addresses within boxes 815 and 820. This is a range of private IP addresses, on the VLAN within the virtual office, that are assigned to the VPN end users once they are connected through the VPN. For example, in a physical office network, this can be a range of IP addresses dedicated to user workstations.
According to some embodiments, user authentication may be set directly via VPN Settings interface 825 of
To set user authentication directly via the VPN Settings interface 825 of
It will be understood that the VLAN and client range IP addresses may be private IP addresses from the cloud failover network (as defined by the gateway address and network mask) that do not overlap with IP addresses of server VMs that are specified to start in the cloud, or any other allocated IP addresses within the virtual office, for example DHCP IP address range, VNC IP address, gateway IP. This avoids potential IP address conflict, and as mentioned above, the addresses can be changed later if necessary or desired. The system validates that the entered IP address range does not overlap or conflict with any other IP addresses within the virtual office.
By way of non-limiting example, consider an example where the gateway IP address is 192.168.77.1, the netmask is 255.255.255.0, and the servers in the physical office had IP addresses in the range 192.168.77.2 through 192.168.77.10. The VNC IP is set to 192.168.77.254, and the DHCP service is assigned to 192.168.77.200 with a DHCP Client Range: 192.168.77.201-192.168.77.253. To prevent a conflict with these addresses, enter the following values: VPN VLAN IP: 192.168.77.11 (the next available address) in LAN IP box 810 and VPN Client IP Range: 192.168.77.12-192.168.77.199 (all remaining available addresses in boxes 815 and 820, respectively.
Turning to
According to some embodiments, the system administrator may specify Port Forwarding Settings for the virtual office by selecting the Port Forwarding Settings tab 605 of
The system administrator may then enable DHCP settings for the cloud-based virtual office. As mentioned above, DHCP settings, by default, may not be automatically established for the cloud-based virtual office. Therefore, the system administrator may utilize the DHCP settings tab 630 of
In some instances, to configure or edit the DHCP settings for the cloud-based virtual office, the system administrator select an “Enabled” box if it is not already checked. The system administrator may then enter a domain name in the Domain field 1305 and a host name or IP address for the DNS server in the DNS Server field 1310. If there are multiple DNS servers, the system administrator may select the “Add Another” button and repeat the data input steps regarding the DNS IP address fields many times as necessary.
Next, the system administrator may then enter a range of IP addresses that can be used by cloud-based virtual office in the Range fields 1315 and 1320, as well as assign an IP address to a server by entering a MAC address in the Mac to IP field 1325. Again, if there are multiple computing devices that require IP addresses assigned based on their MAC address, the system administrator may click the “Add Another” button and repeat this step as many times as necessary. It will be understood that DHCP may assign IP addresses to any servers not specified in this field. Validation checks may be made against the input IP addresses to insure that they do not conflict with the IP addresses already configured for the virtual office.
In accordance with the present disclosure, the system administrator may also establish site-to-site VPN settings by clicking the Site to Site VPN Settings tab 635 of
In addition to the standard VPN set up, the system administrator can also set up a VPN connection between two or more remote sites. More specifically, while the standard set up configures VPN for individual devices to connect to the cloud-based virtual office, site-to-site VPN allows the system administrator to create a single VPN end point within the local network through which any local user can connect to the cloud-based virtual office.
In some instances, a virtual image (end point) may be downloaded onto a VM system in the cloud-based virtual office and then running the virtual image from that system. A site-to-site VPN may be utilized during a site disaster and can provide valuable services in the following situations. For example, when a site disaster occurs in an organization with two (or more) sites linked together in a corporate network, a site-to-site VPN connection can be configured that effectively recreates the corporate network for the unavailable physical site. In other instances, when a site is being rebuilt after a disaster, a site-to-site VPN may allow users to physically utilize the site while the machine room is still under repair. Thus, the site-to-site VPN connection can be configured as a replacement while the machine room and servers are rebuilt.
The Cloud Site-to-Site VPN interface 1400 of
Next, the system administrator may click the “Add End Point” button of
Next, a download client link may be selected to download the virtual image using the Download Client interface 1800 of
The system administrator may execute any type of program that is capable of running a virtual machine on their local machine. For example, the virtual image may be booted using a virtualization program before the address for the virtual machine can be added to the network routing table for the virtual office.
After the virtual office starts (see virtual office 210 of
It will be understood that input methods may not be limited to specific mouse clicks, and may comprise any pointer device primary click, including motion-based input, gestures, touch, and other inputs that would be common on mobile devices with touch screen inputs.
