In the field of machine virtualization, virtual machines (VMs) have network functionality. That is, VMs may implement a network protocol stack to communicate via a network with other VMs or physical machines. For instance, virtualization hosts (e.g., Hyper-V™ hosts) may form part of a virtualization fabric that hosts guest VMs, where a Fabric Controller manages the virtualization fabric (as used in this Background “host” may refer to a Fabric Controller, for example, or any other computer). However, for various reasons, there may be no network connectivity between a host on a network and a VM, even though there is network connectivity between the host and a machine running the VM (to referred to as the “VM host”). For example, the VM might be on a Virtual Private Network (VPN) to which the host does not belong and the VM's network address may not be valid on the host's network. A firewall might block access to the VM from the hosts' network while allowing access on the VM host's network. A VM might simply be on a different network than the host that might need to communicate with the VM.
In some circumstances, it is desirable to communicate with a VM using a standard protocol such as HTTP (Hypertext Transfer Protocol), SOAP (Simple Object Access Protocol), WMI™ (Windows Management Instrumentation), the WS-Management protocol (transporting WMI calls over a SOAP based protocol via HTTP), and so forth. For example, in some data centers or clouds, VMs might have network agents or services running thereon that perform management functions (such as applying patches to a guest operating system, handling cloud fabric tasks, etc.), perhaps with one or more communication channels for control (e.g., WMI over HTTP) or data (BITS via HTTP). These management services or agents are controlled by a management application (e.g., a Fabric Controller), running on a controller host, for example. The management application sends packets, for example HTTP packets, to the VM's network address and the HTTP packets are delivered to the management agent. The management agents may perform functions in response to information in the payloads of the packets. However, when the management application does not have network connectivity to the VM, it is unable to invoke the management agents on the VM.
Techniques to enable communication with VMs via communication channels between hypervisors and the VMs are discussed below.