Delete a VCH
You delete virtual container hosts (VCHs) by using the vic-machine delete
command.
For descriptions of the options that vic-machine delete
includes in addition to the Common vic-machine
Options , see VCH Delete Options.
When you delete a VCH that uses TLS authentication with trusted Certificate Authority (CA) certificates, vic-machine delete
does not delete the certificates or the certificate folder, even if you specify the --force
option. Because vic-machine delete
does not delete the certificates, you can delete VCHs and create new ones that reuse the same certificates. This is useful if you have already distributed the client certificates for VCHs that you need to recreate.
Prerequisites
You have deployed a VCH that you no longer require.
Procedure
- On the system on which you run
vic-machine
, navigate to the directory that contains thevic-machine
utility. Run the
vic-machine delete
command.The following example includes the options required to remove a VCH from a simple vCenter Server environment.
- You must specify the username and optionally the password, either in the
--target
option or separately in the--user
and--password
options. - If the VCH has a name other than the default name,
virtual-container-host
, you must specify the--name
or--id
option. - If multiple compute resources exist in the datacenter, you must specify the
--compute-resource
or--id
option. If your vSphere environment uses untrusted, self-signed certificates, you must also specify the thumbprint of the vCenter Server instance or ESXi host in the
--thumbprint
option. To obtain the thumbprint of the vCenter Server or ESXi host certificate, runvic-machine
without the specifying the--thumbprint
or--force
options. The deletion of the VCH fails, but the resulting error message includes the required certificate thumbprint. You can copy the thumbprint from the error message and runvic-machine
again, including the--thumbprint
option.NOTE: If you obtain the thumbprint by other means, use upper-case letters and colon delimitation in the thumbprint. Do not use space delimitation.
$ vic-machine-operating_system delete --target vcenter_server_username:password@vcenter_server_address --thumbprint certificate_thumbprint --name vch_name
- You must specify the username and optionally the password, either in the
If the delete operation fails with a message about container VMs that are powered on, run
docker stop
on the containers and runvic-machine delete
. Alternatively, runvic-machine delete
with the--force
option.CAUTION Running
vic-machine delete
with the--force
option removes all running container VMs that the VCH manages, as well as any associated volumes and volume stores. It is not recommended to use the--force
option to remove running containers.If your vSphere environment uses untrusted, self-signed certificates, running
vic-machine delete
with the--force
option allows you to omit the--thumbprint
option.$ vic-machine-operating_system delete --target vcenter_server_username:password@vcenter_server_address --name vch_name --force
What to Do Next
The vic-machine delete
command does not modify the firewall. If you do not need to deploy or run further VCHs on the ESXi host or cluster, run vic-machine update firewall --deny
to close port 2377 on the host or hosts.