US20180276009A1 - Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework - Google Patents
Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework Download PDFInfo
- Publication number
- US20180276009A1 US20180276009A1 US15/994,653 US201815994653A US2018276009A1 US 20180276009 A1 US20180276009 A1 US 20180276009A1 US 201815994653 A US201815994653 A US 201815994653A US 2018276009 A1 US2018276009 A1 US 2018276009A1
- Authority
- US
- United States
- Prior art keywords
- capabilities
- plugin
- asset
- application
- virtualization
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 53
- 230000004044 response Effects 0.000 claims abstract description 24
- 230000015654 memory Effects 0.000 claims description 59
- 230000006870 function Effects 0.000 claims description 48
- 230000008569 process Effects 0.000 claims description 25
- 238000013507 mapping Methods 0.000 claims description 19
- 238000004519 manufacturing process Methods 0.000 abstract description 9
- 239000003795 chemical substances by application Substances 0.000 description 198
- 238000004891 communication Methods 0.000 description 35
- 238000012544 monitoring process Methods 0.000 description 14
- 230000008859 change Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 9
- 238000013459 approach Methods 0.000 description 8
- 238000003491 array Methods 0.000 description 8
- 230000001360 synchronised effect Effects 0.000 description 8
- 238000005204 segregation Methods 0.000 description 6
- 238000013515 script Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000001413 cellular effect Effects 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 230000003139 buffering effect Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000001902 propagating effect Effects 0.000 description 2
- 241000283973 Oryctolagus cuniculus Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 230000004931 aggregating effect Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000006837 decompression Effects 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 239000002184 metal Substances 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000000737 periodic effect Effects 0.000 description 1
- 230000003362 replicative effect Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44521—Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
- G06F9/44526—Plug-ins; Add-ons
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Definitions
- This disclosure relates generally to computing environments, and, more particularly, to methods and apparatus to manage asset in a computing environment using a common agent framework.
- Virtualizing computer systems provides benefits such as the ability to execute multiple computer systems on a single hardware computer, replicating computer systems, moving computer systems among multiple hardware computers, and so forth.
- Example systems for virtualizing computer systems are described in U.S. patent application Ser. No. 11/903,374, entitled “METHOD AND SYSTEM FOR MANAGING VIRTUAL AND REAL MACHINES,” filed Sep. 21, 2007, and granted as U.S. Pat. No. 8,171,485, U.S. Provisional Patent Application No. 60/919,965, entitled “METHOD AND SYSTEM FOR MANAGING VIRTUAL AND REAL MACHINES,” filed Mar. 26, 2007, and U.S. Provisional Patent Application No. 61/736,422, entitled “METHODS AND APPARATUS FOR VIRTUALIZED COMPUTING,” filed Dec. 12, 2012, all three of which are hereby incorporated herein by reference in their entirety.
- IaaS infrastructure-as-a-Service
- a service provider generally describes a suite of technologies provided by a service provider as an integrated solution to allow for elastic creation of a virtualized, networked, and pooled computing platform (sometimes referred to as a “cloud computing platform”).
- Enterprises may use IaaS as a business-internal organizational cloud computing platform (sometimes referred to as a “private cloud”) that gives a developer access to infrastructure resources, such as virtualized servers, storage, and networking resources.
- infrastructure resources such as virtualized servers, storage, and networking resources.
- FIG. 1A is a block diagram of an example computing environment constructed in accordance with the teachings of this disclosure to facilitate management of capabilities using a common agent framework.
- FIG. 1B is a block diagram of an alternate example computing environment constructed in accordance with the teachings of this disclosure to facilitate management of capabilities using a common agent framework.
- FIG. 2 is a block diagram of an example implementation of the example capabilities management agent of FIGS. 1A and/or 1B constructed in accordance with the teachings of the disclosure.
- FIG. 3 illustrates an example plugin registration file that may be used by the example capabilities management agent of FIGS. 1A, 1B and/or 2 to register the example plugin of FIGS. 1A and/or 1B .
- FIG. 4 illustrates an example plugin invoker file that may be used by the example capabilities management agent of FIGS. 1A, 1B and/or 2 to invoke the example plugin of FIGS. 1A and/or 1B .
- FIG. 5 illustrates an example invoke request file that may be executed by the example capabilities management agent of FIGS. 1A, 1B and/or 2 to invoke a capability.
- FIG. 6 illustrates an example data table that may be employed by the example plugins registrar of FIG. 2 to store registered plugins-invoker mappings.
- FIG. 7 illustrates an example schema of functions file that may be used by the example capabilities management agent of FIGS. 1A, 1B and/or 2 to determine the capabilities provided by the example plugin of FIGS. 1A and/or 1B .
- FIG. 8 illustrates an example data table that may be employed by the example capabilities management agent of FIGS. 1A, 1B and/or 2 to store capability-plugin mappings.
- FIG. 9 is a flowchart representative of example machine-readable instructions that may be executed to implement the example application of FIGS. 1A and/or 1B .
- FIGS. 10 and 11 are flowcharts representative of example machine-readable instructions that may be executed to implement the example capabilities management agent of FIGS. 1A and/or 1B .
- FIG. 12 is a block diagram of an example processing platform capable of executing the example machine-readable instructions of FIG. 9 to implement the example application of FIGS. 1A and/or 1B .
- FIG. 13 is a block diagram of an example processing platform capable of executing the example machine-readable instructions of FIGS. 10 and/or 11 to implement the example capabilities management agent of FIGS. 1A, 1B and/or 2 .
- Examples disclosed herein facilitate a common agent framework to manage asset capabilities in an enterprise. For example, disclosed examples install a capabilities management agent on one or more asset(s) in the enterprise to enable one or more application(s) to securely and efficiently add, discover and/or invoke capabilities available at the asset.
- disclosed examples implement the common agent framework in a platform-agnostic and/or language-agnostic manner. For example, the capabilities management agent may invoke capabilities written in different languages (e.g., Java, python, C++, etc.) at the same time.
- Virtual computing services enable one or more assets to be hosted within a computing environment.
- an asset is a computing resource (physical or virtual) that may host a wide variety of different applications such as, for example, an email server, a database server, a file server, a web server, etc.
- Example assets include physical hosts (e.g., non-virtual computing resources such as servers, processors, computers, etc.), virtual machines, containers that run on top of a host operating system without the need for a hypervisor or separate operating system, hypervisor kernel network interface modules, etc.
- an asset may be referred to as a compute node, an end-point, a data computer end-node or as an addressable node.
- Virtual machines operate with their own guest operating system on a host using resources of the host virtualized by virtualization software (e.g., a hypervisor, virtual machine monitor, etc.). Numerous virtual machines can run on a single computer or processor system in a logically separated environment (e.g., separated from one another). A virtual machine can execute instances of applications and/or programs separate from application and/or program instances executed by other virtual machines on the same computer.
- virtualization software e.g., a hypervisor, virtual machine monitor, etc.
- Numerous virtual machines can run on a single computer or processor system in a logically separated environment (e.g., separated from one another).
- a virtual machine can execute instances of applications and/or programs separate from application and/or program instances executed by other virtual machines on the same computer.
- containers are virtual constructs that run on top of a host operating system without the need for a hypervisor or a separate guest operating system.
- Containers can provide multiple execution environments within an operating system. Like virtual machines, containers also logically separate their contents (e.g., applications and/or programs) from one another, and numerous containers can run on a single computer or processor system.
- a host operating system uses namespaces to isolate containers from each other to provide operating-system level segregation of applications that operate within each of the different containers. This segregation can be viewed as a form of virtualization that isolates different groups of applications that operate in different containers. In some examples, such containers are more lightweight than virtual machines.
- a container OS may execute as a guest OS in a virtual machine.
- Management applications provide administrators visibility into the condition of assets in a computing environment (e.g., a data center). Administrators can inspect the assets, see the organizational relationships of a virtual application, filter log files, overlay events versus time, etc.
- an application may install one or more plugins (sometimes referred to herein as “agents”) at the asset to perform monitoring operations.
- a first management application may install a first monitoring agent at an asset to track an inventory of physical resources and logical resources in a computing environment
- a second management application may install a second monitoring agent at the asset to provide real-time log management of events, analytics, etc.
- a third management application may install a third monitoring agent to provide operational views of trends, thresholds and/or analytics of the asset, etc.
- executing the different monitoring agents at the asset consumes resources (e.g., physical resources) allocated to the asset.
- some monitoring agents may perform one or more similar task(s).
- Examples disclosed herein facilitate a common agent framework in a computing environment to enable management applications to securely and efficiently manage capabilities at the asset in the computing environment.
- a capabilities management agent installed on the asset to maintain a catalog of capabilities (sometimes referred to herein as a “schema” or a “set of capabilities”) available at the asset.
- the example capabilities management agent facilitates adding capabilities (sometimes referred to herein as “functions,” “tasks,” “processes” or “operations”) available at the asset.
- the example capabilities management agent registers plugin(s) provided by the management application in a plugins inventory.
- the example capabilities management agent may record a plugin identifier (e.g., included in a plugin registration file) in the plugins inventory.
- the plugin identifier may include a plugin namespace identifier, a plugin name identifier and a plugin version identifier.
- the plugin registration file also includes a reference to a plugin invoker (e.g., a file, a script, a program, etc.) associated with the plugin (sometimes referred to herein as a “provider” or a “capabilities provider”).
- a plugin invoker may facilitate executing the plugin. For example, when called by the example capabilities management agent, a plugin invoker may first load resources (e.g., a python library) that may be used by the plugin and then call the plugin (e.g., a plugin written in python) to execute.
- the example capabilities management agent in response to registering the plugin in the example plugins inventory, identifies one or more new capabilities made available by the plugin for executing.
- the capabilities management agent may execute the plugin (e.g., by calling the associated plugin invoker) and request that the plugin provide a schema of functions describing a set of capabilities made available by the plugin.
- the example capabilities management agent records the set of capabilities in a catalog of capabilities based on the identifiers of the capabilities in the set.
- a capability identifier may include a class namespace, a class name, a class version and/or a capability name.
- a class (sometimes referred to as a “capability group”) is a set of capabilities that may be identified by the same namespace, name and version.
- the capabilities management agent facilitates the management application discovering capabilities available to the asset by providing an updated catalog of capabilities to the management application. For example, when a new plugin is installed in the capabilities management agent at the asset, new capabilities (e.g., functions, tasks, processes, operations, etc.) are made available for executing.
- An example benefit of the capabilities management agent providing an updated catalog of capabilities to the management application is to enable the management application to determine whether to install their own plugin at the asset as the capabilities available at the asset change. For example, when a management application connects with the capabilities management agent, the management application may request that the example capabilities management agent provide the catalog of capabilities.
- the management application does not install a management application plugin at the asset, thereby enabling the asset to consume fewer of the resources allocated to the asset.
- the plugin may be a proactive plugin that continuously (or nearly continuously) executes at the asset.
- a service level agreement (SLA) monitoring agent may continuously execute on the asset to determine if and/or when utilization of the asset violates an SLA.
- the plugin may be a reactive plugin that responds (e.g., executes at the asset) when requested.
- an agent installer plugin may respond (e.g., install an agent) when requested and remain idle otherwise, thereby conserving resources (e.g., processing power, memory, etc.) consumed at the asset.
- the example capabilities management agent may limit resource utilization at the asset (e.g., by the installed plugins) by disabling proactive plugins. For example, while a plugin is performing a monitoring function (e.g., an SLA check), the example capabilities management agent may disable the proactive plugin.
- the example capabilities management agent uses a capability identifier included in the request to determine a particular plugin that is able to perform the requested task. For example, a management application may invoke a capability (e.g., request the capabilities management agent perform a capability) by providing the capability identifier and one or more argument(s) needed to perform the task to the example capabilities management agent.
- the capabilities management agent queries the example catalog of capabilities for a plugin identifier that maps to the capability identifier.
- the example capabilities management agent utilizes the plugin identifier to determine the plugin invoker to be used to execute the plugin. For example, the capabilities management agent may retrieve an invoker identifier from the plugins inventory.
- the example capabilities management agent may then call the plugin invoker by providing the plugin invoker the capability identifier and the argument(s).
- the example capabilities management agent may also provide a location to store the results of performing the task.
- the plugin may record (e.g., log) output in an example results data store provided by the capabilities management agent.
- FIG. 1A is a block diagram of an example computing environment 100 employing virtual machines and a hypervisor.
- the example computing environment 100 of FIG. 1A includes an example network of storage arrays 102 in communication with one or more example computing server(s) 104 .
- the example network of storage arrays 102 may be implemented using any suitable wired and/or wireless storage including, for example, one or more Fiber Channel Storage Area Network (SAN) arrays, one or more Internet Small Computer System Interface (iSCSI) SAN arrays, one or more Network Attached Storage (NAS) arrays, etc.
- SAN Fiber Channel Storage Area Network
- iSCSI Internet Small Computer System Interface
- NAS Network Attached Storage
- the network of storage arrays 102 are connected to and shared among groups of servers through an example network 106 , thereby enabling aggregating storage resources and enabling increased flexibility in provisioning the storage resources to, for example, one or more example virtual machine(s) 110 .
- the example computing server(s) 104 may be implemented by any number of x86 or ARM (Acorn RISC Machine architecture) servers (e.g., one or more).
- the computing server(s) of the illustrated example are in communication with the example network of storage arrays 102 via the example network 106 . While in the illustrated example the computing server(s) 104 are illustrated as a single server, the computing server(s) 104 may be implemented by any number (e.g., 1, 2, 3, etc.) and/or type(s) of servers.
- 1A may be implemented using any suitable wired and/or wireless network(s) such as, for example, one or more data buses, one or more Local Area Networks (LANs), one or more wireless LANs, one or more cellular networks, the Internet, an Intranet, etc.
- LANs Local Area Networks
- wireless LANs one or more wireless LANs
- cellular networks the Internet, an Intranet, etc.
- one or more of the example computing server(s) 104 executes an example virtualization platform 108 .
- a virtualization platform (sometimes referred to as a “virtualization layer,” a “hypervisor” or a “virtual machine monitor”) abstracts processors, memory, storage and/or other resources of the computing environment into one or more virtual machines.
- the virtual machine(s) 110 include an operating system 114 and/or execute one or more applications and/or services.
- the virtualization platform 108 may be installed on a computing server without an intervening operating system (e.g., a bare-metal hypervisor).
- the virtualization platform 108 may be installed on a storage device rather than on a computing server.
- the example virtualization platform 108 of FIG. 1A virtualizes and aggregates the underlying physical hardware resources (e.g., some or all of the example network of storage arrays 102 and/or the example computing server(s) 104 ) across the physical computing environment and provides pools of virtual resources available for use in the computing environment 100 .
- the example virtual machine(s) 110 may request resources dynamically as a workload increases, and/or may release resources dynamically as the workload decreases.
- FIG. 1B is an example illustrating such a light-weight virtual computing environment 150 .
- an example computing server 152 provides a host operating system 154 .
- One or more example container(s) 156 of the example of FIG. 1B are software constructs that run on top of the host operating system 154 without the need for a virtualization platform or a separate guest operating system. Unlike virtual machines, the containers do not instantiate their own operating systems.
- the container(s) 156 are logically separate from one another. Numerous containers can run on a single computer or processor system. Also like virtual machines, the container(s) 156 can execute instances of applications or programs separate from application/program instances executed by the other containers on the same computer or processing system.
- the host operating system 154 uses namespaces to isolate the container(s) 156 from each other.
- Such an approach provides operating system level segregation of the different groups of applications that operate within the different container(s) 156 .
- This segregation is akin to the virtual machine segregation that is offered in hypervisor-based virtualized environments, and thus can be viewed as a form of virtualization that isolates different groups of applications that operate in different containers.
- FIGS. 1A and 1B are similar.
- FIG. 1A apply equally well to the like numbered parts of FIG. 1B and, to avoid redundancy, FIG. 1B will not be separately described.
- the example virtualization platform 108 has provisioned the virtual machine(s) 110 . While in the illustrated example the virtual machine(s) 110 are illustrated as a single virtual machine, the virtual machine(s) 110 may represent any number of logical resources provisioned by the virtualization platform 108 .
- the example virtualization platform 108 provisions the virtual machine(s) 110 and configures the respective virtual machine(s) 110 for operation in the computing environment 100 . For example, the virtualization platform 108 may install and configure an example operating system 112 onto the virtual machine(s) 110 .
- the example computing environment 100 of FIG. 1A includes an example virtualization manager 114 .
- the example virtualization manager 114 provides a single point of control (or point of access) to the computing environment 100 .
- the virtualization manager 114 manages the assignments of virtual machine(s) 110 to be virtualized on corresponding ones of the computing server(s) 104 , and manages the assignments of resources of the computing server(s) 104 to the virtual machine(s) 110 .
- the virtualization manager 114 includes one or more interfaces (e.g., a web-access interface) that enable applications to manage the example computing environment 100 and access the example virtualization platform 108 and/or the example virtual machine(s) 110 .
- the example computing environment 100 includes one or more example application(s) 116 that interface with the virtualization manager 114 to manage and/or access the resources in the computing environment 100 .
- the application 116 is a management application (e.g., vRealize, Log InsightTM and Hyperic®, vSphere®/vCenter manager, which are commercially available products from VMware®, Inc.) that performs monitoring operations to provide administrators visibility into the condition of the virtual machine(s) 110 .
- vRealize e.g., Log InsightTM and Hyperic®, vSphere®/vCenter manager, which are commercially available products from VMware®, Inc.
- the management application installs an agent at the virtual machine(s) being managed.
- agents provide the functions (e.g., the monitoring operations or processes) that are required by the management application.
- This traditional architecture approach has several drawbacks. For instance, each application that is managing a virtual machine may install respective agent(s) on the virtual machine, which consumes resources (e.g., physical resources) allocated to the virtual machine.
- resources e.g., physical resources
- some functions provided by the agents may be redundant. For example, two management applications that provide analytics at the managed virtual machine may both install functions to monitor disk latency at the virtual machine.
- the computing environment 100 of the illustrated example is provided with a capabilities management agent 118 .
- the virtualization platform 108 may install and configure the capabilities management agent 118 at the provisioned virtual machine(s) 110 .
- the example capabilities management agent 118 maintains an example catalog of capabilities that are available at the virtual machine 110 based on plugins installed at the virtual machine 110 .
- the capabilities management agent 118 provides the catalog of capabilities to the application, which may then determine whether to install an agent or, if the functionality is already available at the virtual machine 110 , to not install an agent.
- the example application 116 of the illustrated example of FIG. 1A includes an example agent installer 120 , an example agent controller 122 and an example data store 124 .
- the example agent installer 120 of the illustrated example of FIG. 1A installs the functions (e.g., capabilities) required by the application 116 at the virtual machine 110 .
- the agent installer 120 accesses the virtual machine 110
- the agent installer 120 requests that the virtual machine 110 provide a catalog of capabilities representing the functions installed at the virtual machine 110 and available to be invoked by the application 116 .
- the example agent installer 120 of FIG. 1A compares the capabilities included in the catalog to a schema of functions 126 required by the application 116 be available at the virtual machine 110 .
- the agent installer 120 may retrieve the schema of functions 126 from the data store 124 .
- the schema of functions 126 represents a set of functions that may be invoked by the application 116 .
- the schema of functions 126 may be a list, a file, a database, etc.
- the agent installer 120 when the agent installer 120 determines that the required function(s) are not already available at the virtual machine 110 , the agent installer 120 provides an example plugin package 128 to the capabilities management agent 118 to install and make available the function(s) for invoking at the virtual machine 110 .
- the example plugin package 128 of the illustrated example includes an example plugin 130 to provide the functions required by the application 116 and an example plugin identifier 132 to uniquely identify the plugin 130 .
- the plugin identifier 132 may include a plugin name, a plugin version and a plugin namespace.
- two plugins installed at the virtual machine 110 may be differentiated based on their respective namespaces, their respective names and/or their respective version numbers.
- the plugin identifier 132 may be included in a file (e.g., a plugin registration file), a list, as metadata in the plugin 130 , etc.
- An example plugin registration file 300 is described in connection with FIG. 3 .
- the example common agent framework disclosed herein is platform-agnostic and language-agnostic. As disclosed herein, while plugin developers write their plugins in a particular language for a particular platform, the plugin developers can write the plugins in the particular language and/or platform of their choice. For example, plugin developers utilizing the techniques disclosed herein are not required to write their plugins in a specified language or for a specified platform. In addition, developers employing the common agent framework are not required to prepare specific versions of their plugins for different platforms and/or languages. For example, developers employing the common agent framework are able to use whichever language is most appropriate for a platform. For example, developers may develop a plugin for a Windows platform or a *nix platform in Java, python and/or C++. In other examples, developers that develop a plugin using the PowerShell language may be limited to the Windows platform.
- the example plugin package 128 includes an example invoker 134 that operates as a translator to provide platform and language interoperability.
- the example invoker 134 may be a shell script that enables an instruction received in C++ to be executed by a plugin written in python.
- the example invoker 134 also provides resources that are needed by the plugin 130 to execute.
- the invoker 134 may retrieve and/or load a language interpreter (e.g., Java, Python, Perl, etc.) that can be utilized by the plugin 130 during execution (e.g., when called).
- the example invoker 134 includes an example invoker identifier 135 that may be used to call the invoker 134 .
- the example capabilities management agent 118 may read the plugin identifier 132 to determine the plugin invoker 134 to call.
