DETAILED ACTION

	Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

This Office Action is in response to the amendment filed on 9/12/2022.  This action is made FINAL.

Claims 1-20 are pending and they are presented for examinations.

Response to Arguments

Applicant's arguments filed regarding claim 1 (page 7), “Yang teaches nodes of a container system, such as Kubernetes, being either physical machines or virtual machines (the servers 102 can be virtual machines in Fig. 1). However, Yang does not teach the details of the hypervisor that supports the virtual machines. The Examiner concedes that Yang does not teach a hypervisor on each host. (Office Action, p. 6). However, the Examiner states that Yang teaches Applicant’s claimed orchestration control plane that includes a master server and pod VM controllers and is integrated with each hypervisor. Since Yang does not disclose hypervisors on each host, no orchestration control plane in Yang can be integrated with hypervisors as recited in Applicant’s claim 1.”  
The examiner would like to point out to Yang in view of Kumatagi and further in view of McClory discloses the above limitation.
The examiner would like to disclose hypervisor:
“A hypervisor (also known as a virtual machine monitor, VMM, or virtualizer) is a type of computer software, firmware or hardware that creates and runs virtual machines. A computer on which a hypervisor runs one or more virtual machines is called a host machine, and each virtual machine is called a guest machine. The hypervisor presents the guest operating systems with a virtual operating platform and manages the execution of the guest operating systems.” https://en.wikipedia.org/wiki/Hypervisor

Yang silently discloses hypervisor (i.e. virtualization) “which is a software implementation of a computer that executes programs or applications as if it was a physical computer.” [Column 2]
Kumatagi reference was used to explicitly state/disclose “hypervisor” (i.e. KVM, Xen, and ESXi) operating within the Kubernetes environment which Yang and Kumatagi both discloses.
McClory discloses KVM, Xen, and ESXi bare-metal hypervisor(s).

A person of ordinary skill in the art before the effective filing date of the invention would easily recognize a hypervisor is a necessary component of virtualization where virtual machines are present.  
The examiner requests the applicant to disclose a virtual machine environment without needing a host OS/hypervisor/VMM/software which virtualizes an underlying hardware resource(s). 
Therefore, argument is not persuasive.

Applicant's arguments filed regarding claim 1 (page 8), “However, Kumatagi describes compute nodes in Figs. 4 and 5. The compute node in Fig. 5 includes only a host operating system 505 and does not include a hypervisor. The host operating system does not support execution of VMs and thus does not teach or suggest a hypervisor. The compute node in Fig. 4 includes a hypervisor 404 executing on top of a host operating system 405, which is known as a Type-2 hypervisor and not a bare metal hypervisor as recited in Applicant’s claims. Kumatagi does not teach or suggest a compute node having a bare metal hypervisor. Any permissible combination of Yang and Kumatagi teaches or suggests only hosts having Type-2 hypervisors, and not hosts with bare metal hypervisors as recited in Applicant’s claims.”

Kumatagi clearly discloses “hypervisor” (i.e. KVM, Xen, and ESXi) operating within the Kubernetes environment.
McClory clearly disclose KVM, Xen, and ESXi bare-metal hypervisor(s).
	Therefore, argument is not persuasive. 


Applicant’s argument filed regarding claim 1 (page 8), “Since the container runtime (runV) executes externally to the virtual machines, the agent 712 communicates directly with the container runtime and there is not teaching or suggestion of a pod VM agent executing inside the virtual machines to manage the containers (1.e., all the container management in Kumatagi executes external to the virtual machines).”
The examiner is unclear why Kumatagi was referred.  The Kuamtigi reference was used to explicitly spell out hypervisor which is silently disclosed by Yang.
Therefore, the examine is unclear how this argument should be addressed since Yang reference was used for this limitation.

Claim Rejections - 35 USC § 103

In the event the determination of the status of the application as subject to AIA  35 U.S.C. 102 and 103 (or as subject to pre-AIA  35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.  
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.


Claim(s) 1-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Yang et al. (Pat 10,191,778) (hereafter Yang) in view of Kumatagi et al. (Pub 20200356397) (hereafter Kumatagi) and further in view of McClory et al. (Pub 20180324204) (hereafter McClory).

