DETAILED ACTION
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
Claims 1-20 are presented for examination.

Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.

Claims 1-20 are rejected under 35 U.S.C. 103 as being unpatentable over Vaidya et al. (hereinafter Vaidya) (US 2020/0076685 A1) in view of Kumatagi et al. (hereinafter Kumatagi) (US 2020/0356397).

As to claim 1, Vaidya teaches a virtualized computing system, comprising: 
a host cluster having hosts (clusters of hosts) and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs) (virtual machines are virtualized from physical hardware of the host server, executing applications are isolated from both the hardware of the host, other virtual machines, and from one or more containers) (Figs 1, 4, and 5; [0008]; [0031]; [0038]); 
an orchestration control plane integrated with the virtualization layer, the orchestration control plane (orchestrator 23) including a master server (“master node” for virtual execution elements) executing in a first VM of the VMs (Figs 1,2,  4, and 5; [0047]-[0048]; [0072]); 
guest cluster infrastructure software (GCIS) (Controller Manager 326) executing in the master server (Computing Device 300 is a real or virtual server that can be a Master node), the GCIS configured to create a set of objects (state of set Kubernetes objects may include a combination of names, namespaces, labels, annotations, field selectors, and recommended labels) defining a container orchestration cluster (Kubernetes platform uses a “cluster master node” and “minion nodes”; platform may be a container orchestration platform, etc.; Kubernetes object entities which represent a state of a Kubernetes cluster; in the Docker Swarm platform, there are cluster managers and cluster nodes), and manage lifecycles of second VMs of the VMs (Figs 1, 2, 4, and 5; [0047]-[0051]; [0121]; [0127]; [0141]); and 
guest software executing in the second VMs to implement the container orchestration cluster as a guest cluster of the host cluster, the guest software having components that interface with the GCIS (Abstract; Figs 1, 2, 4, and 5; [0031]; [0043]; [0047]-[0051]; [0121]; [0127]; [0141]).
 Vaidya teaches having a hypervisor/VMM or management of bare metal virtualization that creates and manages the lifecycles of its virtual machines ([0031]; [0107]; [0007]).  However, Vaidya does not explicitly teach that its management of virtual machines is based on the object state of its container orchestration cluster. 
In response, Kumatagi teaches having a host cluster having hosts and a virtualization layer of VMs executing on hardware platforms of the hosts.  There is management for virtual machines via hypervisor 404 and/or openstack, which serves as a virtual infrastructure (VI) control plane.  VM management actions can be based on a detected triggering factor relating to containers or clusters of containers, which can be managed by a Kubernetes platform, or a container orchestration cluster, such as a Container Orchestration Manager (COM) or Kubernetes Master 610 (Abstract; Fig. 4-8; [0011]; [0015]; [0058]; [0061]; [0065]-[0069]; [0077]).    
Vaidya and Kumatagi are analogous art with the claimed invention because they are all I the same field of endeavor of managing both virtual machines and containers.  It would have been obvious to one of ordinary skill in the art to combine the teachings of Vaidya and Kumatagi’s so that its VMs can be managed based on the state or objects from container management, as taught and suggested in Kumatagi.  The suggestion/motivation for doing so would have been to provide the predicted result of being able to detect threats and/or a change in compliance requirements and to dynamically respond to a changing threat level or a resource limiting situation by live migrating without service interruption to one or more VMs (Kumatagi – [0002]).

As to claim 2, Vaidya teaches further comprising: a virtual infrastructure (VI) control plane configured to manage the host cluster and the virtualization layer (VMM, hypervisor like Xen ESXi from VMware, or VM management if virtualization is bare-metal); wherein the GCIS is configured to cooperate with the VI control plane to manage the lifecycles of the second VMs (hypervisor/VMM, etc., container orchestration platform, etc. all work together with the orchestrator 23) ([0007]; [0107]; [0047]-[0051]; [0121]; [0127]; [0141]).  And as shown above, Kumatagi teaches having a host cluster having hosts and a virtualization layer of VMs executing on hardware platforms of the hosts.  There is management for virtual machines via hypervisor 404 and/or openstack, which serves as a virtual infrastructure (VI) control plane.  VM management actions can be based on a detected triggering factor relating to containers or clusters of containers, which can be managed by a Kubernetes platform, or a container orchestration cluster, such as a Container Orchestration Manager (COM) or Kubernetes Master 610 (Abstract; Fig. 4-8; [0011]; [0015]; [0058]; [0061]; [0065]-[0069]; [0077]).    

