Defining services for virtual interfaces of workloads

We claim: 1. A method of deploying network elements for a set of machines in a set of one or more datacenters automatically and without user intervention, the method comprising: defining, by a network controller plug-in (NCP), a different virtual interface (VIF) for each of a plurality of virtual machines (VMs) and a plurality of Pods executing on a plurality of host computers along with a plurality of software switches, wherein each pod comprises a set of containers; allocating, by the NCP, a different network address for each VIF; assigning, by the NCP, each network address to the VIF for which the network address was allocated; and associating, by the NCP, each VIF with a different port of a software switch executing on a host computer of the plurality of host computers that executes the VIF's associated virtual machine or Pod, wherein at least one particular virtual machine of the plurality of virtual machines and at least one particular Pod of the plurality of Pods execute on one particular host computer of the plurality of host computers and have their respective VIFs associated with two ports of a same software switch that executes on the particular host computer along with the particular virtual machine and the particular Pod. 2. The method of claim 1 , wherein the plurality of software switches implements a logical network and the allocated network addresses belong to a subnet of the logical network, the logical network segregating the plurality of VMs from other machines in the datacenter set that are not part of the logical network. 3. The method of claim 2 , wherein the software switches implement the logical network by implementing at least one logical switch of the logical network, the logical switch spanning two or more host computers. 4. The method of claim 1 further comprising associating each of a set of two or more VIFs with a distributed middlebox service operation that is to be performed by a middlebox service engine on the host computer that executes the associated VM of the VIF. 5. The method of claim 4 , wherein the distributed middlebox service operation is a distributed firewall operation, and the service engines on two or more host computers of the set of two or more VIFs implements a distributed firewall. 6. The method of claim 4 , wherein the distributed middlebox service operation is a distributed load balancing operation, and the service engines on two or more host computers of the set of two or more VIFs implements a distributed load balancer. 7. A method of deploying network elements for a set of machines in a set of one or more datacenters automatically and without user intervention, the method comprising: defining, by a network controller plug-in (NCP), a different virtual interface (VIF) for each of a plurality of virtual machines and a plurality of Pods executing on a plurality of host computers along with a plurality of physical forwarding elements (PFEs), wherein each pod comprises a set of containers; allocating, by the NCP, a different network address for each VIF; assigning, by the NCP, each network address to the VIF for which the network address was allocated; and associating, by the NCP, each VIF with a different one PFE of the plurality of PFEs executing on a host computer of the plurality of host computers that executes the VIF's associated virtual machine or Pod, wherein: the set of machines comprises Kubernetes Pods and non-Kubernetes Pods such that the plurality of pods includes the non-Kubernetes Pods, the VIFs are defined by the NCP for non-Kubernetes Pods but are not defined for Kubernetes Pods, and the VIFs of non-Kubernetes Pods are associated by the NCP with a first set of PFEs of the plurality of PFEs while predefined interfaces of the Kubernetes Pods are associated by the NCP with a second set of PFEs of the plurality of PFEs such that the non-Kubernetes Pods are accessed via an associated PFE of the first set of PFEs and the Kubernetes Pods are accessed via an associated PFE of the second set of PFEs. 8. The method of claim 1 , wherein defining the VIFs comprises processing a Custom Resource Definition (CRD) that specifies a VIF as a resource in the datacenter. 9. A method of deploying network elements in a set of one or more datacenters automatically and without user intervention, the method comprising: defining, by a network controller plug-in (NCP), a different virtual interface (VIF) for each of a plurality of virtual machines and a plurality of Pods executing on a plurality of host computers along with a plurality of physical forwarding elements (PFEs), wherein each pod comprises a set of containers, wherein defining the VIFs comprises (i) receiving intent-based API (Application Programming Interface) requests to define a plurality of VIFs for the plurality of Pods, (ii) using a custom resource definition (CRD) defined for VIFs to parse and process the API request to define the VIFs for the Pods; allocating, by the NCP, a different network address for each VIF; assigning, by the NCP, each network address to the VIF for which the network address was allocated; and associating, by the NCP, each VIF with one different PFE executing on a host computer of the plurality of host computers that executes the VIF's associated virtual machine or Pod. 10. The method of claim 9 further comprising: receiving an intent-based API request that specifies a service operation provided by a plurality of machines; and using a CRD defined for service operations to perform an automated process that parses and processes a service-operation API to associate each of a set of two or more VIFs with a distributed load balancing operation that is to be performed by a load balancing engine on the host computer that executes the associated VM or Pod of the VIF, the load balancing engine performs the distributed load balancing operation to implement the service for the plurality of machines, in order to distribute the load from the VMs and Pods of the set of VIFs across the plurality of machines. 11. The method of claim 2 , wherein the logical network is a network defined for a virtual private cloud (VPC), and the network addresses allocated to the logical network are addresses allocated to the VPC. 12. The method of claim 1 , wherein the datacenter set comprises one or more datacenters that are associated with an availability zone identified by a software defined datacenter (SDDC) interface. 13. The method of claim 1 , wherein the allocated plurality of network addresses is from a first subnet, the method further comprising: while defining a new VIF, determining that there are no remaining network addresses to allocate from the first subnet; allocating a second of subnet of network addresses; assigning a network address from the newly allocated second subnet to the new VIF; associating the new VIF with a machine; and associating the new VIF with a port of a software switch executing on a host computer along with the VIF's associated machine. 14. The method of claim 13 , wherein the plurality of software switches implements a logical network and the first and second subnets are first and second sub-networks of the logical network. 15. The method of claim 13 further comprising configuring the plurality of software switches to implement first and second logical switches that establish the first and second logical sub-networks. 16. The method of claim 15 further comprising configuring the plurality of software switches to connect the first and second logical switches to a gateway router that is deployed for the logical network.