DETAILED ACTION

Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .


This Office Action is in response to the amendment filed on 4/12/2022.  This action is made FINAL.

Claims 1-3 and 5-21 are pending and they are presented for examinations.

Response to Arguments

Applicant's arguments filed regarding claim 1 (page 8), “First, the cited reference does not disclose or suggest receiving a Custom Resource Definition (CRD) that defines an endpoint group as a customer-specified resource in the datacenter set.”  “However, while Vaidya mentions CRDs, Vaidya does not disclose or suggest a CRD defining an endpoint group as a custom-specified resource in a set of datacenters.  There is no portion in any of Vaidya regarding an endpoint group in any context, let alone an endpoint group that is defined by a CRD as a custom-specified resource in a datacenter set.
The examiner would like to point out to Vaidya which discloses receiving a CRD that defines an endpoint group as a customer-specified resource in the datacenter set.
First, any resource(s) that is/are defined by a Custom Resource Definition is/are customer-specified resource.  Therefore, amendment to the claim to positively recite custom-specified resource is not persuasive, since customer-specified resource is inherent part of Customer Resource Definition.
Second, CRD defines an endpoint group as a customer-specified resource in the datacenter set.  
Vaidya teaches group(s) that is/are defined by CRD namespace specification data which defines an endpoint group of plurality of network elements (i.e. pod(s)):
[Paragraph 68-69 and table 2], Other examples of namespace specification data 27 may use different schemas to specify virtual networks. For instance, the following is another example of namespace specification data 27:…  The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks.
[Paragraph 73], Pod 22A is a Kubernetes pod and an example of a virtual network endpoint. A pod is a group of one or more logically-related containers (not shown in FIG. 1), the shared storage for the containers, and options on how to run the containers…  [Paragraph 74], The virtual execution element specification data may include a namespace object specifying a namespace associated with pod 22A, e.g., a namespace indicated in namespace specification data 27. The namespace denotes the primary group of virtual networks for pod 22A. Additionally, or alternatively, virtual execution element specification data for pod 22A may include a network annotation specifying a secondary group of virtual networks, where at least one virtual network of the secondary group of virtual networks is not specified by the namespace for pod 22A. Together, the primary group of virtual networks and the secondary group of virtual networks make up a combined group of virtual networks for which pod 22A is to be configured with respective virtual network interfaces.
Therefore, argument is not persuasive.

Applicant's arguments filed regarding claim 1 (page 8), “However, there is no mention in any of Vaidya regarding an intent-based API request that refers to a CRD.  While Vaidaya discusses APIs and briefly mentions CRDs, no portion in any of Vaidya describes CRDs referred to by an API request. Furthermore, Vaidya discloses an API server that instantiates virtual execution elements, and, as discussed previously, Vaidya does not disclose or suggest an endpoint group.  As such, Vaidya does not disclose an API that defines attributes of an endpoint group with different types of network elements as members.”  
The examiner would like to point out Vaidya does in fact disclose intent-based API request that refers to a CRD.  
As show above (previous argument), Vaidya does explicitly disclose CRD which defines an endpoint group.  
Furthermore, Vaidya explicitly discloses implementing a CRD objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard which specifies requirements and procedures for attaching Kubernetes pods… API requests that refers to the CRD are provided by JSON data in numerous occasions (tables 3-8)
Tables 3-8 shows similar intent-based API request that refers to the CRD of instant application figures 6, 10, 15, 19, 21, 22 and 26 (emphasis added) 
Table 3: 
kind: Pod metadata:    
name: my-pod    
namespace: my-namespace    
annotations: k8s.v1.cni.cncf.io/networks: net-a, net-b, other-ns/net-c
	Table 4-8: 
	[Paragraph 69], The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks.
	[Paragraph 74], More specifically, the human-readable file corresponding to pod 22A may be encoded in YAML or JSON. The virtual execution element specification data may include a namespace object specifying a namespace associated with pod 22A, e.g., a namespace indicated in namespace specification data 27. The namespace denotes the primary group of virtual networks for pod 22A.
	[Paragraph 137], API server 320 includes code executable by microprocessor 310. API server 320 may be one or more computer processes. API server 320 validates and configures data for objects, such as virtual execution elements (e.g., pods of containers), services, and replication controllers, for instance. A service may be an abstraction that defines a logical set of pods and the policy used to access the pods. The set of pods implementing a service are selected based on the service definition.
[Paragraph 164], API server 320 receives a request to create one or more namespaces and modifies the configuration store 328 with configuration for creating the one or more namespaces (502). In some examples, the request to create the one or more namespaces includes namespace specification data 27. For example, namespace specification data 27 may be encoded with a human-readable data serialization language (e.g., YAML, JSON, or the like).

Applicant's arguments filed regarding claim 1 (page 9), “Third, the cited reference does not disclose or suggest performing an automated process to parse the intent-based API request and process the CRD to define the endpoint group of network elements with at least two network elements being two different types as members.”
The examiner would like to point out to Vaidya which discloses automated process to parse the intent-based API request and process the CRD to define the endpoint group of network elements with at least two network elements being two different types as members.” 
As show above (first argument), Vaidya does explicitly disclose CRD which defines an endpoint group.  
Vaidya explicitly discloses parsing of virtual execution element specification data (i.e. intent-based API request) to create endpoint group(s) of virtual network elements which comprises different type of network elements.
For example, JSON/YAML/human readable text file must be parsed by an automated process to extract relevant information for the CRD and API request.
[Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. [Paragraph 84], the virtual execution element specification data may include a namespace object which specifies a namespace denoting a primary group of virtual networks and a network annotation which specifies a secondary group of virtual networks. Network controller 24 is configured to parse the virtual execution element specification data to create the secondary group of virtual networks in the computing infrastructure 8.  [Paragraph 145], readable text file. By parsing the human-readable text file, network controller may obtain information for creating the primary group of virtual networks. In some examples, network controller 324 uses the information to configure any combination of TOR switches 16 and chassis switches 18 to create the primary group of virtual networks in the computing infrastructure 8. Network controller 324 may create the primary group of virtual networks independently of API server 320, scheduler 322, network controller manager 325, and controller manager 326. 
[Paragraph 68-69, 73, 74, 160, 164]

Similar arguments for claims 2 and 21 have been addressed above.


