Notice of Pre-AIA  or AIA  Status
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Election/Restrictions
2.    NO restrictions warranted at initial time of filing for patent.

Information Disclosure Statement
3.    The information disclosure statement (IDS) submitted on 10/07/2020, the submission is in compliance with the provisions of 37 CFR 1.97. Accordingly, the information disclosure statement is being considered by the examiner.

Oath/Declaration
4.    Applicant’s Oath was filed on 07/13/2020.

Drawings
5.    Applicant’s drawings filed on 07/13/2020 has been inspected and is in compliance with MPEP 608.01.
Specification
6.    Applicant’s specification filed on 07/13/2020 has been inspected and is in compliance with MPEP 608.02.
Claim Objections
7.    NO objections warranted at initial time of filing for patent.

Remarks
8.	Examiner would like to thank attorney of record Scott Weitzel for considering the Examiner proposed amendment. No agreement was reached.

9.	Examiner request Applicant review relevant prior art under the conclusion of this office action.
Allowable Subject Matter
10.	Claims 5, 6, 9-11, 16 and 17 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.

11.	Claims 1, 4, 7, 8, 12, 15, 18, and 19 are rejected under 35 U.S.C. 103 as being unpatentable over U.S. Publication No. 20180109387 hereinafter Vyas in view of U.S. Publication No. 20200272487 hereinafter Polig.

As per claim 1, Vyas discloses:
A system, for self-configuring a self-contained executable module (Pod) (para 0011 “Implementations of the present disclosure provide enterprises with a release bot for performing actions associated with releasing code in the form of containerized applications. The release bot can be a software application running in the enterprise network. The actions performed by the release bot may include creating a union container object (referred to as a pod). The pod may contain a collection of containers that share a storage and contexts about how to run the containers within the pod. The pod created by the release bot may include a first container to store source code and a second container containing a publication microservice for providing validation information about the source code to a validation service.”) 
(Pod) utilizing encrypted data storage, comprising: 
a network interconnecting components of the system for the exchange of data thereon (para 0011 “he pod created by the release bot may include a first container to store source code and a second container containing a publication microservice for providing validation information about the source code to a 
at least one server with a processor and instructions for the processor in a non-transitory memory (Fig. 2, para 0013 “FIG. 1 illustrates an application code management system 100 according to an implementation of the present disclosure. The application code management system 100 can be a computer system (e.g., a server acting as a code depot) implementing a certain application programming interface (e.g., Kubernetes API) to facilitate deployment, scaling, and management of containerized software applications.”);
at least one node operable to execute an application from application instructions (para 0014 “Application code management system 100 may include a processing device 102 such as, for example, a central processing unit (CPU) that may execute the program code of software applications. Application code management system 100 may also include storage devices such as, for example, a memory 103 and/or hard disks that may store the program code of these containerized software applications. In one implementation, Application 
and wherein a specification is accessed comprising instructions for the creation of a Pod, the Pod to comprise an application container comprising the application instructions (para 0016 “In one implementation, pod 106 may be specified using a pod configuration file that includes fields to store attribute values of pod 106. The attributes stored in pod 106 may include the unique identifier associated with pod 106, an optional label (e.g., an arbitrary key value) that can be used for grouping pods having the same key value, and a specification field to store container attributes for containers in pod 106. For each container in pod 106, the specification field may include sub-fields to specify a container name attribute which is unique within pod 106, a default image entry point attribute (if not otherwise provided) and image pull policy attribute (e.g., Always, Never etc.), and an optional command attribute to specify a start-up command for the image. The attributes stored in pod 106 may further 
wherein a server of the system receives notification of the specification and, in response, further determines that the specification includes a requirement (para 0018 “As shown in FIG. 1, release bot 104 may create pod 106 that may include a first container 108 and a second container 110. Container 108 may be an application source container that stores the source code 112 to be released as a containerized application. In one implementation, container 108 may contain an archive (e.g., a tarball) of source code 112. In another implementation, container 108 may store links (e.g., a reference pointer) to source code 112 that is stored in file directories in the storage (referred to as a volume) associated with pod 106. Container 108 may also include a suit of microservices that can be employed to perform operations on source code 112. The microservices in the suit may be independently deployable. Examples of microservices associated with source code 112 may include compiler microservices (e.g., gcc), software building microservices (e.g., maven, gradle), and code execution microservices (e.g., sbt run). Thus, code 112 along with these microservices may be packaged 
and wherein the at least one node executes the Pod comprising the initialization container and the application container (para 0019 “The created pod 106 may also include a second container 110 for running a publication microservice 114 that computes and publishes verification data associated with code 112 in the first container 108. In one implementation, container 110 may define microservice 114 (referred to as publication microservice) in the selector attribute field. In one implementation, publication microservice 114 is an enterprise-certified microservice that, by virtue of executing in a separate container, is isolated from microservices in container 108. The second container is not accessible to developers that contribute to the code. For example, the second container is assigned with an access right that excludes contributions from entities other than the enterprise. Thus, container 110 and publication microservice 114 cannot be tampered with by a developer that submits code 112 to application code management system 100.” Para 0022 “In one implementation, code validation servicer 202 may run on processing device 102 that may execute the validation service 204. Validation service 204 may receive validation data 116 published by publication microservice 114 associated with released code 112, where validation service 204 may have been specified as the target port for publication microservice 114. For example, as shown in FIG. 2, containerized application released in pod 106 may have been replicated by a replication controller 

