Images

Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F9/00—Arrangements for program control, e.g. control units
  • G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
  • G06F9/44—Arrangements for executing specific programs
  • G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
  • G06F9/45533—Hypervisors; Virtual machine monitors
  • G06F9/45558—Hypervisor-specific management and integration aspects
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
  • G06F16/10—File systems; File servers
  • G06F16/14—Details of searching files based on file metadata
  • G06F16/144—Query formulation
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
  • G06F16/10—File systems; File servers
  • G06F16/14—Details of searching files based on file metadata
  • G06F16/156—Query results presentation
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
  • G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
  • G06F16/24—Querying
  • G06F16/245—Query processing
  • G06F16/2457—Query processing with adaptation to user needs
  • G06F16/24573—Query processing with adaptation to user needs using data annotations, e.g. user-defined metadata
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
  • G06F16/90—Details of database functions independent of the retrieved data types
  • G06F16/95—Retrieval from the web
  • G06F16/951—Indexing; Web crawling techniques
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
  • G06F16/90—Details of database functions independent of the retrieved data types
  • G06F16/95—Retrieval from the web
  • G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
• • G06F17/30103—
• • G06F17/30112—
• • G06F17/30525—
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F9/00—Arrangements for program control, e.g. control units
  • G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
  • G06F9/44—Arrangements for executing specific programs
  • G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
  • G06F9/45533—Hypervisors; Virtual machine monitors
  • G06F9/45558—Hypervisor-specific management and integration aspects
  • G06F2009/4557—Distribution of virtual machine instances; Migration and load balancing
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F9/00—Arrangements for program control, e.g. control units
  • G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
  • G06F9/44—Arrangements for executing specific programs
  • G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
  • G06F9/45533—Hypervisors; Virtual machine monitors
  • G06F9/45558—Hypervisor-specific management and integration aspects
  • G06F2009/45583—Memory management, e.g. access or allocation