- the plugin invoker 134 prepares the language-specific path(s) (e.g., PYTHON_PATH, LD_LIBRARY_PATH) and calls the plugin in the language-specific manner.
- the language-specific path(s) e.g., PYTHON_PATH, LD_LIBRARY_PATH
- An implementation of an example plugin invoker 134 is described in connection with FIG. 4 .
- the example agent controller 122 of the illustrated example of FIG. 1A provides requests 136 to the capabilities management agent 118 to perform monitoring operations.
- the agent controller 122 may instruct the capabilities management agent 118 to kill a process running at the virtual machine 110 , to log resource utilization at the virtual machine 110 , etc.
- the example request 136 includes a capability identifier 138 and one or more argument(s) 140 used by the corresponding capability.
- the capability identifier 138 may include a class (e.g., a namespace (e.g., “Application1”), a name (e.g., “process”) and a version number (e.g., “1.0”).
- a class represents a set of capabilities that are identified by the same namespace, same name and same version.
- an example class e.g., “Application1/ process/ 1.0” may include a “kill” operation to kill a process and a “pause” operation to pause a process.
- Including a class in the capability identifier 138 may be useful in avoiding naming conflicts between different developers.
- the example request 136 does not include a plugin identifier.
- This approach may be useful if, for example, an application 116 can use a plugin that was previously installed by another application. That is, to the application 116 , it does not matter which plugin executes their monitoring operations, but, rather, that the requested monitoring operation can be performed at the virtual machine 110 .
- the example plugins monitor 245 maintains a mapping between capabilities and the plugins that perform those capabilities. As a result, developers (e.g., application developers) do not need to worry about plugin names to call their functions.
- plugins may be used by applications that were unanticipated or unknown to developers at the time the developers developed the plugins.
- any developer aware of a plugin can invoke the plugin capabilities at a later time.
- different developers e.g., application developers
- the example data store 124 of FIG. 1A is provided to store the example schema of functions 126 , the example plugin package 128 and/or any other information used by the application 116 .
- the example data store 124 of FIG. 1A may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)).
- the example data store 124 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc.
- DDR double data rate
- the example data store 124 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example data store 124 is illustrated as a single database, the example data store 124 may be implemented by any number and/or type(s) of databases.
- the example agent installer 120 receives a catalog of capabilities from the example capabilities management agent 118 that includes a set of capabilities that are available at the virtual machine 110 .
- the example agent installer 120 retrieves the example schema of functions 126 from the example data store 124 and compares the functions in the catalog of capabilities to the functions included in the schema 126 .
- the example agent installer 120 retrieves the plugin package 128 from the data store 124 and provides the plugin package 128 , which includes the plugin 130 to provide the one or more identified function(s), the example plugin identifier 132 corresponding to the plugin 130 and the example plugin invoker 134 associated with the plugin 130 , to the capabilities management agent 118 .
- the example agent controller 122 in response to a determination to invoke a capability at the capabilities management agent 118 , provides the example request 136 to the capabilities management agent 118 to perform the capability.
- the request 136 includes the capability identifier 138 , which includes a class namespace, a class name, a class version and/or a capability name.
- the example request 136 also includes one or more argument(s) 140 such a parameter (e.g., a variable name, a variable value, etc.) and/or attachment (e.g., a file).
- An example of an attachment is a capability that installs patches and an example attachment is a patch.
- an example application 116 that performs compliance assessment (e.g., Security Content Automation Protocol (SCAP) compliance assessment) to determine if the virtual machine 110 satisfies one or more hardening standards such as the Health Insurance Portability and Accountability Act (HIPAA), Secure Technical Implementation Guides (STIGS) (provided by the Defense Information Securities Agency), vSphere Hardening Guide (VHG) (provided by VMware®, Inc.), etc.
- HIPAA Health Insurance Portability and Accountability Act
- STIGS Secure Technical Implementation Guides
- VHG vSphere Hardening Guide
- VMware®, Inc. vSphere Hardening Guide
- the results of performing the “assess” capability are provided to the application 116 in the SCAP format and the application 116 is able to determine which, if any, rules are violated by the virtual machine 110 .
- the example application 116 may remediate the violation by invoking a capability at the virtual machine 110 (e.g., by applying a patch, by upgrading one or more capabilities available at the virtual machine 110 , by downgrading one or more capabilities available at the virtual machine 110 , etc.) via the example capabilities management agent 118 and, thereby, bringing the virtual machine 110 into near real-time and ongoing compliance.
- the application 116 may invoke a “changePasswordRule” capability at the virtual machine 110 to cause the capability management agent 118 to upgrade the password rules at the virtual machine 110 .
- FIGS. 1A and/or 1B While an example manner of implementing the application 116 is illustrated in FIGS. 1A and/or 1B , one or more of the elements, processes and/or devices illustrated in FIGS. 1A and/or 1B may be combined, divided, re-arranged, omitted, eliminated and/or implemented in any other way.
- the example agent installer 120 , the example agent controller 122 , the example data store 124 and/or, more generally, the example application 116 of FIGS. 1A and/or 1B may be implemented by hardware, software, firmware and/or any combination of hardware, software and/or firmware.
- 1A and/or 1B could be implemented by one or more analog or digital circuit(s), logic circuits, programmable processor(s), application specific integrated circuit(s) (ASIC(s)), programmable logic device(s) (PLD(s)) and/or field programmable logic device(s) (FPLD(s)).
- ASIC application specific integrated circuit
- PLD programmable logic device
- FPLD field programmable logic device
- 1A and/or 1B is/are hereby expressly defined to include a tangible computer readable storage device or storage disk such as a memory, a digital versatile disk (DVD), a compact disk (CD), a Blu-ray disk, etc. storing the software and/or firmware.
- the example application 116 may include one or more elements, processes and/or devices in addition to, or instead of, those illustrated in FIGS. 1A and/or 1B , and/or may include more than one of any or all of the illustrated elements, processes and devices
- FIG. 2 is a block diagram of an example implementation of the example capabilities management agent 118 of FIGS. 1A and/or 1B constructed in accordance with the teachings of this disclosure.
- the example capabilities management agent 118 includes an example messaging interface 205 , an example security engine 210 , an example package unpacker 215 , an example plugins registrar 220 , an example plugins repository 225 , an example plugins inventory 230 , an example invokers repository 235 , an example plugins monitor 245 , an example catalog 250 , an example capabilities executor 255 and an example results data store 260 .
- the capabilities management agent 118 includes the example communications interface 205 to enable communication with the application(s) 116 of FIGS. 1A and/or 1B .
- the communications interface 205 may facilitate bi-directional, asynchronous messaging between the capabilities management agent 118 and the application(s) 116 .
- the communications interface 205 communicates with the application(s) 116 using Advanced Message Queueing Protocol (AMQP) communications.
- AQP Advanced Message Queueing Protocol
- the communications interface 205 may communicate with the application(s) 116 via a message broker such as a RabbitMQ server implementing AMQP.
- any other approach to communicate with and/or otherwise transmit and/or receive instructions and/or results to and/or from the application(s) 116 may additionally or alternatively be used.
- REST Representational state transfer
- ZeroMQ e.g., socket-based communications, etc.
- the capabilities management agent 118 includes the example security engine 210 to validate messages received and/or transmitted via the communications interface 205 .
- the example security engine 210 of the illustrated example of FIG. 2 utilizes the Cryptographic Message Syntax (CMS) standard for protecting messages.
- CMS Cryptographic Message Syntax
- the security engine 210 may use CMS to digitally sign, authenticate and/or encrypt/decrypt messages communicated between the application(s) 116 and the capability management agent 118 .
- the security engine 210 encrypts and signs a message before the outgoing message is transmitted to the application(s) 116 .
- the example security engine 210 of FIG. 2 also validates and decrypts messages received from the application(s) 116 .
- validation of the messages by the example security engine 210 may be useful to defend against man-in-the-middle attacks and/or other attempts to perform unauthorized actions.
- the example security engine 210 also authenticates the example plugin package 128 and/or the example plugin 130 before the plugin 130 is able to execute at the virtual machine 110 .
- the security engine 210 utilizes the CMS standard for authenticating the plugin 130 .
- the security engine 210 may determine whether a security certificate of the plugin package 128 and/or the plugin 130 matches a corresponding security certificate available to the security engine 210 .
- the security engine 210 of the illustrated example may prevent the plugin package 128 from installing and/or the plugin 130 from executing.
- the security engine 210 may attempt to validate the plugin package 128 until a time-out event is detected or a threshold number of incorrect attempts is satisfied.
- the plugin 130 may be configured with permissions required to execute the plugin 130 at the virtual machine 110 .
- the security engine 210 may prevent a user from accessing the plugin 130 when the user does not have sufficient permissions (e.g., privileges).
- the example security engine 205 utilizes VGAuth (a product from VMware®, Inc.) to control the permissions at which the plugin 130 can be executed.
- the security engine 210 utilizes the Security Assertion Markup Language (SAML) standard to authenticate and authorize access of a user to the plugin 130 .
- SAML Security Assertion Markup Language
- the security engine 210 may include an alias store that maps user names to one or more aliases. In the illustrated example, when the security engine 210 of FIG.
- the security engine 210 validates a user (e.g., by comparing a digital signature of the user specified in a SAML Token included in, for example, the request 136 ) with a security certificate), the security engine 210 enables the user to run at appropriate permissions. For example, requests submitted by an administrator may run as “root,” while requests submitted by a developer may run as “guest.”
- An example benefit of such an approach is that administrators at the virtual machine 110 are in control of the permissions used on the virtual machine 110 that they administrators are responsible for maintaining, rather than always being permitted to run as a high-privileged user (e.g., “root”).
- Another example benefit of such an approach includes enabling an operating system (OS) to enforce authorization to OS resources. For example, if a plugin 130 is running as a low-privileged user (e.g., a “guest”), the OS will not let it kill a process owned by a high-privileged user.
- OS operating system
- the example capabilities management agent 118 includes the example package unpacker 215 to unpackage (e.g., decompress) the example plugin package 128 .
- the application 116 may provide the plugin package 128 as a *.zip file, a *.tar file, an *.ogg file, a *.rpm file, etc.
- the example package unpacker 215 enables the capabilities management agent 118 to access different file types and not require only a single file type.
- the package unpacker 215 may include and/or have access to one or more de-compression tools to decompress the plugin package 128 based on, for example, the file type of the plugin package 128 .
- the example package unpacker 215 may call an “unzip” tool to decompress the plugin package 128 .
- the developer e.g., a plugin developer
- the example package unpacker 215 of FIG. 2 provides decompressed components of the unpacked plugin package 128 (e.g., the plugin 130 , the plugin identifier 132 and/or the plugin invoker 134 ) to the example plugins registrar 220 .
- the example capabilities management agent 118 includes the example plugins registrar 220 to maintain a record of the plugins available (e.g., installed, loaded) to the capabilities management agent 118 (e.g., to invoke).
- the plugins registrar 220 parses the components of the plugin package 128 provided by the example package unpacker 215 and identifies the plugin 130 , the plugin identifier 132 (e.g., a plugin registration file) and the plugin invoker 134 .
- the example plugins registrar 220 of FIG. 2 stores identified plugins 130 in the example plugins repository 225 .
- the example plugins registrar 220 stores the plugin identifier 132 in the example plugins inventory 230 .
- the plugins registrar 220 may record a namespace identifier, a name identifier and a version identifier of the plugin 130 in the plugins inventory 230 .
- the plugins registrar 220 may log the plugin registration file 132 in the plugins inventory 230 .
- the example plugins registrar 220 stores the example plugin invoker 134 in an example invokers repository 235 .
- the plugins registrar 220 stores the plugin invoker 134 at a location provided by the application 116 (e.g., at the invoker identifier 135 ).
- the plugins registrar 220 may parse the plugin registration file 132 and, in response to an invoker identifier 135 (“app1_process_1_0_0”) identified in the plugin registration file 132 , store the corresponding plugin invoker 134 in the invokers repository 235 (e.g., at a path location “invokers repository/ app1_process_1_0_0”).
- the example plugins registrar 220 records the invoker identifier 135 with the corresponding plugin identifier 132 in the plugins inventory 230 .
- An example data table 600 representing registered plugins is shown in FIG. 6 .
- the plugins registrar 220 may discard (e.g., delete, uninstall, replace, etc.) a previous version of a plugin.
- the version numbers follow the versioning rules where a change to a minor version represents that, although some code may have changed (e.g., to fix a bug), the application interface is still unchanged.
- the example plugins registrar 220 may replace the old plugin (e.g., version 1.0.0) with the new plugin (e.g., version 1.0.1).
- a change to a major version represents a change to the application interface so that older versions cannot be understood by the new version.
- the example plugins registrar 220 will leave the old plugin (e.g., version 1.0) in the example plugins repository 225 and also install the new plugin (e.g., version 1.1) in the plugins repository 225 .
- the example plugins repository 225 of FIG. 2 is provided to store the example plugins 130 that are available to the capabilities management agent 118 .
- the example plugins 130 may be retrieved from the example plugins repository 225 during execution (e.g., by the corresponding plugin invoker 134 ).
- the example plugins repository 225 of FIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or anon-volatile memory (e.g., flash memory)).
- SDRAM Synchronous Dynamic Random Access Memory
- DRAM Dynamic Random Access Memory
- RDRAM RAMBUS Dynamic Random Access Memory
- flash memory anon-volatile memory
- the example plugins repository 225 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc.
- DDR double data rate
- the example plugins repository 225 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example plugins repository 225 is illustrated as a single database, the example plugins repository 225 may be implemented by any number and/or type(s) of databases.
- the example plugins inventory 230 of FIG. 2 is provided to store the example plugin identifiers 132 and their corresponding invoker identifiers 135 .
- the example plugins inventory 230 of FIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)).
- the example plugins inventory 230 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc.
- DDR double data rate
- the example plugins inventory 230 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example plugins inventory 230 is illustrated as a single database, the example plugins inventory 230 may be implemented by any number and/or type(s) of databases.
- the example invokers repository 235 of FIG. 2 is provided to store the example plugin invokers 134 that are used to call their corresponding plugins 130 .
- the example invokers repository 235 of FIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)).
- the example invokers repository 235 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc.
- DDR double data rate
- the example invokers repository 235 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example invokers repository 235 is illustrated as a single database, the example invokers repository 235 may be implemented by any number and/or type(s) of databases.
- the example capabilities management agent 118 includes the example plugins monitor 245 to monitor the plugins inventory 230 for changes (e.g., additions or removals) to the plugins 130 available to the capabilities management agent 118 .
- an authorized application may bypass the plugins registrar 220 to store their plugin 130 in the plugins repository 225 and register their plugin 130 in the plugins inventory 230 .
- the plugins registrar 220 may not be able to determine that a new plugin 130 and capabilities corresponding to the new plugin 130 are available to the capabilities management agent 118 .
- the example plugins monitor 245 detects when a new plugin 130 is installed in the plugins inventory 230 via the capabilities management agent 118 (e.g., by the plugins registrar 220 ). In some examples, the example plugins monitor 245 may detect a plugin 130 that was not installed via the capabilities management agent 118 . For example, a customer may use an Enterprise deployment tool to install the plugin 130 in the plugins repository 225 . In some examples, a user may copy the plugin 130 onto the virtual machine 110 and install the plugin via a command-line instruction such as “rpm -i.”
- the example plugins monitor 245 in response to detecting a new plugin 130 in the plugins inventory 230 , requests the new plugin 130 to identify the capabilities the plugin 130 is able to perform (e.g., provide the schema of functions 126 ). For example, the example plugins monitor 245 may retrieve the invoker identifier 135 from the plugins inventory 230 to call the corresponding plugin invoker 134 . In the illustrated example of FIG. 2 , the plugins monitor 245 records the retrieved capabilities in the example catalog of capabilities 250 . An implementation of an example schema of functions 700 is shown in FIG. 7 .
- the example plugins monitor 245 of FIG. 2 also logs a mapping between the capabilities and their corresponding plugins 130 in the example catalog 250 .
- the example request 136 of the illustrated examples of FIGS. 1A and/or 1B does not necessarily include a plugin identifier.
- the example plugins monitor 245 maintains a mapping to associate capabilities with particular plugins.
- the example plugins monitor 245 may utilize a mapping between the corresponding capability identifier and a plugin identifier to determine the available plugin 130 to perform the capability.
- An example data table 800 representing capabilities and their plugin mappings are shown in FIG. 8 .
- the plugins monitor 245 provides the example catalog 250 to an application 116 in response to a capabilities request from the application 116 .
- the example application 116 may request that the capabilities management agent 118 provide the example catalog 250 .
- the plugins monitor 245 provides updated catalogs 250 to the application(s) 116 in response to changes in the catalog 250 .
- the example plugins monitor 245 provides a new catalog 250 to the application(s) 116 accessing the capabilities management agent 118 .
- the plugins monitor 245 enables the application(s) 116 to determine, in near real-time, whether they need to install their respective plugins 130 . For example, depending on the capabilities included in the new catalog 250 , an application 116 may determine to install plugin 130 for the application (e.g., the agent installer 120 may transmit the plugin package 128 ).
- the example catalog of capabilities 250 is provided to store mappings between capabilities and their corresponding plugin.
- the example catalog of capabilities 250 of FIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)).
- the example catalog of capabilities 250 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc.
- DDR double data rate
- the example results catalog of capabilities 250 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example catalog of capabilities 250 is illustrated as a single database, the example catalog of capabilities 250 may be implemented by any number and/or type(s) of databases.
- the example capabilities management agent 118 includes the example capabilities executor 255 to facilitate executing capabilities at the virtual machine 110 .
- the example request 136 to perform a capability includes the capability identifier 138 and one or more argument(s) 140 (e.g., one or more parameter(s) and/or attachment(s)) for executing the capability.
- the request 136 may include an invoke request file requesting execution of one or more capabilities. An implementation of an example invoke request file 500 is described in connection with FIG. 5 .
- the capabilities executor 255 utilizes the capability identifier 138 to determine the corresponding plugin 130 capable of executing the capability.
- the capabilities executor 255 may utilize the example catalog 250 (e.g., by querying the catalog 250 , by retrieving information from the catalog 250 , etc.) to map the capability identifier 138 to the corresponding plugin identifier 132 .
- the example capabilities executor 255 of FIG. 2 uses the retrieved plugin identifier 132 to determine a plugin invoker 134 to call to execute the plugin 130 .
- the capabilities executor 255 may use the example plugins inventory 230 to map the plugin identifier 132 to the corresponding invoker identifier 135 .
- the capabilities executor 255 calls the plugin 130 to perform the requested capability.
- the example capabilities executor 255 may use the invoker identifier 135 to call the plugin invoker 134 and provides the capability identifier 138 , the argument(s) 140 and a location for the plugin 130 to store the outcome of executing the capability.
- the capabilities executor 255 executes (e.g., calls) the plugin invoker 134 by passing command-line parameters indicating what tasks to perform (e.g., collect schema of functions, collect instances, invoke an operation, etc.), additional information (e.g., the argument(s) 140 passed to the plugin invoker 134 and the results directory.
- the capabilities executor 255 may instruct the plugin 130 to store the outcome (e.g., results) of executing the capability in the example results data store 260 .
- the results stored in the example results data store 260 are stored using a standard format. In some such examples, using a standard format enables the results stored in the results data store 260 to be accessed by other application(s) 116 . For example, an application unknown to the developers of the requesting application 116 may also use the outcomes in the results data store 260 .
- the example results data store 260 is provided to store the results (e.g., outcomes) of executing capabilities.
- the results data store 260 is controlled by the example capabilities management agent 118 to ensure appropriate separation between requests, applications, etc.
- the capabilities management agent 118 may separate the results in the results data store 260 based on clients (e.g., via a client identifier that uniquely identifies the application 116 that invoked the capability), asset (e.g., via a virtual machine identifier that uniquely identifies the virtual machine where the capability was invoked) and/or request (e.g., via a request identifier that unique identifies the request 136 that caused the capability to be invoked).
- clients e.g., via a client identifier that uniquely identifies the application 116 that invoked the capability
- asset e.g., via a virtual machine identifier that uniquely identifies the virtual machine where the capability was invoked
- request e.g., via a request identifier that unique identifies the
- the example results data store 260 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc.
- DDR double data rate
- mDDR mobile DDR
- the example results data store 260 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example results data store 260 is illustrated as a single database, the example results data store 260 may be implemented by any number and/or type(s) of databases.
- the example capabilities management agent 118 facilitates the application(s) 116 adding capabilities available to the virtual machine 110 .
- the example communications interface 205 receives the example plugin package 128 to install the plugin 130 at the capabilities management agent 118 .
- the example security engine 210 processes the plugin package 128 to validate the plugin package 128 and provides the validated plugin package 128 to the example package unpacker 215 .
- the package unpacker 215 unpacks (e.g., decompresses) the validated plugin package 128 and provides the package components (e.g., the example plugin 130 , the example plugin identifier 132 and the example plugin invoker 134 ) to the example plugins registrar 220 .
- the plugins registrar 220 registers the package components by storing the plugin 130 in the example plugins repository 225 and storing the plugin invoker 134 in the example invokers repository 235 .
- the example plugins registrar 220 also records the plugin identifier 132 and the corresponding invoker identifier 135 in the example plugins inventory 230 .
- the example plugins monitor 245 in response to detecting a change in the plugins inventory 230 , requests the new plugin 130 to provide a set of capabilities that it performs.