As per claim 1, Yang teaches:
A virtualized computing system, comprising: 
a host cluster having hypervisors being bare metal hypervisors directly executing on hardware platforms of hosts, each hypervisor supporting execution of virtual machines (VMs), the VMs including pod VMs, the pod VMs including container engines supporting execution of containers in the pod VMs; ([Column 2 line 16-30], According to various embodiments, the principles disclosed herewith can be implemented on top of other software, whether existing or new, and whether proprietary or public (e.g., Kubernetes), that uses or deploys the following entities and processes: nodes/minions (e.g., physical machines (PMs) and/or virtual machines ( VMs)); pods (including a group of containers, which may be smallest deployable units); [Column 47 line 31-54], The node 1950 is also known as a worker or minion and is the single machine, or virtual machine, where containers are deployed. Each node 1950 in a cluster must run in the container runtime--such as the container 1954--for communication with the master 1940.  [Column 48 line 14-24], According to various embodiments, the principles disclosed herewith can be implemented on top of other software, whether existing or new, and whether proprietary or public (e.g., Kubernetes), that uses or deploys the following entities and processes: nodes/minions (e.g., physical machines (PMs) and/or virtual machines ( VMs)); pods (including a group of containers, which may be smallest deployable units);  [Column 4 line 1-13], A container system may include software abstractions to virtualize computer resources (or compute resources) which are used by applications running in the container ("containerized" applications). The container system provides means to provision containers, allocate and control the resources available to a container, deploy and execute applications in the container, and facilitate full use of the container resources by such containerized applications, while isolating them from other applications, sharing the underlying resources. When a containerized application accesses a virtualized container resource (e.g., CPU, memory, storage I/O, Network I/O), the container system maps this access to a direct access of the underlying real resource.)
an orchestration control plane integrated with each hypervisor, the orchestration control plane including a master server and pod VM controllers, the pod VM controllers executing in the hypervisors external to the VMs, the pod VM controllers configured as agents of the master server to manage the pod VMs; and 
pod VM agents, executing in the pod VMs, configured as agents of the pod VM controllers to manage the containers executing in the pod VMs.  ([Column 18 line 42-44], FIG. 26 is a block diagram of another exemplary master controller in the container environment of FIG. 19A.  [Column 47 line 3-54], The environment 1900 can be implemented as a master-slave architecture. Stated in another way, the environment 1900 can be divided into subcomponents that manage individual nodes (such as the cAdvisor, or a single virtual machine or container) and subcomponents that are part of the control plane, such as a master 1940 (which, according to various embodiments, is a Kubernetes master) shown in FIG. 20. Turning to FIG. 20, the master 1940 includes a distributed key-value data store (or etcd) 1941, a scheduler 1942 (e.g., kube-scheduler), an API server 1943 (e.g., kube-apiserver), and a controller manager 1944 (e.g., kube-controller-manager).  The controller manager 1944 communicates with the API server 1943 to create, update, and delete the resources that are managed by the master 1940 (e.g., pods, service endpoints, and so on). The controller manager 1944 can represent the replication controller for the environment 1900.  As discussed, the environment 1900 can be divided into subcomponents that manage individual nodes, such as the node 1950 shown in FIG. 21. Turning to FIG. 21, an exemplary node 1950 is shown as including a flannel 1951, a proxy 1952 (e.g., kube-proxy), a node agent 1953 (e.g., kubelet), and a container 1954 (e.g., Docker). The node 1950 is also known as a worker or minion and is the single machine, or virtual machine, where containers are deployed. Each node 1950 in a cluster must run in the container runtime--such as the container 1954--for communication with the master 1940. The agent 1953 is responsible for running state of each node and starts, stops, and maintains application containers (organized as pods) as directed by the master 1940. The agent 1953 monitors the state of a pod and if the pod is not in a desired state, the pod will be redeployed to the same node. Once the master 1940 detects a node failure, the controller manager 1944 observes the state of chance and launches pods on other healthy nodes.)
However, Yang does not explicitly disclose cluster having hypervisors on each hosts.
Kumatagi teaches cluster having hypervisors on each hosts. ([Paragraph 84], The container orchestration system 700 may also be referred to as a cluster (e.g., the container orchestration system 700 may correspond to a Kubernetes cluster).  [Fig. 4] [Paragraph 7], FIG. 4 illustrates a plurality of compute nodes at least one of which includes a plurality of virtual machines, according to one or more embodiments.  [Paragraph 61], As illustrated in FIG. 4, each of the compute nodes 400 includes hardware 406 that may include processors (or CPUs) 407, memory 408, network interface cards (NICs) 409, and disk drives 410. The disk drives 410 may include solid state drives or hard disk drives or some combination of the two. On the hardware, the compute nodes 400 run a host operating system 405. The compute nodes 400 also include a hypervisor 404 to share and manage the hardware 406, allowing multiple different environments 401, isolated from each other, to be executed on the same physical machine 400. The hypervisor 404 may use hardware-assisted virtualization, which provides efficient and full virtualization by using virtualization-specific hardware capabilities, primarily from the host CPUs 407. Each compute node 400 includes one or more virtual machines 401 each of which includes a guest operating system 403 and one or more application programs (or applications) 402 running on the guest operating system 403.  [Paragraph 99], For example, runV is capable of using existing hypervisors such as KVM, Xen, and ESXi. One skilled in the art will appreciate that other hypervisor-based runtime implementations of the OCI runtime specification may be used in lieu of, or in addition to, runV.)
It would have been obvious to a person with ordinary skill in the art, before the effective filing date of the invention, to combine the teachings of Yang wherein a hardware cluster (i.e. nodes/hosts) with a virtualization layer executing virtual machine (VMs) (i.e. pod VMs) in which the pod VMs includes a container engine which enables execution of containers in the pod VMs,  controller manager in conjunction with a Kubernetes master manages/controls resources of environment(s), into teachings of Kumatagi wherein the virtualization layer is a hypervisor which is executed on each node of a cluster, because this would enhance the teachings of Yang wherein by providing a hypervisor to each node of the cluster, it allows sharing and management of hardware resources amongst multiple different environment(s) isolated from each other, the hypervisor also uses hardware-assisted virtualization, which provides efficient and full virtualization by using virtualization-specific hardware capabilities.
Although Kumatagi teaches hypervisor is an ESXi hypervisor. 
Yang and Kumatagi do not explicitly disclose ESXi hypervisor is a bare-metal hypervisor.
McClory teaches a hypervisor is a bare-metal hypervisor such as ESXi bare-metal hypervisor. ([Paragraph 40], In an embodiment, each of the server devices (e.g., server device 122-1) of an infrastructure services provider system 116-1 may generally include, without limitation, a virtual machine monitor (VMM) (e.g., VMM 128), which may be configured to execute directly on the server devices and manage the concurrent execution of one or more guest operating systems 132. For example, VMM 128 may be representative of a native or bare-metal hypervisor (e.g., VMWARE ESXi hypervisor, MICROSOFT Hyper-V hypervisor, KVM hypervisor, Proxmox hypervisor, etc.) configured to execute and manage multiple instances of guest operating systems 132 (e.g., MICROSOFT Windows Server, Ubuntu Server, Debian Linux, CentOS Linux, Red Hat Linux, Ubuntu Snappy, CoreOS, VMWARE Photon, etc.) on the server device 122-1.  [Paragraph 42], In an embodiment, the one or more guest operating systems 132 may be generally configured to execute one or more container engines 134 (e.g., Docker Container Engine, rkt Container Engine, etc.))
It would have been obvious to a person with ordinary skill in the art, before the effective filing date of the invention, to combine the teachings of Yang and Kumatagi wherein a hardware cluster (i.e. nodes/hosts) with a virtualization layer executing virtual machine (VMs) (i.e. pod VMs) in which the pod VMs includes a container engine which enables execution of containers in the pod VMs,  controller manager in conjunction with a Kubernetes master manages/controls resources of environment(s) and the virtualization layer is a hypervisor which is executed on each node of a cluster, into teachings of McClory wherein the hypervisor is a bare-metal hypervisor because this would enhance the teachings of Yang and Kumatagi wherein by implementing a bare-metal hypervisor, the hypervisor can directly access and control underlying resources thus improving latency and cost as oppose to going through another virtualization layer (i.e. non-bare-metal hypervisor).


