GB2499077A - Controlling attachment of virtual disks to virtual machines conditional upon usage entitlements to software artefacts on the disks - Google Patents
Controlling attachment of virtual disks to virtual machines conditional upon usage entitlements to software artefacts on the disks Download PDFInfo
- Publication number
- GB2499077A GB2499077A GB1221333.6A GB201221333A GB2499077A GB 2499077 A GB2499077 A GB 2499077A GB 201221333 A GB201221333 A GB 201221333A GB 2499077 A GB2499077 A GB 2499077A
- Authority
- GB
- United Kingdom
- Prior art keywords
- new
- virtual disk
- virtual
- disk
- old
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 239000000203 mixture Substances 0.000 claims abstract description 49
- 238000012545 processing Methods 0.000 claims abstract description 22
- 230000004044 response Effects 0.000 claims abstract description 17
- 238000000034 method Methods 0.000 claims description 25
- 230000004913 activation Effects 0.000 claims description 16
- 230000003213 activating effect Effects 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 6
- 230000001419 dependent effect Effects 0.000 claims description 3
- 230000000875 corresponding effect Effects 0.000 description 29
- 230000009471 action Effects 0.000 description 24
- 230000001276 controlling effect Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 239000000284 extract Substances 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 239000011230 binding agent Substances 0.000 description 2
- 230000003247 decreasing effect Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000015654 memory Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000003936 working memory Effects 0.000 description 2
- 230000001154 acute effect Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 239000003795 chemical substances by application Substances 0.000 description 1
- 238000013523 data management Methods 0.000 description 1
- 230000009849 deactivation Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000007717 exclusion Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45579—I/O management, e.g. providing access to device drivers or storage
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Stored Programmes (AREA)
Abstract
In a data processing centre hosting a set of virtual machines, virtual disks each comprise a set of software artefacts, e.g. application programs or media content. A request (A1) is detected for adding a new virtual disk, comprising a set of new software artefacts, to one of the virtual machines. Composition information of the new disk is determined (A2 A4), comprising an indication of the new software artefacts, e.g. from a composition library or from a descriptor on the disk. An indication of usage entitlements is retrieved (A5) for the artefacts, e.g. a licensed number of copies of an application program. Attachment of the new disk to the selected virtual machine is enabled or prevented (A6) according to a comparison between the composition information of the new disk and the usage entitlements of the new artefacts. The new virtual disk is attached (A7 A12) to the virtual machine in response to the enabling thereof and the usage entitlements of the new software artefacts are updated (A13) in response to said attachment. An old virtual disk comprising old software artefacts may be removed from a virtual machine by detaching it and updating usage entitlements accordingly (A15 A20).
Description
-1 -
DESCRIPTION
CONTROLLING USAGE OF VIRTUAL DISKS BEFORE THEIR ATTACHMENT TO VIRTUAL MACHINES
5
Technical field
The solution according to one or more embodiments of the present invention relates to the data-processing field. More specifically, this solution relates to the
10 control of the usage of virtual disks.
Background art
15 Virtualization techniques are commonplace in modern data-processing centers; a typical example is the implementation of virtual machines (i.e., emulations by software of physical machines). The virtual machines may be used in a number of applications - for example, for deploying virtual appliances. A virtual appliance is a software solution comprising one or more virtual machines, each one with one or
2 0 more application programs (for performing specific user tasks) and a Just Enough Operating System, or JeOS (i.e., a limited operating system specifically tailored to support the application programs). The virtual appliance is encapsulated in a pre-built, self-contained package, which is managed as a unit; this provides a simplified management (i.e., development, deployment and maintenance), and allows
2 5 provisioning corresponding turnkey software services in a very fast way.
As a further advantage, each virtual machine may be organized into multiple virtual disks (each one emulating a physical disk). Each virtual disk may be deployed as a corresponding virtual disk image (i.e., a physical file that defines the whole virtual disk).
3 0 For example, in this way it is possible to separate the operating system from
-2-
the application programs of the virtual machine. This simplifies the maintenance of the application programs; indeed, it is now possible to download a new virtual disk with an updated version of the application programs, turn offline the virtual machine, replace the virtual disk of the application programs, and then turn online the virtual 5 machine again. Moreover, this allows changing the operating system of the virtual machine by simply replacing its virtual disk. In addition or in alternative, it is also possible to separate the application programs into different virtual disks for their execution components (i.e., binary files) and data components (i.e., configuration and/or information files); this allows updating the execution components of the 10 application programs without loosing its data components by simply replacing the corresponding virtual disks.
A problem of the virtual machines organized into multiple virtual disks is the difficulty of controlling the usage of their application programs (or any other software artifacts) to ensure compliance with license entitlements (or any other usage 15 entitlements) applicable in the data-processing center. This problem is particular acute in large virtual appliances - for example, conforming to the Service Oriented Architecture, or SOA (providing a suite of loosely coupled services). Indeed, in this case each virtual appliance may comprise multiple application tiers, each one of them in turn comprising multiple virtual machines (for example, a typical web application 2 0 with a web tier implementing a presentation logic, an application server tier implementing a business logic, and a back-end database tier implementing a data management logic).