- the example plugins inventory 230 records the retrieved capabilities in the example catalog of capabilities 250 .
- the example plugins monitor 245 also records a capability-plugin mapping in the catalog of capabilities 250 .
- the example capabilities management agent 118 facilitates the application(s) 116 discovering capabilities available to the virtual machine 110 .
- the example capabilities management agent 118 provides an updated listing of capabilities available at the capabilities management agent 118 to the one or more application(s) 116 in communication with the capabilities management agent 118 .
- the example plugins monitor 245 retrieves the capability identifiers included in the catalog of capabilities 250 .
- the example security engine 210 encrypts the retrieved capability identifiers and the communications interface 205 transmits the encrypted set of capabilities to the one or more application(s) 116 in communication with the capabilities management agent.
- the example capabilities management agent 118 facilitates the application(s) 116 invoking capabilities available to the virtual machine 110 .
- the example communications interface 205 receives the example request 136 invoking a capability at the capabilities management agent 118 .
- the example security engine 210 validates the request 136 and provides the validated request 136 to the example capabilities executor 255 .
- the example capabilities executor 255 identifies the capability identifier 138 included in the request 136 and maps the capability identifier 138 to the corresponding plugin identifier 132 using the capability-plugins mappings in the catalog of capabilities 250 .
- the example capabilities executor 255 determines the plugin invoker 134 associated with the plugin identifier 132 using the example registered plugins-invoker mappings in the example plugins inventory 230 .
- the example capabilities executor 255 then calls the identified plugin invoker 134 and provides the capability identifier 138 and one or more argument(s) 140 (e.g., a parameter such as a process identifier (PID), an attachment such as a patch, etc.) needed to perform the capability to the plugin invoker 134 .
- the output of the plugin 130 performing the capability is stored in the example results data store 260 .
- the example plugins repository 225 , the example plugins inventory 230 , the example invokers repository 235 , the example catalog of capabilities 250 and/or the example results data store 260 may be organized by the example plugins registrar 220 using a directory file structure.
- the different plugin identifiers 132 included in the plugins inventory 230 may be stored in respective folders representing the different plugins 130 stored in the plugins repository 225 and the corresponding plugin invokers 134 stored in the invokers repository 235 .
- the one or more capabilities that are provided by the corresponding plugins 130 may be stored in respective folders in the catalog of capabilities 250 .
- the output(s) of performing the capabilities may be stored in respective folders in the results data store 260 .
- the installed plugins 130 and their associated files and/or data may be encapsulated in respective folders and/or directories.
- a first directory corresponding to a first plugin 130 may include a folder including the first plugin 130 , a folder including the corresponding plugin identifier 132 , a folder including the associated plugin invoker 134 , a folder including the available capability identifiers 138 and a folder including the output of performing the respective capabilities.
- the plugin package 128 may be structured to include the respective folders (e.g., a folder including the plugin 130 , a folder including the plugin identifier 132 , a folder including the plugin invoker 134 , a folder including the capability identifiers 138 and a folder to store the output of performing the respective capabilities).
- the application(s) 116 may add capabilities at the virtual machine 110 my providing the plugin package 128 .
- the example application(s) 116 may discover the capabilities available at the virtual machine 110 by receiving one or more folder(s) including the capability identifiers 138 for the respective plugins 130 from the capabilities management agent 118 .
- an application 116 can remove capabilities it provided to the capabilities management agent by uninstalling (e.g., deleting) the folder from the capabilities management agent 118 .
- 1A and/or 1B could be implemented by one or more analog or digital circuit(s), logic circuits, programmable processor(s), application specific integrated circuit(s) (ASIC(s)), programmable logic device(s) (PLD(s)) and/or field programmable logic device(s) (FPLD(s)).
- ASIC application specific integrated circuit
- PLD programmable logic device
- FPLD field programmable logic device
- FIGS. 1A and/or 1B is/are hereby expressly defined to include a tangible computer readable storage device or storage disk such as a memory, a digital versatile disk (DVD), a compact disk (CD), a Blu-ray disk, etc. storing the software and/or firmware.
- the example capabilities management agent 118 of FIGS. 1A and/or 1B may include one or more elements, processes and/or devices in addition to, or instead of, those illustrated in FIG. 2 , and/or may include more than one of any or all of the illustrated elements, processes and devices.
- FIG. 3 illustrates an example plugin registration file 300 that may be used by the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 to register the example plugin 130 .
- the plugin registration file 300 is included in the example plugin package 128 of FIGS. 1A and/or 1B (e.g., the plugin identifier 132 ).
- the example provider registration file 300 of FIG. 3 includes an example plugin identifier section 305 and an example invoker identifier line 340 .
- the example plugin identifier section 305 defines the plugin identifier 132 for the plugin 130 .
- the example plugin identifier section 305 includes an example first line 310 to define an example plugin namespace 315 for the plugin 130 , an example second line 320 to define an example plugin name 325 for the plugin 130 and an example third line 330 to define an example plugin version number 335 for the plugin 130 .
- the plugin namespace 315 is a string data type that identifies an entity (“Entity1”) that provided (e.g., developed, wrote, etc.) the plugin 130 .
- Entity1 an entity
- the plugin namespace 315 may identify the developers of the plugin 130 and/or the application that installs the plugin 130 .
- the example plugin name 325 is a string data type that identifies a name (“AgentInstaller”) for the plugin 130 .
- the example plugin version number 330 is a string data type that identifies a version number (“1.0.0”) corresponding to the plugin 130 .
- the example invoker identifier line 340 defines an example invoker identifier 345 (“Entity1_AgentInstaller_1_0_0”) used to call the example plugin invoker 134 ( FIGS. 1A and/or 1B ) associated with the plugin 130 .
- the invoker identifier 345 corresponds to a relative path location (e.g., “Entity1_AgentInstaller_1_0_0”) to store the corresponding plugin invoker 134 at an absolute path location (e.g., “Invokers Repository/ Entity1_AgentInstaller_1_0_0”) in the example invokers repository 235 .
- FIG. 4 illustrates an example plugin invoker file 400 that may be used by the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 to invoke the example plugin 130 of FIGS. 1A and/or 1B .
- the plugin invoker file 400 is included in the example plugin package 128 provided by the application 116 of FIGS. 1A and/or 1B to the capabilities management agent 118 of FIGS. 1A, 1B and/or 2 .
- the plugin invoker file 400 may be executed by the capabilities management agent 118 to initiate the corresponding plugin 130 .
- FIG. 4 illustrates an example plugin invoker file 400 that may be used by the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 to invoke the example plugin 130 of FIGS. 1A and/or 1B .
- the example plugin invoker file 400 includes an example execution setup line 405 that identifies one or more libraries to load for executing the plugin 130 (e.g., PYTHON_PATH, LD_LIBRARY_PATH).
- the example plugin invoker file 400 also includes an example language setup line 410 to load a language in which the plugin 130 is written (e.g., python).
- the example plugin invoker file 400 also includes an example plugin calling line 415 to call the plugin 130 in a language specific manner.
- the capabilities management agent 118 invokes the plugin invoker 134
- the capabilities management agent 118 provides the argument(s) 140 and a specific output directory (e.g., the example results data store 260 ) to store the output.
- FIG. 5 illustrates an example invoke request file 500 that may be executed by the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 to invoke a capability (e.g., functions, tasks, processes, operations, etc.).
- the invoke request file 500 may be provided by the application 116 in the example request 136 .
- the example agent controller 122 provides the invoke request file 500 to the capabilities management agent 118 to invoke a capabilities.
- the invoke request file 500 includes an example capability identifier section 505 and example arguments identifier section 535 .
- the example capability identifier section 505 defines the capability identifier 138 being invoked.
- the example capability identifier section 505 includes an example first line 510 to define an example class including an example class namespace 515 (e.g., “Application1”), an example class name 520 (e.g., “AppAgent”) and an example class version number 525 (e.g., “1.0.0”).
- the example class namespace 515 identifies an entity (“Application1”) that provided (e.g., developed, wrote, etc.) the capabilities included in the class.
- other namespace identifiers may additionally or alternatively be used.
- the class namespace 515 may identify the developers of the capabilities and/or the plugin 130 , and/or the application that installs the plugin 130 .
- the example class name 520 (“AppAgent”) identifies a name for the class.
- the example class version number 525 (“1.0.0”) identifies a version number corresponding to the class.
- the example capability identifier section 505 includes an example second line 530 to define example capability 531 (e.g., “installRpm”) being invoked in the request.
- the example arguments identifier section 535 defines the arguments 140 used in executing the capability 531 .
- the example arguments identifier section 535 of FIG. 5 includes an example parameter name 540 (e.g., “rpmAttachmentName”), an example parameter data type 545 (e.g., “String”) and an example parameter value (e.g., “rpmAttachment”).
- the example invoke request file 500 of FIG. 5 is used to request that the capabilities management agent 118 execute an “installRpm” capability 531 that is included in the “Application1/ AppAgent/ 1.0.0” class.
- the example invoke request file 500 provides the “string” type value (“rpmAttachment”) of the “rpmAttachmentName” parameter.
- the example invoke request file 500 of FIG. 5 when executed, installs the rpm entitled “rpmAttachment.”
- FIG. 6 illustrates an example data table 600 that may be employed by the example plugins registrar 220 of FIG. 2 to store registered plugins-invoker mappings.
- the example plugins registrar 220 may record the plugin identifier 132 and the invoker identifier 135 in the example plugins inventory 230 .
- the plugin identifier 132 includes an example plugin namespace, an example plugin name and an example plugin version number.
- the example data table 600 may be utilized by the example capabilities management agent 118 to determine the plugin invoker 134 to call to execute the corresponding plugin 130 .
- the example capabilities management agent 118 may use the registered plugins-invoker mapping of the data table 600 to determine the corresponding plugin invoker to call.
- the example data table 600 includes an example plugin namespace identifier column 605 , an example plugin name identifier column 610 , an example plugin version identifier column 615 and an example plugin invoker identifier column 620 .
- the example plugin identifier columns 605 , 610 , 615 uniquely identify the plugin 130 .
- two plugins may differ in their plugin namespace, their plugin name and/or their plugin version.
- the example plugin namespace identifier column 605 indicates, for example, an entity that developed the plugin 130 .
- the example plugin name identifier column 610 indicates a name of the plugin 130 .
- the example plugin version identifier column 615 indicates a version number of the plugin 130 .
- the example plugin invoker identifier column 620 indicates the example invoker identifier 135 that is called to execute the plugin 130 .
- any other columns representing any other conditions and/or characteristics of the plugin 130 may additionally or alternatively be used.
- the example column(s) of the example data table 600 may be implemented in any other fashion (e.g., using a different data structure).
- the example data table 600 of the illustrated example of FIG. 6 includes three example rows 650 , 655 , 660 corresponding to three different plugins registered by the example plugins registrar 220 .
- the example first row 650 indicates that version “1.0.0” of an “AgentInstaller” plugin is installed at the capabilities management agent 118 and that the plugin (“AgentInstaller”) is associated with an “Entity1.”
- the example first row 650 also indicates that the example capabilities executor 255 is to call the plugin invoker (“Entity1_Agent_Installer_1_0_0”) to execute the plugin identified in the example first row 650 .
- the example second row 655 indicates that version “1.3.5” of a “LatencyMonitor” plugin is installed at the capabilities management agent 118 and that the plugin (“LatencyMonitor”) is associated with an “Application2.”
- the example second row 655 also indicates that the example capabilities executor 255 is to call the plugin invoker (“App2_Latency_Monitor_1_3_5”) to execute the plugin identified in the example second row 655 .
- the example third row 660 indicates that version “1.0.0” of an “AgentInstaller” plugin is installed at the capabilities management agent 118 and that the plugin (“AgentInstaller”) is associated with an “Application2.”
- the example third row 660 also indicates that the example capabilities executor 255 is to call the plugin invoker (“App2_Agent_Installer_1_0_0”) to execute the plugin identified in the example third row 660 .
- the example data table 600 of FIG. 6 illustrates that using the plugin namespace may be useful in limiting naming conflicts between, for example, unrelated developers. For example, if two developers want a plugin to install agents in different ways, the two developers may each name the plugin “AgentInstaller” with a plugin version “1.0.0,” but there would not be a naming conflict because each plugin (“AgentInstaller”) would reside in a different plugin namespace (e.g., “Entity1” and “Application2”).
- FIG. 7 implements an example schema of functions file 700 that may be used by the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 to determine the capabilities provided by the example plugin 130 of FIGS. 1A and/or 1B .
- the example schema of functions file 700 may be included in the plugin package 128 (e.g., provided as the example schema of functions 126 ) and/or generated by the example plugin 130 in response to a request by the example plugins monitor 245 of FIG. 2 .
- the example schema of functions file 700 includes a capabilities identifier that identifies the class to which the capabilities belong, and the one or more attachment(s) needed to perform the capability.
- the example schema of functions file 700 of FIG. 7 includes an example capabilities definition section 705 that provides the capability identifier 138 and the argument(s) 140 needed to execute the corresponding capability.
- the example capabilities definition section 705 includes a first line 710 that defines the class to which the capabilities in the capabilities definition section 705 belong. For example, in the illustrated example, the capabilities are included in a class identified by the class namespace (“Application1”), the class name (“AgentInstaller”) and the version number (“1.0.0”).
- the class identified in the example first line 710 includes two capabilities (e.g., example capabilities sections 715 , 730 ).
- a second example line 720 indicates the first capability name (e.g., “installRpm”) and a third example line 725 indicates the argument(s) required to execute the corresponding capability (e.g., a “string” data type value for an “rpmAttachmentName” variable).
- An example fifth example line 735 indicates the second capability (e.g., “uninstallRpm”) and a sixth example line 740 indicates the arguments required to execute the second capability (e.g., a “string” data type value for an “rpmName” variable).
- FIG. 8 illustrates an example data table 800 that may be employed by the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 to store capability-plugin mappings.
- the example plugins monitor 245 of FIG. 2 may record the capability identifier 138 and the plugin identifier 132 corresponding to the plugin 130 to execute the capability.
- the capability identifiers 138 include an example class namespace, an example class name, an example class version number and an example capability name.
- the plugin identifiers 132 of FIG. 8 include an example plugin namespace, an example plugin name and an example plugin version number.
- the example data table 800 may be utilized by the example capabilities management agent 118 to determine the plugin 130 (e.g., based on the corresponding plugin identifier 132 ) associated with the respective capabilities. For example, in response to identifying a capability to perform, the example capabilities management agent 118 may use the capability-plugin mappings of the data table 800 to determine the plugin identifier corresponding to the plugin to perform the capability.
- the example data table 800 includes an example class namespace identifier column 805 , an example class name identifier column 810 , an example class version identifier column 815 , an example capability identifier column 820 , an example plugin namespace identifier column 825 , an example plugin name identifier column 830 and an example plugin version identifier column 835 .
- the example capability identifier columns 805 , 810 , 815 , 820 uniquely provide the capability identifier 138 .
- the example plugin identifier columns 825 , 830 , 835 uniquely identify the plugin identifier 132 .
- the example class namespace identifier column 805 and the plugin namespace identifier 825 may identify the developers of the capabilities and/or the plugin 130 , and/or the application that installs the plugin 130 .
- the example class name identifier column 810 identifies a name for the class.
- the example class version identifier column 815 identifies a version number corresponding to the class.
- the example capability identifier column 820 identifies the capability name.
- the example plugin name identifier column 830 indicates the name of the plugin 130 .
- the example plugin version identifier column 835 indicates a version number of the plugin 130 .
- any other columns representing any other conditions and/or characteristics of the capability and/or the plugin 130 may additionally or alternatively be used.
- the example column(s) of the example data table 800 may be implemented in any other fashion (e.g., using a different data structure).
- the example data table 800 of the illustrated example of FIG. 8 includes three example rows 850 , 855 , 860 corresponding to three different capability-plugin mappings stored in the example catalog 250 of FIG. 2 .
- the example first row 850 indicates that the “Entity1/ AppAgent/ 1.0.0/ installRpm” capability maps to the “Entity1/ AgentInstaller/ 1.0.0” plugin. That is, the example first row 850 indicates that the “Entity1/ AgentInstaller/ 1.0.0” plugin performs the “Entity1/ AppAgent/ 1.0.0/ installRpm” capability.
- the example second row 855 indicates that the “Entity1/ AppAgent/ 1.0.0/ uninstallRpm” capability maps to the “Entity1/ AgentInstaller/ 1.0.0” plugin. That is, the example second row 855 indicates that the “Entity1/ AgentInstaller/ 1.0.0” plugin performs the “Entity1/ AppAgent/ 1.0.0/ uninstallRpm” capability.
- the example third row 860 indicates that the “Application2/ MonitorAgent/ 1.0.0/ SLACheck” capability maps to the “Application2/ LatencyMonitor/ 1.3.5” plugin. That is, the example third row 860 indicates that the “Application2/ LatencyMonitor/ 1.3.5” plugin performs the “Application2/ MonitorAgent/ 1.0.0/ SLACheck” capability.
- FIG. 9 A flowchart representative of example machine readable instructions for implementing the application 116 of FIGS. 1A and/or 1B is shown in FIG. 9 .
- the machine readable instructions comprise a program for execution by a processor such as the processor 1212 shown in the example processor platform 1200 discussed below in connection with FIG. 12 .
- the programs may be embodied in software stored on a tangible computer readable storage medium such as a CD-ROM, a floppy disk, a hard drive, a digital versatile disk (DVD), a Blu-ray disk, or a memory associated with the processor 1212 , but the entire program and/or parts thereof could alternatively be executed by a device other than the processor 1212 and/or embodied in firmware or dedicated hardware.
- example programs are described with reference to the flowcharts illustrated in FIG. 9 , many other methods of implementing the example application 116 may alternatively be used.
- order of execution of the blocks may be changed, and/or some of the blocks described may be changed, eliminated, or combined.
- FIG. 9 is a flowchart representative of example machine-readable instructions 900 that may be executed to implement the example application 116 of FIGS. 1A and/or 1B .
- the example instructions 900 of the illustrated example of FIG. 9 begin at block 902 when the application 116 retrieves the catalog of capabilities 250 .
- the example agent installer 120 may request the example capabilities management agent 118 provide the example catalog of capabilities 250 .
- the example agent installer 120 may retrieve the catalog of capabilities 250 periodically (e.g., once a minute, once an hour, etc.), aperiodically (e.g., in response to the capabilities management agent 118 detecting a change in the catalog of capabilities 250 ) and/or as a one-time event (e.g., upon establishing connection with the capabilities management agent 118 ).
- the example agent installer 120 compares the catalog of capabilities 250 , which represents the set of capabilities available at the capabilities management agent 118 , to the example schema of functions 126 , which represents the set of capabilities performed by the application 116 . If, at block 906 , the example agent installer 120 determined that the catalog of capabilities 250 does not include the functions included in the schema of functions 126 (e.g., that the capabilities management agent 118 is unable to execute the capabilities performed by the application 116 ), then, at block 908 , the agent installer 120 provides the functionality to the capabilities management agent 118 . For example, the agent installer 120 may retrieve the example plugin package 128 from the example data store 124 to transmit the example plugin package 128 to the capabilities management agent 118 .
- the example application 116 determines whether to invoke a capability at the capabilities management agent 118 .
- the agent controller 122 may instruct the capabilities management agent 118 to execute a monitoring operation. If, at block 910 , the example agent controller 122 determined not to invoke a capability, control returns to block 902 to retrieve the catalog of capabilities 250 .
- the agent controller 122 determines whether the agent controller 122 invokes a capability at the capabilities management agent 118 . If, at block 910 , the example agent controller 122 determined to invoke a capability at the capabilities management agent 118 , then, at block 912 , the agent controller 122 transmits a request 136 to the capabilities management agent 118 to invoke a capability. For example, the agent controller 122 may provide the capabilities management agent 118 the capability identifier 138 (e.g., a class namespace, a class name, a class version and/or a capability name) and the argument(s) 140 to execute the corresponding capability. Control then returns to block 902 to retrieve the catalog of capabilities 250 .
- the capability identifier 138 e.g., a class namespace, a class name, a class version and/or a capability name
- FIGS. 10 and/or 11 Flowcharts representative of example machine readable instructions for implementing the capabilities management agent 118 of FIGS. 1A, 1B and/or 2 are shown in FIGS. 10 and/or 11 .
- the machine readable instructions comprise a program for execution by a processor such as the processor 1312 shown in the example processor platform 1300 discussed below in connection with FIG. 13 .
- the programs may be embodied in software stored on a tangible computer readable storage medium such as a CD-ROM, a floppy disk, a hard drive, a digital versatile disk (DVD), a Blu-ray disk, or a memory associated with the processor 1312 , but the entire program and/or parts thereof could alternatively be executed by a device other than the processor 1312 and/or embodied in firmware or dedicated hardware.
- a tangible computer readable storage medium such as a CD-ROM, a floppy disk, a hard drive, a digital versatile disk (DVD), a Blu-ray disk, or a memory associated with the processor 1312 , but the entire program and/or parts thereof could alternatively be executed by a device other than the processor 1312 and/or embodied in firmware or dedicated hardware.