Claim Rejections - 35 USC § 102

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for the rejections under this section made in this Office action:
A person shall be entitled to a patent unless –

(a)(1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention.




Claim(s) 1-3 and 5-21 is/are rejected under 35 U.S.C. 102(a)(1)as being anticipated by Vaidya et al. (Pub 20200076685) (hereafter Vaidya).

As per claim 1, Vaidya teaches:
A method of deploying network elements for a set of machines in a set of one or more datacenters, the method comprising: 
receiving a Custom Resource Definition (CRD) that defines an endpoint group as a custom-specified resource in the datacenter set; ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below.  [Paragraph 3], In a typical cloud data center environment, there is a large collection of interconnected servers that provide computing and/or storage capacity to run various applications.  [Paragraph 69], The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks. [Paragraph 7], With containers' inherently lightweight nature, a single host can support many more container instances than traditional virtual machines (VMs). Often short-lived, containers can be created and moved more efficiently than VMs, and they can also be managed as groups of logically-related elements (sometimes referred to as "pods" for some orchestration platforms, e.g., Kubernetes).)
receiving an intent-based API (Application Programming Interface) request that refers to the CRD and define one or more attributes of an endpoint group that includes different types of network elements as members; and ([Paragraph 137], API server 320 may implement a Representational State Transfer (REST) inte  rface to process REST operations and provide the frontend to a corresponding cluster's shared state stored to configuration store 328. API server 320 may authenticate and authorize requests. API server 320 communicates with other components to instantiate virtual execution elements in the computing infrastructure 8. API server 320 may represent a Kubernetes API server. [Paragraph 69], The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks.  [Paragraph 153], The operations are described with respect to components of computing devices 200 and 300 of FIGS. 2-3. API server 320 receives a request to instantiate a pod 202A and modifies the configuration store 328 with configuration for creating the pod 202A (402). Scheduler 322 may select the computing device 200 as the host minion node for the pod 202A. API server 320 may annotate the pod 202A with a list of multiple virtual networks and a uuid for the pod (pod_uuid). Other forms of identifiers for the pod may be used. The annotations may be labels for the pod configuration that indicate the virtual networks, such as "virtual network A" and "virtual network B".  [Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below. [Paragraph 73], Examples of IPC include SystemV semaphores or POSIX shared memory. Generally, containers that are members of different pods have different IP addresses and are unable to communicate by IPC in the absence of a configuration for enabling this feature. Containers that are members of different pods instead usually communicate with each other via pod IP addresses.  [Paragraph 74], More specifically, the human-readable file corresponding to pod 22A may be encoded in YAML or JSON. The virtual execution element specification data may include a namespace object specifying a namespace associated with pod 22A, e.g., a namespace indicated in namespace specification data 27. The namespace denotes the primary group of virtual networks for pod 22A.  [Paragraph 164], API server 320 receives a request to create one or more namespaces and modifies the configuration store 328 with configuration for creating the one or more namespaces (502). In some examples, the request to create the one or more namespaces includes namespace specification data 27. For example, namespace specification data 27 may be encoded with a human-readable data serialization language (e.g., YAML, JSON, or the like).)
performing an automated process to parse the intent-based API request and process the CRD to define the endpoint group that includes a plurality of network elements comprising at least two network elements of two different types as members of the endpoint group. ([Paragraph 10], In some examples, the multiple virtual networks specified in a namespace specification data constitute a primary group of virtual networks for virtual execution elements deployed to the namespace. Configuration data for a virtual execution element, to be deployed to a namespace, may further include a network annotation that specifies a secondary group of virtual networks. [Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. [Paragraph 84], the virtual execution element specification data may include a namespace object which specifies a namespace denoting a primary group of virtual networks and a network annotation which specifies a secondary group of virtual networks. Network controller 24 is configured to parse the virtual execution element specification data to create the secondary group of virtual networks in the computing infrastructure 8.  [Paragraph 145], readable text file. By parsing the human-readable text file, network controller may obtain information for creating the primary group of virtual networks. In some examples, network controller 324 uses the information to configure any combination of TOR switches 16 and chassis switches 18 to create the primary group of virtual networks in the computing infrastructure 8. Network controller 324 may create the primary group of virtual networks independently of API server 320, scheduler 322, network controller manager 325, and controller manager 326.  [Paragraph 160], As such, the techniques described a way in which a user can provide a list of networks as an annotation in the pod 202A YAML. The network controller manager 325 may parse this list of networks and create the respective ports in the virtual router 220.  [Paragraph 164], FIGS. 2-3. API server 320 receives a request to create one or more namespaces and modifies the configuration store 328 with configuration for creating the one or more namespaces (502). In some examples, the request to create the one or more namespaces includes namespace specification data 27. For example, namespace specification data 27 may be encoded with a human-readable data serialization language (e.g., YAML, JSON, or the like). Namespace specification data 27 designates at least one namespace. Additionally, each namespace of the at least one namespace specifies a plurality of virtual networks. Network controller manager 325 generates namespace configuration data based on namespace specification data 27 and directs network controller 324 to create the virtual networks based on the namespace specification data (504). Network controller manager 325 may direct the network controller 324 in this way by issuing requests to the network controller 324, e.g., via an API, or by storing one or more network configuration objects in a configuration store for the virtualized computing infrastructure. In some examples, namespace specification data 27 includes network topology frameworks for the plurality of virtual networks specified by each namespace. As such, network controller 324 may parse the namespace specification data to obtain the network topology frameworks for creating the plurality of virtual networks. Step 502 and/or 504 may be performed as part of instantiated a pod. [Paragraph 73], Examples of IPC include SystemV semaphores or POSIX shared memory. Generally, containers that are members of different pods have different IP addresses and are unable to communicate by IPC in the absence of a configuration for enabling this feature. Containers that are members of different pods instead usually communicate with each other via pod IP addresses. [Paragraph 68-69 and table 2], Other examples of namespace specification data 27 may use different schemas to specify virtual networks. For instance, the following is another example of namespace specification data 27:…  The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks. [Paragraph 73], Pod 22A is a Kubernetes pod and an example of a virtual network endpoint. A pod is a group of one or more logically-related containers (not shown in FIG. 1), the shared storage for the containers, and options on how to run the containers…  [Paragraph 74], The virtual execution element specification data may include a namespace object specifying a namespace associated with pod 22A, e.g., a namespace indicated in namespace specification data 27. The namespace denotes the primary group of virtual networks for pod 22A. Additionally, or alternatively, virtual execution element specification data for pod 22A may include a network annotation specifying a secondary group of virtual networks, where at least one virtual network of the secondary group of virtual networks is not specified by the namespace for pod 22A. Together, the primary group of virtual networks and the secondary group of virtual networks make up a combined group of virtual networks for which pod 22A is to be configured with respective virtual network interfaces.)

