Umm NSX-T why do I have 694 ports on a segment ?
So after doing my VMUG UserCon presentation on Rancher I went to clean up the lab and noticed that the NSX-T segment I was using for the control and worker nodes had 694 ports assigned. Damn that’s a lot of ports !
The reason I had so many ports was from months of testing and tinkering while using an external Linux distro DHCP server, and NSX-T thought the ports still existed. 694 ports seems pretty excessive, however when you have a failed deployment and walk away for the night, Rancher attempts to redeploy the nodes.
Figure 1. Ports Connected
Now I am somewhat of a lazy person and try to do most things with code and APIs using Python (note I do say try), and no sane person would go an manually delete 694 segment ports.
So lets dive into the code to clean all this up, and feel free to use it at your own peril !.
First up lets get a list of all the segments in this environment so I can get the segment ids.
The body of the code does an API GET request to the NSX-T manager and returns the logical switches and their switch id.
# -*- coding: utf-8 -*-
"""
Spyder Editor
Author: Tony Williamson
"""
import requests
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
logical_switches=requests.get('https://<enter nsxt url>/api/v1/logical-switches',auth=('admin', 'thisisnotthepasswordyouarelookingfor'),verify=False)
response_code=(logical_switches.status_code)
if response_code != int(200): # Checking response code must be 200 to continue
print('\n Error, repsonse code {} \n '.format(response_code))
quit
logical_switches=(logical_switches.json())
logical_switches=(logical_switches['results'])
for switch_info in logical_switches:
switch_name=(switch_info['display_name'])
switch_id=(switch_info['id'])
print(switch_name,",", switch_id)
The output from the Python.
172.16.80.0/24 , 42149648-8683-4464-8227-154b4daecc66
kubes-172.16.80.0-24 , e7194142-224b-4f66-8d11-23203151e72a
primus-alb2-vrf-vlan-500-172.50.0.0/24 , ea7b413b-7b76-40ba-8cbc-688c39ba59f1
primus-alb2-vrf-vlan-501-172.50.10.0/24 , 091adeb1-a982-4852-8057-5afee347b114
uat-204-192.168.204.0/24 , 434dcd33-9311-4a49-bc96-2b587d9aa25a
uat-205-192.168.205.0/24 , e5617b10-5fc4-4bad-a1ed-9076fe72fa54
uat1-100-192.168.0.0/23 , 080b659a-5c64-49e5-ba87-53876731a653
So what I want out of the results is the actual switch ids and in this case the id is ‘42149648-8683-4464-8227-154b4daecc66’ .
Now for destructive code ! . Note that I had moved any real ports that were connected to workloads to another segment for the time being.
I have connected back via API to the NSX-T manager and started to carry out a ‘for loop’. For every port that is associated to segment id ‘42149648-8683-4464-8227-154b4daecc66’ pew pew it forcefully and without remorse.
# -*- coding: utf-8 -*-
"""
Spyder Editor
Author: Tony Williamson
"""
import requests
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
logical_switches=requests.get('https://<enter nsxt url>/api/v1/logical-ports/',auth=('admin',
'thisisnotthepasswordyouarelookingfor'),verify=False)
response_code=(logical_switches.status_code)
if response_code != int(200): # Checking response code must be 200 to continue
print('\n Error, repsonse code {} \n '.format(response_code))
quit
logical_switches=(logical_switches.json())
logical_switches=(logical_switches['results'])
for logical_id in logical_switches:
logical_port_id=(logical_id['id'])
logical_switch_id=(logical_id['logical_switch_id'])
if logical_switch_id==('42149648-8683-4464-8227-154b4daecc66'):
logical_port_url=('https://<enter nsxt url>/api/v1/logical-ports/{}?detach=true'.format(logical_port_id))
print(logical_port_url)
requests.delete(logical_port_url,auth=('admin',
'thisisnotthepasswordyouarelookingfor'),verify=False)
The process took a couple of minutes with output of the port ids that were getting deleted.
Figure 2. Output of Port Deletion.
Once that process had completed I ran more code to confirm that all the ports had been deleted which it had as no ports were returned, and I also double checked using Postman. It also took about 15 minutes for the NSX-T Manager to catch up and reflect the changes.
# -*- coding: utf-8 -*-
"""
Spyder Editor
Author: Tony Williamson
"""
import requests
import urllib3
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
logical_switches=requests.get('https://<enter nsxt url>/api/v1/logical-ports/',auth=('admin',
'thisisnotthepasswordyouarelookingfor'),verify=False)
response_code=(logical_switches.status_code)
if response_code != int(200): # Checking response code must be 200 to continue
print('\n Error, repsonse code {} \n '.format(response_code))
quit
logical_switches=(logical_switches.json())
logical_switches=(logical_switches['results'])
for logical_id in logical_switches:
logical_port_id=(logical_id['id'])
logical_switch_id=(logical_id['logical_switch_id'])
if logical_switch_id==('42149648-8683-4464-8227-154b4daecc66'):
print(logical_port_id)
Figure 3. Ports Cleared.
So now NSX-T is back looking all “sexy nice” ( say it with a Borat voice ) !
I hope that this is useful to somebody in the future and don’t be afraid to dip your toe into code, APIs and automation as it is now the new norm. NSX-T comes with its internal API reference guide so get in there and tinker !.