DETAILED ACTION
This office action is in response to claims filed 2 April 2020.
Claims 1-20 are pending.

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Request to File Form PTO/SB/439 Authorization for Communication via Email
The office encourages the applicant to proactively file Form PTO/SB/439 to facilitate processing of the internet communication authorization should prosecution of the application require email communication in the future. This form is available at www.uspto.gov/patent/patents-forms. See MPEP 502.03 for more information.

Claim Interpretation
The following is a quotation of 35 U.S.C. 112(f):
(f) Element in Claim for a Combination. – An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof. 

The following is a quotation of pre-AIA  35 U.S.C. 112, sixth paragraph:
An element in a claim for a combination may be expressed as a means or step for performing a specified function without the recital of structure, material, or acts in support thereof, and such claim shall be construed to cover the corresponding structure, material, or acts described in the specification and equivalents thereof.

This application includes one or more claim limitations that do not use the word “means,” but are nonetheless being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, because the claim limitation(s) uses a generic placeholder that is coupled with functional language without reciting sufficient structure to perform the recited function and the generic placeholder is not preceded by a structural modifier.  Such claim limitation(s) is/are: “virtualization management server configured to receive…prepare…and manage” in claims 16-17, and “master server configured to manage…” in claim 19.

Because this/these claim limitation(s) is/are being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, it/they is/are being interpreted to cover the corresponding structure described in the specification as performing the claimed function, and equivalents thereof, recited as combinations of software executed on hardware (processor and memory) according to [0079] of the specification 

If applicant does not intend to have this/these limitation(s) interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph, applicant may:  (1) amend the claim limitation(s) to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph (e.g., by reciting sufficient structure to perform the claimed function); or (2) present a sufficient showing that the claim limitation(s) recite(s) sufficient structure to perform the claimed function so as to avoid it/them being interpreted under 35 U.S.C. 112(f) or pre-AIA  35 U.S.C. 112, sixth paragraph.

Claim Rejections - 35 USC § 101
35 U.S.C. 101 reads as follows:
Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this title.


Claims 1-9, and 11-19 are rejected under 35 U.S.C. 101 because the claimed invention is directed to a judicial exception without significantly more.

