Mech: Vagrant with VMWare Integration for free

In a lot of ways, Vagrant is an exceptional way to use virtual machines (VMs). Terminal wizards rarely need a GUI to get something done and often times you really only need a simple sandbox to prototype something.

Vagrant accomplishes this beautifully by wrapping configuration details in a Vagrantfile and a box file which has the full VM image.

But I've got a few gripes with Vagrant...

  1. It's Virtualbox - more on this in a second.
  2. It's written in Ruby and Vagrantfiles are basically Ruby.
  3. For VMware integration you need to pay $79 on top of the VMWare license to basically get a special interface to your VMs.

Vagrant is a great tool and the team at Hashicorp is excellent. However, these gripes cause me to look at Vagrant and ask, why not Python, why not VMware, and how cheap can I be?

The choice of Python is pretty arbitrary but I can only say that the security community at large mostly uses Python and it is my favorite language. More specifically the gripe is why does Vagrant use Ruby to define the Vagrantfile over something like YAML or JSON?

I have extreme angst against Virtualbox. The setup time for a VM is pretty high and Virtualbox VMs tend to run slowly. VMWare is heralded as the industry leader for VMs and the difference is noticeable.

Call me spoiled, but I never use Virtualbox. Ever.

So now it becomes do I pay $79 to use Ruby and Vagrant or do I write something in Python that has compatibility with Vagrant VMs. I went with the latter:

https://github.com/ColdHeat/mech

~/Repositories/mech master
❯ mech --help
mech.  
Usage:  
    mech init [<url>] [--name=<name>]
    mech (up | start) [options] [<name> --gui]
    mech (down | stop) [options] [<name>]
    mech suspend [options] [<name>]
    mech pause [options] [<name>]
    mech ssh [options] [<name> --user=<user>]
    mech scp <src> <dst> [--user=<user>]
    mech ip [options] [<name>]
    mech (list | ls) [options]
    mech (status | ps) [options]
    mech -h | --help
    mech --version

Options:  
    -h --help     Show this screen.
    --version     Show version.
    --debug       Show debug messages.

Vagrant boxes are just tar'ed up VM images with some Vagrant specific customizations so really Vagrant is just a fancy CLI interface for VirtualBox/VMware/Parallels.

mech just implements a free VMWare interface for the boxes. There are some kinks that need to be worked out but generally my workflow with it looks something like this:

~
❯ mech ls
precise64  
ubuntu-14.04-amd64  
xenial64

~
❯ mech up xenial64
Getting IP address...  
VM started on 172.16.86.217  
Sharing current folder...  
VM started on 172.16.86.217

~ 18s
❯ mech ssh xenial64
Connecting to 172.16.86.217  
mech@172.16.86.217's password:  
Welcome to Ubuntu 16.04 LTS (GNU/Linux 4.4.0-21-generic x86_64)

 * Documentation:  https://help.ubuntu.com/
Last login: Sat Dec 17 13:08:12 2016 from 172.16.86.1  
mech@ubuntu:~$  

While I do have some personal boxes built out and kept on my flash drive I've found that the bento boxes are good for getting a blank VM started.

You can do something like:

~
❯ mech init https://atlas.hashicorp.com/bento/boxes/debian-8.6/versions/2.3.0/providers/vmware_desktop.box --name=bento
Initializing mech  
vmware_desktop.box[################################] 464249/464249 - 00:01:09  
Extracting...  
What username would you like to save? [mech] vagrant  
Saving /Users/kchung/.mech/bento/mechfile  
Finished.  
Saving ./mechfile  
Finished.

~ 4m 8s
❯ mech up bento
Getting IP address...  
VM started on 172.16.86.224  
Sharing current folder...  
VM started on 172.16.86.224

~ 50s
❯ mech ssh bento
Connecting to 172.16.86.224  
The authenticity of host '172.16.86.224 (172.16.86.224)' can't be established.  
ECDSA key fingerprint is SHA256:/UsPqlVdUV1QIiARJQsrhgaEEo1Fs0PHOLrLTmahfgE.  
Are you sure you want to continue connecting (yes/no)? yes  
Warning: Permanently added '172.16.86.224' (ECDSA) to the list of known hosts.  
vagrant@172.16.86.224's password:

The programs included with the Debian GNU/Linux system are free software;  
the exact distribution terms for each program are described in the  
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent  
permitted by applicable law.  
vagrant@debian-8:~$  

You can pull arbitrary boxes from Hashicorp's atlas but you need to work out the URL syntax to pass to wget/curl/mech.

If you're interested run pip install git+https://github.com/ColdHeat/mech.git for the latest or pip install mech for what I last pushed to PyPi.

All in all, mech works for me and since you read this you're probably looking for something similar. However, I do wonder how complicated a Vagrant plugin that wraps vmrun is. Probably not worth $79 worth of your time though...

Kevin Chung

I like doing computer stuff, playing chess, and playing video games. I ran CSAW CTF for a couple of years and I wrote CTFd which is a popular Capture The Flag framework.

Subscribe to Kevin Chung

Get the latest posts delivered right to your inbox.

or subscribe via RSS with Feedly!