This document provides information on removing an NSX-T edge cluster deployment created by VMware SDDC Manager. This tool works on edge clusters created either by an AVN bringup workflow or by an SDDC Manager edge cluster creation workflow.
The edge cleaner is written to be run directly on the SDDC Manager VM. The cleaner is written in python, and is presently delivered as a tarball which needs to be copied to a suitable location inside the SDDC Manager VM.
In order to run, the edge cleaner requires the workload's SSO credentials. SSO credentials may be supplied via command-line options and/or pre-set environment variables. If the password is not supplied via either means, the user is prompted to enter it interactively. To set environment variables, add lines like the following to the ~/.bashrc file in your SDDC Manager VM:
export SDDC_SSO_USERNAME=your_SSO_username
export SDDC_SSO_PASSWORD=your_SSO_password
There is also a --dryrun command line option which is worth noting. When this option is given, the edge cleaner runs as it otherwise would but only simulates the various deletions and other operations it would perform. This allows for safe verification of credentials and to observe what the cleaner would do with a given set of command-line options. It is recommended that when first invoking the cleaner, you also supply the --dryrun option.
Prerequisites
The cleaner is meant to remove freshly-deployed edge clusters created by SDDC Manager.
If any NSX-T configuration has been added or attached to a deployed edge cluster configuration, please remove it before attempting to use the cleaner to remove that edge cluster.
Likewise, in some cases the edge cleaner refers to the names of items in order to associated them with an edge cluster. Where any of the configuration entities created during an edge cluster deployment have been renamed, either in NSX-T or in vCenter, please return them to their original names.
If these conditions are not met, the cleaner will likely fail to run properly.
Invocation
After unpacking the supplied tarball, the below output can be obtained for usage information regarding the tool. Please run cleanup/remove_edge_cluster.sh --help from the command line.
usage: remove_edge_cluster.sh [-h] [--cluster CLUSTER] [--force-cluster]
[--workload WORKLOAD]
[--user USER] [--password PASSWORD]
[--skip-warning] [--dryrun] [--verbose]
Remove VCF edge cluster deployment(s) from a workload
optional arguments:
-h, --help show this help message and exit
--cluster CLUSTER, -c CLUSTER
Name of edge cluster to remove
--force-cluster Allow removal of an edge cluster whose VCF workload association is not in VCF inventory
--workload WORKLOAD, -w WORKLOAD
Name of VCF workload from which we remove edge cluster(s)
--user USER, -u USER Name of single-signon admin user to authenticate as
--password PASSWORD, -p PASSWORD
Password for specified user
--skip-warning, -s Skip warning message and confirmation. Ignored unless
the warning confirmation prompt has been accepted at least once.
--dryrun, -d Compute and report but do not apply changes
--verbose, -v Provide extra output detail during operation
Note: The edge cluster to be removed must be specified by the option --cluster.
Note: The --workload option is optional.
Retrying Cleanup
In general the cleaner will remove the selected edge cluster deployment in a single invocation.. But occasionally, due to unusual rack timing / load, the cleaner might quit part-way through cleanup with a timeout error. In this case typically re-running the cleaner will result in finishing the edge deployment cleanup.
The only exception to this is if an edge cluster has been dissolved but its constituent edge node VMs have not yet been deleted. In this case, the user will need to manually remove the edge node VMs via the NSX-T UI (System > Fabric > Nodes and select the Edge Transport Nodes tab).
Operations the Cleaner Performs
An automated edge cluster deployment produces a lot of configuration items. The aim of the edge cluster cleanup tool is to remove all of these items. The edge cluster cleanup tool has limited provision for disconnecting linked segments from a cluster's tier-1 gateway, but it is strongly recommended that a user remove or disconnect any elements they have added to an edge cluster before invoking the cluster cleanup tool. Not doing so will likely prevent the cleanup tool from being able to clean up the edge cluster.
Edge cluster-related items are located in the workload's NSX-T and vCenter configurations. The cleanup tool takes care of all of these. There is some variation in the list of items removed, depending on whether the deployment was done as part of an AVN bringup operation or as a direct edge cluster creation request (e.g., via the SDDC Manager UI). Items removed during an edge cluster cleanup will typically include:
Tier-1 gateway.
Tier-0 router.
Edge cluster.
Edge node VMs.
Edge uplink segments.
VLAN-backed transport zones created for the edge deployment.
vCenter portgroups created for the edge deployment.
Resource pool, if one was created as part of edge deployment.
VMware SDDC Manager inventory records of the edge deployment.