In order to control the usage of the application programs comprised in the different virtual disks, it is possible to use a standard licensing tool that interacts with
2 5 each virtual machine and possibly with an underlying hardware hosting them. For example, US-A-2007/018450 and US-A-2009/0328225 (the entire disclosures of which are herein incorporated by reference) describe techniques for verifying whether a given software application may be started in a virtual machine according to the available license entitlements. Moreover, US-A-2011/0047624 (the entire disclosure
3 0 of which is herein incorporated by reference) describes the use of a binding agent that
-3-
communicates with a license enforcement module comprised in each virtual machine; the binding agent binds the license enforcement modules in mutual exclusion to the underlying hardware (for example, uniquely defined by its MAC address) so as to ensure that a single license enforcement module is allowed to run on this hardware at 5 any time.
However, the above-mentioned techniques require the modification of the virtual machines (for example, to inject corresponding licensing agents).
In any case, this requires that any new virtual disk should be attached to a corresponding virtual machine before verifying the compliance of its application
10 programs with the available license entitlements (so that corresponding actions - for example, preventing their execution - may be taken).
Summary of the invention
15
In its general terms, the solution according to one or more embodiments of the present invention is based in the idea of controlling each virtual disk before attaching it to the corresponding virtual machine.
Particularly, one or more aspects of the solution according to specific
2 0 embodiments of the invention are set out in the independent claims and advantageous features of the same solution are set out in the dependent claims, with the wording of all the claims that is herein incorporated verbatim by reference (with any advantageous feature provided with reference to a specific aspect of the solution according to an embodiment of the invention that applies mutatis mutandis to every
2 5 other aspect thereof).
More specifically, an aspect of the solution according to an embodiment of the invention provides a method for controlling usage of virtual disks, wherein new software artifacts comprised in a new virtual disk are determined (for example, from a corresponding descriptor) and compared with usage entitlements (for example,
3 0 extracted from a corresponding repository), in order to enable or prevent the
-4-
attachment of the new virtual disk to a selected virtual machine accordingly.
A further aspect of the solution according to an embodiment of the invention provides a corresponding computer program.
A still further aspect of the solution according to an embodiment of the 5 invention provides a corresponding computer program product.
A different aspect of the solution according to an embodiment of the invention provides a corresponding data-processing system.
10 Brief description of the drawings
The solution according to one or more embodiments of the invention, as well as further features and the advantages thereof, will be best understood with reference to the following detailed description, given purely by way of a non-restrictive 15 indication, to be read in conjunction with the accompanying drawings (wherein, for the sake of simplicity, corresponding elements are denoted with equal or similar references and their explanation is not repeated, and the name of each entity is generally used to denote both its type and its attributes - such as value, content and representation). Particularly:
2 0 FIG.l shows a pictorial representation of a data-processing center that may be used to practice the solution according to an embodiment of the invention,
FIG.2 shows a block diagram of an exemplary virtualized environment wherein the solution according to an embodiment of the invention may be applied,
FIG.3A-FIG.3G show an exemplary application of the solution according to 2 5 an embodiment of the invention, and
FIG.4 shows a collaboration diagram representing the roles of the main software modules that may be used to implement the solution according to an embodiment of the invention.
30
-5-
Detailed description
With reference in particular to the FIG.l, a pictorial representation is shown of a data-processing center 100 that may be used to practice the solution according to 5 an embodiment of the invention.
The data-processing center 100 comprises a set of processing systems 105 (for example, server computers), a set of storage systems 110 (for example, hard-disks), and a console 115 for controlling them - which console 115 may also be provided with a drive for reading DVDs or CDs 120. A router (or switch) system 125
10 manages communications among the processing systems 105, the storage systems 110 and the console 115, and with the outside of the data-processing center 100 (for example, through the Internet); for this purposes, the processing systems 105, the storage systems 110, the console 115 and the router system 125 are connected through a cabling system 130.
15 Each processing system 105 is formed by several units that are connected in parallel to a communication bus 135. In detail, a set of (one or more) microprocessors (|_iP) 140 controls operation of the processing system 105; a RAM 145 is directly used as a working memory by the microprocessors 140, and a ROM 150 stores basic code for a bootstrap of the processing system 105. Moreover, the
2 0 processing system 105 comprises a network adapter 155, which is used to connect the processing system 105 to the cabling system 130.
A block diagram of an exemplary virtualized environment wherein the solution according to an embodiment of the invention may be applied is shown in the FIG.2.