Definitions

• This specification relates to cloud computing.
• Cloud computing is network-based computing in which typically large collections of servers housed in data centers or “server farms” provide computational resources and data storage as needed to end users.
• Some cloud computing services provide access to software applications such as word processors and other commonly used applications to end users who interface with the applications through web browsers or other client-side software. Users' electronic data files are usually stored in the server farm rather than on the users' computing devices. Maintaining software applications and user data on a server farm simplifies management of end user computing devices.
• Some cloud computing services allow end users to execute software applications in virtual machines.
• Each metadata key-value pair can be associated with one or more identifiers.
• the identifiers can include, for example, a project identifier that references a particular project with which one or more virtual machine instances are associated, an instance identifier that references a particular virtual machine instance, or a tag identifier that references a particular tag with which one or more virtual machine instances are associated.
• Each metadata key-value pair is stored in a metadata collection that is identified by a particular identifier.
• a metadata key-value pair that is associated with a project identifier P 1 and a tag identifier T 1 is stored in both a first metadata collection that is identified by the project identifier P 1 and a second metadata collection that is identified by the tag identifier T 1 .
• each virtual machine instance can associate with one or more identifiers, e.g., a project identifier, an instance identifier, or a tag identifier, as described above.
• Each virtual machine instance can obtain metadata, for example, from a metadata server.
• a virtual machine instance that is associated with particular identifiers can obtain metadata that is also associated with the particular identifiers.
• Each virtual machine instance can apply the obtained metadata key-value pairs to configure various settings associated with the respective virtual machine instance.
• one aspect of the subject matter described in this specification can be embodied in methods that include the actions of associating one or more of a plurality of metadata collections with one or more respective identifiers, wherein each metadata collection includes one or more pairings of metadata attributes with metadata values, and wherein each identifier is one of a project identifier, a tag identifier or an instance identifier; identifying, based on identifier information associated with a virtual machine instance, one or more metadata values to be provided to the virtual machine instance, wherein the identifier information specifies one or more of a project identifier, a tag identifier and an instance identifier, and wherein each identified metadata value belongs to a metadata collection associated with an identifier that is specified in the identifier information; and providing, to the virtual machine instance, the identified one or more metadata values.
• Other embodiments of this aspect include corresponding systems, apparatus, and computer program products.
• the method further includes receiving, from the virtual machine instance, a metadata query that includes the identifier information; and identifying the one or more metadata values in response to receipt of the metadata query.
• the metadata query is communicated using a Hanging GET operation.
• the method further includes receiving data that includes one or more user specified identifiers and one or more user specified pairings of metadata values with metadata attributes; generating a metadata collection that includes the one or more user-specified pairings; and associating the generated metadata collection with the user specified identifier.
• the metadata collections include a first metadata collection and a second metadata collection, the first metadata collection being associated with a first identifier and including a pairing of a first metadata attribute with a first metadata value, and the second metadata collection being associated with a second identifier and including a pairing of the first metadata attribute with a second metadata value, the first metadata value being different from the second metadata value.
• the method further includes providing both the first metadata value and the second metadata value to the virtual machine instance.
• the method further includes determining that the first metadata collection has a higher priority level than the second metadata collection based on an evaluation of the first identifier and the second identifier; and providing the first metadata value and not the second metadata value to the virtual machine instance.
• the first identifier is an instance identifier or a tag identifier and the second identifier is a project identifier or the first identifier is an instance identifier and the second identifier is a tag identifier or a project identifier.
• the method further includes receiving data specifying an identifier and a new pairing of a metadata attribute with a metadata value and updating the metadata collection associated with the identifier specified in the data to include the new pairing.
• Virtual machine roles can be defined based on their respective tag identifiers. Users can specify metadata key-value pairs and the specified metadata key-value pairs can be used to collectively configure settings for one or more virtual machine instances. Settings and roles of virtual machine instances can be dynamically updated upon updating. Metadata can be associated with project identifiers or tag identifiers to simplify enforcement of common configurations and properties across multiple virtual machine instances. In cases when virtual machine instances do not access metadata associated with an instance identifier, or if access to the metadata is prohibited by policy, the auditing of virtual machine instances that use a standard configuration can be simplified.
• FIG. 1 is a schematic illustration of an example virtual machine system.
• FIG. 2 is a swim lane diagram illustrating configuration of a virtual machine instance using pairings of metadata attributes with metadata values.
• FIG. 3 is a flow diagram of an example process for configuring a virtual machine instance using pairings of metadata attributes with metadata values.
• FIG. 4 is a schematic diagram of an example host machine.
• FIG. 1 is a schematic illustration of an example virtual machine system 100 .
• the system 100 includes one or more host machines such as, for example, host machine 102 and host machine 104 .
• a host machine is one or more data processing apparatus such as rack mounted servers or other computing devices.
