1. Field
The invention relates generally to communications between entities within a virtual communications network and more specifically to determining information about and identifying a host machine by a virtual machine (VM) running on that host machine.
2. Background
In a typical system utilizing virtualization technology, the physical computer on which a virtual machine is running (i.e., the host machine or host computer) has the ability to determine information about that virtual machine. The virtual machine itself, however, does not have the ability to determine information about the host machine on which that virtual machine is running. No mechanism exists in either the virtual machine itself or the operating system of that virtual machine for determining the host machine.
Having such information would be useful for a number of reasons. If a virtual machine can determine the host machine on which it is running, the virtual machine (possibly in conjunction with a separate administrative console) can decide whether or not it should be executing. For example, a particular application may only be authorized to execute within a particular enterprise or on a particular machine within that enterprise. In order for the virtual machine to determine whether it can execute, it will need to know information about the host machine on which it will be running. Similarly, if a virtual machine needs to determine whether it has been exposed to any viruses or whether a particular update has been run, it will need to know the host machines on which it has been run.
Similarly, knowledge by a virtual machine of the host machine on which it is running can facilitate virtual machine tracking. For example, virtual machines that are created for a hypervisor (i.e., a virtualization platform that can be used to run different operating systems and associated applications on the same physical or host machine) can easily be moved, duplicated or cloned to run on another hypervisor. When a virtual machine is moved or duplicated, the MAC address of the virtual machine remains the same as the parent virtual machine. When a virtual machine is cloned, the MAC address of the virtual machine is changed from the parent virtual machine. Two duplicate virtual machines will create network problems if they are running in the same network. Two cloned virtual machines can create problems if they are running the same network services, and these services collide when they are in the same network.
Tracking the lineage and migration of a virtual machine has multiple purposes. The ability to determine if a virtual machine ever ran on a specific hypervisor can be used to determine which virtual machines ran on a compromised or corrupted hypervisor. The ability to determine which virtual machines were the parent of a virtual machine, and at what time the lineage split, and can be used to determine which virtual machines have attributes added to the virtual machine lineage at a particular place and time.
A need therefore exists for establishing a messaging channel between the host machine and the virtual machine. This can allow the virtual machine to identify the host machine on which it is running and allow various activities to take place that otherwise would not be possible. This can then lead to the ability to track virtual machines throughout the enterprise.
For example, the virtual machine can keep track of the host and determine whether the host has the ability to manage that virtual machine. Additionally, the virtual machine can determine if it is still running on the same host as some previous time or if it is running on a different host. When utilizing an administrative console as described herein, this can allow for tracking of movement of virtual machines.
To provide this view to the virtual machine, a network packet-based communication path is needed for the messaging channel. Such a communication path must support different packet intercept/processing methods (depending on the operating system and hypervisor installed on the physical machine).