Tenants
A tenant is a logical container for application policies that enable an administrator to exercise domain-based access control. A tenant represents a unit of isolation from a policy perspective, but it does not represent a private network. Tenants can represent a customer in a service provider setting, an organization or domain in an enterprise setting, or just a convenient grouping of policies.
To manage tenants, you must have either Power User
or Site and Tenant Manager
read-write role.
Three tenants are pre-configured for you:
-
common
—A special tenant with the purpose of providing "common" services to other tenants in ACI fabrics. Global reuse is a core principle in the common tenant. Some examples of common services include shared L3Outs, DNS, DHCP, Active Directory, and shared private networks or bridge domains. -
dcnm-default-tn
—A special tenant with the purpose of providing configuration for Cisco DCNM fabrics. -
infra
—The Infrastructure tenant that is used for all internal fabric communications, such as tunnels and policy deployment. This includes switch to switch and switch to APIC communications. Theinfra
tenant does not get exposed to the user space (tenants) and it has its own private network space and bridge domains. Fabric discovery, image management, and DHCP for fabric functions are all handled within this tenant.
When using Multi-Site Orchestrator to manage Cisco DCNM fabrics, you will use the default dcnm-default-tn
that is preconfigured for you and allows you to create and manage the following objects:
-
VRFs
-
Networks