• the data processing apparatus can be in different physical locations and can have different capabilities and computer architectures.
• Host machines can communicate with each other through an internal data communications network 116 .
• the internal network can include one or more wired, e.g., Ethernet, or wireless, e.g., WI-FI, networks, for example.
• the internal network 116 is an intranet.
• Host machines can also communicate with devices on external networks, such as the Internet 122 , through one or more gateways 120 which are data processing apparatus responsible for routing data communication traffic between the internal network 116 and the external network 122 . Other types of external networks are possible.
• Each host machine 102 , 104 executes a host operating system 106 , 108 .
• a host operating system 106 , 108 manages host machine resources.
• host operating systems 106 , 108 run software, e.g. a virtual machine monitor (“VMM”) or a hypervisor, that virtualizes the underlying host machine hardware and manages concurrent execution of one or more virtual machine (“VMs”) instances.
• VMM virtual machine monitor
• VMs virtual machine
• the host operating system 106 manages two VM instances, VM 110 and VM 112
• a different host operating system 108 manages a single VM 114 .
• VM instances can be migrated from one host machine to another host machine.
• a single VM instance can be managed by multiple host machines.
• a host machine can, in general, manage multiple virtual machines, however, the quantity may be limited based on physical resources of the host machine.
• Each VM instance provides an emulation of a physical hardware system which may, but need not, be based on the host machine hardware architecture.
• the simulated version of the hardware is referred to as virtual hardware, e.g., virtual hardware 110 a , 112 a , and 114 a .
• Software that is executed by the virtual hardware is referred to as guest software.
• guest software cannot determine if it is being executed by virtual hardware or by a physical host machine. If guest software executing in a VM instance, or the VM instance itself, is compromised, malfunctions, or aborts, other VM instances executing on the host machine may not be affected.
• a host machine's microprocessor(s) can include processor-level mechanisms to enable virtual hardware to execute software applications efficiently by allowing guest software instructions to be executed directly on the host machine's microprocessor without requiring code-rewriting, recompilation, or instruction emulation.
• Each VM instance e.g., VMs 110 , 112 , and 114
• VMs 110 , 112 , and 114 is allocated a set of virtual memory pages from the virtual memory of the underlying host operating system and is allocated virtual disk blocks from one or more virtual disk drives for use by the guest software executing on the VM instance.
• host operating 106 allocates memory pages and disk blocks to VM 110 and VM 112
• host operating system 108 does the same for VM 114 .
• a given VM instance cannot access the virtual memory pages assigned to other VMs.
• VM 110 cannot access memory pages that have been assigned to VM 112 .
• a virtual disk drive can be persisted across VM instance restarts.
• Virtual disk blocks are allocated on physical disk drives coupled to host machines or available over the internal network 116 , for example.
• VM instances can be allocated network addresses through which their respective guest software can communicate with other processes reachable through the internal network 116 or the Internet 122 .
• guest software executing on VM 110 can communicate with guest software executing on VM 112 or VM 114 .
• each VM instance is allocated one or more unique Internet Protocol (IP) version 4 or version 6 addresses. Other address schemes are possible.
• IP Internet Protocol
• the VM instance IP addresses are addressable on the internal network 116 and, in some implementations, are addressable on the Internet 122 if the addresses are advertised using a suitable routing protocol, for instance.
• a VM instance's guest software can include a guest operating system, e.g., guest operating systems 110 b , 112 b , and 114 b , which is software that controls the execution of respective guest software applications, e.g., guest applications 110 c , 112 c , and 114 c , within the VM instance and provides services to those applications.
• a guest operating system could be a variant of the UNIX operating system.
• Other operating systems, e.g., Microsoft Windows, and different versions of these operating systems can be used as the guest operating system.
• Each VM instance can execute the same guest operating system or different guest operating systems.
• a VM instance does not require a guest operating system in order to execute guest software applications.
• a guest operating system's access to resources such as networks and virtual disk storage is controlled by the underlying host operating system.
• the guest application 110 c or guest operating system 110 b attempts to perform an input/output operation on a virtual disk, initiate network communication, or perform a privileged operation, for example, the virtual hardware 110 a is interrupted so that the host operating system 106 can perform the action on behalf of the virtual machine 110 .
• the host operating system 106 can perform these actions with a process that executes in kernel process space 106 b , user process space 106 a , or both.
• the kernel process space 106 b is virtual memory reserved for the host operating system 106 's kernel 106 d which can include kernel extensions and device drivers, for instance.
• the kernel process space has elevated privileges, sometimes referred to as “supervisor mode”; that is, the kernel 106 d can perform certain privileged operations that are off limits to processes running in the user process space 106 a . Examples of privileged operations include access to different address spaces, access to special functional processor units in the host machine such as memory management units, and so on.
• the user process space 106 a is a separate portion of virtual memory reserved for user mode processes. User mode processes cannot perform privileged operations directly.
• a portion of VM instance network communication functionality is implemented in a communication process, e.g., communication process 106 c .
• the communication process executes in the user process space, e.g., user process space 106 a , of a host operating system, e.g., host operating system 106 .
• the communication process can execute in the kernel process space, e.g., kernel process space 106 d of the host operating system.
• some portion of the communication process executes in the user process space and another portion executes in the kernel process space.
• the system 100 includes a metadata server 130 that manages and provides access to metadata for VM instances in the system 100 .