2 5 The virtualized environment is implemented on a hardware 205 defined by one or more processing systems and one or more storage systems of the above-described data-processing center. For this purpose, a host operating system 210 running directly on the hardware 205 defines a software platform on top of which any other program may run. In this specific case, a virtualization layer 215 running
3 0 on top of the host operating system 210 emulates one ore more virtual machines 220;
-6-
examples of commercial virtualization layers available on the market are VMware by VMware Inc. and Xen by Citrix Systems, Inc. (trademarks of the corresponding owners). Each virtual machine 220 is an abstract structure that emulates a physical machine, which the virtual machine has sole control of. Particularly, each virtual 5 machine 220 comprises one or more virtual disks 225 (each one emulating a physical disk); each virtual disk 225 is actually stored in the hardware 205 by means of a corresponding virtual disk image (no shown in the figure), which consists of a file with a predefined format (for example, the VMDK format used by VMware, or the VHD format used by Xen). In each virtual machine 220, a guest operating system 10 230 now runs on its emulated hardware. The guest operating system 230 likewise defines a software platform of the virtual machine 220, on top of which one or more application programs 235 run.
An exemplary application of the solution according to an embodiment of the invention is shown in the FIG.3A-FIG.3G. This solution controls the usage of 15 generic software artifacts (for example, the application programs) in the above-described data-processing center.
Starting from the FIG.3A, a request is detected for attaching a new virtual disk VDn to a selected virtual machine VMs already hosted on the data-processing center - with a (system) virtual disk VDos comprising its guest operating system 2 0 attached thereto. In response thereto, a list is determined of new software programs that are comprised in the new virtual disk VDn (for example, from a corresponding descriptor); in this specific case the new virtual disk VDn comprises three new application programs SW1, SW2 and SW3.
Passing to the FIG.3B, license (or any other usage) entitlements that are
2 5 available in the data-processing center for the new application programs SW1-SW3
are retrieved (for example, from a repository storing all the license entitlements available in the data-processing center, denoted as a whole with Lsw); for example, in this case the license entitlements indicate that the further usage of 2 instances of the application program SW1 (LSwi: 2), 1 instance of the application program SW2
3 0 (LSw2: 1) and 5 instances of the application program SW3 (LSw3: 5) are allowed.
-7-
With reference to the FIG.3C, the new application programs SW1-SW3 are compared with the license entitlements Lswi-Lsw3, in order to enable or prevent the attachment of the new virtual disk VDn to the selected virtual machine VMs according to the result of the comparison. In this case, the license entitlements Lswi-5 Lsw3 allow the further usage of an instance of each one of the new application programs SW1-SW3. Therefore, the new virtual disk VDn is attached to the selected virtual machine VMs.
Considering the FIG.3D, the license entitlements LSwi-Lsw3 are updated accordingly (in the corresponding repository); in this case, the number of instances of 10 each new application program SW1-SW3 that may be further used is reduced by one (i.e., Lswi: 1, Lsw2: 0 and Lsw3: 4).
As shown in the FIG.3E, later on a request is detected for attaching the same new virtual disk VDn to another selected virtual machine VMs' (already hosted on the data-processing center, with a system virtual disk VDos' comprising its guest 15 operating system attached thereto). In response thereto, the same list is determined of the new application programs SW1, SW2 and SW3 comprised in the new virtual disk VDn (for example, from a corresponding library wherein it has been previously saved).
Passing to the FIG.3F, the license entitlements for the new application 2 0 programs SW1-SW3 are retrieved again; the license entitlements now indicate that the further usage of 1 instance of the application program SW1 (Lswi: 1) and 4 instances of the application program SW3 (Lsw3: 4) are allowed, but that no further usage of the application program SW2 (LSw2: 0) is allowed.
With reference to the FIG.3G, as above the new application programs SW1-
2 5 SW3 are compared with the license entitlements LSwi-Lsw3- In this case, however,
the license entitlements Lswi-Lsw3 do not allow the further usage of an instance of all the new application programs SW1-SW3 (since this is not possible for the new application program SW2). Therefore, the new virtual disk VDn is not attached to the selected virtual machine VMs (or any other suitable action is taken).
3 0 The above-described solution according to an embodiment of the invention
-8-
allows controlling the usage of the virtual disks in a very simple and effective way (especially in large virtual appliances - for example, conforming to the SOA); particularly, this result may be achieved automatically (with no, or in any case very few, manual interventions).
5 Moreover, the implementation of this solution does not require any modification of the virtual machines (so that it is completely opaque to their operation).
It is emphasized that the desired result is achieved without the need of attaching the new virtual disk to the selected virtual machine; therefore, any desired 10 action may be taken proactively (according to the outcome of the above-described control).
With reference now to the FIG.4, a collaboration diagram is shown representing the roles of the main software modules that may be used to implement the solution according to an embodiment of the invention. These software modules 15 are denoted as a whole with the reference 400. The information (programs and data) is typically stored in the storage systems of the above-described data-processing center and loaded (at least partially) into the working memory of a specific processing system thereof when the programs are running. The programs are initially installed onto the storage systems, for example, from DVDs (through the console of 2 0 the data-processing center). Particularly, the figure describes both the static structure of the software modules and their dynamic behavior (by means of a series of exchanged messages, each one representing a corresponding action, denoted with sequence numbers preceded by the symbol "A").
