Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The Amendment filed on September 17, 2021 in response to the Office Action of June 18, 2021 is acknowledged and has been entered. Claims 1, 2, 6, 11, 12, 15 and 20 have been amended. Claims 1-20 are pending and under examination in this Office Action.
Response to Amendment
The claim objections to claims 1, 11 and 20 are now withdrawn in view of amendments.
Applicant's arguments with respect to claims 1-20 have been considered but are moot because the arguments do not apply to any of the references being used in the current rejection. The previous claim rejections under35 U.S.C. 103 to claims 1-20 are now withdrawn in view of the claim amendments. However, upon further consideration in view of the amendments, new grounds of rejection are now made. See the rejection section for details.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention 

Claims 1, 2, 5, 11, 12, 14 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Liang et al. (U.S. Pub. No. US 2017/0126469 A1), herein referred to as Liang, in view of Papo et al. (U.S. Pub. No. US 2019/0013963 A1), herein referred to as Papo.
In regard to claim 1, Liang teaches a method, comprising: receiving, by an agent (e.g. the container runtime environment – para. [0021]) of a first container (e.g. the control plane agent – para. [0023]) of a network device from a second container (e.g. an application container 220 in FIG. 2 – para. [0021]) of the network device (e.g. the computing host – para. [0021]), a request (e.g. requests received by the container runtime environment – para. [0021]) for a forwarding engine (e.g. the network interface accessible to the application container – para. [0033]) of the network device (e.g. the computing host – para. [0021]) to perform an operation (e.g. transmitting a packet; FIG. 2; FIG. 4; “... The container runtime environment 210 manages a set of application containers 220 that access computing resources of the computing host 110 ... When an application container 220 requests access to services and resources managed by the operating system 200, the container runtime environment 210 may receive these requests and translate the requests if necessary prior to transmitting the request to the operating system 200 ...” - para. [0021]; “... the control plane agent 230 is itself a container of the container runtime environment 210 ...” - para. [0023]; “... When a packet is transmitted from the application container 410 to the network interface accessible to the application container 410, the packet is encapsulated using the tunnel prior to transmission to the computing host of the application container 440 …” - para. [0033]),
wherein: the first container (e.g. the control plane agent – para. [0019]) and the second container (e.g. the application container – para. [0019]) share a first operating system in a control plane of the network device (e.g. sharing an operating system in the control plane of the computing host; FIG. 2; FIG. 6; “... A service control system manages computing services for a set of containers in various computing hosts using a control plane ...” - para. [0004]; “... This services architecture provides a control plane for each computing host ...” - para. [0006]; “... FIG. 2 illustrates the components of a computing host 110 according to one embodiment. In this example, the computing host 110 includes an operating system 200, a container runtime environment 210, one or more application containers 220, and a control plane agent 230 ...” - para. [0019]; “... each computing host may include a container for the control plane agent as well as additional containers executing various applications ...” - para. [0044]); and …
	Liang does not explicitly teach, but Papo teaches the first container comprises a second operating system including a set of drivers (FIG. 4; “… In the example embodiment of FIG. 4, the system programs 420 in the proprietary Linux kernel 421 include support for multiple virtualized user space instances. As depicted, user space 220 contains a first container 310 and a second container 350. In this example, first container 310 is running a first operating system 320 (e.g. Tizen) …” – para. [0053]; “… processes 330 may make use of drivers and/or services 325 which are present in the kernel 321 of first OS 320 …” – para. [0054]), the set of drivers associated with multiple types of forwarding engines (e.g. drivers of the first OS supporting different types of network interfaces; FIG. 4; “… Different operating systems might provide different levels of support for various processes. For example, the kernel 361 of second OS 360 might not provide support for certain network interfaces. That is, drivers/services 365 ;
