Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Detailed Action
This office action is responsive to communication filed on 09/03/2021. Claims 1 - 20 have been examined.
Claim Objections
Claims 2-8, 10-14 and 16-20 are objected to because of the following informalities:
Claims 2-8 recites “A method as in claim..". For clarification it is suggested to change this line to read “The method of claim..".
Claim 10-14 recites “A non-transitory computer readable storage medium as in claim…". For clarification it is suggested to change this line to read “The non-transitory computer readable storage medium of claim…".
Claim 16-20 recites “A computer system as in claim...". For clarification it is suggested to change this line to read “The computer system of claim…".

Claim Rejections - 35 USC § 103

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1, 148 USPQ 459 (1966), that are applied for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
Determining the scope and contents of the prior art.


Ascertaining the differences between the prior art and the claims at issue.

Resolving the level of ordinary skill in the pertinent art.

Considering objective evidence present in the application indicating obviousness or nonobviousness.

Claims 1-2, 4-9, 11-15 and 19-20 are rejected under 35 U.S.C. 103 as being unpatentable over Gattu et al. (US20220060513A1) hereinafter Gattu in view of Wang et al. (US20200285652A1) hereinafter Wang, and further in view of Bahl et al. (US20210019194A1) hereinafter Bahl.  
As per claim 1.  A method comprising: (Gattu, par0018 teaches including methods, systems, non-transitory computer-readable storage media storing programs, code, or instructions executable by one or more processor)
a cloud system; (Gattu, par0044 teaches FIG. 1 [cloud system] depicts a high level diagram of a computing environment 100 comprising a cloud service provider infrastructure (CSPI) 110 that includes capabilities for providing a secure framework for managing and enforcing security policies related to various resources managed by the CSPI).
receiving a first request to a cloud system; (Gattu, par0051 teaches the security zone policy enforcement system 112 may be configured to receive a request to perform an operation on a resource from a user).

extracting an identifier from the first request; (Gattu, par0108 teaches if the user is authorized to execute the API request, at operation 908, the centralized API request processing system 604 transmits an instruction to the compartment identifier system 608 to obtain/fetch [extracting an identifier] compartment information for the primary resource identified in the API request. The “primary resource” may include a resource identified in the API request itself. For instance, a “compute” resource instance may be determined to be a primary resource in an API request that performs a “launch instance” operation. As previously described, the compartment information may include a compartment identifier and compartment policies applicable to the resource. At operation 910, the centralized API request processing system 604 receives the compartment information from the compartment identifier system 608.
determining a first compartment within a first zone of the cloud system, (Gattu, par0013 teaches a centralized application programming interface (API) request processing system in a cloud service provider infrastructure (CSPI)[ cloud system]…..The system determines, from the API request, compartment information [first compartment] and context information associated with the resource. Responsive to determining the compartment information and the context information associated with the resource, the system determines that the resource resides in a compartment that is associated with a security zone [first zone].
from a mapping in a non-transitory computer readable storage medium, (Gattu, par0083 teaches The CSPI infrastructure 110 may be implemented by one or more computing systems….information used by or generated by the centralized API request processing system 604 as part of its processing may be stored in a persistent memory data store 610 and in security zone information (e.g., 120 shown in FIG. 1) by the security zone policy enforcement system 112. The CSPI 110 additionally comprises a set of one or more downstream services 618A-618N that may be communicatively coupled to the centralized API request processing system 604 via one or more communication networks….may be stored on a non-transitory storage medium (e.g., on a memory device).
the mapping between the identifier and the first compartment; of the first compartment (Gattu, par0097 teaches at block 716, the centralized API request processing system 604 determines compartment information for the primary resource determined in block 712. The compartment information may include a compartment identifier of the compartment [first compartment] that the resource resides in and compartment policies applicable to the resource. The compartment policies applicable to the resource may include compartment policies associated [mapping] with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment).
          Gattu does not explicitly discloses processing by an application and a database within the first compartment, receiving from a registry, a first IP address; and routing the first request to the first IP address for processing.
          Wang however teaches processing by an application and a database within the first compartment. (Wang, par0045, 0047 teaches portions of data or information used by or generated by the security zone policy enforcement system 112 as part of its processing may comprise security zone information 120, which may be stored by the security zone policy [application] enforcement system 112 in one or more databases or files. The systems and subsystems depicted in FIG. 1 may be implemented using software (e.g., code, instructions, program) executed by one or more processing units (e.g., processors, cores) of a computing system, hardware, or combinations thereof….. A compartment may be associated with a set of compartment policies that restrict the usage of resources that reside in the compartment. Each policy in the set of compartment policies may impact one or more resources such as compute, networking, object storage, and database resources within the CSPI).
receiving from a registry, a first IP address; and (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving a first IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
routing the first request to the first IP address for processing (Wang, par0063-0065 teaches the request for specific data includes the first virtual IP address and the identification of the first port. At operation 618, the request for specific data is routed [routing the first request to the first IP address for processing] to the instance of the first portion of the multi-tenant database via the first port. At operation 620, results from the instance of the first portion of the multi-tenant database are received via the first port).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of processing by an application and a database within the first compartment, receiving from a registry, a first IP address; and routing the first request to the first IP address for processing, as taught by Wang in the method of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.
          Gattu and Wang do not explicitly disclose storage medium of a service mesh, of the service mesh.
          Bahl however teaches storage medium of a service mesh, of the service mesh (Bahl, par0115-0116 teaches FIG. 6 illustrates a flow diagram of an example of a process 600 for orchestrating microservice containers of a service mesh application in a multi-cloud environment. The process 600 can be performed by one or more processors of a computing system (e.g., the multi-cloud service mesh orchestration platform 400) including memory [storage medium of a service mesh] and having instructions that, when executed by the one or more processors, cause the computing system to the steps of the process 600. The process 600 may begin with step 602 in which the multi-cloud service mesh orchestration platform can receive a request to deploy an application as a service mesh application).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of storage medium of a service mesh, of the service mesh, as taught by Bahl in the method of Gattu and Wang so entities can reserve virtual computing resources from Cloud Service Providers (CSPs) and scale up and scale down as needed without having to purchase and physically manage the resources, these entities can select where to deploy their applications based on proximity, capabilities, performance, security, reliability, cost, and so forth, see Bahl par0002.