- the example programs are described with reference to the flowcharts illustrated in FIGS. 10 and/or 11 , many other methods of implementing the example capabilities management agent 118 may alternatively be used. For example, the order of execution of the blocks may
- FIG. 9 and/or FIGS. 10 and/or 11 may be implemented using coded instructions (e.g., computer and/or machine readable instructions) stored on a tangible computer readable storage medium such as a hard disk drive, a flash memory, a read-only memory (ROM), a compact disk (CD), a digital versatile disk (DVD), a cache, a random-access memory (RAM) and/or any other storage device or storage disk in which information is stored for any duration (e.g., for extended time periods, permanently, for brief instances, for temporarily buffering, and/or for caching of the information).
- coded instructions e.g., computer and/or machine readable instructions
- a tangible computer readable storage medium such as a hard disk drive, a flash memory, a read-only memory (ROM), a compact disk (CD), a digital versatile disk (DVD), a cache, a random-access memory (RAM) and/or any other storage device or storage disk in which information is stored for any duration (e.g., for extended time
- tangible computer readable storage medium is expressly defined to include any type of computer readable storage device and/or storage disk and to exclude propagating signals and to exclude transmission media.
- tangible computer readable storage medium and “tangible machine readable storage medium” are used interchangeably. Additionally or alternatively, the example processes of FIG. 9 and/or FIGS.
- non-transitory computer and/or machine readable medium such as a hard disk drive, a flash memory, a read-only memory, a compact disk, a digital versatile disk, a cache, a random-access memory and/or any other storage device or storage disk in which information is stored for any duration (e.g., for extended time periods, permanently, for brief instances, for temporarily buffering, and/or for caching of the information).
- a non-transitory computer readable medium such as a hard disk drive, a flash memory, a read-only memory, a compact disk, a digital versatile disk, a cache, a random-access memory and/or any other storage device or storage disk in which information is stored for any duration (e.g., for extended time periods, permanently, for brief instances, for temporarily buffering, and/or for caching of the information).
- a non-transitory computer readable medium is expressly defined to include any type of computer readable storage device and/or storage disk and to exclude propagating signals and to exclude transmission media.
- FIG. 10 is a flowchart representative of example machine-readable instructions 1000 that may be executed to implement the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 to add capabilities available to the example virtual machine(s) 110 in the computing environment 100 .
- the example instructions 1000 of the illustrated example of FIG. 10 begin at block 1002 when the capabilities management agent 118 receives the example plugin package 128 from the example application 116 .
- the example communications interface 205 may receive, using AMQP communications, the plugin package 128 including the example plugin 130 , the example plugin identifier 132 and the example plugin invoker 134 .
- the security engine 210 attempts to validate the plugin package 128 .
- the security engine 210 may utilize CMS standards to validate and decrypt the plugin package 128 . If, at block 1006 , the security engine 210 determined it was unable to validate the plugin package 128 , the example program 1000 of FIG. 10 ends. In some examples, the security engine 210 may attempt to validate the plugin package 128 until a time-out event is detected or a threshold number of incorrect attempts is satisfied.
- the example package unpacker 215 unpacks the plugin package 128 .
- the package unpacker 215 may execute an install script included in the plugin package 128 by the application 116 .
- the example plugin registrar 220 registers the plugin 130 .
- the plugin registrar 220 may store the plugin 130 in the example plugins repository 225 and the example plugin invoker 134 in the example invokers repository 235 .
- the example plugin registrar 220 also logs the plugin identifier 132 and the corresponding invoker identifier 135 in the example plugins inventory 230 .
- the example plugins monitor 245 retrieves the example schema of functions 126 from the plugin 130 .
- the plugins monitor 245 may query the plugin 130 for the schema of functions 126 (e.g., by calling the plugin invoker 134 ).
- the example plugins monitor 245 updates the example catalog of capabilities 250 to include the returned set of functions (e.g., the functions included in the schema of functions 126 ).
- the plugin 130 records the schema of functions 126 in the catalog of capabilities 250 .
- the example plugins monitor 245 determines whether to publish the updated catalog of capabilities 250 .
- the capabilities management agent 118 may provide the catalog of capabilities 250 to the application(s) 116 when the plugins monitor 245 detects a change in the catalog of capabilities 250 . If, at block 1016 , the example plugins monitor 245 determined not to publish the updated catalog of capabilities 250 , the example program 1000 of FIG. 10 ends.
- the example security engine 210 encrypts a message including the updated catalog of capabilities 250 for transmitting to the example application(s) 116 .
- the security engine 210 may encrypt the message using the CMS standard for protecting messages.
- the example capabilities management agent 118 transmits the encrypted message.
- the example communications interface 205 may transmit the encrypted message to the application(s) 116 using AMQP communications.
- the example program 1000 of FIG. 10 ends.
- FIG. 11 is a flowchart representative of example machine-readable instructions 1100 that may be executed to implement the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 to execute a capability available to the example virtual machine(s) 110 in the computing environment 100 .
- the example instructions 1100 of the illustrated example of FIG. 11 begin at block 1102 when the capabilities management agent 118 receives the example request 136 from the application 116 .
- the example communications interface 205 may receive, using AMQP communications, the request including the example capability identifier 138 and the example argument(s) 140 .
- the security engine 210 attempts to validate the request 136 .
- the security engine 210 may utilize CMS standards to validate and decrypt the request.
- the security engine 210 may attempt to validate the request 136 until a time-out event is detected or a threshold number of incorrect attempts is satisfied.
- the example capabilities executor 225 identifies the capability in the catalog of capabilities 250 .
- the capabilities executor 225 may parse the example catalog of capabilities 250 using the capability identifier 138 included in the request 136 .
- the example capabilities executor 225 determines the plugin 130 to execute the capability.
- the capabilities executor 225 may map the capability identifier 138 to a plugin identifier 132 .
- the example capabilities executor 225 determines the plugin invoker 134 to call to execute the plugin 130 .
- the capabilities executor 225 may use the example plugins inventory 230 to map the plugin identifier 132 to a corresponding invoker identifier 135 .
- the example capabilities executor 225 calls the plugin invoker 134 to execute the capability.
- the capabilities executor 225 may include the capability identifier 138 and the argument(s) 140 in the call to the plugin invoker 134 to execute the capability.
- the capabilities executor 225 may include a location in the example results data store 260 to store the output of executing the capability.
- the example program 1100 of FIG. 11 then ends.
- FIG. 12 is a block diagram of an example processor platform 1200 capable of executing the instructions of FIG. 9 to implement the application 116 of FIGS. 1A and/or 1B .
- the processor platform 1200 can be, for example, a server, a personal computer, or any other type of computing device.
- the processor platform 1200 of the illustrated example includes a processor 1212 .
- the processor 1212 of the illustrated example is hardware.
- the processor 1212 can be implemented by one or more integrated circuits, logic circuits, microprocessors or controllers from any desired family or manufacturer.
- the processor 1212 of the illustrated example includes a local memory 1213 (e.g., a cache).
- the processor 1212 of the illustrated example executes the instructions to implement the example agent installer 120 and the example agent controller 122 .
- the processor 1212 of the illustrated example is in communication with a main memory including a volatile memory 1214 and a non-volatile memory 1216 via a bus 1218 .
- the volatile memory 1214 may be implemented by Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM) and/or any other type of random access memory device.
- the non-volatile memory 1216 may be implemented by flash memory and/or any other desired type of memory device. Access to the main memory 1214 , 1216 is controlled by a memory controller.
- the processor platform 1200 of the illustrated example also includes an interface circuit 1220 .
- the interface circuit 1220 may be implemented by any type of interface standard, such as an Ethernet interface, a universal serial bus (USB), and/or a PCI express interface.
- one or more input devices 1222 are connected to the interface circuit 1220 .
- the input device(s) 1222 permit(s) a user to enter data and commands into the processor 1212 .
- the input device(s) can be implemented by, for example, an audio sensor, a microphone, a camera (still or video), a keyboard, a button, a mouse, a touchscreen, a track-pad, a trackball, isopoint and/or a voice recognition system.
- One or more output devices 1224 are also connected to the interface circuit 1220 of the illustrated example.
- the output devices 1224 can be implemented, for example, by display devices (e.g., a light emitting diode (LED), an organic light emitting diode (OLED), a liquid crystal display, a cathode ray tube display (CRT), a touchscreen, a tactile output device, a printer and/or speakers).
- the interface circuit 1220 of the illustrated example thus, typically includes a graphics driver card, a graphics driver chip or a graphics driver processor.
- the interface circuit 1220 of the illustrated example also includes a communication device such as a transmitter, a receiver, a transceiver, a modem and/or network interface card to facilitate exchange of data with external machines (e.g., computing devices of any kind) via a network 1226 (e.g., an Ethernet connection, a digital subscriber line (DSL), a telephone line, coaxial cable, a cellular telephone system, etc.).
- a communication device such as a transmitter, a receiver, a transceiver, a modem and/or network interface card to facilitate exchange of data with external machines (e.g., computing devices of any kind) via a network 1226 (e.g., an Ethernet connection, a digital subscriber line (DSL), a telephone line, coaxial cable, a cellular telephone system, etc.).
- DSL digital subscriber line
- the processor platform 1200 of the illustrated example also includes one or more mass storage devices 1228 for storing software and/or data.
- mass storage devices 1228 include floppy disk drives, hard drive disks, compact disk drives, Blu-ray disk drives, RAID systems, and digital versatile disk (DVD) drives.
- the example mass storage 1228 implements the example data store 124 .
- the coded instructions 1232 of FIG. 9 may be stored in the mass storage device 1228 , in the volatile memory 1214 , in the non-volatile memory 1216 , and/or on a removable tangible computer readable storage medium such as a CD or DVD.
- FIG. 13 is a block diagram of an example processor platform 1300 capable of executing the instructions of FIGS. 10 and/or 11 to implement the example capabilities management agent 118 of FIGS. 1A, 1B and/or 2 .
- the processor platform 1300 can be, for example, a server, a personal computer, or any other type of computing device.
- the processor platform 1300 of the illustrated example includes a processor 1312 .
- the processor 1312 of the illustrated example is hardware.
- the processor 1312 can be implemented by one or more integrated circuits, logic circuits, microprocessors or controllers from any desired family or manufacturer.
- the processor 1312 of the illustrated example includes a local memory 1313 (e.g., a cache).
- the processor 1312 of the illustrated example executes the instructions to implement the example messaging interface 205 , the example security engine 210 , the example package unpacker 215 , the example plugins registrar 220 , the example plugins monitor 245 and the example capabilities executor 255 .
- the processor 1312 of the illustrated example is in communication with a main memory including a volatile memory 1314 and a non-volatile memory 1316 via a bus 1318 .
- the volatile memory 1314 may be implemented by Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM) and/or any other type of random access memory device.
- the non-volatile memory 1316 may be implemented by flash memory and/or any other desired type of memory device. Access to the main memory 1314 , 1316 is controlled by a memory controller.
- the processor platform 1300 of the illustrated example also includes an interface circuit 1320 .
- the interface circuit 1320 may be implemented by any type of interface standard, such as an Ethernet interface, a universal serial bus (USB), and/or a PCI express interface.
- one or more input devices 1322 are connected to the interface circuit 1320 .
- the input device(s) 1322 permit(s) a user to enter data and commands into the processor 1312 .
- the input device(s) can be implemented by, for example, an audio sensor, a microphone, a camera (still or video), a keyboard, a button, a mouse, a touchscreen, a track-pad, a trackball, isopoint and/or a voice recognition system.
- One or more output devices 1324 are also connected to the interface circuit 1320 of the illustrated example.
- the output devices 1324 can be implemented, for example, by display devices (e.g., a light emitting diode (LED), an organic light emitting diode (OLED), a liquid crystal display, a cathode ray tube display (CRT), a touchscreen, a tactile output device, a printer and/or speakers).
- the interface circuit 1320 of the illustrated example thus, typically includes a graphics driver card, a graphics driver chip or a graphics driver processor.
- the interface circuit 1320 of the illustrated example also includes a communication device such as a transmitter, a receiver, a transceiver, a modem and/or network interface card to facilitate exchange of data with external machines (e.g., computing devices of any kind) via a network 1326 (e.g., an Ethernet connection, a digital subscriber line (DSL), a telephone line, coaxial cable, a cellular telephone system, etc.).
- a communication device such as a transmitter, a receiver, a transceiver, a modem and/or network interface card to facilitate exchange of data with external machines (e.g., computing devices of any kind) via a network 1326 (e.g., an Ethernet connection, a digital subscriber line (DSL), a telephone line, coaxial cable, a cellular telephone system, etc.).
- DSL digital subscriber line
- the processor platform 1300 of the illustrated example also includes one or more mass storage devices 1328 for storing software and/or data.
- mass storage devices 1328 include floppy disk drives, hard drive disks, compact disk drives, Blu-ray disk drives, RAID systems, and digital versatile disk (DVD) drives.
- the example mass storage 1328 implements the example plugins repository 225 , the example plugins inventory 230 , the example invokers repository 235 , the example catalog 250 and the example results data store 260 .
- the coded instructions 1332 of FIGS. 10 and/or 11 may be stored in the mass storage device 1328 , in the volatile memory 1314 , in the non-volatile memory 1316 , and/or on a removable tangible computer readable storage medium such as a CD or DVD.
- the disclosed methods, apparatus and articles of manufacture facilitate maintaining a catalog of capabilities available at an asset.
- a capabilities management agent installed at the asset may determine tasks that may be performed at the asset based on plugin(s) loaded at the asset.
- the disclosed methods, apparatus and articles of manufacture update the catalog of capabilities when a new plugin is added or detected.
- the example capabilities management agent may retrieve a set of capabilities that may be performed by the new plugin.
- the disclosed methods, apparatus and articles of manufacture reduce computing resources by maintaining a catalog of capabilities at the respective assets in the computing environment, which enables reducing the number of plugins installed at the assets, and reducing the number of plugins performing redundant capabilities at the assets.
- the disclosed methods apparatus and articles of manufacture reduce usage of computing resources by utilizing standard formats for providing the catalog of capabilities and for storing the output of performing the respective capabilities, which facilitates different applications accessing the results rather than re-executing the capabilities.
- the disclosed methods apparatus and articles of manufacture reduce usage of computing resources by enabling plugins to utilize plugin invokers, which facilitates support of plugins written in a variety of languages.
- the example common agent framework disclosed herein is extensible. As described above, the example common agent framework disclosed herein includes a communication interface, a management agent and one or more plugins installed at an asset.
- the communication interface can be extended to use a Rabbit AMQP Broker, a ZeroMQ (socket-based) communications, REST, etc.
- the management agent facilitates extending by supporting additional scripts, libraries, decompression tools, etc.
- the management agent can support new plugins, thereby increasing the capabilities available for performing at the asset, but also conserving resources allocated to the asset by not installing redundant capabilities.
Abstract
Description
- This patent arises from a continuation of U.S. patent application Ser. No. 14/824,049, (Now U.S. Pat. No. ______) which was filed on Aug. 11, 2015. U.S. patent application Ser. No. 14/824,049 is hereby incorporated herein by reference in its entirety. Priority to U.S. patent application Ser. No. 14/824,049 is hereby claimed.
- This disclosure relates generally to computing environments, and, more particularly, to methods and apparatus to manage asset in a computing environment using a common agent framework.
- Virtualizing computer systems provides benefits such as the ability to execute multiple computer systems on a single hardware computer, replicating computer systems, moving computer systems among multiple hardware computers, and so forth. Example systems for virtualizing computer systems are described in U.S. patent application Ser. No. 11/903,374, entitled “METHOD AND SYSTEM FOR MANAGING VIRTUAL AND REAL MACHINES,” filed Sep. 21, 2007, and granted as U.S. Pat. No. 8,171,485, U.S. Provisional Patent Application No. 60/919,965, entitled “METHOD AND SYSTEM FOR MANAGING VIRTUAL AND REAL MACHINES,” filed Mar. 26, 2007, and U.S. Provisional Patent Application No. 61/736,422, entitled “METHODS AND APPARATUS FOR VIRTUALIZED COMPUTING,” filed Dec. 12, 2012, all three of which are hereby incorporated herein by reference in their entirety.
- “Infrastructure-as-a-Service” (also commonly referred to as “IaaS”) generally describes a suite of technologies provided by a service provider as an integrated solution to allow for elastic creation of a virtualized, networked, and pooled computing platform (sometimes referred to as a “cloud computing platform”). Enterprises may use IaaS as a business-internal organizational cloud computing platform (sometimes referred to as a “private cloud”) that gives a developer access to infrastructure resources, such as virtualized servers, storage, and networking resources. By providing ready access to the hardware resources required to run an application, the cloud computing platform enables developers to build, deploy, and manage the lifecycle of a web application (or any other type of networked application) at a greater scale and at a faster pace than ever before.
-
FIG. 1A is a block diagram of an example computing environment constructed in accordance with the teachings of this disclosure to facilitate management of capabilities using a common agent framework. -
FIG. 1B is a block diagram of an alternate example computing environment constructed in accordance with the teachings of this disclosure to facilitate management of capabilities using a common agent framework. -
FIG. 2 is a block diagram of an example implementation of the example capabilities management agent ofFIGS. 1A and/or 1B constructed in accordance with the teachings of the disclosure. -
FIG. 3 illustrates an example plugin registration file that may be used by the example capabilities management agent ofFIGS. 1A, 1B and/or 2 to register the example plugin ofFIGS. 1A and/or 1B . -
FIG. 4 illustrates an example plugin invoker file that may be used by the example capabilities management agent ofFIGS. 1A, 1B and/or 2 to invoke the example plugin ofFIGS. 1A and/or 1B . -
FIG. 5 illustrates an example invoke request file that may be executed by the example capabilities management agent ofFIGS. 1A, 1B and/or 2 to invoke a capability. -
FIG. 6 illustrates an example data table that may be employed by the example plugins registrar ofFIG. 2 to store registered plugins-invoker mappings. -
FIG. 7 illustrates an example schema of functions file that may be used by the example capabilities management agent ofFIGS. 1A, 1B and/or 2 to determine the capabilities provided by the example plugin ofFIGS. 1A and/or 1B . -
FIG. 8 illustrates an example data table that may be employed by the example capabilities management agent ofFIGS. 1A, 1B and/or 2 to store capability-plugin mappings. -
FIG. 9 is a flowchart representative of example machine-readable instructions that may be executed to implement the example application ofFIGS. 1A and/or 1B . -
FIGS. 10 and 11 are flowcharts representative of example machine-readable instructions that may be executed to implement the example capabilities management agent ofFIGS. 1A and/or 1B . -
FIG. 12 is a block diagram of an example processing platform capable of executing the example machine-readable instructions ofFIG. 9 to implement the example application ofFIGS. 1A and/or 1B . -
FIG. 13 is a block diagram of an example processing platform capable of executing the example machine-readable instructions ofFIGS. 10 and/or 11 to implement the example capabilities management agent ofFIGS. 1A, 1B and/or 2 . - Examples disclosed herein facilitate a common agent framework to manage asset capabilities in an enterprise. For example, disclosed examples install a capabilities management agent on one or more asset(s) in the enterprise to enable one or more application(s) to securely and efficiently add, discover and/or invoke capabilities available at the asset. In addition, disclosed examples implement the common agent framework in a platform-agnostic and/or language-agnostic manner. For example, the capabilities management agent may invoke capabilities written in different languages (e.g., Java, python, C++, etc.) at the same time.
- Virtual computing services enable one or more assets to be hosted within a computing environment. As disclosed herein, an asset is a computing resource (physical or virtual) that may host a wide variety of different applications such as, for example, an email server, a database server, a file server, a web server, etc. Example assets include physical hosts (e.g., non-virtual computing resources such as servers, processors, computers, etc.), virtual machines, containers that run on top of a host operating system without the need for a hypervisor or separate operating system, hypervisor kernel network interface modules, etc. In some examples, an asset may be referred to as a compute node, an end-point, a data computer end-node or as an addressable node.
- Virtual machines operate with their own guest operating system on a host using resources of the host virtualized by virtualization software (e.g., a hypervisor, virtual machine monitor, etc.). Numerous virtual machines can run on a single computer or processor system in a logically separated environment (e.g., separated from one another). A virtual machine can execute instances of applications and/or programs separate from application and/or program instances executed by other virtual machines on the same computer.
- In examples disclosed herein, containers are virtual constructs that run on top of a host operating system without the need for a hypervisor or a separate guest operating system. Containers can provide multiple execution environments within an operating system. Like virtual machines, containers also logically separate their contents (e.g., applications and/or programs) from one another, and numerous containers can run on a single computer or processor system. In some examples, utilizing containers, a host operating system uses namespaces to isolate containers from each other to provide operating-system level segregation of applications that operate within each of the different containers. This segregation can be viewed as a form of virtualization that isolates different groups of applications that operate in different containers. In some examples, such containers are more lightweight than virtual machines. In some examples, a container OS may execute as a guest OS in a virtual machine.
- Management applications provide administrators visibility into the condition of assets in a computing environment (e.g., a data center). Administrators can inspect the assets, see the organizational relationships of a virtual application, filter log files, overlay events versus time, etc. In some examples, an application may install one or more plugins (sometimes referred to herein as “agents”) at the asset to perform monitoring operations. For example, a first management application may install a first monitoring agent at an asset to track an inventory of physical resources and logical resources in a computing environment, a second management application may install a second monitoring agent at the asset to provide real-time log management of events, analytics, etc., and a third management application may install a third monitoring agent to provide operational views of trends, thresholds and/or analytics of the asset, etc. However, executing the different monitoring agents at the asset consumes resources (e.g., physical resources) allocated to the asset. In addition, some monitoring agents may perform one or more similar task(s).