	providing the request to the second operating system (e.g. providing data packets routing request to the first OS – para. [0079]), wherein in response to the second operating system determining a type of forwarding engine to be used for performing the operation, selecting, based on the type of forwarding engine to be used, a first driver of the set of drivers to communicate with the forwarding engine (e.g. the first OS selecting the driver to route the data packets to the corresponding network interface based on the request; FIG. 6B; “… FIG. 6B is a block diagram of an example embodiment of an embedded device having a host OS 510, a first OS 530 running in a first container, and a second OS 550 running in a second container … the embedded device 100 has a WiFi interface 534a, a cellular LTE interface 534b, and a Bluetooth interface 534c. First OS 530 may include driver support for one or more of external network interfaces 534a, 534b, 534c …” – para. [0077]; “… control client 531 enables the sharing of one, all, or any combination of the supported external network interfaces 534a, 534b, 534c with second OS 550 …” – para. [0078]; “… It should be appreciated by a person skilled in the art that various rules can be implemented in the IP table 532 to implement the appropriate network interface sharing configuration. For example, data packets emanating from a particular application may be routed to WiFi interface 534a, and data packets emanating from a second application (e.g. Facebook) may be forwarded to LTE interface 534b …” – para. [0079]); 
	performing the operation requested by the second container (e.g. performing the data packets routing requested by the second container; FIG. 6B; “… It should be appreciated by a person skilled in the art that various rules can be implemented in the IP table 532 to implement the appropriate network interface sharing configuration. For example, data packets emanating from a particular application may be routed to WiFi interface 534a, and data packets emanating from a second application (e.g. Facebook) may be forwarded to LTE interface 534b …” – para. [0079]); and 
	providing a result of the operation to the second container in response to determining that the result should be provided to the second container (e.g. the first OS deciding the data packets routed to the second container; FIG. 6A; “… In one example embodiment, an application (e.g. a bar code scanning application) is running in second OS 550 and requires a network connection …” – para. [0070]; “… Data packets received at external network interface 534 are routed using rules from IP table 532 to shared interface 536, then to network bridge 590, and then shared interface 556 in second OS 550, which then delivers the data packets to the bar code scanning application running in second OS 550. Thus, the bar code scanning application in second OS 550 (which does not have access to external network interface 534) is able to send and receive data packets by routing packets from the second container to the first container and ultimately to external network interface 534 …” – para. [0072]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in order to incorporate a method of sharing drivers and/or services supported by an operating system running in a first container with a second container as disclosed by Papo. One of ordinary skilled in the art would have been 
In regard to claim 2, Liang does not explicitly teach, but Papo teaches wherein performing the operation comprises: translating the request to a format that is used by a process of the second operating system (e.g. translate the request to be supported by the first OS – para. [0050], [0054]); and providing the translated request to the process of the second operating system (e.g. handling the translated request by the first OS; FIG. 2; FIG. 4; “... For example, the system programs 220 may handle system start-up processes and input/output requests from application software by translating requests into data-processing instructions for the processor 102 ...” - para. [0050]; “… processes 330 may make use of drivers and/or services 325 which are present in the kernel 321 of first OS 320 …” – para. [0054]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in order to incorporate a method of sharing drivers and/or services supported by an operating system running in a first container with a second container as disclosed by Papo. One of ordinary skilled in the art would have been motivated because such incorporation would support the sharing of the functionalities supported by different operating systems in various containers (Papo, para. [0007], [0009]).
In regard to claim 5, Liang does not explicitly teach, but Papo teaches further comprising: identifying a type of the forwarding engine (e.g. identifying the network interface to route the data packets – para. [0079]); and identifying the first driver from the set of drivers based on the type of the forwarding engine (e.g. selecting the driver to route the data packets to the corresponding network interface; FIG. 6B; “… the embedded device 100 has a WiFi 
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in order to incorporate a method of sharing drivers and/or services supported by an operating system running in a first container with a second container as disclosed by Papo. One of ordinary skilled in the art would have been motivated because such incorporation would support the sharing of the functionalities supported by different operating systems in various containers (Papo, para. [0007], [0009]).
