DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This action is responsive to the communication filed 6/4/2020.
Claims 1-20 are presented for examination.

Examiner Notes
Examiner cites particular columns, paragraphs, figures and line numbers in the references as applied to the claims below for the convenience of the applicant. Although the specified citations are representative of the teachings in the art and are applied to the specific limitations within the individual claim, other passages and figures may apply as well. It is respectfully requested that, in preparing responses, the applicant fully consider the references in entirely as potentially teaching all or part of the claimed invention, as well as the context of the passage as taught by the prior art or disclosed by the examiner.

Information Disclosure Statement
The information disclosure statement (IDS) submitted on 9/2/2021 and 1/31/2022. The submissions are in compliance with the provisions of 37 CFR 1.97.  Accordingly, the information disclosure statement is being considered by the examiner. 

Claim Rejections - 35 USC § 112
Claim 4 is rejected under 35 U.S.C. 112(b) or 35 U.S.C. 112 (pre-AIA ), second paragraph, as being indefinite for failing to particularly point out and distinctly claim the subject matter which the inventor or a joint inventor, or for pre-AIA  the applicant regards as the invention.

Regarding to Claim 4, the meaning of whole limitation is not clear. First of all, Claim 4 depends on Claim 1 and Claim 4 further limits such feature of “storing the modified first computing environment aspect in the sandbox” to include “recording one or more transactions in the sandbox”; however, such storing feature and the sandbox are mentioned/introduced at Claim 3 while Claim 1 does not mention anything about said storing or sandbox. For the purpose of examination, examine interprets Claim 4 depends on Claim 3.

Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  

The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102 of this title, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains.  Patentability shall not be negated by the manner in which the invention was made.

Claims 1-3, 5, 7 and 14 are rejected under 35 U.S.C. 103 as being unpatentable over Alpern et al. (US 20080301676 A1, hereafter Alpern) in view of Wan et al. (CN 111078367 A-English translation provided by Google Patents, hereafter Wan) and Gupta (US 20200034449 A1).

Regarding to Claim 1, Alpern discloses: A computing device comprising: 
one or more processing units (see Fig. 8, [0048]-[0050]; “processor 802”); and 
one or more computer storage media comprising computer-executable instructions, which, when executed by the processing units (see Fig. 8, [0048]-[0050]; “The processor 802 may be a general or special purpose microprocessor operating under control of computer program instructions executed from a memory”), cause the computing device to: 
instantiate a container virtual computing environment (see [0038]. Also see [0016]; “instantiating the first virtual container”);
execute, [with a first privilege level,] a process within the container virtual computing environment, the process, as part of the execution, performing a first action that modifies a first computing environment aspect, the first action being performable by processes executed with the first privilege level (see [0037]-[0039]; “to allow changes to be made to this state within the container” and “The patch is then applied to the application in the container 220”); 
prevent, by an operating system of the host computing environment, the first action from modifying the first computing environment aspect of the host computing environment (see [0037]-[0039]; “to allow changes to be made to this state within the container, but to prevent such changes from affecting the state of the host machine” and “The patch is then applied to the application in the container 220. The container now has the patched application while the unpatched application remains intact on the host”, emphasis added); and 
perform the first action in the container virtual computing environment thereby modifying the first computing environment aspect of the container virtual computing environment such that processes executing within the container virtual computing environment perceive the first action as having been completed but processes executing within the host computing environment perceive the first action as not having been completed (see [0037]-[0039]; “to allow changes to be made to this state within the container, but to prevent such changes from affecting the state of the host machine” and “The patch is then applied to the application in the container 220. The container now has the patched application while the unpatched application remains intact on the host”. The changes to the state within the container, i.e., patching the application, are made/allowed, and thus such modifying computing environment aspect of the container domain is completed; the changes to the state within the container are prevented from affecting the state of the host machine, and thus such modifying computing environment aspect of the host domain is not completed); 
a second action, performed by processes executing within the container virtual computing environment and modifying a second computing environment aspect, is allowable to be performed to modify the second computing environment aspect of the host computing environment (see [0038]; “to allow changes to be made to this state within the container, but to prevent such changes from affecting the state of the host machine (except such parts of the host machine used by the virtual machine monitor to support the execution of the container)”, emphasis added. Certain changes of the container domain, i.e., claimed second action performed by processes executing within the container virtual computing environment and modifying a second computing environment aspect, would affect the state of the host domain, and thus it is allowing the changes to be performed to modify the other states/aspect of the host domain); and
wherein the performing the first action in the container virtual computing environment is based on the preventing the first action from modifying the first computing environment aspect of the host computing environment (see [0037]-[0039]; “to allow changes to be made to this state within the container, but to prevent such changes from affecting the state of the host machine (except such parts of the host machine used by the virtual machine monitor to support the execution of the container)”).