As per claim 2, rejection of claim 1 is incorporated:
Yang teaches wherein the VMs include native VMs having guest operating systems executing therein, the guest operating systems isolated from the pod VM controllers. ([Column 47 line 3-54], The environment 1900 can be implemented as a master-slave architecture. Stated in another way, the environment 1900 can be divided into subcomponents that manage individual nodes (such as the cAdvisor, or a single virtual machine or container) and subcomponents that are part of the control plane, such as a master 1940 (which, according to various embodiments, is a Kubernetes master) shown in FIG. 20. [Column 3 line 53-67], Container systems provide an operating-system level virtualization in which the kernel of an operating system can allow for multiple isolated user space instances. [Column 47 line 11-30], Turning to FIG. 20, the master 1940 includes a distributed key-value data store (or etcd) 1941, a scheduler 1942 (e.g., kube-scheduler), an API server 1943 (e.g., kube-apiserver), and a controller manager 1944 (e.g., kube-controller-manager). The distributed key-value data store 1941 stores data of a cluster, representing the overall state of the cluster at a predetermined point in time. The scheduler 1942 selects the node that an unscheduled pod should run on based on resource availability. Stated in another way, the scheduler 1942 binds unscheduled pods to nodes. The scheduler 1942 tracks resource utilization on each node to ensure that workload is not scheduled in excess of the available resources. The API server 1943 provides both an internal and external interface to the environment 1900 (e.g., Kubernetes environment). The controller manager 1944 communicates with the API server 1943 to create, update, and delete the resources that are managed by the master 1940 (e.g., pods, service endpoints, and so on). The controller manager 1944 can represent the replication controller for the environment 1900.)
Kumatagi also teaches ([Paragraph 17], The approach effectively partitions the resources managed by the single operating system into isolated groups to better balance the conflicting demands on resource usage between isolated groups. In contrast to other types of virtualization, neither instruction-level emulation nor just-in-time compilation is required. In addition, containers can run instructions native to the core CPU without any special interpretation mechanisms. By providing a way to create and enter containers, an operating system gives applications the illusion of running on a separate machine while at the same time sharing many of the underlying resources.)

As per claim 3, rejection of claim 1 is incorporated:
Yang teaches further comprising a VM management server, wherein the master server includes an application programming interface (API) server and a scheduler, and wherein:
the API server is configured to create pods in response to specification data;
the scheduler is configured to select candidate hosts of the host cluster on which to schedule the pods and to provide the candidate hosts to the VM management server; and
the VM management server is configured to select one or more of the candidate hosts on which to deploy the pods.  ([Column 47 line 3-54], The environment 1900 can be implemented as a master-slave architecture. Stated in another way, the environment 1900 can be divided into subcomponents that manage individual nodes (such as the cAdvisor, or a single virtual machine or container) and subcomponents that are part of the control plane, such as a master 1940 (which, according to various embodiments, is a Kubernetes master) shown in FIG. 20. [Column 3 line 53-67], Container systems provide an operating-system level virtualization in which the kernel of an operating system can allow for multiple isolated user space instances. [Column 47 line 11-30], Turning to FIG. 20, the master 1940 includes a distributed key-value data store (or etcd) 1941, a scheduler 1942 (e.g., kube-scheduler), an API server 1943 (e.g., kube-apiserver), and a controller manager 1944 (e.g., kube-controller-manager). The distributed key-value data store 1941 stores data of a cluster, representing the overall state of the cluster at a predetermined point in time. The scheduler 1942 selects the node that an unscheduled pod should run on based on resource availability. Stated in another way, the scheduler 1942 binds unscheduled pods to nodes. The scheduler 1942 tracks resource utilization on each node to ensure that workload is not scheduled in excess of the available resources. The API server 1943 provides both an internal and external interface to the environment 1900 (e.g., Kubernetes environment). The controller manager 1944 communicates with the API server 1943 to create, update, and delete the resources that are managed by the master 1940 (e.g., pods, service endpoints, and so on). The controller manager 1944 can represent the replication controller for the environment 1900.  [Column 6 line 7-16], determining, by an Application Element Manager running on a data processor in the container system, the value of a service level agreement parameter for the application based on the allocated computer resource bundle; comparing the determined service level agreement parameter level for the application to a threshold service level agreement parameter level; automatically modifying the allocation of computer resources to the application depending on whether the identified service level agreement parameter level for the application is below or above the threshold service level agreement parameter level; and repeating the determining, comparing and automatically modifying steps until the operation of the application in the container system is suspended or terminated. Other embodiments of this aspect include corresponding systems, apparatus, and computer program products.)