• the metadata server 130 can be implemented as one or more computer programs installed on one or more computers in system 100 .
• the metadata server 130 can, for example, be installed on a particular host machine.
• the metadata server 130 can also be implemented as a VM instance in the system 100 .
• the metadata server 130 is located in the same datacenter as VM instances that the metadata server 130 services, although the metadata server 130 can also be located elsewhere and be, for example, accessible over the Internet.
• Metadata can be written to and read from the metadata server 130 using any appropriate network communications protocol.
• the read and write commands are implemented using conventional hypertext transfer protocol (HTTP) “GET” and “PUT” commands.
• HTTP hypertext transfer protocol
• users can provide custom metadata to the metadata server 130 using an Application Programming Interface (API).
• API Application Programming Interface
• Each element of metadata is a key-value pair.
• the key, or attribute uniquely identifies a type of metadata.
• the value can be one or more pieces of data, for example, text strings.
• a user can specify a metadata key “hostname” and a corresponding metadata value “myinst.myproject.mydomain.internal.” Users can also associate each key-value pair with one or more respective identifiers.
• the one or more identifiers include a project identifier, an instance identifier, or a tag identifier.
• a project identifier can reference a particular project that was created by a user.
• An instance identifier can reference a particular virtual machine instance.
• a tag identifier can reference a particular tag, e.g., “front-end webserver” or “sql server” with which one or more virtual machines instances are associated.
• users can specify custom identifiers that can be associated with key-value pairs.
• a user can specify a machine-type identifier that can be associated with metadata key “hostname.”
• access to metadata that is associated with one or more identifiers is restricted to VM instances that are also associated with the one or more identifiers.
• a VM instance that is associated with a project identifier P 1 can access metadata associated with the project identifier P 1 but not metadata associated with a project identifier P 2 .
• similar tag identifiers can be associated with different project identifiers.
• a first tag identifier “front-end webserver” can be associated with a project identifier P 1 while a second tag identifier “front-end webserver” can be associated with a project identifier P 2 .
• metadata associated with the first tag identifier “front-end webserver” in the project P 1 has no relation to metadata associated with the second tag identifier “front-end webserver” in the project P 2 .
• VM instances that are associated with the project identifier P 1 cannot access metadata that is associated with the project identifier P 2 .
• VM instances that are associated with the project identifier P 2 cannot access metadata that is associated with the project identifier P 1 . This is a useful property for a multi-tenant system, as it ensures metadata remains confidential and is not visible to VM instances that are not associated with the proper identifiers.
• the metadata server 130 is configured to receive user specified key-value pairs and their corresponding identifiers. In some implementations, the metadata server 130 categorizes and stores received key-value pairs in one or more metadata collections based on their respective identifiers. For example, a key-value pair that is associated with a project identifier P 1 and a tag identifier T 1 can be stored in a first metadata collection that corresponds to the project identifier P 1 and a second metadata collection that corresponds to the tag identifier T 1 .
• the metadata server 130 is also configured to receive queries from VM instances requesting metadata. Users can customize the configuration of VM instances running in the system 100 by associating the VM instances with one or more respective identifiers, e.g., a project identifier, an instance identifier, or a tag identifier, as described above. For example, a user can specify that a VM instance be associated with a project identifier P 1 , an instance identifier M 1 , and tag identifiers “sql server” and “front-end webserver.” In some implementations, each VM instance can be associated with only one project identifier.
• the VM instance can query the metadata server 130 to obtain metadata that is associated with the same identifiers that are associated with the VM instance.
• a VM instance associated with a project identifier P 1 , an instance identifier M 1 , and tag identifiers “sql server” and “front-end webserver” can query the metadata server 130 to obtain metadata that is also associated with the project identifier P 1 , the instance identifier M 1 , and the tag identifiers “sql server” and “front-end webserver.”
• the metadata server 130 can identify metadata collections that respectively correspond to the project identifier P 1 , the instance identifier M 1 , and the tag identifiers “sql server” and “front-end webserver.”
• the metadata server 130 can provide metadata that was categorized in the identified metadata collections to the VM instance.
• the VM instance can apply the received metadata to configure various settings associated with the VM instance.
• a user can associate a first metadata key “sshKeys” and corresponding value, e.g., “joe:ssh-rsa ? SSH key>,” that describes user accounts and corresponding public SSH keys, with a project identifier P 1 .
• the user can also associate a second metadata key “allowedHosts” and corresponding value, e.g., “192.0.2.24/30,” that describes Internet Protocol (IP) addresses that are allowed to connect to a VM instance, with the project identifier P 1 .
• IP Internet Protocol
• the user can then associate a third metadata key “startupScript” and corresponding value, e.g., a shell script that configures and starts a webserver, with a tag identifier “web.”
• a fourth metadata key “allowedHosts” and corresponding value e.g., “0.0.0.0/0” that describes IP addresses that are allowed to connect to a VM instance, with an instance identifier “shell.”
• users can specify particular identifiers to be associated with one or more VM instances using an Application Programming Interface (API).
• API Application Programming Interface
• a system component in each VM instance is configured to obtain the user specified identifiers, and to associate the identifiers with the respective VM instance.
• a user can initialize a VM instance and can associate the VM instance with a project identifier P 1 and an instance identifier “shell.”
• the VM instance can query the metadata server 130 to obtain metadata that is associated with the project identifier P 1 and the instance identifier “shell.”