Referring back to
Once a server VM has been rendered, the system administrator may manage the operation of the server VM using Running VM Options interface 2200 of
To shutdown a server VM, the system administrator may select the Stop option. The VM Status may change to Ready when the shutdown is complete, such that the VM may be restarted at any time. To restart a previously shutdown server VM, the system administrator may select the Start option. It is noteworthy that the time it takes to start up the VM may depend on several factors including image version, size, load, and network traffic. According to some embodiments, if the VM does not successfully shutdown, the user can attempt to shutdown the VM again, where upon they are given the option to forcibly shutdown the VM.
To discard (e.g., delete the selected VM configured with the settings selected in the Render dialog) a server VM, the system administrator may select the Discard option. The VM must be rendered again to start a new server VM. To access the server VM, the system administrator may select the Login button. This opens a Virtual Network Computing (VNC) client window 2300 of
In addition to the built-in VNC client viewer, the system administrator can access a server VM through a separate VNC client viewer or through remote desktop. It is noteworthy that in some instances, to access a server VM through a remote desktop, it may be required that a VPN connection be established. In addition, a user session may be timed out after 30 minutes of inactivity.
If a remote desktop protocol (RDP), such as the Microsoft Remote Desktop Protocol, is enabled on the server running as a VM, the system administrator can access the VM by opening a Remote Desktop Connection Client. Enter the server IP address or host name using the built-in remote desktop functionality included in the Operating System of the local machine. VNC may be enabled by default, so the system administrator can access the VM by opening a VNC client viewer. Next, the system administrator may either enter the VNC IP address if it was set or the gateway IP address with the VNC port number that the system has allocated for the server VM (e.g., vncIP:port# or gatewayIP:port#). The port number and password to enter in the authentication window is displayed in the VNC Port and VNC Password columns for that server VM in the Client Details interface (see
It is noteworthy that the VNC is a remote control application that allows the system administrator to view and interact with one computer through a client “viewer” application on another computer anywhere on the Internet. The VNC is operating system independent, so the target and client computers can be of different types (for example, the VNC viewer on a Windows® system accessing a Linux® system). It will be understood that when starting any VNC viewer, to access the VM, consider the following requirements. For example, when the VM starts, it must initially adjust device drivers, including mouse and keyboard drivers. This normally is obvious when first connecting to the VM through a VNC client, as the VM might not respond to mouse or keyboard activity during this period. Additionally, it may be necessary to issue the Control-Alt-Delete keyboard sequence to login to the VM. Most VNC clients have a helper menu that is accessed through a function key.
Next, the method may comprise a step 2415 of executing a backup for each selected server using a virtualization program to create the cloud-based virtual office that includes virtual server machines networked with one another via the cloud gateway. Additionally, the method may comprise a step 2420 of providing a workload to the cloud-based virtual office. In some instances, the workload provided to the cloud-based virtual office may comprise any workload that is processed by the physical network that the cloud-based network office has replaced. In some instances, the workload may comprise providing a website, executing an application or program, and delivering content—just to name a few. In other instances, the workload may also comprise providing an end user with access to the cloud-based virtual office.
Clicking anywhere in the device inventory row 2510 may open the device summary pane. Exceptions are if the column has its own click handling. For example, the Device Name column or the actions column. According to some embodiments, an actions column header 2515 may not perform a table sort as other column headers do, but may cause the display of a set of global actions that can be performed against the selected devices in the table. If no devices are selected, then the only action available to the user is “Select all shown” which selects all the checkboxes for the devices currently in the table, and then the actions in the menu are updated to show the complete list of actions available for mass operations. Exemplary global actions that are available include: Recover selected, Pause selected, Protect selected, and so forth.
A select column header action 2520 may be utilized to select all (or a portion) of the current displayed rows. Clicking a pre-filter tab of Device Inventory Tabs 2525 will display the list in pre-filtered as its respective name implies. “All Protected” shows all protected devices no matter the state of the device. This may not include Unprotected or Archived devices. Troubled and Warned show devices that have a status of troubled or warned as appropriate. Any device that is virtualized either locally or in the cloud is listed in the virtualized filtered device list.
In some instances, only cloud virtualized devices are listed. Unprotected column shows devices that are detected on the client's network, but may not have a protection policy. This includes “ignored” unprotected devices. Non-active tabs may be placed into a hover state. The white caret (e.g., triangle icon) indicates the currently selected tab, and slides across the tab bar from one tab to a newly selected tab as additional tabs are selected.
A filter tab 2530 may be selected to take the user to a list of all devices (protected, unprotected, archived, and so forth) that can be filtered. Devices that are virtualized have a status icon 2535 provided in the device inventory list view. If the device is virtualized locally and in the cloud (e.g., virtual office) then two icons may be shown. The icon may also denote whether the virtualization is test or production.
Time entries displayed for each device may be shown relative to the client's timezone preference. A freshest backup column 2540 may be sortable, and may not be dynamically updated as time progresses. The table may also comprise a timezone specification as well as an infinite scroll 2545. An initial forty rows may be loaded and displayed. More rows may be loaded as the user scrolls to the bottom of the page.
