Commercial enterprises are frequently turning to public cloud providers to meet their computing needs. The benefits of cloud computing are numerous. Among the benefits are lower operating costs, due to reduced spending on computing hardware, software, and support. In addition, since public clouds are generally accessible from any network-connected device, applications deployed to the cloud are more easily distributed to a diverse and global workforce.
Cloud architectures are used in cloud computing and cloud storage systems for offering infrastructure-as-a-service (IaaS) cloud services. Examples of cloud architectures include the VMware vCloud™ Director cloud architecture software, Amazon EC2™ web service, and OpenStack™ open source cloud computing service. IaaS cloud service is a type of cloud service that provides access to physical and/or virtual resources in a cloud environment. These services provide a tenant application programming interface (API) that supports operations for manipulating IaaS constructs such as virtual machines (VMs) and logical networks. However, the use of such public cloud services is typically kept separate from the use of existing computing resources in data centers managed by an enterprise.
Customers of cloud computing services are often referred to as “tenants,” as the customers more or less “rent” computing hardware and software services from the cloud provider. Since a single public cloud can host many clients simultaneously in an isolated manner, public clouds are referred to as multi-tenant computing environments. In order to provide a level of isolation between applications deployed in the cloud by different tenants, cloud providers often provision virtual machines for their tenants. Each tenant virtual machine is capable of executing one or more client applications. The tenant virtual machine runs on top of a virtualized computing platform provided by the cloud, and, using the virtualized computing platform, communicates with other cloud tenants, as well as with external entities outside of the cloud. The tenant virtual machine is designed to give the individual tenant a reasonable level of control over computing services provided by the tenant, without having an undue effect on other tenants.
Among the tasks that tenants seek to perform is the monitoring of network traffic that is transmitted to and from virtual machines managed by a tenant and that may be executing virtual workloads. Monitoring network traffic enables tenant organizations to, for example, troubleshoot problems with that virtual machine, gauge future capacity requirements, or to track down the source of malicious network requests (such as those experienced in a denial of service attack on the tenant virtual machine). However, there are challenges to using traffic monitoring devices (often referred to as network “sniffers”) in a cloud computing system. Sniffer applications rely on special access to low level network interfaces and network configuration data, which cloud computing systems typically abstract or hide from tenant organizations.