NSX Manager can be installed as a virtual appliance on a KVM host.

The QCOW2 installation procedure uses guestfish, a Linux command-line tool to write virtual machine settings into the QCOW2 file.


  • KVM set up. See Set Up KVM.
  • Privileges to deploy a QCOW2 image on the KVM host.
  • Verify that the password in the guestinfo adheres to the password complexity requirements so that you can log in after installation. See NSX Manager Installation.
  • Familiarize yourself with the NSX Manager resource requirements. See NSX Manager VM System Requirements.
  • If you plan to install Ubuntu OS, it is recommened to install Ubuntu version 18.04 before installing NSX Manager on the KVM host.


  1. Download the NSX Manager QCOW2 image from the nsx-unified-appliance > exports > kvm folder.
  2. Copy it to the KVM machine that is going to run the NSX Manager using SCP or sync.
  3. (Ubuntu only) Add the currently logged in user as a libvirtd user:
    adduser $USER libvirtd
  4. In the same directory where you saved the QCOW2 image, create a file called guestinfo.xml and populate it with the NSX Manager VM's properties.
    Property Description
    • nsx_cli_passwd_0
    • nsx_cli_audit_passwd_0
    • nsx_passwd_0
    Your passwords must comply with the password strength restrictions.
    • At least 12 characters
    • At least one lower-case letter
    • At least one upper-case letter
    • At least one digit
    • At least one special character
    • At least five different characters
    • No dictionary words
    • No palindromes
    • More than four monotonic character sequence is not allowed
    nsx_hostname Enter the host name for the NSX Manager. The host name must be a valid domain name. Ensure that each part of the host name (domain/subdomain) that is separated by dot must start with an alphabet character.
    • nsx-manager: Required. This role-name installs the NSX Manager appliance.
    • nsx-cloud-service-manager: Optional. After installing NSX Manager, use this role-name to install the Cloud Service Manager appliance for NSX Cloud.

    You can enable or disable this property. If enabled, you can log in to the NSX Manager using SSH.


    You can enable or disable this property. If enabled, you can log in to the NSX Manager using SSH as the root user. To be able to use this property, nsx_isSSHEnabled must be enabled.

    • nsx_dns1_0
    • nsx_ntp_0
    • nsx_domain_0
    • nsx_gateway_0
    • nsx_netmask_0
    • nsx_ip_0
    Enter IP addresses for the default gateway, management network IPv4, management network netmask, DNS, and NTP IP address.
    For example:
    <?xml version="1.0" encoding="UTF-8"?>
    	<Property oe:key="nsx_cli_passwd_0" oe:value="<password>"/>
    	<Property oe:key="nsx_cli_audit_passwd_0" oe:value="<password>"/>
    	<Property oe:key="nsx_passwd_0" oe:value="<password>"/>
    	<Property oe:key="nsx_hostname" oe:value="nsx-manager1"/>
    	<Property oe:key="nsx_role" oe:value="nsx-manager"/>
    	<Property oe:key="nsx_isSSHEnabled" oe:value="True"/>
    	<Property oe:key="nsx_allowSSHRootLogin" oe:value="True"/>
    	<Property oe:key="nsx_dns1_0" oe:value=""/>
    	<Property oe:key="nsx_ntp_0" oe:value=""/>
    	<Property oe:key="nsx_domain_0" oe:value="corp.local"/>
    	<Property oe:key="nsx_gateway_0" oe:value=""/>
    	<Property oe:key="nsx_netmask_0" oe:value=""/>
    	<Property oe:key="nsx_ip_0" oe:value=""/>     

    In the example, nsx_isSSHEnabled and nsx_allowSSHRootLogin are both enabled. When they are disabled, you cannot SSH or log in to the NSX Manager command line. If you enable nsx_isSSHEnabled but not nsx_allowSSHRootLogin, you can SSH to NSX Manager but you cannot log in as root.

  5. Use guestfish to write the guestinfo.xml file into the QCOW2 image.
    Note: After the guestinfo information is written into a QCOW2 image, the information cannot be overwritten.
    sudo guestfish --rw -i -a nsx-unified-appliance-<BuildNumber>.qcow2 upload guestinfo /config/guestinfo
  6. Deploy the QCOW2 image with the virt-install command.

    The vCPU and RAM values are suitable for a large VM. The network name and portgroup name are specific to your environment. The model must be virtio.

    sudo virt-install \
    --import \
    --ram 48000 \
    --vcpus 12 \
    --name <manager-name> \
    --disk path=<manager-qcow2-file-path>,bus=virtio,cache=none \
    --network network=<network-name>,portgroup=<portgroup-name>,model=virtio \
    --noautoconsole              \
    --cpu mode=host-passthrough,cache.mode=passthrough
    Starting install...
    Domain installation still in progress. Waiting for installation to complete.
  7. Verify that the NSX Manager is deployed.
    virsh list --all
    Id    Name             State
    18    nsx-manager1     running
  8. Open the NSX Manager console and log in.
    virsh console 18
    Connected to domain nsx-manager1
    Escape character is ^]
    nsx-manager1 login: admin
  9. After the NSX Manager boots, log in to the CLI as admin and run the get interface eth0 command to verify that the IP address was applied as expected.
  10. Run get services to verify that the services are running.
  11. Verify that your NSX Manager has the required connectivity.
    Make sure that you can perform the following tasks.
    • Ping your NSX Manager from another machine.
    • The NSX Manager can ping its default gateway.
    • The NSX Manager can ping the hypervisor hosts that are in the same network as the NSX Manager using the management interface.
    • The NSX Manager can ping its DNS server and its NTP server.
    • If you enabled SSH, make sure that you can SSH to your NSX Manager.

    If connectivity is not established, make sure that the network adapter of the virtual appliance is in the proper network or VLAN.

  12. Exit the KVM console.
  13. From a browser, log in with admin privileges to an NSX Manager at https://<nsx-manager-ip-address>.