Skip to main content

How to Cleanly Uninstall Legacy NSX and Trend Micro from ESXi

So I recently migrated from a vSphere 5.5 environment to 6.5 using the migration utility. Overall, I had a great experience with a few exceptions, both of which were my fault. We’ll cover one of them in this post.

We were running Trend Micro Deep Security, which means we had NSX deployed in support of that product throughout our environment. My thinking, incorrectly, was that after the vCenter upgrade, I could upgrade the existing NSX components of the environment and I would be off to the races!

That was a mistake, and I thought it might be worth it for me to share what I saw unfolding, and how I resolved the issues. So here goes…

After the vCenter upgrade was successful, I noticed that I no longer had an NSX manager registered, which was odd. I was seeing issues with DRS, and the only way to get around the virtual machines hanging and eventually erroring out during DRS triggered vMotions was to manually migrate the virtual machines to other hosts and place the affected host in Maintenance Mode while I took steps to remove all things NSX, Guest Introspection and Trend Micro.

Here’s a step-by-step walkthrough of how I got all of my hosts, and my vCenter ready for a redeployment of NSX and Trend Micro.

  1. Remove the epsec-mux VIB on each host in the cluster prepared for Guest Introspection from the host’s CLI:

    #esxcli software vib remove -n epsec-mux

    If a host reboot is required, the CLI will tell you after you run the command above.

  2.  Verify the VIB is gone:
    #esxcli software vib list | grep mux
  3.  Delete the Guest Introspection and Trend Micro VMs from disk by right-clicking each of them in inventory and selecting Delete from disk.
  4.  Remove the vmservice-vswitch vSwitch on each host which is only used for the Guest Introspection and Trend Micro virtual machines:
    1. Select the host in inventory.
    2. Select the Configure tab.
    3. Expand Networking, and select Virtual Switches.
    4. Select vmservice-vswitch.
    5. Click the Remove selected standard switch button (the Red X).
      Note: The portgroup vmservice-vmknic-pg will be deleted along with the vSwitch. There should not be any VMs connected to it, since we deleted the service VMs in step 3.
  5. Delete the ESXi agencies associated with the deployment:
    1. From the Home menu, select Administration.
    2. Expand Solutions, and select vCenter Server Extensions.
    3. Select vSphere ESX Agent Manager.
    4. Select the Configure tab.
    5. Right-click agency pertaining to Guest Introspection and Trend Micro deployment.
    6. Select Delete Agency.

Do the above for each affected host, and everything will be cleanly uninstalled and you’ll be ready to redeploy a new NSX manager. Once NSX manager is deployed and registered to the vCenter, you can deploy Guest Introspection and Trend Micro through the Service Deployment tab. Maybe I’ll cover that in the next post.

Hopefully, you never have to follow this guide. If it was helpful, leave a comment or share the article!

  • Latest Posts
Senior Infrastructure Engineer , Topgolf

Scott is an experienced professional and recognized leader specializing in the design and implementation of enterprise virtualization, enterprise storage, server infrastructures and operations. A self-starter able to work both independently and in a team-oriented environment, Scott has a proven ability to create and automate solutions to improve productivity, reliability and performance. Throughout his professional career, Scott has proven successes implementing technology and service improvement initiatives and has a demonstrated ability to think strategically about business, create technical definition around objectives in complex situations, develop solution strategies, motivate and mobilize resources, and deliver end-to-end technology solutions. Scott has achieved multiple industry recognized certifications in virtualization, networking, cloud, storage and other technologies, and is honored to be a VMware vExpert in 2018, 2019 and 2020.



Spread the love!