Regarding claim 1, in step 1 of the 101 analysis set forth in the 2019 PEG, the examiner has determined that the claim recites a method. A method is one of the four statutory categories of invention.
In step 2A, prong 1 of the 101 analysis set forth in the 2019 PEG, the examiner has determined that the following limitations recite a process that, under the broadest reasonable interpretation, covers a mental process but for recitation of generic computer components:
i.	“A method of managing an application in a virtualized computing system that includes a cluster of hosts managed by a virtualization management server, the hosts including a virtualization layer executing on hardware platforms, the method comprising” (lines 1-3),
ii.	“preparing an environment within the virtualized computing system for the namespace in response to the specification, the environment including: a resource pool implementing at least a portion of the resource constraints as reservations and limits of resources in the virtualized computing system; and a user access policy implementing the authorization constraints within the virtualized computing system for the namespace” (lines 6-11), and 
iii.	“managing, by the virtualization management server as a single unit, workloads of the application, the workloads deployed on the virtualization layer within the resource pool consistent with the user access policy” (lines 12-14).
That is, nothing in the claimed limitations precludes the steps from reasonably being performed using pen and paper, or even within the human mind, but for recitation of generic computer components. For example, in limitation (i) but for the recited generic computer components (application, virtualized computing system, cluster of hosts, virtualization management server, virtualization layer, and hardware platforms), the broadest reasonable interpretation of managing an application includes an activity of mentally assigning resources to an application. For example, a person of ordinary skill would reasonably be able to perform a mental assignment, either through remembering in their own mind, or writing down using pen and paper, an assignment of a particular resource or pool of resources to a particular application, as a step of evaluating what resources should be assigned, or as a step of judging what resources should be assigned. Further, in limitation (ii), but for the additional recited generic computer components (resources), the broadest reasonable interpretation of preparing an environment includes an activity of mentally assigning a group, or pool of resources to a namespace, the pool having particular constraints, and access policies. For example, a person of ordinary skill would reasonably be able to mentally prepare an environment, through remembering in their own mind, or writing down using pen and paper which resources are to be assigned to the environment and which access policy should be used as steps of evaluating the specification, and judging which resources and which access policies apply. Further, in limitation (iii), but for the additional recited generic computer components (workload), the broadest reasonable interpretation of preparing an environment includes an activity of mentally deploying workloads to the resource pool and managing the workloads by at least adjusting assigned resources or remembering a snapshot or state. For example, a person of ordinary skill would reasonably be able to assign, either through remembering in their own mind, or writing down using pen and paper, workloads to resources of a pool, and to further adjust the resources of the pool as steps of evaluating the resources and judging whether they should be adjusted. Further, a person of ordinary skill would reasonably be able to remember in their own mind or through writing down using pen and paper, a state of a namespace. The concepts of judgement and evaluation have been determined to be mental processes (see 2019 PEG). If claim limitations, under their broadest reasonable interpretation, covers performance of the limitations as a mental process but for the recitation of generic computer components, then it falls within the mental process grouping of abstract ideas. According, the claim recites an abstract idea.
In step 2A, prong 2 of the 101 analysis, the examiner has determined that the generic computer components identified above generally link the use of the judicial exception to a particular technological environment or field of use. These components are not indicative of integration into a practical application. Further, the examiner has determined that the following additional elements do not integrate this judicial exception into a practical application:
v.	“receiving a specification for a namespace at the virtualization management server, the specification defining resource constraints and authorization constraints for the namespace” (lines 4-5).
The additional element (iv) is a step of gathering data (a specification) for use in the judicial exception identified above (preparing the environment and managing workloads), which is a step of mere data gathering incidental to the primary process of preparing an environment and managing workloads that is merely a nominal or tangential addition to the claim, and which has been identified as insignificant post-solution activity (See MPEP 2106.05(g)). Therefore, the claim is directed to an abstract idea.
In step 2B of the 101 analysis set forth in the 2019 PEG, the examiner has determined that the claim does not include additional elements that are sufficient to amount to significantly more than the judicial exception. As discussed above with respect to integration of the abstract idea into a practical application, the additional element identified in (iv) represent no more than merely receiving data  implemented using generic computer components. Receiving data using components and functions claimed at a high level of generality have been determined by the courts as being well-understood, routine, and conventional activities in the field of computer functions (See MPEP 2106.05(d)) and do not amount to an inventive concept. Considering the additional elements individually and in combination, and the claim as a whole, the additional elements do not provide significantly more than the abstract idea. The claim is not patent eligible.

Regarding claims 2-9, they are dependent upon claim 1, and fail to resolve the deficiencies identified above by integrating the judicial exception into a practical application, or introducing significantly more than the judicial exception. For example, claims 2-3 further describe the mental process involved with managing the workload. Claims 4-6 describe additional elements of the environment prepared as part of the mental process of evaluation and judgement. Claims 7-9 describe creation of a native namespace, which under the broadest reasonable interpretation comprises a mental grouping of elements, and aspects of the native namespace. Since none of the dependent claims 2-9 resolve the deficiencies of claim 1, they are rejected for at least the same rationale.

Regarding claims 11-15, they are product claims comprising similar limitations to those of claims 1, 2, 4, 6, and 7 respectively, and are therefore rejected for at least the same rationale.

Regarding claims 16-19, they are system claims comprising similar limitations to those of claims 1, 2, 4, and 7 respectively, and are therefore rejected for at least the same rationale.

Allowable Subject Matter
Claims 7-10, 15, and 19-20 are allowable over the prior art, but are dependent upon a rejected base claim, and further stand rejected for other issues.



Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-6, 11-14, and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over Chandrachood et al. Patent No.: US 10,997,538 B1 (hereafter Chandrachood), in view of Gummaraju et al. Pub. No.: US 2015/0120791 A1 (hereafter Gummaraju).

