Removing Data Security After an NSX Upgrade | Writing about tech and anything else I find interesting

Removing Data Security After an NSX Upgrade

I’ve recently started studying for the VCIX-NV. One of the first objectives on the blueprint is to upgrade from vCNS to NSX. This seemed pretty straightforward, as I’ve done this when NSX first came out. Admittedly I wasn’t using all of the vCNS capabilities, and this is how I got tripped up this time around.

In order, the blueprint tasks are:

Upgrade vShield Manager 5.5 to NSX Manager 6.x.

Upgrade Virtual Wires to Logical Switches

Upgrade vShield App to NSX Firewall

Upgrade vShield Endpoint 5.x to vShield Endpoint 6.x

Upgrade to NSX Data Security

Of course, when I got to the Data Security “upgrade” point, i found the following statement in the documentation:

“NSX Data Security does not support a direct upgrade. You must uninstall the current Data Security software before upgrading to NSX Manager. After NSX Manager is upgraded, you can install NSX Data Security version 6.0. If you upgraded to NSX Manager without uninstalling Data Security, you must do so using a REST call.”

Damn. That is exactly what I had done. Of course, I was pretty certain that the API call would be right there. In fact, the REST call isn’t listed anywhere in the following paragraphs or sections of the document.

After going through the NSX API guide with a fine tooth comb and coming up empty, I remembered that the NSX Manager still supports the vCNS API. I grabbed my snorkel and dove in again, and finally came back with something that I could use!

DELETE https://vsm-ip/api/1.0/vshield/host-id/vsds

Finding the moid of the hosts is a fairly straightforward affair (once you know where to look).

Head to the following URL, you’ll be prompted to authenticate along the way.



RESTClient is a nice easy method for one off API calls, like what I am doing here. Make sure to add the required headers – Content Type: application/xml and authorization (basic) and credentials that have rights (administrator@vsphere.local is likely your friend). Insert your NSX manager URL and host-id, then away you go. [REST Call]( Finally, the result – I won’t be making that mistake in the exam, that’s for sure! [Result](