As to claim 3, Vaidya teaches wherein VI control plane includes a network manager (network controller 24 for network management)  and a storage manager, wherein the GCIS includes a network plugin (network module 17A may be referred to as a network plugin) configured to cooperate with the network manager (plugins using the Container Network Interface, CNI) and a storage plugin configured to cooperate with the storage manager (in data center 10 hosts, manages, and provides infrastructure for physical and virtual resources such as network and storage resources), and wherein the components of guest software that interface with the GCIS include a container network interface (CNI) (CNI delegating plugin) and a container storage interface (CSI), the CNI configured to cooperate with the network plugin and the CSI configured to cooperate with the storage plugin ([0003]; [0008]; [0024]; [0048]-[0049]; [0069]; [0072]; [0080]; [0087]-[0090]; [0143]; [0160]).  In addition, Kumatagi teaches provision computing capabilities for utilization of resources such as network and storage ([0027]; [0031]; [0033]; [0035]).

As to claim 4, Vaidya teaches wherein the VI control plane includes a VM management server configured to define a namespace having resource constraints (hardware constraints, software constraints, policy constraints, etc.), and wherein the GCIS deploys the second VMs within the namespace and constrained by the resource constraints (in a particular mode, resources are not accessible unless network policies are explicitly defined to allow access for the namespace) (Abstract; [0011]; [0053]-[0054]; [0069]-[0070]; [0101]; [0139]; [0141]; [0164]).  Kumatagi teaches having namespaces based on resource limiting capabilities (Abstract, etc.).

As to claim 5, Vaidya teaches wherein the namespace includes policy information and authorization (security/authentication/authorization) constraints, and wherein the GCIS is configured to propagate the policy information and the authorization constraints from the namespace to a control plane in the guest cluster (Abstract; [0011]; [0053]-[0054]; [0101]; [0137]; [0139]; [0141]; [0164]).

As to claim 6, Vaidya (Abstact; Figs. 1, 2, 4, 5; [0008]; [0048]; [0051]; [0064]; [0069]; [0142]-[0143]) in view of Kumatagi (Abstract; [0035]-[0036]) teaches wherein the GCIS comprises: an Infrastructure-as-a-Service (IaaS) layer configured to provide a declarative interface to interact with an imperative interface of the VI control plane to manage the lifecycles of the second VMs; a cluster management layer configured to create first objects in the set of objects that represent an abstraction of the container orchestration cluster in response to a specification of the container orchestration cluster; and a cluster lifecycle layer configured to create, in response to the first objects, second objects in the set of objects that represent a physical implementation of the container orchestration cluster, the second objects being part of the declarative interface of the IaaS layer.

As to claim 7, Vaidya teaches wherein the components that interface with the GCIS include a bootstrap utility, and wherein the GCIS is configured to provide settings to the guest software through the bootstrap utility (container orchestration platform and interface configuration data 25 provide the functionality of a bootstrap utility) ([0047]; [0095]-[0097]).

