vCloud Director provides the abstraction layers for secure multitenancy in a three-pod design, much in the same way as in a two-pod design. Pool resources are divided among tenants by leveraging the abstraction layer of the PvDC and OvDC. In a three-pod design, the CSP must manage the networking separation between tenants, as described in this section of the document.

CSPs must ensure that when edge functions are deployed in the Edge pod, resources are allocated per tenant. This is done by ensuring that when OvDCs are provisioned by vCloud Director in the Resource pod, the CSP creates a corresponding vSphere resource pool in the Edge pod. This edge resource pool allows the CSP to set compute resource reservations and limits for the edge devices that serve an OvDC.

Network profiles are used by CSPs to set bandwidth limits for each North-South network to ensure fair allocation of physical network resources to the tenant edge services. This allows multiple edge services to coexist in the same edge cluster and share the same physical NICs.