// Guide · Pre-deployment & planning

VCF JSON Builder

The VCF JSON Builder is a browser-based form that produces a validated VCF 9 deployment JSON — the payload the VCF Installer consumes to bootstrap your SDDC. Start fresh, or paste an existing JSON to edit it visually. Everything validates as you type.

VCF 9.0.2 Real-time validation PoC + Production vSAN ESA/OSA · NFS · VMFS-FC NSX 3-node cluster VCF Operations VCF Automation

Open the tool Jump to walkthrough

Quick start

Open the tool and fill in the top section — instance prefix, domain suffix, host count, management/vMotion/vSAN/VM/TEP networks, and VLAN IDs.
Click Apply to propagate those defaults across every tab.
Work through each tab in order: Overview → Hosts → vCenter → Networking → NSX → Storage → Operations → Automation. Red borders mean a required field is missing.
Watch the validation badge in the sidebar. When it turns green, your JSON is deployment-ready.
Copy or export the JSON and use it with the VCF Installer.

On this page

When to use this tool
How it works
Step-by-step walkthrough
Section-by-section reference
Choosing a storage type
Examples
Common mistakes
Related tools
FAQ

When to use this tool

Use the VCF JSON Builder when you need a valid deployment JSON for:

Initial VCF 9 bootstrap — the VCF Installer takes a JSON spec as input for the first management domain.
PoC environments — 3-host clusters with reduced sizing requirements.
Automated redeploys — keep a canonical JSON in version control and re-emit it when rebuilding labs.
Translating an existing design into JSON — you already know the IP plan, VLANs, and host layout; this tool turns them into the exact schema VCF expects, without hand-editing JSON in a text editor.

It is not a design tool. It assumes you already know:

Your IP ranges for management, vMotion, vSAN, VM management, and overlay/TEP networks
Your VLAN IDs
DNS and NTP server addresses
Host hardware details (FQDNs, IPs, root passwords, disk layout if using vSAN)

💡

If you’re still designing Use the IP Subnet Planner to size your networks, the VLAN Allocation Planner to pick VLAN IDs, the Host Sizing Calculator to decide how many hosts you need, and the Pre-Deployment Checklist to make sure nothing is missing before you generate the JSON.

How it works

The builder is a form with eight tabs, each mapped to a section of the VCF deployment JSON. As you type, it builds the JSON in memory and shows a live preview on the right with validation state. Required fields get red borders when empty; invalid values (bad IPs, malformed CIDRs, short passwords) get red borders and tooltips.

The top defaults block is special — it doesn’t map to a single JSON field. Instead, when you click Apply, it fills in sensible defaults across every other tab (hostnames, IPs, VLANs, DNS, NTP). You can always override any propagated value afterward.

The final output is a single JSON document that matches the VCF Installer schema for the version you select (VCF 9.0.2 by default).

Step-by-step walkthrough

1. Fill in the defaults block

At the top of the form you’ll see a block labelled with prefix, domain, host count, and network/VLAN inputs. Fill in:

Field	Example	Used for
Instance Prefix	`m01`	Hostname stem for all components (e.g. `m01-cl01`, `m01-vds01`)
Domain Suffix	`corp.local`	DNS domain used in all FQDNs
ESX Hostname Base	`esx`	Prefix for host names: `esx01`, `esx02`, …
Number of ESX Hosts	`4`	3 minimum for PoC, 4 for Production, 8 max via dropdown (or custom)
Management / vMotion / vSAN / VM / TEP Networks	`192.168.10.0/24`	CIDR ranges for each VCF network plane
VLAN IDs	`100`, `101`, …	Trunked VLAN IDs for each plane

Hit Apply. The tool populates host tables, IP addresses, and VLAN fields across every other tab based on these defaults.

2. Overview tab

High-level SDDC identity and shared settings:

SDDC ID and VCF Instance Name — logical identifiers used by SDDC Manager.
Workflow Type — VCF (full) or VVF (VMware vSphere Foundation, lighter stack without NSX/Operations).
DNS and NTP servers — at least one primary of each is required.
Datacenter and Cluster names — match whatever naming convention you’re using.
Global Password — optional convenience. If set, this password is used for every component that doesn’t have an explicit password.

⚠

Global Password security Using a shared global password is fine for labs and PoCs, but in production use per-component passwords. Rotate them with the Day 2 Operations Planner after deployment.

3. Hosts tab

Per-host inventory. Each row corresponds to one ESXi host and includes:

Hostname (esx01.corp.local), management IP, root password
vMotion IP, vSAN IP (if using vSAN), TEP IP
If using vSAN: cache and capacity disk identifiers (for OSA) or storage tier devices (for ESA)

Use the Paste buttons if you have the host list elsewhere (spreadsheet, CSV) — they accept columns of IPs and will populate the rows.

