How to remove a stale ingress policy created by NCP

search cancel

book

calendar_today

VMware NSX

An ingress policy created by NCP can be left in NSX and there is no way for customer to remove them via NSX Manager UI.

This issue can occur in the following situation.

There are virtual machines running Kubernetes or OpenShift with NCP installed.
When you get rid of those virtual machines, there is no NCP call for NCP Cleanup explicitly.
In this case, the inventory objects created by NCP will be presented in the NSX such as an ingress policy objects.

VMware NSX-T Data Center 3.2

There might be situations which can make entries regarding an ingress policy created by NCP remain in NSX.

1. Customer can run NCP cleanup to clean all stale objects created by NCP. Please refer to the following articles.

As the documentation suggests, execute NCP cleanup with the appropriate parameters.

2. Customer can use cluster object deletion API as there is no deletion API for the specific inventory object.

I. Retrieve the "container_cluster_id" value using the below API.

curl -k -u 'admin:<Password>' -X GET 'https://<NSX_Manager_IP_Address>/api/v1/fabric/container-ingress-policies/' -H 'Accept: application/json'

{
"results": [
{
"external_id": "<UUID>",
"container_cluster_id": "<UUID>",
...
"resource_type": "ContainerIngressPolicy",
...
}

II. Ensure that the container cluster indeed does not exist based on the following API result.

curl -k -u 'admin:<Password>' -X GET "https://<NSX_Manager_IP_Address>/api/v1/fabric/container-clusters/<container_cluster_id>"

III. Run the cluster object deletion API with the specific ID of the cluster.

curl -k -u 'admin:<Password>' -X DELETE "https:/<NSX_Manager_IP_Address>/api/v1/fabric/container-clusters/<container_cluster_id>"

thumb_up Yes

thumb_down No