I'm designing a vCloud environment and am wondering if the I can have vCloud Cells in different networks. The case is that we have a (number of) management VLANs in which the workstations of the admins are running and the ESXi hosts and vCenter Server. There also are a bunch of customer VLANs in which the workstation of the vCloud customers are running and vApps will have access to these VLANs. There is no routing between customer VLANs and Management VLANs.
Now, if I put a Cell in the customer VLANs with the HTTP and ConsoleProxy IP and add a third nic (with proper routing) to the management VLAN, I enable vCloud for the customers, but the admins won't be able to access the vCloud. When I put in a second cell with only connections to the management VLAN, the admins can access this cell.
(See attached image)
Or is the only proper solution to put all nics of the cells in the management VLAN and have the admins connect to it directly and put a proxy/firewall in there and have the customers connect through that?
You could use something like a load balancer/bridge device that crosses over the two vlans in question. This way the cells are all on the same management vlan - but the users, and user traffic gets controlled though the bridge device. This would get the goal done, but the middle would look a little different.
I think you jsut route your all VLAN including management VLAN.
Whne you connect third NIC then you network going to difrent network and not able to connect vCloud. You hae to make sure that you can ping your vCloud
server IP address.