DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over De Marco et al. (Pub 20210042141) (hereafter De Marco) in view of Phillips (Pub 20110040812).

As per claim 1, De Marco teaches:
A method for committing changes of an image of a container running in a virtual machine (VM) on a host computer system, the method comprising: ([Paragraph 17], Several embodiments of the disclosed technology can thus allow flexible deployment and update of container images in computing systems.)
obtaining a guest starting folder containing a starting image for the container; ([Paragraph 6], The recipe file can identify layers of software components, such as, a “base layer” having kernel modules, device drivers, applications, etc. that are available from a host operating system at the host device, one or more “modification layers” to a container to supplement and/or modify one or more files in the base layer, and a “scratch layer” having files for capturing modifications unique to the container. For example, the base layer can include a set of clean, unmodified copies of operating system files and a set of reparse points that are placeholders that redirect to a host/package file. Examples of such clean files can include a registry and other files usually modified during installation processes. [Paragraph 5], Software packages of containers, or container images, can include digital data representing a complete filesystem (e.g., organized as a file folder with subordinate file folders) that contains operating system kernels, device drivers, event logs, temporary files/directories, applications, and/or other suitable components.)
while the container is running the starting image, storing changes made by the running container to the starting image in a first union folder to generate a changed image for the container, wherein the first union folder is a union of a new guest folder and the guest starting folder, and wherein the new guest folder reflects the changes in the first union folder; and ([Paragraph 17], In addition, a deployed container image can be dynamically modified via changes to the mapping table. These changes can occur “on-the-fly” while the container is running because the bind filter is configured to remap the file locations and resolving queries for files/packages on-the-fly.  [Paragraph 45], the file manager 106 can be configured to provide a user interface to manage files 107 and folders (not shown) stored at the host storage 104. In certain embodiments, the file manager 106 can include one or more filesystem filters individually configured to perform certain file system functions in order to accommodate data storage in the host storage 104. Example functionalities can include creating time stamps, creating last change time stamps, etc. In accordance with embodiments of the disclosed technology, a bind filter 115 can be configured to resolve reparse points included in the container images 124 during runtime. As such, the file manager 106 can be configured to locate and serve requested files 107 for the containers 114, as described in more detail below with reference to FIGS. 3A-3C. In some embodiments, the container images 124 can be updated atomically. In other embodiments, the image servers 120 may also serve a differentiated (or “diff”) image to a “baseline” container image, in which patched and/or updated files are present to provide an efficient update mechanism.  [Paragraph 6], The recipe file can identify layers of software components, such as, a “base layer” having kernel modules, device drivers, applications, etc. that are available from a host operating system at the host device, one or more “modification layers” to a container to supplement and/or modify one or more files in the base layer, and a “scratch layer” having files for capturing modifications unique to the container. For example, the base layer can include a set of clean, unmodified copies of operating system files and a set of reparse points that are placeholders that redirect to a host/package file. Examples of such clean files can include a registry and other files usually modified during installation processes.)
forming a second union folder as a union of a new host folder and the guest starting folder, the new host folder containing the changes to the starting image, and the second union folder containing the changed image.
Although De Marco silently discloses union folder(s) by updating container images atomically and serving differentiated images to a baseline container image which updates are present. ([Paragraph 45, 6])
De Marco does not explicitly spell out/disclose first/second union folder.
Philips explicitly discloses first/second union folder ([Paragraph 255], FIG. 26A depicts how a merged view may be constructed from two layers of a virtual file system. FIG. 26A includes a lower layer 2602 with a layer-specific file system hierarchy, an upper layer 2604 with a layer-specific file system hierarchy, and a merged view 2608 with a merged view file system hierarchy. The merged view 508 may contain a union of the upper and lower layers that conforms to layer hierarchy rules of the layered virtual file system.  [Paragraph 260], Multiple layers may be merged together to form the virtual file system 2700. The base layer 2702 may consist of the operating system and applications and utilities as determined by the administrator and untainted by any user customization.   
Philips also teaches starting folder (i.e. root folder); folder(s) with hierarchical structure; a union of a new host folder and the guest starting folder, the new host folder containing the changes to the starting image, and the second union folder containing the changed image. ([Paragraph 12], In an aspect of the invention, a method of providing a virtualized workspace for a computing facility may include configuring a physical workspace of the computing facility into a plurality of virtual layers, wherein the plurality of virtual layers include at least one of a base layer and a user layer, and where the base layer is configured as the bottom most layer of the plurality of virtual layers. The aspect may also include providing each of the plurality of virtual layers with its own file system hierarchy. The aspect may also further include overlaying the file system hierarchy of each of the plurality of virtual layers such that a file system hierarchy in a first virtual layer is configured above a file system hierarchy…  [Paragraph 23], In another aspect of the invention, a method for updating an operating system of a client computer may include installing a computer operating system into a new base layer that is suitable for use as a base layer in a layered virtual file system and storing the new base layer in a memory accessible to a data management server.  [Paragraph 260], virtual layer may be a collection of data identified by a GUID and may include a file system, a hierarchy of folders and files, a registry, a hierarchy of keys and values, a scope, a list of folder paths, and registry keys. Multiple layers may be merged together to form the virtual file system 2700. The base layer 2702 may consist of the operating system and applications and utilities as determined by the administrator and untainted by any user customization. The base layer 2702 may be the lowest layer. Typically, the base layer 2702 may be isolated from all changes by the layers above. [Paragraph 270], For example, if a layer contains some file named \A\B\C, then there may be a folder named \A and a folder \A\B. Such folders may be created to provide connectivity between the root directory and file C and then they may be marked with a metastate of shadow. [Paragraph 277], Two or more virtual application layers may be merged to reduce overhead caused by additional virtual layers.  [Paragraph 287], In another embodiment, the additional layer may be referred to as foreign layer. The foreign layer may be an abstract layer which may own a portion of the namespace, but may direct the virtual file system 2700 to ignore those files and folders altogether.  [Paragraph 297], In an embodiment, if the client version trumps, then the revised version of \A\B\C in the base layer may be ignored. In another embodiment, if the server version trumps, then the client version may be copied into a conflict bin and may be replaced in the owner layer with the server copy.)
It would have been obvious to a person with ordinary skill in the art, before the effective filing date of the invention, to combine the teachings of De Marco wherein starting folder is obtainer for staring image for a container, changes made during running (on-the-fly) of container generates a changed image(s) that is/are updated atomically and starting folder with updated image is generated, into teachings of Philips wherein union folders (first/second) are containing changes to the starting image (i.e. base layer), because this would enhance the teachings of De Marco wherein by generating a union folder which comprises merged changes, excessive layers (i.e. folder) may be reduced to reduce overhead.  Furthermore, when revised version is present, folder(s) containing a revised base layer can be ignored based on conflict resolution guideline(s).

As per claim 2, rejection of claim 1 is incorporated:
De Marco teaches wherein a guest file system of the VM is shared with a host file system of the host computer system; and 
wherein the host file system includes a host starting folder containing the starting image of the container and shares the host starting folder as the guest starting folder in the guest file system. ([Paragraph 13], The host file sharing server can expose host directory trees to a guest such as the container and can be reconfigured on the host via a host SMB server. A guest server message block (“SMB”) client (e.g., running on the container) can communicate with a host file sharing server via a virtual machine bus (“VMBUS”). As such, via the host file sharing server, the IO request can be redirected to a suitable location at which a corresponding file from the host can be accessed….  [Paragraph 8], or example, the base layer and the one or more modification layers are typically defined in a recipe file and not modifiable post instantiation. As such, additional components (e.g., new reparse points) to the base and/or modification layers not initially included may not be added after the container starts running. In order to insert additional components into the base and/or modification layers, a new container may be initiated in place of the original container.   [Paragraph 5], Software packages of containers, or container images, can include digital data representing a complete filesystem (e.g., organized as a file folder with subordinate file folders) that contains operating system kernels, device drivers, event logs, temporary files/directories, applications, and/or other suitable components.)
Philips also teaches ([Paragraph 12], In an aspect of the invention, a method of providing a virtualized workspace for a computing facility may include configuring a physical workspace of the computing facility into a plurality of virtual layers, wherein the plurality of virtual layers include at least one of a base layer and a user layer, and where the base layer is configured as the bottom most layer of the plurality of virtual layers. The aspect may also include providing each of the plurality of virtual layers with its own file system hierarchy. The aspect may also further include overlaying the file system hierarchy of each of the plurality of virtual layers such that a file system hierarchy in a first virtual layer is configured above a file system hierarchy…  [Paragraph 23], In another aspect of the invention, a method for updating an operating system of a client computer may include installing a computer operating system into a new base layer that is suitable for use as a base layer in a layered virtual file system and storing the new base layer in a memory accessible to a data management server.  [Paragraph 260], virtual layer may be a collection of data identified by a GUID and may include a file system, a hierarchy of folders and files, a registry, a hierarchy of keys and values, a scope, a list of folder paths, and registry keys. Multiple layers may be merged together to form the virtual file system 2700. The base layer 2702 may consist of the operating system and applications and utilities as determined by the administrator and untainted by any user customization. The base layer 2702 may be the lowest layer. Typically, the base layer 2702 may be isolated from all changes by the layers above.)

As per claim 3, rejection of claim 2 is incorporated:
De Marco teaches wherein the host file system includes the new host folder; and wherein the host file system shares the new host folder as a guest folder of the guest file system, the guest folder containing the changes to the starting image([Paragraph 13], The host file sharing server can expose host directory trees to a guest such as the container and can be reconfigured on the host via a host SMB server. A guest server message block (“SMB”) client (e.g., running on the container) can communicate with a host file sharing server via a virtual machine bus (“VMBUS”). As such, via the host file sharing server, the IO request can be redirected to a suitable location at which a corresponding file from the host can be accessed….  [Paragraph 8], or example, the base layer and the one or more modification layers are typically defined in a recipe file and not modifiable post instantiation. As such, additional components (e.g., new reparse points) to the base and/or modification layers not initially included may not be added after the container starts running. In order to insert additional components into the base and/or modification layers, a new container may be initiated in place of the original container.   [Paragraph 5], Software packages of containers, or container images, can include digital data representing a complete filesystem (e.g., organized as a file folder with subordinate file folders) that contains operating system kernels, device drivers, event logs, temporary files/directories, applications, and/or other suitable components.)
Philips also teaches ([Paragraph 12], In an aspect of the invention, a method of providing a virtualized workspace for a computing facility may include configuring a physical workspace of the computing facility into a plurality of virtual layers, wherein the plurality of virtual layers include at least one of a base layer and a user layer, and where the base layer is configured as the bottom most layer of the plurality of virtual layers. The aspect may also include providing each of the plurality of virtual layers with its own file system hierarchy. The aspect may also further include overlaying the file system hierarchy of each of the plurality of virtual layers such that a file system hierarchy in a first virtual layer is configured above a file system hierarchy…  [Paragraph 23], In another aspect of the invention, a method for updating an operating system of a client computer may include installing a computer operating system into a new base layer that is suitable for use as a base layer in a layered virtual file system and storing the new base layer in a memory accessible to a data management server.  [Paragraph 260], virtual layer may be a collection of data identified by a GUID and may include a file system, a hierarchy of folders and files, a registry, a hierarchy of keys and values, a scope, a list of folder paths, and registry keys. Multiple layers may be merged together to form the virtual file system 2700. The base layer 2702 may consist of the operating system and applications and utilities as determined by the administrator and untainted by any user customization. The base layer 2702 may be the lowest layer. Typically, the base layer 2702 may be isolated from all changes by the layers above.)

As per claim 4, rejection of claim 2 is incorporated:
De Marco teaches wherein the container runtime fetches the starting image for the container from the host computer system and provides the starting image in the host starting folder. ([Paragraph 13], For example, the base layer can include a combination of original or “pristine” files and reparse points. When a reparse point in the base layer is requested, for instance, by an application executing in the container, the container manager can redirect a corresponding IO request to the bind filter. The bind filter in turn, can look up a corresponding entry in the mapping table and direct the IO request to an appropriate location, for instance, a pristine file in the base layer.)