• the metadata server 130 can provide the VM instance with metadata associated with the project identifier P 1 , e.g., the first and second metadata key-value pairs, and metadata associated with the instance identifier “shell,” e.g., the fourth metadata key-value pair.
• the metadata server 130 provides the VM instance with respective Uniform Resource Locator (URL) paths that reference the requested metadata.
• URL Uniform Resource Locator
• the metadata server 130 can provide a first URL, e.g., “/v1beta/computemetadata/project/attributes/sshKeys,” that references the “sshKeys” key-value pair associated with the project identifier P 1 , a second URL, e.g., “/v1beta/computemetadata/project/attributes/allowedHosts,” that references the “allowedHosts” key-value pair associated with the project identifier P 1 , and a third URL, e.g., “/v1beta/computemetadata/instance/attributes/allowedHosts,” that references the “allowedHosts” key-value pair associated with the instance identifier “shell.”
• the VM instance can then process the received metadata to configure the VM instance.
• the metadata server 130 would also provide the VM instance with a fourth URL, e.g., “/v1beta/computemetadata/tags/web/attributes/startupScript,” that references the “startupScript” key-value pair associated with the tag identifier “web.”
• a metadata conflict may arise when different values are specified for a metadata key that is associated with more than one metadata collection, e.g., with more than one identifier, and when a VM instance is associated with those identifiers.
• the second metadata key “allowedHosts,” which is associated with the project identifier P 1 has a corresponding value “192.0.2.24/30”
• the fourth metadata key “allowedHosts,” which is associated with the instance identifier “shell” has a corresponding value “0.0.0.0/0.”
• the VM instance is associated with the project identifier P 1 and the instance identifier “shell,” there is a conflict as to whether the metadata value corresponding to the second metadata key “allowedHosts,” e.g., “192.0.2.24/30,” or the fourth metadata key “allowedHosts,” e.g., “0.0.0.0/0,” is used to configure the VM instance.
• the metadata server 130 provides all conflicting metadata to the VM instance, and the VM instance itself determines which metadata value is used to configure the VM instance. In some implementations, the metadata server 130 determines which metadata key-value pair has a higher priority level by evaluating respective identifiers associated with the metadata key-value pairs, and provides to the VM instance the metadata key-value pair that is associated with the higher priority level. In some implementations, instance identifiers and tag identifiers are prioritized higher than project identifiers. In some implementations, instance identifiers are prioritized higher than both tag identifiers and project identifiers.
• users can dynamically reconfigure VM instances by updating metadata collections. For example, a user can specify new metadata key-value pairs or the user can update metadata values for existing metadata keys.
• VM instances can be configured to automatically query the metadata server 130 to obtain the new or updated metadata, as described below in reference to FIG. 2 . The VM instances can use the obtained metadata to reconfigure various settings associated with the VM instance.
• each VM instance e.g., VM 110 , 112 , or 114
• a distinct metadata server e.g., the metadata server 130
• each host machine e.g., host machines 102 or 104
• a distinct metadata server e.g., the metadata server 130
• the metadata server e.g., the metadata server 130
• the metadata server is configured as a distributed system.
• FIG. 2 is a swim lane diagram illustrating configuration of a virtual machine instance using pairings of metadata attributes with metadata values.
• a user operating a user device provides metadata, e.g., key-value pairs, and one or more corresponding identifiers, to a metadata server, as described above ( 202 ).
• users can provide values for a metadata key, e.g., “attached-disks,” to specify a list of ephemeral and persistent disks, and can associate the metadata with one or more identifiers to configure VM instances that are also associated with the one or more identifiers to use the identified ephemeral and persistent disks.
• Metadata for which users can provide customized values include a metadata key, e.g., “description,” to specify a description of an instance, a metadata key, e.g., “domain,” to specify a domain of a VM instance hostname, a metadata key, e.g., “hostname,” to specify a host name for an instance, a metadata key, e.g., “image,” to specify an image to be used for initializing a VM instance.
• a metadata key e.g., “description,” to specify a description of an instance
• a metadata key e.g., “domain” to specify a domain of a VM instance hostname
• a metadata key e.g., “hostname”
• image to specify an image to be used for initializing a VM instance.
• users can provide customized values for a metadata key, e.g., “machine-type,” that identifies a machine type, e.g., a machine having a particular number of Central Processing Units (CPUs) and memory configuration, a metadata key, e.g., “network,” to specify network information, a metadata key, e.g., “zone,” to specify a zone, e.g., time zone.
• a metadata key e.g., “machine-type” that identifies a machine type, e.g., a machine having a particular number of Central Processing Units (CPUs) and memory configuration
• a metadata key e.g., “network”
• a metadata key e.g., “zone”
• zone e.g., time zone
• users can provide customized values for a metadata key, e.g., “sshKeys,” to specify a list of Secure Shell (SSH) keys that can be used to connect to an instance, a metadata key, e.g., “startup-script,” to specify a startup script to execute when an instance starts, a metadata key, e.g., “startup-script-url,” to specify a URL (Uniform Resource Locator) of a startup script to execute when an instance starts.
• SSH Secure Shell
• the metadata server associates one or more metadata collections with respective identifiers ( 204 ).
• the metadata server categorizes and stores the received metadata into one or more respective metadata collections based on the identifiers corresponding to the received metadata.
• the metadata server can categorize and store all received metadata that is associated with a particular project identifier, e.g., P 1 , into a first metadata collection, and can associate the first metadata collection with the particular project identifier, e.g., P 1 .
• the metadata server can categorize and store all received metadata that is associated with a particular tag identifier, e.g., T 1 , into a second metadata collection, and can associate the second metadata collection with the particular tag identifier, e.g., T 1 .
