VMware Cloud Director derives its resources from an underlying virtual infrastructure. After you register vSphere resources in VMware Cloud Director, you can allocate these resources for organizations to use.

VMware Cloud Director uses one or more vCenter Server environments to back its virtual data centers.

VMware Cloud Director can also use a vCenter Server environment to encapsulate an SDDC with one or more proxies. You can enable tenants to use these proxies as access points to the underlying vSphere environment from VMware Cloud Director with their VMware Cloud Director accounts.

Before you can use a vCenter Server instance in VMware Cloud Director, you must attach this vCenter Server instance.

Note: VMware recommends that VMware Cloud Director manages a vCenter Server instance exclusively. When you use a vCenter Server instance for VMware Cloud Director and other purposes, a vCenter Server administrator might accidentally move VMware Cloud Director resources. This can cause VMware Cloud Director to operate incorrectly, including losing virtual machines that VMware Cloud Director manages.

When you create a provider virtual data center backed by an attached vCenter Server instance, this vCenter Server instance appears as published to a service provider, also called provider scoped. For information about creating a provider virtual data center, see Create a Provider Virtual Data Center.

When you create an SDDC that encapsulates an attached vCenter Server instance, you dedicated the vCenter Server to a tenant. This vCenter Server instance appears as published to a tenant, also called tenant scoped. For information about creating an SDDC, see Managing Dedicated vCenter Server Instances.

Note: By default, with an attached vCenter Server instance, you can create either a provider VDC or a dedicated vCenter Server instance. If you created a provider VDC backed by an vCenter Server instance, you cannot use this vCenter Server instance to create a dedicated vCenter Server instance, and the reverse.

Centralized SSL Management

Starting with version 10.1, VMware Cloud Director is moving to a centralized, tenant-aware storage area for certificate management. This way, VMware Cloud Director centralizes all certificates in one place so that system administrators and organization administrators can view, audit, and manage all certificates in use by various components in the system. You can use the VMware Cloud Director API to add, update, or remove certificates from the new tenant-aware storage area. See VMware Cloud Director API Schema Reference.

When adding or editing a new vCenter Server instance, NSX Manager instance, or NSX Manager instance, the VMware Cloud Director UI probes that endpoint for any certificates it is presenting. VMware Cloud Director adds to a centralized certificate storage area any certificate you decide to trust.