2. vCloud Consumption Approach : 2.1 vCloud Consumer Resources
   
2.1 vCloud Consumer Resources
vCloud consumer resources are provided by a VMware vSphere infrastructure dedicated to hosting vCloud workloads. VMware vCloud Director™ builds on vSphere hardware abstraction capabilities and introduces logical constructs, such as virtual datacenters, organizations, and organization networks, to facilitate multitenant resource consumption.
Figure 1 shows the logical constructs in vCloud Director and how an organization or end user views the vCloud environment and its related constructs.
Figure 1. Mapping vCloud Director Logical Constructs to vSphere

Table 1 describes the logical constructs in vCloud Director that abstract underlying vSphere resources.
Table 1. vCloud Director Logical Constructs, as Viewed by an Organization
vCloud Director Construct
Description
Organization
A unit of administration that represents a logical collection of users, groups, and computing resources. The organization also serves as a security boundary from which only users of a particular organization can deploy workloads and have visibility into deployed workloads in the vCloud.
Provider virtual datacenter
A collection of vSphere resources, such as CPU, memory, and storage, shared among tenants. This collection is usually based on business requirements.
Organization virtual datacenter
A subset of provider virtual datacenter resources assigned to an organization and backed by a VMware vCenter™ resource pool that is automatically created by vCloud Director. An organization virtual datacenter allocates resources using one of the following models:
*Pay-as-you-go
*Allocation pool
*Reservation pool
vApp template and media catalogs
A collection of services available for consumption. Catalogs contain vApp templates (pre-configured containers of one or more virtual machines), media (ISO images of operating systems), or both.
Network pool
A set of pre-allocated networking resources that vCloud Director can draw from as needed to create virtual networks.
Internal and external organization networks
Organization networks are virtual networks that provide an organization with vApp network connectivity.
Internal organization networks are isolated networks used for connectivity between vApps within the organization. External organization networks provide connectivity outside the organization by connecting to an existing external network, using either a direct connection or a connection routed using network address translation (NAT).
Administrators can create and manage organization networks, but there are limits to what an organization administrator is permitted to configure. Only system administrators can create external networks.
vApp network
Virtual network contained within a vApp that facilitates network connectivity between virtual machines in the vApp. vApp networks can be connected to an organization network with a direct, NAT-routed, or fenced connection to enable communication with other vApps inside or outside the organization, if the organization network is connected to an external network. vApp networks are backed by network pools.
Most users with access to a vApp can create and manage their own vApp networks.