- Examples disclosed herein facilitate a common agent framework in a computing environment to enable management applications to securely and efficiently manage capabilities at the asset in the computing environment. For example, disclosed examples include a capabilities management agent installed on the asset to maintain a catalog of capabilities (sometimes referred to herein as a “schema” or a “set of capabilities”) available at the asset.
- In some disclosed examples, the example capabilities management agent facilitates adding capabilities (sometimes referred to herein as “functions,” “tasks,” “processes” or “operations”) available at the asset. For example, in some disclosed examples, the example capabilities management agent registers plugin(s) provided by the management application in a plugins inventory. For example, the example capabilities management agent may record a plugin identifier (e.g., included in a plugin registration file) in the plugins inventory. In some examples, the plugin identifier may include a plugin namespace identifier, a plugin name identifier and a plugin version identifier.
- In some disclosed examples, the plugin registration file also includes a reference to a plugin invoker (e.g., a file, a script, a program, etc.) associated with the plugin (sometimes referred to herein as a “provider” or a “capabilities provider”). In some examples, the example plugin invoker may facilitate executing the plugin. For example, when called by the example capabilities management agent, a plugin invoker may first load resources (e.g., a python library) that may be used by the plugin and then call the plugin (e.g., a plugin written in python) to execute.
- In some disclosed examples, in response to registering the plugin in the example plugins inventory, the example capabilities management agent identifies one or more new capabilities made available by the plugin for executing. For example, the capabilities management agent may execute the plugin (e.g., by calling the associated plugin invoker) and request that the plugin provide a schema of functions describing a set of capabilities made available by the plugin. In some disclosed examples, the example capabilities management agent records the set of capabilities in a catalog of capabilities based on the identifiers of the capabilities in the set. As used herein, a capability identifier may include a class namespace, a class name, a class version and/or a capability name. A class (sometimes referred to as a “capability group”) is a set of capabilities that may be identified by the same namespace, name and version.
- In some disclosed examples, the capabilities management agent facilitates the management application discovering capabilities available to the asset by providing an updated catalog of capabilities to the management application. For example, when a new plugin is installed in the capabilities management agent at the asset, new capabilities (e.g., functions, tasks, processes, operations, etc.) are made available for executing. An example benefit of the capabilities management agent providing an updated catalog of capabilities to the management application is to enable the management application to determine whether to install their own plugin at the asset as the capabilities available at the asset change. For example, when a management application connects with the capabilities management agent, the management application may request that the example capabilities management agent provide the catalog of capabilities. In some disclosed examples, when the asset already has the resources to perform the functions required by the management application, the management application does not install a management application plugin at the asset, thereby enabling the asset to consume fewer of the resources allocated to the asset.
- In some examples, the plugin may be a proactive plugin that continuously (or nearly continuously) executes at the asset. For example, a service level agreement (SLA) monitoring agent may continuously execute on the asset to determine if and/or when utilization of the asset violates an SLA. In some examples, the plugin may be a reactive plugin that responds (e.g., executes at the asset) when requested. For example, an agent installer plugin may respond (e.g., install an agent) when requested and remain idle otherwise, thereby conserving resources (e.g., processing power, memory, etc.) consumed at the asset. In some disclosed examples, the example capabilities management agent may limit resource utilization at the asset (e.g., by the installed plugins) by disabling proactive plugins. For example, while a plugin is performing a monitoring function (e.g., an SLA check), the example capabilities management agent may disable the proactive plugin.
- In some disclosed examples, in response to a request, the example capabilities management agent uses a capability identifier included in the request to determine a particular plugin that is able to perform the requested task. For example, a management application may invoke a capability (e.g., request the capabilities management agent perform a capability) by providing the capability identifier and one or more argument(s) needed to perform the task to the example capabilities management agent. In some examples, the capabilities management agent queries the example catalog of capabilities for a plugin identifier that maps to the capability identifier. In some disclosed examples, the example capabilities management agent utilizes the plugin identifier to determine the plugin invoker to be used to execute the plugin. For example, the capabilities management agent may retrieve an invoker identifier from the plugins inventory. The example capabilities management agent may then call the plugin invoker by providing the plugin invoker the capability identifier and the argument(s). The example capabilities management agent may also provide a location to store the results of performing the task. For example, the plugin may record (e.g., log) output in an example results data store provided by the capabilities management agent.
-
FIG. 1A is a block diagram of anexample computing environment 100 employing virtual machines and a hypervisor. Theexample computing environment 100 ofFIG. 1A includes an example network ofstorage arrays 102 in communication with one or more example computing server(s) 104. The example network ofstorage arrays 102 may be implemented using any suitable wired and/or wireless storage including, for example, one or more Fiber Channel Storage Area Network (SAN) arrays, one or more Internet Small Computer System Interface (iSCSI) SAN arrays, one or more Network Attached Storage (NAS) arrays, etc. In the illustrated example, the network ofstorage arrays 102 are connected to and shared among groups of servers through anexample network 106, thereby enabling aggregating storage resources and enabling increased flexibility in provisioning the storage resources to, for example, one or more example virtual machine(s) 110. - In the illustrated example of
FIG. 1A , the example computing server(s) 104 may be implemented by any number of x86 or ARM (Acorn RISC Machine architecture) servers (e.g., one or more). The computing server(s) of the illustrated example are in communication with the example network ofstorage arrays 102 via theexample network 106. While in the illustrated example the computing server(s) 104 are illustrated as a single server, the computing server(s) 104 may be implemented by any number (e.g., 1, 2, 3, etc.) and/or type(s) of servers. Theexample network 106 ofFIG. 1A may be implemented using any suitable wired and/or wireless network(s) such as, for example, one or more data buses, one or more Local Area Networks (LANs), one or more wireless LANs, one or more cellular networks, the Internet, an Intranet, etc. As used herein, the phrase “in communication,” and/or variations thereof, encompass direct communication and/or indirect communication through one or more intermediary components and do not require direct physical (e.g., wired) communication and/or constant communication, but rather additionally include selective communication at periodic or aperiodic intervals, as well as one-time events - In the illustrated example of
FIG. 1A , one or more of the example computing server(s) 104 executes anexample virtualization platform 108. A virtualization platform (sometimes referred to as a “virtualization layer,” a “hypervisor” or a “virtual machine monitor”) abstracts processors, memory, storage and/or other resources of the computing environment into one or more virtual machines. In the illustrated examples, the virtual machine(s) 110 include anoperating system 114 and/or execute one or more applications and/or services. In some examples, thevirtualization platform 108 may be installed on a computing server without an intervening operating system (e.g., a bare-metal hypervisor). In some examples, thevirtualization platform 108 may be installed on a storage device rather than on a computing server. - The
example virtualization platform 108 ofFIG. 1A virtualizes and aggregates the underlying physical hardware resources (e.g., some or all of the example network ofstorage arrays 102 and/or the example computing server(s) 104) across the physical computing environment and provides pools of virtual resources available for use in thecomputing environment 100. Thus, by using the resources available from the physical components of thecomputing environment 100, one or more of the example virtual machine(s) 110 may request resources dynamically as a workload increases, and/or may release resources dynamically as the workload decreases. - In some examples disclosed herein, a lighter-weight virtualization is employed by eliminating the
virtualization platform 108 and using containers in place of the virtual machine(s) 110.FIG. 1B is an example illustrating such a light-weightvirtual computing environment 150. In the illustrated example ofFIG. 1B , anexample computing server 152 provides ahost operating system 154. One or more example container(s) 156 of the example ofFIG. 1B are software constructs that run on top of thehost operating system 154 without the need for a virtualization platform or a separate guest operating system. Unlike virtual machines, the containers do not instantiate their own operating systems. Like virtual machines, the container(s) 156 are logically separate from one another. Numerous containers can run on a single computer or processor system. Also like virtual machines, the container(s) 156 can execute instances of applications or programs separate from application/program instances executed by the other containers on the same computer or processing system. - In some examples, the
host operating system 154 uses namespaces to isolate the container(s) 156 from each other. Such an approach provides operating system level segregation of the different groups of applications that operate within the different container(s) 156. This segregation is akin to the virtual machine segregation that is offered in hypervisor-based virtualized environments, and thus can be viewed as a form of virtualization that isolates different groups of applications that operate in different containers. Other than the use of virtual machines and a hypervisor instead of containers running on a host OS, the example ofFIGS. 1A and 1B are similar. Thus, the following discussion of like numbered components inFIG. 1A apply equally well to the like numbered parts ofFIG. 1B and, to avoid redundancy,FIG. 1B will not be separately described. - Returning to the illustrated example of
FIG. 1A , theexample virtualization platform 108 has provisioned the virtual machine(s) 110. While in the illustrated example the virtual machine(s) 110 are illustrated as a single virtual machine, the virtual machine(s) 110 may represent any number of logical resources provisioned by thevirtualization platform 108. Theexample virtualization platform 108 provisions the virtual machine(s) 110 and configures the respective virtual machine(s) 110 for operation in thecomputing environment 100. For example, thevirtualization platform 108 may install and configure anexample operating system 112 onto the virtual machine(s) 110. - In the illustrated example of
FIG. 1A , to manage thecomputing environment 100, theexample computing environment 100 ofFIG. 1A includes anexample virtualization manager 114. Theexample virtualization manager 114 provides a single point of control (or point of access) to thecomputing environment 100. In the illustrated example, thevirtualization manager 114 manages the assignments of virtual machine(s) 110 to be virtualized on corresponding ones of the computing server(s) 104, and manages the assignments of resources of the computing server(s) 104 to the virtual machine(s) 110. In some examples, thevirtualization manager 114 includes one or more interfaces (e.g., a web-access interface) that enable applications to manage theexample computing environment 100 and access theexample virtualization platform 108 and/or the example virtual machine(s) 110. - In the illustrated example of
FIG. 1A , theexample computing environment 100 includes one or more example application(s) 116 that interface with thevirtualization manager 114 to manage and/or access the resources in thecomputing environment 100. In the illustrated example, theapplication 116 is a management application (e.g., vRealize, Log Insight™ and Hyperic®, vSphere®/vCenter manager, which are commercially available products from VMware®, Inc.) that performs monitoring operations to provide administrators visibility into the condition of the virtual machine(s) 110. As described above, in traditional architectures, when a management application is installed to monitor operations, the management application installs an agent at the virtual machine(s) being managed. These agents provide the functions (e.g., the monitoring operations or processes) that are required by the management application. This traditional architecture approach has several drawbacks. For instance, each application that is managing a virtual machine may install respective agent(s) on the virtual machine, which consumes resources (e.g., physical resources) allocated to the virtual machine. In addition, some functions provided by the agents may be redundant. For example, two management applications that provide analytics at the managed virtual machine may both install functions to monitor disk latency at the virtual machine. - In order to facilitate the common agent framework disclosed herein, the
computing environment 100 of the illustrated example is provided with acapabilities management agent 118. For example, thevirtualization platform 108 may install and configure thecapabilities management agent 118 at the provisioned virtual machine(s) 110. The examplecapabilities management agent 118 maintains an example catalog of capabilities that are available at thevirtual machine 110 based on plugins installed at thevirtual machine 110. In some examples, when an application accesses thevirtual machine 110, thecapabilities management agent 118 provides the catalog of capabilities to the application, which may then determine whether to install an agent or, if the functionality is already available at thevirtual machine 110, to not install an agent. - The
example application 116 of the illustrated example ofFIG. 1A includes anexample agent installer 120, anexample agent controller 122 and anexample data store 124. - The
example agent installer 120 of the illustrated example ofFIG. 1A installs the functions (e.g., capabilities) required by theapplication 116 at thevirtual machine 110. In the illustrated example, when theagent installer 120 accesses thevirtual machine 110, theagent installer 120 requests that thevirtual machine 110 provide a catalog of capabilities representing the functions installed at thevirtual machine 110 and available to be invoked by theapplication 116. Theexample agent installer 120 ofFIG. 1A compares the capabilities included in the catalog to a schema offunctions 126 required by theapplication 116 be available at thevirtual machine 110. For example, theagent installer 120 may retrieve the schema offunctions 126 from thedata store 124. In some examples, the schema offunctions 126 represents a set of functions that may be invoked by theapplication 116. For example, the schema offunctions 126 may be a list, a file, a database, etc. - In the illustrated example of
FIG. 1A , when theagent installer 120 determines that the required function(s) are not already available at thevirtual machine 110, theagent installer 120 provides anexample plugin package 128 to thecapabilities management agent 118 to install and make available the function(s) for invoking at thevirtual machine 110. Theexample plugin package 128 of the illustrated example includes anexample plugin 130 to provide the functions required by theapplication 116 and anexample plugin identifier 132 to uniquely identify theplugin 130. For example, theplugin identifier 132 may include a plugin name, a plugin version and a plugin namespace. Such an approach provides developer level segregation of the different plugins that are installed at thevirtual machine 110. As a result, two plugins installed at thevirtual machine 110 may be differentiated based on their respective namespaces, their respective names and/or their respective version numbers. In some examples, theplugin identifier 132 may be included in a file (e.g., a plugin registration file), a list, as metadata in theplugin 130, etc. An exampleplugin registration file 300 is described in connection withFIG. 3 . - The example common agent framework disclosed herein is platform-agnostic and language-agnostic. As disclosed herein, while plugin developers write their plugins in a particular language for a particular platform, the plugin developers can write the plugins in the particular language and/or platform of their choice. For example, plugin developers utilizing the techniques disclosed herein are not required to write their plugins in a specified language or for a specified platform. In addition, developers employing the common agent framework are not required to prepare specific versions of their plugins for different platforms and/or languages. For example, developers employing the common agent framework are able to use whichever language is most appropriate for a platform. For example, developers may develop a plugin for a Windows platform or a *nix platform in Java, python and/or C++. In other examples, developers that develop a plugin using the PowerShell language may be limited to the Windows platform.
- In addition, application developers utilizing the techniques disclosed herein do not need to worry about the language and/or the platform for which a plugin was developed. As disclosed herein, by using a standard or common format for requests, responses and schema/catalogs, any application developer aware of a plugin can invoke plugin capabilities at a later time.
- To enable this platform and language independence, the
example plugin package 128 includes anexample invoker 134 that operates as a translator to provide platform and language interoperability. For example, theexample invoker 134 may be a shell script that enables an instruction received in C++ to be executed by a plugin written in python. In some examples, theexample invoker 134 also provides resources that are needed by theplugin 130 to execute. For example, theinvoker 134 may retrieve and/or load a language interpreter (e.g., Java, Python, Perl, etc.) that can be utilized by theplugin 130 during execution (e.g., when called). In the illustrated example ofFIG. 1A , theexample invoker 134 includes anexample invoker identifier 135 that may be used to call theinvoker 134. - As described below in connection with
FIGS. 2 and 4 , the examplecapabilities management agent 118 may read theplugin identifier 132 to determine theplugin invoker 134 to call. In some examples, theplugin invoker 134 prepares the language-specific path(s) (e.g., PYTHON_PATH, LD_LIBRARY_PATH) and calls the plugin in the language-specific manner. An implementation of anexample plugin invoker 134 is described in connection withFIG. 4 . - The
example agent controller 122 of the illustrated example ofFIG. 1A providesrequests 136 to thecapabilities management agent 118 to perform monitoring operations. For example, theagent controller 122 may instruct thecapabilities management agent 118 to kill a process running at thevirtual machine 110, to log resource utilization at thevirtual machine 110, etc. In the illustrated example ofFIG. 1A , theexample request 136 includes acapability identifier 138 and one or more argument(s) 140 used by the corresponding capability. For example, to kill a process running at thevirtual machine 110, theexample request 136 may include acapability identifier 138 corresponding to the kill operation (e.g., “kill”) and anargument 140 corresponding to the particular operation (e.g., “PID=1234”). In some examples, thecapability identifier 138 may include a class (e.g., a namespace (e.g., “Application1”), a name (e.g., “process”) and a version number (e.g., “1.0”). As used herein, a class represents a set of capabilities that are identified by the same namespace, same name and same version. For example, an example class (e.g., “Application1/ process/ 1.0”) may include a “kill” operation to kill a process and a “pause” operation to pause a process. Including a class in thecapability identifier 138 may be useful in avoiding naming conflicts between different developers. For example, if two different developers want to implement a kill operation in different ways, the two developers may each name the capability “Kill” included in version “1.0” of a “Process” class, but there would not be a naming conflict because each “process” class would reside in a different namespace (e.g., “Application1” and “Application2”). An example implementation of the invokerequest 500 is described in connection withFIG. 5 . - In the illustrated example of
FIG. 1A , theexample request 136 does not include a plugin identifier. This approach may be useful if, for example, anapplication 116 can use a plugin that was previously installed by another application. That is, to theapplication 116, it does not matter which plugin executes their monitoring operations, but, rather, that the requested monitoring operation can be performed at thevirtual machine 110. As described in connection with an example plugins monitor 245, the example plugins monitor 245 maintains a mapping between capabilities and the plugins that perform those capabilities. As a result, developers (e.g., application developers) do not need to worry about plugin names to call their functions. In addition, plugins may be used by applications that were unanticipated or unknown to developers at the time the developers developed the plugins. For example, by using a standard or common format for requests, responses and schema/catalogs, any developer aware of a plugin can invoke the plugin capabilities at a later time. In addition, by storing the outcomes in a standard or common format, different developers (e.g., application developers) may be able to utilize the outcomes already stored, for example, in theexample data store 260, rather than re-executing the same functions. - The
example data store 124 ofFIG. 1A is provided to store the example schema offunctions 126, theexample plugin package 128 and/or any other information used by theapplication 116. Theexample data store 124 ofFIG. 1A may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)). Theexample data store 124 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc. Theexample data store 124 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, theexample data store 124 is illustrated as a single database, theexample data store 124 may be implemented by any number and/or type(s) of databases. - In operation, the
example agent installer 120 receives a catalog of capabilities from the examplecapabilities management agent 118 that includes a set of capabilities that are available at thevirtual machine 110. Theexample agent installer 120 retrieves the example schema offunctions 126 from theexample data store 124 and compares the functions in the catalog of capabilities to the functions included in theschema 126. In response to determining that the schema offunctions 126 includes one or more function(s) that are not available at the virtual machine 110 (e.g., not included in the catalog of capabilities), theexample agent installer 120 retrieves theplugin package 128 from thedata store 124 and provides theplugin package 128, which includes theplugin 130 to provide the one or more identified function(s), theexample plugin identifier 132 corresponding to theplugin 130 and theexample plugin invoker 134 associated with theplugin 130, to thecapabilities management agent 118. - In the illustrated example, the
example agent controller 122, in response to a determination to invoke a capability at thecapabilities management agent 118, provides theexample request 136 to thecapabilities management agent 118 to perform the capability. Therequest 136 includes thecapability identifier 138, which includes a class namespace, a class name, a class version and/or a capability name. Theexample request 136 also includes one or more argument(s) 140 such a parameter (e.g., a variable name, a variable value, etc.) and/or attachment (e.g., a file). An example of an attachment is a capability that installs patches and an example attachment is a patch. - As an illustrative example, consider an