Particularly, a virtual disk manager 405 controls the usage of all the virtual
2 5 disks in the data-processing center. For this purpose, the virtual disk manager 405
receives any request of adding a new virtual disk to a selected virtual machine (denoted with the reference 220s); the selected virtual machine 220s is already hosted on the virtualization layer 415, and it has at least the system virtual disk for its guest operating system (denoted with the reference 225s) attached thereto. The
3 0 request is typically submitted to the virtual disk manager 405 manually by a system
-9-
administrator - for example, through a corresponding web interface (action "Al.Add").
The virtual disk manager 405 controls a virtual disk repository 410 that stores the images of all the virtual disks that may be used in the data-processing center. If 5 the image of the new virtual disk is not available in the virtual disk repository 410, it is loaded therein - for example, from a web site of a corresponding vendor (action "A2.Load"). A discovering manager 415 discovers the new application programs comprised in the new virtual disk from its image (in the virtual disk repository 410); for example, when the new virtual disk conforms to the Open Virtualization Format 10 (OVF) specification, the new application programs comprised therein are extracted from its OVF descriptor (in the ProductSection element of the VirtualSection element, between the tags <Product> and </Product> and between the tags <FullVersion> and </FullVersion>); alternatively, the image of the new virtual disk is scanned by leveraging an Application Program Interface (API) provided by its 15 vendor (for example, the VDDK of VMware). The composition information of the new virtual disk so obtained is added to a composition library 420. For example, the composition library 420 comprises a record for each known virtual disk (already loaded in the virtual disk repository 410); the record comprises a unique identifier of the known virtual disk that is extracted from its image, and a unique identifier of 2 0 each one of its application programs (defining its vendor, name, version and release). In this way, the composition information of all the virtual disks that may be used in the data-processing center is directly available in the composition library 420, so as to avoid repeating the above-described operations that may be very time and resource consuming (action "A3.Discover").
2 5 In any case, the virtual disk manager 405 passes the request of adding the new virtual disk to a licensing advisor 425. In response thereto, the licensing advisor 425 extracts the composition information of the new virtual disk from the composition library 420, wherein it is always present in view of the above (action "A4.Extract"). For each new application program of the new virtual disk so determined, the
3 0 licensing advisor 425 retrieves the corresponding license entitlement from a license
- 10-
repository 430 (storing the license entitlements of all the software programs that may be used in the data-processing center - typically populated by a procurement administrator manually); for example, the license repository 430 comprises a record for each software program (i.e., operating system or application program), identified 5 by its vendor, name, version and release, with a maximum number of instances of the software program that may be used in the data-processing center and a current number thereof (action "A5 .Retrieve"). The licensing advisor 425 now compares the composition information of the new virtual disk with the license entitlements of its new application programs, in order to enable or prevent the attachment of the new 10 virtual disk to the selected virtual machine 220s according to the result of this comparison (action "A6.Compare").
If the result of this comparison indicates that the further usage of all the new software programs on the selected virtual machine is possible (for example, because the difference between their maximum number and the current number is higher than 15 zero), the virtual disk manager 405 accordingly instructs an activation manager 435; the activation manager 435 communicates with the virtualization layer 415 by leveraging its API (for example, the VIX interface of the VMware), in order to be able to automate different operations on the selected virtual machine 220s and its guest operating system (action "A7.Enable"). In response thereto, the activation 2 0 manager 435 attaches the image of the new virtual disk in the repository 410 to the selected virtual machine 220s - wherein it is denoted with the reference 225n (action "A8.Attach"). Advantageously, the new virtual disk 225n is of the self-activating type. In this case, the new virtual disk 225n comprises a de-activation module for its automatic de-activation (as described in the following), which is copied by the
2 5 activation manager 435 from the new virtual disk 225n to the system disk 225s
(action "A9.Copy"). The activation manager 435 than automatically activates the new application programs that are comprised in the new virtual disk 225n; for example, the new virtual disk 225n may comprise a software package for the new application programs (with the corresponding files and instructions for activating
3 0 them), which is applied onto the selected virtual machine 220s under the control of
-11 -
an installation engine (not shown in the figure) of the activation manager 435 (action "A10.Activate"). As a further improvement, the activation manager 435 may also execute a customization script that is comprised in the new virtual disk 225n. The customization script collects configuration information of the selected virtual 5 machine 220s - for example, its IP address (action "A11.Collect"). This configuration information is used to customize some of the new application programs accordingly - for example, by updating the IP address of communication sockets that are embedded in their private data (action "A12.Customize"). Once the new virtual disk 225n has been successfully attached to the selected virtual machine 220s (and 10 activated/customized), the licensing advisor 425 accordingly updates the license entitlements of the new application programs (just added to the selected virtual machine 220s) in the license repository 430 - for example, by increasing their current number (action "A13.Update").
Conversely, if the result of the comparison between the composition 15 information of the new virtual disk and the license entitlements of its new application programs indicates that the further usage of all the new application programs on the selected virtual machine is not possible (for example, because the difference between the maximum number and the current number of one or more of them is zero), the virtual disk manager 405 prevents the attachment of the new virtual disk to the 2 0 selected virtual machine 220s. In this case, a warning message (comprising an indication of the license entitlements that cannot be fulfilled) is returned to the system administrator (action "14.Prevent").