Alpern does not disclose: 
the container virtual computing environment is separate from a host computing environment on which the container virtual computing environment is instantiated;
the process executed within the container virtual computing environment to perform the first action that modifies the first computing environment is executed at a first privilege level; 
wherein the preventing is based on metadata associated with the container virtual computing environment, the metadata indicating that the second action is allowable to be performed to modify the second computing environment aspect of the host computing environment.

However, Wan discloses:
execute, with a first privilege level, a process within the container virtual computing environment, the process, as part of the execution, performing a first action that modifies a first computing environment aspect, the first action being performable by processes executed with the first privilege level (see [0039]-[0043]; “determining a privileged instruction included in the target operation request” and “the white list includes a privilege instruction allowing the application program of each container to be executed on the host, and a directory and a file allowing access; the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed”. Also see [0031]-[0032]; “wherein the privilege instruction can be exemplarily used for accessing a directory of the container host, modifying a kernel parameter of the container host and the like”);
wherein the preventing is based on metadata associated with the container virtual computing environment, the metadata indicating that a second action, performed by processes executing within the container virtual computing environment and modifying a second computing environment aspect, is allowable to be performed to modify the second computing environment aspect of the host computing environment (see [0031]-[0032] and [0039]-[0043]; “the white list includes a privilege instruction allowing the application program of each container to be executed on the host, and a directory and a file allowing access; the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed”, “judging whether the privilege instruction is in a preset white list or not” and “judging whether the privilege instruction is in a preset blacklist or not”. The white list and black list associated with a corresponding container is considered as the claimed metadata associated with the container virtual computing environment);
wherein the performing the first action in the container virtual computing environment is based on the preventing the first action from modifying the first computing environment aspect of the host computing environment (see [0031]-[0032] and [0039]-[0044]; “the white list includes a privilege instruction allowing the application program of each container to be executed on the host, and a directory and a file allowing access; the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed”, “judging whether the privilege instruction is in a preset blacklist or not” and “feeding back the execution result to the application program in the target container”. The privilege instruction that is in the blacklist would be returned to the container domain for further execution).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify implementation of certain operations at a container are allowed to change the state of the host but certain operations at the same container are not allowed to change the state of the host from Alpern by including implementing white list and black list associated with a container to specify execution privilege of an instruction/command from Wan, since it would provide a mechanism of dynamic modifying or controlling instruction executions on associated container or host (see [0002]-[0004] from Wan).

Furthermore, Gupta discloses: instantiate a container virtual computing environment that is separate from a host computing environment on which the container virtual computing environment is instantiated (see [0054]; “The container may interface with the host computer or computers on a network through one or more virtualized network connections”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify communication interface between a container environment and host environment from the combination of Alpern and Wan by including the implementation of connecting a container environment and host environment via a virtualized network connection from Gupta, and thus the combination of Alpern, Wan and Gupta would disclose the missing limitations from Appern, since it is well-known and understood to instantiate a virtualized computing environment in a manner of being separate from the host environment to instantiate a more isolated virtual environment on host device (see [0054] from Gupta).

Regarding to Claim 2, the rejection of Claim 1 is incorporated and further the combination of Alpern, Wan and Gupta discloses: wherein the preventing the first action from modifying the first computing environment aspect of the host computing environment is performed by the operating system of the host computing environment in a same manner as if the operating system of the host computing environment had determined that the first action is not performable by processes executed with the first privilege level (see [0031]-[0032] and [0039]-[0043] from Wan; “the white list includes a privilege instruction allowing the application program of each container to be executed on the host, and a directory and a file allowing access; the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed” and “judging whether the privilege instruction is in a preset blacklist or not”).

Regarding to Claim 3, the rejection of Claim 1 is incorporated and further the combination of Alpern, Wan and Gupta discloses: wherein the performing the first action in the container virtual computing environment comprises modifying the first computing environment aspect in an overlay layer and storing the modified first computing environment aspect in a sandbox on the host computing environment (see [0007] from [0037] from Alpern; “containers to be deployed and managed as an appliance, ie., a pre-installed and pre-tested environment within a secure sandbox” and “Any updates to the application are made and captured as a virtualized overlay. The changes or updates (the virtualized overlay) are then tested in a virtual container running instead of (or in tandem with) the production version”. The changes or updates of the container state, i.e., installing the updates to the application are made in the container which is an overlay layer and also a sandbox).

