...
- Set up a VLAN domain and assign a range of VLANs to it. The VLAN range used will come from the AddressPool linked to the Zone with ZoneType='Default' and apply to all switch ports facing end hosts across the Fabric
- Specify VLAN domain port members. These are the leaf switches and interfaces that the VLAN domain apply to. The switches and Port list will come from the Port 'ConnectedPort' link(s) assigned by a northbound client as part of setting up the Fabric.
- Create a Tenant
- Create a Bridge Domain per Zone with ZoneType='ZoneOfEndpoints'
- Allocate an IP subnet to the Bridge domain. the Host subnet can be obtained from the AddressPool linked to a Zone with ZoneType=ZoneOfEndpointsÂ
- Create a VRF and Application Profile per Zone with ZoneType=ZoneOfZones
- Create an Endpoint Group for every Zone with ZoneType=ZoneOfEndpoints with links to the ContainedByZone of the ZoneOfZones above. The EPG VLAN tag will come from the AddressPool linked to the Zone with ZoneType='ZoneOfEndpoints' and must be in the VLAN domain it is linked to.
- Associate the EPG to the set of ports listed in the Zone with ZoneType-ZoneOfEndpoints - for each Linked Endpoint, look at the 'ConnectedPorts' property for the switch port to associate the EPG
Note that inter EPG communication policy dictating QoS and access control will be any-to-any in the first instance. This is due to a lack of support in Redfish for ACI 'Contracts'. There is a mechanism in Redfish called 'connections' that can be used for this purpose, but will require a new 'ConnectionsPolicy' schema to operate effectively. This will be worked on as part of an upcoming DMTF release.