Alacritty might just be the fastest cross-platform terminal emulator in existence. You can easily customize it to your liking by creating a.ymlconfig file.Alacritty doesn’t create the config file for you, but it looks for one in the following locations. For those of you who have created a project with two or more adobe programs. Here is where you hand it in. You should know the drill by now, right? Mar 28, 2020 Unfortunately, no. The tool appears because the restrictions have been applied by someone using Win Word. Those features have not yet been provided in Mac Word. Although the existence of the tool suggests that protection features eventually will be expanded, at present it merely serves notice that the file has been restricted on a Windows PC. Plan a Great Virtual Event Tips from IIDA MAC Signature Events Chair Alissa Marck August 10, 2020 / Lia Phipps I’m sure that it has not escaped our readers’ notice that the ongoing global pandemic has had a profound effect on IIDA Mid-Atlantic Chapter’s 2020 event schedule and the format of our Signature Events. Jul 04, 2020 Whereas the older Macs with Intel-based processors used x86–64 architecture. With this transition, Mac devices will be able to run apps made for iOS and iPadOS without any change to the code.
-->This article helps you configure OpenVPN ® Protocol clients.
Before you begin
Verify that you have completed the steps to configure OpenVPN for your VPN gateway. For details, see Configure OpenVPN for Azure VPN Gateway.
Windows clients
Download and install the OpenVPN client (version 2.4 or higher) from the official OpenVPN website.
Download the VPN profile for the gateway. This can be done from the Point-to-site configuration tab in the Azure portal, or 'New-AzVpnClientConfiguration' in PowerShell.
Unzip the profile. Next, open the vpnconfig.ovpn configuration file from the OpenVPN folder using Notepad.
Export the point-to-site client certificate you created and uploaded to your P2S configuration on the gateway. Use the following article links:
VPN Gateway instructions
Virtual WAN instructions
Extract the private key and the base64 thumbprint from the .pfx. There are multiple ways to do this. Using OpenSSL on your machine is one way. The profileinfo.txt file contains the private key and the thumbprint for the CA and the Client certificate. Be sure to use the thumbprint of the client certificate.
Open profileinfo.txt in Notepad. To get the thumbprint of the client (child) certificate, select the text (including and between)'-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' for the child certificate and copy it. You can identify the child certificate by looking at the subject=/ line.
Switch to the vpnconfig.ovpn file you opened in Notepad from step 3. Find the section shown below and replace everything between 'cert' and '/cert'.
Open the profileinfo.txt in Notepad. To get the private key, select the text (including and between) '-----BEGIN PRIVATE KEY-----' and '-----END PRIVATE KEY-----' and copy it.
Go back to the vpnconfig.ovpn file in Notepad and find this section. Paste the private key replacing everything between and 'key' and '/key'.
Do not change any other fields. Use the filled in configuration in client input to connect to the VPN.
Copy the vpnconfig.ovpn file to C:Program FilesOpenVPNconfig folder.
Right-click the OpenVPN icon in the system tray and click connect.
Mac clients
Download and install an OpenVPN client, such as TunnelBlick.
Download the VPN profile for the gateway. This can be done from the point-to-site configuration tab in the Azure portal, or by using 'New-AzVpnClientConfiguration' in PowerShell.
Unzip the profile. Open the vpnconfig.ovpn configuration file from the OpenVPN folder in a text editor.
Fill in the P2S client certificate section with the P2S client certificate public key in base64. In a PEM formatted certificate, you can simply open the .cer file and copy over the base64 key between the certificate headers. Use the following article links for information about how to export a certificate to get the encoded public key:
VPN Gateway instructions
Virtual WAN instructions
Fill in the private key section with the P2S client certificate private key in base64. See the Export your private key on the OpenVPN site for information about how to extract a private key.
Do not change any other fields. Use the filled in configuration in client input to connect to the VPN.
Double-click the profile file to create the profile in Tunnelblick.
Launch Tunnelblick from the applications folder.
Click on the Tunnelblick icon in the system tray and pick connect.
Important
Only iOS 11.0 and above and MacOS 10.13 and above are supported with OpenVPN protocol.
iOS clients
Install the OpenVPN client (version 2.4 or higher) from the App store.
Download the VPN profile for the gateway. This can be done from the point-to-site configuration tab in the Azure portal, or by using 'New-AzVpnClientConfiguration' in PowerShell.
Unzip the profile. Open the vpnconfig.ovpn configuration file from the OpenVPN folder in a text editor.
Fill in the P2S client certificate section with the P2S client certificate public key in base64. In a PEM formatted certificate, you can simply open the .cer file and copy over the base64 key between the certificate headers. Use the following article links for information about how to export a certificate to get the encoded public key:
VPN Gateway instructions
Virtual WAN instructions
Fill in the private key section with the P2S client certificate private key in base64. See Export your private key on the OpenVPN site for information about how to extract a private key.
Do not change any other fields.
E-mail the profile file (.ovpn) to your email account that is configured in the mail app on your iPhone.
Open the e-mail in the mail app on the iPhone, and tap the attached file
Tap on More if you do not see Copy to OpenVPN option
Tap on Copy to OpenVPN
Tap on ADD in the Import Profile page
Tap on ADD in the Imported Profile page
Launch the OpenVPN app and slide the switch in the Profile page right to connect
Linux clients
Open a new Terminal session. You can open a new session by pressing 'Ctrl + Alt + t' at the same time.
Enter the following command to install needed components:
Download the VPN profile for the gateway. This can be done from the Point-to-site configuration tab in the Azure portal.
Export the P2S client certificate you created and uploaded to your P2S configuration on the gateway. Use the following article links:
VPN Gateway instructions
Virtual WAN instructions
Extract the private key and the base64 thumbprint from the .pfx. There are multiple ways to do this. Using OpenSSL on your computer is one way.