Regarding to Claim 5, the rejection of Claim 1 is incorporated and further the combination of Alpern, Wan and Gupta discloses: wherein the one or more computer storage media comprise further computer-executable instructions, which, when executed by the processing units, cause the computing device to: perform the first action in the host computing environment, thereby modifying the first computing environment aspect of the host computing environment, upon termination of the container virtual computing environment (see [0035], [0042] and [0044]-[0045] from Alpern; “if the patch test was successful … apply the patch on the host machine 4090, optionally discard the container 4100 … devirtualize the container 4130”, emphasis added).

Regarding to Claim 7, the rejection of Claim 1 is incorporated and further the combination of Alpern, Wan and Gupta discloses: wherein the metadata associated with the container virtual computing environment specifies that modifications to files within a first portion of a file system are allowed to be performed on the host computing environment by processes executing within the container virtual computing environment (see [0034] and [0040] from Wan; “the privileged instruction is to access the file in the directory a” and “the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed”).

Regarding to Claim 14, Claim 14 is a method claim corresponds to system Claim 1 and is rejected for the same reason set forth in the rejection of Claim 1 above.

Claim 4 is rejected under 35 U.S.C. 103 as being unpatentable over Alpern et al. (US 20080301676 A1, hereafter Alpern) in view of Wan et al. (CN 111078367 A-English translation provided by Google Patents, hereafter Wan) and Gupta (US 20200034449 A1) and further in view of Kim et al. (US 20180246710 A1, hereafter Kim).

Regarding to Claim 4, the rejection of Claim 3 is incorporated, the combination of Alpern, Wan and Gupta does not disclose: wherein the storing the modified first computing environment aspect in the sandbox comprises recording one or more transactions in the sandbox.
However, Kim discloses: wherein the storing the modified first computing environment aspect in the sandbox comprises recording one or more transactions in the sandbox (see Figs. 4, 8, [0051], [0054] and [0062]; “monitors an operation that is invoked when software is updated in a guest operating system area” and “generate log data required for the creation of a software profile”. Note: it is known that a virtual machine or virtualized computing environment can be considered as a sandbox; the software profile itself shown on Fig. 4 is not considered as the claimed recording one or more transaction, generating the log data is considered as recording one or more transactions).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of performing software update on the container virtual computing environment from the combination of Alpern, Wan and Gupta by including log generation process for performing software update on the virtual computing environment from Kim, and thus the combination of Alpern, Wan, Gupta and Kim disclose the missing limitation from the combination of Alpern, Wan and Gupta, since it provide a mechanism to minimize security vulnerabilities that may occur while software update is performed in a guest operating system (see [0008]-[0012] from Kim; “minimize security vulnerabilities that may occur while software update is performed in a guest operating system”).

Claim 6 is rejected under 35 U.S.C. 103 as being unpatentable over Alpern et al. (US 20080301676 A1, hereafter Alpern) in view of Wan et al. (CN 111078367 A-English translation provided by Google Patents, hereafter Wan) and Gupta (US 20200034449 A1) and further in view of Bennah et al. (US 20140157058 A1, hereafter Bennah) and Chugtu et al. (US 20180270124 A1, hereafter Chugtu).

Regarding to Claim 6, the rejection of Claim 1 is incorporated, the combination of Alpern, Wan and Gupta does not disclose: wherein the process with the container virtual computing environment performs at least one step of a multi-step transaction comprising other steps, the other steps performed by one or more processes executing within one or more other container virtual computing environments; and
wherein further the instantiation of the container virtual computing environment is triggered by a transaction manager based on a success of a prior one of the one or more other container virtual computing environments.
However, Bennah discloses: wherein the process with the [container] virtual computing environment performs at least one step of a multi-step transaction comprising other steps, the other steps performed by one or more processes executing within one or more other [container] virtual computing environments (see [0029]; “the use of particular software, such as the progressive installation of a software update across the multiple servers or virtual machines in the data center”. The software update is performed across multiple virtual machines, and thus it is a multi-step transaction that one of the steps is performed on one of the multiple virtual machines and other one of the steps is performed on other one of the multiple virtual machines).
 It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of installing update or patch of a software application on a container virtual computing environment from the combination of Alpern, Wan and Gupta by including the system of able to installing update or patch of a software application across multiple virtual computing environments from Bennah, since it is well-known and understood to one with ordinary skill in the art that a software application can be deployed across multiple virtual machines to result the update or patch of the software application to be achieved by performing multiple steps on the multiple virtual machine.
Furthermore, Chugtu discloses: wherein further the instantiation of the container virtual computing environment is triggered by a transaction manager based on a success of a prior one of the one or more other container virtual computing environments (see [0038], [0042] and [0066]-[0067], “each of the multiple proxy containers can have functionality related to each container or proxy container deployed (e.g., where each container or proxy container is associated with a different service of an application)”, “receive multiple requests for multiple different containers (e.g., associated with the same application)” and “server device 220 can deploy the proxy container on front-end hosts 240 after receiving the first indication (e.g., of successful deployment of a container on back-end hosts 250)”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the processes of instantiation of multiple containers or virtual computing environments from the combination of Alpern, Wan, Gupta and Bennah by including the processes of instantiating the multiple containers that are clusted for single application via instantiating one of the multiple containers based on completing the instantiation of another of the multiple containers from Chugtu, and thus the combination of Alpern, Wan, Gupta, Bennah and Chugtu would disclose the missing limitations from Alpern, Wan and Gupta, since it would provide a system that not only can implement a software application that requires external connectivity on multiple containers but also provides traffic security for the software application (see [0007]-[0009] from Chugtu; “the application can need external connectivity via a front-end host of the network device” and “increasing security of providing an application with external connectivity”). 