In regard to claim 11, Liang teaches a network device (e.g. a computing host – para. [0016]), comprising: a memory configured to store a first container and a second container (e.g. the containers 130C and 130D in the computing host 110C in FIG. 1); and a processing device coupled to the memory, the processing device to (FIG. 1; “... each computing host 110 provides logical computing resources in which a container 130 operates, such as CPU, memory, storage, and networking. A computing host may be a physical server system, or may be a virtual machine ...” - para. [0016]):
receive, by an agent (e.g. the container runtime environment – para. [0021]) of the first container (e.g. the control plane agent – para. [0023]) from the second container (e.g. an application container 220 in FIG. 2 – para. [0021]), a request (e.g. requests received by the container runtime environment – para. [0021]) for a forwarding engine (e.g. the network interface accessible to the application container – para. [0033]) of the network device (e.g. the computing host – para. [0021]) to perform an operation (e.g. transmitting a packet; FIG. 2; FIG. 4; “... The container runtime environment 210 manages a set of application containers 220 that access computing resources of the computing host 110 ... When an application container 220 requests access to services and resources managed by the operating system 200, the container runtime environment 210 may receive these requests and translate the requests if necessary prior to transmitting the request to the operating system 200 ...” - para. [0021]; “... the control plane agent 230 is itself a container of the container runtime environment 210 ...” - para. [0023]; “... When a packet is transmitted from the application container 410 to the network interface accessible to the application container 410, the packet is encapsulated using the tunnel prior to transmission to the computing host of the application container 440 …” - para. [0033]),
	wherein: the first container (e.g. the control plane agent – para. [0019]) and the second container (e.g. the application container – para. [0019]) share a first operating system in a control plane of the network device (e.g. sharing an operating system in the control plane of the computing host; FIG. 2; FIG. 6; “... A service control system manages computing services for a set of containers in various computing hosts using a control plane ...” - para. [0004]; “... This services architecture provides a control plane for each computing host ...” - para. [0006]; “...  embodiment. In this example, the computing host 110 includes an operating system 200, a container runtime environment 210, one or more application containers 220, and a control plane agent 230 ...” - para. [0019]; “... each computing host may include a container for the control plane agent as well as additional containers executing various applications ...” - para. [0044]); and …
	Liang does not explicitly teach, but Papo teaches the first container comprises a second operating system including a set of drivers (FIG. 4; “… In the example embodiment of FIG. 4, the system programs 420 in the proprietary Linux kernel 421 include support for multiple virtualized user space instances. As depicted, user space 220 contains a first container 310 and a second container 350. In this example, first container 310 is running a first operating system 320 (e.g. Tizen) …” – para. [0053]; “… processes 330 may make use of drivers and/or services 325 which are present in the kernel 321 of first OS 320 …” – para. [0054]), the set of drivers associated with multiple types of forwarding engines (e.g. drivers of the first OS supporting different types of network interfaces; FIG. 4; “… Different operating systems might provide different levels of support for various processes. For example, the kernel 361 of second OS 360 might not provide support for certain network interfaces. That is, drivers/services 365 might not include support for one or more of, e.g., wired ethernet, WiFi (IEEE 802.lla/b/g/n/ac), Bluetooth, or cellular (e.g. GPRS, GSM, EDGE, CDMA, LTE) connections … the drivers/services 325 in kernel 321 of first OS 320 may support one or more of the above-noted network interfaces which is not supported by second OS 360 …” – para. [0056]);
	provide the request to the second operating system (e.g. providing packets routing request to the first OS – para. [0079]), wherein in response to the second operating system determining a type of forwarding engine to be used for performing the operation, selecting, based on the type of forwarding engine to be used, a first driver of the set of drivers to communicate with the forwarding engine (e.g. the first OS selecting the driver to route the packets to the corresponding network interface based on the request; FIG. 6B; “… FIG. 6B is a block diagram of an example embodiment of an embedded device having a host OS 510, a first
OS 530 running in a first container, and a second OS 550 running in a second container … the embedded device 100 has a WiFi interface 534a, a cellular LTE interface 534b, and a Bluetooth interface 534c. First OS 530 may include driver support for one or more of external network interfaces 534a, 534b, 534c …” – para. [0077]; “… control client 531 enables the sharing of one, all, or any combination of the supported external network interfaces 534a, 534b, 534c with second OS 550 …” – para. [0078]; “… It should be appreciated by a person skilled in the art that various rules can be implemented in the IP table 532 to implement the appropriate network interface sharing configuration. For example, data packets emanating from a particular application may be routed to WiFi interface 534a, and data packets emanating from a second application (e.g. Facebook) may be forwarded to LTE interface 534b …” – para. [0079]);
	perform the operation requested by the second container (e.g. performing the packets routing requested by the second container; FIG. 6B; “… It should be appreciated by a person skilled in the art that various rules can be implemented in the IP table 532 to implement the appropriate network interface sharing configuration. For example, data packets emanating from a particular application may be routed to WiFi interface 534a, and data packets emanating from a second application (e.g. Facebook) may be forwarded to LTE interface 534b …” – para. [0079]); and 
	provide a result of the operation to the second container in response to determining that the result should be provided to the second container (e.g. the first OS deciding the packets routed to the second container; FIG. 6A; “… In one example embodiment, an application (e.g. a bar code scanning application) is running in second OS 550 and requires a network connection …” – para. [0070]; “… Data packets received at external network interface 534 are routed using rules from IP table 532 to shared interface 536, then to network bridge 590, and then shared interface 556 in second OS 550, which then delivers the data packets to the bar code scanning application running in second OS 550. Thus, the bar code scanning application in second OS 550 (which does not have access to external network interface 534) is able to send and receive data packets by routing packets from the second container to the first container and ultimately to external network interface 534 …” – para. [0072]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in order to incorporate a method of sharing drivers and/or services supported by an operating system running in a first container with a second container as disclosed by Papo. One of ordinary skilled in the art would have been motivated because such incorporation would support the sharing of the functionalities supported by different operating systems in various containers (Papo, para. [0007], [0009]).
