Table of Contents | ||
---|---|---|
|
...
Panel | ||
---|---|---|
| ||
This page describes how to set enterprise policies at the tenant level. |
...
Set allocation limits for an enterprise to control resource usage
...
To control the use of resources, you can create allocation limits for
an enterprise
an enterprise in a cloud provider
an enterprise
...
in a datacenter or public cloud region
virtual datacenters
...
To set limits for datastore tiers across more than one cloud location, create Abstract datastore tiers. See About abstract datastore tiers and Manage datastore service levels with datastore tiers .
...
The platform will use these limits to decide if a user can deploy or reconfigure VMs or obtain more resources.
Info |
---|
|
When a user exceeds (or tries to exceed) the limits, the platform displays messages and creates events. The administrator can display limits on the platform dashboards and they can help to forecast resource demand.
If a user tries to exceed the hard limits for resources that are checked during configuration, the platform displays an error.
Screenshot: Hard limit exceeded
...
And the platform also generates event messages for the user and the administrator. See Events table in the “Workload” section.
The platform optionally displays allocation limits on the dashboard for users with the appropriate privileges. It marks soft limits in orange and hard limits in red.
...
It can also display the enterprise usage and enterprise limits for Abstract datastore tiers, which are platform-wide storage service levels.
...
To set enterprise allocation limits:
Go to Users → edit an enterprise
Go to Allocation limits
Complete the dialog.
...
Info |
---|
Allocation limit validation
|
In public cloud regions, the platform does not use repository (catalogue) features or limits.
Limit | Checked at | Description |
---|---|---|
Memory | Deployment | Total amount of RAM that may be used by VMs including hardware profiles assigned to VMs |
Virtual CPUs | Deployment | Total number of virtual CPU cores that may be used by VMs including hardware profiles assigned to VMs |
Local hard disk | Deployment | Total size of hard disk that may be used by VMs on hypervisor datastores and in public cloud providers |
External storage | Configuration | Total size of external storage that may be assigned to VMs |
VLANs | Configuration | Total number of private VLANs that may be defined. Note that a private VLAN is automatically created for every VDC, so this limit may restrict the number of VDCs that users can create |
Public /floating/NAT IPs | Configuration | Total number of public IPs, floating IPs (in public cloud), and NAT IPs that may be used |
Repository | Operations | Total size of NFS Repository space that may be used for the Catalogue including templates and instances (but not conversions). See Manage the datacenter catalogue? |
Virtual machines | Deployment | Total number of VMs that users can deploy in the location using their allowed resources |
DR protected virtual machines | Operations | Total number of VMs that users can protect with disaster recovery protection. |
...
Set a default role to limit tenant access to VDCs in a location
...
To give users different levels of access to virtual datacenters (VDCs) in specific providers or datacenters, administrators can assign a default role (with fewer privileges than user roles) for all VDCs in a location.
So this is a default value for the VDC role that you can set when you create or edit a VDC, that the administrator can later edit.
To control access for users of a tenant in a provider or cloud location
...
with a default role:
Go to Users → create or edit an enterprise → Datacenters → edit a provider or an allowed location → Defaults
Select a default Role
Continue configuring the provider or location or click Accept
At the provider level, the platform will copy the default role to all provider regions. The default role for a region will apply to all new virtual datacenters in the region.
Panel | ||
---|---|---|
| ||
Privileges: Manage enterprise datacenter default roles, No VDC restriction |
...
Users with the Manage roles and No VDC restriction privileges can then edit the role for the virtual datacenter and define exceptions. See Manage virtual datacenters .
Note |
---|
Troubleshooting VDC creation The platform may prevent a user from creating a VDC (even when they have the Manage virtual datacenters privilege) if they will not have enough privileges to work with resources in the VDC. This can occur if a restrictive default role will apply to the user. The default role applies to users without the
|
...
Reserve physical machines for a tenant and restrict deployments
...
For a datacenter, you can reserve physical machines for a
...
single enterprise and restrict deployments
...
.
Panel | ||
---|---|---|
| ||
Privileges: Manage enterprise reserved servers |
Before you begin:
Check that the physical machine is not already reserved or running VMs deployed by a different enterprise.
To reserve physical machines for an enterprise:
Go to Users → edit enterprise → Reservations
The platform will display a list of Available servers (Physical Machines) that are in the enterprise's Allowed datacenters. (See Manage enterprises in the section Allow a tenant to access datacenters and cloud providers).
Select the physical machine(s) in their Datacenter/Rack and drag them into the Reserved servers list
To restrict the enterprise so that it may only deploy on the physical machines reserved for it (and not on any others)
Mark the checkbox to Only use 'Reserved Servers'
...
...