Claim 8 is rejected under 35 U.S.C. 103 as being unpatentable over Alpern et al. (US 20080301676 A1, hereafter Alpern) in view of Wan et al. (CN 111078367 A-English translation provided by Google Patents, hereafter Wan) and Gupta (US 20200034449 A1) and further in view of Gill et al. (US 20190354390 A1, hereafter Gill).

Regarding to Claim 8, the rejection of Claim 1 is incorporated, the combination of Alpern, Wan and Gupta does not disclose: wherein the instantiating the container virtual computing environment is performed only after determining that enumerated pre-conditions associated with the container virtual computing environment have been met by the host computing environment.
However, Gill discloses: wherein the instantiating the container virtual computing environment is performed only after determining that enumerated pre-conditions associated with the container virtual computing environment have been met by the host computing environment (see Figs. 3, 5, [0045]; “the gateway 340 receives a specification document (e.g., resource specification object 332), and upon parsing or other processing of the resource specification object” and “node-level capabilities (e.g., to be able to assign resources to nodes that are matched in terms of capability demands with respect to capability availabilities)”. Also see [0028] and [0062]; “the resource state might correspond to a set of resource entities (e.g., virtual machines, executable containers, projects, catalogs, images, etc.) that each are configured to have attributes (e.g., specifications) that are capable of carrying out the tasks” and “the resource usage rules 548 may have indicated that the two virtual disks for virtual machine “vm123” are to be sized at “30480” MB, and the then-current resource conditions may have indicated that cluster “c1” has sufficient storage available for these virtual disks”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of instantiating a container on a host device from the combination of Alpern, Wan and Gupta by including the processes of automatically selecting and deploying target resource according to user provided specification requirements of the target resource from Gill, since it would provide a powerful system that capable of deploying different virtual resources for different skill levels of users according to the users’ needs (see [0004]-[0009] and [0051]; “As such the user does not need to have any particular skill level pertaining to procedure development”).

Claim 9 is rejected under 35 U.S.C. 103 as being unpatentable over Alpern et al. (US 20080301676 A1, hereafter Alpern) in view of Wan et al. (CN 111078367 A-English translation provided by Google Patents, hereafter Wan), Gupta (US 20200034449 A1) and Gill et al. (US 20190354390 A1, hereafter Gill) and further in view of Stoler et al. (US 20200334362 A1, hereafter Stoler).

Regarding to Claim 9, the rejection of Claim 8 is incorporated and further the combination of Alpern, Wan and Gupta discloses: wherein a container package received by the computing device from a remote container management system comprises the enumerated pre-conditions (see Fig. 3 and [0040] from Gill; “a set of specification parameters 334 codified in a resource specification object 332 (e.g., a Java Script Object Notation object (JSON object) from a web form) might be received from one or more clients 302. The clients 302 might comprise one or more users 306 and/or one or more processes 304 that issue the various resource specification objects to the state management service 308 11 to accomplish respective purposes”. It is known to one with ordinary skill in the art that the clients 302 should include at least one device that can be considered as claimed remote container management system).