example application 116 that performs compliance assessment (e.g., Security Content Automation Protocol (SCAP) compliance assessment) to determine if thevirtual machine 110 satisfies one or more hardening standards such as the Health Insurance Portability and Accountability Act (HIPAA), Secure Technical Implementation Guides (STIGS) (provided by the Defense Information Securities Agency), vSphere Hardening Guide (VHG) (provided by VMware®, Inc.), etc. In some such examples, theapplication 116 may determine whether thevirtual machine 110 is in compliance or compliance violation by invoking an “assess” capability at thevirtual machine 110. In the illustrated example, the results of performing the “assess” capability are provided to theapplication 116 in the SCAP format and theapplication 116 is able to determine which, if any, rules are violated by thevirtual machine 110. In some examples, if theapplication 116 discovers a compliance violation, theexample application 116 may remediate the violation by invoking a capability at the virtual machine 110 (e.g., by applying a patch, by upgrading one or more capabilities available at thevirtual machine 110, by downgrading one or more capabilities available at thevirtual machine 110, etc.) via the examplecapabilities management agent 118 and, thereby, bringing thevirtual machine 110 into near real-time and ongoing compliance. For example, if thevirtual machine 110 is out of compliance because password rules at thevirtual machine 110 are not stringent enough (e.g., do not satisfy a threshold), theapplication 116 may invoke a “changePasswordRule” capability at thevirtual machine 110 to cause thecapability management agent 118 to upgrade the password rules at thevirtual machine 110. - While an example manner of implementing the
application 116 is illustrated inFIGS. 1A and/or 1B , one or more of the elements, processes and/or devices illustrated inFIGS. 1A and/or 1B may be combined, divided, re-arranged, omitted, eliminated and/or implemented in any other way. Further, theexample agent installer 120, theexample agent controller 122, theexample data store 124 and/or, more generally, theexample application 116 ofFIGS. 1A and/or 1B may be implemented by hardware, software, firmware and/or any combination of hardware, software and/or firmware. Thus, for example, any of theexample agent installer 120, theexample agent controller 122, theexample data store 124 and/or, more generally, theexample application 116 ofFIGS. 1A and/or 1B could be implemented by one or more analog or digital circuit(s), logic circuits, programmable processor(s), application specific integrated circuit(s) (ASIC(s)), programmable logic device(s) (PLD(s)) and/or field programmable logic device(s) (FPLD(s)). When reading any of the apparatus or system claims of this patent to cover a purely software and/or firmware implementation, at least one of theexample agent installer 120, theexample agent controller 122, theexample data store 124 and/or, more generally, theexample application 116 ofFIGS. 1A and/or 1B is/are hereby expressly defined to include a tangible computer readable storage device or storage disk such as a memory, a digital versatile disk (DVD), a compact disk (CD), a Blu-ray disk, etc. storing the software and/or firmware. Further still, theexample application 116 may include one or more elements, processes and/or devices in addition to, or instead of, those illustrated inFIGS. 1A and/or 1B , and/or may include more than one of any or all of the illustrated elements, processes and devices -
FIG. 2 is a block diagram of an example implementation of the examplecapabilities management agent 118 ofFIGS. 1A and/or 1B constructed in accordance with the teachings of this disclosure. In the illustrated example ofFIG. 2 , the examplecapabilities management agent 118 includes anexample messaging interface 205, anexample security engine 210, anexample package unpacker 215, anexample plugins registrar 220, anexample plugins repository 225, an example pluginsinventory 230, anexample invokers repository 235, an example plugins monitor 245, anexample catalog 250, anexample capabilities executor 255 and an example resultsdata store 260. - In the illustrated example of
FIG. 2 , thecapabilities management agent 118 includes theexample communications interface 205 to enable communication with the application(s) 116 ofFIGS. 1A and/or 1B . For example, thecommunications interface 205 may facilitate bi-directional, asynchronous messaging between thecapabilities management agent 118 and the application(s) 116. In the illustrated example, thecommunications interface 205 communicates with the application(s) 116 using Advanced Message Queueing Protocol (AMQP) communications. In some examples, thecommunications interface 205 may communicate with the application(s) 116 via a message broker such as a RabbitMQ server implementing AMQP. However, any other approach to communicate with and/or otherwise transmit and/or receive instructions and/or results to and/or from the application(s) 116 (e.g., Representational state transfer (REST) protocols, ZeroMQ (e.g., socket-based) communications, etc.) may additionally or alternatively be used. - In the illustrated example of
FIG. 2 , thecapabilities management agent 118 includes theexample security engine 210 to validate messages received and/or transmitted via thecommunications interface 205. Theexample security engine 210 of the illustrated example ofFIG. 2 utilizes the Cryptographic Message Syntax (CMS) standard for protecting messages. However, any other approach to protect communications may additionally or alternatively be used. For example, thesecurity engine 210 may use CMS to digitally sign, authenticate and/or encrypt/decrypt messages communicated between the application(s) 116 and thecapability management agent 118. In the illustrated example, thesecurity engine 210 encrypts and signs a message before the outgoing message is transmitted to the application(s) 116. Theexample security engine 210 ofFIG. 2 also validates and decrypts messages received from the application(s) 116. In some examples, validation of the messages by theexample security engine 210 may be useful to defend against man-in-the-middle attacks and/or other attempts to perform unauthorized actions. - In the illustrated example of
FIG. 2 , theexample security engine 210 also authenticates theexample plugin package 128 and/or theexample plugin 130 before theplugin 130 is able to execute at thevirtual machine 110. In the illustrated example, thesecurity engine 210 utilizes the CMS standard for authenticating theplugin 130. For example, thesecurity engine 210 may determine whether a security certificate of theplugin package 128 and/or theplugin 130 matches a corresponding security certificate available to thesecurity engine 210. In response to thesecurity engine 210 determining that the security certificates do not match, thesecurity engine 210 of the illustrated example may prevent theplugin package 128 from installing and/or theplugin 130 from executing. In some examples, thesecurity engine 210 may attempt to validate theplugin package 128 until a time-out event is detected or a threshold number of incorrect attempts is satisfied. - In some examples, the
plugin 130 may be configured with permissions required to execute theplugin 130 at thevirtual machine 110. For example, thesecurity engine 210 may prevent a user from accessing theplugin 130 when the user does not have sufficient permissions (e.g., privileges). In the illustrated example ofFIG. 2 , theexample security engine 205 utilizes VGAuth (a product from VMware®, Inc.) to control the permissions at which theplugin 130 can be executed. In the illustrated example, thesecurity engine 210 utilizes the Security Assertion Markup Language (SAML) standard to authenticate and authorize access of a user to theplugin 130. For example, thesecurity engine 210 may include an alias store that maps user names to one or more aliases. In the illustrated example, when thesecurity engine 210 ofFIG. 2 validates a user (e.g., by comparing a digital signature of the user specified in a SAML Token included in, for example, the request 136) with a security certificate), thesecurity engine 210 enables the user to run at appropriate permissions. For example, requests submitted by an administrator may run as “root,” while requests submitted by a developer may run as “guest.” - An example benefit of such an approach (e.g., utilizing VGAuth to control the permissions at which plugins can be executed) is that administrators at the
virtual machine 110 are in control of the permissions used on thevirtual machine 110 that they administrators are responsible for maintaining, rather than always being permitted to run as a high-privileged user (e.g., “root”). Another example benefit of such an approach includes enabling an operating system (OS) to enforce authorization to OS resources. For example, if aplugin 130 is running as a low-privileged user (e.g., a “guest”), the OS will not let it kill a process owned by a high-privileged user. - In the illustrated example of
FIG. 2 , the examplecapabilities management agent 118 includes theexample package unpacker 215 to unpackage (e.g., decompress) theexample plugin package 128. For example, theapplication 116 may provide theplugin package 128 as a *.zip file, a *.tar file, an *.ogg file, a *.rpm file, etc. Theexample package unpacker 215 enables thecapabilities management agent 118 to access different file types and not require only a single file type. For example, thepackage unpacker 215 may include and/or have access to one or more de-compression tools to decompress theplugin package 128 based on, for example, the file type of theplugin package 128. For example, if thepackage unpacker 215 determines that theplugin package 128 is a *.zip file, theexample package unpacker 215 may call an “unzip” tool to decompress theplugin package 128. In some examples the developer (e.g., a plugin developer) includes an instruction stating which script is appropriate for theparticular plugin package 128. Theexample package unpacker 215 ofFIG. 2 provides decompressed components of the unpacked plugin package 128 (e.g., theplugin 130, theplugin identifier 132 and/or the plugin invoker 134) to theexample plugins registrar 220. - In the illustrated example of
FIG. 2 , the examplecapabilities management agent 118 includes theexample plugins registrar 220 to maintain a record of the plugins available (e.g., installed, loaded) to the capabilities management agent 118 (e.g., to invoke). In the illustrated example, theplugins registrar 220 parses the components of theplugin package 128 provided by theexample package unpacker 215 and identifies theplugin 130, the plugin identifier 132 (e.g., a plugin registration file) and theplugin invoker 134. The example pluginsregistrar 220 ofFIG. 2 stores identifiedplugins 130 in theexample plugins repository 225. - In the illustrated example, the
example plugins registrar 220 stores theplugin identifier 132 in the example pluginsinventory 230. For example, theplugins registrar 220 may record a namespace identifier, a name identifier and a version identifier of theplugin 130 in theplugins inventory 230. In some examples, theplugins registrar 220 may log theplugin registration file 132 in theplugins inventory 230. - The example plugins
registrar 220 stores theexample plugin invoker 134 in anexample invokers repository 235. In some examples, theplugins registrar 220 stores theplugin invoker 134 at a location provided by the application 116 (e.g., at the invoker identifier 135). For example, theplugins registrar 220 may parse theplugin registration file 132 and, in response to an invoker identifier 135 (“app1_process_1_0_0”) identified in theplugin registration file 132, store the correspondingplugin invoker 134 in the invokers repository 235 (e.g., at a path location “invokers repository/ app1_process_1_0_0”). The example pluginsregistrar 220 records theinvoker identifier 135 with the correspondingplugin identifier 132 in theplugins inventory 230. An example data table 600 representing registered plugins is shown inFIG. 6 . - In some examples, the
plugins registrar 220 may discard (e.g., delete, uninstall, replace, etc.) a previous version of a plugin. As used herein, the version numbers follow the versioning rules where a change to a minor version represents that, although some code may have changed (e.g., to fix a bug), the application interface is still unchanged. In some such examples, if theapplication 116 updates a plugin to a new minor version (e.g., version 1.0.0 to version 1.0.1), theexample plugins registrar 220 may replace the old plugin (e.g., version 1.0.0) with the new plugin (e.g., version 1.0.1). In contrast, a change to a major version represents a change to the application interface so that older versions cannot be understood by the new version. For example, if theapplication 116 updates a plugin to a new major version (e.g., version 1.0 to version 1.1), theexample plugins registrar 220 will leave the old plugin (e.g., version 1.0) in theexample plugins repository 225 and also install the new plugin (e.g., version 1.1) in theplugins repository 225. - The example plugins
repository 225 ofFIG. 2 is provided to store theexample plugins 130 that are available to thecapabilities management agent 118. The example plugins 130 may be retrieved from theexample plugins repository 225 during execution (e.g., by the corresponding plugin invoker 134). The example pluginsrepository 225 ofFIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or anon-volatile memory (e.g., flash memory)). The example pluginsrepository 225 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc. The example pluginsrepository 225 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, theexample plugins repository 225 is illustrated as a single database, theexample plugins repository 225 may be implemented by any number and/or type(s) of databases. - The example plugins
inventory 230 ofFIG. 2 is provided to store theexample plugin identifiers 132 and theircorresponding invoker identifiers 135. The example pluginsinventory 230 ofFIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)). The example pluginsinventory 230 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc. The example pluginsinventory 230 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example pluginsinventory 230 is illustrated as a single database, the example pluginsinventory 230 may be implemented by any number and/or type(s) of databases. - The
example invokers repository 235 ofFIG. 2 is provided to store theexample plugin invokers 134 that are used to call theircorresponding plugins 130. Theexample invokers repository 235 ofFIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)). Theexample invokers repository 235 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc. Theexample invokers repository 235 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, theexample invokers repository 235 is illustrated as a single database, theexample invokers repository 235 may be implemented by any number and/or type(s) of databases. - To maintain an accurate catalog of
capabilities 250 available at thecapabilities management agent 118, the examplecapabilities management agent 118 includes the example plugins monitor 245 to monitor theplugins inventory 230 for changes (e.g., additions or removals) to theplugins 130 available to thecapabilities management agent 118. For example, an authorized application may bypass theplugins registrar 220 to store theirplugin 130 in theplugins repository 225 and register theirplugin 130 in theplugins inventory 230. In some such examples, theplugins registrar 220 may not be able to determine that anew plugin 130 and capabilities corresponding to thenew plugin 130 are available to thecapabilities management agent 118. - In the illustrated example of
FIG. 2 , the example plugins monitor 245 detects when anew plugin 130 is installed in theplugins inventory 230 via the capabilities management agent 118 (e.g., by the plugins registrar 220). In some examples, the example plugins monitor 245 may detect aplugin 130 that was not installed via thecapabilities management agent 118. For example, a customer may use an Enterprise deployment tool to install theplugin 130 in theplugins repository 225. In some examples, a user may copy theplugin 130 onto thevirtual machine 110 and install the plugin via a command-line instruction such as “rpm -i.” - In the illustrated example of
FIG. 2 , in response to detecting anew plugin 130 in theplugins inventory 230, the example plugins monitor 245 requests thenew plugin 130 to identify the capabilities theplugin 130 is able to perform (e.g., provide the schema of functions 126). For example, the example plugins monitor 245 may retrieve theinvoker identifier 135 from theplugins inventory 230 to call the correspondingplugin invoker 134. In the illustrated example ofFIG. 2 , the plugins monitor 245 records the retrieved capabilities in the example catalog ofcapabilities 250. An implementation of an example schema offunctions 700 is shown inFIG. 7 . - In the illustrated example, the example plugins monitor 245 of
FIG. 2 also logs a mapping between the capabilities and theircorresponding plugins 130 in theexample catalog 250. As described above, when theexample application 116 sends therequest 136 for invoking a capability, theexample request 136 of the illustrated examples ofFIGS. 1A and/or 1B does not necessarily include a plugin identifier. Instead, the example plugins monitor 245 maintains a mapping to associate capabilities with particular plugins. For example, in response to a request to invoke a capability, the example plugins monitor 245 may utilize a mapping between the corresponding capability identifier and a plugin identifier to determine theavailable plugin 130 to perform the capability. An example data table 800 representing capabilities and their plugin mappings are shown inFIG. 8 . - In some examples, the plugins monitor 245 provides the
example catalog 250 to anapplication 116 in response to a capabilities request from theapplication 116. For example, when theapplication 116 connects with the examplecapabilities management agent 118, theexample application 116 may request that thecapabilities management agent 118 provide theexample catalog 250. In some examples, the plugins monitor 245 provides updatedcatalogs 250 to the application(s) 116 in response to changes in thecatalog 250. For example, when theapplication 116 uninstalls theplugin 130 from thevirtual machine 110, the corresponding capabilities performed by thecapabilities management agent 118 are removed from thecatalog 250. In some such examples, the example plugins monitor 245 provides anew catalog 250 to the application(s) 116 accessing thecapabilities management agent 118. In some such examples, the plugins monitor 245 enables the application(s) 116 to determine, in near real-time, whether they need to install theirrespective plugins 130. For example, depending on the capabilities included in thenew catalog 250, anapplication 116 may determine to installplugin 130 for the application (e.g., theagent installer 120 may transmit the plugin package 128). - The example catalog of
capabilities 250 is provided to store mappings between capabilities and their corresponding plugin. The example catalog ofcapabilities 250 ofFIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)). The example catalog ofcapabilities 250 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc. The example results catalog ofcapabilities 250 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example catalog ofcapabilities 250 is illustrated as a single database, the example catalog ofcapabilities 250 may be implemented by any number and/or type(s) of databases. - In the illustrated example of
FIG. 2 , the examplecapabilities management agent 118 includes theexample capabilities executor 255 to facilitate executing capabilities at thevirtual machine 110. As described above, theexample request 136 to perform a capability includes thecapability identifier 138 and one or more argument(s) 140 (e.g., one or more parameter(s) and/or attachment(s)) for executing the capability. In some examples, therequest 136 may include an invoke request file requesting execution of one or more capabilities. An implementation of an example invokerequest file 500 is described in connection withFIG. 5 . - In the illustrated example, the
capabilities executor 255 utilizes thecapability identifier 138 to determine thecorresponding plugin 130 capable of executing the capability. For example, thecapabilities executor 255 may utilize the example catalog 250 (e.g., by querying thecatalog 250, by retrieving information from thecatalog 250, etc.) to map thecapability identifier 138 to the correspondingplugin identifier 132. Theexample capabilities executor 255 ofFIG. 2 uses the retrievedplugin identifier 132 to determine aplugin invoker 134 to call to execute theplugin 130. For example, thecapabilities executor 255 may use the example pluginsinventory 230 to map theplugin identifier 132 to thecorresponding invoker identifier 135. - In the illustrated example, the
capabilities executor 255 calls theplugin 130 to perform the requested capability. For example, theexample capabilities executor 255 may use theinvoker identifier 135 to call theplugin invoker 134 and provides thecapability identifier 138, the argument(s) 140 and a location for theplugin 130 to store the outcome of executing the capability. In some examples, thecapabilities executor 255 executes (e.g., calls) theplugin invoker 134 by passing command-line parameters indicating what tasks to perform (e.g., collect schema of functions, collect instances, invoke an operation, etc.), additional information (e.g., the argument(s) 140 passed to theplugin invoker 134 and the results directory. For example, thecapabilities executor 255 may instruct theplugin 130 to store the outcome (e.g., results) of executing the capability in the example resultsdata store 260. - In some examples, the results stored in the example results
data store 260 are stored using a standard format. In some such examples, using a standard format enables the results stored in theresults data store 260 to be accessed by other application(s) 116. For example, an application unknown to the developers of the requestingapplication 116 may also use the outcomes in theresults data store 260. - The example results
data store 260 is provided to store the results (e.g., outcomes) of executing capabilities. In the illustrated example, theresults data store 260 is controlled by the examplecapabilities management agent 118 to ensure appropriate separation between requests, applications, etc. For example, thecapabilities management agent 118 may separate the results in theresults data store 260 based on clients (e.g., via a client identifier that uniquely identifies theapplication 116 that invoked the capability), asset (e.g., via a virtual machine identifier that uniquely identifies the virtual machine where the capability was invoked) and/or request (e.g., via a request identifier that unique identifies therequest 136 that caused the capability to be invoked). The example resultsdata store 260 ofFIG. 2 may be implemented by a volatile memory (e.g., a Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM, etc.) and/or a non-volatile memory (e.g., flash memory)). The example resultsdata store 260 may additionally or alternatively be implemented by one or more double data rate (DDR) memories, such as DDR, DDR2, DDR3, mobile DDR (mDDR), etc. The example resultsdata store 260 may additionally or alternatively be implemented by one or more mass storage devices such as hard drive disk(s), compact disk drive(s), digital versatile disk drive(s), etc. While, in the illustrated example, the example resultsdata store 260 is illustrated as a single database, the example resultsdata store 260 may be implemented by any number and/or type(s) of databases. - In the illustrated example of
FIG. 2 , the examplecapabilities management agent 118 facilitates the application(s) 116 adding capabilities available to thevirtual machine 110. In operation, theexample communications interface 205 receives theexample plugin package 128 to install theplugin 130 at thecapabilities management agent 118. Theexample security engine 210 processes theplugin package 128 to validate theplugin package 128 and provides the validatedplugin package 128 to theexample package unpacker 215. Thepackage unpacker 215 unpacks (e.g., decompresses) the validatedplugin package 128 and provides the package components (e.g., theexample plugin 130, theexample plugin identifier 132 and the example plugin invoker 134) to theexample plugins registrar 220. Theplugins registrar 220 registers the package components by storing theplugin 130 in theexample plugins repository 225 and storing theplugin invoker 134 in theexample invokers repository 235. The example pluginsregistrar 220 also records theplugin identifier 132 and thecorresponding invoker identifier 135 in the example pluginsinventory 230. The example plugins monitor 245, in response to detecting a change in theplugins inventory 230, requests thenew plugin 130 to provide a set of capabilities that it performs. The example pluginsinventory 230 records the retrieved capabilities in the example catalog ofcapabilities 250. The example plugins monitor 245 also records a capability-plugin mapping in the catalog ofcapabilities 250. - In the illustrated example of
FIG. 2 , the examplecapabilities management agent 118 facilitates the application(s) 116 discovering capabilities available to thevirtual machine 110. For example, in response to detecting a change in the catalog ofcapabilities 250, the examplecapabilities management agent 118 provides an updated listing of capabilities available at thecapabilities management agent 118 to the one or more application(s) 116 in communication with thecapabilities management agent 118. In operation, the example plugins monitor 245 retrieves the capability identifiers included in the catalog ofcapabilities 250. Theexample security engine 210 encrypts the retrieved capability identifiers and thecommunications interface 205 transmits the encrypted set of capabilities to the one or more application(s) 116 in communication with the capabilities management agent. - In the illustrated example of
FIG. 2 , the examplecapabilities management agent 118 facilitates the application(s) 116 invoking capabilities available to thevirtual machine 110. In operation, theexample communications interface 205 receives theexample request 136 invoking a capability at thecapabilities management agent 118. Theexample security engine 210 validates therequest 136 and provides the validatedrequest 136 to theexample capabilities executor 255. Theexample capabilities executor 255 identifies thecapability identifier 138 included in therequest 136 and maps thecapability identifier 138 to the correspondingplugin identifier 132 using the capability-plugins mappings in the catalog ofcapabilities 250. Theexample capabilities executor 255 determines theplugin invoker 134 associated with theplugin identifier 132 using the example registered plugins-invoker mappings in the example pluginsinventory 230. Theexample capabilities executor 255 then calls the identifiedplugin invoker 134 and provides thecapability identifier 138 and one or more argument(s) 140 (e.g., a parameter such as a process identifier (PID), an attachment such as a patch, etc.) needed to perform the capability to theplugin invoker 134. In the illustrated example, the output of theplugin 130 performing the capability is stored in the example resultsdata store 260. - In some examples, the
