VMware Cloud Foundation – Delete a Network IP Pool Range Using the API

This week I was contacted by a member of the VMware Global Support team who was working with a customer that was trying to remove an unused IP range from one of their Network Pools in SDDC Manager but they were hitting issues.

Basically the SDDC Manager UI was throwing the following error: Failed to add IP Address Range. NetworkPool Internal Server Error, now it just so happens that I too discovered this same issue earlier this year whilst performing some of my own testing in my home lab, back then I raised a bug against engineering and awaited a fix.

The issue was quickly identified to be down to the wrong API call being made from the SDDC Manager UI, where instead of issuing a DELETE it was doing a PUT call, engineering set about fixing the problem, verified it and the bug was closed out. It’s only now that I realise that the change did not make the cut off point to land in VMware Cloud Foundation 4.2 and hence my colleague from VMware Global Support reaching out to me as he had found the original bug ticket I had raised asking if I had a workaround.

In case others hit this issue, here is the workaround I’ve provided him the Public APIs.


Step 1 – First lets take a look in the SDDC Manager UI and in particular at the Network Pool that I want to remove the unused IP Pool from. In the image below we can see I have an IP Pool Range of – assigned to my vSAN Network, this is the IP Pool Range that I want to now go and remove using the Public APIs.

Step 2 – Connect to the SDDC Manager appliance using and SSH client such as Putty using the vcf user.

Step 3 – Enter su to switch to the root user and enter the password.

Step 4 – Obtain the authentication token, because we are using the Public API we need to get an authentication token from SDDC Manager. We will do this by capturing the token to a variable that we can then use for each subsequent API call as this simplifies the command for us.

TOKEN=`curl -X POST -H "Content-Type: application/json" -d '{"username": "administrator@vsphere.local","password": "VMw@re1!"}' -k https://localhost/v1/tokens | awk -F "\"" '{ print $4}'`

Step 5 – Obtain the ID of the Network Pool. Make a note of this ID as we will use it in the next step.

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -k https://localhost/v1/network-pools | json_pp

In the image below you can see that I have two Network Pools in my home lab and I’ve highlighted the ID for the Network Pool I want to work with.

Step 6 – Obtain the ID of the IP Pool. Make a note of this ID also as it will be used in the next step

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -k https://localhost/v1/network-pools/93e10949-e841-40d6-a0c2-3cf95b33dd5d/networks | json_pp

In the image below we can see the output of this command shows the details of each of my IP Pools contained within the Network Pool lax-w01-np01. The IP Pool I want to delete the IP range from was for vSAN, this is shown below and again I’ve highlighted the ID of this IP Pool which we will use in the last API command.

Step 7 – Delete the IP range we no longer require. Here we use the Network Pool ID from Step 5 and the IP Pool ID from Step 6 as well as passing a JSON spec containing the actual IP range that we want to delete.

curl -X DELETE -H "Content-Type: application/json" -H "Authorization: Bearer $TOKEN" -k https://localhost/v1/network-pools/93e10949-e841-40d6-a0c2-3cf95b33dd5d/networks/2a6d3d2d-136e-40f2-8dfe-535da73a8a37/ip-pools -d '{"start" : "", "end" : "" }'

Step 8 – Return to the SDDC Manager UI, and refresh and the IP Pool Range will have been deleted.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s