You must be a system administrator to create an external network, a directly connected organization VDC network, a network pool, or an Edge Gateway. An organization administrator can create and modify routed and isolated organization VDC networks, and any user who has vApp Author rights can create and modify a vApp network.
A vApp network is a logical network that controls how the virtual machines in a vApp connect to each other and to organization VDC networks. Users can create and update vApp networks and connect them to organization VDC networks. See About vApp Networks.
An organization VDC network allows virtual machines in the organization VDC to communicate with each other and to access other networks, including organization VDC networks and external networks, either directly or through an Edge Gateway that can provide firewall and NAT services.
For information about using the vCloud OpenAPI, see Getting Started with vCloud OpenAPI at https://code.vmware.com.
Most types of organization VDC networks do not provide any network services. Isolated organization VDC networks can specify a DhcpPoolService, which provides DHCP addresses from several pools of IP address ranges. All other services, such as NAT, firewall, and load balancing, are configured by a system administrator on the Edge Gateway to which the network connects.
By default, only virtual machines in the organization VDC that contains the network can use it. When you create an organization VDC network, you can specify that it is shared. A shared organization VDC network can be used by all virtual machines in the organization.
An Edge Gateway is a virtual router for organization VDC networks. You must be a system administrator to create an Edge Gateway.
vCloud Director supports IPv4 and IPv6 Edge Gateways.
An Edge Gateway can provide any of the following services, defined in the GatewayFeatures element of the Edge Gateway's Configuration.
Specifies firewall rules that, when matched, block or allow incoming or outgoing network traffic. See Firewall Service Configurations. | |
Provides DHCP services to virtual machines on the network. A variant of this service, DhcpService, is intended to provide DHCP services in vApp networks. See Gateway DHCP Service Configurations. | |
Distributes incoming requests across a set of servers. See Load Balancer Service Configurations. | |
Specifies static routes to other networks. See Static Routing Service Configurations. |
For an example of adding services to an Edge Gateway, see Configure Edge Gateway Services. For more information about any of these services, see the vShield Administration Guide.
External networks and network pools are vSphere resources backed by vSphere portgroup, VLAN, or DVswitch objects. A system administrator must create them, as described in Create an External Network and Create a Network Pool. As a system administrator, you must supply a reference to an external network when you create an Edge Gateway. An organization VDC must include a reference to a network pool or it will not be able to able to contain routed or isolated networks. See Retrieve a List of External Networks and Network Pools