Cisco ACI Tenant
Basically for understanding Cisco ACI, is a policy based fabric meaning that the whole environment is modelled in objects. Within Cisco Application Centric Infrastructure, the tenant policy model is one of the most important parts of ACI and is the top level object on its tab. It contains several areas, but the two most critical at the moment are networking and application profile. The networking section is where you create VRFs (which also called contexts), Bridge domains (which contain a subnet and define flooding boundaries), L3 out parameters and L2 out parameters. In addition, the application profile defines your endpoint groups which is a VLAN matches switch, interfaces and more, and how they consume infrastructure resources for their application.
Cisco ACI Tenant
Overall, a tenant is a logical container for application policies and it includes one or more virtual routing and forwarding (VRF) instances or contexts which can be associated with multiple bridge domains. This concept is very similar to the Private VLAN which is being used in traditional networking.
In ACI Tenant policy model within the ACI network, Bridge domains act like a primary VLAN while EPGs behave like the secondary VLANs. However, as there are two types of encapsulations in ACI, VXLAN and IEEE VLAN, and it is not about VLANs anymore, whole architecture and parameters are changed. In addition, the VXLAN can be categorized in two types in ACI, iVXLAN which is the encapsulation that is used inside of the fabric and it would never leave the fabric. ACI is also capable of dealing with standard IETF VXLAN which is the standardized VXLAN that all the vendors are using.