Configure Tenant Admin Access to Shared Tenant Resources or Entities
About this task
In EFA versions prior to 3.0.0,
running the REST GET API or the equivalent CLI without tenant filter disables
the tenant admin to view the resources or entities owned by the tenant admin and the
resources or entities owned by the shared tenant.
In EFA versions 3.0.0 or above,
running the REST GET API or the equivalent CLI without tenant filter enables
the tenant admin to view the resources or entities owned by the tenant admin and the
resources or entities owned by the shared tenant.
Procedure
-
Log in to EFA as a root user.
(efa:root)root@administrator-00:~# efa tenant show +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ | Name | Type | VLAN Range | L2VNI Range | L3VNI Range | VRF Count | Enable BD | Ports | Mirror Destination Ports | +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ | roottenant | private | 2-20 | 10000-10099 | 10110-10119 | 10 | false | 10.20.246.4[0/20] | 10.20.246.4[0/21] | | | | | | | | | 10.20.246.3[0/20] | 10.20.246.3[0/21] | +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ | sharedtenant | shared | 2-20 | 20000-20099 | 20110-20119 | 10 | false | 10.20.246.4[0/22] | 10.20.246.3[0/23] | | | | | | | | | 10.20.246.3[0/22] | 10.20.246.4[0/23] | +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ | t1 | private | 2-20 | 30000-30099 | 30110-30119 | 10 | false | 10.20.246.4[0/24] | 10.20.246.3[0/25] | | | | | | | | | 10.20.246.3[0/24] | 10.20.246.4[0/25] | +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ | t2 | private | 2-20 | 40000-40099 | 40110-40119 | 10 | false | 10.20.246.4[0/26] | 10.20.246.4[0/27] | | | | | | | | | 10.20.246.3[0/26] | 10.20.246.3[0/27] | +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ Tenant Details (efa:root)root@administrator-00:~# efa tenant po show +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ | Name | Tenant | ID | Speed | MTU | Negotiation | Min Link | Lacp | Ports | State | Dev State | App State | | | | | | | | Count | Timeout | | | | | +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ | rootpo | roottenant | 2 | 10Gbps | | active | 1 | long | 10.20.246.4[0/20] | po-created | provisioned | cfg-in-sync | | | | | | | | | | 10.20.246.3[0/20] | | | | +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ | sharedpo | sharedtenant | 3 | 10Gbps | | active | 1 | long | 10.20.246.4[0/22] | po-created | provisioned | cfg-in-sync | | | | | | | | | | 10.20.246.3[0/22] | | | | +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ | po1 | t1 | 4 | 10Gbps | | active | 1 | long | 10.20.246.4[0/24] | po-created | provisioned | cfg-in-sync | | | | | | | | | | 10.20.246.3[0/24] | | | | +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ | po2 | t2 | 5 | 10Gbps | | active | 1 | long | 10.20.246.4[0/26] | po-created | provisioned | cfg-in-sync | | | | | | | | | | 10.20.246.3[0/26] | | | | +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ Port Channel Details (efa:root)root@administrator-00:~# efa tenant vrf show +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-----------------+-------------+ | Name | Tenant | Routing Type | Centralized Routers | Redistribute | Max Path | Local Asn | Enable GR | State | Dev State | App State | +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-----------------+-------------+ | rootvrf | roottenant | distributed | | connected | 8 | | false | vrf-device-created | provisioned | cfg-in-sync | +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-----------------+-------------+ | sharedvrf | sharedtenant | distributed | | connected | 8 | | false | vrf-device-created | provisioned | cfg-in-sync | +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-----------------+-------------+ | myv1 | t1 | distributed | | connected | 8 | | false | vrf-device-created | provisioned | cfg-in-sync | +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-----------------+-------------+ | myv2 | t2 | distributed | | connected | 8 | | false | vrf-created | not-provisioned | cfg-ready | +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-----------------+-------------+ Vrf Details (efa:root)root@administrator-00:~# efa tenant epg show +-----------+--------------+-------------+-------+--------+------------+-------------+------------+-----------+-------+------------------------------------+ | Name | Tenant | Type | Ports | PO | SwitchPort | Native Vlan | Ctag Range | Vrf | L3Vni | State | | | | | | | Mode | Tagging | | | | | +-----------+--------------+-------------+-------+--------+------------+-------------+------------+-----------+-------+------------------------------------+ | rootepg | roottenant | extension | | rootpo | trunk | false | 10 | rootvrf | 10111 | epg-with-port-group-and-ctag-range | | | | | | | | | | | | | +-----------+--------------+-------------+-------+--------+------------+-------------+------------+-----------+-------+------------------------------------+ | sharedepg | sharedtenant | l3-hand-off | | | | false | | | | epg-empty | | | | | | | | | | | | | +-----------+--------------+-------------+-------+--------+------------+-------------+------------+-----------+-------+------------------------------------+ | epg1 | t1 | extension | | po1 | trunk | false | 11 | myv1 | 30111 | epg-with-port-group-and-ctag-range | | | | | | | | | | | | | +-----------+--------------+-------------+-------+--------+------------+-------------+------------+-----------+-------+------------------------------------+ | epg2 | t2 | extension | | po2 | trunk | false | 12 | sharedvrf | 20111 | epg-with-port-group-and-ctag-range | | | | | | | | | | | | | +-----------+--------------+-------------+-------+--------+------------+-------------+------------+-----------+-------+------------------------------------+ EndpointGroup Details
-
Log in to EFA as a tenant user.