example plugins repository 225, the example pluginsinventory 230, theexample invokers repository 235, the example catalog ofcapabilities 250 and/or the example resultsdata store 260 may be organized by theexample plugins registrar 220 using a directory file structure. For example, thedifferent plugin identifiers 132 included in theplugins inventory 230 may be stored in respective folders representing thedifferent plugins 130 stored in theplugins repository 225 and thecorresponding plugin invokers 134 stored in theinvokers repository 235. The one or more capabilities that are provided by the correspondingplugins 130 may be stored in respective folders in the catalog ofcapabilities 250. The output(s) of performing the capabilities may be stored in respective folders in theresults data store 260. - In some examples, the installed
plugins 130 and their associated files and/or data may be encapsulated in respective folders and/or directories. For example, a first directory corresponding to afirst plugin 130 may include a folder including thefirst plugin 130, a folder including the correspondingplugin identifier 132, a folder including the associatedplugin invoker 134, a folder including theavailable capability identifiers 138 and a folder including the output of performing the respective capabilities. - In some examples, the
plugin package 128 may be structured to include the respective folders (e.g., a folder including theplugin 130, a folder including theplugin identifier 132, a folder including theplugin invoker 134, a folder including thecapability identifiers 138 and a folder to store the output of performing the respective capabilities). In some such examples, the application(s) 116 may add capabilities at thevirtual machine 110 my providing theplugin package 128. The example application(s) 116 may discover the capabilities available at thevirtual machine 110 by receiving one or more folder(s) including thecapability identifiers 138 for therespective plugins 130 from thecapabilities management agent 118. In addition, anapplication 116 can remove capabilities it provided to the capabilities management agent by uninstalling (e.g., deleting) the folder from thecapabilities management agent 118. - While an example manner of implementing the
capabilities management agent 118 ofFIGS. 1A and/or 1B is illustrated inFIG. 2 , one or more of the elements, processes and/or devices illustrated inFIG. 2 may be combined, divided, re-arranged, omitted, eliminated and/or implemented in any other way. Further, theexample messaging interface 205, theexample security engine 210, theexample package unpacker 215, theexample plugins registrar 220, theexample plugins repository 225, the example pluginsinventory 230, theexample invokers repository 235, the example plugins monitor 245, theexample catalog 250, theexample capabilities executor 255, the example resultsdata store 260 and/or, more generally, the examplecapabilities management agent 118 ofFIGS. 1A and/or 1B may be implemented by hardware, software, firmware and/or any combination of hardware, software and/or firmware. Thus, for example, any of theexample messaging interface 205, theexample security engine 210, theexample package unpacker 215, theexample plugins registrar 220, theexample plugins repository 225, the example pluginsinventory 230, theexample invokers repository 235, the example plugins monitor 245, theexample catalog 250, theexample capabilities executor 255, the example resultsdata store 260 and/or, more generally, the examplecapabilities management agent 118 ofFIGS. 1A and/or 1B could be implemented by one or more analog or digital circuit(s), logic circuits, programmable processor(s), application specific integrated circuit(s) (ASIC(s)), programmable logic device(s) (PLD(s)) and/or field programmable logic device(s) (FPLD(s)). When reading any of the apparatus or system claims of this patent to cover a purely software and/or firmware implementation, at least one of theexample messaging interface 205, theexample security engine 210, theexample package unpacker 215, theexample plugins registrar 220, theexample plugins repository 225, the example pluginsinventory 230, theexample invokers repository 235, the example plugins monitor 245, theexample catalog 250, theexample capabilities executor 255, the example resultsdata store 260 and/or, more generally, the examplecapabilities management agent 118 ofFIGS. 1A and/or 1B is/are hereby expressly defined to include a tangible computer readable storage device or storage disk such as a memory, a digital versatile disk (DVD), a compact disk (CD), a Blu-ray disk, etc. storing the software and/or firmware. Further still, the examplecapabilities management agent 118 ofFIGS. 1A and/or 1B may include one or more elements, processes and/or devices in addition to, or instead of, those illustrated inFIG. 2 , and/or may include more than one of any or all of the illustrated elements, processes and devices. -
FIG. 3 illustrates an exampleplugin registration file 300 that may be used by the examplecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 to register theexample plugin 130. In some examples, theplugin registration file 300 is included in theexample plugin package 128 ofFIGS. 1A and/or 1B (e.g., the plugin identifier 132). The exampleprovider registration file 300 ofFIG. 3 includes an exampleplugin identifier section 305 and an exampleinvoker identifier line 340. The exampleplugin identifier section 305 defines theplugin identifier 132 for theplugin 130. For example, the exampleplugin identifier section 305 includes an examplefirst line 310 to define anexample plugin namespace 315 for theplugin 130, an examplesecond line 320 to define anexample plugin name 325 for theplugin 130 and an examplethird line 330 to define an exampleplugin version number 335 for theplugin 130. In the illustrated example ofFIG. 3 , theplugin namespace 315 is a string data type that identifies an entity (“Entity1”) that provided (e.g., developed, wrote, etc.) theplugin 130. However, other namespace identifiers may additionally or alternatively be used. For example, theplugin namespace 315 may identify the developers of theplugin 130 and/or the application that installs theplugin 130. Theexample plugin name 325 is a string data type that identifies a name (“AgentInstaller”) for theplugin 130. The exampleplugin version number 330 is a string data type that identifies a version number (“1.0.0”) corresponding to theplugin 130. - In the illustrated example of
FIG. 3 , the exampleinvoker identifier line 340 defines an example invoker identifier 345 (“Entity1_AgentInstaller_1_0_0”) used to call the example plugin invoker 134 (FIGS. 1A and/or 1B ) associated with theplugin 130. In some examples, theinvoker identifier 345 corresponds to a relative path location (e.g., “Entity1_AgentInstaller_1_0_0”) to store the correspondingplugin invoker 134 at an absolute path location (e.g., “Invokers Repository/ Entity1_AgentInstaller_1_0_0”) in theexample invokers repository 235. -
FIG. 4 illustrates an exampleplugin invoker file 400 that may be used by the examplecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 to invoke theexample plugin 130 ofFIGS. 1A and/or 1B . In some examples, theplugin invoker file 400 is included in theexample plugin package 128 provided by theapplication 116 ofFIGS. 1A and/or 1B to thecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 . In some examples, theplugin invoker file 400 may be executed by thecapabilities management agent 118 to initiate thecorresponding plugin 130. In the illustrated example ofFIG. 4 , the exampleplugin invoker file 400 includes an exampleexecution setup line 405 that identifies one or more libraries to load for executing the plugin 130 (e.g., PYTHON_PATH, LD_LIBRARY_PATH). The exampleplugin invoker file 400 also includes an example language setup line 410 to load a language in which theplugin 130 is written (e.g., python). The exampleplugin invoker file 400 also includes an exampleplugin calling line 415 to call theplugin 130 in a language specific manner. As described above, in some examples, when thecapabilities management agent 118 invokes theplugin invoker 134, thecapabilities management agent 118 provides the argument(s) 140 and a specific output directory (e.g., the example results data store 260) to store the output. -
FIG. 5 illustrates an example invoke request file 500 that may be executed by the examplecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 to invoke a capability (e.g., functions, tasks, processes, operations, etc.). In some examples, the invokerequest file 500 may be provided by theapplication 116 in theexample request 136. In some examples, theexample agent controller 122 provides the invokerequest file 500 to thecapabilities management agent 118 to invoke a capabilities. In the illustrated example, the invokerequest file 500 includes an examplecapability identifier section 505 and examplearguments identifier section 535. - The example
capability identifier section 505 defines thecapability identifier 138 being invoked. For example, the examplecapability identifier section 505 includes an examplefirst line 510 to define an example class including an example class namespace 515 (e.g., “Application1”), an example class name 520 (e.g., “AppAgent”) and an example class version number 525 (e.g., “1.0.0”). In the illustrated example ofFIG. 5 , theexample class namespace 515 identifies an entity (“Application1”) that provided (e.g., developed, wrote, etc.) the capabilities included in the class. However, other namespace identifiers may additionally or alternatively be used. For example, theclass namespace 515 may identify the developers of the capabilities and/or theplugin 130, and/or the application that installs theplugin 130. The example class name 520 (“AppAgent”) identifies a name for the class. The example class version number 525 (“1.0.0”) identifies a version number corresponding to the class. The examplecapability identifier section 505 includes an examplesecond line 530 to define example capability 531 (e.g., “installRpm”) being invoked in the request. - The example
arguments identifier section 535 defines thearguments 140 used in executing thecapability 531. The examplearguments identifier section 535 ofFIG. 5 includes an example parameter name 540 (e.g., “rpmAttachmentName”), an example parameter data type 545 (e.g., “String”) and an example parameter value (e.g., “rpmAttachment”). - Accordingly, the example invoke request file 500 of
FIG. 5 is used to request that thecapabilities management agent 118 execute an “installRpm”capability 531 that is included in the “Application1/ AppAgent/ 1.0.0” class. In addition, to execute the “installRpm”capability 531, the example invokerequest file 500 provides the “string” type value (“rpmAttachment”) of the “rpmAttachmentName” parameter. In other words, the example invoke request file 500 ofFIG. 5 , when executed, installs the rpm entitled “rpmAttachment.” -
FIG. 6 illustrates an example data table 600 that may be employed by theexample plugins registrar 220 ofFIG. 2 to store registered plugins-invoker mappings. For example, theexample plugins registrar 220 may record theplugin identifier 132 and theinvoker identifier 135 in the example pluginsinventory 230. In the illustrated example ofFIG. 6 , theplugin identifier 132 includes an example plugin namespace, an example plugin name and an example plugin version number. The example data table 600 may be utilized by the examplecapabilities management agent 118 to determine theplugin invoker 134 to call to execute thecorresponding plugin 130. For example, in response to determining to execute aparticular plugin 130 to perform a capability, the examplecapabilities management agent 118 may use the registered plugins-invoker mapping of the data table 600 to determine the corresponding plugin invoker to call. - The example data table 600 includes an example plugin
namespace identifier column 605, an example pluginname identifier column 610, an example pluginversion identifier column 615 and an example plugininvoker identifier column 620. In the illustrated example, the exampleplugin identifier columns plugin 130. For example, two plugins may differ in their plugin namespace, their plugin name and/or their plugin version. The example pluginnamespace identifier column 605 indicates, for example, an entity that developed theplugin 130. The example pluginname identifier column 610 indicates a name of theplugin 130. The example pluginversion identifier column 615 indicates a version number of theplugin 130. The example plugininvoker identifier column 620 indicates theexample invoker identifier 135 that is called to execute theplugin 130. However, any other columns representing any other conditions and/or characteristics of theplugin 130 may additionally or alternatively be used. Moreover, the example column(s) of the example data table 600 may be implemented in any other fashion (e.g., using a different data structure). - The example data table 600 of the illustrated example of
FIG. 6 includes threeexample rows example plugins registrar 220. The examplefirst row 650 indicates that version “1.0.0” of an “AgentInstaller” plugin is installed at thecapabilities management agent 118 and that the plugin (“AgentInstaller”) is associated with an “Entity1.” The examplefirst row 650 also indicates that theexample capabilities executor 255 is to call the plugin invoker (“Entity1_Agent_Installer_1_0_0”) to execute the plugin identified in the examplefirst row 650. - The example
second row 655 indicates that version “1.3.5” of a “LatencyMonitor” plugin is installed at thecapabilities management agent 118 and that the plugin (“LatencyMonitor”) is associated with an “Application2.” The examplesecond row 655 also indicates that theexample capabilities executor 255 is to call the plugin invoker (“App2_Latency_Monitor_1_3_5”) to execute the plugin identified in the examplesecond row 655. - The example
third row 660 indicates that version “1.0.0” of an “AgentInstaller” plugin is installed at thecapabilities management agent 118 and that the plugin (“AgentInstaller”) is associated with an “Application2.” The examplethird row 660 also indicates that theexample capabilities executor 255 is to call the plugin invoker (“App2_Agent_Installer_1_0_0”) to execute the plugin identified in the examplethird row 660. - The example data table 600 of
FIG. 6 illustrates that using the plugin namespace may be useful in limiting naming conflicts between, for example, unrelated developers. For example, if two developers want a plugin to install agents in different ways, the two developers may each name the plugin “AgentInstaller” with a plugin version “1.0.0,” but there would not be a naming conflict because each plugin (“AgentInstaller”) would reside in a different plugin namespace (e.g., “Entity1” and “Application2”). -
FIG. 7 implements an example schema of functions file 700 that may be used by the examplecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 to determine the capabilities provided by theexample plugin 130 ofFIGS. 1A and/or 1B . In some examples, the example schema of functions file 700 may be included in the plugin package 128 (e.g., provided as the example schema of functions 126) and/or generated by theexample plugin 130 in response to a request by the example plugins monitor 245 ofFIG. 2 . The example schema of functions file 700 includes a capabilities identifier that identifies the class to which the capabilities belong, and the one or more attachment(s) needed to perform the capability. - The example schema of functions file 700 of
FIG. 7 includes an examplecapabilities definition section 705 that provides thecapability identifier 138 and the argument(s) 140 needed to execute the corresponding capability. The examplecapabilities definition section 705 includes afirst line 710 that defines the class to which the capabilities in thecapabilities definition section 705 belong. For example, in the illustrated example, the capabilities are included in a class identified by the class namespace (“Application1”), the class name (“AgentInstaller”) and the version number (“1.0.0”). - In the illustrated example, the class identified in the example first line 710 (e.g., “Application1/ AgentInstaller/ 1.0.0”) includes two capabilities (e.g.,
example capabilities sections 715, 730). For example, asecond example line 720 indicates the first capability name (e.g., “installRpm”) and athird example line 725 indicates the argument(s) required to execute the corresponding capability (e.g., a “string” data type value for an “rpmAttachmentName” variable). An examplefifth example line 735 indicates the second capability (e.g., “uninstallRpm”) and asixth example line 740 indicates the arguments required to execute the second capability (e.g., a “string” data type value for an “rpmName” variable). -
FIG. 8 illustrates an example data table 800 that may be employed by the examplecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 to store capability-plugin mappings. For example, the example plugins monitor 245 ofFIG. 2 may record thecapability identifier 138 and theplugin identifier 132 corresponding to theplugin 130 to execute the capability. In the illustrated example ofFIG. 8 , thecapability identifiers 138 include an example class namespace, an example class name, an example class version number and an example capability name. Theplugin identifiers 132 ofFIG. 8 include an example plugin namespace, an example plugin name and an example plugin version number. The example data table 800 may be utilized by the examplecapabilities management agent 118 to determine the plugin 130 (e.g., based on the corresponding plugin identifier 132) associated with the respective capabilities. For example, in response to identifying a capability to perform, the examplecapabilities management agent 118 may use the capability-plugin mappings of the data table 800 to determine the plugin identifier corresponding to the plugin to perform the capability. - The example data table 800 includes an example class
namespace identifier column 805, an example classname identifier column 810, an example classversion identifier column 815, an examplecapability identifier column 820, an example pluginnamespace identifier column 825, an example pluginname identifier column 830 and an example pluginversion identifier column 835. In the illustrated example, the examplecapability identifier columns capability identifier 138. In addition, the exampleplugin identifier columns plugin identifier 132. - In the illustrated example of
FIG. 8 , the example classnamespace identifier column 805 and theplugin namespace identifier 825 may identify the developers of the capabilities and/or theplugin 130, and/or the application that installs theplugin 130. The example classname identifier column 810 identifies a name for the class. The example classversion identifier column 815 identifies a version number corresponding to the class. The examplecapability identifier column 820 identifies the capability name. The example pluginname identifier column 830 indicates the name of theplugin 130. The example pluginversion identifier column 835 indicates a version number of theplugin 130. However, any other columns representing any other conditions and/or characteristics of the capability and/or theplugin 130 may additionally or alternatively be used. Moreover, the example column(s) of the example data table 800 may be implemented in any other fashion (e.g., using a different data structure). - The example data table 800 of the illustrated example of
FIG. 8 includes threeexample rows example catalog 250 ofFIG. 2 . The examplefirst row 850 indicates that the “Entity1/ AppAgent/ 1.0.0/ installRpm” capability maps to the “Entity1/ AgentInstaller/ 1.0.0” plugin. That is, the examplefirst row 850 indicates that the “Entity1/ AgentInstaller/ 1.0.0” plugin performs the “Entity1/ AppAgent/ 1.0.0/ installRpm” capability. - The example
second row 855 indicates that the “Entity1/ AppAgent/ 1.0.0/ uninstallRpm” capability maps to the “Entity1/ AgentInstaller/ 1.0.0” plugin. That is, the examplesecond row 855 indicates that the “Entity1/ AgentInstaller/ 1.0.0” plugin performs the “Entity1/ AppAgent/ 1.0.0/ uninstallRpm” capability. - The example
third row 860 indicates that the “Application2/ MonitorAgent/ 1.0.0/ SLACheck” capability maps to the “Application2/ LatencyMonitor/ 1.3.5” plugin. That is, the examplethird row 860 indicates that the “Application2/ LatencyMonitor/ 1.3.5” plugin performs the “Application2/ MonitorAgent/ 1.0.0/ SLACheck” capability. - A flowchart representative of example machine readable instructions for implementing the
application 116 ofFIGS. 1A and/or 1B is shown inFIG. 9 . In this example, the machine readable instructions comprise a program for execution by a processor such as theprocessor 1212 shown in theexample processor platform 1200 discussed below in connection withFIG. 12 . The programs may be embodied in software stored on a tangible computer readable storage medium such as a CD-ROM, a floppy disk, a hard drive, a digital versatile disk (DVD), a Blu-ray disk, or a memory associated with theprocessor 1212, but the entire program and/or parts thereof could alternatively be executed by a device other than theprocessor 1212 and/or embodied in firmware or dedicated hardware. Further, although the example programs are described with reference to the flowcharts illustrated inFIG. 9 , many other methods of implementing theexample application 116 may alternatively be used. For example, the order of execution of the blocks may be changed, and/or some of the blocks described may be changed, eliminated, or combined. -
FIG. 9 is a flowchart representative of example machine-readable instructions 900 that may be executed to implement theexample application 116 ofFIGS. 1A and/or 1B . Theexample instructions 900 of the illustrated example ofFIG. 9 begin atblock 902 when theapplication 116 retrieves the catalog ofcapabilities 250. For example, theexample agent installer 120 may request the examplecapabilities management agent 118 provide the example catalog ofcapabilities 250. Theexample agent installer 120 may retrieve the catalog ofcapabilities 250 periodically (e.g., once a minute, once an hour, etc.), aperiodically (e.g., in response to thecapabilities management agent 118 detecting a change in the catalog of capabilities 250) and/or as a one-time event (e.g., upon establishing connection with the capabilities management agent 118). - At
block 904, theexample agent installer 120 compares the catalog ofcapabilities 250, which represents the set of capabilities available at thecapabilities management agent 118, to the example schema offunctions 126, which represents the set of capabilities performed by theapplication 116. If, atblock 906, theexample agent installer 120 determined that the catalog ofcapabilities 250 does not include the functions included in the schema of functions 126 (e.g., that thecapabilities management agent 118 is unable to execute the capabilities performed by the application 116), then, atblock 908, theagent installer 120 provides the functionality to thecapabilities management agent 118. For example, theagent installer 120 may retrieve theexample plugin package 128 from theexample data store 124 to transmit theexample plugin package 128 to thecapabilities management agent 118. - At
block 910, theexample application 116 determines whether to invoke a capability at thecapabilities management agent 118. For example, theagent controller 122 may instruct thecapabilities management agent 118 to execute a monitoring operation. If, atblock 910, theexample agent controller 122 determined not to invoke a capability, control returns to block 902 to retrieve the catalog ofcapabilities 250. - If, at
block 910, theexample agent controller 122 determined to invoke a capability at thecapabilities management agent 118, then, atblock 912, theagent controller 122 transmits arequest 136 to thecapabilities management agent 118 to invoke a capability. For example, theagent controller 122 may provide thecapabilities management agent 118 the capability identifier 138 (e.g., a class namespace, a class name, a class version and/or a capability name) and the argument(s) 140 to execute the corresponding capability. Control then returns to block 902 to retrieve the catalog ofcapabilities 250. - Flowcharts representative of example machine readable instructions for implementing the
capabilities management agent 118 ofFIGS. 1A, 1B and/or 2 are shown inFIGS. 10 and/or 11 . In these examples, the machine readable instructions comprise a program for execution by a processor such as theprocessor 1312 shown in theexample processor platform 1300 discussed below in connection withFIG. 13 . The programs may be embodied in software stored on a tangible computer readable storage medium such as a CD-ROM, a floppy disk, a hard drive, a digital versatile disk (DVD), a Blu-ray disk, or a memory associated with theprocessor 1312, but the entire program and/or parts thereof could alternatively be executed by a device other than theprocessor 1312 and/or embodied in firmware or dedicated hardware. Further, although the example programs are described with reference to the flowcharts illustrated inFIGS. 10 and/or 11 , many other methods of implementing the examplecapabilities management agent 118 may alternatively be used. For example, the order of execution of the blocks may be changed, and/or some of the blocks described may be changed, eliminated, or combined. - As mentioned above, the example processes of
