In the last blog post, we reviewed necessitated Network Isolation. In this blog post, we will review additional developments introduced in VCD release 10.2.2 for Tanzu Integration. VMware Cloud Director uses Server Management Endpoint to Connect to vCenter Supervisor Cluster instead of Cluster Endpoint. This change improves the isolation of the Vmware Cloud Director appliance’s management from the customer workload network.
The Cluster Endpoint on the vSphere Supervisor cluster uses Ingress Network to access the workload clusters, whereas Server Management Endpoint IP uses Management Network on the vSphere Supervisor cluster. This isolation further secures customer workloads, as provider and customer use separate endpoints and SSL certificates. Figure-1 showcases the different management endpoints in the vCenter Server. The provider experience of setting up the VCD for Tanzu K8s remains similar.