Organization, Organization vDC and Provider vDC
In vCloud director organization is the authentication and security boundary. Authentication boundary can be controlled using LDAP. LDAP could be internal or could be external. Security comes using Role Based Access Control (RBAC) in built in vCloud director. RBAC model can used to control who can manage organization i.e. organization Admin and who can deploy vApps.
In another analogy organization can be seen as business unit if you are considering it as private cloud and complete new company if it is public cloud. In below example you can think HR, Marketing and Sales as business Unit. They represent Organization in vCloud director. Here authentication boundary will be e.g. using AD and security will be controlled assigning role for the groups created groups in AD for each organization
Example HRUsers, HRAdmins, HRvApp Onwner will be groups in AD and then these groups can be provided appropriate permissions to the Role defined/customized in vCloud director.
Provider vDC is IT organization if we look at it from private cloud perspective. But it can be provider(VMware, Savvis, CSCS) if we look them from public cloud perspective. Provider vDC provides resource to organization. These resources are Computer (vSphere host), Storage (SDRS) and Network.
Creating organization is first step but organization is simply a boundary. We need to populate resources in to the organization which can be consumed by the organization or business unit. These resources are carved out from Provider vDC. This carving of resource ends up in creating organization vDC. Organization can have more than one Organization vDC. You might need more than one organization vDC if you have different environments within organization. example –> HR might have development workload, Production workload, QA workload. Based on the requirements you can have more than one vDC. These organization vDC can be separated/secured from each other using various networking tricks available in vCloud. However you must understand to create more than one vDC, more than one Provider vDC must be available. Following diagrams depicts Provider vDC has three different clusters GOLD,SILVER and BRONZE and these are carved into Organization vDC according to its needs
More detailed explanation will follow in up coming blogs about what is GOLD, BRONZE and SILVER and how they reflect in Organization vDC.