Elimine los servicios de partners a través de interfaz de usuario de NSX Manager o una llamada de API.

Antes de eliminar los servicios de partners o las SVM implementadas en un host, debe realizar las siguientes acciones desde la interfaz de usuario de NSX Manager.

Para eliminar los servicios de partners:

Procedimiento

  1. Quite las reglas de EPP aplicadas a grupos de máquinas virtuales que se ejecutan en el host.
  2. Quite la protección del perfil de servicio que se aplica a grupos de máquinas virtuales.
  3. Desplácese a Sistema > Implementaciones de servicio > Implementación.
  4. En el menú desplegable Servicio de partners, seleccione el servicio de partners.
  5. Haga clic en el icono de puntos suspensivos verticales del servicio que desea eliminar.
  6. Haga clic en Eliminar. El servicio se eliminará de forma permanente y no se podrá recuperar.
  7. En la ventana emergente, haga clic en Eliminar.
    Si NSX Manager no puede acceder a la máquina virtual de servicio de partners o no puede sincronizar el estado de la máquina virtual de servicio de partners, el estado pasa ser Desconocido. Si no se puede eliminar el servicio, el estado pasará a ser Error. En estos casos, la máquina virtual del servicio de partners no se elimina por completo de NSX. Deberá llamar a las API para eliminar por completo las máquinas virtuales del servicio de partners.
  8. Para comprobar si hay entradas obsoletas en NSX, ejecute la siguiente API.
    GET https://<nsx-manager-IP>/api/v1/serviceinsertion/services
    {
       "results": [
           {
                "functionalities": [
                   "EPP",
                   "IDS_IPS"
                ],
                "implementations": [
                    "EAST_WEST"
                ],
                "attachment_point": [
                    "SERVICE_PLANE"
                ],
                "transports": [
                    "NSH"
                ],
                "on_failure_policy": "ALLOW",
                "service_deployment_spec": {
                 "deployment_template": [
                        {
                            "name": "Deep Security - Deployment Template",
                            "attributes": [
                                {
                                  "key": "solutionId",
                                    "display_name": "solutionId",
                                    "value": "7498352642083520512",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                               {
                                   "key": "failOpen",
                                   "display_name": "failOpen",
                                    "value": "true",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "ipAddress",
                                    "display_name": "ipAddress",
                                    "value": "169.254.1.39",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                               {
                                    "key": "port",
                                    "display_name": "port",
                                    "value": "48651",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "management.DNS2",
                                    "display_name": "management.DNS2",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "management.DNS",
                                    "display_name": "management.DNS",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "management.netmask0",
                                    "display_name": "management.netmask0",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "management.ip0",
                                    "display_name": "management.ip0",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "management.ipv6Dhcp",
                                    "display_name": "management.ipv6Dhcp",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "defaultAction",
                                    "display_name": "defaultAction",
                                    "value": "isNetworkFeatureAvailable:true,NSXType:NSX-T",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "agentName",
                                    "display_name": "agentName",
                                    "value": "serviceinstance-x",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "management.gateway",
                                    "display_name": "management.gateway",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "dpdkMode",
                                    "display_name": "dpdkMode",
                                    "value": "0",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                               {
                                   "key": "vmname",
                                    "display_name": "vmname",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "management.dhcp",
                                    "display_name": "management.dhcp",
                                    "value": "",
                                    "attribute_type": "STRING",
                                   "read_only": false
                                },
                               {
                                    "key": "management.hostname",
                                    "display_name": "management.hostname",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                },
                                {
                                    "key": "management.ipv6Gateway",
                                    "display_name": "management.ipv6Gateway",
                                    "value": "",
                                    "attribute_type": "STRING",
                                    "read_only": false
                                }
                            ]
                        }
                   ],
                    "deployment_specs": [
                        {
                            "name": "Deep Security - 20.0.0-877-C12M24-LARGE",
                            "ovf_url": "https://<nsx-manager-IP:portnumber>/appliance/NSX/dsva-20.0.0-877-C12M24-large.ovf",
                            "min_host_version": "6.5",
                            "host_type": "ESXI",
                            "service_form_factor": "LARGE",
                            "svm_version": "1.0"
                       },
                       {
                            "name": "Deep Security - 20.0.0-877-C2M4-SMALL",
                            "ovf_url": "https://<nsx-manager-IP:portnumber>/appliance/NSX/dsva-20.0.0-877-C2M4-small.ovf",
                            "min_host_version": "6.5",
                            "host_type": "ESXI",
                            "service_form_factor": "SMALL",
                            "svm_version": "1.0"
                        },
                       {
                            "name": "Deep Security - 20.0.0-877-C8M16-MEDIUM",
                           "ovf_url": "https://<nsx-manager-IP:portnumber>/appliance/NSX/dsva-20.0.0-877-C8M16-medium.ovf",
                           "min_host_version": "6.5",
                            "host_type": "ESXI",
                           "service_form_factor": "MEDIUM",