The profileinfo.txt file will contain the private key and the thumbprint for the CA, and the Client certificate. Be sure to use the thumbprint of the client certificate.
Open profileinfo.txt in a text editor. To get the thumbprint of the client (child) certificate, select the text including and between '-----BEGIN CERTIFICATE-----' and '-----END CERTIFICATE-----' for the child certificate and copy it. You can identify the child certificate by looking at the subject=/ line.
Open the vpnconfig.ovpn file and find the section shown below. Replace everything between the and 'cert' and '/cert'.
Open the profileinfo.txt in a text editor. To get the private key, select the text including and between '-----BEGIN PRIVATE KEY-----' and '-----END PRIVATE KEY-----' and copy it.
Open the vpnconfig.ovpn file in a text editor and find this section. Paste the private key replacing everything between and 'key' and '/key'.
Do not change any other fields. Use the filled in configuration in client input to connect to the VPN.
To connect using the command line, type the following command:
To connect using the GUI, go to system settings.
Click + to add a new VPN connection.
Under Add VPN, pick Import from file…
Browse to the profile file and double-click or pick Open.
Click Add on the Add VPN window.
You can connect by turning the VPN ON on the Network Settings page, or under the network icon in the system tray.
Next steps
If you want the VPN clients to be able to access resources in another VNet, then follow the instructions on the VNet-to-VNet article to set up a vnet-to-vnet connection. Be sure to enable BGP on the gateways and the connections, otherwise traffic will not flow.
'OpenVPN' is a trademark of OpenVPN Inc.
This application claims priority to U.S. Provisional Pat. App. No. 62/584,735, filed Nov. 10, 2017, entitled “VIRTUAL MACHINE PREPROVISIONING” (Atty. Dkt. No. 403283-US-PSP). The entirety of this afore-mentioned application is incorporated herein by reference.
In some examples, a virtual machine (VM) is an emulation of a computer system that provides the functionality of a physical computer system. A host machine may create and run multiple VM instances. In some examples, VMs may be “rented” and accessed from the cloud by users. When a user wants a VM to be provisioned, in some examples, the user may have many options to choose from and particular configurations to be made for the VM, such as operating system (OS), VM size, machine name, username, password, time zone, and/or the like.
This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Briefly stated, the disclosed technology is generally directed to virtual machines. In one example of the technology, a network change from a first virtual network to a second virtual network is reconfigured for a first virtual machine that is executing on a first virtual machine host. In some examples, the reconfiguring includes the following. In some examples, in the first virtual machine host, a mapping change from the first virtual network to the second virtual network is configured by reprogramming drivers in the first virtual machine host for route mapping for the second virtual network. In some examples, a Dynamic Host Configuration Protocol (DHCP) retrigger is caused without rebooting the first virtual machine. In some examples, a configuration file is provided to the first virtual machine. In some examples, the configuration file includes user-specific networking settings. In some examples, the first virtual machine is reconfigured in accordance with the user-specific networking settings.
Other aspects of and applications for the disclosed technology will be appreciated upon reading and understanding the attached figures and description.
Non-limiting and non-exhaustive examples of the present disclosure are described with reference to the following drawings. In the drawings, like reference numerals refer to like parts throughout the various figures unless otherwise specified. These drawings are not necessarily drawn to scale.
For a better understanding of the present disclosure, reference will be made to the following Detailed Description, which is to be read in association with the accompanying drawings, in which:
FIG. 1 is a block diagram illustrating one example of a suitable environment in which aspects of the technology may be employed;
FIG. 2 is a block diagram illustrating one example of a suitable computing device according to aspects of the disclosed technology;
FIG. 3 is a block diagram illustrating an example of a system;
FIG. 4 shows a block diagram illustrating an example of the system of FIG. 3; and
FIG. 5 shows a logical flow diagram illustrating an example of a process that may be employed by an example of the virtual machine host of FIG. 3, in accordance with aspects of the present disclosure.
The following description provides specific details for a thorough understanding of, and enabling description for, various examples of the technology. One skilled in the art will understand that the technology may be practiced without many of these details. In some instances, well-known structures and functions have not been shown or described in detail to avoid unnecessarily obscuring the description of examples of the technology. It is intended that the terminology used in this disclosure be interpreted in its broadest reasonable manner, even though it is being used in conjunction with a detailed description of certain examples of the technology. Although certain terms may be emphasized below, any terminology intended to be interpreted in any restricted manner will be overtly and specifically defined as such in this Detailed Description section. Throughout the specification and claims, the following terms take at least the meanings explicitly associated herein, unless the context dictates otherwise. The meanings identified below do not necessarily limit the terms, but merely provide illustrative examples for the terms. For example, each of the terms “based on” and “based upon” is not exclusive, and is equivalent to the term “based, at least in part, on”, and includes the option of being based on additional factors, some of which may not be described herein. As another example, the term “via” is not exclusive, and is equivalent to the term “via, at least in part”, and includes the option of being via additional factors, some of which may not be described herein. The meaning of “in” includes “in” and “on.” The phrase “in one embodiment,” or “in one example,” as used herein does not necessarily refer to the same embodiment or example, although it may. Use of particular textual numeric designators does not imply the existence of lesser-valued numerical designators. For example, reciting “a widget selected from the group consisting of a third foo and a fourth bar” would not itself imply that there are at least three foo, nor that there are at least four bar, elements. References in the singular are made merely for clarity of reading and include plural references unless plural references are specifically excluded. The term “or” is an inclusive “or” operator unless specifically indicated otherwise. For example, the phrases “A or B” means “A, B, or A and B.” As used herein, the terms “component” and “system” are intended to encompass hardware, software, or various combinations of hardware and software. Accordingly, for example, a system or component may be a process, a process executing on a computing device, the computing device, or a portion thereof.
