In VMware Cloud Foundation, you use NSX-T Data Center for connecting the management workloads by using virtual network segments and routing. You also create constructs for solutions that are deployed for a single VMware Cloud Foundation instance or are available across multiple VMware Cloud Foundation instances. These constructs isolate the solutions from the rest of the network, providing routing to the data center and load balancing.
NSX Federation
You use NSX Federation to propagate configurations that span multiple NSX instances in a single VMware Cloud Foundation instance or across multiple VMware Cloud Foundation instances. You can stretch overlay segments, activate failover of segment ingress and egress traffic between VMware Cloud Foundation instances, and implement a unified firewall configuration.
In the management domain in a deployment with multiple VMware Cloud Foundation instances, you use NSX-T Data Center to provide cross-instance services to SDDC management components which do not have native support for availability at several locations, such as vRealize Automation and vRealize Operations Manager.
In a management domain, use NSX Federation only to connect to the management domains of other VMware Cloud Foundation instances. Avoid connecting a management domain with VI workload domains in a single NSX Federation instance. A separate federation for management provides the following benefits:
Limits the version dependencies between the management domain and VI workload domains.
Ensure that the maximum number of VI workload domains can be federated.
Introduces continued administrative isolation between the management domain and VI workload domains.
If you do not plan to use any management components which require NSX Federation for availability in an environment with multiple VMware Cloud Foundation instances, consider this design extension optional.
NSX Manager
NSX Manager provides the user interface and the RESTful API for creating, configuring, and monitoring NSX-T Data Center components, such as segments, and Tier-0 and Tier-1 gateways.
In a deployment using NSX Federation, such as an SDDC with multiple VMware Cloud Foundation instances, NSX Manager is called NSX Local Manager.
NSX Global Manager
NSX Global Manager is part of deployments with multiple VMware Cloud Foundation instances where NSX Federation is required. NSX Global Manager can connect multiple NSX Local Manager instances under a single global management plane.
NSX Global Manager provides the user interface and the RESTful API for creating, configuring, and monitoring NSX global objects, such as global virtual network segments, and global Tier-0 and Tier-1 gateways.
Connected NSX Local Manager instances create the global objects on the underlying software-defined network that you define from NSX Global Manager. An NSX Local Manager instance directly communicates with other NSX Local Manager instances to synchronize configuration and state needed to implement a global policy.
NSX Global Manager is a deployment-time role that you assign to an NSX Manager appliance.
NSX Edge Nodes
An NSX Edge node is a special type of transport node which contains service router components.
NSX Edge nodes provide north-south traffic connectivity between the physical data center networks and the NSX SDN networks. Each NSX Edge node has multiple interfaces where traffic flows.
You also use the NSX Edge nodes in east-west traffic flow between virtualized workloads. They provide stateful services such as load balancers and DHCP. In a deployment with multiple VMware Cloud Foundation instances, east-west traffic between the VMware Cloud Foundation instances flows through the NSX Edge nodes too.