HCX [VMC on AWS] - Cleanup of Stale HCX-GRP and HCX-IX-vm Inventory Management Groups
search cancel

HCX [VMC on AWS] - Cleanup of Stale HCX-GRP and HCX-IX-vm Inventory Management Groups

book

Article ID: 317432

calendar_today

Updated On:

Products

VMware HCX

Issue/Introduction

In a VMware Cloud (VMC) on AWS environment, from the VMC Console it may be determined that one or more HCX-GRP and/or HCX-IX-vm Inventory Management Group entries is stale. These stale entries are associated with past HCX IX/NE appliance Uplink IPs and VM IDs that are no longer in use. They can been found under:

Networking & Security - Groups - Management Groups

In some cases, an attempt to delete a stale HCX-GRP entry from the VMC Console will fail and an error will be seen similar to the following:

The object HCX-GRP-35.164.205.228-vmc cannot be deleted as either it has children or it is being referenced by other objects HCX-CE-35.164.205.228-ANY,HCX-CE-ANY-35.164.205.228-1,HCX-CE-ANY-35.164.205.228-0

The Delete option that triggers the error can be found by clicking on the 3 dots highlighted in the screen snapshot below:
   
1 lab error 1.png


Resolution

Step1)

Determine which HCX-GRP Inventory Management Group entries are currently active and should not be deleted by determining the active HCX IX/NE appliance Uplink IPs in use on the VMC Cloud site:

HCX Cloud manager - Interconnect - Service Mesh - VIEW APPLIANCES

2 lab HCX Appliance Uplinks.png

Determine which HCX-IX-vm Inventory Management Group entries are currently active and should not be deleted by determining the VM ID associated with each active HCX IX/NE appliance on the VMC cloud site:

vCenter -  select the IX/NE appliance

lab VM ID better.png

  
  • The active HCX-GRP entries associated with the current IX/NE appliance Uplink IPs should not be deleted
  • The active HCX-IX-vm entries associated with the current IX/NE appliance VM ID’s should not be deleted
  • Only the other, non-active HCX-GRP and HCX-IX-vm Inventory Management Group entries can be considered stale and not in use. These stale entries can be deleted by continuing to follow the procedure below
  
Step2)

From the VMC Console attempt to delete any stale HCX IX/NE appliance HCX-GRP and HCX-IX-vm Inventory Management Group entries. This can be done under:

Networking & Security - Groups - Management Groups
  • The Delete option can be found by clicking on the 3 dots highlighted in the screen shot below
  • If an error is experienced when deleting a stale HCX-GRP entry, record the conflicting redirect rules that are reported in the error
1 lab error 1.png
   
   
Step3)

Delete the conflicting redirect rules associated with the stale HCX-GRP entry

This step cannot be performed from the VMC console. It requires direct access to the NSX UI via:

Optimus - Break Glass - NSX UI
6 lab NSX UI.png
 

Once in the NSX UI ensure the NSX Policy view is selected and then go to:

Security - Network Introspection (N-S)
  • Expand the entries then select and delete the conflicting redirect rules
  • Click PUBLISH to commit the change
7 lab security NI.png

 

Step4)

  • Re-attempt step2) to delete the stale HCX-GRP entry from the VMC Console. This time the stale HCX-GRP entry should be successfully deleted without an error
  • Alternatively, the stale HCX-GRP entry can also be deleted directly from the NSX UI under:
Inventory - Groups
8 lab delete.png


Powered by Wolken Software