	US 12,088,560 B2
	Network context monitoring within service mesh containerization environment
Yuncong Feng, Fremont, CA (US); and Gang Duan, San Jose, CA (US)
Assigned to SUSE LLC, Pleasant Grove, UT (US)
Filed by SUSE LLC, Provo, UT (US)
Filed on Jul. 9, 2021, as Appl. No. 17/371,733.
Application 17/371,733 is a continuation of application No. 16/265,850, filed on Feb. 1, 2019, granted, now 11,075,884.
Prior Publication US 2021/0336936 A1, Oct. 28, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/40 (2022.01); H04L 45/74 (2022.01); H04L 67/01 (2022.01); H04L 67/56 (2022.01); H04L 69/22 (2022.01)

CPC H04L 63/0281 (2013.01) [H04L 45/74 (2013.01); H04L 63/0263 (2013.01); H04L 67/01 (2022.05); H04L 67/56 (2022.05); H04L 69/22 (2013.01)]

20 Claims

1. A computer-implemented method, comprising:

opening a socket to a loopback interface of an application container, wherein the application container participates in a service mesh and communicates with a plurality of remote application containers in the service mesh via a service mesh proxy associated with the application container;

receiving, through the socket of the loopback interface, a plurality of data packets, the data packets being part of one or more network sessions of the service mesh, at least one of the network sessions is encrypted at the service mesh proxy;

identifying a particular network session of the application container with a particular remote application container through analyzing the plurality of data packets received through the socket; and

monitoring security associated with the particular network session of the service mesh.