VMware vCloud Director - Networking
While going through vCloud Director(vCD), VMware's private Cloud solution, I came across the networking, it took me some time to grasp the concepts behind it. This blog talks about the types of network in vCD.
vCloud Director provides an abstraction over the compute, network and storage resource of vSphere layers. From a networking stand point vSphere virtualizes the physical networking devices (Switches and Network Interface Card) as vNetwork Standard switches/portgroups and/or vNetwork Distributed switches/dvPortGroups. vCD further abstracts this to different layers named
· External Network
· Organization Network
· Vapp Network
External networks provide external connectivity to vCloud Director and commonly it's an Internet connection. These are created and managed by vCD administrators. Another usecase I can think of is VPN connection to a public cloud or company network.
An organization in vCD is logical entity which represents a group of users. It can be different enterprises or various departments within an enterprise (Finance, marketing etc). An organization will have Vapps which is nothing but a grouping of related virtual machine managed as a single entity. Vapps provide features like starting the virtual machine in particular order and doing operations as single entity.
Organization network provides the communication between Vapps and also provide connectivity to external networks. Based on the connectivity organization networks can be classified as
· Direct connection where organization network is directly bridged to external network.
· Routed connection where connectivity to external network is through a vShield Edge device which provide features like NAT, firewall and DHCP.
· Isolated connection where there is no connectivity to external network
Vapp Network defines how communication happens between virtual machines in a Vapp and the connectivity to organization networks. Like organization networks Vapp networks are also classified into three based on the connectivity to organization networks.
· Direct connection where Vapp network is directly bridged to an organization network.
· Routed connection where connectivity to organization network is through a vShield Edge device which provide features like NAT, firewall and DHCP.
· Isolated connection where there is no connectivity to organization network.
A typical scenario to explain these network types is of J2EE application as a Vapp. Various modules like Web Server Virtual machine, Application Server virtual machine and Database server will be part of a Vapp and only Web server needs to talk to the internet. The below diagram shows this network types and their interaction.