As per claim 2, Vaidya teaches:
A method of deploying network elements for a set of machines in a set of one or more datacenters, the method comprising:
receiving a Custom Resource Definition (CRD) that defines an endpoint group resource in the datacenter set; ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below.  [Paragraph 3], In a typical cloud data center environment, there is a large collection of interconnected servers that provide computing and/or storage capacity to run various applications.  [Paragraph 69], The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks. [Paragraph 7], With containers' inherently lightweight nature, a single host can support many more container instances than traditional virtual machines (VMs). Often short-lived, containers can be created and moved more efficiently than VMs, and they can also be managed as groups of logically-related elements (sometimes referred to as "pods" for some orchestration platforms, e.g., Kubernetes).)
receiving intent-based API (Application Programming Interface) request that refers to the CRD and define one or more attributes of an endpoint group that includes different types of network elements as members; and ([Paragraph 137], API server 320 may implement a Representational State Transfer (REST) inte  rface to process REST operations and provide the frontend to a corresponding cluster's shared state stored to configuration store 328. API server 320 may authenticate and authorize requests. API server 320 communicates with other components to instantiate virtual execution elements in the computing infrastructure 8. API server 320 may represent a Kubernetes API server. [Paragraph 69], The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks.  [Paragraph 153], The operations are described with respect to components of computing devices 200 and 300 of FIGS. 2-3. API server 320 receives a request to instantiate a pod 202A and modifies the configuration store 328 with configuration for creating the pod 202A (402). Scheduler 322 may select the computing device 200 as the host minion node for the pod 202A. API server 320 may annotate the pod 202A with a list of multiple virtual networks and a uuid for the pod (pod_uuid). Other forms of identifiers for the pod may be used. The annotations may be labels for the pod configuration that indicate the virtual networks, such as "virtual network A" and "virtual network B".  [Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below. [Paragraph 73], Examples of IPC include SystemV semaphores or POSIX shared memory. Generally, containers that are members of different pods have different IP addresses and are unable to communicate by IPC in the absence of a configuration for enabling this feature. Containers that are members of different pods instead usually communicate with each other via pod IP addresses.  [Paragraph 74], More specifically, the human-readable file corresponding to pod 22A may be encoded in YAML or JSON. The virtual execution element specification data may include a namespace object specifying a namespace associated with pod 22A, e.g., a namespace indicated in namespace specification data 27. The namespace denotes the primary group of virtual networks for pod 22A.  [Paragraph 164], API server 320 receives a request to create one or more namespaces and modifies the configuration store 328 with configuration for creating the one or more namespaces (502). In some examples, the request to create the one or more namespaces includes namespace specification data 27. For example, namespace specification data 27 may be encoded with a human-readable data serialization language (e.g., YAML, JSON, or the like).)
performing an automated process to parse the intent-based API request and process the CRD to define the endpoint group that includes at lest two network elements of two different types as members of the endpoint group, wherein the different type of network elements include virtual machines and container Pods. ([Paragraph 10], In some examples, the multiple virtual networks specified in a namespace specification data constitute a primary group of virtual networks for virtual execution elements deployed to the namespace. Configuration data for a virtual execution element, to be deployed to a namespace, may further include a network annotation that specifies a secondary group of virtual networks. [Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. [Paragraph 84], the virtual execution element specification data may include a namespace object which specifies a namespace denoting a primary group of virtual networks and a network annotation which specifies a secondary group of virtual networks. Network controller 24 is configured to parse the virtual execution element specification data to create the secondary group of virtual networks in the computing infrastructure 8.  [Paragraph 145], readable text file. By parsing the human-readable text file, network controller may obtain information for creating the primary group of virtual networks. In some examples, network controller 324 uses the information to configure any combination of TOR switches 16 and chassis switches 18 to create the primary group of virtual networks in the computing infrastructure 8. Network controller 324 may create the primary group of virtual networks independently of API server 320, scheduler 322, network controller manager 325, and controller manager 326.  [Paragraph 160], As such, the techniques described a way in which a user can provide a list of networks as an annotation in the pod 202A YAML. The network controller manager 325 may parse this list of networks and create the respective ports in the virtual router 220.  [Paragraph 164], FIGS. 2-3. API server 320 receives a request to create one or more namespaces and modifies the configuration store 328 with configuration for creating the one or more namespaces (502). In some examples, the request to create the one or more namespaces includes namespace specification data 27. For example, namespace specification data 27 may be encoded with a human-readable data serialization language (e.g., YAML, JSON, or the like). Namespace specification data 27 designates at least one namespace. Additionally, each namespace of the at least one namespace specifies a plurality of virtual networks. Network controller manager 325 generates namespace configuration data based on namespace specification data 27 and directs network controller 324 to create the virtual networks based on the namespace specification data (504). Network controller manager 325 may direct the network controller 324 in this way by issuing requests to the network controller 324, e.g., via an API, or by storing one or more network configuration objects in a configuration store for the virtualized computing infrastructure. In some examples, namespace specification data 27 includes network topology frameworks for the plurality of virtual networks specified by each namespace. As such, network controller 324 may parse the namespace specification data to obtain the network topology frameworks for creating the plurality of virtual networks. Step 502 and/or 504 may be performed as part of instantiated a pod. [Paragraph 73], Examples of IPC include SystemV semaphores or POSIX shared memory. Generally, containers that are members of different pods have different IP addresses and are unable to communicate by IPC in the absence of a configuration for enabling this feature. Containers that are members of different pods instead usually communicate with each other via pod IP addresses. [Paragraph 68-69 and table 2], Other examples of namespace specification data 27 may use different schemas to specify virtual networks. For instance, the following is another example of namespace specification data 27:…  The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks. [Paragraph 73], Pod 22A is a Kubernetes pod and an example of a virtual network endpoint. A pod is a group of one or more logically-related containers (not shown in FIG. 1), the shared storage for the containers, and options on how to run the containers…  [Paragraph 74], The virtual execution element specification data may include a namespace object specifying a namespace associated with pod 22A, e.g., a namespace indicated in namespace specification data 27. The namespace denotes the primary group of virtual networks for pod 22A. Additionally, or alternatively, virtual execution element specification data for pod 22A may include a network annotation specifying a secondary group of virtual networks, where at least one virtual network of the secondary group of virtual networks is not specified by the namespace for pod 22A. Together, the primary group of virtual networks and the secondary group of virtual networks make up a combined group of virtual networks for which pod 22A is to be configured with respective virtual network interfaces.)