The virtual disk manager 405 also receives any request of removing an old virtual disk (denoted with the reference 225o) from a further selected virtual
2 5 machine, the same as above (220s) for the sake of simplicity. In this case as well, the request is submitted to the virtual disk manager 405 manually by the system administrator (action "A15.Remove"). The virtual disk manager 405 accordingly instructs the activation manager 435, which at first de-activates the old application programs comprised in the old virtual disk 225o by executing the corresponding de-
3 0 activation module that was previously copied on the system virtual disk 225s (action
- 12-
"A16.De-activate"). The activation manager 435 then deletes the de-activation module of the old virtual disk 225o from the system virtual disk 225s (action "A17.Delete"). At this point, the activation manager 435 may detach the old virtual disk 225o from the selected virtual machine 220s (action "A18.Detach"). Once the 5 old virtual disk 225o has been successfully detached from the selected virtual machine 220s (and de-activated), the virtual disk manager 405 notifies the licensing advisor 425. In response thereto, the licensing advisor 425 extracts the composition information of the old virtual disk 225o from the composition library 420 (action "A19.Extract"). The licensing advisor 425 then accordingly updates the license 10 entitlements of the old application programs (just removed from the selected virtual machine 220s) in the license repository 430 - for example, by decreasing their current number (action "A20.Update").
Naturally, in order to satisfy local and specific requirements, a person skilled in the art may apply to the solution described above many logical and/or physical 15 modifications and alterations. More specifically, although this solution has been described with a certain degree of particularity with reference to one or more embodiments thereof, it should be understood that various omissions, substitutions and changes in the form and details as well as other embodiments are possible. Particularly, different embodiments of the invention may even be practiced without 2 0 the specific details (such as the numerical values) set forth in the preceding description to provide a more thorough understanding thereof; conversely, well-known features may have been omitted or simplified in order not to obscure the description with unnecessary particulars. Moreover, it is expressly intended that specific elements and/or method steps described in connection with any embodiment
2 5 of the disclosed solution may be incorporated in any other embodiment as a matter of general design choice. In any case, the terms include, comprise, have and contain (and any forms thereof) should be intended with an open, non-exhaustive meaning (i.e., not limited to the recited items), the terms based on, dependent on, according to, function of (and any forms thereof) should be intended as a non-exclusive
3 0 relationship (i.e., with possible further variable involved), and the term a/an should
- 13 -
be intended as one or more items (unless expressly indicated otherwise).
For example, an embodiment of the invention provides a method for controlling usage of virtual disks in a data-processing center (of any type, see below) hosting a set of (one or more) virtual machines; the virtual machines may be 5 implemented in any other way (for example, under the control of a hypervisor directly running on the hardware without any host operating system). Each virtual disk comprises a set of (one or more) software artifacts; the software artifacts may be of any type (for example, application programs, operating systems, databases, multimedia contents, and so on) and may be provided in any format (completely new
10 software artifacts or new versions/releases thereof, in full format or in upgrade format, and so on).
The method comprises the following steps. A request of adding a new virtual disk comprising a set of (one or more) new software artifacts to a selected one of the virtual machines is detected (in any way - for example, with hooking techniques).
15 Composition information of the new virtual disk is determined (in any way, see below); the composition information of the new virtual disk comprises an indication of the new software artifacts (in any format, for example, based on corresponding signatures). An indication of usage entitlements of the new software artifacts in the data-processing center is retrieved; the usage entitlements may be of any type (for
2 0 example, simply defining usage authorizations based on internal policies) or defined in any way (for example, according to the residual number of instances of the software artifacts that may be further used, or based on the physical/virtual resources that are allocated to the software artifacts). The attachment of the new virtual disk to the selected virtual machine is enabled or prevented according to a comparison
2 5 between the composition information of the new virtual disk and the usage entitlements of the new software artifacts (in any way, see below). The new virtual disk is attached to the selected virtual machine in response to the enabling thereof. The usage entitlements of the new software artifacts are then updated in response to the attachment of the new virtual disk to the selected virtual machine (in any way, for
3 0 example, by decreasing their residual number, or by updating the amount of
- 14-
resources allocated thereto).
However, the same solution may be implemented with an equivalent method (by using similar steps with the same functions of more steps or portions thereof, removing some steps being non-essential, or adding further optional steps);
5 moreover, the steps may be performed in a different order, concurrently or in an interleaved way (at least in part).
In an embodiment of the invention, the method further comprises the following steps. A request of removing an old virtual disk comprising a set of (one or more) old software artifacts from a further selected one of the virtual machines is 10 detected (in any way, as above). The old virtual disk is detached from the further selected virtual machine. Composition information of the old virtual disk is determined (in any way, see below); the composition information of the old virtual disk comprises an indication of the old software artifacts (in any format, as above). Usage entitlements of the old software artifacts are updated in response to the 15 detachment of the old virtual disk from the further selected virtual machine (in any way, as above).
However, a very basic implementation that controls the addition of new virtual disks only is contemplated.