Regarding claim 1, Chandrachood teaches the invention substantially as claimed, including:
A method of managing an application in a virtualized computing system that includes a cluster of hosts managed by a virtualization management server, the hosts including a virtualization layer executing on hardware platforms (Column 2, Lines 54-59: In an embodiment, individual jobs (i.e., “applications”) are performed by distributing tasks (i.e., “workloads”) to individual nodes of the cluster. In an embodiment, a task is a set of operations that are performed by the nodes of the cluster to perform the job, such as a data-transformation operation that is part of an extraction transformation and loading (“ETL”) job (i.e., ETL represents a specific type of “application” that may be requested). Column 2, Lines 10-18: The present document describes a system that performs jobs submitted by a customer using a cluster of computing resources configured and operated by a computing resource service provider…In an embodiment, the control plane computer system (i.e., “virtualization management server”) creates and configures a cluster of computing resources controlled by the computing resource service provider. Column 19, Lines 53-54: In an embodiment, the desired amount of resources is a number of…virtual machines (i.e., virtual machines run on “physical, ‘real-world’ hardware” referred to as a “host” (see “virtual machine” https://en.wikipedia.org/wiki/Virtual_machine. Accessible on 1 Jan 2019), and therefore, the cluster of virtual machine resources includes the underlying host hardware platform that executes a virtualization layer including the virtual machines)), the method comprising: 
receiving a specification for a namespace at the virtualization management server, the specification defining resource constraints and authorization constraints for the namespace (Column 4, Lines 56-64: In an embodiment, a job is submitted to the control plane computer system 102 by the customer computer system 104. In an embodiment, the control plane computer system 102 determines the parameters of the job (i.e., “namespace specification”). In an embodiment, the parameters of the job include one or more of a security role that is used to access resources used by the job, a number of cluster computer systems used when processing the job, the customer network containing resources that are used by the job, and a customer account. Column 4, Lines 38-43: In an embodiment, the control plane computer system 102 configures the computer cluster 106 so that each computer system in the computer cluster 106 has access to a network namespace 108. In an embodiment, the network namespace is established when the computer cluster is created by the control plane computer system 102.  (i.e., parameters of the job represent a “specification for a namespace” because they define constraints of resources of the computer cluster 106 and access security to resources, which are part of namespace 108 (see also Fig. 1))); 
preparing an environment within the virtualized computing system for the namespace in response to the specification, the environment including: 
a resource pool implementing at least a portion of the resource constraints (Column 4, Line 64-Column 5, Line 5: In an embodiment, if there is an existing cluster that satisfies the parameters of the job, the existing cluster may be used to process the job. In an embodiment, if there is not an existing cluster that satisfies the parameters [of the] job, the control plane computer system 102 creates the computer cluster 106. In an embodiment, the computer cluster 106 may be created by allocating a number of physical computer systems or by instantiating a set of virtual computer systems (i.e., resource cluster, or “pool” satisfying the constraints of the job parameters is “prepared” by being either created, or reused within the namespace 108))…
a user access policy implementing the authorization constraints within the virtualized computing system for the namespace (Column 7, Lines 1-5: In an embodiment, the control plane examines the job to identify a set of job characteristics. In an embodiment, the control plane acquires 304 a security role of the customer (i.e., “user”) so that a cluster created by the control plane will be able to access customer resources on a customer network (i.e., security role implements a “policy” that allows a credentialed user to access their resources in the namespace cluster, thereby representing a “user access policy”)); and 
managing, by the virtualization management server as a single unit, workloads of the application, the workloads deployed on the virtualization layer within the resource pool consistent with the user access policy (Column 5, Lines 20-28: In an embodiment, the control plane computer system 102 instantiates a set of tasks on the computer cluster 106 such that each task runs on an individual computer system in the computer cluster 106 (i.e., tasks are instantiated, or “managed” as a set, or “single unit” of tasks). In an embodiment, the set of tasks run in a process memory space that has access to the network namespace 108. In an embodiment, each task in the set of tasks is provided with the security token and may use the security token to access the customer data storage service 112 (i.e., tasks run, or are “deployed” in the cluster on virtual machine resources using, or “consistent with” the security tokens that authorize access to customer data service 112)).  

