VMware Storage

Disclaimer: This is a community-maintained open-source project and is not affiliated with, endorsed by, or sponsored by VMware, Inc. or Broadcom Inc. "VMware" and "vSphere" are trademarks of Broadcom. Source code is publicly auditable at github.com/zw008/VMware-Storage under the MIT license.

VMware vSphere storage management — 11 MCP tools for datastores, iSCSI, and vSAN.

Split from vmware-aiops for lighter context and local model compatibility.
Companion skills: vmware-aiops (VM lifecycle), vmware-monitor (read-only monitoring), vmware-vks (Tanzu Kubernetes), vmware-nsx (NSX networking), vmware-nsx-security (DFW/firewall), vmware-aria (metrics/alerts/capacity), vmware-avi (AVI/ALB/AKO).
| vmware-pilot (workflow orchestration) | vmware-policy (audit/policy)

What This Skill Does

Category	Tools	Count
Datastore	list all datastores, browse files, scan for OVA/ISO/OVF/VMDK images, list cached images	4
iSCSI

enable adapter, show status, add target, remove target, rescan HBAs | 5 | | vSAN | cluster health summary, capacity overview (total/used/free) | 2 |

Quick Install

CODEBLOCK0

When to Use This Skill

• - Browse datastore files or scan for deployable images (OVA/ISO/VMDK)
• Configure iSCSI: enable adapter, add/remove send targets, rescan storage
• Check vSAN cluster health and capacity
• Any storage-focused VMware operation

Use companion skills for:

• - VM lifecycle, deployment, guest ops → INLINECODE0
• Inventory, health, alarms, events → INLINECODE1
• Tanzu Kubernetes → INLINECODE2
• Load balancing, AVI/ALB, AKO, Ingress → INLINECODE3

Related Skills — Skill Routing

User Intent	Recommended Skill
Read-only monitoring, alarms, events	vmware-monitor
Storage: iSCSI, vSAN, datastores

vmware-storage ← this skill | | VM lifecycle, deployment, guest ops | vmware-aiops | | Tanzu Kubernetes (vSphere 8.x+) | vmware-vks | | NSX networking: segments, gateways, NAT | vmware-nsx | | NSX security: DFW rules, security groups | vmware-nsx-security | | Aria Ops: metrics, alerts, capacity planning | vmware-aria | | Multi-step workflows with approval | vmware-pilot | | Load balancer, AVI, ALB, AKO, Ingress | vmware-avi (uv tool install vmware-avi) | | Audit log query | vmware-policy (vmware-audit CLI) |

Common Workflows

Set Up iSCSI Storage on a Host

1. 1. Enable iSCSI adapter → INLINECODE6
2. Add target → INLINECODE7
3. Verify → INLINECODE8

The add-target command automatically rescans storage after adding the target. If you need an additional rescan later:

1. 4. Rescan → INLINECODE10

Dry-run first: Append --dry-run to any write command to preview without executing:
CODEBLOCK1

Find Deployable Images Across Datastores

1. 1. List all datastores → INLINECODE12
2. Scan a datastore for images → INLINECODE13
3. Browse with a pattern → INLINECODE14
4. If datastore not found → verify name with vmware-storage datastore list --target <vcenter>. Datastore names are case-sensitive.

To filter cached results by type or datastore, use the list_cached_images MCP tool with image_type and datastore parameters.

vSAN Health Assessment

1. 1. Check health → INLINECODE19
2. Check capacity → INLINECODE20
3. If issues found, investigate with vmware-monitor for alarms and events
4. If vSAN not enabled → this cluster may not use vSAN. Check cluster type with INLINECODE22

Multi-Target Operations

All commands accept --target <name> to operate against a specific vCenter or ESXi host from your config:

CODEBLOCK2

Usage Mode

Scenario	Recommended	Why
Local/small models (Ollama, Qwen)	CLI	~2K tokens vs ~8K for MCP
Cloud models (Claude, GPT-4o)

Either | MCP gives structured JSON I/O | | Automated pipelines | MCP | Type-safe parameters, structured output |

MCP Tools (11 — 6 read, 5 write)

All MCP tools accept an optional target parameter to select which vCenter/ESXi to connect to.