Briefly stated, the disclosed technology is generally directed to virtual machines. In one example of the technology, a network change from a first virtual network to a second virtual network is reconfigured for a first virtual machine that is executing on a first virtual machine host. In some examples, the reconfiguring includes the following. In some examples, in the first virtual machine host, a mapping change from the first virtual network to the second virtual network is configured by reprogramming drivers in the first virtual machine host for route mapping for the second virtual network. In some examples, a Dynamic Host Configuration Protocol (DHCP) retrigger is caused without rebooting the first virtual machine. In some examples, a configuration file is provided to the first virtual machine. In some examples, the configuration file includes user-specific networking settings. In some examples, the first virtual machine is reconfigured in accordance with the user-specific networking settings.
A VM, including a virtual network change for a VM, is reconfigured without rebooting the VM in some examples. In some examples, a user may wish an existing VM already used to be the VM to be reconfigured with a different virtual network. In other examples, a partially configured VM may be reconfigured. For example, partially configured VMs, which are configured in all aspects except for customer-specific settings in some examples, including being configured with a placeholder virtual network, may be pooled so that fully configured VMs, configured with a virtual network requested by the customer, may be provided more quickly upon request by reconfiguring a partially configured VM than creating a new VM from scratch.
When a VM is reconfigured, a networking manager may cause corresponding artifacts, including networking artifacts, to be created, modified, and/or reconfigured based on user-specific settings, including user-specific network settings such as the desired customer IP address, and creation of the new virtual network itself. The customer IP address may be remapped, while reusing the same MAC address and the same physical IP address of the VM prior to reconfiguration.
After the networking manager has performed its functions, and any other artifacts are modified and/or reconfigured based on user-specific settings, reconfiguration may be performed on the virtual machine host that executes the VM being reconfigured. A networking agent in the host may set up the host so that routing happens correctly based on the new virtual network. The networking agent may then cause DHCP to be retriggered without rebooting the VM.
The VM host may then create a configuration file with user-specific settings for the VM, including user-specific networking settings. The agent in the VM may then receive the configuration file, accept the user-specific settings, and apply the user-specific settings to the VM.
FIG. 1 is a diagram of environment 100 in which aspects of the technology may be practiced. As shown, environment 100 includes computing devices 110, as well as network nodes 120, connected via network 130. Even though particular components of environment 100 are shown in FIG. 1, in other examples, environment 100 can also include additional and/or different components. For example, in certain examples, the environment 100 can also include network storage devices, maintenance managers, and/or other suitable components (not shown).
As shown in FIG. 1, network 130 can include one or more network nodes 120 that interconnect multiple computing devices 110, and connect computing devices 110 to external network 140, e.g., the Internet or an intranet. For example, network nodes 120 may include switches, routers, hubs, network controllers, or other network elements. In certain examples, computing devices 110 can be organized into racks, action zones, groups, sets, or other suitable divisions. For example, in the illustrated example, computing devices 110 are grouped into three host sets identified individually as first, second, and third host sets 112a-112c. In the illustrated example, each of host sets 112a-112c is operatively coupled to a corresponding network node 120a-120c, respectively, which are commonly referred to as “top-of-rack” or “TOR” network nodes. TOR network nodes 120a-120c can then be operatively coupled to additional network nodes 120 to form a computer network in a hierarchical, flat, mesh, or other suitable types of topology that allows communication between computing devices 110 and external network 140. In other examples, multiple host sets 112a-112c may share a single network node 120. Computing devices 110 may be virtually any type of general- or specific-purpose computing device. For example, these computing devices may be user devices such as desktop computers, laptop computers, tablet computers, display devices, cameras, printers, or smartphones. However, in a data center environment, these computing devices may be server devices such as application server computers, virtual computing host computers, or file server computers. Moreover, computing devices 110 may be individually configured to provide computing, storage, and/or other suitable computing services.
FIG. 2 is a diagram illustrating one example of computing device 200 in which aspects of the technology may be practiced. Computing device 200 may be virtually any type of general- or specific-purpose computing device. For example, computing device 200 may be a user device such as a desktop computer, a laptop computer, a tablet computer, a display device, a camera, a printer, or a smartphone. Likewise, computing device 200 may also be server device such as an application server computer, a virtual computing host computer, or a file server computer, e.g., computing device 200 may be an example of computing device 110 or network node 120 of FIG. 1. Likewise, computer device 200 may be an example any of the devices illustrated in FIG. 5, as discussed in greater detail below. As illustrated in FIG. 2, computing device 200 includes processing circuit 210, operating memory 220, memory controller 230, data storage memory 250, input interface 260, output interface 270, and network adapter 280. Each of these afore-listed components of computing device 200 includes at least one hardware element.
Computing device 200 includes at least one processing circuit 210 configured to execute instructions, such as instructions for implementing the herein-described workloads, processes, or technology. Processing circuit 210 may include a microprocessor, a microcontroller, a graphics processor, a coprocessor, a field programmable gate array, a programmable logic device, a signal processor, or any other circuit suitable for processing data. The aforementioned instructions, along with other data (e.g., datasets, metadata, operating system instructions, etc.), may be stored in operating memory 220 during run-time of computing device 200. Operating memory 220 may also include any of a variety of data storage devices/components, such as volatile memories, semi-volatile memories, random access memories, static memories, caches, buffers, or other media used to store run-time information. In one example, operating memory 220 does not retain information when computing device 200 is powered off. Rather, computing device 200 may be configured to transfer instructions from a non-volatile data storage component (e.g., data storage component 250) to operating memory 220 as part of a booting or other loading process.