                            "svm_version": "1.0"
                        },
                        {
                           "name": "Deep Security - 20.0.0-877-C8M24-LARGE",
                            "ovf_url": "https://<nsx-manager-IP:portnumber>/appliance/NSX/dsva-20.0.0-877-C8M24-large.ovf",
                            "min_host_version": "6.5",
                            "host_type": "ESXI",
                            "service_form_factor": "LARGE",
                            "svm_version": "1.0"
                        },
                        {
                            "name": "Deep Security - 20.0.0-877-C4M8-SMALL",
                            "ovf_url": "https://<nsx-manager-IP:portnumber>/appliance/NSX/dsva-20.0.0-877-C4M8-small.ovf",
                            "min_host_version": "6.5",
                            "host_type": "ESXI",
                            "service_form_factor": "SMALL",
                            "svm_version": "1.0"
                        },
                        {
                           "name": "Deep Security - 20.0.0-877-C6M16-MEDIUM",
                           "ovf_url": "https://<nsx-manager-IP:portnumber>/appliance/NSX/dsva-20.0.0-877-C6M16-medium.ovf",
                            "min_host_version": "6.5",
                           "host_type": "ESXI",
                            "service_form_factor": "MEDIUM",
                            "svm_version": "1.0"
                        }
                    ],
                    "nic_metadata_list": [
                        {
                            "interface_label": "ens",
                            "interface_index": 1,
                            "interface_type": "CONTROL"
                        },
                        {
                           "interface_label": "ens",
                           "interface_index": 2,
                            "interface_type": "DATA1"
                        },
                        {
                            "interface_label": "ens",
                            "interface_index": 0,
                            "interface_type": "MANAGEMENT",
                            "user_configurable": true
                        }
                    ],
                   "svm_version": "20.0"
               },
                "vendor_id": "Trend Micro",
                "service_manager_id": "1b76b8ca-75a9-4909-a649-ba3abfc6fbfe",
                "service_capability": {
                 "nsh_liveness_support_enabled": true,
                    "can_decrement_si": false
                },
               "resource_type": "ServiceDefinition",
                "id": "83f9266a-a3e9-459e-ba79-ddd699e4a32b",
                "display_name": "Trend Micro Deep Security",
                "description": "Advanced security for virtual servers and desktops - Provides Agentless Anti-Malware, Web Reputation, Intrusion Prevention, Integrity Monitoring and Firewall.",
                "_create_user": "admin",
                "_create_time": 1617235766601,
                "_last_modified_user": "admin",
                "_last_modified_time": 1617235766783,
                "_system_owned": false,
                "_protection": "NOT_PROTECTED",
                "_revision": 1
            }
        ],
        "result_count": 1
  9. Para comprobar si aún hay perfiles de servicio presentes en NSX, ejecute la siguiente API.
    GET https://<nsx-manager-IP>/api/v1/serviceinsertion/services/<service-id>/service-profiles
    {
        "results": [
            {
                "service_id": "83f9266a-a3e9-459e-ba79-ddd699e4a32b",
                "vendor_template_key": "Gold",
                "vendor_template_id": "0628655d-37fe-453d-8607-731a99362dd7",
                "resource_type": "GiServiceProfile",
                "id": "ccfd4d9c-afcf-4f85-aee2-b4593a2d3e66",
                "display_name": "EPP-profile",
                "_create_user": "nsx_policy",
                "_create_time": 1617239484207,
                "_last_modified_user": "nsx_policy",
                "_last_modified_time": 1617239484207,
                "_system_owned": false,
                "_protection": "REQUIRE_OVERRIDE",
                "_revision": 0
            }
        ]
    }
  10. Para eliminar el perfil de servicio que se aplicó a la directiva, ejecute la siguiente API.
    DELETE https://<nsx-manager-IP>/api/v1/serviceinsertion/services/<service-id>/service-profiles/<service-profile-id>
    {
        "httpStatus": "BAD_REQUEST",
        "error_code": 289,
        "module_name": "common-services",
        "error_message": "Principal 'admin' with role '[enterprise_admin]' attempts to delete or modify an object of type GiServiceProfile it doesn't own. (createUser=nsx_policy, allowOverwrite=null)"
    }
  11. Para saber si aún hay plantillas de proveedor disponibles en NSX, ejecute la siguiente API.
    GET https://<nsx-manager-IP>/api/v1/serviceinsertion/services/<service-id>/vendor-templates
    {
        "results": [
            {
                "attributes": [],
                "service_id": "83f9266a-a3e9-459e-ba79-ddd699e4a32b",
                "vendor_template_key": "Gold",
               "functionality": "EPP",
                "redirection_action": "PUNT",
                "resource_type": "VendorTemplate",
                "id": "0628655d-37fe-453d-8607-731a99362dd7",
                "display_name": "Default (EBT)",
                "description": "The default Deep Security profile configuration used for EBTs.",
                "_create_user": "admin",
                "_create_time": 1617235768228,
                "_last_modified_user": "admin",
               "_last_modified_time": 1617235768228,
                "_system_owned": false,
                "_protection": "NOT_PROTECTED",
                "_revision": 0
            },
            {
                "attributes": [],
    
                "service_id": "83f9266a-a3e9-459e-ba79-ddd699e4a32b",
    
                "vendor_template_key": "P4_Network",
    
                "functionality": "IDS_IPS",
    
                "redirection_action": "PUNT",
    
                "resource_type": "VendorTemplate",
    
                "id": "e0bd601c-c9ec-4d30-bbd3-d924c029de07",
    
                "display_name": "Windows Server_Network",
    
                "description": "An example policy for Windows Server servers.",
    
                "_create_user": "admin",
    
                "_create_time": 1617239792464,
    
                "_last_modified_user": "admin",
    
                "_last_modified_time": 1617239792464,
    
                "_system_owned": false,
    
                "_protection": "NOT_PROTECTED",
    
                "_revision": 0
    
            },
  12. Elimine las plantillas de proveedor (si hay alguna).
    DELETE https://<nsx-manager-IP>/api/v1/serviceinsertion/services/<service-id>/vendor-templates<vendor-template-id>
  13. Elimine el servicio.
    DELETE https://<nsx-manager-IP>/api/v1/serviceinsertion/services/<service-id>
  14. Elimine el Administrador de servicios de partners.
    DELETE https://<nsx-manager-IP>/api/v1/serviceinsertion/service-managers/<service-manager-id>