As per claim 4, rejection of claim 3 is incorporated:
Yang teaches wherein the master sever includes a controller, and wherein:
the scheduler is configured to convert specifications of the pods into VM specifications; and 
the controller is configured to cooperate with the VM management server to deploy the pod VMs having the VM specifications. 
([Column 47 line 3-54], The environment 1900 can be implemented as a master-slave architecture. Stated in another way, the environment 1900 can be divided into subcomponents that manage individual nodes (such as the cAdvisor, or a single virtual machine or container) and subcomponents that are part of the control plane, such as a master 1940 (which, according to various embodiments, is a Kubernetes master) shown in FIG. 20. [Column 3 line 53-67], Container systems provide an operating-system level virtualization in which the kernel of an operating system can allow for multiple isolated user space instances. [Column 47 line 11-30], Turning to FIG. 20, the master 1940 includes a distributed key-value data store (or etcd) 1941, a scheduler 1942 (e.g., kube-scheduler), an API server 1943 (e.g., kube-apiserver), and a controller manager 1944 (e.g., kube-controller-manager). The distributed key-value data store 1941 stores data of a cluster, representing the overall state of the cluster at a predetermined point in time. The scheduler 1942 selects the node that an unscheduled pod should run on based on resource availability. Stated in another way, the scheduler 1942 binds unscheduled pods to nodes. The scheduler 1942 tracks resource utilization on each node to ensure that workload is not scheduled in excess of the available resources. The API server 1943 provides both an internal and external interface to the environment 1900 (e.g., Kubernetes environment). The controller manager 1944 communicates with the API server 1943 to create, update, and delete the resources that are managed by the master 1940 (e.g., pods, service endpoints, and so on). The controller manager 1944 can represent the replication controller for the environment 1900.  [Colum 39 line 55-60], Turning to FIG. 11, according to various embodiments, the supply chain 1100 may include two types of entities, namely, Service Entities (SEs), such as a Virtual Machine 1110 or a Container 1120, and Resources, such as CPU Allocation (CPUAllocation) 1102 and Memory Allocation (MemAllocation) 1101.  [Column 40 line 1-9], For example, in FIG. 11, the MemAllocation 1101 of the Container 1120 may reduce as a result of congestion for resources at the Virtual Machine level. Increased utilization of MemAllocation 1101 of the Virtual Machine 1110 will lead to increased MemAllocation price. In turn, the increased MemAllocation price increases expenses of MemAllocation for the Container 1120, leading to a decision to reduce the size of MemAllocation of the Container 1120.)
Kumatagi also teaches ([Paragraph 67], Master components provide the Kubernetes cluster's control plane (also referred to as "Kubernetes control plane"). Master components may include, but are not limited to, kube-apiserver, etcd, kube-scheduler, kube-controller-manager, and cloud-controller-manager. Master components make global decisions about the Kubernetes cluster. For example, master components handle scheduling. In addition, master components are utilized in detecting and responding to cluster events. For example, master components are responsible for starting up a new pod when a replication controller's "replicas" field is unsatisfied. Master components can be run on any machine in the cluster. Nonetheless, set up scripts typically start all master components on the same machine, and do not run user containers on that machine.)