Operating memory 220 may include 4th generation double data rate (DDR4) memory, 3rd generation double data rate (DDR3) memory, other dynamic random access memory (DRAM), High Bandwidth Memory (HBM), Hybrid Memory Cube memory, 3D-stacked memory, static random access memory (SRAM), or other memory, and such memory may comprise one or more memory circuits integrated onto a DIMM, SIMM, SODIMM, or other packaging. Such operating memory modules or devices may be organized according to channels, ranks, and banks. For example, operating memory devices may be coupled to processing circuit 210 via memory controller 230 in channels. One example of computing device 200 may include one or two DIMMs per channel, with one or two ranks per channel. Operating memory within a rank may operate with a shared clock, and shared address and command bus. Also, an operating memory device may be organized into several banks where a bank can be thought of as an array addressed by row and column. Based on such an organization of operating memory, physical addresses within the operating memory may be referred to by a tuple of channel, rank, bank, row, and column.
Despite the above-discussion, operating memory 220 specifically does not include or encompass communications media, any communications medium, or any signals per se.
Memory controller 230 is configured to interface processing circuit 210 to operating memory 220. For example, memory controller 230 may be configured to interface commands, addresses, and data between operating memory 220 and processing circuit 210. Memory controller 230 may also be configured to abstract or otherwise manage certain aspects of memory management from or for processing circuit 210. Although memory controller 230 is illustrated as single memory controller separate from processing circuit 210, in other examples, multiple memory controllers may be employed, memory controller(s) may be integrated with operating memory 220, or the like. Further, memory controller(s) may be integrated into processing circuit 210. These and other variations are possible.
In computing device 200, data storage memory 250, input interface 260, output interface 270, and network adapter 280 are interfaced to processing circuit 210 by bus 240. Although, FIG. 2 illustrates bus 240 as a single passive bus, other configurations, such as a collection of buses, a collection of point to point links, an input/output controller, a bridge, other interface circuitry, or any collection thereof may also be suitably employed for interfacing data storage memory 250, input interface 260, output interface 270, or network adapter 280 to processing circuit 210.
In computing device 200, data storage memory 250 is employed for long-term non-volatile data storage. Data storage memory 250 may include any of a variety of non-volatile data storage devices/components, such as non-volatile memories, disks, disk drives, hard drives, solid-state drives, or any other media that can be used for the non-volatile storage of information. However, data storage memory 250 specifically does not include or encompass communications media, any communications medium, or any signals per se. In contrast to operating memory 220, data storage memory 250 is employed by computing device 200 for non-volatile long-term data storage, instead of for run-time data storage.
Also, computing device 200 may include or be coupled to any type of processor-readable media such as processor-readable storage media (e.g., operating memory 220 and data storage memory 250) and communication media (e.g., communication signals and radio waves). While the term processor-readable storage media includes operating memory 220 and data storage memory 250, the term “processor-readable storage medium,” throughout the specification and the claims whether used in the singular or the plural, is defined herein so that the term “processor-readable storage medium” specifically excludes and does not encompass communications media, any communications medium, or any signals per se. However, the term “processor-readable storage medium” does encompass processor cache, Random Access Memory (RAM), register memory, and/or the like.
Computing device 200 also includes input interface 260, which may be configured to enable computing device 200 to receive input from users or from other devices. In addition, computing device 200 includes output interface 270, which may be configured to provide output from computing device 200. In one example, output interface 270 includes a frame buffer, graphics processor, graphics processor or accelerator, and is configured to render displays for presentation on a separate visual display device (such as a monitor, projector, virtual computing client computer, etc.). In another example, output interface 270 includes a visual display device and is configured to render and present displays for viewing.
In the illustrated example, computing device 200 is configured to communicate with other computing devices or entities via network adapter 280. Network adapter 280 may include a wired network adapter, e.g., an Ethernet adapter, a Token Ring adapter, or a Digital Subscriber Line (DSL) adapter. Network adapter 280 may also include a wireless network adapter, for example, a Wi-Fi adapter, a Bluetooth adapter, a ZigBee adapter, a Long-Term Evolution (LTE) adapter, or a 5G adapter.
Although computing device 200 is illustrated with certain components configured in a particular arrangement, these components and arrangement are merely one example of a computing device in which the technology may be employed. In other examples, data storage memory 250, input interface 260, output interface 270, or network adapter 280 may be directly coupled to processing circuit 210, or be coupled to processing circuit 210 via an input/output controller, a bridge, or other interface circuitry. Other variations of the technology are possible.
Some examples of computing device 200 include at least one storage memory (e.g. data storage memory 250), at least one operating memory (e.g., operating memory 220) and at least one processor (e.g., processing unit 210) that are respectively adapted to store and execute processor-executable code that, in response to execution, enables computing device 200 to perform actions, such as, in some examples, the actions of process 490 of FIG. 4, as discussed in greater detail below.
FIG. 3 is a block diagram illustrating an example of a system (300). System 300 may include network 330, as well as resource manager 341, VM pool manager 342, compute manager 343, storage manager 344, networking manager 345, and virtual machine host 351, which all may connect to network 330.
Resource manger 341 may be configured to communicate with customers, including receiving customer requests, and to coordinate actions based on customer requests. Resource manager 341 may also be configured to coordinate other high-level functions associated with VM management. In some examples, compute manager 343 manages the compute aspects of VMs, storage manager 344 manages the storage aspect of VMs, and networking manager 345 manages the networking aspect of VMs. In some examples, compute manager 343 also orchestrates management of other resources, including networking resources and storage resources, not just compute resources. In some examples, virtual machine host 351 is configured to create and run VMs, responsive to control from, inter alia, compute manager 343.
In some examples, VM pool manager 342 is configured to manage a pool of partially provisioned VMs. The partially provisioned VMs may be booted and configured except with respect to customer-specific settings. In some examples, some properties cannot be configured without reboot of a VM or recreating the VM, such as VM size, OS type, storage type, and/or the like. VM pool manager 342 may manage keeping a suitable number of each combination of partially configured VMs that may be needed.
