[Internal]Failed to "Remove NSX" in a security-only cluster
search cancel

[Internal]Failed to "Remove NSX" in a security-only cluster

book

Article ID: 368591

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • Failed to "Remove NSX" in a security-only cluster with notification: "Error: The resource TransportNode with ID <transport node id> used by compute collection <compute resource id>:domain-<cluster id> is a member of a security group. Please update the group membership to remove the resource and try uninstalling again. (Error code: 9611)"



  • "del nsx" on ESXi command line may also return failed.

Cause

When the issue is encountered, the security-only cluster is configured with button 1 in the picture below.

After configuring the security-only cluster with button 2, “Remove NSX” returns successful.

Resolution

1. It is recommended to configure security-only cluster with button 2 as above before root cause is clear.

2. If NSX is failed to remove in a security only cluster, please remove NSX with procedure below:

  1. Put one ESXi in the cluster to maintenance mode;
  2. Remove this ESXi out of the cluster on vCenter Server
  3. Select this ESXi then click "Remove NSX" on NSX manager, then host should be "Not Configured" on NSX manager.
  4. Run "nsxcli -c del nsx" on ESXi command line, here may returned some failed message, which can be ignored. If run "esxcli software vib list|grep -E 'nsx|vsip' ", NSX vibs are still shown.
  5. Add ESXi back to the cluster on the vCenter Server
  6. Remove this ESXi out of the cluster on vCenter Server
  7. Run "nsxcli -c del nsx" on ESXi command line, here "Terminated" will return as below:
  8. Add ESXi back to the cluster on the vCenter Server
  9. Run command "esxcli software vib list|grep -E 'nsx|vsip' " to check if NSX has been removed

3. If NSX vibs are not removed after step i, please repeat step f to h one more time. If still no use, ESXi should be re-installed.