implementing NSX. – business wants to be Amazon-like. Do more with less. Abstract, Pool,Automation is key. Across compute networking and storage.
Both need access to same environment. how?
RBAC, integration with AD groups
Modify existing role for network admins and server admins are administrator
1. restrict per DVS. NSX groups for Network Admins. VMkernels, system traffic, etc for Server admins.
> network folder, modify permissions,
2. RBAC with a single DVS (preferred methode)
> just give read-only on a portgroup level to network admins. (like vmotion, mgmt, nfs, etc)
On a VM level, RBAC on VM’s. Network admins get access on Folder level (F5, LB, NSX). Server admin get no access/read-only