As per claim 3, rejection of claim 1 is incorporated:
Vaidya teaches wherein the different types of network elements include virtual machines and containers. ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network.)

As per claim 5, rejection of claim 1 is incorporated:
Vaidya teaches wherein the different types of network elements include two or more network-element types associated with a virtual network that is associated with the endpoint group. ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network.)

As per claim 6, rejection of claim 5 is incorporated:
Vaidya teaches wherein the endpoint group is defined through one or more selectors that select the different types of network elements, the selectors comprising one or more of a virtual interface selector, a machine selector, a namespace selector, and service selector. ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network.  [Paragraph 10], In some examples, the multiple virtual networks specified in a namespace specification data constitute a primary group of virtual networks for virtual execution elements deployed to the namespace. Configuration data for a virtual execution element, to be deployed to a namespace, may further include a network annotation that specifies a secondary group of virtual networks.)

As per claim 7, rejection of claim 6 is incorporated:
Vaidya teaches wherein at least one of the selectors is defined by reference to a label that is associated with one or more network element of one or more network element types. ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network.  [Paragraph 10], In some examples, the multiple virtual networks specified in a namespace specification data constitute a primary group of virtual networks for virtual execution elements deployed to the namespace. Configuration data for a virtual execution element, to be deployed to a namespace, may further include a network annotation that specifies a secondary group of virtual networks.  [Paragraph 9], a namespace specification data for a virtualized computing infrastructure namespace may specify multiple virtual networks. Based on the namespace specification data, an orchestrator for the virtualized computing infrastructure may deploy virtual execution elements, labeled with the namespace, to the namespace.  [Paragraph 51], Kubernetes operates using a variety of "objects"--entities which represent a state of a Kubernetes cluster. Kubernetes objects may include any combination of names, namespaces, labels, annotations, field selectors, and recommended labels.)

As per claim 8, rejection of claim 1 is incorporated:
Vaidya teaches wherein the intent-based API request defines a set of one or more pairs of ports/protocols, each port/protocol pair specifying one or more ports and a protocol along which the endpoint group is to be accessed. ([Paragraph 29], The term "packet flow," "traffic flow," or simply "flow" refers to a set of packets originating from a particular source device or endpoint and sent to a particular destination device or endpoint. A single flow of packets may be identified by the 5-tuple: <source network address, destination network address, source port, destination port, protocol>, for example. This 5-tuple generally identifies a packet flow to which a received packet corresponds. An n-tuple refers to any n items drawn from the 5-tuple. For example, a 2-tuple for a packet may refer to the combination of <source network address, destination network address> or <source network address, source port> for the packet.  [Paragraph 94], Each of virtual network interfaces 26 may represent a virtual ethernet ("veth") pair, where each end of the pair is a separate device (e.g., a Linux/Unix device), with one end of the pair assigned to pod 22A and one end of the pair assigned to virtual router 21A. The veth pair or an end of a veth pair are sometimes referred to as "ports". Each of virtual network interfaces 26 may alternatively represent a macvlan network with media access control (MAC) addresses assigned to the pod 22A and to the virtual router 21A for communications between containers of pod 22A and virtual router 21A. Each of virtual network interfaces 26 may alternatively represent a different type of interface between virtual router 21A or other network virtualization entity and virtual network endpoints. Virtual network interfaces 26 may alternatively be referred to as virtual machine interfaces (VMIs), pod interfaces, container network interfaces, tap interfaces, veth interfaces, or simply network interfaces (in specific contexts), for instance.)