In an embodiment of the invention, the step of determining composition 2 0 information of the new virtual disk comprises retrieving the composition information of the new virtual disk from a composition library in response to the presence thereof, or discovering the composition information of the new virtual disk and saving the composition information of the new virtual disk into the composition library otherwise; in addition or in alternative, the step of determining composition
2 5 information of the old virtual disk comprises retrieving the composition information of the old virtual disk from the composition library.
However, the composition information of the (new and/or old) virtual disks may be determined in any other way (for example, by downloading it from the web sites of the corresponding vendors), even without any composition library.
3 0 In an embodiment of the invention, the step of discovering the composition
- 15 -
information of the new virtual disk comprises extracting the composition information of the new virtual disk from a descriptor thereof comprised in the new virtual disk.
However, the composition information of the new virtual disk may be discovered in any other way (for example, from End User License Agreements 5 (EULAs) of its software artifacts).
In an embodiment of the invention, the step of enabling or preventing the attachment of the new virtual disk to the selected virtual machine comprises enabling the attachment in response to a fulfillment of the usage entitlements of the new software artifacts following the attachment of the new virtual disk to the selected
10 virtual machine, or preventing the attachment otherwise.
However, different actions may be taken when the usage entitlements of the new software artifacts are not fulfilled; for example, it is possible to enable the attachment of the new virtual disk temporarily (such as for test purposes). Moreover, the corresponding warning message may comprise any additional or different pieces
15 of information (for example, from a simple error code to a suggestion of possible actions to be taken to solve the problem).
In an embodiment of the invention, the step of attaching the new virtual disk to the selected virtual machine comprises activating the new software artifacts by applying an activation module comprised in the new virtual disk.
2 0 However, the new software artifacts may be activated in any other way (for example, by launching an installation program thereof); moreover, this result may also be achieved without any activation manager (for example, with an AutoRun program that is executed automatically after the new virtual disk has been attached to the selected virtual machine). In any case, nothing prevents applying the proposed
2 5 solution to standard virtual disks (not of the self-activation type).
In an embodiment of the invention, the step of activating the new software artifacts comprises collecting configuration information of the selected virtual machine, and customizing at least one of the new software artifacts according to the configuration information of the selected virtual machine.
3 0 However, the configuration information of the selected virtual machine may
- 16-
be on any type (for example, its hostname) and it may be used in any way (for example, for customizing endpoints of other communication channels); in any case, the activation manager may only control the activation of the new software artifacts, whereas their customization is performed manually by the system administrator.
In an embodiment of the invention, each virtual machine has a system virtual disk attached thereto; the system virtual disk comprises a guest operating system of the virtual machine (of any type). The step of activating the new virtual disk comprises copying a de-activation module of the new software artifacts from the new virtual disk to the system virtual disk of the selected virtual machine; the step of detaching the old virtual disk from the further selected virtual machine comprises deactivating the old software artifacts by launching the corresponding de-activation module from the system virtual disk of the further selected virtual machine.
However, the de-activation module may be of any type (for example, a single de-activation script for all the software artifacts of each virtual disk or a distinct deactivation script for each one of them); in any case, nothing prevents de-activating the software artifacts in any other way, even manually by the system administrator.
In an embodiment of the invention, the step of de-activating the old software artifacts comprises deleting the de-activation module of the old software artifacts from the system virtual disk of the further selected virtual machine.
However, this operation is not strictly necessary and it may also be omitted in a basic implementation.
An embodiment of the invention provides a computer program, which comprises code means for causing a data-processing system (for example, the above-described data-processing center) to perform the steps of the proposed method when the computer program is executed on the system.
However, the program may be implemented as a stand-alone module, as a plug-in for a provisioning tool, or even directly in the provisioning tool itself. It would be readily apparent that it is also possible to deploy the same solution as a service that is accessed through a network (such as in the Internet). In any case, similar considerations apply if the program is structured in a different way, or if
- 17-
additional modules or functions are provided; likewise, the memory structures may be of other types, or may be replaced with equivalent entities (not necessarily consisting of physical storage media). The program may take any form suitable to be used by any data-processing system or in connection therewith (for example, within a 5 virtual machine), thereby configuring the system to perform the desired operations; particularly, the program may be in the form of external or resident software, firmware, or micro-code (either in object code or in source code - for example, to be compiled or interpreted). Moreover, it is possible to provide the program on any computer-usable medium (and particularly as an article of manufacture on a non-
10 transitory medium); the medium may be any element suitable to contain, store, communicate, propagate, or transfer the program. For example, the medium may be of the electronic, magnetic, optical, electromagnetic, infrared, or semiconductor type; examples of such medium are fixed disks (where the program may be pre-loaded), removable disks, tapes, cards, wires, fibers, wireless connections, networks,
15 broadcast waves, and the like. In any case, the solution according to an embodiment of the present invention lends itself to be implemented even with a hardware structure (for example, integrated in a chip of semiconductor material), or with a combination of software and hardware suitably programmed or otherwise configured.