As per claim 2.  Gattu, Wang and Bahl disclose the method of claim 1.
[Examiner note - claim 2 is similar to claim 1 but for a second request, second compartment and second IP address - see mapping of claim 1 above.]
          Gattu discloses further comprising: receiving a second request to the cloud system (Gattu, par0076 teaches the request may identify an operation (e.g., a “launch instance” operation) to be performed on an “instance” (i.e., virtual machine instance) to create a virtual machine instance in the user's tenancy using a public IP address. At block 404, the security zone policy validation subsystem 118 determines a compartment associated with the resource. At block 406, the security zone policy validation subsystem 118 determines, based on the compartment identified in block 404, a set of compartment policies that are applicable to the resource. The compartment policies applicable to the resource may include compartment policies associated with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment. At block 408, the security zone policy validation subsystem 118 determines if the operation on the resource is permitted based on the compartment policies determined in block 406. For instance, the compartment policies applicable to the resource may permit the user to create the virtual machine instance so that it is publicly accessible from a public network (i.e., the Internet), i.e., permit the virtual machine instance to be created using a public IP address).
extracting an identifier from the second request; (Gattu, par0108 teaches if the user is authorized to execute the API request, at operation 908, the centralized API request processing system 604 transmits an instruction to the compartment identifier system 608 to obtain/fetch [extracting an identifier] compartment information for the primary resource identified in the API request. The “primary resource” may include a resource identified in the API request itself. For instance, a “compute” resource instance may be determined to be a primary resource in an API request that performs a “launch instance” operation. As previously described, the compartment information may include a compartment identifier and compartment policies applicable to the resource. At operation 910, the centralized API request processing system 604 receives the compartment information from the compartment identifier system 608.
determining a second compartment from the mapping; of the second compartment, (Gattu, par0080 teaches the example depicted in FIG. 5B illustrates the compartment C1 502, compartment C2 504 and compartment C3 506 depicted in FIG. 5A along with their associated compartment policies 508, 510 and 512. In certain examples, when a compartment (e.g., compartment C3 506) becomes associated with a security zone (security zone-1 514), the security zone policies 516 associated with the security zone-1 514 are applied to the compartment. Due to the association of the compartment C3 506 with the security zone policies 516, the set of operations (O1, O2, O3) that were originally allowed to be performed on a resource R1 residing in the compartment is now reduced to a subset of operations (01).
          Gattu does not explicitly discloses processing by the application within the second compartment, receiving from the registry, a second IP address; and routing the second request to the second IP address.
          Wang however teaches processing by the application within the second compartment (Wang, par0045, 0047 teaches portions of data or information used by or generated by the security zone policy enforcement system 112 as part of its processing may comprise security zone information 120, which may be stored by the security zone policy [application] enforcement system 112 in one or more databases or files. The systems and subsystems depicted in FIG. 1 may be implemented using software (e.g., code, instructions, program) executed by one or more processing units (e.g., processors, cores) of a computing system, hardware, or combinations thereof….. A compartment may be associated with a set of compartment policies that restrict the usage of resources that reside in the compartment. Each policy in the set of compartment policies may impact one or more resources such as compute, networking, object storage, and database resources within the CSPI).
receiving from the registry, a second IP address (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses [multiple IPs] and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
routing the second request to the second IP address (Wang, par0063-0065 teaches the request for specific data includes the first virtual IP address and the identification of the first port. At operation 618, the request for specific data is routed [routing the first request to the IP address for processing] to the instance of the first portion of the multi-tenant database via the first port. At operation 620, results from the instance of the first portion of the multi-tenant database are received via the first port).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of processing by the application within the second compartment, receiving from the registry, a second IP address; and routing the second request to the second IP address, as taught by Wang in the method of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.

As per claim 4.  Gattu, Wang and Bahl disclose the method of claim 2.
           Gattu further discloses wherein: the first compartment is a target compartment; and the second compartment is one of a split compartment and a merged compartment within the first zone, wherein the mapping is updated to reflect a recommendation provided by a recommendation engine within the first compartment. (Gattu, par0071, 0076 teaches a compartment (e.g., compartment A1 216) may also be hierarchically related to other compartments created within a tenancy. For instance, in the embodiment depicted in FIG. 2, the compartment A1 216 may be hierarchically related (i.e., be a child compartment) to one or more compartments (i.e., parent compartments) created within the tenancy. When a resource (e.g., R1) is added to the compartment A1 216, the resource automatically inherits the compartment policies associated with the compartment in addition to the compartment policies one or more parent compartments associated with the compartment…..The compartment policies applicable to the resource may include compartment policies associated with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment. At block 408, the security zone policy validation subsystem 118 determines if the operation on the resource is permitted based on the compartment policies determined in block 406).

As per claim 5.  Gattu, Wang and Bahl disclose the method of claim 4.
          Gattu does not explicitly discloses wherein the recommendation is based upon a workload of the application.
          Wang however teaches wherein the recommendation is based upon a workload of the application. (Wang, par0058 teaches the scale-out executors 506A-506D perform the work to execute queries in a dynamic context to fetch the real-time tenant instances available in the in-memory database cluster 312. Thus, the scale-out hub 508 could start up as many tenant database instances as possible based on the system workload [based upon a workload of the application] and user resource group authorization control, with the overall status monitored at that time).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the recommendation is based upon a workload of the application, as taught by Wang in the method of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.

As per claim 6.  Gattu, Wang and Bahl disclose the method of claim 1.
           Gattu does not explicitly discloses wherein the first IP address.
          Wang however teaches wherein the first IP address. (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving a first IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the first IP address, as taught by Wang in the method of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.
          Gattu and Wang do not explicitly disclose is received from the service mesh via a client.
          Bahl however teaches is received from the service mesh via a client (Bahl, par0102, 0110 teaches a response to a client request to return within a specified time period (e.g., 5 seconds), the multi-cloud service mesh orchestration platform can dynamically tune and designate microservice-level SLAs to each constituent microservice container of the application to ensure the application-level SLA is satisfied…. The request metering module can collect the request metrics for the entire application per client request, as well as for each microservice container per client reques).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of is received from the service mesh via a client, as taught by Bahl in the method of Gattu and Wang so entities can reserve virtual computing resources from Cloud Service Providers (CSPs) and scale up and scale down as needed without having to purchase and physically manage the resources, these entities can select where to deploy their applications based on proximity, capabilities, performance, security, reliability, cost, and so forth, see Bahl par0002.