The combination of Alpern, Wan, Gupta and Gill does not disclose: the container package received also comprises the metadata associated with the container virtual computing environment.
However, Stoler discloses: the container package received by the computing device from a remote container management system comprises the metadata associated with the container virtual computing environment (see [0045]-[0047] and [0063]; “Privileged virtual instances may have such strong or elevated access rights through various flags or parameters that can be set when the virtualized and isolated instance is initially spun up, during a pre-instantiation phase (e.g., a DevOps development phase where a developer is configuring code for the instance, privileges of the instance, credentials of the instance, or other features, but has not yet released the instance into a live and operational environment), or after spin-up (e.g., through modification by another privileged virtual instance, or by an administrator, etc.)”, emphasis added. The developer as remote container management system would configure or provide metadata that describes the privileges of the container instances during the pre-instantiation phase).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of instantiating a container on a host device from the combination of Alpern, Wan, Gupta and Gill by including the mechanism of allowing the user or developer is able to pre-configure privileges of the container instances before the instantiation phase from Stoler, and thus the combination of Alpern, Wan, Gupta, Gill and Stoler would disclose the missing limitations from the combination of Alpern, Wan, Gupta and Gill, since it would provide detail example of how privileges of container instances can be dynamic configured (see [0045]-[0047] from Stoler; “Privileged virtual instances may have such strong or elevated access rights through various flags or parameters that can be set when the virtualized and isolated instance is initially spun up, during a pre-instantiation phase (e.g., a DevOps development phase where a developer is configuring code for the instance, privileges of the instance, credentials of the instance, or other features, but has not yet released the instance into a live and operational environment), or after spin-up (e.g., through modification by another privileged virtual instance, or by an administrator, etc”).

Claims 10-13 are rejected under 35 U.S.C. 103 as being unpatentable over Alpern et al. (US 20080301676 A1, hereafter Alpern) in view of Wan et al. (CN 111078367 A-English translation provided by Google Patents, hereafter Wan) and Gupta (US 20200034449 A1) and further in view of Brooker et al. (US 10061613 B1, hereafter Brooker).

Regarding to Claim 10, the rejection of Claim 1 is incorporated, the combination of Alpern, Wan and Gupta does not disclose: wherein the container virtual computing environment was selected for instantiation based on policy information received by the computing device from a remote container management system.
However, Brooker discloses: wherein the [container] virtual computing environment was selected for instantiation based on policy information received by the computing device from a remote container management system (see lines 59-67 of col. 6; “receives a request to execute the program code of a user … select a virtual machine instance for executing the program code of the user based on the one or more computing constraints specified by the request and cause the program code of the user to be executed on the selected virtual machine instance”. The selection of a virtual computing environment for executing the request is based on the computing constrains specified by the request received. Also see Fig. 1, lines 53-63 of col. 8, the computing constrains specified by the request received mentioned by lines 59-67 of col. 7 is received from the user device, i.e., a remote container management system).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of instantiating a container virtual environment on a host device for executing a task of patching a program code from the combination of Alpern, Wan and Gupta by including the process of selecting a virtual computing environment for executing requested task related to program code from Brooker, and thus the combination of Alpern, Wan, Gupta and Brooker would disclose the missing limitations from the combination of Alpern, Wan and Gupta, since it would provide a mechanism of avoiding allocating a improper  virtual environment for executing user’s task without considering user’s needs (see lines 59-67 of col. 6 from Brooker).

Regarding to Claim 11, the rejection of Claim 1 is incorporated, the combination of Alpern, Wan and Gupta does not disclose: wherein the instantiating the container virtual computing environment is performed only after performing an idempotency check associated with the container virtual computing environment.
However, Brooker discloses: wherein the instantiating the container virtual computing environment is performed only after performing an idempotency check associated with the container virtual computing environment (see lines 64-3 of cols. 2-3, lines 14-17, 26-29 of col. 3; “tasks for idempotent execution on the on-demand code execution system. In this regard, the on-demand code execution system can function to execute a task in response to a task call only when states of any dependencies of the task do not match states of those dependencies during a prior execution”, “decline to create execution environments in which to execute tasks, when such execution is determined to be unnecessary” and “the on-demand code execution system may not be required to locate or generate an execution environment (e.g., virtual machine or contained) in which to execute the code”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of instantiating a container virtual environment on a host device for executing a task of patching a program code from the combination of Alpern, Wan and Gupta by including the process of performing an idempotency check on task to be executed on virtual computing environment before actually creating a virtual computing environment for executing the task from Brooker, since it would provide a mechanism to avoid a situation of creating unnecessary computing resource for an idempotent task (see lines 64-3 of cols. 2-3, lines 14-17, 26-29 of col. 3 from Brooker).