FIG. 9 and/orFIGS. 10 and/or 11 may be implemented using coded instructions (e.g., computer and/or machine readable instructions) stored on a tangible computer readable storage medium such as a hard disk drive, a flash memory, a read-only memory (ROM), a compact disk (CD), a digital versatile disk (DVD), a cache, a random-access memory (RAM) and/or any other storage device or storage disk in which information is stored for any duration (e.g., for extended time periods, permanently, for brief instances, for temporarily buffering, and/or for caching of the information). As used herein, the term tangible computer readable storage medium is expressly defined to include any type of computer readable storage device and/or storage disk and to exclude propagating signals and to exclude transmission media. As used herein, “tangible computer readable storage medium” and “tangible machine readable storage medium” are used interchangeably. Additionally or alternatively, the example processes ofFIG. 9 and/orFIGS. 10 and/or 11 may be implemented using coded instructions (e.g., computer and/or machine readable instructions) stored on a non-transitory computer and/or machine readable medium such as a hard disk drive, a flash memory, a read-only memory, a compact disk, a digital versatile disk, a cache, a random-access memory and/or any other storage device or storage disk in which information is stored for any duration (e.g., for extended time periods, permanently, for brief instances, for temporarily buffering, and/or for caching of the information). As used herein, the term non-transitory computer readable medium is expressly defined to include any type of computer readable storage device and/or storage disk and to exclude propagating signals and to exclude transmission media. As used herein, when the phrase “at least” is used as the transition term in a preamble of a claim, it is open-ended in the same manner as the term “comprising” is open ended. “Comprising” and all other variants of “comprise” are expressly defined to be open-ended terms. “Including” and all other variants of “include” are also defined to be open-ended terms. In contrast, the term “consisting” and/or other forms of “consist” are defined to be close-ended terms. -
FIG. 10 is a flowchart representative of example machine-readable instructions 1000 that may be executed to implement the examplecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 to add capabilities available to the example virtual machine(s) 110 in thecomputing environment 100. Theexample instructions 1000 of the illustrated example ofFIG. 10 begin atblock 1002 when thecapabilities management agent 118 receives theexample plugin package 128 from theexample application 116. For example, theexample communications interface 205 may receive, using AMQP communications, theplugin package 128 including theexample plugin 130, theexample plugin identifier 132 and theexample plugin invoker 134. Atblock 1004, thesecurity engine 210 attempts to validate theplugin package 128. For example, thesecurity engine 210 may utilize CMS standards to validate and decrypt theplugin package 128. If, atblock 1006, thesecurity engine 210 determined it was unable to validate theplugin package 128, theexample program 1000 ofFIG. 10 ends. In some examples, thesecurity engine 210 may attempt to validate theplugin package 128 until a time-out event is detected or a threshold number of incorrect attempts is satisfied. - If, at
block 1006, thesecurity engine 210 was able to validate theplugin package 128, then, atblock 1008, theexample package unpacker 215 unpacks theplugin package 128. For example, thepackage unpacker 215 may execute an install script included in theplugin package 128 by theapplication 116. Atblock 1010, theexample plugin registrar 220 registers theplugin 130. For example, theplugin registrar 220 may store theplugin 130 in theexample plugins repository 225 and theexample plugin invoker 134 in theexample invokers repository 235. Theexample plugin registrar 220 also logs theplugin identifier 132 and thecorresponding invoker identifier 135 in the example pluginsinventory 230. - At
block 1012, the example plugins monitor 245 retrieves the example schema offunctions 126 from theplugin 130. For example, in response to detecting a change in theplugins inventory 235, the plugins monitor 245 may query theplugin 130 for the schema of functions 126 (e.g., by calling the plugin invoker 134). Atblock 1014, the example plugins monitor 245 updates the example catalog ofcapabilities 250 to include the returned set of functions (e.g., the functions included in the schema of functions 126). In some examples, theplugin 130 records the schema offunctions 126 in the catalog ofcapabilities 250. Atblock 1016, the example plugins monitor 245 determines whether to publish the updated catalog ofcapabilities 250. For example, thecapabilities management agent 118 may provide the catalog ofcapabilities 250 to the application(s) 116 when the plugins monitor 245 detects a change in the catalog ofcapabilities 250. If, atblock 1016, the example plugins monitor 245 determined not to publish the updated catalog ofcapabilities 250, theexample program 1000 ofFIG. 10 ends. - If, at
block 1016, the example plugins monitor 245 determined to publish the updated catalog ofcapabilities 250, then atblock 1018, theexample security engine 210 encrypts a message including the updated catalog ofcapabilities 250 for transmitting to the example application(s) 116. For example, thesecurity engine 210 may encrypt the message using the CMS standard for protecting messages. Atblock 1020, the examplecapabilities management agent 118 transmits the encrypted message. For example, theexample communications interface 205 may transmit the encrypted message to the application(s) 116 using AMQP communications. Theexample program 1000 ofFIG. 10 ends. -
FIG. 11 is a flowchart representative of example machine-readable instructions 1100 that may be executed to implement the examplecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 to execute a capability available to the example virtual machine(s) 110 in thecomputing environment 100. Theexample instructions 1100 of the illustrated example ofFIG. 11 begin atblock 1102 when thecapabilities management agent 118 receives theexample request 136 from theapplication 116. For example, theexample communications interface 205 may receive, using AMQP communications, the request including theexample capability identifier 138 and the example argument(s) 140. Atblock 1104, thesecurity engine 210 attempts to validate therequest 136. For example, thesecurity engine 210 may utilize CMS standards to validate and decrypt the request. If, atblock 1106, thesecurity engine 210 determined it was unable to validate therequest 136, theexample program 1100 ofFIG. 11 ends. In some examples, thesecurity engine 210 may attempt to validate therequest 136 until a time-out event is detected or a threshold number of incorrect attempts is satisfied. - If, at
block 1106, thesecurity engine 210 was able to validate therequest 136, then, atblock 1108, theexample capabilities executor 225 identifies the capability in the catalog ofcapabilities 250. For example, thecapabilities executor 225 may parse the example catalog ofcapabilities 250 using thecapability identifier 138 included in therequest 136. Atblock 1110, theexample capabilities executor 225 determines theplugin 130 to execute the capability. For example, thecapabilities executor 225 may map thecapability identifier 138 to aplugin identifier 132. - At
block 1112, theexample capabilities executor 225 determines theplugin invoker 134 to call to execute theplugin 130. For example, thecapabilities executor 225 may use the example pluginsinventory 230 to map theplugin identifier 132 to acorresponding invoker identifier 135. Atblock 1114, theexample capabilities executor 225 calls theplugin invoker 134 to execute the capability. For example, thecapabilities executor 225 may include thecapability identifier 138 and the argument(s) 140 in the call to theplugin invoker 134 to execute the capability. In some examples, thecapabilities executor 225 may include a location in the example resultsdata store 260 to store the output of executing the capability. Theexample program 1100 ofFIG. 11 then ends. -
FIG. 12 is a block diagram of anexample processor platform 1200 capable of executing the instructions ofFIG. 9 to implement theapplication 116 ofFIGS. 1A and/or 1B . Theprocessor platform 1200 can be, for example, a server, a personal computer, or any other type of computing device. - The
processor platform 1200 of the illustrated example includes aprocessor 1212. Theprocessor 1212 of the illustrated example is hardware. For example, theprocessor 1212 can be implemented by one or more integrated circuits, logic circuits, microprocessors or controllers from any desired family or manufacturer. - The
processor 1212 of the illustrated example includes a local memory 1213 (e.g., a cache). Theprocessor 1212 of the illustrated example executes the instructions to implement theexample agent installer 120 and theexample agent controller 122. Theprocessor 1212 of the illustrated example is in communication with a main memory including avolatile memory 1214 and anon-volatile memory 1216 via abus 1218. Thevolatile memory 1214 may be implemented by Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM) and/or any other type of random access memory device. Thenon-volatile memory 1216 may be implemented by flash memory and/or any other desired type of memory device. Access to themain memory - The
processor platform 1200 of the illustrated example also includes aninterface circuit 1220. Theinterface circuit 1220 may be implemented by any type of interface standard, such as an Ethernet interface, a universal serial bus (USB), and/or a PCI express interface. - In the illustrated example, one or
more input devices 1222 are connected to theinterface circuit 1220. The input device(s) 1222 permit(s) a user to enter data and commands into theprocessor 1212. The input device(s) can be implemented by, for example, an audio sensor, a microphone, a camera (still or video), a keyboard, a button, a mouse, a touchscreen, a track-pad, a trackball, isopoint and/or a voice recognition system. - One or
more output devices 1224 are also connected to theinterface circuit 1220 of the illustrated example. Theoutput devices 1224 can be implemented, for example, by display devices (e.g., a light emitting diode (LED), an organic light emitting diode (OLED), a liquid crystal display, a cathode ray tube display (CRT), a touchscreen, a tactile output device, a printer and/or speakers). Theinterface circuit 1220 of the illustrated example, thus, typically includes a graphics driver card, a graphics driver chip or a graphics driver processor. - The
interface circuit 1220 of the illustrated example also includes a communication device such as a transmitter, a receiver, a transceiver, a modem and/or network interface card to facilitate exchange of data with external machines (e.g., computing devices of any kind) via a network 1226 (e.g., an Ethernet connection, a digital subscriber line (DSL), a telephone line, coaxial cable, a cellular telephone system, etc.). - The
processor platform 1200 of the illustrated example also includes one or moremass storage devices 1228 for storing software and/or data. Examples of suchmass storage devices 1228 include floppy disk drives, hard drive disks, compact disk drives, Blu-ray disk drives, RAID systems, and digital versatile disk (DVD) drives. Theexample mass storage 1228 implements theexample data store 124. - The coded
instructions 1232 ofFIG. 9 may be stored in themass storage device 1228, in thevolatile memory 1214, in thenon-volatile memory 1216, and/or on a removable tangible computer readable storage medium such as a CD or DVD. -
FIG. 13 is a block diagram of anexample processor platform 1300 capable of executing the instructions ofFIGS. 10 and/or 11 to implement the examplecapabilities management agent 118 ofFIGS. 1A, 1B and/or 2 . Theprocessor platform 1300 can be, for example, a server, a personal computer, or any other type of computing device. - The
processor platform 1300 of the illustrated example includes aprocessor 1312. Theprocessor 1312 of the illustrated example is hardware. For example, theprocessor 1312 can be implemented by one or more integrated circuits, logic circuits, microprocessors or controllers from any desired family or manufacturer. - The
processor 1312 of the illustrated example includes a local memory 1313 (e.g., a cache). Theprocessor 1312 of the illustrated example executes the instructions to implement theexample messaging interface 205, theexample security engine 210, theexample package unpacker 215, theexample plugins registrar 220, the example plugins monitor 245 and theexample capabilities executor 255. - The
processor 1312 of the illustrated example is in communication with a main memory including avolatile memory 1314 and anon-volatile memory 1316 via abus 1318. Thevolatile memory 1314 may be implemented by Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM) and/or any other type of random access memory device. Thenon-volatile memory 1316 may be implemented by flash memory and/or any other desired type of memory device. Access to themain memory - The
processor platform 1300 of the illustrated example also includes aninterface circuit 1320. Theinterface circuit 1320 may be implemented by any type of interface standard, such as an Ethernet interface, a universal serial bus (USB), and/or a PCI express interface. - In the illustrated example, one or
more input devices 1322 are connected to theinterface circuit 1320. The input device(s) 1322 permit(s) a user to enter data and commands into theprocessor 1312. The input device(s) can be implemented by, for example, an audio sensor, a microphone, a camera (still or video), a keyboard, a button, a mouse, a touchscreen, a track-pad, a trackball, isopoint and/or a voice recognition system. - One or
more output devices 1324 are also connected to theinterface circuit 1320 of the illustrated example. Theoutput devices 1324 can be implemented, for example, by display devices (e.g., a light emitting diode (LED), an organic light emitting diode (OLED), a liquid crystal display, a cathode ray tube display (CRT), a touchscreen, a tactile output device, a printer and/or speakers). Theinterface circuit 1320 of the illustrated example, thus, typically includes a graphics driver card, a graphics driver chip or a graphics driver processor. - The
interface circuit 1320 of the illustrated example also includes a communication device such as a transmitter, a receiver, a transceiver, a modem and/or network interface card to facilitate exchange of data with external machines (e.g., computing devices of any kind) via a network 1326 (e.g., an Ethernet connection, a digital subscriber line (DSL), a telephone line, coaxial cable, a cellular telephone system, etc.). - The
processor platform 1300 of the illustrated example also includes one or moremass storage devices 1328 for storing software and/or data. Examples of suchmass storage devices 1328 include floppy disk drives, hard drive disks, compact disk drives, Blu-ray disk drives, RAID systems, and digital versatile disk (DVD) drives. Theexample mass storage 1328 implements theexample plugins repository 225, the example pluginsinventory 230, theexample invokers repository 235, theexample catalog 250 and the example resultsdata store 260. - The coded
instructions 1332 ofFIGS. 10 and/or 11 may be stored in themass storage device 1328, in thevolatile memory 1314, in thenon-volatile memory 1316, and/or on a removable tangible computer readable storage medium such as a CD or DVD. - From the foregoing, it will be appreciated that the above disclosed methods, apparatus and articles of manufacture provide a common agents framework for managing capabilities available at assets in computing environments.
- The disclosed methods, apparatus and articles of manufacture facilitate maintaining a catalog of capabilities available at an asset. For example, a capabilities management agent installed at the asset may determine tasks that may be performed at the asset based on plugin(s) loaded at the asset. In addition, the disclosed methods, apparatus and articles of manufacture update the catalog of capabilities when a new plugin is added or detected. For example, the example capabilities management agent may retrieve a set of capabilities that may be performed by the new plugin. In some examples, the disclosed methods, apparatus and articles of manufacture reduce computing resources by maintaining a catalog of capabilities at the respective assets in the computing environment, which enables reducing the number of plugins installed at the assets, and reducing the number of plugins performing redundant capabilities at the assets. In some examples, the disclosed methods apparatus and articles of manufacture reduce usage of computing resources by utilizing standard formats for providing the catalog of capabilities and for storing the output of performing the respective capabilities, which facilitates different applications accessing the results rather than re-executing the capabilities. In some examples, the disclosed methods apparatus and articles of manufacture reduce usage of computing resources by enabling plugins to utilize plugin invokers, which facilitates support of plugins written in a variety of languages.
- Furthermore, the example common agent framework disclosed herein is extensible. As described above, the example common agent framework disclosed herein includes a communication interface, a management agent and one or more plugins installed at an asset. The communication interface can be extended to use a Rabbit AMQP Broker, a ZeroMQ (socket-based) communications, REST, etc. The management agent facilitates extending by supporting additional scripts, libraries, decompression tools, etc. In addition, the management agent can support new plugins, thereby increasing the capabilities available for performing at the asset, but also conserving resources allocated to the asset by not installing redundant capabilities.
- Although certain example methods, apparatus and articles of manufacture have been disclosed herein, the scope of coverage of this patent is not limited thereto. On the contrary, this patent covers all methods, apparatus and articles of manufacture fairly falling within the scope of the claims of this patent.
Claims (21)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/994,653 US20180276009A1 (en) | 2015-08-11 | 2018-05-31 | Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/824,049 US10007534B2 (en) | 2015-08-11 | 2015-08-11 | Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework |
US15/994,653 US20180276009A1 (en) | 2015-08-11 | 2018-05-31 | Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/824,049 Continuation US10007534B2 (en) | 2015-08-11 | 2015-08-11 | Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework |
Publications (1)
Publication Number | Publication Date |
---|---|
US20180276009A1 true US20180276009A1 (en) | 2018-09-27 |
Family
ID=57995407
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/824,049 Active 2036-01-28 US10007534B2 (en) | 2015-08-11 | 2015-08-11 | Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework |
US15/994,653 Pending US20180276009A1 (en) | 2015-08-11 | 2018-05-31 | Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/824,049 Active 2036-01-28 US10007534B2 (en) | 2015-08-11 | 2015-08-11 | Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework |
Country Status (1)
Country | Link |
---|---|
US (2) | US10007534B2 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20200384644A1 (en) * | 2019-06-10 | 2020-12-10 | Argos Labs Inc. | Systems and Methods for Robotic Process Automation |
US11418417B2 (en) * | 2020-12-21 | 2022-08-16 | Red Hat, Inc. | Managing stateful workloads executing on temporarily available resources of a cloud computing system |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP6468293B2 (en) * | 2015-01-22 | 2019-02-13 | 富士通株式会社 | Application function expansion method, application function expansion program, and application function expansion apparatus |
US11423023B2 (en) * | 2015-06-05 | 2022-08-23 | Apple Inc. | Systems and methods for providing improved search functionality on a client device |
US10769184B2 (en) | 2015-06-05 | 2020-09-08 | Apple Inc. | Systems and methods for providing improved search functionality on a client device |
US10379889B2 (en) * | 2015-06-15 | 2019-08-13 | Microsoft Technology Licensing, Llc | Monitoring and reporting performance of collaboration services using a monitoring service native to the collaboration service |
US10001981B2 (en) * | 2016-05-26 | 2018-06-19 | At&T Intellectual Property I, L.P. | Autonomous server installation |
US10742629B2 (en) * | 2017-02-28 | 2020-08-11 | International Business Machines Corporation | Efficient cloud resource protection |
US10902152B2 (en) * | 2017-06-30 | 2021-01-26 | Oracle International Corporation | Restricting plug-in application recipes |
US11093518B1 (en) | 2017-09-23 | 2021-08-17 | Splunk Inc. | Information technology networked entity monitoring with dynamic metric and threshold selection |
US11159397B2 (en) * | 2017-09-25 | 2021-10-26 | Splunk Inc. | Lower-tier application deployment for higher-tier system data monitoring |
GB201717251D0 (en) * | 2017-10-20 | 2017-12-06 | Palantir Technologies Inc | Serving assets in a networked environment |
US10649881B2 (en) * | 2018-08-29 | 2020-05-12 | Vmware, Inc. | Determining compliance of software applications to compliance standards based on mapped application capabilities |
US11080083B1 (en) * | 2019-08-28 | 2021-08-03 | Juniper Networks, Inc. | Providing physical host hardware state information to virtual machines deployed on the physical host |
US11301583B2 (en) * | 2019-10-09 | 2022-04-12 | Mastercard International Incorporated | Method and system for protection of customer PII via cryptographic tokens |
US20220197680A1 (en) * | 2020-12-21 | 2022-06-23 | International Business Machines Corporation | Integrated authentication for container-based environment |
US11676072B1 (en) | 2021-01-29 | 2023-06-13 | Splunk Inc. | Interface for incorporating user feedback into training of clustering model |
US11841731B2 (en) * | 2021-09-24 | 2023-12-12 | Sap Se | Cloud plugin for legacy on-premise application |
US11922163B2 (en) | 2021-09-24 | 2024-03-05 | Sap Se | Cloud version management for legacy on-premise application |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1249981A1 (en) * | 2001-04-02 | 2002-10-16 | NuMeme Limited | A security service system and method |
US7483978B2 (en) * | 2006-05-15 | 2009-01-27 | Computer Associates Think, Inc. | Providing a unified user interface for managing a plurality of heterogeneous computing environments |
US8949788B2 (en) * | 2008-12-17 | 2015-02-03 | Red Hat, Inc. | Building and packaging software |
US10317858B2 (en) * | 2011-04-07 | 2019-06-11 | Infosys Technologies, Ltd. | Architecture and method for centrally controlling a plurality of building automation systems |
US8819817B2 (en) * | 2011-05-25 | 2014-08-26 | Apple Inc. | Methods and apparatus for blocking usage tracking |
US8893117B2 (en) * | 2012-08-10 | 2014-11-18 | Adobe Systems Incorporated | Interactive product improvement through the use of variants and data gathering reports in a system that can be updated on the fly |
US10311121B2 (en) * | 2013-01-11 | 2019-06-04 | Apple Inc. | Validation and delivery of digital assets |
JP6488687B2 (en) * | 2014-04-10 | 2019-03-27 | 富士通株式会社 | Function expansion method, function expansion program, and terminal device |
US20160188898A1 (en) * | 2014-12-31 | 2016-06-30 | Netapp, Inc. | Methods and systems for role based access control in networked storage environment |
-
2015
- 2015-08-11 US US14/824,049 patent/US10007534B2/en active Active
-
2018
- 2018-05-31 US US15/994,653 patent/US20180276009A1/en active Pending
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20200384644A1 (en) * | 2019-06-10 | 2020-12-10 | Argos Labs Inc. | Systems and Methods for Robotic Process Automation |
US11389960B2 (en) * | 2019-06-10 | 2022-07-19 | Argos Labs Inc. | Systems and methods for robotic process automation |
US11667033B2 (en) * | 2019-06-10 | 2023-06-06 | Argos Labs Inc. | Systems and methods for robotic process automation |
US11418417B2 (en) * | 2020-12-21 | 2022-08-16 | Red Hat, Inc. | Managing stateful workloads executing on temporarily available resources of a cloud computing system |
Also Published As
Publication number | Publication date |
---|---|
US10007534B2 (en) | 2018-06-26 |
US20170046181A1 (en) | 2017-02-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10007534B2 (en) | Methods and apparatus to manage asset capabilities in a computing environment using a common agent framework | |
US9852001B2 (en) | Compliance-based adaptations in managed virtual systems | |
US9563460B2 (en) | Enforcement of compliance policies in managed virtual systems | |
US9477520B2 (en) | Registering and accessing virtual systems for use in a managed system | |
US9710482B2 (en) | Enforcement of compliance policies in managed virtual systems | |
EP2546743B1 (en) | Control and management of virtual systems | |
US8839246B2 (en) | Automatic optimization for virtual systems | |
US8850433B2 (en) | Compliance-based adaptations in managed virtual systems | |
US8949826B2 (en) | Control and management of virtual systems | |
US9038062B2 (en) | Registering and accessing virtual systems for use in a managed system | |
US8612971B1 (en) | Automatic optimization for virtual systems | |
US10101915B2 (en) | Methods and apparatus to manage inter-virtual disk relations in a modularized virtualization topology using virtual hard disks | |
US20160378676A1 (en) | Methods and apparatus to re-direct detected access requests in a modularized virtualization topology using virtual hard disks | |
US9804789B2 (en) | Methods and apparatus to apply a modularized virtualization topology using virtual hard disks | |
US10126983B2 (en) | Methods and apparatus to enforce life cycle rules in a modularized virtualization topology using virtual hard disks | |
Agrawal | Docker Overview And Kubernetes Best Practices |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION COUNTED, NOT YET MAILED Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: ADVISORY ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |