Detailed Office Action
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
this office action is response to the communication filed on 0on 6/10/20.
original claims 1-22 are pending.
Claims 13, and 17-22 are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims  1, and 2 are rejected under 35 U.S.C. 103 as being unpatentable over Young et al. U.S. Patent No. 10,708,368[hereinafter Young] in view of  Behera et al. U.S. Patent Application No. 2016/0335129[hereinafter Behera].
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

As per claim 1, Young discloses a method of deploying network elements for a set of machines in a set of one or more datacenters(see par. 0004), the method comprising:
receiving intent-based API (Application Programming Interface) requests( see col. 2, lines 6-20, the system may receive a request to generate a network slice configuration for providing a service via a network, determine a description template associated with a network slice type of the service (e.g., identified in the request),
parsing the API requests to identify a plurality of network elements to deploy(( see col. 2, lines 6-20,  and col. 3, lines 50-65 the system may receive a request to generate a network slice configuration for providing a service via a network, determine a description template associated with a network slice type of the service (e.g., identified in the request);
performing automated processes to deploy the network elements to define a virtual private cloud (VPC) ( that is For example, the slice offer system may receive a request to generate a network slice configuration for providing a service via a network, determine a description template associated with a network slice type of the service (e.g., identified in the request), determine a description profile for the network slice configuration (e.g., based on deployment parameters of the request), generate a slice deployment description for the network slice configuration according to location-specific characteristics associated with resources at a location (e.g., a location indicated in the request) and a service level agreement associated with the request, and/or deploy the slice deployment description to permit an NSI to be created according to the slice deployment description) ;
Young does not explicitly discloses  connect a plurality of machines in a logical network that segregates the plurality of machines from other machines in the datacenter set, the plurality of machines comprising virtual machines and containers.
Behera discloses connect a plurality of machines in a logical network that segregates the plurality of machines from other machines in the datacenter set, the plurality of machines comprising virtual machines and containers(see par. 0046, 0128). Therefore, it would have been obvious to one having ordinary skill in the art prior to effective filing date of the claimed invention to incorporate the teachings of Behera into the system of Young in order  to provide a network control system for defining a logical network that connects virtual machines (VMs) that operate on host machines in a network as well as containers as this provides  a form of virtualization that isolates different groups of applications that operate in different containers , thus by identifying separate security domains for each container VM, the system is able to isolate problems caused by a compromised container to the container VM and to a single tenant. 

as per claim 2, Young discloses the method of claim 1, wherein performing the automated processes comprises using a template to identify and deploy a plurality of network elements to implement the logical network without an administrator performing any action to direct the identification and deployment of the network elements after the API requests are received(see fig. 5 and col. 17, lines 16-55). 

Claim 3-10 and 14-16 are  rejected under 35 U.S.C. 103 as being unpatentable over Young et al. U.S. Patent No. 10,708,368[hereinafter Young] in view of  Behera et al. U.S. Patent Application No. 2016/0335129[hereinafter Behera] and further in view of Cheng et al U.S. Patent Application No. 2017/0353351[hereinafter Cheng].
 As per claims 3, the system of Young and Behera discloses substantial features of the claimed invention as discussed above with respect to claim 1, 
Young and Behera does not explicitly disclose wherein performing the automated process comprises deploying and configuring a gateway router for the VPC to connect the VPC to a network of the datacenter set.
Cheng discloses wherein performing the automated process comprises deploying and configuring a gateway router for the VPC to connect the VPC to a network of the datacenter set(see par. 0019, 0021). Therefore, it would have been obvious to one having ordinary skill in the art prior to effective filing date of the claimed invention to incorporate the teachings of Cheng into the system of Youg-Behera  because VPC gateway are known to  perform load balancing operations, with respect to the virtual service for one or more different  types of data message traffic

as per claim 4, Cheng discloses the method of claim 3, wherein configuring the VPC gateway router comprises configuring the VPC gateway router to communicate with a datacenter gateway router to connect the VPC to a network external to the datacenter set(see par. 0019, 0021).

as per claim 5, Cheng discloses the method of claim 3, wherein configuring the VPC gateway router further comprises configuring the VPC gateway router to communicate with a datacenter gateway router to connect the VPC gateway to another VPC gateway of another VPC in order to connect the two VPCs to each other(see fig.1 and see par. 0018-0019, 0021).

as per claim 6, Cheng discloses The method of claim 3, wherein configuring the VPC gateway comprises configuring a source network address translation (SNAT) operation to be performed by the VPC gateway to translate internal network addresses used within the VPC to a set of one or more external source network addresses(see par. 0032-0033).

as per claim 7, Cheng discloses the method of claim 6, wherein the external source network addresses are addresses within the datacenter set(see par. 0002, 0019).  

as per claim 8, Cheng disclose the method of claim 6, wherein the external source network addresses are addresses to a network outside of the datacenter set. (see par. 0019-0020).  

as per claim 9, Cheng discloses the method of claim 6, wherein the VPC is not configured to perform SNAT operations for traffic exchanged between the VPC and another VPC that is deployed in the set of datacenters (see par. 0026, 0033).

as per claim 10, Cheng discloses the method of claim 3, wherein configuring the VPC gateway comprises configuring a load balancing operation to be performed by the VPC gateway on traffic entering the VPC (see par. 0026, 0033).


as per claim 14 Cheng discloses the method of claim 1 further comprising deploying the set of machines to execute on a set of host computers in the set of datacenters(see par. 0018-0019, 0021).


as per claim 15, Cheng discloses the method of claim 1, wherein performing the automated process comprises configuring the logical network for the VPC to connect the set of machines to each other (see par. 0018-0019, 0021).
.

as per claim 16, Cheng discloses the method of claim 15, wherein the logical network comprises a logical forwarding element, and configuring the logical network comprises configuring a plurality of physical forwarding elements to implement the logical forwarding element (see par. 0026, 0033).
1.	Claim 11 and 12 are  rejected under 35 U.S.C. 103 as being unpatentable over Young et al. U.S. Patent No. 10,708,368[hereinafter Young] in view of  Behera et al. U.S. Patent Application No. 2016/0335129[hereinafter Behera] and further in view of Gawada  et al U.S. Patent No. 11316822[hereinafter Gawada].
 	As per claims11-12, the system of Young and Behera discloses substantial features of the claimed invention as discussed above with respect to claim 1, 
Young and Behera does not explicitly discloses wherein the load balancing operation performs a layer 4/7 Kubernetes LB operation. 
Gawada discloses wherein the load balancing operation performs a layer 4/7 Kubernetes LB operation(see col. 2, lines 48-65 and col. 8, lines 41-51). Therefore, it would have been obvious to one having ordinary skill in the art prior to effective filing date of the claimed invention to incorporate the teachings of Gawada into the system of Youg-Behera  Kubernetes LB  isolated services (e.g., Kubernetes services), in a multitenant data center, that employ failover or floating IP addresses as external IP addresses, as this  may enable tenant isolation for ingress implementations (e.g., Kubernetes layer 7 load balancing implementations) that use external IP addresses.

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ABDULLAHI ELMI SALAD whose telephone number is (571)272-4009. The examiner can normally be reached 9:30AM-6:PM. Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice. If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Thu Nguyen can be reached on 571-272-6967. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/ABDULLAHI E SALAD/Primary Examiner, Art Unit 2452