Managing containers based on pairing keys in a segmented network environment
US11012310B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Jun 5, 2018 |
| Grant date | May 18, 2021 |
| Priority date | — |
| Expiry date | Jul 8, 2038 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2009/45587
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A container orchestration server stores pairing keys in association with container profiles. A container orchestration agent executing on an operating system instance instantiates a new container according to a particular container profile in response to an instruction from the container orchestration server and stores the pairing key as metadata associated with the container. An enforcement module detects the instantiation of the container and obtains the corresponding pairing key from the container orchestration agent. The enforcement module transmits the pairing key to a segmentation server for validation. If the segmentation server validates the key, the segmentation server determines a label set corresponding to the container profile associated with the pairing key and generates management instructions for the container based on the label set. The management instructions, when enforced by the operating system, controls communications between the container and other workloads in accordance with a segmentation policy.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.