NSX Network Detection and Response Feature Deletion Failed

The NSX Network Detection and Response feature deletion wizard reports an error.

Problem

The NSX Network Detection and Response feature deletion failed and the wizard reports an error similar to the following output.

The feature uninstall took too long. Either the Kubernetes pods failed to come up or the registration with NSX Manager failed.

Cause

There can be many reasons like:

NSX Application Platform cannot reach the NSX Manager.
The required license for NSX Network Detection and Response is deleted prior to the feature deletion.

This can occur when one of the uninstall job fails. The NSX Network Detection and Response has the following jobs:

Unregister the NSX Network Detection and Response UI plugin.
Disable publishing of IDS events to the NSX Network Detection and Response UI.

Solution

If the upgrade failed and NSX Network Detection and Response needs to be force deleted, then the feature may not have properly cleaned up.
1. Log into the NSX Manager appliance as root.
2. To unregister the UI plugin, use the following command:
```
curl -k -u 'admin' 'https://<localhost>/napp/api/v1/platform/post-deployment' -H "Content-Type: application/json" -d '{"service_names": ["ndr"], "action": "unregister"}' -X POST
```

To disable publishing of the IDS events, use the following command:

curl -k -u 'admin' -H "Content-Type: application/json" -d '{"ids_data_topic_name": "ids-data", "publish_ids_events":"false"}' -X PATCH https://<localhost>/api/v1/infra/settings/firewall/security/intrusion-services/global-event-config

Solution

After resolving the error, click Actions in the NSX Network Detection and Response feature card. Select Delete to initiate the deletion . The delete process should finish completely.