As per claim 7.  Gattu, Wang and Bahl disclose the method of claim 1.
          Gattu does not explicitly discloses wherein: the non-transitory computer readable storage medium comprises an in-memory database; and the routing is performed by an in-memory database engine of the in-memory database.
          Wang however teaches wherein: the non-transitory computer readable storage medium comprises an in-memory database; and (Wang, par0021, 0024 teaches the memory of a computer may include any memory or database module. The memory may be volatile or non-volatile types of non-transitory computer-readable media…. the container cloud manager 150 includes a storage master and a master database. In one embodiment, the master database may be an in-memory database. For example, the master database may include an in-memory database XE Engine).
the routing is performed by an in-memory database engine of the in-memory database  (Wang, par0041-0042 teaches the IP virtual-pool manager can internally use Docker™ or similar network functionality to set up the IP network and virtual bridge related to the request. This virtual IP can be used to connect [routing] to the backend in-memory tenant database afterwards….When the virtual IPs with the service requests transmit to the backend in-memory database cloud infrastructure, an in-memory cloud solution manager can determine the current available tenant database and assign the request and virtual IP to the specified tenant database).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein: the non-transitory computer readable storage medium comprises an in-memory database; and the routing is performed by an in-memory database engine of the in-memory database, as taught by Wang in the method of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.

As per claim 8.  Gattu, Wang and Bahl disclose the method of claim 1.
          Gattu does not explicitly discloses wherein: the database comprises an in-memory database; and the routing is performed by an in-memory database engine of the in-memory database.
          Wang however teaches wherein: the database comprises an in-memory database; and (Wang, par0044 teaches the storage master 204A-204C is bundled with an in-memory database SR. For example, the storage master 204A-204C and the in-memory database work as the container cloud manager 202 to manage containers, such as Docker™ and/or other types of containers. This enables high availability due to the master and first and second replications. The master and the second replication are connected using a synchronization mode connection).
the routing is performed by an in-memory database engine of the in-memory database.  (Wang, par0041-0042 teaches the IP virtual-pool manager can internally use Docker™ or similar network functionality to set up the IP network and virtual bridge related to the request. This virtual IP can be used to connect [routing] to the backend in-memory tenant database afterwards….When the virtual IPs with the service requests transmit to the backend in-memory database cloud infrastructure, an in-memory cloud solution manager can determine the current available tenant database and assign the request and virtual IP to the specified tenant database).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein: the database comprises an in-memory database; and the routing is performed by an in-memory database engine of the in-memory database, as taught by Wang in the method of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.

As per claim 9. A non-transitory computer readable storage medium embodying a computer program for performing a method, said method comprising: (Gattu, par0018 teaches including methods, systems, non-transitory computer-readable storage media storing programs, code, or instructions executable by one or more processor).
a cloud system; (Gattu, par0044 teaches FIG. 1 [cloud system] depicts a high level diagram of a computing environment 100 comprising a cloud service provider infrastructure (CSPI) 110 that includes capabilities for providing a secure framework for managing and enforcing security policies related to various resources managed by the CSPI).
receiving a request to a cloud system; (Gattu, par0051 teaches the security zone policy enforcement system 112 may be configured to receive a request to perform an operation on a resource from a user).
extracting an identifier from the request; (Gattu, par0108 teaches if the user is authorized to execute the API request, at operation 908, the centralized API request processing system 604 transmits an instruction to the compartment identifier system 608 to obtain/fetch [extracting an identifier] compartment information for the primary resource identified in the API request. The “primary resource” may include a resource identified in the API request itself. For instance, a “compute” resource instance may be determined to be a primary resource in an API request that performs a “launch instance” operation. As previously described, the compartment information may include a compartment identifier and compartment policies applicable to the resource. At operation 910, the centralized API request processing system 604 receives the compartment information from the compartment identifier system 608).
determining a compartment within a zone of the cloud system, (Gattu, par0013 teaches a centralized application programming interface (API) request processing system in a cloud service provider infrastructure (CSPI)[ cloud system]…..The system determines, from the API request, compartment information [first compartment] and context information associated with the resource. Responsive to determining the compartment information and the context information associated with the resource, the system determines that the resource resides in a compartment that is associated with a security zone [first zone]).
from a mapping in a non-transitory computer readable storage medium (Gattu, par0083 teaches The CSPI infrastructure 110 may be implemented by one or more computing systems….information used by or generated by the centralized API request processing system 604 as part of its processing may be stored in a persistent memory data store 610 and in security zone information (e.g., 120 shown in FIG. 1) by the security zone policy enforcement system 112. The CSPI 110 additionally comprises a set of one or more downstream services 618A-618N that may be communicatively coupled to the centralized API request processing system 604 via one or more communication networks….may be stored on a non-transitory storage medium (e.g., on a memory device).
the mapping between the identifier and the compartment; of the first compartment (Gattu, par0097 teaches at block 716, the centralized API request processing system 604 determines compartment information for the primary resource determined in block 712. The compartment information may include a compartment identifier of the compartment [first compartment] that the resource resides in and compartment policies applicable to the resource. The compartment policies applicable to the resource may include compartment policies associated [mapping] with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment).
a first IP address, a second IP address (Gattu, par0177 teaches a security zone specification corresponding to an API request that identifies operations for creating a subnet, creating an internet gateway, changing the compartment identifier for a subnet and changing the compartment identifier for the internet gateway using a Virtual Cloud Network service in the CSPI…the context information comprises information about the IP address of the subnet to determine if the create subnet operation in the API request is using a public IP for creating a subnet).
first compartment, second compartment (Gattu, par0071 teaches a compartment (e.g., compartment A1 216) may also be hierarchically related to other compartments created within a tenancy. For instance, in the embodiment depicted in FIG. 2, the compartment A1 216 may be hierarchically related (i.e., be a child compartment) to one or more compartments (i.e., parent compartments) created within the tenancy. When a resource (e.g., R1) is added to the compartment A1 216, the resource automatically inherits the compartment policies associated with the compartment in addition to the compartment policies one or more parent compartments associated with the compartment).
the first request, second request (Gattu, par0086 teaches an API request may identify a “launch instance” operation to be performed on an “instance” resource (e.g., a virtual machine instance) managed by the CSPI. Other examples of API requests may include, for instance, a “create subnet,” operation for creating a “subnet” resource, a “create block storage volume” operation for creating a “block storage volume” resource and the like).
         Gattu does not explicitly discloses processing by an application and a database within the compartment, receiving from a registry, a IP address; and routing the request to the IP address for processing.
          Wang however teaches processing by an application and a database within the compartment. (Wang, par0045, 0047 teaches portions of data or information used by or generated by the security zone policy enforcement system 112 as part of its processing may comprise security zone information 120, which may be stored by the security zone policy [application] enforcement system 112 in one or more databases or files. The systems and subsystems depicted in FIG. 1 may be implemented using software (e.g., code, instructions, program) executed by one or more processing units (e.g., processors, cores) of a computing system, hardware, or combinations thereof….. A compartment may be associated with a set of compartment policies that restrict the usage of resources that reside in the compartment. Each policy in the set of compartment policies may impact one or more resources such as compute, networking, object storage, and database resources within the CSPI).
receiving from a registry, a IP address; and (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving a first IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
routing the request to the IP address for processing (Wang, par0063-0065 teaches the request for specific data includes the first virtual IP address and the identification of the first port. At operation 618, the request for specific data is routed [routing the first request to the first IP address for processing] to the instance of the first portion of the multi-tenant database via the first port. At operation 620, results from the instance of the first portion of the multi-tenant database are received via the first port).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of processing by an application and a database within the compartment, receiving from a registry, a IP address; and routing the request to the IP address for processing, as taught by Wang in the non-transitory computer readable storage medium of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.
          Gattu and Wang do not explicitly disclose storage medium of a service mesh, of the service mesh.
          Bahl however teaches storage medium of a service mesh, of the service mesh (Bahl, par0115-0116 teaches FIG. 6 illustrates a flow diagram of an example of a process 600 for orchestrating microservice containers of a service mesh application in a multi-cloud environment. The process 600 can be performed by one or more processors of a computing system (e.g., the multi-cloud service mesh orchestration platform 400) including memory [storage medium of a service mesh] and having instructions that, when executed by the one or more processors, cause the computing system to the steps of the process 600. The process 600 may begin with step 602 in which the multi-cloud service mesh orchestration platform can receive a request to deploy an application as a service mesh application).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of storage medium of a service mesh, of the service mesh, as taught by Bahl in the non-transitory computer readable storage medium of Gattu and Wang so entities can reserve virtual computing resources from Cloud Service Providers (CSPs) and scale up and scale down as needed without having to purchase and physically manage the resources, these entities can select where to deploy their applications based on proximity, capabilities, performance, security, reliability, cost, and so forth, see Bahl par0002.