As per claim 5, rejection of claim 1 is incorporated:
Yang teaches a virtual infrastructure (VI) control plane having a network manager configured to manage software-defined (SD) networking for the host cluster and network agents, in the hypervisors, configured to cooperate with the network manager. ([Column 16 line 23-34], In some embodiments, the method further includes dividing the container system into subcomponents including at least one subcomponent that manages individual nodes in the container system and at least one subcomponent that forms part of a control plane; and selecting, by a scheduler in the container system, a node that the pod is to run on, wherein the selection is based at least in part on resource availability of the selected node. [Column 4 line 1-13], A container system may include software abstractions to virtualize computer resources (or compute resources) which are used by applications running in the container ("containerized" applications). The container system provides means to provision containers, allocate and control the resources available to a container, deploy and execute applications in the container, and facilitate full use of the container resources by such containerized applications, while isolating them from other applications, sharing the underlying resources. When a containerized application accesses a virtualized container resource (e.g., CPU, memory, storage I/O, Network I/O), the container system maps this access to a direct access of the underlying real resource.  [Column 6 line 45-63], Another aspect of the subject matter described in this specification can be embodied in methods and systems that include network-aware placement of containers to minimize input/output (I/O) latency. Some methods include the actions of determining a target I/O latency metric, for storage or network communications of an application running in a container system; determining, by a container manager, a first I/O pathway that meets the target latency and an amount of I/O bandwidth, over the first I/O pathway, to be acquired for the container; allocating the determined amount of I/O bandwidth, over the determined first I/O pathway to the application; automatically allocating the determined amount of I/O bandwidth to the application, from the second I/O pathway, based at least in part on the determined I/O bandwidth utilization of the first I/O pathway. Other embodiments of this aspect include corresponding systems, apparatus, and computer program products.)
Kumatagi teaches cluster having hypervisors on each hosts. ([Paragraph 84], The container orchestration system 700 may also be referred to as a cluster (e.g., the container orchestration system 700 may correspond to a Kubernetes cluster).  [Fig. 4] [Paragraph 7], FIG. 4 illustrates a plurality of compute nodes at least one of which includes a plurality of virtual machines, according to one or more embodiments.  [Paragraph 61], As illustrated in FIG. 4, each of the compute nodes 400 includes hardware 406 that may include processors (or CPUs) 407, memory 408, network interface cards (NICs) 409, and disk drives 410. The disk drives 410 may include solid state drives or hard disk drives or some combination of the two. On the hardware, the compute nodes 400 run a host operating system 405. The compute nodes 400 also include a hypervisor 404 to share and manage the hardware 406, allowing multiple different environments 401, isolated from each other, to be executed on the same physical machine 400. The hypervisor 404 may use hardware-assisted virtualization, which provides efficient and full virtualization by using virtualization-specific hardware capabilities, primarily from the host CPUs 407. Each compute node 400 includes one or more virtual machines 401 each of which includes a guest operating system 403 and one or more application programs (or applications) 402 running on the guest operating system 403.)

As per claim 6, rejection of claim 5 is incorporated:
Yang teaches wherein the pod VM controllers are configured to: 
communicate with the network agents in the hypervisors to obtain network configurations for the pod VMs;
communicate with image services in the hypervisors to obtain container images for the pod VMs; and
start the pod VM agents. ([Column 4 line 1-13], A container system may include software abstractions to virtualize computer resources (or compute resources) which are used by applications running in the container ("containerized" applications). The container system provides means to provision containers, allocate and control the resources available to a container, deploy and execute applications in the container, and facilitate full use of the container resources by such containerized applications, while isolating them from other applications, sharing the underlying resources. When a containerized application accesses a virtualized container resource (e.g., CPU, memory, storage I/O, Network I/O), the container system maps this access to a direct access of the underlying real resource.  [Column 6 line 45-63], Another aspect of the subject matter described in this specification can be embodied in methods and systems that include network-aware placement of containers to minimize input/output (I/O) latency. Some methods include the actions of determining a target I/O latency metric, for storage or network communications of an application running in a container system; determining, by a container manager, a first I/O pathway that meets the target latency and an amount of I/O bandwidth, over the first I/O pathway, to be acquired for the container; allocating the determined amount of I/O bandwidth, over the determined first I/O pathway to the application; automatically allocating the determined amount of I/O bandwidth to the application, from the second I/O pathway, based at least in part on the determined I/O bandwidth utilization of the first I/O pathway. Other embodiments of this aspect include corresponding systems, apparatus, and computer program products.  [Column 5 line 26-49], Another aspect of the subject matter described in this specification can be embodied in methods and systems that include determining, by a Container Manager running on a data processor in a first container system, a computer resource bundle to be purchased for a container in the first container system using virtual currency units; receiving, from a Proxy Manager of a second container system offering the computer resource bundle, a purchase price for the computer resource bundle in virtual currency units; automatically purchasing the computer resource bundle from the second container system based at least in part on the purchase price received from the Proxy Manager of the second container system; allocating the computer resource bundle from the second container system to the container in the first container system; and dispatching the container from the first container system to execute at the second container system. In some embodiments, dispatching the container includes sending an image of a stateful container to another server or, in the case of stateless containers, initiating a new container on another server and terminating the server on the first server. Other embodiments of this aspect include corresponding systems, apparatus, and computer program products.  [Column 47 line 3-54], The environment 1900 can be implemented as a master-slave architecture. Stated in another way, the environment 1900 can be divided into subcomponents that manage individual nodes (such as the cAdvisor, or a single virtual machine or container) and subcomponents that are part of the control plane, such as a master 1940 (which, according to various embodiments, is a Kubernetes master) shown in FIG. 20. Turning to FIG. 20, the master 1940 includes a distributed key-value data store (or etcd) 1941, a scheduler 1942 (e.g., kube-scheduler), an API server 1943 (e.g., kube-apiserver), and a controller manager 1944 (e.g., kube-controller-manager).  The controller manager 1944 communicates with the API server 1943 to create, update, and delete the resources that are managed by the master 1940 (e.g., pods, service endpoints, and so on). The controller manager 1944 can represent the replication controller for the environment 1900.  As discussed, the environment 1900 can be divided into subcomponents that manage individual nodes, such as the node 1950 shown in FIG. 21. Turning to FIG. 21, an exemplary node 1950 is shown as including a flannel 1951, a proxy 1952 (e.g., kube-proxy), a node agent 1953 (e.g., kubelet), and a container 1954 (e.g., Docker). The node 1950 is also known as a worker or minion and is the single machine, or virtual machine, where containers are deployed. Each node 1950 in a cluster must run in the container runtime--such as the container 1954--for communication with the master 1940. The agent 1953 is responsible for running state of each node and starts, stops, and maintains application containers (organized as pods) as directed by the master 1940. The agent 1953 monitors the state of a pod and if the pod is not in a desired state, the pod will be redeployed to the same node. Once the master 1940 detects a node failure, the controller manager 1944 observes the state of chance and launches pods on other healthy nodes.)
Kumatagi teaches cluster having hypervisors on each hosts. ([Paragraph 84], The container orchestration system 700 may also be referred to as a cluster (e.g., the container orchestration system 700 may correspond to a Kubernetes cluster).  [Fig. 4] [Paragraph 7], FIG. 4 illustrates a plurality of compute nodes at least one of which includes a plurality of virtual machines, according to one or more embodiments.  [Paragraph 61], As illustrated in FIG. 4, each of the compute nodes 400 includes hardware 406 that may include processors (or CPUs) 407, memory 408, network interface cards (NICs) 409, and disk drives 410. The disk drives 410 may include solid state drives or hard disk drives or some combination of the two. On the hardware, the compute nodes 400 run a host operating system 405. The compute nodes 400 also include a hypervisor 404 to share and manage the hardware 406, allowing multiple different environments 401, isolated from each other, to be executed on the same physical machine 400. The hypervisor 404 may use hardware-assisted virtualization, which provides efficient and full virtualization by using virtualization-specific hardware capabilities, primarily from the host CPUs 407. Each compute node 400 includes one or more virtual machines 401 each of which includes a guest operating system 403 and one or more application programs (or applications) 402 running on the guest operating system 403.)