4. vCenter tab

vCenter FQDN — must resolve in your DNS (or SDDC Manager will fail pre-checks).
VM Size — tiny, small, medium, large, xlarge. Match to your scale; see the VMware Config Maximums for limits.
SSO Domain — default vsphere.local. If you use a different SSO domain convention, set it here.
Root and SSO Admin passwords.

5. Networking tab

The vDS (Distributed Virtual Switch) and network segment configuration:

DVS name (default <prefix>-cl01-vds01)
MTU — 9000 for jumbo frames (recommended). Must match your physical switch config.
Load balancing policy — typically Route based on originating virtual port (Source Port ID) unless you have a specific reason (LAG, source MAC hash).
Network segments — the CIDR/VLAN pairs from the defaults block, already populated.

6. NSX tab

NSX Manager cluster config:

Three-node NSX Manager cluster with VIP (production). For labs, a single node is acceptable.
Shared credentials — admin, audit, root, CLI passwords.
TEP & Transport — the TEP network from the defaults block. Transport type is OVERLAY for VXLAN/GENEVE tunnels or VLAN if you’re not doing overlay.

ℹ

VCF vs VVF If you selected VVF as workflow type on the Overview tab, the NSX tab is skipped — VVF doesn’t include NSX.

7. Storage tab

See Choosing a storage type below. Pick one:

vSAN ESA — recommended for new all-NVMe deployments on VCF 9.
vSAN OSA — legacy hybrid/all-flash with cache+capacity disk groups.
NFS — external NFS array. Requires server IP, export path, and datastore name.
VMFS on FC — existing FC SAN. Requires LUN/WWN mapping details.

8. Operations tab

Only applies if you’re deploying VCF (not VVF):

VCF Operations — the unified ops console (formerly vRealize Operations Manager).
Fleet Management — lifecycle and patching.
Operations Collector — if you need a separate collector appliance.

9. Automation tab

VCF Automation (formerly vRealize Automation) for self-service VM provisioning. Optional — skip if you’re not using it.

10. Export

Click Copy JSON to copy to clipboard, or Export JSON to download a .json file. The JSON is ready to feed directly into the VCF Installer.

Section-by-section reference

Top defaults block — all fields

Field	Required	Notes
Instance Prefix	yes	Lower-case alphanumeric, ≤6 chars recommended
Domain Suffix	yes	Must be resolvable in DNS
ESX Hostname Base	yes	Combined with host index: `esx01`, `esx02`, …
Number of ESX Hosts	yes	3 (PoC) or ≥4 (Production)
VCF Version	yes	Default `9.0.2.0`
Management Network	yes	CIDR, usually `/24`
vMotion Network	yes	CIDR, separate subnet from management
vSAN Network	if vSAN	CIDR, separate subnet, jumbo MTU
VM Management Network	yes	CIDR used by VM traffic
Overlay / TEP Network	if NSX overlay	CIDR for TEP addresses
Management / vMotion / vSAN / VM / TEP VLAN	yes each	1–4094; don’t use VLAN 1

Tabs

Overview — SDDC identity, DNS/NTP, datacenter & cluster names, CEIP opt-in, global password.
Hosts — per-host FQDNs, IPs (mgmt/vMotion/vSAN/TEP), root passwords, vSAN disk claims.
vCenter — vCenter FQDN, VM size, SSO domain, root & SSO admin passwords.
SDDC Manager — SDDC Manager FQDN, root/SSH/local passwords (under Overview).
Networking — DVS name, MTU, load-balancing policy, network segments.
NSX — NSX Manager cluster (3-node + VIP), credentials, TEP configuration, transport type.
Storage — vSAN ESA/OSA, NFS, or VMFS-FC with specific fields per type.
Operations — VCF Operations, Fleet Management, Operations Collector appliances.
Automation — VCF Automation appliance details.

Choosing a storage type

The Storage tab changes its inputs based on the storage type you select:

vSAN ESA (Express Storage Architecture)

VCF 9 default for new all-NVMe deployments. Single tier — every disk is a storage device, no cache/capacity split.

Pros: simpler config, better performance with NVMe, native compression
Requires: all-NVMe hosts on the vSAN ESA HCL
Fields: per host, list the NVMe device paths (naa.xxxx) that back vSAN

vSAN OSA (Original Storage Architecture)

The classic hybrid/all-flash model with cache + capacity disk groups.

Pros: works with mixed hardware
Fields: per host, cache device + list of capacity devices per disk group
Limit: up to 5 disk groups per host

NFS

External NFS array mounted as the primary datastore.