As per claim 11.  Gattu, Wang and Bahl disclose the non-transitory computer readable storage medium of claim 9.
           Gattu further discloses wherein: the first compartment is a target compartment; the second compartment is one of a split compartment and a merged compartment within the first zone; and the mapping is updated to reflect a recommendation provided by a recommendation engine within the first compartment. (Gattu, par0071, 0076 teaches a compartment (e.g., compartment A1 216) may also be hierarchically related to other compartments created within a tenancy. For instance, in the embodiment depicted in FIG. 2, the compartment A1 216 may be hierarchically related (i.e., be a child compartment) to one or more compartments (i.e., parent compartments) created within the tenancy. When a resource (e.g., R1) is added to the compartment A1 216, the resource automatically inherits the compartment policies associated with the compartment in addition to the compartment policies one or more parent compartments associated with the compartment…..The compartment policies applicable to the resource may include compartment policies associated with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment. At block 408, the security zone policy validation subsystem 118 determines if the operation on the resource is permitted based on the compartment policies determined in block 406).

As per claim 12.  Gattu, Wang and Bahl disclose the non-transitory computer readable storage medium of claim 11.
          Gattu does not explicitly discloses wherein the recommendation is based upon a workload of the application.
          Wang however teaches wherein the recommendation is based upon a workload of the application. (Wang, par0058 teaches the scale-out executors 506A-506D perform the work to execute queries in a dynamic context to fetch the real-time tenant instances available in the in-memory database cluster 312. Thus, the scale-out hub 508 could start up as many tenant database instances as possible based on the system workload [based upon a workload of the application] and user resource group authorization control, with the overall status monitored at that time).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the recommendation is based upon a workload of the application, as taught by Wang in the non-transitory computer readable storage medium of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.

As per claim 13.  Gattu, Wang and Bahl disclose the non-transitory computer readable storage medium of claim 9.
           Gattu does not explicitly discloses wherein the first IP address.
          Wang however teaches wherein the first IP address. (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving a first IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the first IP address, as taught by Wang in the non-transitory computer readable storage medium of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.
          Gattu and Wang do not explicitly disclose is received from the service mesh via a client.
          Bahl however teaches is received from the service mesh via a client (Bahl, par0102, 0110 teaches a response to a client request to return within a specified time period (e.g., 5 seconds), the multi-cloud service mesh orchestration platform can dynamically tune and designate microservice-level SLAs to each constituent microservice container of the application to ensure the application-level SLA is satisfied…. The request metering module can collect the request metrics for the entire application per client request, as well as for each microservice container per client reques).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of is received from the service mesh via a client, as taught by Bahl in the non-transitory computer readable storage medium of Gattu and Wang so entities can reserve virtual computing resources from Cloud Service Providers (CSPs) and scale up and scale down as needed without having to purchase and physically manage the resources, these entities can select where to deploy their applications based on proximity, capabilities, performance, security, reliability, cost, and so forth, see Bahl par0002.