A user given device name 2610, or hostname if the user has not given the device a name, may be shown. Clicking the user given device name 2610 may redirect the user to the device details. The device status in a summary 2615 includes, for example, the protection status, the virtualization activity for the device, and the current protection activity for the device (e.g., running, idle, paused, etc.). For unprotected devices, the protection status is “Unprotected”. For archived devices the status is “archived”. Device details 2620 may comprise information that describes the detected/specified device type and current specified IP address within the system.
Age details 2625 may include the date of the oldest recovery point, shown as the most recent. The display of each recovery point may be driven by the human readable date/time display which is relative to the current time. The date/times for the backups are the completion date/times for the backup. Hovering and/or clicking on the relative times shows the absolute time in a tooltip style popout, or other visual display that would be known to one of ordinary skill in the art. Human readable time may be specified elsewhere.
A login button 2630 may be selected to display the web VNC client in a new window for Devices that are currently virtualized in a cloud failover and running. Local appliance failovers may not be given a Login button, although in some instances they may.
Clicking details button 2635 may direct the user to the device details page. Clicking the edit policy button 2640 may open a Protect flow with the current protection policy for this device and allows the user to make changes to the device's protection policy. Clicking recover button 2645 may open the Recover flow with this device preselected as the target of the recovery operation.
A device description section 2650 may comprise a human readable summary of the device protection policy and current protection and virtualization activity.
The user interface 2700 may also comprise a search input 2720 that allows end users to input a search string that filters the list page contents to any devices that have a portion of the search text present in the Device Name.
Clicking a device name 2815 may direct the user to the Device Details page for the device. A device summary pane 2820 may be displayed in the carousel view and may include the same functionality as the summary panes displayed in the device table view. Clicking a navigation object 2825 may cause the desktop images to horizontally scroll. For example, pressing the right arrow, causes the desktop images to scroll left by one image. On scroll, a new currently active device's summary pane may be loaded and displayed. A desktop image icon 2830 may be shown on top of the desktop image, if a desktop image is provided. If no desktop image is provided, then the desktop image icon 2830 may be displayed in place of the desktop image on top of a background. The overlay image may be predicated on the device type, and operating system type. The user interface 2800 may also comprise Device Inventory Tabs 2835, which have been described in greater detail above.
The components shown in
The mass storage device 2930, which may be implemented with a magnetic disk drive or an optical disk drive, is a non-volatile storage device for storing data and instructions for use by the processor 2910. The mass storage device 2930 can store the system software for implementing embodiments of the present technology for purposes of loading that software into the main memory 2920.
The portable storage device 2940 operates in conjunction with a portable non-volatile storage medium, such as a floppy disk, compact disk, digital video disc, or USB storage device, to input and output data and code to and from the computer system 2900 of
The user input devices 2960 provide a portion of a user interface. The user input devices 2960 may include an alpha-numeric keypad, such as a keyboard, for inputting alpha-numeric and other information, or a pointing device, such as a mouse, a trackball, stylus, or cursor direction keys. Additionally, the computer system 2900 as shown in
The graphics display 2970 may include a liquid crystal display (LCD) or other suitable display device. The graphics display 2970 receives textual and graphical information, and processes the information for output to the display device.
The peripheral device(s) 2980 may include any type of computer support device to add additional functionality to the computer system. The peripheral device(s) 2980 may include a modem or a router.
The components associated with the computer system 2900 of
It is noteworthy that any hardware platform suitable for performing the processing described herein is suitable for use with the technology. Computer-readable storage media refer to any medium or media that participate in providing instructions to a central processing unit (CPU), a processor, a microcontroller, or the like. Such media may take forms including, but not limited to, non-volatile and volatile media such as optical or magnetic disks and dynamic memory, respectively. Common forms of computer-readable storage media include a floppy disk, a flexible disk, a hard disk, magnetic tape, any other magnetic storage medium, a CD-ROM disk, digital video disk (DVD), any other optical storage medium, RAM, PROM, EPROM, a FLASHEPROM, any other memory chip or cartridge.
According to some embodiments, the aforementioned methods and systems for providing virtual offices are enhanced by the incorporation of runbooks. Runbooks enable orchestration and automation of virtual offices (e.g., virtual private cloud), allowing a user to configure an automatic deployment plan for virtualized devices in the virtual office. The user first configures a subnet in the network section and assigns or matches the subnet to computing devices to be virtualized. Runbooks are unique to each virtual office. Once a virtual office is shut down, the runbook can be deleted or it can be retained for later reuse.
