VMware Cloud Director™ provides role-based access to a web-based Tenant Portal that enables the members of an organization to interact with the organization's resources to create and work with vApps and virtual machines (VMs).
Before you can access your organization, a VMware Cloud Directorsystem administrator or sub-provider must create the organization, assign resources to it, and provide the URL to access the Tenant Portal. Each organization includes one or more organization administrators, who finish setting up the organization by adding members and setting policies and preferences. After the organization is set up, non-administrator users can log in to create, use, and manage VMs and vApps.
Service Providers, Sub-Providers, and Tenants
VMware Cloud Director 10.6 introduces the concept of the sub-providers in addition to the service providers and tenants. A sub-provider is a tenant persona that can create tenant organizations and manage them. For more information, see Understanding the Sub-Provider Role in VMware Cloud Director.
Organizations
An organization is a unit of administration for a collection of users, groups, and computing resources. Users authenticate at the organization level, supplying credentials established by an organization administrator when the user was created or imported. System administrators create and provision organizations, while organization administrators manage organization users, groups, and catalogs.
Organizations can be managed by system administrators or by sub-providers.
Users and Groups
An organization can contain an arbitrary number of users and groups. Users can be created locally by the organization administrator or imported from a directory service. Groups must be imported from the directory service. Permissions within an organization are controlled through the assignment of rights and roles to users and groups.
Virtual Data Centers
An organization virtual data center provides resources to an organization. Virtual data centers provide an environment where virtual systems can be stored, deployed, and operated. They also provide storage for virtual CD and DVD media. An organization can have multiple virtual data centers.
Organization Virtual Data Center Networks
An organization virtual data center network is contained within a VMware Cloud Director organization virtual data center and is available to all the vApps in the organization. An organization virtual data center network allows vApps within an organization to communicate with each other. An organization virtual data center network can be connected to an external network or isolated and internal to the organization. Only system administrators can create organization virtual data center networks, but organization administrators can manage organization virtual data center networks, including the network services they provide.
vApp Networks
A vApp network is contained within a vApp and allows virtual machines in the vApp to communicate with each other. You can connect a vApp network to an organization virtual data center network to allow the vApp to communicate with other vApps in the organization and outside of the organization, if the organization virtual data center network is connected to an external network.
Catalogs
Organizations use catalogs to store vApp templates and media files. The members of an organization that have access to a catalog can use its vApp templates and media files to create their own vApps. Organization administrators can copy items from public catalogs to their organization catalog.
Dedicated vCenter Instances (SDDCs) and Proxies
A Software-Defined Data Center (SDDC) encapsulates an entire vCenter environment. A dedicated vCenter instance can include one or more proxies that provide access to different components from the underlying environment. The system administrator can publish one or more dedicated vCenter instances to your organization. You can use the containing proxies to access the UI or API of the proxied components.