As to claim 8, Vaidya teaches a method of deploying a guest cluster as a virtual extension of a host cluster, the host cluster comprises hosts and a virtualization layer executing on hardware platforms of the hosts, the virtualization layer supporting execution of virtual machines (VMs), the method comprising: 
creating, by guest cluster infrastructure software (GCIS) (Controller Manager 326), a set of objects defining a container orchestration cluster (Kubernetes cluster with container orchestration platform), the GCIS executing in a master server of an orchestration control plane (orchestrator 23) integrated with the virtualization layer, the master server executing in a first VM of the VMs (Kubernetes platform uses a “cluster master node” and “minion nodes”; platform may be a container orchestration platform, etc.; Kubernetes object entities which represent a state of a Kubernetes cluster; in the Docker Swarm platform, there are cluster managers and cluster nodes) (state of set Kubernetes objects may include a combination of names, namespaces, labels, annotations, field selectors, and recommended labels) (Figs 1, 2, 4, and 5; [0047]-[0051]; [0121]; [0127]; [0141]); 
instructing, by the GCIS based on state of the set of objects, a virtual infrastructure (VI) control plane (VMM, hypervisor like Xen ESXi from VMware, or VM management if virtualization is bare-metal) managing the host cluster (clusters of hosts) to deploy second VMs of the VMs, the second VMs executing guest software to implement the container orchestration cluster as a guest cluster of the host cluster (virtual machines are virtualized from physical hardware of the host server, executing applications are isolated from both the hardware of the host, other virtual machines, and from one or more containers) (Figs 1, 4, and 5; [0008]; [0031]; [0038]); and 
managing, by the GCIS, lifecycles of second VMs of the VMs (Figs 1, 2, 4, and 5; [0047]-[0051]; [0121]; [0127]; [0141]).
Vaidya teaches having a hypervisor/VMM or management of bare metal virtualization that creates and manages the lifecycles of its virtual machines ([0031]; [0107]; [0007]).  However, Vaidya does not explicitly teach that its management of virtual machines is based on the object state of its container orchestration cluster. 
In response, Kumatagi teaches having a host cluster having hosts and a virtualization layer of VMs executing on hardware platforms of the hosts.  There is management for virtual machines via hypervisor 404 and/or openstack, which serves as a virtual infrastructure (VI) control plane.  VM management actions can be based on a detected triggering factor relating to containers or clusters of containers, which can be managed by a Kubernetes platform, or a container orchestration cluster, such as a Container Orchestration Manager (COM) or Kubernetes Master 610 (Abstract; Fig. 4-8; [0011]; [0015]; [0058]; [0061]; [0065]-[0069]; [0077]).    
Vaidya and Kumatagi are analogous art with the claimed invention because they are all I the same field of endeavor of managing both virtual machines and containers.  It would have been obvious to one of ordinary skill in the art to combine the teachings of Vaidya and Kumatagi’s so that its VMs can be managed based on the state or objects from container management, as taught and suggested in Kumatagi.  The suggestion/motivation for doing so would have been to provide the predicted result of being able to detect threats and/or a change in compliance requirements and to dynamically respond to a changing threat level or a resource limiting situation by live migrating without service interruption to one or more VMs (Kumatagi – [0002]).

As to claim 9, it is rejected for the same reasons as stated in the rejection of claim 4.

As to claim 10, it is rejected for the same reasons as stated in the rejection of claim 5.

As to claims 11-12, it is rejected for the same reasons as stated in the rejection of claim 6.

As to claim 13, it is rejected for the same reasons as stated in the rejection of claim 7.

As to claim 14, it is rejected for the same reasons as stated in the rejection of claim 3.

As to claim 15, it is rejected for the same reasons as stated in the rejection of claim 8.

As to claim 16, it is rejected for the same reasons as stated in the rejection of claim 9.

As to claim 17, it is rejected for the same reasons as stated in the rejection of claim 5.

As to claim 18, it is rejected for the same reasons as stated in the rejection of claim 11.

As to claim 19, it is rejected for the same reasons as stated in the rejection of claim 12.

As to claim 20, it is rejected for the same reasons as stated in the rejection of claim 3.

Conclusion
The prior art made of record and not relied upon is considered pertinent to applicant's disclosure:
Gill et al. (US 2016/0359955 A1) discloses an architecture for managing I/O and storage for a virtualization environment using executable containers and virtual machines.

Any inquiry concerning this communication or earlier communications from the examiner should be directed to KENNETH TANG whose telephone number is (571)272-3772. The examiner can normally be reached Monday-Friday 7AM-3PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Lewis Bullock can be reached on 571-272-3759. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/KENNETH TANG/Primary Examiner, Art Unit 2199