Network 330 may include one or more computer networks, including wired and/or wireless networks, where each network may be, for example, a wireless network, local area network (LAN), a wide-area network (WAN), and/or a global network such as the Internet. On an interconnected set of LANs, including those based on differing architectures and protocols, a router acts as a link between LANs, enabling messages to be sent from one to another. Also, communication links within LANs typically include twisted wire pair or coaxial cable, while communication links between networks may utilize analog telephone lines, full or fractional dedicated digital lines including T1, T2, T3, and T4, Integrated Services Digital Networks (ISDNs), Digital Subscriber Lines (DSLs), wireless links including satellite links, or other communications links known to those skilled in the art. Furthermore, remote computers and other related electronic devices could be remotely connected to either LANs or WANs via a modem and temporary telephone link. Network 330 may include various other networks such as one or more networks using local network protocols such as 6LoWPAN, ZigBee, or the like. In essence, network 330 includes any communication technology by which information may travel between resource manager 341, VM pool manager 342, compute manager 343, storage manager 344, and virtual machine host 351. Although each device or service is shown connected as connected to network 330, that does not mean that each device communicates with each other device shown. In some examples, some devices/services shown only communicate with some other devices/services shown via one or more intermediary devices. Also, although network 330 is illustrated as one network, in some examples, network 330 may instead include multiple networks that may or may not be connected with each other, with some of the devices shown communicating with each other through one network of the multiple networks and other of the devices shown communicating with each other with a different network of the multiple networks.
FIG. 4 is a block diagram illustrating an example of a system (400), which may be employed as an example of system 300 of FIG. 3. System 400 may include resource manager 441, VM pool manager 442, compute manager 443, storage manager 444, networking manager 445, and virtual machine host 451. Although only one virtual machine host is shown in FIG. 4, some examples may include a large number of virtual machine hosts.
In various some virtualization environments, a VM (such as a Windows, Linux, or Unix VM) is created from scratch following a customer/request for that VM. For example, such creation may include retrieving an image from Platform Image Repository (PIR), copying the image to the customer's account, creating a VM with that image, and booting the VM up. Using a Windows VM as an example, once started, the VM goes through Windows setup (specialize and out-of-box experience (OOBE) passes) which provisions the VM from the generalized image to a specialize image. Despite speed increases in modern computing systems, various amounts of time are associated with creating a VM. For example, some example VMs are associated with end-to-end “spin-up” times in the vicinity of one to five minutes, for example, depending on various factors such as operating system, network speed, resources of the physical hardware, virtualization system load, etc. The present disclosure may be employed, for example, by various providers and tenants of virtualization services to reduce “spin-up time” for VMs following customer requests for VMs. For example, various aspects of the present technology may be employed to facilitate at least partial configuration, provisioning, booting, or other steps typically performed prior to a VM being ready for customer use before a customer has requested the VM. By, for example, performing such steps prior to the request, the duration of time between the customer request and availably of the VM may be reduced in comparison to the typical amount of time associated with “spinning-up” a VM “from scratch” following a request.
Some examples of system 400 may operate in a hierarchy of multiple levels, with, for example, individual virtual machine hosts on the node level, in which there are clusters of virtual machines hosts, and regional data centers each consisting of multiple clusters. In other examples, other suitable arrangements may be employed. In some examples, one or more of compute manager 443, storage manager 444, and networking manager 445 each encompass devices operating at more than one level of the hierarchy.
In some examples, VM pool manager 442 is configured to manage a pool of partially provisioned VMs. VMs may be booted and configured except with respect to customer-specific settings. In some examples, some properties cannot be configured without reboot of a VM or recreating the VM, such as VM size, OS type, storage type (e.g., premium storage or standard storage), type of internet routing (e.g., IPv4 or IPv6), processor resources, memory resources, and/or the like. VM pool manager 442 may manage keeping a suitable number of each combination of partially configured VMs that may be needed.
In some examples, each such type is a virtual machine combination type based on a combination of each parameter that is a property that cannot be configured without reboot but that is selectable by customer as an option. VM pool manager 442 may determine how many partially provisioned VMs of each type are needed, for example by identifying current needs for partially configured VMs, and then communicate to compute manager 443 in order to create each needed partially provisioned VM. When compute manager 443 receives a request from VM pool manager 442 to create a partially provisioned VM, in some examples, compute manager 443 then manages creation of the requested partially provisioned VM.
Partially provisioned VMs that are configured except with regard to certain user-specific settings may each be generated as follows. Without customer data, generic virtual machine artifacts are created. The generic artifacts may include generic networking artifacts, and may also include generic compute artifacts and generic storage artifacts. The generic compute artifacts may include, for example, a placeholder machine name, a placeholder account username, a placeholder account password, and/or the like. The generic networking artifacts may include, for example, a placeholder virtual network, and a placeholder customer IP address. A VM is created/composed using the generic artifacts, using the particular combination of properties that are not reconfigured (e.g., VM size, OS type, storage type, processor resources, memory resources, etc.), and the VM is booted.
In some examples, pool manager 442 manages the VM pool. Pool manager 442 may be configured to determine which VMs should be created for the pool. Pool manager 442 may communicate with compute manager 443 in order for the VMs to be created, with the creation of the VMs controlled by compute manager 443. Compute manager 443 may manage the compute aspects, as well as the orchestration of the networking resources and the storage resources.
In some examples, compute manager 443 also communicates the networking resources needed to networking manager 445, which manages the networking resources, and communicates the storage resources needed to storage manager 444, which manages the storage resources. In some examples, networking manager 445 is configured to, upon request from compute manager 443, provide generic networking artifacts for the partially provisioned VM to be created, such as a default/placeholder virtual network and a default customer IP address. In some examples, a virtual network is created and attached to the VM by networker manager 445 in the same manner as would normally occur in the creation of a VM, except that the VM as in internal, arbitrary network that will not be used by any customer, the network has no network rules because they are not needed, the customer IP address is simply a placeholder customer IP address, and also that some aspects of configuring the network may be skipped.
