Description:
As part of our use case, we have multiple subtenants created with a dedicated VMware cloud assigned. The current problem what we are facing is the vcenter network object created by Tenant A will get auto assigned to tenant B as part of cloud sync.
In our case, we have shared infra across all the tenants. So it would be good if Morpheus can create a check box kind of solution to disable auto tenant assignment for the VMware cloud objects.
Backend infra
Network service NSX-T 4.1.2 and Vmware cloud
Create Tenant A and Tenant B from Morpheus master user
Onboard cloud_user1 to tenant A and cloud_User2 to tenant B
Login as tenant A user and create network port group
Observation: Since the backend infra was shared between Tenant A and Tenant B, The network which created by Tenant A will get show to tenant B as part of Tenant B cloud sync.
When a user creates the network in Tenant A, I believe if you have ‘Network Active’ unchecked I believe this will inventory as disabled to the other tenants (though I don’t have an NSX-T in my environment to test atm).
I tested this in my lab and the Folder Active option does not seem to affect NSX-T segments yet. I put in a n internal request around this. Since NSX-T is a separate integration, it may be separate config that will be coming on that integration.
@KP_Jinu_Prabhakar, have you looked into using NSX projects? There would be some extra overhead from an administration standpoint since the connection between an NSX-T integration and vCenter cloud is 1 to 1. But you could then grant the subtenants access at a project level to their own set of resources.
Hi, Though NSX-T is a separate integration in Morpheus, backend we have same VMware cloud for the tenants. The user created NSX segments will create as a port group in VMware and get synced to Morpheus as part of Cloud sync.
I assume by disabling network inventory at cloud level should take care the new network discovery from VMware to other tenants which are associated to the same VMware cloud.