While Chandrachood discloses reserving resources of a pool for performing customer jobs, and further describes creating or reusing a resource pool having a required amount of resources to be consumed by a job (a limit), Chandrachood does not explicitly disclose:
a resource pool implementing at least a portion of the resource constraints as reservations and limits of resources in the virtualized computing system;

However, in analogous art, Gummaraju teaches:
a resource pool ([0013] In one embodiment, VMs 112 may be organized into a plurality of resource pools, identified as resource pool 114-1, 114-2, and 114-3, which logically partitions available resources of hardware platforms 118, such as CPU and memory) implementing at least a portion of the resource constraints as reservations and limits of resources in the virtualized computing system ([0038] Resource controls of resource pools 114 associated with different compute clusters 302 and distributed filesystem 304 may be configured to provide differentiated quality of service (QoS) between tenants (i.e., production, test, development frameworks). In some embodiments, resource controls such as “reservations,” “limits”, and “shares” settings may be set for each resource pool…to manage allocation of computing resources (e.g., memory, CPU) of computing system 300 (i.e., virtual machine resource pools are constrained based on reservations, limits, and shares));

It would have been obvious to a person having ordinary skill in the art before the effective filing date of the invention to have combined Gummaraju’s teaching of preparing a resource pool of virtual machines that implements reservations, limits, and shares, with Chandrachood’s teaching of a resource pool of virtual machines to realize, with a reasonable expectation of success, a system that prepares an environment for a namespace including a resource pool of virtual machines, as in Chandrachood, that implements reservations, limits, and shares, as in Gummaraju. A person of ordinary skill would have been motivated to make this combination to enable a system administrator to better control the aggregate allocation of resources to a set of VMs through settings of the reservations, limits, and shares of the resource pool (Gummaraju [0012]).

Regarding claim 2, Chandrachood further teaches:
the step of managing comprises performing an operation on the namespace as the single unit, the result of the operation being collectively applied to the workloads (Column 8, Line 64-Column 9, Line 4: In an embodiment, at block 410, the control plane computer system adjusts the resources of the cluster to satisfy the requirements of the job (i.e., adjusting the resources of the cluster of the namespace represents an “operation” on the namespace, and the adjusted resources are used by, or “applied to” the tasks, or workloads of the job). In an embodiment, if a previously used cluster has more nodes than are required, access nodes of the reused cluster are freed and made available for other purposes. In an embodiment, if the node count of an unallocated cluster is insufficient to process the job, additional [nodes] may be added to the cluster).  

Regarding claim 3, Chandrachood further teaches:
adjusting the allocation of CPU and memory resources in the resource pool for the namespace (Column 8, Lines 46-51: Requirements include a number of nodes in a computer cluster, an amount of memory for each node in the computer cluster, an amount of processing capability for each node of the computing cluster, and security credentials needed by each node of the computing cluster (i.e., each VM node represents an amount of memory and processing resources). Column 8, Line 64-Column 9, Line 4: In an embodiment, at block 410, the control plane computer system adjusts the resources of the cluster to satisfy the requirements of the job. In an embodiment, if a previously used cluster has more nodes than are required, access nodes of the reused cluster are freed and made available for other purposes. In an embodiment, if the node count of an unallocated cluster is insufficient to process the job, additional [nodes] may be added to the cluster (i.e., adjusting the number of VM nodes adjusts the amount of memory and processing resources allocated to those nodes)); [or] generating a snapshot of the namespace (Column 9, Lines 55-57: The network layers that implement the network namespace 504 contain state information that differentiates one network namespace from another. Column 10, Lines 15-17: The network configuration data store 524 is a read/write memory used by the IP service 522 to store network state information (i.e., storing a generated namespace state, representing a “snapshot”))…

