Typically, networking and security requirements in virtualized datacenters may vary based on workloads. For example, workloads acting as servers may require different policy configuration than workloads running test machines and/or non-production workloads.
Existing workload grouping techniques for workloads based their networking and security requirements in the virtualized datacenters are very restrictive and non-intuitive. Further, existing workload grouping techniques are based on using resource pools, datacenters, clusters, portgroups and the like, which are based on location of VMs in virtual datacenter. Generally, to address this network and system administrators end up categorizing workloads based on their policy requirements in physical or compute centric buckets for providing the desired networking and security services in the virtualized datacenters. For example, network and system administrators would end up running demilitarized zone (DMZ) host machines on a separate physical cluster than other clusters or service providers using different resource pools for different tenants and so on.
Further, such grouping techniques results in inefficient resource sharing and/or virtualization in virtualized datacenters.