Cloud Director Concepts and Terms
Before attempting to create a DKP cluster in VMware Cloud Director(VCD), we recommend taking time to familiarize yourself with the following concepts and related terminology.
VMware Cloud Director Concepts
The VMware Cloud Director is based on the following concepts:
Provider: Service Provider(SP) that administrates the data centers and provisions virtual infrastructure for Organizations(tenants).
Organizations (Tenants): A unit of administration for users, groups, and computing resources. Tenant users are managed at the Organization level.
System Administrators: This role exists only in the Provider organization (SP) and can create and provision tenant Organizations in the Service Provider as well as the Organization portal. By default, the System Administrator role has all VMware Cloud Director rights.
Organization Administrators: This role creates users, groups, and service catalogs. Tenant Organization Administrator is a predefined role that can use the VCD tenant portal to manage users in their Organization and assign them roles.
Rights: Each right provides view or manage access to a particular object type in VCD. Also see: https://docs.vmware.com/en/VMware-Cloud-Director/10.3/VMware-Cloud-Director-Service-Provider-Admin-Portal-Guide/GUID-816FBBBC-2CDA-4B1D-9B1A-C22BC31B46F2.html
Rights Bundle: A collection of rights for the Organization as a whole.
Roles: A role is a set of rights that is assignable to one or more users and groups. When you create or import a user or group, you must assign it a role. Also see: https://docs.vmware.com/en/VMware-Cloud-Director/10.3/VMware-Cloud-Director-Service-Provider-Admin-Portal-Guide/GUID-816FBBBC-2CDA-4B1D-9B1A-C22BC31B46F2.html mentioned above or the section in DKP documentation: Cloud Director Roles, Rights and Rights Bundles
Users and Groups: Administrators can create users manually, programmatically, or integrate with a directory service like LDAP to import user accounts and user groups at scale.
Virtual Data Centers (VDC): An isolated environment provided to a cloud user, in which they can provision resources, deploy, store and operate applications.
Organization VMware Cloud Director Networks: Similar to the Amazon concept of Virtual Private Cloud, a VMware Cloud Director network is available only to a specific VMware Cloud Director and available to all vApps in the Organization. It can be connected to external networks as needed.
vApp Networks: Similar to the concept of a subnet, a vApp network is an isolated network within a VMware Cloud Director network that allows specific vApps to communicate with each other.
vApp: One or more virtual machines(VMs) that come preconfigured to provide a specific type of cloud service. vApp is a virtual app that defines compute, storage and networking metadata.
Media Files and Catalogs: VMware Cloud Director organizes deployable resources via media files. These are virtual machine and vApp templates (machine images) that can be used as a sort of initial boot program for a VM. The Organization Administrator organizes these files into catalogs, allowing users within the Organization to provision the resources they need.
Storage Profiles: VCD concept to organize storage (ex. Gold, Platinum)
NSXT gateway: A Logical Router configured in a traditional hardware switch. Gateways are used to provide connectivity to external networks and between different logical networks.
Tier-0 Gateway: The Tier-0 gateway provides connectivity to external networks, using static routes or BGP. The Tier-0 gateway is primarily in charge of handling the North-South traffic between the virtualized environment and the external physical network.
Tier-1 Gateway: The Tier-1 Gateway acts as a tenant router. The Tier-1 gateway is optimized for East-West traffic.
Edge Gateway: A gateway that provides a VDC with connectivity and other features. It can provide NAT, firewall and other network features.
Provider Gateway: A logical gateway representing Tier-0 gateway and managed by the SP.
Organization Edge Gateway: An organization specific gateway in the Provider Gateway. They are created using network segments in the provider Gateway.