Regarding to Claim 12, the rejection of Claim 11 is incorporated and further the combination of Alpern, Wan, Gupta and Brooker discloses: wherein the idempotency check comprises verifying a certification of idempotency associated with the container virtual computing environment (see lines 57-62 of col. 20 and lines 3-18 of col. 21 from Brooker; “information provided by a user of a task, such as whether a task should be considered idempotent, what dependencies of the task should be considered with respect to idempotency (e.g., which parameters of the task, which external resources, whether code of the task itself is a dependency, etc.), what aspects of the dependency should be considered as representative of state (e.g., complete content, hash value, version number, modification timestamp, etc.), and what function or operation should be used to compare a current state of the dependency with a state during prior execution”).

Regarding to Claim 13, the rejection of Claim 11 is incorporated and further the combination of Alpern, Wan, Gupta and Brooker discloses: wherein the idempotency check comprises determining that the container virtual computing environment has not been previously instantiated to completion and the process has not been previously executed to completion within the container virtual computing environment (see lines 64-3 of cols. 2-3, lines 14-17, 26-29 of col. 3 from Brooker. Also see lines 35-44 of col. 17 and lines 9-14 of col. 19 from Brooker; “if there exists a particular virtual machine instance in the active pool 140A that has a container with the user code of the task already loaded therein” and “if another call associated with the same task that has already been loaded in the container, the call can be assigned to the same container, thereby eliminating the delay associated with creating a new container and loading the code of the task in the container”).

Claims 15-16 and 20 are rejected under 35 U.S.C. 103 as being unpatentable over Gill et al. (US 20190354390 A1, hereafter Gill) in view of Wan et al. (CN 111078367 A-English translation provided by Google Patents, hereafter Wan) and Stoler et al. (US 20200334362 A1, hereafter Stoler).

Regarding to Claim 15, Gill discloses: A system comprising:
a first computing device executing computer-executable instructions that implement a first container management system (see Fig. 3 and [0040]; “The clients 302 might comprise one or more users 306 and/or one or more processes 304 that issue the various resource specification objects to the state management service 308 11 to accomplish respective purposes”. Also see [0028]; “the resource state might correspond to a set of resource entities (e.g., virtual machines, executable containers, projects, catalogs, images, etc.) that each are configured to have attributes”. It is understood to one with ordinary skill in the art that the clients 302 described by [0040] must be at least one computing device executing certain instructions, and since these certain instructions are used to manage or configure resource entities including containers, and thus these certain instructions can be considered as instructions implement container management system); and
a second computing device executing computer-executable instructions that implement a local container manager performing steps (see [0040]; “the state management service 308” is considered as the claimed second computing device) comprising:
receiving a first container package from the first computing device, the first container package comprising a first container definition file (see [0040]; “receives a set of specifications that describe a target resource entity state (operation 1). As can be observed, a set of specification parameters 334 codified in a resource specification object 332 (e.g., a Java Script Object Notation object (JSON object) from a web form) might be received from one or more clients 302”); and
receiving a first policy from the first computing device, the first policy affecting when the second computing device instantiates a container virtual computing environment based on the first container package (see [0040] and [0046]; “receives a set of specifications that describe a target resource entity state (operation 1)” and “Resource entities can have a compliance sub-resource that returns the portion (e.g., parameters) of the “spec” (e.g., resource specification object) that is either enforced or monitored by an explicit profile. Such profiles might be set by a system administrator (e.g., from users 306) and stored in state management rules 348”. Either of the set of specification or the profiles stored in state management rules 348 can be considered as the claimed first policy to affect state management service 308 to instantiate or deploy a container instance).

