Search

US-12625782-B2 - Techniques for replicating state information for high availability

US12625782B2US 12625782 B2US12625782 B2US 12625782B2US-12625782-B2

Abstract

A Network Virtualization Device (NVD) executes a set of Virtual Network Interface Cards (VNICs). The set of VNICs includes a first VNIC that forwards packets for a set of one or more packet flows. The NVD stores a first VNIC-related information that includes information identifying a first set of one or more packet flows and associated state information The NVD in response to determining that the state information for the first VNIC is to be synchronized with another NVD, identifies a first backup NVD for the first VNIC, wherein the first backup NVD is a backup for the first VNIC, and communicates to the first backup NVD, a portion of the state information stored by the NVD for the first VNIC.

Inventors

  • Jagwinder Singh Brar
  • Eugene Nalimov
  • Steven Chervets
  • Abhay Patil
  • Michal Aleksander Karczmarek

Assignees

  • ORACLE INTERNATIONAL CORPORATION

Dates

Publication Date
20260512
Application Date
20241118

Claims (20)

  1. 1 . A method comprising: receiving, by a first network virtualization device (NVD) of a physical network, a first portion of first state information of a first virtual network interface card (VNIC) of a set of VNICs, wherein the first VNIC is hosted by a second NVD, wherein the first VNIC performs forwarding of packets for a set of one or more packet flows from a compute instance hosted on a physical host machine connectively coupled to the second NVD, wherein the first NVD is a backup for the first VNIC, wherein: the physical network hosts a virtual network, the physical network comprising the physical host machine, the first NVD, and the second NVD, and wherein the first NVD and the second NVD are different physical devices with separate processors from network interface cards of the physical host machine, and the virtual network comprises one or more compute instances including the compute instance, and the set of VNICs; storing, by the first NVD, the first portion of the first state information for the first VNIC; receiving, by the first NVD, availability information indicating that the second NVD is unavailable; receiving, by the first NVD, packets associated with the set of one or more packet flows; and forwarding, by the first NVD, the packets based on the first portion of the first state information.
  2. 2 . The method of claim 1 , further comprising: receiving, by the first NVD, updated state information associated with at least one packet flow of the set of one or more packet flows; and storing, by the first NVD, the updated state information for the first VNIC.
  3. 3 . The method of claim 1 , wherein the availability information is received at a first time, and wherein the method further comprises: receiving, by the first NVD at a second time after the first time, second availability information indicating that the second NVD is available; and determining, by the first NVD after the second time, to not forward the packets.
  4. 4 . The method of claim 1 , further comprising: identifying, by the first NVD, a packet flow for the packets based on information within one or more fields in a header of at least one packet of the packets.
  5. 5 . The method of claim 4 , wherein the one or more fields includes a source address field, a destination address field, a source port field, a destination port field, and a protocol field.
  6. 6 . The method of claim 1 , wherein the availability information is received at a first time, and wherein the method further comprises: receiving, by the first NVD from the second NVD at a second time after the first time, a request for the first portion of the first state information for the first VNIC; and transmitting, by the first NVD to the second NVD, the first portion of the first state information for the first VNIC.
  7. 7 . The method of claim 1 , further comprising: receiving, by the first NVD, a second portion of second state information of a second VNIC, wherein the second VNIC is hosted by a third NVD of the physical network, wherein the second VNIC performs forwarding of packets for a second set of one or more packet flows from a second compute instance of the virtual network, wherein the second VNIC is hosted on a second physical host machine connectively coupled to the third NVD, wherein the third NVD is a different physical device from the first NVD and the second NVD with separate processors from network interface cards of the physical host machine, and wherein the first NVD is a backup for the second VNIC; storing, by the first NVD, the second portion of the second state information for the second VNIC; receiving, by the first NVD, second availability information indicating that the third NVD is unavailable; receiving, by the first NVD, second packets associated with the second set of one or more packet flows; and forwarding, by the first NVD, the second packets based on the second portion of the second state information.
  8. 8 . The method of claim 1 , further comprising: determining, by the first NVD, that a particular period of time has elapsed; and in response to determining the particular period of time has elapsed, transmitting, by the first NVD to the second NVD, a signal requesting the second NVD to send, to the first NVD, the first portion of the first state information for the first VNIC.
  9. 9 . The method of claim 1 , further comprising transmitting, by the first NVD to the second NVD, a signal requesting the second NVD to send, to the first NVD, the first portion of the first state information for the first VNIC.
  10. 10 . The method of claim 1 , further comprising transmitting, by the first NVD to the second NVD, a signal requesting the second NVD to send, to the first NVD, the first portion of the first state information for each VNIC hosted by the second NVD for which the first NVD is identified as a backup.
  11. 11 . The method of claim 1 , wherein the second NVD is associated with a plurality of VNICs including the first VNIC, and wherein the first NVD is a backup for the plurality of VNICs.
  12. 12 . A computer system, comprising: one or more processors and a non-transitory computer-readable storage medium of a first network virtualization device (NVD) of a physical network, the non-transitory computer-readable storage medium containing instructions which, when executed on the one or more processors, cause the one or more processors to perform operations including: receiving a first portion of first state information of a first virtual network interface card (VNIC) of a set of VNICs, wherein the first VNIC is hosted by a second NVD, wherein the first VNIC performs forwarding of packets for a set of one or more packet flows from a compute instance hosted on a physical host machine connectively coupled to the second NVD, wherein the first NVD is a backup for the first VNIC, wherein: the physical network hosts a virtual network, the physical network comprising the physical host machine, the first NVD, and the second NVD, and wherein the first NVD and the second NVD are different physical devices with separate processors from network interface cards of the physical host machine, and the virtual network comprises one or more compute instances including the compute instance, and the set of VNICs; storing the first portion of the first state information for the first VNIC; receiving availability information indicating that the second NVD is unavailable; receiving packets associated with the set of one or more packet flows; and forwarding the packets based on the first portion of the first state information.