Regarding claim 4, Chandrachood further teaches:
the environment further includes a virtual network defined in the virtualization layer for the namespace, and wherein the workloads are deployed on the virtualization layer with network interfaces to the virtual network (Column 6, Lines 21-25: In an embodiment, this allows tasks running on the individual nodes of the computer cluster 206 to acquire the authentication information, and use the authentication information to access a customer resource 216 on the customer subnet 214 (i.e., since the virtual machine nodes can access the customer virtual subnetwork 214, the virtual subnetwork is considered to be “defined” at the virtualization layer). Column 10, Lines 31-33: In an embodiment, the data link layer 506 includes a virtual network driver that provides an interface to a virtual network such as an isolated virtual subnet (i.e., tasks, representing workloads, access the customer virtual subnetwork via virtual network driver that provides a network interface)).  

Regarding claim 5, Chandrachood further teaches:
the environment further includes a network policy for the namespace applied to the network interfaces of the workloads (Column 9, Line 58-Column 10, Line 6: Each unique network namespace maintains a unique routing table that defines the subnets and network entities that are accessible via the namespace. In an embodiment, the transport layer 514 includes a TCP service 518 and a transport configuration data store 520. In an embodiment, the TCP service 518 is a computer-readable medium containing instructions that, when executed by a computer system hosting the network stack, implement transport-layer functionality of the computer network in accordance with the information stored in the transport configuration data store 520. In an embodiment, the transport configuration data store is a read/write memory device used by the TCP service 518 to store routing information. In an embodiment, the routing information comprises a routing table that includes a set of rules that define where data packets traveling over an Internet protocol (“IP”) network are directed (i.e., unique routing tables and routing information are examples of a “network policy” for a namespace because they define policies regarding how network traffic is directed, or “shaped”)).  

Regarding claim 6, Chandrachood further teaches:
the specification includes a storage policy, and wherein the environment comprises an allocation of storage resource, within storage shared by the hosts, complying with the storage policy (Column 11, Lines 61-64: The cluster parameters may include…an amount of memory for each system in the cluster, an amount of storage space allocated to each node in the cluster (i.e., cluster parameters dictate the amount of storage allocated to the virtual machine nodes and hosts of the cluster, and therefore represents a “storage policy”)).  

Regarding claims 11-14, they are product claims comprising similar limitations to those of claims 1, 2, 4, and 6 respectively, and are therefore rejected for at least the same rationale. Chandrachood further teaches the additional limitation of a non-transitory computer readable medium comprising instructions to be executed in a computing device to cause the computing device to carry out a method (Column 27, Lines 3-14: Processes described herein (or variations and/or combinations thereof) may be performed under the control of one or more computer systems configured with executable instructions and may be implemented as code (e.g., executable instructions, one or more computer programs, or one or more applications) executing collectively on one or more processors, by hardware or combinations thereof. The code may be stored on a computer-readable storage medium, for example, in the form of a computer program comprising a plurality of instructions executable by one or more processors. The computer-readable storage medium may be non-transitory).

Regarding claims 16-18, they are system claims comprising similar limitations to those of claims 1, 2, and 4 respectively, and are therefore rejected for at least the same rationale. 

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Pollitt et al. Patent No.: US 10,999,326 B1 discloses a system having virtual clusters, or namespaces, which divide resources between multiple users while enforcing security groups and network policies.
	Jelinek et al. Patent No.: US 8,112,749 B2 teaches partitioning physical resources to create resource pools and assigning created separate environments to the pools, where the separate environments are zones that isolate applications from each other to provide an application with a dedicated namespace.
Mohamed, Rania. "Kubernetes Cluster vs Master Node" https://www.suse.com/c/kubernetes-cluster-vs-master-node/ (2019) discloses a master node that controls a set of worker nodes resembling a cluster in Kubernetes, the master node having an API server that performs communication with the cluster.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to MICHAEL W AYERS whose telephone number is (571)272-6420. The examiner can normally be reached M-F 8:30-5 PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Meng-Ai An can be reached on 5712723756. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/MICHAEL W AYERS/Examiner, Art Unit 2195