• a VM instance that is associated with particular identifiers sends a metadata query to the metadata server to obtain metadata that is also associated with the particular identifiers ( 206 ).
• a VM instance is configured to query the metadata server for metadata when the VM instance is initialized, e.g., at startup.
• a VM instance is configured to query the metadata server for metadata at specified time intervals, for example, as specified in a cron job.
• a VM instance is configured to query the metadata server using a “Hanging GET” operation.
• the VM instance can use the conventional hypertext transfer protocol (HTTP) “GET” operation to request metadata.
• HTTP hypertext transfer protocol
• the VM instance can “hang,” or maintain the HTTP “GET” connection, to continue waiting until the metadata server has new or updated metadata to provide the VM instance.
• the HTTP “GET” connection is closed due to inactivity, e.g., a time out, the VM instance can be configured to re-establish the connection and continue waiting for new or updated metadata.
• the metadata server receives the query requesting metadata associated with particular identifiers, as described above ( 208 ).
• the metadata server can communicate data, e.g., queries and metadata, using any appropriate network communications protocol or using conventional hypertext transfer protocol (HTTP) “GET” and “PUT” commands.
• HTTP hypertext transfer protocol
• the metadata server identifies metadata responsive to the metadata query ( 210 ).
• the metadata server can identify one or more metadata collections that respectively correspond to the particular identifiers, as described above in reference to FIG. 1 .
• the metadata server provides the metadata responsive to the query to the VM instance ( 212 ).
• the metadata server can provide metadata that was categorized and stored in the identified metadata collections to the VM instance, as described above.
• the VM instance receives and applies the metadata to configure the VM instance ( 214 ).
• the VM instance configures itself by updating a particular setting associated with the VM instance, for example, by updating data in a particular file.
• the VM instance can receive a metadata key “hostname” and its corresponding value “example.com.” Based on the key “hostname,” the VM instance can be configured to update a particular file, e.g., “/etc/hostname,” with the value “example.com.”
• the VM instance Upon updating the file “/etc/hostname,” the VM instance can reinitialize its networking configuration so that the VM instance domain corresponds to “example.com.”
• FIG. 3 is a flow diagram of an example process 300 for configuring a virtual machine instance using pairings of metadata attributes with metadata values.
• the process 300 will be described with respect to a system, e.g., the metadata server 130 , including one or more computing devices that performs the process 300 .
• the system associates one or more metadata collections with respective identifiers, as described above ( 302 ).
• the system receives a metadata query requesting metadata associated with particular identifiers, as described above ( 304 ). For example, the system can receive the query from a VM instance that is also associated with the particular identifiers.
• the system identifies metadata responsive to the metadata query, as described above ( 306 ).
• FIG. 4 is a schematic diagram of an example host machine.
• the host machine 400 generally consists of a data processing apparatus 402 .
• the data processing apparatus 402 can optionally communicate with one or more other computers 490 through a network 480 . While only one data processing apparatus 402 is shown in FIG. 4 , multiple data processing apparatus can be used in one or more locations.
• the data processing apparatus 402 includes various modules, e.g. executable software programs. One of the modules is the kernel 406 of a host operating system (e.g., host operating system 106 ).
• a virtual machine module 408 (e.g., virtual machine 110 ) includes virtual hardware (e.g., virtual hardware 110 a ), a guest operating system (e.g., guest operating system 110 b ), and guest applications (guest applications 110 c ).
• virtual hardware e.g., virtual hardware 110 a
• guest operating system e.g., guest operating system 110 b
• guest applications guest applications 110 c
• the software modules can be distributed on one or more data processing apparatus connected by one or more networks or other suitable communication mediums.
• the data processing apparatus 402 also includes hardware or firmware devices including one or more processors 412 , one or more additional devices 414 , a computer-readable storage medium 416 , a communication interface 418 , and optionally one or more user interface devices 420 .
• Each processor 412 is capable of processing instructions for execution within the data processing apparatus 402 .
• the processor 412 is a single or multi-threaded processor.
• Each processor 412 is capable of processing instructions stored on the computer-readable storage medium 416 or on a storage device such as one of the additional devices 414 .
• the data processing apparatus 402 uses its communication interface 418 to communicate with one or more computers 490 , for example, over a network 480 .
• Examples of user interface devices 420 include a display, a camera, a speaker, a microphone, a tactile feedback device, a keyboard, and a mouse.
• the data processing apparatus 402 can store instructions that implement operations associated with the modules described above, for example, on the computer-readable storage medium 416 or one or more additional devices 414 , for example, one or more of a floppy disk device, a hard disk device, an optical disk device, or a tape device.
• FIG. 4 is also a schematic diagram of an example metadata server.
• the metadata server generally consists of one or more data processing apparatus in one or more locations.
• the data processing apparatus includes hardware or firmware devices including one or more processors, a computer readable storage medium, and a communication interface.
• Each processor is capable of processing instructions for execution within the data processing apparatus.
• the processor is a single or multi-threaded processor.
• Each processor is capable of processing instructions stored on the computer readable storage medium or on a storage device such as one of the additional devices.
• the data processing apparatus uses its communication interface to communicate with one or more computers, for example, over a network.
• Embodiments of the subject matter and the functional operations described in this specification can be implemented in digital electronic circuitry, in tangibly-embodied computer software or firmware, in computer hardware, including the structures disclosed in this specification and their structural equivalents, or in combinations of one or more of them.