Fields: NFS server IP or FQDN, export path (/vol/vcf01), datastore name, read-only flag

VMFS on Fibre Channel

Existing FC SAN presenting LUNs to all hosts.

Fields: LUN WWN, datastore name, shared across all hosts in the cluster

💡

Capacity sizing Use the vSAN Capacity Calculator to work out usable capacity after FTT, slack space, and dedup/compression before committing to a disk layout.

Examples

Example · PoC 3-host cluster, vSAN ESA, single NSX node

Minimum-viable lab deployment for VCF 9 testing.

Prefix: lab · Domain: vcf.lab · Hosts: 3 (PoC minimum)
Workflow: VCF with 1-node NSX Manager
Networks: 10.0.10.0/24 mgmt, 10.0.11.0/24 vMotion, 10.0.12.0/24 vSAN, 10.0.13.0/24 VM, 10.0.14.0/24 TEP
Storage: vSAN ESA · 2× NVMe per host
Operations/Automation: skipped (optional for PoC)

Example · Production 4-host management domain, vSAN OSA, 3-node NSX

Typical enterprise management domain.

Prefix: m01 · Domain: corp.local · Hosts: 4 (Production minimum)
Workflow: VCF with 3-node NSX Manager cluster + VIP
Storage: vSAN OSA · 1 cache NVMe + 4 capacity SSDs per host
Operations: VCF Operations medium + Fleet Management
Automation: VCF Automation medium

Example · FC SAN cluster (VVF, no NSX)

VVF (vSphere Foundation) deployment using existing FC storage — no NSX, no vSAN.

Workflow: VVF — skips NSX and Operations tabs entirely
Storage: VMFS on FC · shared LUN WWN
Networks: no vSAN or TEP network needed

Common mistakes

🚨

DNS entries missing The VCF Installer will fail pre-checks if any FQDN in the JSON can’t be resolved. Create forward and reverse DNS records for every host, vCenter, SDDC Manager, NSX Manager, and Operations appliance before starting the install. The DNS Zone Designer can generate the BIND or Windows DNS exports for you.

⚠

Using VLAN 1 VLAN 1 is the default native VLAN on most switches and often untagged. Don’t use it for management, vMotion, vSAN, or overlay — deployment will complete but you’ll fight teaming/untagged issues forever. Use explicit VLAN IDs (100+ is a common convention).

⚠

MTU mismatch If you set MTU 9000 in the tool but your physical switches/uplinks aren’t configured for jumbo frames, vSAN and NSX overlay will silently fragment or drop. Validate end-to-end jumbo with the MTU Path Calculator before using 9000.

⚠

Forgetting the TEP network for overlay If your NSX transport type is OVERLAY, you must have a dedicated TEP network and VLAN. A missing TEP CIDR is the most common JSON export error caught by validation.

⚠

Passwords shorter than 15 characters VCF 9 enforces a minimum password length for root, SSO admin, and NSX credentials. The validator flags them, but they’re easy to miss in bulk. Use a password manager.

Tools that pair well with the JSON Builder:

FAQ

Does this tool connect to my vCenter or VCF Installer?

No. It’s fully browser-based and never talks to any server. It generates JSON locally in your browser, nothing leaves the page. You copy/export the JSON and feed it to the VCF Installer yourself.

Can I import an existing JSON and edit it?

Yes. Click Paste from clipboard at the top — the tool parses your JSON and populates every tab. Then make edits visually and re-export.

Which VCF versions are supported?

VCF 9.0.2 is the default schema. Other 9.x point releases work the same; older 4.x/5.x schemas differ significantly and aren’t supported.

My validation badge is green but the installer failed. What did I miss?

The tool validates JSON schema and basic values (CIDRs, IPs, passwords). It can’t validate whether your DNS actually has the right records, your NTP server is reachable, or your hosts are in the VCF HCL. Run the Pre-Deployment Checklist to catch environmental issues.

Can I use this for workload domains (not just management)?

The bootstrap JSON is only for the initial management domain. Workload domains are added through SDDC Manager’s UI or API after management is deployed, using a different payload schema.

What happens if I switch between VCF and VVF mid-edit?

The NSX and Operations tabs become hidden/disabled when you select VVF (those components aren’t part of VVF). Your data stays in the form state — switching back to VCF restores them. But if you export as VVF, only VVF-relevant fields are included in the JSON.

How do I rotate passwords after deployment?

After VCF is deployed, use SDDC Manager’s password management workflow — don’t try to edit the JSON. The Day 2 Operations Planner has a runbook for password rotation.

Is this tool affiliated with or endorsed by Broadcom/VMware?

No. VirtualBytes is independent. The JSON schema follows VMware’s public VCF 9 documentation, but this tool is not affiliated with Broadcom or VMware.