Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

	DETAILED ACTION
This action is in response to an application filed January 9, 2019. Claims 1-19 are pending in this application.

Claim Rejections - 35 USC § 102
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(2) the claimed invention was described in a patent issued under section 151, or in an application for patent published or deemed published under section 122(b), in which the patent or application, as the case may be, names another inventor and was effectively filed before the effective filing date of the claimed invention.

Claim(s) 1-2, 7-11, and 14-17 is/are rejected under 35 U.S.C. 102(a)(2) as being anticipated by Miriyala et al. (US 10,742,557 B1).

With respect to claim 1, Miriyala discloses a system comprising:
a plurality of host nodes, each of which comprising a container environment (Col. 10, lines 7-32, VMs running customer applications and represent containers);
a plurality of switches configured to interconnect the plurality of host nodes (Figure 6, Chassis switches and TOR switches);
a fabric controller configured to manage the plurality of switches and to implement policies through virtual fabric edge instances executing on each host node 
the fabric controller being further configured to implement application functions through the virtual fabric edge instances by routing application traffic from application instances in the container environment through the virtual fabric edge instances (Col. 4, lines 4-16, lines 32-43, and Col. 11, lines 11-20, IP fabric connects to TOR switches and performs layer 3 routing of network traffic between data centers and customers through service provider network);
With respect to claim 2, Miriyala discloses the system of claim 1, wherein the application functions comprise one or more of service discovery or application health checking functions (Col. 4, lines 56-62, application identifier that identifies a type of service or application associated with a flow).
With respect to claim 7, Miriyala discloses the system of claim 1, wherein the fabric controller is configured to store data defining a rate limiting policy for an application and enforce the rate limiting policy through the virtual fabric edge instances (Col. 14, lines 38-42, convert policy 202 to enforce a portion of the policy in respect to network traffic).
	With respect to claim(s) 8, 10-11, 14, and 16-17, the method and non-transitory media of claim(s) 8, 10-11, 14, and 16-17 does/do not limit or further define over the system of claim(s) 1-2 and 7. The limitations of claim(s) 8, 10-11, 14, and 16-17 is/are essentially similar to the limitations of claim(s) 1-2 and 7. Therefore, claim(s) 8, 10-11, 
	With respect to claims 9 and 15, Miriyala discloses the method and non-transitory media of claims 8 and 14, further comprising:
sending, from the virtual fabric edge instance to a fabric controller, data describing routed application instance traffic (Col. 4, lines 4-16, lines 32-43, and Col. 11, lines 11-20);
receiving, at the virtual fabric edge instance from an application instance proxy in the container environment, a query for data regarding the application instance (Col.10, lines 50-64);
routing the query from the virtual fabric instance through the one or more switches (Col.10, lines 50-64);
downloading a response to the query from the fabric controller into the one or more switches (Col.10, lines 50-64);
caching the response to the query at the virtual fabric instance (Col.10, lines 50-64, encapsulating the message).

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 5-6, 12-13, and 18-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Miriyala et al. (US 10,742,557 B1), in view of Ermagan et al. (US 2017/0026417 A1).

With respect to claims 5, 13, and 19, Miriyala discloses the system of claim 1, but does not explicitly teach wherein the virtual fabric edge instances are configured to use VxLAN overlays to provide isolation between different application instances in a container environment;
However, Ermagan discloses the virtual fabric edge instances are configured to use VxLAN overlays to provide isolation between different application instances in a container environment ([0070], VxLAN providing L2 overlay);
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Miriyala with the teachings of Ermagan and use VxLAN overlays, in order to provide virtual machine mobility over layer 2 and layer 3 networks (Ermagan, [0070]).
With respect to claim 6, Miriyala discloses the system of claim 1, but does not explicitly teach wherein the fabric controller is further configured to obtain encryption keys for application instances from a container orchestrator and securely distribute the encryption keys to the virtual fabric edge instances;
However, Ermagan discloses the fabric controller is further configured to obtain encryption keys for application instances from a container orchestrator and securely distribute the encryption keys to the virtual fabric edge instances ([0045], encryption keys stored by key management server);

With respect to claims 12 and 18, Miriyala discloses the method and non-transitory media of claims 8 and 14, but does not explicitly teach:
receiving, at the virtual fabric edge, encrypted application traffic for the application instance;
using the fabric controller, requesting an encryption key from a container orchestrator;
receiving the encryption key at the fabric controller and sending the encryption key to the virtual fabric edge for decrypting the application traffic;
However, Ermagan discloses:
receiving, at the virtual fabric edge, encrypted application traffic for the application instance ([0045]);
using the fabric controller, requesting an encryption key from a container orchestrator ([0045]);
receiving the encryption key at the fabric controller and sending the encryption key to the virtual fabric edge for decrypting the application traffic ([0045] and [0048]);
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Miriyala with the teachings of Ermagan and perform decryption of encrypted application traffic, in order to identify the secure virtual communication ([0005], Ermagan).
Allowable Subject Matter
Claim(s) 3-4 is/are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter:  The Examiner has not found any reasonable prior art(s) nor combination of prior art(s) which teach the feature of ‘a service mesh proxy executing in each of the…container environments…being configured to query the virtual fabric edge instance for data regarding application functions’.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ESTHER B. HENDERSON whose telephone number is (571)270-3807. The examiner can normally be reached Monday-Friday 6a-2p ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Kevin T. Bates can be reached on 571-272-3980. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is 

/ESTHER B. HENDERSON/Primary Examiner, Art Unit 2458                                                                                                                                                                                                        February 10, 2022