Because the configuration done during partial provisioning is a bare minimum configuration, and the placeholder virtual network will not actually be used by a customer, some aspects of configuring the virtual network for the VM may be skipped. For example, the virtual load balances for the virtual network may not be configured to point to anything. In some examples, it is not necessary for the virtual load balances to point to anything because no customer will be using the placeholder virtual network.
In some examples, compute manager 443 also communicates storage resources needed to storage manager 444. In some examples, during the partial provisioning, only the OS disc storage is assigned during partial provisioning. In some examples, if a customer wishes additional storage, that is handled during the full configuration. In some examples, details of storage for the OS is a property that is not reconfigured, and so storage details options are included in the combination of different types of partially provisioned VMs that are created and managed by pool manager 441.
In some examples, actual creation and booting of the VM occurs in VM host 451. In some examples, during the boot process, VM host 451 causes the VM enters a state in which the VM actively seeks new configuration, so that the VM can be reconfigured with customer-specific settings once a configuration with the customer-specific settings is published. Also, in some examples, VM host 451 causes the VM to be created such that the VM includes an agent that is capable of causing reconfiguration the VM according to the user-specific settings in response to publication of a configuration with the customer-specific settings.
In some examples, VM host 451 executes a service called Instance Metadata Service that publishes a full configuration when available; in these examples, the agent may actively poll the Instance Metadata Service for the full configuration. In some examples, the manner in which the VM is partially configured and then enters into a state seeking full configuration varies depending on the OS type of the VM. In some examples, networking service 445 will provide the VM with the MAC address and physical IP address of the (placeholder) virtual network as normal. In some examples, the customer IP address is an address usable by a customer but which is not actual routable in the internal network, whereas the physical IP address is the IP address that is routable inside the internal network.
In some examples in which the VM has a Linux OS, the VM is booted, VM host 451 passes the VM a tag that indicates that the configuration is partial and not the final configuration. In some examples, when the VM is booted, the VM is configured with some but not all of the configurations—some configurations, including certain user-specific settings, are not done. However, in some examples, even though some user-specific settings are not done, or are done but given generic placeholder/default settings rather than user-specific settings, the VM sends a success message to VM host 451 indicating that the configuration is done. In some examples, because the configuration is not complete, in essence the VM is faking a success message so that the VM may remain in configuration mode, and configuration is completed when a full configuration with user-specified settings is available. In some examples, the success message is received by virtual machine host 451, and is sent from virtual machine host 451 to compute manager 443.
In response to the tag indicating that the configuration is only partial and not the final configuration, in some examples, the VM enters a state in which the VM polls VM host 451 for the new configuration. In some examples, the VM reads the tag to determine whether the configuration is partial or final. In some examples, a configuration with the tag is treated as a partial and not final configuration, and a configuration lacking the tag is treated as a final configuration. In some examples, the VM remains in this “partially booted” state, waiting for the complete configuration, until VM host 451 publishes a full configuration for the VM, at which point the VM's polling indicates that the full configuration is available.
In some examples in which the VM has a Windows OS, the VM is booted with a minimal configuration. In some examples, Windows itself cannot provision again after the minimal configuration performed in the first boot. Instead, in some examples, after setup finishes, VM host 451 causes a code extension to be installed and executed in the VM which causes the VM to keep running, and to enter a state in which the VM polls VM host 451 for the new configuration. In some examples, the VM remains in the polling state, waiting for the complete configuration, until VM host 451 publishes a full configuration for the VM, at which point the VM's polling indicates that the full configuration is available. In some examples, the code extension is capable of performing the reconfiguration to the full configuration.
In some examples, regardless of the OS type, after partially provisioning, in some examples, the VM is in a state in which it is polling for a full configuration to be used by which to reconfigure the VM. At this point, in some examples, a success message is sent to from the VM to VM host 451, from VM host 451 to compute manager 443, and compute manager 443 sends the success message to pool manager 442. At this point, in some examples, the VM is in the pool of partially provisioned VMs managed by VM pool manager 442.
Resource manager 441 may receive requests for VMs to customers, and may manage such requests. In some examples, customers may communicate with system 400 via a portal, and the portal may communicate requests from customer to resource manager 441. In response to customer request(s) for VM(s), resource manager 441 may send a request to compute manager 443 to deploys VMs. In response to the request from resource manager 441, compute manager 443 may communicate with VM pool manager 442 to determine from VM pool manager 442 whether or not there are existing partially provisioned VMs pooled by VM pool manger 442 that meet the required criteria. In some examples, if not, VMs will be created from scratch to meet the request.
If, however, there are available partially provisioned VMs in the VM pool managed by VM pool manager 442, then, in some examples, each partially provisioned VM is reconfigured to meet user-specific settings required based on the VMs requested, as follows for each VM in some examples. Compute manager 443 may send a request to storage manager 444 to cause corresponding storage artifacts to move their association from the platform to the particular customer. Such storage artifacts may include, for example, the disk on which the OS will be copied to and in which the OS will run, and any additional storage requested by the customer. By moving the association of the storage artifacts to the customer, in some examples, the customer has access to and can manage the storage artifacts, including, for example, the disk on which the OS will run.
Compute manager 443 may also request that certain storage artifacts be modified and/or reconfigured and/or created based on the user-specific settings. For example, the customer may have requested additional storage, which may be created and then associated with the particular customer. Compute manager 443 may also move corresponding compute artifacts, associated with the user-specific compute settings, to the particular customer. In this way, in some examples, the customer has access to and can manage the compute artifacts, including the VM itself. Compute manager 443 may also cause certain compute artifacts to be modified and/or reconfigured based on the user-specific settings.