As per claim 9, rejection of claim 1 is incorporated:
Vaidya teaches wherein the different types of network elements are different types of machines that serve as data compute end nodes for performing a compute operation. ([Paragraph 3], In a typical cloud data center environment, there is a large collection of interconnected servers that provide computing and/or storage capacity to run various applications.  [Paragraph 41], A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below.)

As per claim 10, rejection of claim 9 is incorporated:
Vaidya teaches wherein the compute operation performed by the compute end nodes is one of a webserver operation, an application server operation, or a database server operation. ([Paragraph 3], In a typical cloud data center environment, there is a large collection of interconnected servers that provide computing and/or storage capacity to run various applications.  [Paragraph 41], A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below.)

As per claim 11, rejection of claim 9 is incorporated:
Vaidya teaches further comprising configuring a set of load balancers to distribute the data message load for the compute operation across the compute end nodes that are members of the endpoint group. ([Paragraph 27], Data center 10 may also include one or more physical network functions (PNFs) such as physical firewalls, load balancers, routers, route reflectors, broadband network gateways (BNGs), Evolved Packet Cores or other cellular network elements, and other PNFs.  [Paragraph 87], In addition to container pod addressing, network module 17A may also support configuring network isolation, policy-based security, a gateway, static network address translation (SNAT), a load-balancer, and service chaining capability for orchestration. [Paragraph 11], by specifying multiple virtual networks in a namespace specification data, all virtual execution elements deployed to the corresponding namespace will be configured to communicate via any of the multiple virtual networks. As another example, the virtual execution elements may be efficiently dispersed to the primary group of virtual networks by simply including an annotation specifying the virtual networks in the namespace for the virtual execution elements.  [Paragraph 73], Examples of IPC include SystemV semaphores or POSIX shared memory. Generally, containers that are members of different pods have different IP addresses and are unable to communicate by IPC in the absence of a configuration for enabling this feature. Containers that are members of different pods instead usually communicate with each other via pod IP addresses.)

As per claim 12, rejection of claim 11 is incorporated:
Vaidya teaches wherein the endpoint group is part of a cluster of machines that includes a set of one or more gateway routers, and the set of load balancers are associated with the set of gateway routers of the cluster of machines. ([Paragraph 27], Data center 10 may also include one or more physical network functions (PNFs) such as physical firewalls, load balancers, routers, route reflectors, broadband network gateways (BNGs), Evolved Packet Cores or other cellular network elements, and other PNFs.  [Paragraph 87], In addition to container pod addressing, network module 17A may also support configuring network isolation, policy-based security, a gateway, static network address translation (SNAT), a load-balancer, and service chaining capability for orchestration.  [Paragraph 3], The data center may, for example, host all of the infrastructure equipment, such as networking and storage systems, redundant power supplies, and environmental controls. In a typical data center, clusters of storage systems and application servers are interconnected via high-speed switch fabric provided by one or more tiers of physical network switches and routers. More sophisticated data centers provide infrastructure spread throughout the world with subscriber support equipment located in various physical hosting facilities. [Paragraph 8], A computing infrastructure that manages deployment and infrastructure for application execution may involve two main roles: (1) orchestration--for automating deployment, scaling, and operations of applications across clusters of hosts and providing computing infrastructure, which may include container-centric computing infrastructure; and (2) network management--for creating virtual networks in the network infrastructure to enable packetized communication among applications running on virtual execution elements, such as containers or VMs, as well as among applications running on legacy (e.g., physical) environments. Software-defined networking contributes to network management.)

As per claim 13, rejection of claim 11 is incorporated:
Vaidya teaches wherein the set of load balancers are load balancing engines executing on host computers that also execute a plurality of machines that send data message flows to the compute end nodes in the endpoint group. ([Paragraph 27], Data center 10 may also include one or more physical network functions (PNFs) such as physical firewalls, load balancers, routers, route reflectors, broadband network gateways (BNGs), Evolved Packet Cores or other cellular network elements, and other PNFs.  [Paragraph 87], In addition to container pod addressing, network module 17A may also support configuring network isolation, policy-based security, a gateway, static network address translation (SNAT), a load-balancer, and service chaining capability for orchestration.  [Paragraph 3], The data center may, for example, host all of the infrastructure equipment, such as networking and storage systems, redundant power supplies, and environmental controls. In a typical data center, clusters of storage systems and application servers are interconnected via high-speed switch fabric provided by one or more tiers of physical network switches and routers. More sophisticated data centers provide infrastructure spread throughout the world with subscriber support equipment located in various physical hosting facilities.  [Paragraph 7], These container characteristics impact the requirements for container networking solutions: the network should be agile and scalable. VMs, containers, and bare metal servers may need to coexist in the same computing environment, with communication enabled among the diverse deployments of applications. The container network should also be agnostic to work with the multiple types of orchestration platforms that are used to deploy containerized applications.)