As per claim 7, rejection of claim 1 is incorporated:
Yang teaches wherein the pod VM agents are configured to: 
start the containers; and
report status of the containers to the pod VM controllers. ([Column 47 line 3-54], The environment 1900 can be implemented as a master-slave architecture. Stated in another way, the environment 1900 can be divided into subcomponents that manage individual nodes (such as the cAdvisor, or a single virtual machine or container) and subcomponents that are part of the control plane, such as a master 1940 (which, according to various embodiments, is a Kubernetes master) shown in FIG. 20. Turning to FIG. 20, the master 1940 includes a distributed key-value data store (or etcd) 1941, a scheduler 1942 (e.g., kube-scheduler), an API server 1943 (e.g., kube-apiserver), and a controller manager 1944 (e.g., kube-controller-manager).  The controller manager 1944 communicates with the API server 1943 to create, update, and delete the resources that are managed by the master 1940 (e.g., pods, service endpoints, and so on). The controller manager 1944 can represent the replication controller for the environment 1900.  As discussed, the environment 1900 can be divided into subcomponents that manage individual nodes, such as the node 1950 shown in FIG. 21. Turning to FIG. 21, an exemplary node 1950 is shown as including a flannel 1951, a proxy 1952 (e.g., kube-proxy), a node agent 1953 (e.g., kubelet), and a container 1954 (e.g., Docker). The node 1950 is also known as a worker or minion and is the single machine, or virtual machine, where containers are deployed. Each node 1950 in a cluster must run in the container runtime--such as the container 1954--for communication with the master 1940. The agent 1953 is responsible for running state of each node and starts, stops, and maintains application containers (organized as pods) as directed by the master 1940. The agent 1953 monitors the state of a pod and if the pod is not in a desired state, the pod will be redeployed to the same node. Once the master 1940 detects a node failure, the controller manager 1944 observes the state of chance and launches pods on other healthy nodes.  [Column 16 line 18-22], In some embodiments, the method further includes monitoring usage or performance metrics of at least one of the cluster of containers in the pod; and determining that at least one of the cluster of containers in the pod is to be moved, cloned or suspended.)

As per claims 8, 10, 11, 12.  These are host computer claims corresponding to the virtualized computing system claims 1, 2 and 5-7.  Therefore, rejected based on similar rationale.

As per claim 9, rejection of claim 8 is incorporated:
Yang teaches wherein the pod VMs includes kernels, wherein the container engines and the pod VM agents execute on the kernels, and wherein the containers share the kernels of the pod VMs. ([Column 3 line 52-67], An alternative virtualization technique can be found in container systems. Container systems provide an operating-system level virtualization in which the kernel of an operating system can allow for multiple isolated user space instances. Stated another way, a container is based on server virtualization that uses a shared operating system. Rather than virtualizing hardware and creating whole virtual machines, each with their own operating systems, containers run atop the shared operating system kernel and file system that looks and feels like a complete, isolated instance of the operating system.  [Column 1 line 42-60], For example, the principles disclosed herein may be used to resize, scale and place containers (e.g., Docker containers) or clusters of containers (e.g., pods, or container points of delivery (cPODs) discussed below), including in computer systems employing Kubernetes for cluster management.)
Kumatagi also teaches ([Paragraph 21], ] Containers share the kernel with the host operating system.)