In regard to claim 12, Liang does not explicitly teach, but Papo teaches wherein performing the operation comprises: translating the request to a format that is used by a process of the second operating system (e.g. translate the request to be supported by the first OS – para. [0050], [0054]); and providing the translated request to the process of the second operating system (e.g. handling the translated request by the first OS; FIG. 2; FIG. 4; “... For 
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in order to incorporate a method of sharing drivers and/or services supported by an operating system running in a first container with a second container as disclosed by Papo. One of ordinary skilled in the art would have been motivated because such incorporation would support the sharing of the functionalities supported by different operating systems in various containers (Papo, para. [0007], [0009]).
In regard to claim 14, Liang does not explicitly teach, but Papo teaches wherein the processing device is further configured to: identifying a type of the forwarding engine (e.g. identifying the network interface to route the data packets – para. [0079]); and identifying the first driver from the set of drivers based on the type of the forwarding engine (e.g. selecting the driver to route the data packets to the corresponding network interface; FIG. 6B; “… the embedded device 100 has a WiFi interface 534a, a cellular LTE interface 534b, and a Bluetooth interface 534c. First OS 530 may include driver support for one or more of external network interfaces 534a, 534b, 534c …” – para. [0077]; “… control client 531 enables the sharing of one, all, or any combination of the supported external network interfaces 534a, 534b, 534c with second OS 550 …” – para. [0078]; “… It should be appreciated by a person skilled in the art that various rules can be implemented in the IP table 532 to implement the appropriate network interface sharing configuration. For example, data packets emanating from a particular 
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in order to incorporate a method of sharing drivers and/or services supported by an operating system running in a first container with a second container as disclosed by Papo. One of ordinary skilled in the art would have been motivated because such incorporation would support the sharing of the functionalities supported by different operating systems in various containers (Papo, para. [0007], [0009]).
In regard to claim 20, Liang teaches a non-transitory machine-readable medium having executable instructions to cause one or more processing devices to perform a method comprising (“... Such a product may comprise information resulting from a computing process, where the information is stored on a non-transitory, tangible computer readable storage medium ...” - para. [0049]):
	receiving, by an agent (e.g. the container runtime environment – para. [0021]) of a first container (e.g. the control plane agent – para. [0023]) of a network device from a second container (e.g. an application container 220 in FIG. 2 – para. [0021]) of the network device (e.g. the computing host – para. [0021]), a request (e.g. requests received by the container runtime environment – para. [0021]) for a forwarding engine (e.g. the network interface accessible to the application container – para. [0033]) of the network device (e.g. the computing host – para. [0021]) to perform an operation (e.g. transmitting a packet; FIG. 2; FIG. 4; “... The container runtime environment 210 manages a set of application containers 220 that access computing resources of the computing host 110 ... When an application container 220 requests access to ,
	wherein: the first container (e.g. the control plane agent – para. [0019]) and the second container (e.g. the application container – para. [0019]) share a first operating system in a control plane of the network device (e.g. sharing an operating system in the control plane of the computing host; FIG. 2; FIG. 6; “... A service control system manages computing services for a set of containers in various computing hosts using a control plane ...” - para. [0004]; “... This services architecture provides a control plane for each computing host ...” - para. [0006]; “... FIG. 2 illustrates the components of a computing host 110 according to one embodiment. In this example, the computing host 110 includes an operating system 200, a container runtime environment 210, one or more application containers 220, and a control plane agent 230 ...” - para. [0019]; “... each computing host may include a container for the control plane agent as well as additional containers executing various applications ...” - para. [0044]); and …
	Liang does not explicitly teach, but Papo teaches the first container comprises a second operating system including a set of drivers (FIG. 4; “… In the example embodiment of FIG. 4, the system programs 420 in the proprietary Linux kernel 421 include support for multiple virtualized user space instances. As depicted, user space 220 contains a first container 310 and , the set of drivers associated with multiple types of forwarding engines (e.g. drivers of the first OS supporting different types of network interfaces; FIG. 4; “… Different operating systems might provide different levels of support for various processes. For example, the kernel 361 of second OS 360 might not provide support for certain network interfaces. That is, drivers/services 365 might not include support for one or more of, e.g., wired ethernet, WiFi (IEEE 802.lla/b/g/n/ac), Bluetooth, or cellular (e.g. GPRS, GSM, EDGE, CDMA, LTE) connections … the drivers/services 325 in kernel 321 of first OS 320 may support one or more of the above-noted network interfaces which is not supported by second OS 360 …” – para. [0056]);