2 0 An embodiment of the invention provides a data-processing system (for example, the above-described data-processing center), which comprises means for performing the steps of the same method.
However, similar considerations apply if the data-processing system has a different structure or comprises equivalent components, or it has other operative
2 5 characteristics. In any case, every component thereof may be separated into more elements, or two or more components may be combined together into a single element; moreover, each component may be replicated to support the execution of the corresponding operations in parallel. It is also pointed out that (unless specified otherwise) any interaction between different components generally does not need to
3 0 be continuous, and it may be either direct or indirect through one or more
- 18-
intennediaries. More specifically, the same method may also be carried out on a data-processing system based on a different architecture (for example, a local, wide area, global, cellular or satellite network), and exploiting any type of (wired and/or wireless) connections; moreover, its implementation on a stand-alone computer is not 5 excluded. In any case, each computer of the data-processing center may have another structure or may comprise similar elements (such as cache memories temporarily storing the programs or parts thereof); moreover, it is possible to replace the computer with any code execution entity, either based on a physical machine or a virtual machine (such as a PDA, a mobile phone, and the like), or with a combination 10 of multiple entities (such as a multi-tier architecture, a grid computing infrastructure, and the like).
- 19-
Claims (1)
1. A method (A1-A20) for controlling usage of virtual disks in a data-processing center hosting a set of virtual machines, each virtual disk comprising a set
5 of software artifacts, wherein the method comprises the steps of:
detecting (Al) a request of adding a new virtual disk comprising a set of new software artifacts to a selected one of the virtual machines,
determining (A2-A4) composition information of the new virtual disk, the composition information of the new virtual disk comprising an indication of the new 10 software artifacts,
retrieving (A5) an indication of usage entitlements of the new software artifacts in the data-processing center,
enabling or preventing (A6) the attachment of the new virtual disk to the selected virtual machine according to a comparison between the composition 15 information of the new virtual disk and the usage entitlements of the new software artifacts,
attaching (A7-A12) the new virtual disk to the selected virtual machine in response to the enabling thereof, and updating (A13) the usage entitlements of the new software artifacts in 2 0 response to the attachment of the new virtual disk to the selected virtual machine.
2. The method (A1-A20) according to claim 1, further comprising the steps of:
detecting (A 15) a request of removing an old virtual disk comprising a set of old software artifacts from a further selected one of the virtual machines,
2 5 detaching (A16-A18) the old virtual disk from the further selected virtual machine,
determining (A19) composition information of the old virtual disk, the composition information of the old virtual disk comprising an indication of the old software artifacts, and
3 0 updating (A20) usage entitlements of the old software artifacts in response to
-20-
the detachment of the old virtual disk from the further selected virtual machine.
3. The method (A1-A20) according to claim 1 or 2,
wherein the step of determining (A2-A4) composition information of the new virtual disk comprises retrieving (A4) the composition information of the new virtual 5 disk from a composition library in response to the presence thereof, or discovering (A3) the composition information of the new virtual disk and saving the composition information of the new virtual disk into the composition library otherwise,
and/or wherein the step of determining (A19) composition information of the old virtual disk comprises retrieving (A 19) the composition information of the old virtual
10 disk from the composition library.
4. The method (A1-A20) according to claim 3, wherein the step of discovering (A3) the composition information of the new virtual disk comprises:
extracting (A4) the composition information of the new virtual disk from a descriptor thereof comprised in the new virtual disk.
15 5. The method (A1-A20) according to any claim from 1 to 4, wherein the step of enabling or preventing (A6) the attachment of the new virtual disk to the selected virtual machine comprises:
enabling (A6) the attachment in response to a fulfillment of the usage entitlements of the new software artifacts following the attachment of the new virtual
2 0 disk to the selected virtual machine, or preventing the attachment otherwise.
6. The method (A1-A20) according to any claim from 1 to 5, wherein the step of attaching (A7-A12) the new virtual disk to the selected virtual machine comprises: activating (A9-A12) the new software artifacts by applying an activation module comprised in the new virtual disk.
2 5 7. The method (A1-A20) according to claim 6, wherein the step of activating
(A9-A12) the new software artifacts comprises:
collecting (All) configuration information of the selected virtual machine,
and customizing (A 12) at least one of the new software artifacts according to the
3 0 configuration information of the selected virtual machine.
-21 -
8. The method (A1-A20) according to claim 6 ox 1 when dependent directly or indirectly on claim 2, wherein each virtual machine has a system virtual disk attached thereto, the system virtual disk comprising a guest operating system of the virtual machine,
5 wherein the step of activating (A9-A12) the new virtual disk comprises copying (A9) a de-activation module of the new software artifacts from the new virtual disk to the system virtual disk of the selected virtual machine,
and wherein the step of detaching (A16-A18) the old virtual disk from the further selected virtual machine comprises de-activating (A16-A17) the old software 10 artifacts by launching the corresponding de-activation module from the system virtual disk of the further selected virtual machine.
9. The method (A1-A20) according to claim 8, wherein the step of deactivating (A16-A18) the old software artifacts comprises:
deleting (A 17) the de-activation module of the old software artifacts from the 15 system virtual disk of the further selected virtual machine.