  13. 13 . The computer system of claim 12 , wherein the availability information is received at a first time, and wherein the non-transitory computer-readable storage medium contains further instructions which, when executed on the one or more processors, cause the one or more processors to perform further operations including: receiving, at a second time after the first time, second availability information indicating that the second NVD is available; and determining, after the second time, to not forward the packets.
  14. 14 . The computer system of claim 12 , wherein the availability information is received at a first time, and wherein the non-transitory computer-readable storage medium contains further instructions which, when executed on the one or more processors, cause the one or more processors to perform further operations including: receiving, from the second NVD at a second time after the first time, a request for the first portion of the first state information for the first VNIC; and transmitting, to the second NVD, the first portion of the first state information for the first VNIC.
  15. 15 . The computer system of claim 12 , wherein the non-transitory computer-readable storage medium contains further instructions which, when executed on the one or more processors, cause the one or more processors to perform further operations including: receiving a second portion of second state information of a second VNIC, wherein the second VNIC is hosted by a third NVD of the physical network, wherein the second VNIC performs forwarding of packets for a second set of one or more packet flows from a second compute instance of the virtual network, wherein the second VNIC is hosted on a second physical host machine connectively coupled to the third NVD, wherein the third NVD is a different physical device from the first NVD and the second NVD with separate processors from network interface cards of the physical host machine, and wherein the first NVD is a backup for the second VNIC; storing the second portion of the second state information for the second VNIC; receiving second availability information indicating that the third NVD is unavailable; receiving second packets associated with the second set of one or more packet flows; and forwarding the second packets based on the second portion of the second state information.
  16. 16 . The computer system of claim 12 , further comprising: determining, by the first NVD, that a particular period of time has elapsed; and in response to determining the particular period of time has elapsed, transmitting, by the first NVD to the second NVD, a signal requesting the second NVD to send, to the first NVD, the first portion of the first state information for the first VNIC.
  17. 17 . One or more non-transitory computer-readable media storing instructions that, upon execution on a first network virtualization device (NVD) of a physical network, cause the first NVD to perform operations comprising: receiving a first portion of first state information of a first virtual network interface card (VNIC) of a set of VNICs, wherein the first VNIC is hosted by a second NVD, wherein the first VNIC performs forwarding of packets for a set of one or more packet flows from a compute instance hosted on a physical host machine connectively coupled to the second NVD, wherein the first NVD is a backup for the first VNIC, wherein: the physical network hosts a virtual network, the physical network comprising the physical host machine, the first NVD, and the second NVD, and wherein the first NVD and the second NVD are different physical devices with separate processors from network interface cards of the physical host machine, and the virtual network comprises one or more compute instances including the compute instance, and the set of VNICs; storing the first portion of the first state information for the first VNIC; receiving availability information indicating that the second NVD is unavailable; receiving packets associated with the set of one or more packet flows; and forwarding the packets based on the first portion of the first state information.
  18. 18 . The one or more non-transitory computer-readable media of claim 17 , wherein the availability information is received at a first time, and wherein the one or more non-transitory computer-readable media storing instructions that, upon execution on the first NVD, cause the first NVD to perform operations further comprising: receiving, at a second time after the first time, second availability information indicating that the second NVD is available; and determining, after the second time, to not forward the packets.
  19. 19 . The one or more non-transitory computer-readable media of claim 17 , wherein the availability information is received at a first time, and wherein the one or more non-transitory computer-readable media storing instructions that, upon execution on the first NVD, cause the first NVD to perform operations further comprising: receiving, from the second NVD at a second time after the first time, a request for the first portion of the first state information for the first VNIC; and transmitting, to the second NVD, the first portion of the first state information for the first VNIC.
  20. 20 . The one or more non-transitory computer-readable media of claim 17 , wherein the one or more non-transitory computer-readable media storing instructions that, upon execution on the first NVD, cause the first NVD to perform operations further comprising: receiving a second portion of second state information of a second VNIC, wherein the second VNIC is hosted by a third NVD of the physical network, wherein the second VNIC performs forwarding of packets for a second set of one or more packet flows from a second compute instance of the virtual network, wherein the second VNIC is hosted on a second physical host machine connectively coupled to the third NVD, wherein the third NVD is a different physical device from the first NVD and the second NVD with separate processors from network interface cards of the physical host machine, and wherein the first NVD is a backup for the second VNIC; storing the second portion of the second state information for the second VNIC; receiving second availability information indicating that the third NVD is unavailable; receiving second packets associated with the second set of one or more packet flows; and forwarding the second packets based on the second portion of the second state information.

