Virtualization

Vagrant with VMware vCenter Integration

Set up Vagrant with VMware vCenter to provision and manage virtual machines effortlessly

By InventiveHQ Team

Vagrant is best known for spinning up local VirtualBox or VMware Workstation machines, but it can also drive a full VMware vSphere environment. By pointing Vagrant at vCenter, you can clone templates into reproducible, disposable VMs on shared infrastructure using the same vagrant up / vagrant destroy workflow your team already knows. This guide walks through the plugin options, a working Vagrantfile, the day-to-day commands, and the gotchas that trip people up.

Choosing a Provider: Paid vs. Community

There is an important licensing reality to understand before you start. There are two distinct paths to vSphere:

  • HashiCorp's official VMware provider (vagrant-vmware-desktop) targets VMware Workstation and Fusion on a single host. It is a paid add-on and is not a vCenter/vSphere provider despite the similar name.
  • The community vagrant-vsphere plugin is a free, open-source provider that talks to vCenter over the vSphere API. This is the plugin you want for cluster-based, datacenter provisioning, and it is what the rest of this article uses.

The community plugin is mature but not officially supported by HashiCorp or Broadcom/VMware. For production-critical automation, weigh that against alternatives like Terraform's vsphere provider or Packer for building templates.

Prerequisites

  • Vagrant installed on your workstation. Download it from the official HashiCorp site, or on Windows use Chocolatey:
choco install vagrant
  • A reachable vCenter Server and an account with permission to clone templates, create VMs, and assign networks/datastores.
  • A prepared VM template in vCenter (typically a Linux guest with VMware Tools/open-vm-tools installed and an SSH key or password Vagrant can use).
  • A customization specification in vCenter if you want guest OS settings (hostname, network) applied during clone. This is optional but recommended for repeatable network config.

Installing the vagrant-vsphere Plugin

The plugin depends on the nokogiri gem for XML parsing. Install it first, then the provider:

gem install nokogiri
vagrant plugin install vagrant-vsphere

Confirm the install:

vagrant plugin list

You should see vagrant-vsphere in the output. If nokogiri fails to build, you may need platform build tools (Xcode command line tools on macOS, build-essential and libxml2-dev on Debian/Ubuntu).

Configuring the Vagrantfile

The vSphere provider uses a placeholder "dummy" box because the actual disk comes from a vCenter template, not a downloaded box file. Create a Vagrantfile in your project directory:

Vagrant.configure("2") do |config|
  config.vm.box = "vsphere"
  config.vm.box_url = "https://vagrantcloud.com/ssx/boxes/vsphere-dummy/versions/1.0.0/providers/vsphere.box"
  config.ssh.username = "vagrant"
  config.ssh.private_key_path = "~/.ssh/id_rsa"

  config.vm.provider :vsphere do |vsphere|
    vsphere.host                  = "vcenter.example.com"
    vsphere.user                  = "svc-vagrant@vsphere.local"
    vsphere.password              = ENV["VSPHERE_PASSWORD"]
    vsphere.data_center_name      = "DC01"
    vsphere.compute_resource_name = "Cluster01"
    vsphere.resource_pool_name    = "vagrant-pool"
    vsphere.data_store_name       = "datastore-ssd-01"
    vsphere.template_name         = "Templates/ubuntu-2204-template"
    vsphere.name                  = "vagrant-dev-01"
    vsphere.vm_base_path          = "Vagrant"
    vsphere.customization_spec_name = "linux-dhcp-spec"
    vsphere.linked_clone          = true
    vsphere.insecure              = false
  end
end

Key fields:

  • host / user / password — vCenter FQDN and credentials. Pull the password from an environment variable or a secrets manager rather than committing it.
  • data_center_name — the datacenter object in vCenter inventory.
  • compute_resource_name — the cluster (or standalone host) to place the VM on.
  • resource_pool_name — optional; omit to use the cluster root pool.
  • data_store_name — where the cloned disks live.
  • template_name — inventory path to the source template, including folders.
  • name — the resulting VM's display name in vCenter.

The Provisioning Workflow

Once the Vagrantfile is ready, the commands mirror any other Vagrant project:

# Clone the template and power on the VM in vCenter
vagrant up --provider=vsphere

# Open an SSH session to the running VM
vagrant ssh

# Power off the VM without deleting it
vagrant halt

# Power off and delete the VM (and clones) from vCenter
vagrant destroy

If Vagrant cannot infer the provider, name it explicitly with --provider=vsphere. Use vagrant status to confirm state and vagrant up --debug to capture verbose API logging when something fails.

Common Gotchas

  • TLS certificate verification. vCenter ships with a self-signed certificate by default. Setting vsphere.insecure = true skips verification, which is fine for a lab but a bad habit for production. The correct fix is to trust vCenter's CA on your workstation and leave insecure = false. If you use a TLS/SSL certificate signed by an internal CA, install that CA chain locally.
  • Linked clones require a snapshot. Setting linked_clone = true is much faster and saves space, but the template must have at least one snapshot for vSphere to base the linked clone on. Without it, the clone fails. Use full clones if you cannot snapshot the template.
  • Network assignment. The cloned VM inherits the template's port group unless a customization spec or network override changes it. If VMs come up without connectivity, check that the spec assigns the right port group and IP method (DHCP vs. static).
  • Resource pools and permissions. A missing or misnamed resource_pool_name is a frequent silent failure. The service account also needs clone, network-assign, and datastore-allocate privileges, not just read access.
  • Guest customization timing. Vagrant waits for SSH. If the customization spec or VMware Tools is slow, increase config.vm.boot_timeout.

When This Approach Makes Sense

Vagrant against vCenter shines for ephemeral, developer-driven test environments on shared hardware: short-lived CI runners, integration sandboxes, or per-engineer dev VMs that should look identical every time. The clone-and-destroy lifecycle keeps your cluster tidy.

For long-lived production infrastructure, persistent state, or large fleets, reach for Terraform's vSphere provider (declarative, stateful, officially supported) and Packer (for building the golden templates Vagrant then clones). A common pattern is Packer to bake templates, Terraform for durable infrastructure, and Vagrant for the disposable developer loop. For more virtualization and infrastructure guides, see the InventiveHQ blog.

VagrantVMwarevCentervSphereInfrastructure as CodeVirtualization

Need help from an IT & cybersecurity partner?

InventiveHQ helps businesses secure, modernize, and run their technology. Let's talk about your goals.

Get in touch

Related articles