In some embodiments, configuring a runbook will allow a user to configure any of an identification of computing devices to be virtualized, an order or priority to virtualize the devices, virtual computing resources to allocate to each virtual machine, and any desired wait time between starting a virtual machine after another virtual machine has reached a running state. This process is referred to as dependency-based virtual machine preparation.
In
In
The preparing state 3500 transitions to a prepared state 3502. When the VM is in prepared state 3504, the VM can then transition to creating state 3506 where the system instantiates the VM with the content included in the runbook and then to a created state 3508 when the VM is actually created.
The VM transitions to a running/waiting state 3510; otherwise the VM can be placed in a discarded state 3512. The running/waiting state 3510 includes when a VM is running but waiting on a set period of time before being available to a user. This could be based on a wait time due to the VM waiting on another VM to be prepared or ready to run.
The running/waiting state 3510 can transition to a running/running state 3514 or the discarded state 3512. The running/waiting state 3510 can also transition to a stopping state 3516, which can be based on a user request to terminate the office or based on a timeout parameter. A stopped VM can be restarted in state 3518.
In some embodiments a VM enters the discarded state 3512 when an error in the VM occurs, such as when an error is detected in the running of the VM. The states described above are not meant to be limiting in any manner but are descriptive of example states that VMs can attain through execution of a runbook and creation of a virtual office therefrom.
In general, a not running state is a VM that is not a part of a virtual office for a runbook (e.g., never started or previously discarded). A preparing or launching state is a VM in a virtual office in any state such as preparing, prepared, or creating. A waiting state for a VM is when a virtual office is running but the VM is waiting a wait time before being considered fully VM ready. By way of example, a user computing VM may wait for use through a wait period until a firewall VM is in place with the virtual office.
In a running state the VM in the virtual office is running and any wait time has passed, if required. In a stopping, stopped, discarding, or discarded state, the VM is not usable and/or deleted.
An error state indicates that a VM cannot be processed. In some embodiments the runbook execution can complete even when some VMs cannot be executed due to an error.
According to some embodiments the virtual private network selection comprises any of a split tunneling selection, a site gateway Internet protocol address, and a site netmask.
The site-to-site virtual private network settings comprise any of an endpoint name, a public Internet protocol address, a gateway, a netmask, and an endpoint Internet protocol address.
The runbook virtual office settings are obtained from a runbook 3604. The runbook 3604 is comprised of one or more runbook items 3606. In some embodiments the runbook items are computing devices that are to be replicated as virtual machines in the virtual office.
Block 3608 specifies any dependencies between VMs, again referred to as runbook items.
A subnet for each VM is established in block 3610, while virtual private network (VPN) settings are established in block 3612 along with VPN user information in block 3614.
An endpoint virtual machine is generated from the runbook virtual office settings in block 3610 and is assigned to the subnet created and subject to any dependencies established from the runbook. The VPN settings are applied to the subnet for the VM.
While the above description discloses the aspect of instantiating one VM, the process applies equally to starting multiple VMs in a virtual office. Indeed, the dependencies determined from the runbook are applied when multiple VMs are required in a virtual office.
In some embodiments a current rank is stored to a database to avoid race conditions in step 4206. For example, the rank of the VM that is being initialized started is stored in a database to make sure a server running in the cloud that hosts customers' failover VMs does not start multiple instances of the same VM and to ensure that higher ranked VM's are not started ahead of lower-ranked VMs.
A promote methodology is used through the state transition graph of
When all ranks are executed the runbook is complete (e.g., all VMs are ready) and the virtual office is ready for use.
In some embodiments, virtual offices can be setup using orchestration templates. For example, a user can copy all or a portion of an existing runbook and incorporate this content into a second runbook. The user can further edit the second runbook to create runbooks with similar but varying parameters. For example, the user can create two similar runbooks for two different disaster recovery scenarios, with each runbook setting up a virtual office with specific parameters. The following paragraphs describe pseudocode that converts dependencies/priorities of VMs into generic ranks and work with them using a daemon. In one embodiment the daemon is an orchestration daemon that interacts with the virtual office back-end and conducts state transition logic, delayed queue logic, and send and receiving messages from the message-oriented middleware application.
In
Next, the method includes a step 4806 of specifying a dependency between at least two of the one or more virtual machines. In some embodiments the dependency relates to a hierarchical relationship between the at least one of the one or more virtual machines and another of the one or more virtual machines. For example, a dependency could include one VM being setup and running before another VM is setup and running. In some embodiments the hierarchical relationship is an ordered combination or sequence for starting and running VMs.
In some embodiments, the method includes a step 4808 of generating the runbook that comprises the computing device configurations and the dependency. Again, in other embodiments the runbook can comprise many other attributes such as subnets, sequences, priorities, VPN settings, and so forth.
