For one of our customers all NSX related questions are routed to me (pun intended). I received a customer ticket stating that they where not able to remove an unused NSX created port group although it is not in use while observing from vCenter.
After some investigating within NSX it was clear that this issues was caused by an orphaned logical port. NSX allows you to do allot of the config from the UI, but for some actions it is required to turn to the application programming interface (API). NSX provides a programmatic API to automate management activities. The API follows a resource-oriented architecture by using JSON object encoding. Clients interact with the management plane by using RESTful web service calls over HTTPS.
The API abstracts the object configuration that is stored in the NSX database.
| Method | Use | Function |
| Get | Retrieve details of single or multiple NSX objects | Read |
| Post | Create an NSX object such as a segment, gateway or transport node. | Create |
| Put | Modify all properties of an existing NSX object, or replace it. | Update |
| Patch | Modify some properties of an existing NSX object, or create an object. | Partial update or modify |
| Delete | Delete or remove an existing NSX object or multiple objects. | Delete or remove |
Lets first confirm the statement that the NSX created vCenter distributed port group is not in use from vCenter.
When zooming in the related NSX Segment associated with this vCenter Distributed Port Group I notice that according to NSX there are two VM’s connected.
To fix this issue we have to turn to the NSX API to allow us to remove these connected VM’s (that are not really connected, the are orphaned logical ports connected to this Logical Switch aka Segment). The tool I am using to interact with the API is called Postman. To be able to disconnect these orphaned logical ports we first need to identify the ID for this logical port, this ID is not viewable from the NSX UI.
To identify the ID for the logical port we want to disconnect we collect all logical ports in the environment. To do this we execute the following request via Postman.
GET https://NSX-T-MANAGER-FQDN/api/v1/logical-ports
When we receive the output for this query we first notice that a status 200 is returned. This response let is know that everything was executed correctly. In the output window we notice the following data. With key combination CTRL+F we are able to search through this output.
Now that we know the ID for the logical port we want to disconnect we can execute our next API Call.
DELETE https://NSX-T-MANAGER-FQDN/api/v1/logical-ports/<LogicalPortID>?detach=true
When this call is executed we receive again a Status 200 return.
When both logical ports are disconnected we can proceed and delete the vCenter Distributed Port Group by deleting the corresponding NSX Segment.