As per claim 14.  Gattu, Wang and Bahl disclose the non-transitory computer readable storage medium of claim 9.
          Gattu does not explicitly discloses wherein: the non-transitory computer readable storage medium comprises an in-memory database; and the routing is performed by an in-memory database engine of the in-memory database.
          Wang however teaches wherein: the non-transitory computer readable storage medium comprises an in-memory database; and (Wang, par0021, 0024 teaches the memory of a computer may include any memory or database module. The memory may be volatile or non-volatile types of non-transitory computer-readable media…. the container cloud manager 150 includes a storage master and a master database. In one embodiment, the master database may be an in-memory database. For example, the master database may include an in-memory database XE Engine).
the routing is performed by an in-memory database engine of the in-memory database  (Wang, par0041-0042 teaches the IP virtual-pool manager can internally use Docker™ or similar network functionality to set up the IP network and virtual bridge related to the request. This virtual IP can be used to connect [routing] to the backend in-memory tenant database afterwards….When the virtual IPs with the service requests transmit to the backend in-memory database cloud infrastructure, an in-memory cloud solution manager can determine the current available tenant database and assign the request and virtual IP to the specified tenant database).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein: the non-transitory computer readable storage medium comprises an in-memory database; and the routing is performed by an in-memory database engine of the in-memory database, as taught by Wang in the non-transitory computer readable storage medium of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.

As per claim 15. A computer system comprising: one or more processors; a software program, executable on said computer system, (Gattu, par0018 teaches including methods, systems, non-transitory computer-readable storage media storing programs, code, or instructions executable by one or more processor)
the software program configured to cause an in-memory database engine of an in-memory database to: (Wang, par0021, 0024 teaches the memory of a computer may include any memory or database module. The memory may be volatile or non-volatile types of non-transitory computer-readable media…. the container cloud manager 150 includes a storage master and a master database. In one embodiment, the master database may be an in-memory database. For example, the master database may include an in-memory database XE Engine).
a cloud system; (Gattu, par0044 teaches FIG. 1 [cloud system] depicts a high level diagram of a computing environment 100 comprising a cloud service provider infrastructure (CSPI) 110 that includes capabilities for providing a secure framework for managing and enforcing security policies related to various resources managed by the CSPI).
receiving a first request to a cloud system; (Gattu, par0051 teaches the security zone policy enforcement system 112 may be configured to receive a request to perform an operation on a resource from a user).
extracting an identifier from the first request; (Gattu, par0108 teaches if the user is authorized to execute the API request, at operation 908, the centralized API request processing system 604 transmits an instruction to the compartment identifier system 608 to obtain/fetch [extracting an identifier] compartment information for the primary resource identified in the API request. The “primary resource” may include a resource identified in the API request itself. For instance, a “compute” resource instance may be determined to be a primary resource in an API request that performs a “launch instance” operation. As previously described, the compartment information may include a compartment identifier and compartment policies applicable to the resource. At operation 910, the centralized API request processing system 604 receives the compartment information from the compartment identifier system 608.
determining a first compartment within a first zone of the cloud system, (Gattu, par0013 teaches a centralized application programming interface (API) request processing system in a cloud service provider infrastructure (CSPI)[ cloud system]…..The system determines, from the API request, compartment information [first compartment] and context information associated with the resource. Responsive to determining the compartment information and the context information associated with the resource, the system determines that the resource resides in a compartment that is associated with a security zone [first zone].
from a mapping in a non-transitory computer readable storage medium, (Gattu, par0083 teaches The CSPI infrastructure 110 may be implemented by one or more computing systems….information used by or generated by the centralized API request processing system 604 as part of its processing may be stored in a persistent memory data store 610 and in security zone information (e.g., 120 shown in FIG. 1) by the security zone policy enforcement system 112. The CSPI 110 additionally comprises a set of one or more downstream services 618A-618N that may be communicatively coupled to the centralized API request processing system 604 via one or more communication networks….may be stored on a non-transitory storage medium (e.g., on a memory device).
the mapping between the identifier and the first compartment; of the first compartment (Gattu, par0097 teaches at block 716, the centralized API request processing system 604 determines compartment information for the primary resource determined in block 712. The compartment information may include a compartment identifier of the compartment [first compartment] that the resource resides in and compartment policies applicable to the resource. The compartment policies applicable to the resource may include compartment policies associated [mapping] with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment).
          Gattu does not explicitly discloses processing by an application and a database within the first compartment, receiving from a registry, a first IP address; and routing the first request to the first IP address for processing.
          Wang however teaches processing by an application and a database within the first compartment. (Wang, par0045, 0047 teaches portions of data or information used by or generated by the security zone policy enforcement system 112 as part of its processing may comprise security zone information 120, which may be stored by the security zone policy [application] enforcement system 112 in one or more databases or files. The systems and subsystems depicted in FIG. 1 may be implemented using software (e.g., code, instructions, program) executed by one or more processing units (e.g., processors, cores) of a computing system, hardware, or combinations thereof….. A compartment may be associated with a set of compartment policies that restrict the usage of resources that reside in the compartment. Each policy in the set of compartment policies may impact one or more resources such as compute networking, object storage, and database resources within the CSPI).
receiving from a registry, a first IP address; and (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving a first IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
routing the first request to the first IP address for processing (Wang, par0063-0065 teaches the request for specific data includes the first virtual IP address and the identification of the first port. At operation 618, the request for specific data is routed [routing the first request to the first IP address for processing] to the instance of the first portion of the multi-tenant database via the first port. At operation 620, results from the instance of the first portion of the multi-tenant database are received via the first port).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of processing by an application and a database within the first compartment, receiving from a registry, a first IP address; and routing the first request to the first IP address for processing, as taught by Wang in the computer system of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.
          Gattu and Wang do not explicitly disclose storage medium of a service mesh, of the service mesh.
          Bahl however teaches storage medium of a service mesh, of the service mesh (Bahl, par0115-0116 teaches FIG. 6 illustrates a flow diagram of an example of a process 600 for orchestrating microservice containers of a service mesh application in a multi-cloud environment. The process 600 can be performed by one or more processors of a computing system (e.g., the multi-cloud service mesh orchestration platform 400) including memory [storage medium of a service mesh] and having instructions that, when executed by the one or more processors, cause the computing system to the steps of the process 600. The process 600 may begin with step 602 in which the multi-cloud service mesh orchestration platform can receive a request to deploy an application as a service mesh application).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of storage medium of a service mesh, of the service mesh, as taught by Bahl in the computer system of Gattu and Wang so entities can reserve virtual computing resources from Cloud Service Providers (CSPs) and scale up and scale down as needed without having to purchase and physically manage the resources, these entities can select where to deploy their applications based on proximity, capabilities, performance, security, reliability, cost, and so forth, see Bahl par0002.