	providing the request to the second operating system (e.g. providing data packets routing request to the first OS – para. [0079]), wherein in response to the second operating system determining a type of forwarding engine to be used for performing the operation, selecting, based on the type of forwarding engine to be used, a first driver of the set of drivers to communicate with the forwarding engine (e.g. the first OS selecting the driver to route the data packets to the corresponding network interface based on the request; FIG. 6B; “… FIG. 6B is a block diagram of an example embodiment of an embedded device having a host OS 510, a first OS 530 running in a first container, and a second OS 550 running in a second container … the embedded device 100 has a WiFi interface 534a, a cellular LTE interface 534b, and a Bluetooth interface 534c. First OS 530 may include driver support for one or more of external network interfaces 534a, 534b, 534c …” – para. [0077]; “… control client 531 enables ; 
	performing the operation requested by the second container (e.g. performing the data packets routing requested by the second container; FIG. 6B; “… It should be appreciated by a person skilled in the art that various rules can be implemented in the IP table 532 to implement the appropriate network interface sharing configuration. For example, data packets emanating from a particular application may be routed to WiFi interface 534a, and data packets emanating from a second application (e.g. Facebook) may be forwarded to LTE interface 534b …” – para. [0079]); and 
	providing a result of the operation to the second container in response to determining that the result should be provided to the second container (e.g. the first OS deciding the data packets routed to the second container; FIG. 6A; “… In one example embodiment, an application (e.g. a bar code scanning application) is running in second OS 550 and requires a network connection …” – para. [0070]; “… Data packets received at external network interface 534 are routed using rules from IP table 532 to shared interface 536, then to network bridge 590, and then shared interface 556 in second OS 550, which then delivers the data packets to the bar code scanning application running in second OS 550. Thus, the bar code scanning 
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in order to incorporate a method of sharing drivers and/or services supported by an operating system running in a first container with a second container as disclosed by Papo. One of ordinary skilled in the art would have been motivated because such incorporation would support the sharing of the functionalities supported by different operating systems in various containers (Papo, para. [0007], [0009]).
Claims 3, 4, 10, 13 and 19 are rejected under 35 U.S.C. 103 as being unpatentable over Liang et al. (U.S. Pub. No. US 2017/0126469 A1), herein referred to as Liang, in view of Papo et al. (U.S. Pub. No. US 2019/0013963 A1), herein referred to as Papo, and in further view of Djordjevic et al. (U.S. Pub. No. US 2018/0191782 A1), herein referred to as Djordjevic.
In regard to claim 3, Liang in view of Papo do not explicitly teach, but Djordjevic teaches further comprising: determining, by the first container (e.g. the container manager – para. [0127]), that the forwarding engine (e.g. I/O interface or routing engine – para. [0127]) has detected an event (e.g. the incoming traffic or message or event; “... incoming traffic will end up in/be controlled by the container manager. Implementation-wise, the container manager may control the internal routing engine ...” - para. [0127]; “... The incoming message for a certain application in a certain container might be an event trigger for activating the application ...” - para. [0128]); and transmitting, by the first container (e.g. the container manager – para. [0127]) to the second container (e.g. a container – para. [0127]), a message indicating that the event was detected (e.g. the message is sent to a container for which it intends; “... It is then up to the container manager to determine if a signal or message is for itself or for a container. The combination of interface and slice identity of the messages indicates for which container the message is intended. This information is used for routing the message ...” - para. [0127]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo and further in view of Djordjevic in order to incorporate a method of configuring a container manager to control communication between the applications in the containers and network connections (Djordjevic, para. [0008]). One of ordinary skilled in the art would have been motivated because such incorporation would provide different services/products in isolated fashion and adapt these services/products to meet specific requirements (Djordjevic, para. [0007]).