The method can also include a step 4810 of storing the runbook in a replication system. The user can retrieve the runbook for execution when desired or automatically upon the occurrence of a failover event, such as when the replication system detects that a computing system or network of computing systems has failed.
This information in the runbook is utilized to create VMs by first using a step 4904 of obtaining restore points the virtual machines. Again, the restore points are associated with the computing devices. In some embodiments, the method can use file system backups such as mirrors and/or incremental files as described above with respect to the system of
Next, the method includes a step 4906 of preparing the virtual private cloud by establishing the virtual machines using the restore points and the computing device configurations in the runbook. This process includes using any known dependencies between VMs.
The method also includes a step 4908 of providing access to the virtual private cloud to a user.
While certain exemplary embodiments have been described and shown in the accompanying drawings, it is to be understood that such embodiments are merely illustrative and not restrictive of the broad disclosure and that this disclosure is not limited to the specific constructions and arrangements shown and described, since various other modifications may occur to those ordinarily skilled in the art upon studying this disclosure. In an area of technology such as this, where growth is fast and further advancements are not easily foreseen, the disclosed embodiments may be readily modifiable in arrangement and detail as facilitated by enabling technological advancements without departing from the principals of the present disclosure.
In the foregoing specification, specific embodiments of the present disclosure have been described. However, one of ordinary skill in the art appreciates that various modifications and changes can be made without departing from the scope of the present disclosure as set forth in the claims below. Accordingly, the specification and figures are to be regarded in an illustrative rather than a restrictive sense, and all such modifications are intended to be included within the scope of present disclosure. The benefits, advantages, solutions to problems, and any element(s) that may cause any benefit, advantage, or solution to occur or become more pronounced are not to be construed as a critical, required, or essential features or elements of any or all the claims. The disclosure is defined solely by the appended claims including any amendments made during the pendency of this application and all equivalents of those claims as issued.
This non-provisional U.S. patent application is a continuation-in-part and claims the priority benefit of U.S. patent application Ser. No. 14/971,832, filed on Dec. 16, 2015, entitled “Cloud-Based Virtual Machines and Offices, which is a continuation of and claims the priority benefit of U.S. patent application Ser. No. 14/564,082, filed on Dec. 8, 2014, entitled “Cloud-Based Virtual Machines and Offices,” which is a continuation of and claims the priority benefit of U.S. patent application Ser. No. 13/570,161, filed on Aug. 8, 2012, entitled “Cloud-Based Virtual Machines and Offices,” each of which are hereby incorporated by reference herein, including all references and appendices cited therein. This non-provisional U.S. patent application is related to U.S. patent application Ser. No. 12/895,275, filed on Sep. 30, 2010, entitled “Systems and Methods for Restoring a File”; U.S. patent application Ser. No. 13/030,073, filed on Feb. 17, 2011, entitled “Systems and Methods for Maintaining a Virtual Failover Volume of a Target Computing System”; and U.S. patent application Ser. No. 13/437,738, filed on Apr. 2, 2012, entitled “Systems, Methods, and Media for Synthesizing Views of File System Backups”, now U.S. Pat. No. 8,589,350, issued on Nov. 19, 2013, as well as U.S. patent application Ser. No. 13/889,164, filed on May 7, 2013, entitled “Cloud Storage Using Merkle Trees” and U.S. patent application Ser. No. 14/864,850, filed on Sep. 24, 2015, entitled “Distributed and Deduplicating Data Storage System and Methods of Use”— all of which are hereby incorporated by reference herein in their entireties.