As per claim 19.  Gattu, Wang and Bahl disclose the computer system of claim 1.
           Gattu does not explicitly discloses wherein the first IP address.
          Wang however teaches wherein the first IP address. (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving a first IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the first IP address, as taught by Wang in the computer system of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.
          Gattu and Wang do not explicitly disclose is received from the service mesh via a client.
          Bahl however teaches is received from the service mesh via a client (Bahl, par0102, 0110 teaches a response to a client request to return within a specified time period (e.g., 5 seconds), the multi-cloud service mesh orchestration platform can dynamically tune and designate microservice-level SLAs to each constituent microservice container of the application to ensure the application-level SLA is satisfied…. The request metering module can collect the request metrics for the entire application per client request, as well as for each microservice container per client reques).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of is received from the service mesh via a client, as taught by Bahl in the computer system of Gattu and Wang so entities can reserve virtual computing resources from Cloud Service Providers (CSPs) and scale up and scale down as needed without having to purchase and physically manage the resources, these entities can select where to deploy their applications based on proximity, capabilities, performance, security, reliability, cost, and so forth, see Bahl par0002.

As per claim 20.  Gattu, Wang and Bahl disclose the computer system of claim 15.
          Gattu further discloses wherein the compartment of the first zone (Gattu, par0013 teaches a centralized application programming interface (API) request processing system in a cloud service provider infrastructure (CSPI)[ cloud system]…..The system determines, from the API request, compartment information [first compartment] and context information associated with the resource. Responsive to determining the compartment information and the context information associated with the resource, the system determines that the resource resides in a compartment that is associated with a security zone [first zone].
           Gattu does not explicitly discloses wherein the compartment is named according to a namespace including a number of the first zone.
          Wang however teaches wherein the compartment is named according to a namespace including a number of the first zone (Wang, par0053-0054 teaches he IP virtual-pool manager 306 provides virtual FP address management using a Docker service and in-memory tenant database information as well. The IP virtual-pool manager 306 provides a way to make a concatenation of virtual IP addresses from Docker and the tenant database (specifically, <hostname, instance number>) as the handler pair for the direct usage of clients….The IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, Each virtual IP pair 402A-402E contains a key and a value [a numbe]r. The key is the virtual IP address from Docker, while the value is the concatenation of the hostname and the instance number. The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses and returns them.).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the compartment is named according to a namespace including a number of the first zone, as taught by Wang in the computer system of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.

Claims 3, 10 and 16-18 are rejected under 35 U.S.C. 103 as being unpatentable over Gattu in view of Wang further in view of Bahl, and further in view of  Lee et al. (US20180246945A1) hereinafter Lee.
As per claim 3.  Gattu, Wang and Bahl disclose the method of claim 2.
          Gattu further discloses wherein: the first compartment is a target compartment; and the second compartment is a paired compartment within a second zone, (Gattu, par0080 teaches the example depicted in FIG. 5B illustrates the compartment C1 502, compartment C2 504 and compartment C3 506 depicted in FIG. 5A along with their associated compartment policies 508, 510 and 512. In certain examples, when a compartment (e.g., compartment C3 506) becomes associated with a security zone (security zone-1 514), the security zone policies 516 associated with the security zone-1 514 are applied to the compartment. Due to the association of the compartment C3 506 with the security zone policies 516, the set of operations (O1, O2, O3) that were originally allowed to be performed on a resource R1 residing in the compartment is now reduced to a subset of operations (01).
          Gattu, Wang and Bahl do not explicitly disclose wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database.
          Lee however teaches wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database. (Lee, par0038, 0041 teaches the second data center may replicate the first database of the first database center [first compartment] in a second database of the second data center [second compartment]…In the event of primary database system failure, the backup database can assume the role of the primary database in as little time as possible. Therefore, transactions replicated, or mirrored, to the secondary database must be as close to current as possible).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database, as taught by Lee in the method of Gattu, Wang and Bahl so database systems rely on data replication and synchronization to maintain continuous system availability. Typically, in such a system, a complete copy of the database is stored at a first datacenter and the same complete copy of the database is stored at a second datacenter, see Lee par0003.

As per claim 10.  Gattu, Wang and Bahl disclose the non-transitory computer readable storage medium of claim 9.
          Gattu further discloses wherein: the first compartment is a target compartment; the second compartment is a paired compartment within a second zone; and (Gattu, par0080 teaches the example depicted in FIG. 5B illustrates the compartment C1 502, compartment C2 504 and compartment C3 506 depicted in FIG. 5A along with their associated compartment policies 508, 510 and 512. In certain examples, when a compartment (e.g., compartment C3 506) becomes associated with a security zone (security zone-1 514), the security zone policies 516 associated with the security zone-1 514 are applied to the compartment. Due to the association of the compartment C3 506 with the security zone policies 516, the set of operations (O1, O2, O3) that were originally allowed to be performed on a resource R1 residing in the compartment is now reduced to a subset of operations (01).
          Gattu, Wang and Bahl do not explicitly disclose the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database.
          Lee however teaches the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database. (Lee, par0038, 0041 teaches The second data center may replicate the first database of the first database center [first compartment] in a second database of the second data center [second compartment]…In the event of primary database system failure, the backup database can assume the role of the primary database in as little time as possible. Therefore, transactions replicated, or mirrored, to the secondary database must be as close to current as possible).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database, as taught by Lee in the non-transitory computer readable storage medium of Gattu, Wang and Bahl so database systems rely on data replication and synchronization to maintain continuous system availability. Typically, in such a system, a complete copy of the database is stored at a first datacenter and the same complete copy of the database is stored at a second datacenter, see Lee par0003.