In regard to claim 4, Liang in view of Papo do not explicitly teach, but Djordjevic teaches wherein determining that the forwarding engine has detected the event comprises one or more of: receiving, by the first container (e.g. the container manager – para. [0127]), a second message (e.g. the incoming traffic or message or event – para. [0127]) from the forwarding engine (e.g. I/O interface or routing engine; “... incoming traffic will end up in/be controlled by the container manager. Implementation-wise, the container manager may control the internal routing engine ...” - para. [0127]; “... The incoming message for a certain application in a certain container might be an event trigger for activating the application ...” - para. [0128]); and detecting, by the first container (e.g. the container manager – para. [0133]), an interrupt (e.g. the container manager manages the interrupt system – para. [0133]) from the forwarding engine (e.g. device resources such as I/O interfaces and/or network connection; FIG. 5; “... The 
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo and further in view of Djordjevic in order to incorporate a method of configuring a container manager to handle communication between the applications in the containers and device resources (Djordjevic, para. [0009]). One of ordinary skilled in the art would have been motivated because such incorporation would provide different services/products in isolated fashion and adapt these services/products to meet specific requirements (Djordjevic, para. [0007]).
In regard to claim 10, Liang in view of Papo do not explicitly teach, but Djordjevic teaches wherein the request (e.g. the outgoing traffic or message – para. [0129]) for the forwarding engine (e.g. the I/O interface or network connection – para. [0129]) of the network device to perform the operation (e.g. routing data – para. [0129]) is received from a library (e.g. applications – para. [0129]) of the second container (e.g. one of the containers; “... Outgoing traffic is generated by applications in containers or in certain circumstances by the container manager itself ... The container manager couples the slice identity based on the container ( and the required interface if needed) to the message before/during routing ...” - para. [0129]).

In regard to claim 13, Liang in view of Papo do not explicitly teach, but Djordjevic teaches wherein the processing device is further configured to: determining, by the first container (e.g. the container manager – para. [0127]), that the forwarding engine (e.g. I/O interface or routing engine – para. [0127]) has detected an event (e.g. the incoming traffic or message or event; “... incoming traffic will end up in/be controlled by the container manager. Implementation-wise, the container manager may control the internal routing engine ...” - para. [0127]; “... The incoming message for a certain application in a certain container might be an event trigger for activating the application ...” - para. [0128]); and transmitting, by the first container (e.g. the container manager – para. [0127]) to the second container (e.g. a container – para. [0127]), a message indicating that the event was detected (e.g. the message is sent to a container for which it intends; “... It is then up to the container manager to determine if a signal or message is for itself or for a container. The combination of interface and slice identity of the messages indicates for which container the message is intended. This information is used for routing the message ...” - para. [0127]).

In regard to claim 19, Liang in view of Papo do not explicitly teach, but Djordjevic teaches wherein the request (e.g. the outgoing traffic or message – para. [0129]) for the forwarding engine (e.g. the I/O interface or network connection – para. [0129]) of the network device to perform the operation (e.g. routing data – para. [0129]) is received from a library (e.g. applications – para. [0129]) of the second container (e.g. one of the containers; “... Outgoing traffic is generated by applications in containers or in certain circumstances by the container manager itself ... The container manager couples the slice identity based on the container ( and the required interface if needed) to the message before/during routing ...” - para. [0129]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo and further in view of Djordjevic in order to incorporate a container management method of passing the service request to the forwarding engine for a set of containers in a network device (Djordjevic, para. [0129]). One of ordinary skilled in the art would have been motivated because such incorporation would simplify the .
Claims 6 and 15 are rejected under 35 U.S.C. 103 as being unpatentable over Liang et al. (U.S. Pub. No. US 2017/0126469 A1), herein referred to as Liang, in view of Papo et al. (U.S. Pub. No. US 2019/0013963 A1), herein referred to as Papo, and in further view of Jiang et al. (U.S. Pub. No. US 2019/0272205 A1), herein referred to as Jiang.