An example of modifying and/or reconfiguring a compute artifact based on user-specific settings is changing the machine name based on the user-specific compute settings. A default/placeholder machine name may have been given to the partially provisioned VM during partial configuration in order to complete the initial, partial configuration. However, as part of the full configuration of the VM based on the user-specific settings, the user may have requested a VM with a particular machine name. Compute manager 443 may modify the machine name based on the user-specific settings. The changes in association of compute, network, and storage artifacts may be accomplished with metadata changes to move the artifacts from the platform tenant to the customer tenant.
Compute manager 443 may also send a request to networking manager 445 to cause corresponding networking artifacts to move their association from the platform to the particular customer, as well as for networking artifacts to be modified and/or reconfigured and/or created. For example, the partially configured VM may have a default placeholder virtual network, and the customer may wish for the VM to have a particular virtual network. Networking manager 445 may create a networking moniker by which to refer to the virtual network, so that compute manager can and need only refer to the new virtual network based on the network moniker assigned to the new virtual network. In some examples, networking manager 445 creates the requested virtual network, associates the created virtual network with the customer so that the customer has access to and can manage the virtual network, and applies the created virtual network to the VM. Networking manager 445 may also configure any network rules requested by the customer, including rules for the network interface controller (NIC) and the media control access (MAC) address.
Networking manager 445 may create a new virtual network for the VM during reconfiguration, and remap to a new customer IP address requested by the customer, while reusing both the MAC address and the physical IP address of the VM prior to reconfiguration. The networking manager may include a directory service that maps the customer IP address to the physical IP address. In some examples, when reconfiguring the VM for the new virtual network, networking manager 445 updates the directory service to map the customer-provided customer IP address for the new virtual network to the physical IP address of the virtual network that is being reused. Networking manager 445 may also reprogram the virtual load balances to point to the correct machines. Networking manager 445 may send a message to compute manager 443 when the networking aspects are complete.
In some examples, when the modifications, reconfigurations, creations, and/or re-associations to be performed outside the VM host 451 are complete, compute manager 442 communicates the reconfiguration information to VM host 451. In some examples, a networking agent in VM host 451 receives the information, and in response to receiving the information, reprograms drivers in VM host 451. In some examples, the networking agent in VM host 451 reprograms the drivers for the route remapping based on the new customer IP address. Next, in some examples, the networking agent in VM host 451 instructs an agent in the VM to retrigger DHCP. This agent in the VM may be the same agent discussed above that is polling the Instance Metadata Service for the configuration file. The manner in which the agent in the VM retriggers DHCP may depend upon the OS type of the VM.
In some examples, if the OS type of the VM is Windows, the agent in the VM may “bounce” the NIC—i.e., cause the NIC to momentarily disconnect and then reconnect, for example, by using a hypervisor VMSwitch exposed input/output control. In some examples, it is only necessary for the NIC to be disconnected for a few milliseconds, and this will cause DHCP to retrigger. In some examples, in a Windows based VM, the inbuilt DHCP client may detect link state change and automatically trigger DHCP, e.g in response to the link state change. The NIC disconnect / re-connect may be represented in the VM as a link state flap.
If the OS type is Linux, a NIC disconnect / re-connect may also be done. Another agent running inside the VM may continuously poll for this link state change, and may trigger a DHCP renewal sequence in response to detection of a link state change. In some examples, this polling is done for Linux but not for Windows. An agent on the node may trap this DHCP renewal request (e.g., through VMSwitch) and respond to the VM with network information for the new state (such as an IP address, DNS information, gateway/routing information, etc.). In response to receiving this new information, the DHCP client may provision this new information, e.g., and “bring” the VM to the new network.
In some examples, as discussed above, networking agent 445 causes the DHCP to retrigger by sending an instruction to the agent in the VM for the agent in the VM to retrigger the DHCP. In other examples, networking agent 445 may cause the DHCP to retrigger in some other manner, such as networking agent 445 itself causing the DHCP to retrigger, through instruction some other component of VM host 451 to retrigger the DHCP, or in some other suitable manner causing the DHCP to retrigger.
The network agent may communicate to a compute agent in VM host 451 after the DHCP retrigger has been completed. The compute agent in VH host 451 may then generate a file with the new configuration, and then publish the new configuration via the Instance Metadata Service in VM host 451, so that the new configuration is available to be polled by the partially configured VM, which is in a state of polling the Instance Metadata Service, for the new configuration, and the polling will be successful once the new configuration is published by the Instance Metadata Service.
The agent on the VM may then accept the user-specific settings associated with the reconfiguration requests, including user-specific networking settings, and then apply those user-specific settings, so that networking and possibly other aspects of the VM are reconfigured accordingly. In this way, in some examples, the partially provisioned VM becomes reconfigured based on the user-specific settings.
The manner in which the reconfiguration of the VM happens may depend in the OS type of the VM in some examples.
For instance, in some examples, if the OS type of the VM is Linux, the reconfiguration may be completed at this time. In some examples, the VM was left in a “partially booted” state, waiting for the complete configuration, and the configuration is allowed to finish now that the full configuration has been received, using the newly received full configuration.
In some examples, if the OS type is Windows, Windows cannot perform the configuration again, or remain in a partially booted state. Instead, in some examples, the same code extension that caused the VM to enter a state in which it polls VM host 451 for the new configuration may cause the VM to be reconfigured based on the full configuration, by in essence using the same configuration process normally used by Windows, except that the configuration is performed by the code extension rather than by Windows.