Description

CROSS-REFERENCES TO RELATED APPLICATIONS This application is a continuation of application Ser. No. 17/644,287 filed Dec. 14, 2021, which claims the benefit of the filing date of U.S. Provisional Application No. 63/132,344, filed on Dec. 30, 2020, the entire contents of which are incorporated herein by reference for all purposes. BACKGROUND The demand for cloud-based services continues to increase rapidly. The term cloud service is generally used to refer to a service that is made available to users or customers on demand (e.g., via a subscription model) using systems and infrastructure (cloud infrastructure) provided by a cloud services provider. Typically, systems that make up the cloud service provider's infrastructure are separate from the customer's own on-premise servers and systems. Customers can thus avail themselves of cloud services provided by the cloud service provider without having to purchase separate hardware and software resources for the services. There are various different types of cloud services including Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS), and others. To utilize cloud services, network traffic between customer's on-premise equipment and resources in the cloud is processed and transmitted over one or more specialized Network Virtualization Devices that includes Network Interface Card(s). A Network Virtualization Device (NVD) such as a SmartNIC provides the network traffic a physical proxy to a substrate network on which cloud network abstractions (e.g., cloud service instances) are built. A virtual interface for a SmartNIC provides virtual networking for physical networking resources of the SmartNIC for accessing, connecting, securing, and modifying cloud resources. Typically, a SmartNIC is attached to a computing instance (e.g., a cloud based workstation) within a virtual network. A virtual interface i.e., a Virtual Network Interface Card (VNIC) hosted on the SmartNIC manages communications of the computing instance within and outside the virtual network. Typically, a single SmartNIC can be exposed as multiple VNICs to host machines within a cloud network where the multiple VNICs may share the same physical network port of the SmartNIC. Customers expect cloud services to be highly available, with minimal downtime, even if there are problems in the underlying infrastructure (e.g., a SmartNIC goes down). To achieve this, cloud service providers build redundancies and backups into their infrastructure to increase bandwidth and to avoid a single point of failure within the cloud infrastructure to ensure a continuous access to cloud services. Implementing backup systems with multiple SmartNICs is however quite complex, especially when the solution has to scale across the entire distributed cloud infrastructure. SUMMARY The present disclosure relates generally to techniques for improving availability of cloud services, and more particularly to techniques for maintaining and replicating network state information across multiple VNICs and their corresponding SmartNICs. Various embodiments are described herein, including methods, systems, non-transitory computer-readable storage media storing programs, code, or instructions executable by one or more processors, and the like. Various embodiments are described herein, including methods, systems, non-transitory computer-readable storage media storing programs, code, or instructions executable by one or more processors, and the like. These illustrative embodiments are mentioned not to limit or define the disclosure, but to provide examples to aid understanding thereof. Additional embodiments are discussed in the Detailed Description, and further description is provided there. An aspect of the present disclosure provides for a method comprising executing, by a network virtualization device (NVD), a set of virtual network interface cards (VNICS), the set of VNICs including a first VNIC performing forwarding of packets for a set of one or more packet flows; storing, by the NVD, a first VNIC-related information, wherein the first VNIC-related information comprises information identifying a first set of one or more packet flows and state information for the first set of one or more packet flows; determining, by the NVD, that the state information for the first VNIC is to be synchronized with another NVD; and responsive to the determining: identifying, by the NVD, a first backup NVD for the first VNIC, wherein the first backup NVD is a backup for the first VNIC; and communicating, by the NVD to the first backup NVD, a portion of the state information stored by the NVD for the first VNIC. Another aspect of the present disclosure provides for A computer system, comprising: one or more processors; and a non-transitory computer-readable storage medium containing instructions which, when executed on the one or more processors, cause the one or more processors to perform operations including: executin