Category	Tool	Type	Description
Datastore	INLINECODE25	Read	List datastores with capacity, usage %, VM count

browse_datastore | Read | Browse files with optional path and glob pattern |
| | scan_datastore_images | Read | Find OVA/ISO/OVF/VMDK in a datastore |
| | list_cached_images | Read | Query local image registry with type/datastore filters |
| iSCSI | storage_iscsi_status | Read | Show adapter status, HBA device, IQN, send targets |
| | storage_iscsi_enable | Write | Enable software iSCSI adapter on a host |
| | storage_iscsi_add_target | Write | Add iSCSI send target (IP + port) and rescan |
| | storage_iscsi_remove_target | Write | Remove iSCSI send target and rescan |
| | storage_rescan | Write | Rescan all HBAs and VMFS volumes |
| vSAN | vsan_health | Read | Cluster health summary and disk group details |
| | vsan_capacity | Read | Total/used/free capacity in GB and usage % |

Read/write split: 6 tools are read-only, 5 modify state. Write tools require explicit parameters (host name, IP address) and are audit-logged.

CLI Quick Reference

CODEBLOCK3

Full CLI reference with all options and output formats: see INLINECODE36

Troubleshooting

iSCSI enable fails with "already enabled"

Not an error. The software iSCSI adapter is already active on that host. The response includes the current HBA device name and IQN. Run iscsi status to see configured send targets.

"Datastore not found" when browsing

Datastore names are case-sensitive. Run vmware-storage datastore list to get the exact name. Common mistakes: Datastore1 vs datastore1, trailing spaces.

vSAN health shows "unknown" status

vSAN health checks require a vCenter connection (not standalone ESXi). The full VsanVcClusterHealthSystem runs via vCenter's vSAN Health Service. If connected to a standalone ESXi host, vSAN queries will fail or return limited info.

Rescan doesn't discover new LUNs

After adding iSCSI targets, the storage subsystem may need 10-30 seconds to enumerate new LUNs. Steps to resolve:

1. 1. Verify the target IP is reachable from the ESXi host (vmkping from ESXi shell)
2. Check that the iSCSI target is correctly configured: INLINECODE42
3. Wait 15-30 seconds, then rescan again: INLINECODE43

"Password not found" error

The password environment variable is missing. Variable names follow the pattern VMWARE_<TARGET_NAME_UPPER>_PASSWORD where hyphens become underscores. Example: target my-vcenter needs VMWARE_MY_VCENTER_PASSWORD. Check your ~/.vmware-storage/.env file.

Doctor reports ".env permissions too open"

The .env file contains passwords and must have owner-only permissions:

CODEBLOCK4

Connection timeout to vCenter

The doctor command tests connectivity with a 5-second TCP timeout. If your vCenter is on a high-latency network, the check may fail even though the connection works. Use --skip-auth to bypass both connectivity and auth checks, then test manually.

Safety

• - No VM operations: This skill cannot power on/off, create, delete, or modify VMs — that scope belongs to INLINECODE51
• Read-heavy: 6 of 11 tools are read-only (list, browse, scan, status, health, capacity)
• Audit logging: All operations (including reads) are logged to ~/.vmware/audit.db (SQLite WAL, via vmware-policy) with timestamp, user, target, operation, parameters, and result
• Double confirmation: CLI write commands (iSCSI enable, add/remove target) require two separate "Are you sure?" prompts before executing
• Dry-run mode: All write commands support --dry-run to preview API calls without executing
• Input validation: IP addresses validated via ipaddress.ip_address(), ports checked for 1-65535 range, host/cluster/datastore names looked up before operations
• Prompt injection defense: Datastore file names and paths from vSphere are sanitized via _sanitize() — strips control characters (C0/C1), truncates to 500 chars — preventing malicious file names from injecting instructions into downstream LLM agents
• Credential safety: Passwords loaded only from environment variables (.env file), never from config.yaml; .env permissions are checked at startup

Full security details: see INLINECODE59

Setup

CODEBLOCK5

All tools are automatically audited via vmware-policy. Audit logs: INLINECODE60

Full setup guide with multi-target config, MCP server setup, and Docker: see INLINECODE61

Architecture

CODEBLOCK6

The MCP server uses stdio transport (local only, no network listener). Connections to vSphere use SSL/TLS on port 443.

Audit & Safety

All operations are automatically audited via vmware-policy (@vmware_tool decorator):

• - Every tool call logged to ~/.vmware/audit.db (SQLite, framework-agnostic)
• Policy rules enforced via ~/.vmware/rules.yaml (deny rules, maintenance windows, risk levels)
• Risk classification: each tool tagged as low/medium/high/critical
• View recent operations: INLINECODE65
• View denied operations: INLINECODE66

vmware-policy is automatically installed as a dependency — no manual setup needed.

License

MIT — github.com/zw008/VMware-Storage