As per claim 16.  Gattu, Wang and Bahl disclose the method of claim 15.
          Gattu discloses wherein the in-memory database engine is further configured to: receive a second request to the cloud system (Gattu, par0076 teaches the request may identify an operation (e.g., a “launch instance” operation) to be performed on an “instance” (i.e., virtual machine instance) to create a virtual machine instance in the user's tenancy using a public IP address. At block 404, the security zone policy validation subsystem 118 determines a compartment associated with the resource. At block 406, the security zone policy validation subsystem 118 determines, based on the compartment identified in block 404, a set of compartment policies that are applicable to the resource. The compartment policies applicable to the resource may include compartment policies associated with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment. At block 408, the security zone policy validation subsystem 118 determines if the operation on the resource is permitted based on the compartment policies determined in block 406. For instance, the compartment policies applicable to the resource may permit the user to create the virtual machine instance so that it is publicly accessible from a public network (i.e., the Internet), i.e., permit the virtual machine instance to be created using a public IP address).
extract the identifier from the second request;  (Gattu, par0108 teaches if the user is authorized to execute the API request, at operation 908, the centralized API request processing system 604 transmits an instruction to the compartment identifier system 608 to obtain/fetch [extracting an identifier] compartment information for the primary resource identified in the API request. The “primary resource” may include a resource identified in the API request itself. For instance, a “compute” resource instance may be determined to be a primary resource in an API request that performs a “launch instance” operation. As previously described, the compartment information may include a compartment identifier and compartment policies applicable to the resource. At operation 910, the centralized API request processing system 604 receives the compartment information from the compartment identifier system 608.
determine a second compartment from the mapping;; of the second compartment, (Gattu, par0080 teaches the example depicted in FIG. 5B illustrates the compartment C1 502, compartment C2 504 and compartment C3 506 depicted in FIG. 5A along with their associated compartment policies 508, 510 and 512. In certain examples, when a compartment (e.g., compartment C3 506) becomes associated with a security zone (security zone-1 514), the security zone policies 516 associated with the security zone-1 514 are applied to the compartment. Due to the association of the compartment C3 506 with the security zone policies 516, the set of operations (O1, O2, O3) that were originally allowed to be performed on a resource R1 residing in the compartment is now reduced to a subset of operations (01).
wherein the second compartment is a paired compartment within a second zone, (Gattu, par0080 teaches the example depicted in FIG. 5B illustrates the compartment C1 502, compartment C2 504 and compartment C3 506 depicted in FIG. 5A along with their associated compartment policies 508, 510 and 512. In certain examples, when a compartment (e.g., compartment C3 506) becomes associated with a security zone (security zone-1 514), the security zone policies 516 associated with the security zone-1 514 are applied to the compartment. Due to the association of the compartment C3 506 with the security zone policies 516, the set of operations (O1, O2, O3) that were originally allowed to be performed on a resource R1 residing in the compartment is now reduced to a subset of operations (01).
          Gattu does not explicitly discloses for processing by the application within the second compartment, receive from the registry, a second IP address of the second compartment; and route the second request to the second IP address.
          Wang however teaches for processing by the application within the second compartment (Wang, par0045, 0047 teaches portions of data or information used by or generated by the security zone policy enforcement system 112 as part of its processing may comprise security zone information 120, which may be stored by the security zone policy [application] enforcement system 112 in one or more databases or files. The systems and subsystems depicted in FIG. 1 may be implemented using software (e.g., code, instructions, program) executed by one or more processing units (e.g., processors, cores) of a computing system, hardware, or combinations thereof….. A compartment may be associated with a set of compartment policies that restrict the usage of resources that reside in the compartment. Each policy in the set of compartment policies may impact one or more resources such as compute, networking, object storage, and database resources within the CSPI).
receive from the registry, a second IP address (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses [multiple IPs] and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
route the second request to the second IP address (Wang, par0063-0065 teaches the request for specific data includes the first virtual IP address and the identification of the first port. At operation 618, the request for specific data is routed [routing the first request to the IP address for processing] to the instance of the first portion of the multi-tenant database via the first port. At operation 620, results from the instance of the first portion of the multi-tenant database are received via the first port).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of for processing by the application within the second compartment, receive from the registry, a second IP address of the second compartment; and route the second request to the second IP address, as taught by Wang in the method of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.
          Gattu, Wang and Bahl do not explicitly disclose wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database.
          Lee however teaches wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database. (Lee, par0038, 0041 teaches The second data center may replicate the first database of the first database center [first compartment] in a second database of the second data center [second compartment]…In the event of primary database system failure, the backup database can assume the role of the primary database in as little time as possible. Therefore, transactions replicated, or mirrored, to the secondary database must be as close to current as possible).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database, as taught by Lee in the method of Gattu, Wang and Bahl so database systems rely on data replication and synchronization to maintain continuous system availability. Typically, in such a system, a complete copy of the database is stored at a first datacenter and the same complete copy of the database is stored at a second datacenter, see Lee par0003.

