최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0245089 (2016-08-23) |
등록번호 | US-9992086 (2018-06-05) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 12 인용 특허 : 467 |
Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an externa
Systems and methods are described to enable health checking of computing devices within a virtual private cloud (VPC) networking environment, without requiring that the devices be accessible via a public network address. An endpoint is placed within the VPC, which enables interaction with an external health checking system via a substrate network. The endpoint handles communications between the heath checking system and the VPC, and can modify data originating from the health checking system such that it appears to originate from the endpoint. Thus, from the viewpoint of the VPC, the endpoint itself may appear to be conducting health checking. Thus, external health checking can be used on a VPC without compromising the security of the VPC by requiring that a portion of the VPC be externally addressable.
1. A system for verifying functionality of computing devices within a virtual private cloud network environment (VPC), wherein the VPC includes one or more virtual computing devices arranged within a virtualized local area network, the virtualized local area network generated by a substrate network
1. A system for verifying functionality of computing devices within a virtual private cloud network environment (VPC), wherein the VPC includes one or more virtual computing devices arranged within a virtualized local area network, the virtualized local area network generated by a substrate network hosting the VPC, the system comprising: at least one first computing device implementing a health check system, wherein the health check system is external to the VPC and is configured with computer-executable instructions to: generate health check data for transmission to a target virtual computing device within the VPC, wherein the health check data is generated to elicit an expected response from the target virtual computing device;associate the health check data with an identifier of the VPC; andtransmit the health check data and associated identifier to a communications manager in communication with the health checking system and the VPC;at least one second computing device implementing the communications manager, wherein the communications manager is external to the VPC and is configured with computer-executable instructions to: obtain the health check data from the health check system;determine, from at least the identifier of the VPC, a network address of the substrate network that is assigned to an endpoint of the VPC; andtransmit the health check data to the endpoint and;at least one third computing device implementing the endpoint of the VPC, wherein the endpoint is configured with computer-executable instructions to: obtain the health check data from the communications manager;transmit the health check data to the target virtual computing device within the VPC;obtain a response to the health check data; andtransmit the response to the health check system. 2. The system of claim 1, wherein the endpoint of the VPC is further configured with the computer-executable instructions to modify the health check data to designate the endpoint of the VPC as a source of the health check data. 3. The system of claim 1, wherein the target virtual computing device is identified by a private domain name within the VPC, wherein the health check system is further configured with the computer-executable instructions to transmit a request to resolve the private domain name to the endpoint via the communications manager, and wherein the endpoint is further configured to: transmit the request to a domain name system (DNS) server associated with the VPC;obtain a response to the request, the response indicating a network address of the target virtual computing device; andreturn the network address to the health check system. 4. The system of claim 1, wherein the target virtual computing device is not associated with a publically accessible network address on the substrate network. 5. The system of claim 1, wherein the response is at least one of the expected response, a response other than the expected response, or a notification that no response has been received from the target virtual computing device. 6. A computer-implemented method for verifying functionality of computing devices within a virtual private cloud network environment (VPC), wherein the VPC includes one or more computing devices arranged within a virtualized local area network, the virtualized local area network generated by a substrate network hosting the VPC, the computer-implemented method comprising: generating, at a health check system external to the VPC, health check data for transmission to a target computing device within the VPC;determining, at the health check system, an identifier of the VPC;routing, on the substrate network, the health check data from the health check system to an endpoint within the VPC, wherein the routing occurs based at least partly on the identifier of the VPC;modifying, at the endpoint, the health check data to designate the endpoint as a source of the health check data;transmitting the health check data from the endpoint to the target computing device within the VPC;obtaining, at the endpoint, a response from the target computing device; androuting the response, on the substrate network, from the endpoint to the health check system external to the VPC. 7. The computer-implemented method of claim 6, wherein the target computing device is a virtual computing device implemented by a host computing device. 8. The computer-implemented method of claim 6, wherein routing the health check data from the health check system to the endpoint within the VPC comprising: obtaining the health check data at a communications manager;determining, from the identifier of the VPC, a network address associated with the endpoint; andtransmitting the health check data to the network address associated with the endpoint. 9. The computer-implemented method of claim 6, wherein the target computing device is associated with network addresses internal to the VPC. 10. The computer-implemented method of claim 6, wherein the target computing device is identified at the health check system by a private domain name localized to the VPC, and wherein the computer-implemented method further comprises: transmitting a resolution request, including the private domain name, from the health check system to the endpoint;transmitting the resolution request from the endpoint to a domain name system (DNS) server of the VPC;obtaining a response to the resolution request at the endpoint; andreturning the response to the resolution request to the health check system. 11. The computer-implemented method of claim 6, wherein communications between the health check system and the endpoint occur via a communications manager configured to maintain a mapping between a network address of the endpoint on the substrate network and the identifier of the VPC. 12. The computer-implemented method of claim 6 further comprising: determining, at the health check system and based at least in part on the response, that the target computing device is unhealthy;transmitting from the health check system to the endpoint a notification to a domain name system (DNS) server associated with the VPC that the target computing device is unhealthy; andtransmitting the notification from the endpoint to the DNS server. 13. The computer-implemented method of claim 12, wherein the DNS server is configured to respond to the notification by removing a network address of the target computing device from DNS records of the DNS server. 14. A system for verifying functionality of computing devices within a virtual private cloud network environment (VPC), wherein the VPC includes one or more computing devices arranged within a virtualized local area network, the virtualized local area network generated by a substrate network hosting the VPC, the system comprising: one or more computing devices external to the VPC and configured with computer-executable instructions to: generate health check data for transmission to a target computing device within the VPC;route the health check data from the one or more computing devices external to the VPC to an endpoint of the VPC, wherein the routing occurs based at least partly on an identifier of the VPC;one or more computing device implementing the endpoint of the VPC, wherein one or more computing device implementing the endpoint of the VPC are configured with computer-executable instructions to: modify the health check data to designate the endpoint as a source of the health check data;transmit the health check data to the target computing device within the VPC;obtain a response from the target device; andtransmit the response to the one or more computing devices external to the VPC. 15. The system of claim 14 further comprising one or more computing devices implementing a communications manager, wherein the one or more computing devices implementing the communications manager are configured with computer-executable instructions to facilitate communications between the endpoint and the health check system at least partly by: obtaining data transmitted by the health check system, the data including an identifier of the VPC;determining a network address on the substrate network associated with the endpoint; andtransmitting the data to the network address on the substrate network associated with the endpoint. 16. The system of claim 14, wherein the target computing device is a virtual computing device implemented by a host computing device on the substrate network. 17. The system of claim 14, wherein the target computing device is associated with only network addresses internal to the VPC. 18. The system of claim 14, wherein the target computing device is identified at the health check system by a private domain name localized to the VPC, and wherein the one or more computing device implementing the endpoint of the VPC are further configured with computer-executable instructions to: obtain a request from the health check system to resolve the private domain name into a network address;transmit a request from the endpoint to a domain name system (DNS) server of the VPC;obtain a response from the DNS server of the VPC; andtransmit the response to the health check system. 19. The system of claim 14, wherein the one or more computing devices external to the VPC are further configured with computer-executable instructions to: determine, based at least in part on the response, that the target computing device is unhealthy; andtransmit a notification to the endpoint that the target computing device is unhealthy; andwherein the one or more computing device implementing the endpoint of the VPC are further configured with computer-executable instructions to transmit the notification from the endpoint to a domain name system (DNS) server of the VPC. 20. The system of claim 19, wherein the DNS server is configured to respond to the notification by altering responses of the DNS server to resolution requests associated with the target computing device.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.