The diagram in the Scope section of this use case shows how the fully integrated VMware Integrated OpenStack Compute Node, Project and Tenant vDC, and NSX-T Data Center segments, and Tier-1 gateways can be leveraged to provide a multitenant environment for VNF deployment. The Edge Pod hosts the NSX-T Data Center Tier-0 gateways that are used as provider routers for external network connectivity. The NSX Manager is used to provision the Tier-0 gateways, while other networking components can be created by using VMware Integrated OpenStack.

The VMware Integrated OpenStack Projects and Tenant vDC represent tenants.

The CSP maps a vSphere compute cluster to a VMware Integrated OpenStack compute node, then for each tenant the CSP allocates and reserves resources by using the VMware Integrated OpenStack Tenant-based constructs. Every Tenant vDC is associated with a resource pool within the compute cluster for resource guarantee.

The separation of network access between VMware Integrated OpenStack projects is important for multitenancy. VMware Integrated OpenStack integrates with the NSX Manager to create isolated layer 2 tenant networks. NSX-T Data Center Tier-1 gateways allow tenants to route traffic between their tenant networks that are created by using the VMware Integrated OpenStack user interface.

The integrated design further helps the VMware Integrated OpenStack admin to create external IP networks for each project. Each tenant admin then attaches this network on a Tier-1 gateway by using SNAT to hide internal tenant networks. The external network on each project auto connects to a Tier-0 gateway on a separate network path then Tier-0 gateways connect to the external physical network. This design choice restricts the access of the tenant admin to the Tier-1 gateway and creates easy connectivity to the provider router to carry tenant traffic without manual steps.