VDS Out of Sync on NSX Prepared Cluster
Article ID: 379010
Updated On:
Products
Issue/Introduction
Error that we see is when you select the Summary tab in vCenter when focused on a vSphere Distributed Switch (vDS) in the Networking view:
"The vSphere Distributed Switch configuration on some hosts differed from that of the vCenter Server."
This "Out of Sync" condition has very specific attributes.
For each of the ESXi hosts that are listed when you click "Show Details", the database tables that are associated with the affected vDS within the vCenter database, are inconsistent with one another, with respect to one or more fields and/or rows in one or more of those database tables related to the vDS.
This generally results from when a vDS version is upgraded, and DRS has not been set to Manual (and vMotions avoided) during the upgrade process. It can also result from other causes as well. The list of causes is not fully understood. The root cause determination is made more difficult in that symptoms often do not show up until well after whatever causes the inconsistency.
However, the solution is always the same -- i.e. to get the database tables back in a consistent state within the vCenter database.
To fix the VDS out of sync issue, one way is to remove the ESXi host(s) named in the output from "Show Details", from the cluster and then re-add it back to VCSA Cluster and then the vDS.
When you try to remove the host from cluster you may see "The operation is not supported on the object. Not allowed to remove nsxBacked host XXXX from dvs XXXX". If you see this, please see the KB that you find with that specific search argument, and follow the instructions in that KB.
Environment
NSX 4.X
NSX 3.X
Cause
Scenario 1. For 'Security Only' deployment, this error occurs because this NSX cluster which is deployed via Quick Start wizard with automation. This type of NSX deployment is limited in that by design and it cannot be customized after deployment.
Scenario 2. NSX Configured cluster won't let remove the ESXi unless the NSX is uninstalled from the ESXi
Resolution
Scenario 1. For 'Security Only' - The recommendation is to un-deploy NSX from the hosts, then remove the unneeded VDS, and redeploy NSX Security Only.
Scenario 2. Below Steps needs to be followed to fix VDS out of sync if it's part of NSX cluster
Step 1 : In vCenter Server, put the ESXi host that needs to be removed from NSX into maintenance mode.
Step 2 : Move the ESXi host from the cluster to Datacenter object in the vCenter inventory. This will trigger the un-install of NSX from the ESXi host.
Step 3 : Check in the NSX UI if the ESXi host goes into 'Not Configured' state. Also make sue the host no longer has any nsx vibs using "esxcli software vib list | grep nsx " in a ssh for the host.
Step 4 : Disconnect the ESXi and remove from Inventory.
Step 5 : Re-add the ESXi to Datacenter object in the vCenter inventory and add it back to respective VDS.
Step 6 : Drag and drop the ESXi back to NSX Cluster and this will trigger installation of NSX.
Step 7 : Verify the status to see if VIBs / VTEPs are configured and check if there are any errors from NSX UI and proceed accordingly.
Additional Information
Feedback