As per claim 5, rejection of claim 4 is incorporated:
Philips teaches wherein the starting image for the container resides in a repository for images on the host computer system; and wherein the images in the repository are read-only images. ([Paragraph 286], n another embodiment, an additional layer that may be referred to as Copy on Write (CoW) layer may be present. The CoW layer may own a portion of the file namespace that may not be owned by any other layer. If an application attempts to modify some file whose name does not match any rule's path name prefix, then the change may be made to the CoW layer. The goal of the CoW layer may be to minimize changes made to the base layer. Another goal of the CoW layer may be to tightly control changes made to the system volume and to provide a mechanism for identifying missing rules. By examining the files placed in the CoW layer, a user or administrator may determine whether some additional rules need to be created.)

As per claim 6, rejection of claim 1 is incorporated:
Philips teaches wherein the changed image in the second union folder is stored in a repository of container images. ([Paragraph 12], In an aspect of the invention, a method of providing a virtualized workspace for a computing facility may include configuring a physical workspace of the computing facility into a plurality of virtual layers, wherein the plurality of virtual layers include at least one of a base layer and a user layer, and where the base layer is configured as the bottom most layer of the plurality of virtual layers. The aspect may also include providing each of the plurality of virtual layers with its own file system hierarchy. The aspect may also further include overlaying the file system hierarchy of each of the plurality of virtual layers such that a file system hierarchy in a first virtual layer is configured above a file system hierarchy…  [Paragraph 23], In another aspect of the invention, a method for updating an operating system of a client computer may include installing a computer operating system into a new base layer that is suitable for use as a base layer in a layered virtual file system and storing the new base layer in a memory accessible to a data management server.  [Paragraph 260], virtual layer may be a collection of data identified by a GUID and may include a file system, a hierarchy of folders and files, a registry, a hierarchy of keys and values, a scope, a list of folder paths, and registry keys. Multiple layers may be merged together to form the virtual file system 2700. The base layer 2702 may consist of the operating system and applications and utilities as determined by the administrator and untainted by any user customization. The base layer 2702 may be the lowest layer. Typically, the base layer 2702 may be isolated from all changes by the layers above.  [Paragraph 277], Two or more virtual application layers may be merged to reduce overhead caused by additional virtual layers.  [Paragraph 287], In another embodiment, the additional layer may be referred to as foreign layer. The foreign layer may be an abstract layer which may own a portion of the namespace, but may direct the virtual file system 2700 to ignore those files and folders altogether.  [Paragraph 297], In an embodiment, if the client version trumps, then the revised version of \A\B\C in the base layer may be ignored. In another embodiment, if the server version trumps, then the client version may be copied into a conflict bin and may be replaced in the owner layer with the server copy.)

As per claim 7, rejection of claim 1 is incorporated:
Philips teaches wherein a container runtime runs on the host computer system but does not run the starting image. ([Paragraph 23], In another aspect of the invention, a method for updating an operating system of a client computer may include installing a computer operating system into a new base layer that is suitable for use as a base layer in a layered virtual file system and storing the new base layer in a memory accessible to a data management server. The aspect may also include transmitting the new base layer from the data management server to a client computer to be stored in a memory accessible to the client computer. The aspect may also further include directing an instance of the layered virtual file system that is resident on the client computer to use the new base layer…  [Paragraph 133], The applications 204 may include a set of virtualized applications that reside outside of the virtual machine image 202 and are encapsulated in their own individual containers.  [Paragraph 186], Within the WEE may exist a particular virtual machine (a "ServiceOS" or "control domain") that executes physical drivers, runs hardware emulation software, provides virtual workspace device level management, supports security attestation of software stacks, exposes a virtual device to a user-visible virtual machine, downloads a virtual disk image 528 stored in a secured workspace volume 524 from the management system 108, runs or mounts said virtual disk image 528, and so on. )

As per claims 8-14, these are system claims corresponding to the method claims 1-7.  Therefore, rejected based on similar rationale.

As per claims 15-20, these are non-transitory computer-readable medium claims corresponding to the method claims 1-7.  Therefore, rejected based on similar rationale.

Conclusion

The prior art made of record and not relied upon is considered pertinent to applicant's disclosure. 
Prasad et al. (Pub 20210103450) discloses merging multiple sequential files of the initial container image base on various rules.


Any inquiry concerning this communication or earlier communications from the examiner should be directed to DONG U KIM whose telephone number is (571)270-1313. The examiner can normally be reached 9:00am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emerson Puente can be reached on 5712723652. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DONG U KIM/Primary Examiner, Art Unit 2196