Number | Name | Date | Kind |
---|---|---|---|
5379412 | Eastridge et al. | Jan 1995 | A |
5574905 | deCarmo | Nov 1996 | A |
5860107 | Patel | Jan 1999 | A |
6122629 | Walker et al. | Sep 2000 | A |
6205527 | Goshey et al. | Mar 2001 | B1 |
6233589 | Balcha et al. | May 2001 | B1 |
6272492 | Kay | Aug 2001 | B1 |
6411985 | Fujita et al. | Jun 2002 | B1 |
6604236 | Draper et al. | Aug 2003 | B1 |
6629110 | Cane et al. | Sep 2003 | B2 |
6651075 | Kusters et al. | Nov 2003 | B1 |
6907600 | Neiger | Jun 2005 | B2 |
6971018 | Witt et al. | Nov 2005 | B1 |
7024581 | Wang et al. | Apr 2006 | B1 |
7085904 | Mizuno et al. | Aug 2006 | B2 |
7266655 | Escabi, II et al. | Sep 2007 | B1 |
7401192 | Stakutis et al. | Jul 2008 | B2 |
7406488 | Stager et al. | Jul 2008 | B2 |
7546323 | Timmins et al. | Jun 2009 | B1 |
7620765 | Ohr et al. | Nov 2009 | B1 |
7631155 | Bono et al. | Dec 2009 | B1 |
7647338 | Lazier et al. | Jan 2010 | B2 |
7676763 | Rummel | Mar 2010 | B2 |
7730425 | de los Reyes et al. | Jun 2010 | B2 |
7743038 | Goldick | Jun 2010 | B1 |
7752487 | Feeser et al. | Jul 2010 | B1 |
7769731 | O'Brien | Aug 2010 | B2 |
7797582 | Stager et al. | Sep 2010 | B1 |
7809688 | Cisler et al. | Oct 2010 | B2 |
7832008 | Kraemer | Nov 2010 | B1 |
7844850 | Yasuzato | Nov 2010 | B2 |
7873601 | Kushwah | Jan 2011 | B1 |
7930275 | Chen et al. | Apr 2011 | B2 |
7966293 | Owara et al. | Jun 2011 | B1 |
8037345 | Iyer et al. | Oct 2011 | B1 |
8046632 | Miwa et al. | Oct 2011 | B2 |
8060476 | Afonso et al. | Nov 2011 | B1 |
8099391 | Monckton | Jan 2012 | B1 |
8099572 | Arora et al. | Jan 2012 | B1 |
8117163 | Brown et al. | Feb 2012 | B2 |
8200926 | Stringham | Jun 2012 | B1 |
8224935 | Bandopadhyay et al. | Jul 2012 | B1 |
8243751 | Visa | Aug 2012 | B2 |
8244914 | Nagarkar | Aug 2012 | B1 |
8245156 | Mouilleseaux et al. | Aug 2012 | B2 |
8260742 | Cognigni et al. | Sep 2012 | B2 |
8279174 | Jee et al. | Oct 2012 | B2 |
8296410 | Myhill et al. | Oct 2012 | B1 |
8321688 | Auradkar et al. | Nov 2012 | B2 |
8332442 | Greene | Dec 2012 | B1 |
8352717 | Campbell et al. | Jan 2013 | B2 |
8381133 | Iwema et al. | Feb 2013 | B2 |
8402087 | O'Shea et al. | Mar 2013 | B2 |
8407190 | Prahlad et al. | Mar 2013 | B2 |
8412680 | Gokhale et al. | Apr 2013 | B1 |
8417674 | Provenzano | Apr 2013 | B2 |
8478801 | Hutchins | Jul 2013 | B2 |
8504785 | Clifford et al. | Aug 2013 | B1 |
8533608 | Tantiprasut | Sep 2013 | B1 |
8549432 | Warner | Oct 2013 | B2 |
8572337 | Gokhale et al. | Oct 2013 | B1 |
8589350 | Lalonde et al. | Nov 2013 | B1 |
8589913 | Jelvis et al. | Nov 2013 | B2 |
8600947 | Freiheit et al. | Dec 2013 | B1 |
8601389 | Schulz et al. | Dec 2013 | B2 |
8606752 | Beatty et al. | Dec 2013 | B1 |
8639917 | Ben-Shaul et al. | Jan 2014 | B1 |
8676273 | Fujisaki | Mar 2014 | B1 |
8745003 | Patterson | Jun 2014 | B1 |
8767593 | Allen | Jul 2014 | B1 |
8886611 | Caputo | Nov 2014 | B2 |
8924360 | Caputo | Dec 2014 | B1 |
8954544 | Edwards | Feb 2015 | B2 |
9104621 | Caputo | Aug 2015 | B1 |
9110964 | Shilane et al. | Aug 2015 | B1 |
9213607 | Lalonde et al. | Dec 2015 | B2 |
9235474 | Petri et al. | Jan 2016 | B1 |
9292153 | Edwards et al. | Mar 2016 | B1 |
9397907 | Edwards et al. | Jul 2016 | B1 |
9559903 | Edwards | Jan 2017 | B2 |
20010034737 | Cane et al. | Oct 2001 | A1 |
20010056503 | Hibbard | Dec 2001 | A1 |
20020169740 | Korn | Nov 2002 | A1 |
20030011638 | Chung | Jan 2003 | A1 |
20030158873 | Sawdon et al. | Aug 2003 | A1 |