After the reconfiguration is successfully completed, the VM may send a success message to VM host 451 indicating that the reconfiguration is successful. VM host 451 may then communicate the success message to compute manager 443. Compute manager 443 may then communicate the success message to resource manager 441, which may in turn communicate the success message to the customer portal, which may in turn communicate the success to the customer. In some examples, use of the re-configured VM may then be tracked, and success or failure of the use of the re-configured VM may be reported, and appropriate actions may be taken based on the success or failure of the use of the re-configured VM.
An example of reconfiguring a partially provisioned VM has been described. A fully provisioned VM may also be reconfigured based on a customer request, and this reconfiguration, including changing the virtual network of the VM, may be performed without rebooting the VM. In some examples, the process is essentially the same as reconfiguring a partially provisioned VM, except that artifacts already associated with the customer do not need to have their association moved to the customer.
Resource manager 441 may receive a request from a customer to reconfigure a fully provisioned VM. In response to the customer request to reconfigure the VM, resource manager 441 may send a request to compute manager 443 to reconfigure the VM.
In response to the customer request from resource manager 441 to reconfigure the VM, compute manager 443 may, if relevant, send a request to storage manager 444 to cause corresponding storage artifacts to be modified and/or reconfigured and/or created based on the user-specific settings for which the VM is to be reconfigured, and send a request to networking manager 445 to cause corresponding networking artifacts to be modified and/or reconfigured and/or created based on the user-specific settings for which the VM is to be reconfigured. This may include, inter alia, networking manager 445 creating a new virtual network, reusing the MAC address and the physical IP address of the VN prior to reconfiguration, remapping the physical IP address of the VM to the new customer-provided customer IP address, reprogramming the virtual load balances, and configuring customer-requested rules for the NIC and the MAC.
In some examples, compute manager 443 also causes certain corresponding compute artifacts to be modified and/or reconfigured based on the user-specific settings. An example of modifying and/or reconfiguring a compute artifact based on user-specific settings is changing the machine name based on the user-specific compute settings. In some examples, the fully provisioned VM already has a machine name. However, part of the reconfiguration request by the customer may include a request that the machine name of the VM be changed, and the new machine name requested by the customer may be part of the user-specified settings in the VM reconfiguration request. Compute manager 443 may modify the machine name based on the user-specific settings.
Synthesis:mr. Mac's Virtual Existence Software
As with the case of a partially provisioned VM, compute manager 443 may then communicate with the networking agent on VM host 451 to reprogram drivers on VM host 451 for route mapping to the new customer IP address, and communicate with the agent on the VM to cause DHCP retrigging.
Compute manager 443 may then communicate the new configuration to VM host 451. VM host 451 may then provide the new configuration to the VM. The agent on the VM may then accept the user-specific settings associated with the reconfiguration request, including user-specific networking settings, and apply those user-specific settings, so that the networking aspects of the VM and possibly other aspects of the VM can be reconfigured accordingly. In this way, in some examples, the VM becomes reconfigured based on the user-specific settings. After the reconfiguration is successfully completed, the VM may send a success message to VM host 451 indicating that the reconfiguration is successful. VM host 451 may then communicate the success message to compute manager 443. Compute manager 443 may then communicate the success message to resource manager 441, which may in turn communicate the success message to the customer portal, which in turn may communicate the success to the customer.
For clarity, the processes described herein are described in terms of operations performed in particular sequences by particular devices or components of a system. However, it is noted that other processes are not limited to the stated sequences, devices, or components. For example, certain acts may be performed in different sequences, in parallel, omitted, or may be supplemented by additional acts or features, whether or not such sequences, parallelisms, acts, or features are described herein. Likewise, any of the technology described in this disclosure may be incorporated into the described processes or other processes, whether or not that technology is specifically described in conjunction with a process. The disclosed processes may also be performed on or by other devices, components, or systems, whether or not such devices, components, or systems are described herein. These processes may also be embodied in a variety of ways. For example, they may be embodied on an article of manufacture, e.g., as processor-readable instructions stored in a processor-readable storage medium or be performed as a processor-implemented process. As an alternate example, these processes may be encoded as processor-executable instructions and transmitted via a communications medium.
FIG. 5 is a flow diagram illustrating an example process (590) that may be performed, e.g., by a virtual machine host 451 of FIG. 4. In some examples, a network change from a first virtual network to a second virtual network is reconfigured for a first virtual machine that is executing on a first virtual machine host, which is accomplished, in some examples, with steps 591-594.
In the illustrated example, step 591 occurs first. At step 591, in some examples, in the first virtual machine host, a mapping change from the first virtual network to the second virtual network is configured by reprogramming drivers in the first virtual machine host for route mapping for the second virtual network. As shown, step 592 occurs next in some examples. At step 592, in some examples, a Dynamic Host Configuration Protocol (DHCP) retrigger is caused without rebooting the first virtual machine.
As shown, step 593 occurs next in some examples. At step 593, in some examples, a configuration file is provided to the first virtual machine. In some examples, the configuration file includes user-specific networking settings. As shown, step 594 occurs next in some examples. At step 594, in some examples, the first virtual machine is reconfigured in accordance with the user-specific networking settings. The process may then proceed to a return block, where other processing is resumed.
Synthesis:mr. Mac's Virtual Existence Pdf
While the above Detailed Description describes certain examples of the technology, and describes the best mode contemplated, no matter how detailed the above appears in text, the technology can be practiced in many ways. Details may vary in implementation, while still being encompassed by the technology described herein. As noted above, particular terminology used when describing certain features or aspects of the technology should not be taken to imply that the terminology is being redefined herein to be restricted to any specific characteristics, features, or aspects with which that terminology is associated. In general, the terms used in the following claims should not be construed to limit the technology to the specific examples disclosed herein, unless the Detailed Description explicitly defines such terms. Accordingly, the actual scope of the technology encompasses not only the disclosed examples, but also all equivalent ways of practicing or implementing the technology.