• Embodiments of the subject matter described in this specification can be implemented as one or more computer programs, i.e., one or more modules of computer program instructions encoded on a tangible non-transitory program carrier for execution by, or to control the operation of, data processing apparatus.
• the program instructions can be encoded on an artificially-generated propagated signal, e.g., a machine-generated electrical, optical, or electromagnetic signal, that is generated to encode information for transmission to suitable receiver apparatus for execution by a data processing apparatus.
• the computer storage medium can be a machine-readable storage device, a machine-readable storage substrate, a random or serial access memory device, or a combination of one or more of them.
• data processing apparatus encompasses all kinds of apparatus, devices, and machines for processing data, including by way of example a programmable processor, a computer, or multiple processors or computers.
• the apparatus can include special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application-specific integrated circuit).
• the apparatus can also include, in addition to hardware, code that creates an execution environment for the computer program in question, e.g., code that constitutes processor firmware, a protocol stack, a database management system, an operating system, or a combination of one or more of them.
• a computer program (which may also be referred to or described as a program, software, a software application, a module, a software module, a script, or code) can be written in any form of programming language, including compiled or interpreted languages, or declarative or procedural languages, and it can be deployed in any form, including as a stand-alone program or as a module, component, subroutine, or other unit suitable for use in a computing environment.
• a computer program may, but need not, correspond to a file in a file system.
• a program can be stored in a portion of a file that holds other programs or data, e.g., one or more scripts stored in a markup language document, in a single file dedicated to the program in question, or in multiple coordinated files, e.g., files that store one or more modules, sub-programs, or portions of code.
• a computer program can be deployed to be executed on one computer or on multiple computers that are located at one site or distributed across multiple sites and interconnected by a communication network.
• the processes and logic flows described in this specification can be performed by one or more programmable computers executing one or more computer programs to perform functions by operating on input data and generating output.
• the processes and logic flows can also be performed by, and apparatus can also be implemented as, special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application-specific integrated circuit).
• special purpose logic circuitry e.g., an FPGA (field programmable gate array) or an ASIC (application-specific integrated circuit).
• Computers suitable for the execution of a computer program include, by way of example, can be based on general or special purpose microprocessors or both, or any other kind of central processing unit.
• a central processing unit will receive instructions and data from a read-only memory or a random access memory or both.
• the essential elements of a computer are a central processing unit for performing or executing instructions and one or more memory devices for storing instructions and data.
• a computer will also include, or be operatively coupled to receive data from or transfer data to, or both, one or more mass storage devices for storing data, e.g., magnetic, magneto-optical disks, or optical disks.
• mass storage devices for storing data, e.g., magnetic, magneto-optical disks, or optical disks.
• a computer need not have such devices.
• a computer can be embedded in another device, e.g., a mobile telephone, a personal digital assistant (PDA), a mobile audio or video player, a game console, a Global Positioning System (GPS) receiver, or a portable storage device, e.g., a universal serial bus (USB) flash drive, to name just a few.
• PDA personal digital assistant
• GPS Global Positioning System
• USB universal serial bus
• Computer-readable media suitable for storing computer program instructions and data include all forms of non-volatile memory, media and memory devices, including by way of example semiconductor memory devices, e.g., EPROM, EEPROM, and flash memory devices; magnetic disks, e.g., internal hard disks or removable disks; magneto-optical disks; and CD-ROM and DVD-ROM disks.
• semiconductor memory devices e.g., EPROM, EEPROM, and flash memory devices
• magnetic disks e.g., internal hard disks or removable disks
• magneto-optical disks e.g., CD-ROM and DVD-ROM disks.
• the processor and the memory can be supplemented by, or incorporated in, special purpose logic circuitry.
• a computer having a display device, e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor, for displaying information to the user and a keyboard and a pointing device, e.g., a mouse or a trackball, by which the user can provide input to the computer.
• a display device e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor
• keyboard and a pointing device e.g., a mouse or a trackball
• Other kinds of devices can be used to provide for interaction with a user as well; for example, feedback provided to the user can be any form of sensory feedback, e.g., visual feedback, auditory feedback, or tactile feedback; and input from the user can be received in any form, including acoustic, speech, or tactile input.
• a computer can interact with a user by sending documents to and receiving documents from a device that is used by the user; for example, by sending web pages to a
• Embodiments of the subject matter described in this specification can be implemented in a computing system that includes a back-end component, e.g., as a data server, or that includes a middleware component, e.g., an application server, or that includes a front-end component, e.g., a client computer having a graphical user interface or a Web browser through which a user can interact with an implementation of the subject matter described in this specification, or any combination of one or more such back-end, middleware, or front-end components.
• the components of the system can be interconnected by any form or medium of digital data communication, e.g., a communication network. Examples of communication networks include a local area network (“LAN”) and a wide area network (“WAN”), e.g., the Internet.
• LAN local area network
• WAN wide area network
• the computing system can include clients and servers.
• a client and server are generally remote from each other and typically interact through a communication network.
• the relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.