Vyas does not disclose:
(Pod) utilizing encrypted data storage
the Pod to comprise an encrypted data storage utilized by the application
specification includes a requirement for encrypted data storage and, 
in response, inserts into the specification an initialization container specification comprising an encryption key, wherein the initialization container will execute prior to the execution of the application container

	Polig discloses:
(Pod) utilizing encrypted data storage, the Pod to comprise an encrypted data storage utilized by the application specification includes a requirement for encrypted data storage and,  in response, inserts into the specification an initialization container specification comprising an encryption key, wherein the initialization container will execute prior to the execution of the application para 0071 “At a step 522, the cloud service 510 launches a user-specific execution container. The user-specific execution container is run by the service backend 512 and comprises the user public key PK.sub.U as well as a private service key SK.sub.S corresponding to the service public key PK.sub.S. The user-specific execution containers are individual container instances that only belong to a single end-user. Para 0072 “The user U can now submit at steps 523 service execution requests comprising encrypted model specifications and encrypted input data to the service interface 521 being encrypted with the service public key. The service interface 511 will route the service execution requests to the user-specific execution container comprising the corresponding user public key.” Para 0073 “The execution container may then decrypt, at a step 524, the encrypted model specification and the encrypted input data by means of the service secret key SKs corresponding to the service public key PKs.” Para 0074 “The execution container may then, at a step 525, generate a native code from the decrypted model specification and execute, at a step 526, the computing task by executing the native code as native process with the decrypted input data. Finally, the execution container encrypts the results of the computing task, at a step 527, by means of the user public key PK.sub.U.”)
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of a release bot including creating a union container object (referred to as a pod) of Vyas to include the method of (Pod) utilizing encrypted data storage, as taught by Polig.


As per claim 4, Vyas in view of Polig discloses:
The system of claim 1, wherein a node of the at least one node: executes the initialization container configured with the initialization container specification; and upon completion of execution of the initialization container, executes the application container to execute the application accessing the encrypted data storage (Vyas para 0019 and 0020) .

As per claim 7, Vyas in view of Polig discloses:
The system of claim 1, wherein the initialization container is compliant with Kubernetes 'init container' (Vyas para 0013).

As per claim 8, Vyas in view of Polig discloses:
The system of claim 1, wherein the server performs operations via execution of a Kubernetes (Vyas para 0013) 

As per claim 12, the implementation of the system of claim 1 will execute the method of claim 12. The claim is analyzed with respect to claim 1. 

As per claim 15, the claim is analyzed with respect to claim 4. 

As per claim 18, Vyas in view of Polig discloses:
The method of claim 12, wherein accessing the specification comprises generating the specification from a service requesting execution of the application (Vyas para 0015 and 0022).

As per claim 19, Vyas in view of Polig discloses:
The method of claim 12, comprising operations on a system of networked components executing within a Kubernetes platform (Vyas para 0013).

12.	Claims 2, 3, 13, 14 and 20are rejected under 35 U.S.C. 103 as being unpatentable over Vyas in view of Polig, and further in view of U.S. Publication No. 20120297206 hereinafter Nord.