20030177293 | Bilak et al. | Sep 2003 | A1 |
20030208492 | Winiger et al. | Nov 2003 | A1 |
20040030852 | Coombs et al. | Feb 2004 | A1 |
20040044707 | Richard | Mar 2004 | A1 |
20040073560 | Edwards | Apr 2004 | A1 |
20040073677 | Honma et al. | Apr 2004 | A1 |
20040093474 | Lin et al. | May 2004 | A1 |
20040098423 | Chigusa et al. | May 2004 | A1 |
20040233924 | Bilak et al. | Nov 2004 | A1 |
20040260973 | Michelman | Dec 2004 | A1 |
20050010835 | Childs et al. | Jan 2005 | A1 |
20050027748 | Kisley | Feb 2005 | A1 |
20050114290 | Borthakur et al. | May 2005 | A1 |
20050154937 | Achiwa | Jul 2005 | A1 |
20050171979 | Stager et al. | Aug 2005 | A1 |
20050223043 | Randal et al. | Oct 2005 | A1 |
20050273654 | Chen et al. | Dec 2005 | A1 |
20050278583 | Lennert et al. | Dec 2005 | A1 |
20050278647 | Leavitt et al. | Dec 2005 | A1 |
20060013462 | Sadikali | Jan 2006 | A1 |
20060047720 | Kulkarni et al. | Mar 2006 | A1 |
20060064416 | Sim-Tang | Mar 2006 | A1 |
20060224636 | Kathuria et al. | Oct 2006 | A1 |
20070033301 | Aloni et al. | Feb 2007 | A1 |
20070038884 | Campbell et al. | Feb 2007 | A1 |
20070061385 | Clark et al. | Mar 2007 | A1 |
20070112895 | Ahrens et al. | May 2007 | A1 |
20070113032 | Kameyama et al. | May 2007 | A1 |
20070168413 | Barletta | Jul 2007 | A1 |
20070176898 | Suh | Aug 2007 | A1 |
20070180207 | Garfinkle | Aug 2007 | A1 |
20070198789 | Clark et al. | Aug 2007 | A1 |
20070204166 | Tome et al. | Aug 2007 | A1 |
20070208918 | Harbin et al. | Sep 2007 | A1 |
20070220029 | Jones et al. | Sep 2007 | A1 |
20070226400 | Tsukazaki | Sep 2007 | A1 |
20070233699 | Taniguchi et al. | Oct 2007 | A1 |
20070250302 | Xu et al. | Oct 2007 | A1 |
20070260842 | Faibish et al. | Nov 2007 | A1 |
20070276916 | McLoughlin et al. | Nov 2007 | A1 |
20070283017 | Anand et al. | Dec 2007 | A1 |
20070283343 | Aridor et al. | Dec 2007 | A1 |
20070288525 | Stakutis et al. | Dec 2007 | A1 |
20070288533 | Srivastava et al. | Dec 2007 | A1 |
20070294321 | Midgley et al. | Dec 2007 | A1 |
20080005468 | Faibish et al. | Jan 2008 | A1 |
20080010422 | Suzuki et al. | Jan 2008 | A1 |
20080027998 | Hara | Jan 2008 | A1 |
20080036743 | Westerman et al. | Feb 2008 | A1 |
20080082310 | Sandorfi et al. | Apr 2008 | A1 |
20080133622 | Brown et al. | Jun 2008 | A1 |
20080141018 | Tanaka et al. | Jun 2008 | A1 |
20080154979 | Saitoh et al. | Jun 2008 | A1 |
20080162590 | Kundu et al. | Jul 2008 | A1 |
20080162607 | Torii et al. | Jul 2008 | A1 |
20080201315 | Lazier et al. | Aug 2008 | A1 |
20080229050 | Tillgren | Sep 2008 | A1 |
20080307345 | Hart et al. | Dec 2008 | A1 |
20080307527 | Kaczmarski et al. | Dec 2008 | A1 |
20090089253 | Huang et al. | Apr 2009 | A1 |
20090094427 | Sano | Apr 2009 | A1 |
20090164527 | Spektor et al. | Jun 2009 | A1 |
20090185500 | Mower et al. | Jul 2009 | A1 |
20090216973 | Nakajima et al. | Aug 2009 | A1 |
20090248755 | Watanabe et al. | Oct 2009 | A1 |
20090276771 | Nickolov | Nov 2009 | A1 |
20090309849 | Iwema et al. | Dec 2009 | A1 |
20090319653 | Lorenz et al. | Dec 2009 | A1 |
20090327964 | Mouilleseaux et al. | Dec 2009 | A1 |
20100042449 | Thomas | Feb 2010 | A1 |
20100077165 | Lu et al. | Mar 2010 | A1 |
20100095077 | Lockwood | Apr 2010 | A1 |
20100104105 | Schmidt et al. | Apr 2010 | A1 |
20100107155 | Banerjee et al. | Apr 2010 | A1 |
20100114832 | Lillibridge et al. | May 2010 | A1 |
20100165947 | Taniuchi et al. | Jul 2010 | A1 |
20100179973 | Carruzzo | Jul 2010 | A1 |
20100192103 | Cragun et al. | Jul 2010 | A1 |