As per claim 14, rejection of claim 1 is incorporated:
Vaidya teaches wherein the different types of network elements are different types of service machines that perform a same middlebox service operation. ([Paragraph 3], For example, a data center may comprise a facility that hosts applications and services for subscribers, i.e., customers of data center. The data center may, for example, host all of the infrastructure equipment, such as networking and storage systems, redundant power supplies, and environmental controls. In a typical data center, clusters of storage systems and application servers are interconnected via high-speed switch fabric provided by one or more tiers of physical network switches and routers. More sophisticated data centers provide infrastructure spread throughout the world with subscriber support equipment located in various physical hosting facilities.   [Paragraph 22], In general, data center 10 provides an operating environment for applications and services for customer sites 11 (illustrated as "customers 11") having one or more customer networks coupled to the data center by service provider network 7. Data center 10 may, for example, host infrastructure equipment, such as networking and storage systems, redundant power supplies, and environmental controls. Service provider network 7 is coupled to public network 15, which may represent one or more networks administered by other providers, and may thus form part of a large-scale public network infrastructure, e.g., the Internet.  [Paragraph 47], Computing infrastructure 8 implements an automation platform for automating deployment, scaling, and operations of virtual execution elements across servers 12 to provide virtualized infrastructure for executing application workloads and services. In some examples, the platform may be a container orchestration platform that provides a container-centric infrastructure for automating deployment, scaling, and operations of containers to provide a container-centric infrastructure. "Orchestration," in the context of a virtualized computing infrastructure generally refers to provisioning, scheduling, and managing virtual execution elements and/or applications and services executing on such virtual execution elements to the host servers available to the orchestration platform. Container orchestration, specifically, permits container coordination and refers to the deployment, management, scaling, and configuration, e.g., of containers to host servers by a container orchestration platform. Example instances of orchestration platforms include Kubernetes, Docker swarm, Mesos/Marathon, OpenShift, OpenStack, VMware, and Amazon ECS.)

As per claim 15, rejection of claim 14 is incorporated:
Vaidya teaches further comprising configuring a set of load balancers to distribute a data message load for the middlebox service operation across the service machines that are members of the endpoint group. ([Paragraph 27], Data center 10 may also include one or more physical network functions (PNFs) such as physical firewalls, load balancers, routers, route reflectors, broadband network gateways (BNGs), Evolved Packet Cores or other cellular network elements, and other PNFs.  [Paragraph 87], In addition to container pod addressing, network module 17A may also support configuring network isolation, policy-based security, a gateway, static network address translation (SNAT), a load-balancer, and service chaining capability for orchestration.  [Paragraph 11], by specifying multiple virtual networks in a namespace specification data, all virtual execution elements deployed to the corresponding namespace will be configured to communicate via any of the multiple virtual networks. As another example, the virtual execution elements may be efficiently dispersed to the primary group of virtual networks by simply including an annotation specifying the virtual networks in the namespace for the virtual execution elements. [Paragraph 73], Examples of IPC include SystemV semaphores or POSIX shared memory. Generally, containers that are members of different pods have different IP addresses and are unable to communicate by IPC in the absence of a configuration for enabling this feature. Containers that are members of different pods instead usually communicate with each other via pod IP addresses.  [Paragraph 8], for creating virtual networks in the network infrastructure to enable packetized communication among applications running on virtual execution elements, such as containers or VMs, as well as among applications running on legacy (e.g., physical) environments. Software-defined networking contributes to network management.  [Paragraph 25], As illustrated in the example of FIG. 1, data center 10 may be a facility that provides network services for customers. A customer of the service provider may be a collective entity such as enterprises and governments or individuals. For example, a network data center may host web services for several enterprises and end users. Other exemplary services may include data storage, virtual private networks, traffic engineering, file service, data mining, scientific- or super-computing, and so on. Although illustrated as a separate edge network of service provider network 7, elements of data center 10 such as one or more physical network functions (PNFs) or virtualized network functions (VNFs) may be included within the service provider network 7 core.  [Paragraph 47], “Orchestration,” in the context of a virtualized computing infrastructure generally refers to provisioning, scheduling, and managing virtual execution elements and/or applications and services executing on such virtual execution elements to the host servers available to the orchestration platform. Container orchestration, specifically, permits container coordination and refers to the deployment, management, scaling, and configuration, e.g., of containers to host servers by a container orchestration platform. Example instances of orchestration platforms include Kubernetes, Docker swarm, Mesos/Marathon, OpenShift, OpenStack, VMware, and Amazon ECS.)

As per claim 16, rejection of claim 15 is incorporated:
Vaidya teaches wherein the endpoint group is part of a cluster of machines that includes a set of one or more gateway routers, and the set of load balancers are associated with the set of gateway routers of the cluster of machines. ([Paragraph 27], Data center 10 may also include one or more physical network functions (PNFs) such as physical firewalls, load balancers, routers, route reflectors, broadband network gateways (BNGs), Evolved Packet Cores or other cellular network elements, and other PNFs.  [Paragraph 137], API server 320 may implement a Representational State Transfer (REST) inte  rface to process REST operations and provide the frontend to a corresponding cluster's shared state stored to configuration store 328. API server 320 may authenticate and authorize requests. API server 320 communicates with other components to instantiate virtual execution elements in the computing infrastructure 8. API server 320 may represent a Kubernetes API server.  [Paragraph 8], A computing infrastructure that manages deployment and infrastructure for application execution may involve two main roles: (1) orchestration--for automating deployment, scaling, and operations of applications across clusters of hosts and providing computing infrastructure, which may include container-centric computing infrastructure; and (2) network management--for creating virtual networks in the network infrastructure to enable packetized communication among applications running on virtual execution elements, such as containers or VMs, as well as among applications running on legacy (e.g., physical) environments. Software-defined networking contributes to network management.)