As per claim 13, rejection of claim 8 is incorporated:
Yang teaches wherein the hypervisor includes a virtual switch, and wherein virtual network interface cards (vNICs) of the pod VMs are coupled to one or more logical networks implemented by the virtual switch. ([Fig. 4] [Column 2 line 16-30], A virtual machine operates like a physical computer and contains, for example, its own virtual (e.g., software-based) central processing unit (CPU), random access memory (RAM), hard disk storage, and network interface card (NIC).  [Column 4 line 1-13], A container system may include software abstractions to virtualize computer resources (or compute resources) which are used by applications running in the container ("containerized" applications). The container system provides means to provision containers, allocate and control the resources available to a container, deploy and execute applications in the container, and facilitate full use of the container resources by such containerized applications, while isolating them from other applications, sharing the underlying resources. When a containerized application accesses a virtualized container resource (e.g., CPU, memory, storage I/O, Network I/O), the container system maps this access to a direct access of the underlying real resource.  [Colum 18 line 62- Column 19 line 1-17], Alternatively, the server 102 may be a virtual machine with virtualized resources while the server 104 is a physical server. The containers 120, 122, 124 and 126 may be distinct containers, or replicated copies of a single container. In some embodiments, a group of containers may be clustered into a container-Point-of-Delivery (cPOD) system, to run related applications. For example, a multi-tier Web service may include a containerized Web server (shown as the application 130), a containerized application server (shown as the application 134), and a containerized database server (shown as the application 136). The Web server provided by the application 130 can maintain significant level of communications with the application server provided by the application 134. The I/O pathway between the applications 130, 134 traverses the application 130, the container 120, the container system 110, an operating system 106, a network interface card (NIC) 140, a data network 160, a NIC 142, an operating system 108, the container system 112, the container 124, and the application 134.  [Colum 29 line 26-38], For example, the containers 120 and 124 shown in FIG. 1 may need to exchange high-bandwidth latency-sensitive communications through a congested switch in the network 160. Further to the discussion above, internal I/O pathways (including at either the server 102 or the server 104) may offer higher bandwidth and lower latency, and thus result in improved performance. Therefore, according to various embodiments, such internal I/O pathways may be priced lower than I/O pathways involving, for example, multiple servers 102 and 104 and network 160.  [Colum 20 line 13-26], As shown, the software system 200 includes a platform layer 230, which provides an infrastructure to manage, for example, the I/O flows in a container system (such as the example container system environment 100 shown in FIG. 1).)
Kumatagi teaches cluster having hypervisor on each hosts. ([Paragraph 84], The container orchestration system 700 may also be referred to as a cluster (e.g., the container orchestration system 700 may correspond to a Kubernetes cluster).  [Fig. 4] [Paragraph 7], FIG. 4 illustrates a plurality of compute nodes at least one of which includes a plurality of virtual machines, according to one or more embodiments.  [Paragraph 61], As illustrated in FIG. 4, each of the compute nodes 400 includes hardware 406 that may include processors (or CPUs) 407, memory 408, network interface cards (NICs) 409, and disk drives 410. The disk drives 410 may include solid state drives or hard disk drives or some combination of the two. On the hardware, the compute nodes 400 run a host operating system 405. The compute nodes 400 also include a hypervisor 404 to share and manage the hardware 406, allowing multiple different environments 401, isolated from each other, to be executed on the same physical machine 400. The hypervisor 404 may use hardware-assisted virtualization, which provides efficient and full virtualization by using virtualization-specific hardware capabilities, primarily from the host CPUs 407. Each compute node 400 includes one or more virtual machines 401 each of which includes a guest operating system 403 and one or more application programs (or applications) 402 running on the guest operating system 403.)