Gill does not disclose: wherein the second computing device references the first container definition file to determine whether a process executed within the container virtual computing environment is allowed to perform a first action modifying a first computing environment aspect of a host computing environment on which the container virtual computing environment is instantiated.
However, Wan discloses: a first container definition file to determine whether a process executed within the container virtual computing environment is allowed to perform a first action modifying a first computing environment aspect of a host computing environment on which the container virtual computing environment is instantiated (see [0039]-[0043]; “determining a privileged instruction included in the target operation request” and “the white list includes a privilege instruction allowing the application program of each container to be executed on the host, and a directory and a file allowing access; the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed”. Also see [0031]-[0032]; “wherein the privilege instruction can be exemplarily used for accessing a directory of the container host, modifying a kernel parameter of the container host and the like”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the executions of the virtual entity like containers from Gill by including implementing white list and black list associated with a container to specify execution privilege of an instruction/command from Wan, since it would provide a mechanism of dynamic modifying or controlling instruction executions on associated container or host (see [0002]-[0004] from Wan).
Furthermore, Stoler discloses: wherein the privilege information of a container virtual computing environment is set by a user associated with container virtual computing environment (see [0045]-[0047] and [0063]; “Privileged virtual instances may have such strong or elevated access rights through various flags or parameters that can be set when the virtualized and isolated instance is initially spun up, during a pre-instantiation phase (e.g., a DevOps development phase where a developer is configuring code for the instance, privileges of the instance, credentials of the instance, or other features, but has not yet released the instance into a live and operational environment), or after spin-up (e.g., through modification by another privileged virtual instance, or by an administrator, etc.)”, emphasis added. The developer or user sets or configures the information related to the privileges of the container instances to be instantiated).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of instantiating a container on a host device from the combination of Gill and Wan by including the mechanism of allowing the user or developer is able to pre-configure privileges of the container instances before the instantiation phase from Stoler, and thus the combination of Gill, Wan and Stoler would disclose the missing limitations from Gill (note: according to Gill, the set of specification parameters and profiles used for defining what kind of container instance should be instantiated are received from user, and thus when combining the disclosure from Stoler, i.e., a user or developer intends to instantiate certain container instances would also configure privileges of the container instances before the instantiation phase, into Gill, then the set of specification parameters and profiles used for defining what kind of container instance should be instantiated, i.e., the claimed first container definition file, would contain the privilege information related to the same container instance), since it would provide detail example of how privileges of container instances can be dynamic configured (see [0045]-[0047] from Stoler; “Privileged virtual instances may have such strong or elevated access rights through various flags or parameters that can be set when the virtualized and isolated instance is initially spun up, during a pre-instantiation phase (e.g., a DevOps development phase where a developer is configuring code for the instance, privileges of the instance, credentials of the instance, or other features, but has not yet released the instance into a live and operational environment), or after spin-up (e.g., through modification by another privileged virtual instance, or by an administrator, etc”).

Regarding to Claim 16, the rejection of Claim 15 is incorporated and further the combination of Gill, Wan and Stoler discloses: wherein the first policy defines preconditions to an instantiation, by the second computing device, of the container virtual computing environment based on the first container package (see [0040] from Gill. Also see Figs. 3, 5, [0045] and [0062] from Gill. The set of specification parameters would include some deployment conditions of the container to be met for instantiating the container); and
wherein further the location container manager performs further steps comprising: providing, upon determining that the preconditions have been met, the first container package to a container creation service executing on the second computing device to instantiate the container virtual computing environment (see Fig. 3, [0040]-[0042] from Gill; “command compiler 350 consults the then-current system conditions from a set of computing system conditions 342 when generating the commands. A command scheduler 360 at each instance of the resource-specific management agents (e.g., resource-specific management agent 210) executes the commands at target computing environment 320 (operation 4)”. Part of the command compiler 350 and command scheduler 360 are considered as the claimed container creation service).

Regarding to Claim 20, the rejection of Claim 15 is incorporated and further the combination of Gill, Wan and Stoler discloses: wherein the second computing device executes further computer-executable instructions that perform steps comprising:
instantiate the container virtual computing environment (see [0041] from Gill and lines 4-12 of col. 18 from Brooker; “to deploy target resource entity state 338 1 at the target computing environment 320” and “creates a new container on the instance”);
execute, with a first privilege level, the process within the container virtual computing environment, the process, as part of the execution, performing the first action, wherein the first action is performable by processes executed with the first privilege level (see [0039]-[0043] from Wan; “determining a privileged instruction included in the target operation request” and “the white list includes a privilege instruction allowing the application program of each container to be executed on the host, and a directory and a file allowing access; the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed”. Also see [0031]-[0032] from Wan; “wherein the privilege instruction can be exemplarily used for accessing a directory of the container host, modifying a kernel parameter of the container host and the like”);
prevent, by an operating system of the host computing environment, the first action from modifying the first computing environment aspect of the host computing environment (see [0039]-[0043] from Wan; “the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed”); and
perform the first action in the container virtual computing environment thereby modifying the first computing environment aspect of the container virtual computing environment such that processes executing within the container virtual computing environment perceive the first action as having been completed but processes executing within the host computing environment perceive the first action as not having been completed (see [0031]-[0032] and [0039]-[0044] from Wan; “the blacklist includes privileged instructions that prohibit applications of each container from executing on the host, as well as directories and files that are prohibited from being accessed”, “judging whether the privilege instruction is in a preset blacklist or not” and “feeding back the execution result to the application program in the target container”. The privilege instruction that is in the blacklist would be returned to the container domain for further execution to access file or modify parameters of the container instead of host; the modification at the container level is allowed and will be processed but the modification at the host level is prevent and will not be processed, and thus the process executing within the container perceive the first action as having been completed but processes executing within the host perceive the first action as not having been completed);
wherein the performing the first action in the container virtual computing environment is based on the preventing the first action from modifying the first computing environment aspect of the host computing environment (see [0031]-[0032] and [0039]-[0044] from Wan. The privilege instruction that is in the blacklist would be returned to the container domain for further execution).