(efa:t1user)root@administrator-00:~# efa tenant show +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ | Name | Type | VLAN Range | L2VNI Range | L3VNI Range | VRF Count | Enable BD | Ports | Mirror Destination Ports | +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ | sharedtenant | shared | 2-20 | 20000-20099 | 20110-20119 | 10 | false | 10.20.246.4[0/22] | 10.20.246.4[0/23] | | | | | | | | | 10.20.246.3[0/22] | 10.20.246.3[0/23] | +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ | t1 | private | 2-20 | 30000-30099 | 30110-30119 | 10 | false | 10.20.246.4[0/24] | 10.20.246.4[0/25] | | | | | | | | | 10.20.246.3[0/24] | 10.20.246.3[0/25] | +--------------+---------+------------+-------------+-------------+-----------+-----------+-------------------+--------------------------+ Tenant Details (efa:t1user)root@administrator-00:~# efa tenant po show +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ | Name | Tenant | ID | Speed | MTU | Negotiation | Min Link | Lacp | Ports | State | Dev State | App State | | | | | | | | Count | Timeout | | | | | +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ | sharedpo | sharedtenant | 3 | 10Gbps | | active | 1 | long | 10.20.246.4[0/22] | po-created | provisioned | cfg-in-sync | | | | | | | | | | 10.20.246.3[0/22] | | | | +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ | po1 | t1 | 4 | 10Gbps | | active | 1 | long | 10.20.246.4[0/24] | po-created | provisioned | cfg-in-sync | | | | | | | | | | 10.20.246.3[0/24] | | | | +----------+--------------+----+--------+-----+-------------+----------+---------+-------------------+------------+-------------+-------------+ Port Channel Details (efa:t1user)root@administrator-00:~# efa tenant vrf show +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-------------+------------+ | Name | Tenant | Routing Type | Centralized Routers | Redistribute | Max Path | Local Asn | Enable GR | State | Dev State | App State | +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-------------+-------------+ | sharedvrf | sharedtenant | distributed | | connected | 8 | | false | vrf-device-created | provisioned | cfg-in-sync | +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-------------+-------------+ | myv1 | t1 | distributed | | connected | 8 | | false | vrf-device-created | provisioned | cfg-in-sync | +-----------+--------------+--------------+---------------------+--------------+----------+-----------+-----------+--------------------+-------------+-------------+ Vrf Details (efa:t1user)root@administrator-00:~# efa tenant epg show +-----------+--------------+-------------+-------+-----+------------+-------------+------------+------+-------+------------------------------------+ | Name | Tenant | Type | Ports | PO | SwitchPort | Native Vlan | Ctag Range | Vrf | L3Vni | State | | | | | | | Mode | Tagging | | | | | +-----------+--------------+-------------+-------+-----+------------+-------------+------------+------+-------+------------------------------------+ | sharedepg | sharedtenant | l3-hand-off | | | | false | | | | epg-empty | | | | | | | | | | | | | +-----------+--------------+-------------+-------+-----+------------+-------------+------------+------+-------+------------------------------------+ | epg1 | t1 | extension | | po1 | trunk | false | 11 | myv1 | 30111 | epg-with-port-group-and-ctag-range | | | | | | | | | | | | | +-----------+--------------+-------------+-------+-----+------------+-------------+------------+------+-------+------------------------------------+ EndpointGroup Details