As per claim 14, rejection of claim 13 is incorporated:
Yang teaches wherein the pod VM controller is coupled to a master server of the orchestration control plane through the virtual switch. ([Column 18 line 42-44], FIG. 26 is a block diagram of another exemplary master controller in the container environment of FIG. 19A.  [Column 47 line 3-54], The environment 1900 can be implemented as a master-slave architecture. Stated in another way, the environment 1900 can be divided into subcomponents that manage individual nodes (such as the cAdvisor, or a single virtual machine or container) and subcomponents that are part of the control plane, such as a master 1940 (which, according to various embodiments, is a Kubernetes master) shown in FIG. 20. Turning to FIG. 20, the master 1940 includes a distributed key-value data store (or etcd) 1941, a scheduler 1942 (e.g., kube-scheduler), an API server 1943 (e.g., kube-apiserver), and a controller manager 1944 (e.g., kube-controller-manager).  The controller manager 1944 communicates with the API server 1943 to create, update, and delete the resources that are managed by the master 1940 (e.g., pods, service endpoints, and so on). The controller manager 1944 can represent the replication controller for the environment 1900.  As discussed, the environment 1900 can be divided into subcomponents that manage individual nodes, such as the node 1950 shown in FIG. 21. Turning to FIG. 21, an exemplary node 1950 is shown as including a flannel 1951, a proxy 1952 (e.g., kube-proxy), a node agent 1953 (e.g., kubelet), and a container 1954 (e.g., Docker). The node 1950 is also known as a worker or minion and is the single machine, or virtual machine, where containers are deployed.  [Column 4 line 1-13], A container system may include software abstractions to virtualize computer resources (or compute resources) which are used by applications running in the container ("containerized" applications). The container system provides means to provision containers, allocate and control the resources available to a container, deploy and execute applications in the container, and facilitate full use of the container resources by such containerized applications, while isolating them from other applications, sharing the underlying resources. When a containerized application accesses a virtualized container resource (e.g., CPU, memory, storage I/O, Network I/O), the container system maps this access to a direct access of the underlying real resource.  [Colum 18 line 62- Column 19 line 1-17], Alternatively, the server 102 may be a virtual machine with virtualized resources while the server 104 is a physical server. The containers 120, 122, 124 and 126 may be distinct containers, or replicated copies of a single container. In some embodiments, a group of containers may be clustered into a container-Point-of-Delivery (cPOD) system, to run related applications. For example, a multi-tier Web service may include a containerized Web server (shown as the application 130), a containerized application server (shown as the application 134), and a containerized database server (shown as the application 136). The Web server provided by the application 130 can maintain significant level of communications with the application server provided by the application 134. The I/O pathway between the applications 130, 134 traverses the application 130, the container 120, the container system 110, an operating system 106, a network interface card (NIC) 140, a data network 160, a NIC 142, an operating system 108, the container system 112, the container 124, and the application 134.  [Colum 29 line 26-38], For example, the containers 120 and 124 shown in FIG. 1 may need to exchange high-bandwidth latency-sensitive communications through a congested switch in the network 160. Further to the discussion above, internal I/O pathways (including at either the server 102 or the server 104) may offer higher bandwidth and lower latency, and thus result in improved performance. Therefore, according to various embodiments, such internal I/O pathways may be priced lower than I/O pathways involving, for example, multiple servers 102 and 104 and network 160.  [Colum 20 line 13-26], As shown, the software system 200 includes a platform layer 230, which provides an infrastructure to manage, for example, the I/O flows in a container system (such as the example container system environment 100 shown in FIG. 1).)
Kumatagi also teaches ([Paragraph 15], Cloud compute resources are typically housed in large server farms that run one or more network applications, typically using a virtualized architecture wherein applications run inside a virtual server, or so-called "virtual machines" (VMs), that are mapped onto physical servers in a data center facility. The virtual machines typically run on top of a hypervisor, which is a control program that allocates physical resources to the virtual machines. Modern hypervisors often use hardware-assisted virtualization, which provides efficient and full virtualization by using virtualization-specific hardware capabilities, primarily from the host CPUs.  [Paragraph 82], In Kubernetes, Ingress is an API object that manages access to services within a Kubernetes cluster from outside the Kubernetes cluster. Access can be configured by creating a collection of rules (referred to as "routing rules") that define which inbound connections reach which Kubernetes services within the cluster. Traffic routing is controlled by the routing rules defined on an Ingress resource. Routing rules are typically consolidated into one place (referred to as an "Ingress resource"). Ingress can, for example, provide load balancing, SSL termination, and name-based routing. Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster.)

As per claims 15, 16, 17, 18 these are method claims corresponding to the virtualized computing system claims 1, 2, 3, 4.  Therefore, rejected based on similar rationale.  Yang teaches application specification data [Column 6 line 7-16].

As per claim 19, rejection of claim 15 is incorporated:
Yang teaches provisioning, based on the specification data, a persistent volume in shared storage accessible by the host cluster, the persistent volume being attached to a first pod VM of the pod VMs. ([Column 2 line 16-30], for example, its own virtual (e.g., software-based) central processing unit (CPU), random access memory (RAM), hard disk storage, and network interface card (NIC). Each virtual machine in a virtualization system generally runs its own guest operating system (OS), and the virtual machines generally share the underlying physical machine resources of the system.  [Column 46 line 44-61], The pod 1910 includes one or more containers 1920 that are guaranteed to be co-located on the host machine and can share resources. In some embodiments, each pod 1910 can be assigned a unique Internet Protocol (IP) address, which allows applications to use ports without conflict. Stated in another way, the containers 1920 of a selected pod 1920 can share the same IP address or use different ports. Furthermore, each pod 1910 can define a volume, such as a local disk directory, and expose it to containers 1920 in the pod 1910.)

As per claim 20, rejection of claim 15 is incorporated:
Yang teaches wherein the pod VMs include kernels, wherein the container engines and the pod VM agents execute on the kernels, and wherein the containers share the kernels of the pod VMs. ([Column 3 line 52-67], An alternative virtualization technique can be found in container systems. Container systems provide an operating-system level virtualization in which the kernel of an operating system can allow for multiple isolated user space instances. Stated another way, a container is based on server virtualization that uses a shared operating system. Rather than virtualizing hardware and creating whole virtual machines, each with their own operating systems, containers run atop the shared operating system kernel and file system that looks and feels like a complete, isolated instance of the operating system.  [Column 1 line 42-60], For example, the principles disclosed herein may be used to resize, scale and place containers (e.g., Docker containers) or clusters of containers (e.g., pods, or container points of delivery (cPODs) discussed below), including in computer systems employing Kubernetes for cluster management.)
Kumatagi also teaches ([Paragraph 21], Containers share the kernel with the host operating system.)

Conclusion
THIS ACTION IS MADE FINAL.  Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).  
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action.  In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action.  In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action. 
Any inquiry concerning this communication or earlier communications from the examiner should be directed to DONG U KIM whose telephone number is (571)270-1313. The examiner can normally be reached 9:00am - 5:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Emerson Puente can be reached on 5712723652. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.





/DONG U KIM/Primary Examiner, Art Unit 2196