VMware Cloud Director derives its resources from an underlying vSphere virtual infrastructure. After you register vSphere resources in VMware Cloud Director, you can allocate these resources for organizations within the vSphere installation to use.

VMware Cloud Director uses one or more vCenter Server environments to back its virtual data centers. Starting with version 9.7, VMware Cloud Director can also use a vCenter Server environment to encapsulate an SDDC with one or more proxies. You can enable tenants to use these proxies as access points to the underlying vSphere environment from VMware Cloud Director with their VMware Cloud Director accounts.

Before you can use a vCenter Server instance in VMware Cloud Director, you must attach this vCenter Server instance.

When you create a provider virtual data center backed by an attached vCenter Server instance, this vCenter Server instance appears as published to a service provider, also called provider scoped. For information about creating a provider virtual data center, see Create a Provider Virtual Data Center.

When you create an SDDC that encapsulates an attached vCenter Server instance, you dedicated the vCenter Server to a tenant. This vCenter Server instance appears as published to a tenant, also called tenant scoped. For information about creating an SDDC, see Managing Dedicated vCenter Server Instances.

Note: By default, with an attached vCenter Server instance, you can create either a provider VDC or a dedicated vCenter Server instance. If you created a provider VDC backed by an vCenter Server instance, you cannot use this vCenter Server instance to create a dedicated vCenter Server instance, and the reverse.

Centralized SSL Management

Starting with version 10.1, VMware Cloud Director is moving to a centralized, tenant-aware storage area for certificate management. This way, VMware Cloud Director centralizes all certificates in one place so that system administrators and organization administrators can view, audit, and manage all certificates in use by various components in the system. You can use the VMware Cloud Director API to add, update, or remove certificates from the new tenant-aware storage area. See VMware Cloud Director API Schema Reference.

When adding or editing a new vCenter Server instance, NSX Manager instance, or NSX-T Manager instance, the VMware Cloud Director UI probes that endpoint for any certificates it is presenting. VMware Cloud Director adds to a centralized certificate storage area any certificate you decide to trust.