In regard to claim 6, Liang in view of Papo do not explicitly teach, but Jiang teaches wherein: the first container (e.g. the container for the first service – para. [0008]) is associated with a first network namespace (e.g. a first network namespace; FIG. 2; “... The corresponding container is created for the first service based on the container image information, and a first network namespace and a first IPC namespace that are corresponding to a container for the first service are created ...” - para. [0008]); and the second container (e.g. the container for the second service – para. [0014]) is associated with a second network namespace (e.g. a second network namespace – para. [0014]) that is separate from the first network namespace (e.g. FIG. 2 exemplifies the two network namespaces are separated; “... The network device has created and run a container for a second service and a corresponding second load balancing container, and the container for the second service has a corresponding second network namespace and a second IPC namespace …” - para. [0014]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo and further in view of Jiang in order to incorporate a method of isolating the resources used by different containers in a computing host by using a namespace technology (Jiang, para. [0003]). One of ordinary skilled in the art 
In regard to claim 15, Liang in view of Papo do not explicitly teach, but Jiang teaches wherein: the first container (e.g. the container for the first service – para. [0008]) is associated with a first network namespace (e.g. a first network namespace; FIG. 2; “... The corresponding container is created for the first service based on the container image information, and a first network namespace and a first IPC namespace that are corresponding to a container for the first service are created ...” - para. [0008]); and the second container (e.g. the container for the second service – para. [0014]) is associated with a second network namespace (e.g. a second network namespace – para. [0014]) that is separate from the first network namespace (e.g. FIG. 2 exemplifies the two network namespaces are separated; “... The network device has created and run a container for a second service and a corresponding second load balancing container, and the container for the second service has a corresponding second network namespace and a second IPC namespace …” - para. [0014]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo and further in view of Jiang in order to incorporate a method of isolating the resources used by different containers in a computing host by using a namespace technology (Jiang, para. [0003]). One of ordinary skilled in the art would have been motivated because such incorporation would provide each container with its own logically separate device and networking resources and allow the container to be generally .
Claims 7, 8, 16 and 17 are rejected under 35 U.S.C. 103 as being unpatentable over Liang et al. (U.S. Pub. No. US 2017/0126469 A1), herein referred to as Liang, in view of Papo et al. (U.S. Pub. No. US 2019/0013963 A1), herein referred to as Papo, in view of Jiang et al. (U.S. Pub. No. US 2019/0272205 A1), herein referred to as Jiang, and in further view of Lisle et al. (U.S. Pub. No. US 2019/0296962 A1), herein referred to as Lisle.
In regard to claim 7, Liang in view of Papo and further in view of Jiang do not explicitly teach, but Lisle teaches wherein: modifications to a first network stack (e.g. container 150A in FIG. 3 maintains its own network stack information – para. [0026]) do not affect a second network stack (e.g. the network stack for container 150B in FIG. 3 – para. [0026]) of the second network namespace (FIG. 3; “... containers 150 also present a limited perspective of the underlying network stack used to communicate with entities external to the containers 150. For example, as will be described with FIG. 3, a container 150 may be responsible for maintaining its own network stack information and is unware of network stack information maintained by other containers or by the host computer system’s operating system ...” - para. [0026]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in view of Jiang and further in view of Lisle in order to incorporate a method of isolating the management of the network stack used by different containers in a computing host (Lisle, para. [0026]). One of ordinary skilled in the art would have been motivated because such incorporation would provide each container 
In regard to claim 8, Liang in view of Papo and further in view of Jiang do not explicitly teach, but Lisle teaches wherein the first container (e.g. the management controller 140 in FIG. 2 – para. [0025]) is allowed to create a kernel interface (e.g. a virtual interface – para. [0026]) in the second network stack (e.g. the network stack for containers 150 in FIG. 3; “... multi-tenant management controller 140 is also configured to perform various management operations associated with containers 150 ...” - para. [0025]; “... The container 150 may also be presented with a virtual interface through which traffic is to be directed (as opposed to having direct access to the physical interface controlling a network interface card) ...” - para. [0026]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo and in view of Jiang and further in view of Lisle in order to incorporate a method of managing the network stack used by different containers in a computing host (Lisle, para. [0026]). One of ordinary skilled in the art would have been motivated because such incorporation would provide management for containers to adjust their operation flexibility and potentially increase the network storage security for users (Lisle, para. [0016]).