As per claim 17, rejection of claim 15 is incorporated:
Vaidya teaches wherein the set of load balancers are load balancing engines executing on host computers that also execute a plurality of machines that send data message flows processed by the service machines in the endpoint group. ([Paragraph 27], Data center 10 may also include one or more physical network functions (PNFs) such as physical firewalls, load balancers, routers, route reflectors, broadband network gateways (BNGs), Evolved Packet Cores or other cellular network elements, and other PNFs.  [Paragraph 87], In addition to container pod addressing, network module 17A may also support configuring network isolation, policy-based security, a gateway, static network address translation (SNAT), a load-balancer, and service chaining capability for orchestration. [Paragraph 11], by specifying multiple virtual networks in a namespace specification data, all virtual execution elements deployed to the corresponding namespace will be configured to communicate via any of the multiple virtual networks. As another example, the virtual execution elements may be efficiently dispersed to the primary group of virtual networks by simply including an annotation specifying the virtual networks in the namespace for the virtual execution elements. [Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below. [Paragraph 7], With containers' inherently lightweight nature, a single host can support many more container instances than traditional virtual machines (VMs). Often short-lived, containers can be created and moved more efficiently than VMs, and they can also be managed as groups of logically-related elements (sometimes referred to as "pods" for some orchestration platforms, e.g., Kubernetes). )

As per claim 18, rejection of claim 1 is incorporated:
Vaidya teaches wherein the plurality of network elements are machines associated with virtual interfaces (VIFs), and the endpoint group is defined to include a plurality of VIFs. ([Paragraph 19-20], FIG. 4 is a flow diagram illustrating the creation of multiple network virtual interfaces for a virtual execution element using a single network module, according to techniques described in this disclosure. FIG. 5 is a flow diagram illustrating the creation of multiple network virtual interfaces for a virtual execution element based on a namespace, according to techniques described in this disclosure.  [Paragraph 153], FIG. 4 is a flow diagram illustrating the creation of multiple network virtual interfaces for a virtual execution element using a single network module, according to techniques described in this disclosure. The operations are described with respect to components of computing devices 200 and 300 of FIGS. 2-3. API server 320 receives a request to instantiate a pod 202A and modifies the configuration store 328 with configuration for creating the pod 202A (402). Scheduler 322 may select the computing device 200 as the host minion node for the pod 202A. API server 320 may annotate the pod 202A with a list of multiple virtual networks and a uuid for the pod (pod_uuid). Other forms of identifiers for the pod may be used. The annotations may be labels for the pod configuration that indicate the virtual networks, such as "virtual network A" and "virtual network B".)

As per claim 19, rejection of claim 18 is incorporated:
Vaidya teaches wherein the machines comprise virtual machines and Pods. ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below.  )

As per claim 20, rejection of claim 18 is incorporated:
Vaidya teaches wherein the machines comprise virtual machines and containers. ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below.  )