Claims 17-19 are rejected under 35 U.S.C. 103 as being unpatentable over Gill et al. (US 20190354390 A1, hereafter Gill) in view of Wan et al. (CN 111078367 A-English translation provided by Google Patents, hereafter Wan) and Stoler et al. (US 20200334362 A1, hereafter Stoler) and further in view of Brooker et al. (US 10061613 B1, hereafter Brooker).

Regarding to Claim 17, the rejection of Claim 15 is incorporated, the combination of Gill, Wan and Stoler does not disclose: wherein the location container manager performs further steps comprising: performing an idempotency check associated with the container virtual computing environment.
However, Brooker discloses: wherein the location container manager performs further steps comprising: performing an idempotency check associated with the container virtual computing environment (see lines 64-3 of cols. 2-3, lines 14-17, 26-29 of col. 3; “tasks for idempotent execution on the on-demand code execution system. In this regard, the on-demand code execution system can function to execute a task in response to a task call only when states of any dependencies of the task do not match states of those dependencies during a prior execution”, “decline to create execution environments in which to execute tasks, when such execution is determined to be unnecessary” and “the on-demand code execution system may not be required to locate or generate an execution environment (e.g., virtual machine or contained) in which to execute the code”).
It would have been obvious to one with ordinary skill, in the art before the effective filing date of the claim invention, to modify the process of instantiating a container virtual environment on a host device for executing a task of patching a program code from the combination of Gill, Wan and Stoler by including the process of performing an idempotency check on task to be executed on virtual computing environment before actually creating a virtual computing environment for executing the task from Brooker, since it would provide a mechanism to avoid a situation of creating unnecessary computing resource for an idempotent task (see lines 64-3 of cols. 2-3, lines 14-17, 26-29 of col. 3 from Brooker).

Regarding to Claim 18, the rejection of Claim 17 is incorporated and further the combination of Gill, Wan, Stoler and Brooker discloses: wherein the idempotency check comprises verifying a certification of idempotency, the first container package comprising the certification of idempotency (see lines 57-62 of col. 20 and lines 3-18 of col. 21 from Brooker; “information provided by a user of a task, such as whether a task should be considered idempotent, what dependencies of the task should be considered with respect to idempotency (e.g., which parameters of the task, which external resources, whether code of the task itself is a dependency, etc.), what aspects of the dependency should be considered as representative of state (e.g., complete content, hash value, version number, modification timestamp, etc.), and what function or operation should be used to compare a current state of the dependency with a state during prior execution”).

Regarding to Claim 19, the rejection of Claim 17 is incorporated and further the combination of Gill, Wan, Stoler and Brooker discloses: wherein the idempotency check comprises determining that the container virtual computing environment has not been previously instantiated to completion (see lines 64-3 of cols. 2-3, lines 14-17, 26-29 of col. 3 from Brooker. Also see lines 35-44 of col. 17 and lines 9-14 of col. 19 from Brooker; “if there exists a particular virtual machine instance in the active pool 140A that has a container with the user code of the task already loaded therein” and “if another call associated with the same task that has already been loaded in the container, the call can be assigned to the same container, thereby eliminating the delay associated with creating a new container and loading the code of the task in the container”. Also see lines 5-10 of col. 17, lines 4-12 of col. 18 from Brooker; “pulls a new virtual machine instance from the warming pool 130A, assigns the instance to the user associated with the triggered task, creates a new container on the instance, assigns the container to the triggered task, and causes the user code of the task to be downloaded and executed on the container”).

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure.
Lu et al. (US 20210011740 A1) discloses: users are provided with partial root privileges in their own user containers that certain actions are prohibited from executed the user within the user container (see [0089]-[0090]).
Marino et al. (US 9729579 B1) discloses: a whitelist associated with a container from security policy defines or indicates privileges or access rights of the container on the resources of the host system running the container (see Fig. 4 and Claims 1, 5-6).

Any inquiry concerning this communication or earlier communications from the examiner should be directed to ZHI CHEN whose telephone number is (571)272-0805.  The examiner can normally be reached on Monday-Friday 9:30AM-5PM.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emerson Puente can be reached on (571)272-3652.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.


/Zhi Chen/
Patent Examiner, AU2196

/EMERSON C PUENTE/Supervisory Patent Examiner, Art Unit 2196