As per claim 17.  Gattu, Wang and Bahl disclose the computer system of claim 15.
          Gattu discloses wherein the in-memory database engine is further configured to: receive a second request to the cloud system (Gattu, par0076 teaches the request may identify an operation (e.g., a “launch instance” operation) to be performed on an “instance” (i.e., virtual machine instance) to create a virtual machine instance in the user's tenancy using a public IP address. At block 404, the security zone policy validation subsystem 118 determines a compartment associated with the resource. At block 406, the security zone policy validation subsystem 118 determines, based on the compartment identified in block 404, a set of compartment policies that are applicable to the resource. The compartment policies applicable to the resource may include compartment policies associated with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment. At block 408, the security zone policy validation subsystem 118 determines if the operation on the resource is permitted based on the compartment policies determined in block 406. For instance, the compartment policies applicable to the resource may permit the user to create the virtual machine instance so that it is publicly accessible from a public network (i.e., the Internet), i.e., permit the virtual machine instance to be created using a public IP address).
extract the identifier from the second request;  (Gattu, par0108 teaches if the user is authorized to execute the API request, at operation 908, the centralized API request processing system 604 transmits an instruction to the compartment identifier system 608 to obtain/fetch [extracting an identifier] compartment information for the primary resource identified in the API request. The “primary resource” may include a resource identified in the API request itself. For instance, a “compute” resource instance may be determined to be a primary resource in an API request that performs a “launch instance” operation. As previously described, the compartment information may include a compartment identifier and compartment policies applicable to the resource. At operation 910, the centralized API request processing system 604 receives the compartment information from the compartment identifier system 608.
determine a second compartment from the mapping; of the second compartment, (Gattu, par0080 teaches the example depicted in FIG. 5B illustrates the compartment C1 502, compartment C2 504 and compartment C3 506 depicted in FIG. 5A along with their associated compartment policies 508, 510 and 512. In certain examples, when a compartment (e.g., compartment C3 506) becomes associated with a security zone (security zone-1 514), the security zone policies 516 associated with the security zone-1 514 are applied to the compartment. Due to the association of the compartment C3 506 with the security zone policies 516, the set of operations (O1, O2, O3) that were originally allowed to be performed on a resource R1 residing in the compartment is now reduced to a subset of operations (01).
wherein the second compartment is one of a split compartment and a merged compartment within the first zone, and wherein the mapping is updated to reflect a recommendation provided by a recommendation engine within the first compartment (Gattu, par0071, 0076 teaches a compartment (e.g., compartment A1 216) may also be hierarchically related to other compartments created within a tenancy. For instance, in the embodiment depicted in FIG. 2, the compartment A1 216 may be hierarchically related (i.e., be a child compartment) to one or more compartments (i.e., parent compartments) created within the tenancy. When a resource (e.g., R1) is added to the compartment A1 216, the resource automatically inherits the compartment policies associated with the compartment in addition to the compartment policies one or more parent compartments associated with the compartment…..The compartment policies applicable to the resource may include compartment policies associated with the compartment in addition to the compartment policies of one or more parent compartments that are hierarchically related to the compartment. At block 408, the security zone policy validation subsystem 118 determines if the operation on the resource is permitted based on the compartment policies determined in block 406).
          Gattu does not explicitly discloses for processing by the application within the second compartment, receive from the registry, a second IP address of the second compartment; and route the second request to the second IP address.
          Wang however teaches for processing by the application within the second compartment (Wang, par0045, 0047 teaches portions of data or information used by or generated by the security zone policy enforcement system 112 as part of its processing may comprise security zone information 120, which may be stored by the security zone policy [application] enforcement system 112 in one or more databases or files. The systems and subsystems depicted in FIG. 1 may be implemented using software (e.g., code, instructions, program) executed by one or more processing units (e.g., processors, cores) of a computing system, hardware, or combinations thereof….. A compartment may be associated with a set of compartment policies that restrict the usage of resources that reside in the compartment. Each policy in the set of compartment policies may impact one or more resources such as compute, networking, object storage, and database resources within the CSPI).
receive from the registry, a second IP address (Wang, par0054, 0060 teaches the IP virtual-pool manager 306 contains an IP and database name repository 400, which contains a number of virtual IP pairs 402A-402E, ….The IP virtual-pool manager 306 then makes Docker network requests to the Docker daemon 308, which creates the virtual network IP addresses [multiple IPs] and returns them…. At operation 604, a request is received from the first user account to access data stored for a first tenant in a multi-tenant database. In an example embodiment, the multi-tenant database is an in-memory database. At operation 606, the first virtual IP address is assigned [receiving IP address] to the first tenant, and a mapping is stored [registry] between the first virtual IP address and the first tenant in an IP-tenant match data structure. This may be performed using a Docker service).
route the second request to the second IP address (Wang, par0063-0065 teaches the request for specific data includes the first virtual IP address and the identification of the first port. At operation 618, the request for specific data is routed [routing the first request to the IP address for processing] to the instance of the first portion of the multi-tenant database via the first port. At operation 620, results from the instance of the first portion of the multi-tenant database are received via the first port).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of for processing by the application within the second compartment, receive from the registry, a second IP address of the second compartment; and route the second request to the second IP address, as taught by Wang in the computer system of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.
          Gattu, Wang and Bahl do not explicitly disclose wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database.
          Lee however teaches wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database. (Lee, par0038, 0041 teaches The second data center may replicate the first database of the first database center [first compartment] in a second database of the second data center [second compartment]…In the event of primary database system failure, the backup database can assume the role of the primary database in as little time as possible. Therefore, transactions replicated, or mirrored, to the secondary database must be as close to current as possible).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the mapping is updated to reflect a failure of a database within the first compartment, and wherein the second compartment includes a replicated database including contents of the database, as taught by Lee in the computer system of Gattu, Wang and Bahl so database systems rely on data replication and synchronization to maintain continuous system availability. Typically, in such a system, a complete copy of the database is stored at a first datacenter and the same complete copy of the database is stored at a second datacenter, see Lee par0003.

As per claim 18.  Gattu, Wang, Bahl and Lee disclose the computer system of claim 17.
          Gattu does not explicitly discloses wherein the recommendation is based upon a workload of the application.
          Wang however teaches wherein the recommendation is based upon a workload of the application. (Wang, par0058 teaches the scale-out executors 506A-506D perform the work to execute queries in a dynamic context to fetch the real-time tenant instances available in the in-memory database cluster 312. Thus, the scale-out hub 508 could start up as many tenant database instances as possible based on the system workload [based upon a workload of the application] and user resource group authorization control, with the overall status monitored at that time).
          Therefore it would have been obvious to one having ordinary skill in the art before the
effective filing date of the claimed invention to provide the functionality of wherein the recommendation is based upon a workload of the application, as taught by Wang in the computer system of Gattu so application containers consume fewer resources than comparable deployments on virtual machines because containers are able to share resources without a full operating system to underpin each application., see Wang par0004.

Conclusion
The prior art made of record and not relied upon is considered pertinent are -
• Lee, Juchang et al. (US20130275550A1) – Related art in the area of a first query from a client device at a first database node of a database instance, determination of routing information associated with the first query, and compilation of the first query at the first database node to generate first compiled code.
• Kommera et al. (US20200125453A1) – Related art in the area of systems and methods for backing up a distributed database provided as a database instance across servers within a first geographic region.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to MONISHWAR MOHAN whose telephone number is (571)272-2907. The examiner can normally be reached Monday - Thursday 7:00 am - 5:00 pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, William Trost can be reached on (571) 272-7872. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/M.M./Examiner, Art Unit 2442                                                                                                                                                                                                        

/WILLIAM G TROST IV/Supervisory Patent Examiner, Art Unit 2442