In regard to claim 16, Liang in view of Papo and further in view of Jiang do not explicitly teach, but Lisle teaches wherein: the first container (e.g. the container 150A in FIG. 3 – para. [0026]) is allowed to modify a first network stack of the first network namespace (e.g. container 150A maintains its own network stack information – para. [0026]); and modifications to the first network stack (e.g. container 150A maintains its own network stack information – do not affect a second network stack (e.g. the network stack for container 150B in FIG. 3 – para. [0026]) of the second network namespace (FIG. 3; “... containers 150 also present a limited perspective of the underlying network stack used to communicate with entities external to the containers 150. For example, as will be described with FIG. 3, a container 150 may be responsible for maintaining its own network stack information and is unware of network stack information maintained by other containers or by the host computer system's operating system ...” - para. [0026]).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo in view of Jiang and further in view of Lisle in order to incorporate a method of isolating the management of the network stack used by different containers in a computing host (Lisle, para. [0026]). One of ordinary skilled in the art would have been motivated because such incorporation would provide each container “operable to isolate its contents from the contents of other containers” and potentially increase the network storage security for users (Lisle, para. [0016]).
In regard to claim 17, Liang in view of Papo and further in view of Jiang do not explicitly teach, but Lisle teaches wherein the first container (e.g. the management controller 140 in FIG. 2 – para. [0025]) is allowed to create network interfaces (e.g. a virtual interface – para. [0026]) in the second network stack (e.g. the network stack for containers 150 in FIG. 3; “... multi-tenant management controller 140 is also configured to perform various management operations associated with containers 150 ...” - para. [0025]; “... The container 150 may also be presented with a virtual interface through which traffic is to be directed (as opposed to having direct access to the physical interface controlling a network interface card) ...” - para. [0026]).
.
Claims 9 and 18 are rejected under 35 U.S.C. 103 as being unpatentable over Liang et al. (U.S. Pub. No. US 2017/0126469 A1), herein referred to as Liang, in view of Papo et al. (U.S. Pub. No. US 2019/0013963 A1), herein referred to as Papo, and in further view of McRae et al. (U.S. Patent No. US 6,785,843 B1), herein referred to as McRae.
In regard to claim 9, Liang in view of Papo do not explicitly teach, but McRae teaches wherein the forwarding engine is located on a data plane of the network device (FIG. 4; FIG. 6; “... The aggregation router further comprises a data plane that includes hardware components, such as a forwarding engine, configured to perform forwarding operations for data forwarded by the router ...” - col. 3, ll. 38-41; “... In the illustrative embodiment, the platform-specific code region 640 includes a FP driver 650 configured to operate with the forwarding engine 454 of the data plane 670 used in the aggregation router ...” - col. 8, ll. 58-61).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo and further in view of McRae in order to incorporate a method of separating data plane from control plane for network operations as 
In regard to claim 18, Liang in view of Papo do not explicitly teach, but McRae teaches wherein the forwarding engine is located on a data plane of the network device (FIG. 4; FIG. 6; “... The aggregation router further comprises a data plane that includes hardware components, such as a forwarding engine, configured to perform forwarding operations for data forwarded by the router ...” - col. 3, ll. 38-41; “... In the illustrative embodiment, the platform-specific code region 640 includes a FP driver 650 configured to operate with the forwarding engine 454 of the data plane 670 used in the aggregation router ...” - col. 8, ll. 58-61).
	It would have been obvious to one skilled in the art before the effective filing date of the claimed invention to modify Liang in view of Papo and further in view of McRae in order to incorporate a method of separating data plane from control plane for network operations as disclosed by McRae. One of ordinary skilled in the art would have been motivated because such incorporation would help to limit the service interruption of the network by restarting a data plane of a network device without changing the state of a control plane in the network device (McRae, col. 4, ll. 7-19).
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action.  Accordingly, THIS ACTION IS MADE FINAL.  See MPEP § 706.07(a).  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the date of this final action. 
	Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZONGHUA DU whose telephone number is (408)918-7596. The examiner can normally be reached Monday - Friday 7:30 AM - 4:00 PM PST.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Peter-Anthony Pappas can be reached on (571) 272-7646. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.






/Z.D./Examiner, Art Unit 2448                                                                                                                                                                                                        
/JONATHAN A BUI/Primary Examiner, Art Unit 2448