*As per claim 2, Vyas in view of Polig discloses:


	Vyas in view of Polig does not disclose:
encrypted data storage is mounted on a disk, the disk comprising encrypted data concurrently with non-encrypted data

Nord discloses:
encrypted data storage is mounted on a disk, the disk comprising encrypted data concurrently with non-encrypted data (para 0063 “In some examples, a non-encrypted header 218 of the virtual hard disk 200' includes a volume GUID 220. The volume GUID 220 may comprise any globally-unique identifier of the virtual hard disk 200' and may be generated during creation of the virtual hard disk. GUID 220 may be stored within a data string, field, or tag as part of the header 218 of the virtual hard disk 200'. Although referred to here as non-encrypted for the purpose of the present disclosure, in some examples, header 218 may be further encrypted by additional systems. For example, virtual hard disk 200' may be stored within another disk, which may be encrypted by a whole-disk encryption system. Thus, header 218 may be further encrypted. Accordingly, in some examples, header 218 may be considered non-encrypted or clear if it is readable by a decryption system or engine decrypting virtual hard disk 200'. In some embodiments, non-encrypted header 218 may include a data string of cryptographic salt (not illustrated). The salt may be required by various 
Therefore, it would have been obvious to one of ordinary skill in the art before the effective filing date of the claimed invention to modify the method of a release bot including creating a union container object (referred to as a pod) of Vyas in view of Polig to include encrypted data storage is mounted on a disk, the disk comprising encrypted data concurrently with non-encrypted data, as taught by Nord.
The motivation would have been to properly store encrypted and unencrypted data in concurrently to provide storage for various types of data. 

As per claim 3, Vyas in view of Polig and Nord discloses:
The system of claim 1, wherein the encrypted data storage is mounted on a disk, the disk comprising encrypted data encrypted with the encryption key concurrently with other encrypted data encrypted with a different encryption key (Nord para 0019 “Users may create local volumes, folders, or virtual hard disks for the corporate data and encrypt these volumes, folders or virtual hard disks using software on the user's computing device. This allows every user to have independent encryption keys.” para 0020 “Accordingly, in some embodiments of the methods and systems described herein, a centralized service may create and encrypt virtual disks, sometimes referred to as virtual hard disks or disk images, for use by client computers, with individualized encryption keys for each user. The client computers can mount these encrypted The motivation would have been to properly provide independent encryption key and control access to encrypted storage).

As per claim 13, the claim is analyzed with respect to claim 2. 

As per claim 14, the claim is analyzed with respect to claim 3. 

As per claim 20, the implementation of the system of claims 1 and 2 will execute the processor of claim 20. The claim is analyzed with respect to claims 1 and 2. 


Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
A. U.S. Publication No. 20200174842 discloses on paragraph 0055 “Some embodiments of the present invention may include one, or more, of the following features, characteristics and/or advantages: (i) a reward-based admission controller for an open-source container cloud management platform, Kubernetes; (ii) Kubernetes is used to automate the deployment, scaling, and management of containerized applications; (iii) API requests in Kubernetes include Create, Read, Update, Delete (CRUD) operations for various types of objects; (iv) the objects in Kubernetes compose and represent together the state of the cluster and the containerized workloads; (v) the smallest compute resource unit in Kubernetes is a “pod”, representing a group of one or more containers, atomically managed and placed on the same server; (vi) users' containers are created through “pods”; (vii) implementing the admission controller for Create and Update (CU) API requests for “pods” as these requests consume resources in the Kubernetes cluster; (viii) the reward-based admission controller is composed of four modules: (a) reward collection, (b) request clustering, (c) request classification, and (d) admission control; (ix) an implementation of a reward collection module includes pod creation and update requests that can consume resources which are not monitored in Kubernetes, such as memory stack and process IDs; (x) cloud resource requests can fail due to these hidden resource limits; (xi) assigning rewards to the accepted requests can reflect whether the requests are successfully executed in the cluster; (xii) the action to accept an incoming request can be evaluated by the rewards of the past accepted requests; (xiii) an implementation of the reward is to assign 1 to the successful execution of CU pod requests and assign 0 to failed CU pod requests; (xiv) 1 represents that accepting the request leads to 100% success of request execution; (xv) 0 represents that accepting the request ends up with 0% success of request execution; (xvi) the objective of the reward is to represent how the action impacts the system; (xvii) reward value can vary; and/or (xviii) some implementations of reward should provide a feedback on actions of accepting or rejecting the requests.”


Any inquiry concerning this communication or earlier communications from the examiner should be directed to GARY S GRACIA whose telephone number is (571)270-5192. The examiner can normally be reached Monday-Friday 9am-6pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Ashok Patel can be reached on 5712723972. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/GARY S GRACIA/Primary Examiner, Art Unit 2491