As per claim 21, Vaidya teaches:
A method of deploying a set of machines in a set of one or more datacenters, the method comprising receiving a Custom Resource Definition (CRD) that defines an endpoint group resource in the datacenter set; ([Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below.  [Paragraph 3], In a typical cloud data center environment, there is a large collection of interconnected servers that provide computing and/or storage capacity to run various applications.  [Paragraph 69], The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks.  [Paragraph 7], With containers' inherently lightweight nature, a single host can support many more container instances than traditional virtual machines (VMs). Often short-lived, containers can be created and moved more efficiently than VMs, and they can also be managed as groups of logically-related elements (sometimes referred to as "pods" for some orchestration platforms, e.g., Kubernetes).)
receiving an intent-based API (Application Programming Interface) request that refers to the CRD, and define one or more attributes of an endpoint group, the set of attributes including virtual interfaces (VIFs) that are members of the endpoint group, each VIF associated with one endpoint machine; and ([Paragraph 137], API server 320 may implement a Representational State Transfer (REST) inte  rface to process REST operations and provide the frontend to a corresponding cluster's shared state stored to configuration store 328. API server 320 may authenticate and authorize requests. API server 320 communicates with other components to instantiate virtual execution elements in the computing infrastructure 8. API server 320 may represent a Kubernetes API server. [Paragraph 69], The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks.  [Paragraph 153], The operations are described with respect to components of computing devices 200 and 300 of FIGS. 2-3. API server 320 receives a request to instantiate a pod 202A and modifies the configuration store 328 with configuration for creating the pod 202A (402). Scheduler 322 may select the computing device 200 as the host minion node for the pod 202A. API server 320 may annotate the pod 202A with a list of multiple virtual networks and a uuid for the pod (pod_uuid). Other forms of identifiers for the pod may be used. The annotations may be labels for the pod configuration that indicate the virtual networks, such as "virtual network A" and "virtual network B".  [Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. The term "virtual execution element" encompasses virtual machines, containers, and other virtualized computing resources that provide an at least partially independent execution environment for applications. The term "virtual execution element" may also encompass a pod of one or more containers. As shown in FIG. 1, server 12A hosts one virtual network endpoint in the form of pod 22A having one or more containers. However, a server 12 may execute as many virtual execution elements as is practical given hardware resource limitations of the server 12. Each of the virtual network endpoints may use one or more virtual network interfaces to perform packet I/O or otherwise process a packet. For example, a virtual network endpoint may use one virtual hardware component (e.g., an SR-IOV virtual function) enabled by NIC 13A to perform packet I/O and receive/send packets on one or more communication links with TOR switch 16A. Other examples of virtual network interfaces are described below. Paragraph 73], Examples of IPC include SystemV semaphores or POSIX shared memory. Generally, containers that are members of different pods have different IP addresses and are unable to communicate by IPC in the absence of a configuration for enabling this feature. Containers that are members of different pods instead usually communicate with each other via pod IP addresses.  [Paragraph 74], More specifically, the human-readable file corresponding to pod 22A may be encoded in YAML or JSON. The virtual execution element specification data may include a namespace object specifying a namespace associated with pod 22A, e.g., a namespace indicated in namespace specification data 27. The namespace denotes the primary group of virtual networks for pod 22A.  [Paragraph 164], API server 320 receives a request to create one or more namespaces and modifies the configuration store 328 with configuration for creating the one or more namespaces (502). In some examples, the request to create the one or more namespaces includes namespace specification data 27. For example, namespace specification data 27 may be encoded with a human-readable data serialization language (e.g., YAML, JSON, or the like).)
performing an automated process to parse the intent-based API request and process the CRD to define the endpoint group to include the VIFs defined in the intent-based API request. ([Paragraph 10], In some examples, the multiple virtual networks specified in a namespace specification data constitute a primary group of virtual networks for virtual execution elements deployed to the namespace. Configuration data for a virtual execution element, to be deployed to a namespace, may further include a network annotation that specifies a secondary group of virtual networks. [Paragraph 41], Each of servers 12 may host one or more virtual execution elements each having at least one virtual network endpoint for one or more virtual networks configured in the physical network. A virtual network endpoint for a virtual network may represent one or more virtual execution elements that share a virtual network interface for the virtual network. For example, a virtual network endpoint may be a virtual machine, a set of one or more containers (e.g., a pod), or another other virtual execution element(s), such as a layer 3 endpoint for a virtual network. [Paragraph 84], the virtual execution element specification data may include a namespace object which specifies a namespace denoting a primary group of virtual networks and a network annotation which specifies a secondary group of virtual networks. Network controller 24 is configured to parse the virtual execution element specification data to create the secondary group of virtual networks in the computing infrastructure 8.  [Paragraph 145], readable text file. By parsing the human-readable text file, network controller may obtain information for creating the primary group of virtual networks. In some examples, network controller 324 uses the information to configure any combination of TOR switches 16 and chassis switches 18 to create the primary group of virtual networks in the computing infrastructure 8. Network controller 324 may create the primary group of virtual networks independently of API server 320, scheduler 322, network controller manager 325, and controller manager 326.  [Paragraph 160], As such, the techniques described a way in which a user can provide a list of networks as an annotation in the pod 202A YAML. The network controller manager 325 may parse this list of networks and create the respective ports in the virtual router 220.  [Paragraph 164], FIGS. 2-3. API server 320 receives a request to create one or more namespaces and modifies the configuration store 328 with configuration for creating the one or more namespaces (502). In some examples, the request to create the one or more namespaces includes namespace specification data 27. For example, namespace specification data 27 may be encoded with a human-readable data serialization language (e.g., YAML, JSON, or the like). Namespace specification data 27 designates at least one namespace. Additionally, each namespace of the at least one namespace specifies a plurality of virtual networks. Network controller manager 325 generates namespace configuration data based on namespace specification data 27 and directs network controller 324 to create the virtual networks based on the namespace specification data (504). Network controller manager 325 may direct the network controller 324 in this way by issuing requests to the network controller 324, e.g., via an API, or by storing one or more network configuration objects in a configuration store for the virtualized computing infrastructure. In some examples, namespace specification data 27 includes network topology frameworks for the plurality of virtual networks specified by each namespace. As such, network controller 324 may parse the namespace specification data to obtain the network topology frameworks for creating the plurality of virtual networks. Step 502 and/or 504 may be performed as part of instantiated a pod.  [Paragraph 73], Examples of IPC include SystemV semaphores or POSIX shared memory. Generally, containers that are members of different pods have different IP addresses and are unable to communicate by IPC in the absence of a configuration for enabling this feature. Containers that are members of different pods instead usually communicate with each other via pod IP addresses. [Paragraph 68-69 and table 2], Other examples of namespace specification data 27 may use different schemas to specify virtual networks. For instance, the following is another example of namespace specification data 27:…  The above example specifies the four virtual networks using Kubernetes network (CustomResourceDefinition) Objects to conform the virtual network specifications to the Kubernetes Custom Resource Definition De-facto Standard, which specifies requirements and procedures for attaching Kubernetes pods to one or more virtual or physical networks, including requirements for plugins using the Container Network Interface (CNI) to attach pod networks. [Paragraph 73], Pod 22A is a Kubernetes pod and an example of a virtual network endpoint. A pod is a group of one or more logically-related containers (not shown in FIG. 1), the shared storage for the containers, and options on how to run the containers…  [Paragraph 74], The virtual execution element specification data may include a namespace object specifying a namespace associated with pod 22A, e.g., a namespace indicated in namespace specification data 27. The namespace denotes the primary group of virtual networks for pod 22A. Additionally, or alternatively, virtual execution element specification data for pod 22A may include a network annotation specifying a secondary group of virtual networks, where at least one virtual network of the secondary group of virtual networks is not specified by the namespace for pod 22A. Together, the primary group of virtual networks and the secondary group of virtual networks make up a combined group of virtual networks for which pod 22A is to be configured with respective virtual network interfaces.)

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 

Any inquiry concerning this communication or earlier communications from the examiner should be directed to DONG U KIM whose telephone number is (571)270-1313. The examiner can normally be reached 9:00am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emerson Puente can be reached on 5712723652. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DONG U KIM/Primary Examiner, Art Unit 2196