Landscapes

• Engineering & Computer Science (AREA)
• Theoretical Computer Science (AREA)
• Physics & Mathematics (AREA)
• Databases & Information Systems (AREA)
• General Engineering & Computer Science (AREA)
• General Physics & Mathematics (AREA)
• Data Mining & Analysis (AREA)
• Software Systems (AREA)
• Library & Information Science (AREA)
• Mathematical Physics (AREA)
• Computational Linguistics (AREA)
• Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Description

Claims (27)

Priority Applications (7)

Applications Claiming Priority (1)

Related Child Applications (1)

Publications (2)

Family

ID=49582818

Family Applications (2)

Family Applications After (1)

Country Status (5)

Cited By (2)

Families Citing this family (26)

Citations (12)

Family Cites Families (5)

• 2012
  • 2025-08-04 US US13/665,890 patent/US9170834B2/en active Active
• 2013
  • 2025-08-04 WO PCT/US2013/067507 patent/WO2014070891A2/en active Application Filing
  • 2025-08-04 EP EP13789937.3A patent/EP2915042B1/en active Active
  • 2025-08-04 CN CN201380063264.5A patent/CN104823163B/en active Active
  • 2025-08-04 CN CN201811268712.6A patent/CN109375986B/en active Active
  • 2025-08-04 DE DE202013012495.4U patent/DE202013012495U1/en not_active Expired - Lifetime
• 2015
  • 2025-08-04 US US14/921,824 patent/US9798566B2/en active Active

Patent Citations (12)

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events