The VNF onboarding process for the vCloud NFV three-pod design is identical to the process described for two-pod design in the VNF Onboarding section of this document. This section describes the differences between the two onboarding processes.

The CSP network administrator provisions and configures both the East-West and North-South networks required by a VNF as vCloud Director external networks. The tenant administrators create OvDC networks connected directly to these external networks.

Figure 1. VNF Onboarding in a Three-Pod Design

VNF Onboarding Three-Pod Design

These are the steps for VNF onboarding in a vCloud NFV three-pod design:

  1. The OVF package of a VNF is imported directly into the vCloud Director catalog.
  2. Tenant administrators deploy VNFs from the available templates in the self-service catalog, or from the available VNF templates in the global CSP catalog.
  3. Tenant administrators deploy VNFs and connect these to the appropriate networks created by the CSP network administrator to complete the VNF network topology.
Figure 2. VNF Networking in a Three-Pod Design

VNF Networking in a Three-Pod Design

VNFs require management access to establish the necessary network connectivity, for example between a VNFM deployed in the Resource pod and an NFVO deployed in the Management pod. Components in the Management pod are connected to the management network VLAN. This VLAN is trunked to the hosts in the Edge pod where the physical NICs are assigned as uplinks to a VDS. The CSP provisions a logical switch connected to an NSX Edge instance to extend the management network to vCloud Director. The NSX Edge instance performs the role of a VXLAN to VLAN bridge, to provide edge services such as NAT and a stateful firewall for security.

Implementation of East-West connectivity between VNFCs in the same OvDC, and connectivity between VNFs in two different OvDCs belonging to the same organization, is identical. This is because organization networks are accessible by all OvDCs within the organization. Such organization networks are connected to vCloud Director external networks mapped to logical switches and provisioned by the CSP.

The North-South network is also a vCloud Director external network mapped to a logical switch. It is connected to the telecommunications network through an NSX for vSphere ESG. The ESG can be configured with edge services such as NAT, VPN, and firewall, in addition to its role as a router.

The three-pod design offers all the cluster high availability capabilities described in the VNF Onboarding section of this document, such as vSphere Fault Tolerance, vSphere HA, and Orchestrated HA.