20100205152 | Ansari et al. | Aug 2010 | A1 |
20100223368 | Runcie | Sep 2010 | A1 |
20100228999 | Maheshwari et al. | Sep 2010 | A1 |
20100235831 | Dittmer | Sep 2010 | A1 |
20100262637 | Akagawa et al. | Oct 2010 | A1 |
20100268689 | Gates et al. | Oct 2010 | A1 |
20100318748 | Ko et al. | Dec 2010 | A1 |
20100325377 | Lango et al. | Dec 2010 | A1 |
20100332454 | Prahlad et al. | Dec 2010 | A1 |
20110041004 | Miwa et al. | Feb 2011 | A1 |
20110047405 | Marowsky-Bree et al. | Feb 2011 | A1 |
20110055399 | Tung et al. | Mar 2011 | A1 |
20110055471 | Thatcher et al. | Mar 2011 | A1 |
20110055500 | Sasson et al. | Mar 2011 | A1 |
20110082998 | Boldy et al. | Apr 2011 | A1 |
20110106768 | Khanzode et al. | May 2011 | A1 |
20110154268 | Trent, Jr. et al. | Jun 2011 | A1 |
20110218966 | Barnes et al. | Sep 2011 | A1 |
20110238937 | Murotani et al. | Sep 2011 | A1 |
20110264785 | Newman et al. | Oct 2011 | A1 |
20110265143 | Grube et al. | Oct 2011 | A1 |
20110295811 | Cherkasova et al. | Dec 2011 | A1 |
20110302502 | Hart et al. | Dec 2011 | A1 |
20120013540 | Hogan | Jan 2012 | A1 |
20120065802 | Seeber et al. | Mar 2012 | A1 |
20120084501 | Watanabe et al. | Apr 2012 | A1 |
20120124307 | Ashutosh et al. | May 2012 | A1 |
20120130956 | Caputo | May 2012 | A1 |
20120131235 | Nageshappa et al. | May 2012 | A1 |
20120179655 | Beatty et al. | Jul 2012 | A1 |
20120204060 | Swift et al. | Aug 2012 | A1 |
20120210398 | Triantafillos et al. | Aug 2012 | A1 |
20120215743 | Triantafillos et al. | Aug 2012 | A1 |
20130018946 | Brown et al. | Jan 2013 | A1 |
20130024426 | Flowers et al. | Jan 2013 | A1 |
20130036095 | Titchener et al. | Feb 2013 | A1 |
20130091183 | Edwards et al. | Apr 2013 | A1 |
20130091471 | Gutt et al. | Apr 2013 | A1 |
20130125097 | Ebcioglu | May 2013 | A1 |
20130166511 | Ghatty et al. | Jun 2013 | A1 |
20130238562 | Kumarasamy et al. | Sep 2013 | A1 |
20130238752 | Park et al. | Sep 2013 | A1 |
20130318046 | Clifford et al. | Nov 2013 | A1 |
20140006858 | Helfman et al. | Jan 2014 | A1 |
20140032498 | Lalonde et al. | Jan 2014 | A1 |
20140047081 | Edwards | Feb 2014 | A1 |
20140052694 | Dasari et al. | Feb 2014 | A1 |
20140053022 | Forgette et al. | Feb 2014 | A1 |
20140089619 | Khanna et al. | Mar 2014 | A1 |
20140101113 | Zhang et al. | Apr 2014 | A1 |
20140149358 | Aphale et al. | May 2014 | A1 |
20140189680 | Kripalani | Jul 2014 | A1 |
20140201137 | Vibhor et al. | Jul 2014 | A1 |
20140244599 | Zhang et al. | Aug 2014 | A1 |
20140303961 | Leydon et al. | Oct 2014 | A1 |
20150046404 | Caputo | Feb 2015 | A1 |
20150095691 | Edwards | Apr 2015 | A1 |
20160054911 | Edwards et al. | Feb 2016 | A1 |
20160055062 | Petri et al. | Feb 2016 | A1 |
20160105312 | Edwards | Apr 2016 | A1 |
20160110261 | Parab et al. | Apr 2016 | A1 |
20160162349 | Edwards et al. | Jun 2016 | A1 |
20160182170 | Daoura | Jun 2016 | A1 |
20170090786 | Parab et al. | Mar 2017 | A1 |
Entry |
---|
Petri, Robert et al., “Cloud Storage Using Merkle Trees,” U.S. Appl. No. 13/889,164, filed May 7, 2013, 33 pages. |
Li et al., “Efficient File Replication,” U.S. Appl. No. 13/671,498, filed Nov. 7, 2012, 30 pages. |
Number | Date | Country | |
---|---|---|---|
20170075719 A1 | Mar 2017 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 14564082 | Dec 2014 | US |
Child | 14971832 | US | |
Parent | 13570161 | Aug 2012 | US |
Child | 14564082 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 14971832 | Dec 2015 | US |
Child | 15360836 | US |