NSX-T removal stuck in 'Configuring' state on Security Only cluster
search cancel

NSX-T removal stuck in 'Configuring' state on Security Only cluster

book

Article ID: 434601

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • When attempting to uninstall NSX for Security Only from a Host Transport Node (TN) cluster, the process remains indefinitely in a "Configuring" state. The UI does not progress to "Removed," and the host remains partially configured:

  • From one of the NSX Managers in /var/log/proton/nsxapi.log we see the following error:
    ERROR ActivityWorkerPool-1-8 LogicalPortUtilsNsxT 4724 POLICY [nsx@6876 comp="nsx-manager" errorCode="PM503040" level="ERROR" subcomp="manager"] Segment /infra/segments/##########-####-####-####-#########:dvportgroup-42 has VMs attached. Please disconnect all VMs before deleting a segment.

  • Followed by the Exception:
    WARN ActivityWorkerPool-1-18 ActivityExecutor 4713 - [nsx@6876 comp="nsx-manager" level="WARNING" subcomp="manager"] Phase execution failed. Activity= Activity= 'RemoveNsxFromComputeCollectionActivity:########-####-####-####-############' entity= 'ComputeCollectionMsg/#########-####-####-####-############:domain-c313262', Error= 'ActivityFailureException', phase= '{}'com.vmware.nsx.management.common.exceptions.InvalidArgumentException: null

Environment

VMware NSX

Cause

The uninstallation fails as NSX is unable to delete the segment due to stale logical ports.

Note: Stale ports may happen in an environment for different reasons.

Resolution

Workaround

  1. To unblock the uninstallation, delete the orphaned Logical Switch Ports that are preventing segment deletion by following the Steps to remove stale logical-port(s) in NSX-T after attempted delete
  2. Once the stale logical ports have been removed, the next step is to trigger the API to remove NSX from the cluster:

    POST: /policy/api/v1/infra/sites/default/enforcement-points/default/transport-node-collections/<transport-node-collection-id>?action=remove_nsx

Note: To find out the Transport Node Collection TNC which we want to delete use the following API:

GET /policy/api/v1/infra/sites/default/enforcement-points/default/transport-node-collections/

From the above output API, search for the TNC entity which is referred in the exception error above as ComputeCollectionMsg.

Additional Information

For additional information on the API details: NSX-T Data Center REST API

Related Knowledge Base articles

Scripted Cleanup Of Stale Ports - KB324256

Powered by Wolken Software