In this guide I will show you how to use the vRA 7 REST API to delete a deployment. This is common for users or developers that want to programmatically delete a deployment of single or multi-machine blueprints.
Pre-Reqs
- Already provisioned vRA 7 Blueprint with Destroy Deployment entitled See my guide here to use the API
- A linux system with a command line that you can run curl from to connect to the vRealize Appliance API
- An account with access to vRA 7 that can provision the vRA 7 blueprint with the Destroy Entitlment
Lets get started, first we will need to set some environment variables to save us time. Let’s export the vRA appliance host name.
export VRA=vra-01a.corp.local
Create variable for the HTTP Accept header, which tells the server what format you want the response to be in.
export ACCEPT="application/json"
Here we will authenticate by requesting a bearer token via a POST against /identity/api/tokens API, and we will store the bearer token in a variable so we can use it on future API invocations.
curl --insecure -H "Accept: application/json" -H 'Content-Type: application/json' --data '{"username":"tony@corp.local","password":"VMware1!","tenant":"vsphere.local"}' https://$VRA/identity/api/tokens
Now let’s grab the bearer token from the response above. Highlight all the text between the quotes as shown and copy it to the clip board
export AUTH="Bearer MTQ0OTYwMjc2MDI4NToyODlmZWM2MjZlNzNkMDAwZmRmYjp0ZW5hbnQ6dnNwaGVyZS5sb2NhbHVzZXJuYW1lOnRvbnlAY29ycC5sb2NhbGV4cGlyYXRpb246MTQ0OTYzMTU2MDAwMDo4MzE3NThmNjhjZTNjNzg5MDNiMWM3ODdlODBmMDQ3NGYzNmYwMzBkYWFjNGM4Y2I3YTk5YmY1ODBmN2E4N2IyNzM4MTRhM2M3NmQzNzM3ZTUzMmZjZDI4OGEwZTI0OTA4NTZjMDg3YTQ2NzRjMjczZTIyOTQyZGJlOWQwNDU2NQ=="
Now lets test connectivity by listing the entitled catalog items with curl –insecure -H “Accept: $ACCEPT” -H “Authorization: $AUTH” https://$VRA/catalog-service/api/consumer/entitledCatalogItems | python -m json.tool
Notice I add a pipe on the end of the command. This makes the JSON output more readable. | python -m json.tool
Ok, now that we have connectivity let’s get the list of available resources (Hint, this is the data from the items view tab in the vRA Portal)
curl --insecure -H "Accept: $ACCEPT" -H "Authorization: $AUTH" https://$VRA/catalog-service/api/consumer/resources | python -m json.tool
In the output we will need the Resource ID of the deployment
Copy and paste the ID to note pad, we will need to use this later in this guide
Now let’s get the list of actions that are available for that resource ID with the following
Notice I highlighted where you need to enter that resource ID that we copied in the step above.
curl --insecure -H "Accept: $ACCEPT" -H "Authorization: $AUTH" https://$VRA/catalog-service/api/consumer/resources/623d8338-8649-4dea-9b05-11af7c3ac038/actions | python -m json.tool
Now we need to get the ID of the destroy action from the output
Copy and paste the id to notepad, we will need this in the next step
curl --insecure -H "Accept: $ACCEPT" -H "Authorization: $AUTH" https://$VRA/catalog-service/api/consumer/resources/623d8338-8649-4dea-9b05-11af7c3ac038/actions/1c186ca1-6df9-4fbf-a110-a8ecf3613d78/requests/template | python -m json.tool > /tmp/DestroyCentOS7.json
Now let’s send the request to destroy the deployment using the JSON file we just created as the payload
curl --insecure -H "Accept: $ACCEPT" -H "Authorization: $AUTH" https://$VRA/catalog-service/api/consumer/resources/623d8338-8649-4dea-9b05-11af7c3ac038/actions/1c186ca1-6df9-4fbf-a110-a8ecf3613d78/requests --data @/tmp/DestroyCentos7.json --verbose -H "Content-Type: application/json" | python -m json.tool
Very?
Hi, I forceunregistered a VM (wrong blueprint configuration, wrong reservation 🙁 bulk import for the win 🙂 ) that has been deployed along with a couple of security groups.
Now I’m unable to destroy the corresponding deployment, because there is no VM inside, to run the “uninstall” phase of a Software Component that was included in the original VM’s blueprint.
Can I use your approach to cleanup my mess?
Best regards, and thanks in advance
Follow https://kb.vmware.com/s/article/2148996
Hi Sir,
Great post really got lots of information. Also is that possible to track the state of the destroy action. Do we have API for the same. t would be great if you add that as well here
How can get this work on an additional tenent?