10. A computer program (400) comprising code means for causing a data-processing system (100) to perform the steps of the method (A1-A20) according to any claim from 1 to 9 when the computer program is executed on the data-processing system.
2 0 11. A data-processing system (100) comprising means (400) configured for performing the steps of the method (A1-A20) according to any claim from 1 to 9.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP11092712 | 2011-12-09 |
Publications (3)
| Publication Number | Publication Date |
|---|---|
| GB201221333D0 GB201221333D0 (en) | 2013-01-09 |
| GB2499077A true GB2499077A (en) | 2013-08-07 |
| GB2499077B GB2499077B (en) | 2014-12-03 |
Family
ID=47560752
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| GB1221333.6A Active GB2499077B (en) | 2011-12-09 | 2012-11-27 | Controlling usage of virtual disks before their attachment to virtual machines |
Country Status (1)
| Country | Link |
|---|---|
| GB (1) | GB2499077B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060155667A1 (en) * | 2004-12-10 | 2006-07-13 | Microsoft Corporation | Systems and methods for attaching a virtual machine virtual hard disk to a host machine |
| US20060218544A1 (en) * | 2005-03-25 | 2006-09-28 | Microsoft Corporation | Mechanism to store information describing a virtual machine in a virtual disk image |
| US20080098391A1 (en) * | 2006-10-20 | 2008-04-24 | Alexander Medvedev | Method to share licensed applications between virtual machines |
| US20090328225A1 (en) * | 2007-05-16 | 2009-12-31 | Vmware, Inc. | System and Methods for Enforcing Software License Compliance with Virtual Machines |
| US20110276806A1 (en) * | 2010-05-09 | 2011-11-10 | Ryan Matthew Casper | Creation and Delivery of Encrypted Virtual Disks |
-
2012
- 2012-11-27 GB GB1221333.6A patent/GB2499077B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060155667A1 (en) * | 2004-12-10 | 2006-07-13 | Microsoft Corporation | Systems and methods for attaching a virtual machine virtual hard disk to a host machine |
| US20060218544A1 (en) * | 2005-03-25 | 2006-09-28 | Microsoft Corporation | Mechanism to store information describing a virtual machine in a virtual disk image |
| US20080098391A1 (en) * | 2006-10-20 | 2008-04-24 | Alexander Medvedev | Method to share licensed applications between virtual machines |
| US20090328225A1 (en) * | 2007-05-16 | 2009-12-31 | Vmware, Inc. | System and Methods for Enforcing Software License Compliance with Virtual Machines |
| US20110276806A1 (en) * | 2010-05-09 | 2011-11-10 | Ryan Matthew Casper | Creation and Delivery of Encrypted Virtual Disks |
Also Published As
| Publication number | Publication date |
|---|---|
| GB2499077B (en) | 2014-12-03 |
| GB201221333D0 (en) | 2013-01-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10635482B2 (en) | Controlling usage of virtual disks before their attachment to virtual machines | |
| US11405274B2 (en) | Managing virtual network functions | |
| US8910157B2 (en) | Optimization of virtual appliance deployment | |
| US9971618B2 (en) | System and method to reconfigure a virtual machine image suitable for cloud deployment | |
| JP5827687B2 (en) | Method, computer program and system for automatic upgrade of virtual appliance | |
| US9239814B2 (en) | System and method for creating or reconfiguring a virtual server image for cloud deployment | |
| US9471365B2 (en) | Techniques for performing virtual machine software upgrades using virtual disk swapping | |
| US9513938B2 (en) | Virtual appliance integration with cloud management software | |
| JP5367074B2 (en) | Virtual machine and application life cycle synchronization | |
| US9104431B2 (en) | Deployment of a software image on multiple targets with streaming technique | |
| US11520919B2 (en) | Sharing of data among containers running on virtualized operating systems | |
| US9477504B2 (en) | Maintenance of offline virtual machines based on a maintenance register | |
| US10574524B2 (en) | Increasing reusability of and reducing storage resources required for virtual machine images | |
| US10715594B2 (en) | Systems and methods for update propagation between nodes in a distributed system | |
| US20120246639A1 (en) | Configuration of virtual appliances | |
| US10101915B2 (en) | Methods and apparatus to manage inter-virtual disk relations in a modularized virtualization topology using virtual hard disks | |
| US20190028331A1 (en) | Systems and methods for update propagation between nodes in a distributed system | |
| US20220357997A1 (en) | Methods and apparatus to improve cloud management | |
| US20160378361A1 (en) | Methods and apparatus to apply a modularized virtualization topology using virtual hard disks | |
| GB2499077A (en) | Controlling attachment of virtual disks to virtual machines conditional upon usage entitlements to software artefacts on the disks | |
| US9311124B2 (en) | Integrated deployment of centrally modified software systems | |
| WO2020029995A1 (en) | Application upgrading through sharing dependencies |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| 746 | Register noted 'licences of right' (sect. 46/1977) |
Effective date: 20141216 |