By leveraging the enhanced tenant capabilities of vCloud Director, VMware vCloud NFV 2.0 facilitates combining the edge and resource functionality into a single, collapsed pod. In combination, a smaller footprint design is possible. CSPs can use a two-pod design to gain operational experience with vCloud NFV. As demand grows, they scale up and scale out within the two-pod construct.

Figure 5 shows a typical two-pod design with all management functions centrally located within the Management pod. Edge and resource functions are combined into the collapsed Edge / Resource pod. During initial deployment, two clusters of ESXi hosts are used: one for the Management pod, and the other for the collapsed Edge / Resource pod. Additional clusters can be added to each pod as the infrastructure is scaled up.

Figure 1. Two-Pod Design Overview


Two-pod design overview

Within the Management pod, a set of components is deployed to manage the pod itself. These components include an instance of vCenter Server Appliance, Platform Services Controllers (PSCs), and an instance of NSX Manager. A 1:1 relationship is required between NSX Manager and vCenter Server. Ancillary components necessary for the healthy operation of the platform, such as Label Distribution Protocol (LDP) and Domain Name System (DNS), are also deployed in the Management pod. The tenant-facing Virtualized Infrastructure Manager (VIM) component, vCloud Director, is located in the Management pod, and is connected to the vCenter Server and NSX Manager responsible for the Edge / Resource pod.

Also within the management pod, a separate instance of vCenter Server is deployed to manage the Edge/Resource pod, which uses its own PSCs. Likewise, a separate NSX Manager is deployed to maintain the 1:1 relatioship to the vCenter Server. The Edge / Resource pod hosts all edge functions, VNFs, and VNFMs. The edge functions in the pod are NSX ESGs used to route traffic between different tenants and to provide North-South connectivity.

Since both edge functions and VNF functions are combined in a single pod, resource utilization of this pod must be carefully monitored. For example, an increase in the number of tenants will inevitably expand the number of edge resources used. The Operations Management design section of this document discusses the approach to resource capacity management for this case. When resources are limited, Edge / Resource pod scale up operations must be carefully coordinated.

The vCloud Director layer of abstraction, and the ability to partition resources in vSphere, facilitate an important aspect of a shared NFV environment: secure multitenancy. Secure multitenancy ensures that more than one consumer of the shared NFV platform can coexist on the same physical infrastructure, without an awareness of, ability to influence, or ability to harm one another. With secure multitenancy resources are over-subscribed, yet fairly shared and guaranteed as necessary. This is the bedrock of the NFV business case. Implementation of secure multitenancy is described in the Secure Multitenancy section of this document. Tenants using the two-pod based NFV environment are able to configure their own virtual networking functionality and autonomously prepare VNFs for service usage.