As a best practice users create a Management Bridge Domain in the fabric in order to allow workloads to be able to have communication with the external devices via Management Services such as PXE, SSH, DNS, etc. During this step, we will introduce the concept of a Shared L3Out.

Shared L3Out is an option for a multitenant configuration where each tenant is isolated from each other, but might require access to external shared services, such as DHCP, DNS, and syslog.

Step 1 - Navigate to Bridge Domains in the Tenants Tab under Networking

Navigate to Networking to create a Bridge Domain by clicking:

1. Click on Tenant
2. Expand Networking
3. Right-click on Bridge Domains
4. Click on Create Bridge Domains

Step 2 - Create MGMT Bridge Domain (BD)

1. Name: aci_p21_bd_mgmt
2. VRF: k8s_vrf
3. Click Next

Step 3 - Create MGMT Subnet

1. Click the plus sign (+) button to add Subnet.

Step 4 - Add MGMT Subnet

1. Gateway IP: 10.0.145.161/29
2. Check - Advertised Externally - We need to make sure to advertise this subnet to the rest of the network. By checking this knob, ACI will do the back-end configuration for you.
3. Click OK

Step 5 - Associate Shared L3Out

1. Click the plus sign (+) button to Associate L3 Outs.
2. L3Out: k8s

3. On the following list select k8s

4. And make sure to click Update
5. With that process complete, make sure that you have the Gateway Address: 10.0.145.161/29 and the shared L3Out: k8s. The screen should look as the following:

6. Click Next

7. Click Finish

You should verify your work on this page before proceeding.