diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index cbf2e63a2..f67fbc6af 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -123,10 +123,10 @@ dns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr(2)|ipaddr('address')
 
 # There are some changes specific to the cloud providers
 # for instance we need to encapsulate packets with some network plugins
-# If set the possible values are either 'gce', 'aws' or 'openstack'
-# When openstack is used make sure to source in the openstack credentials
-# like you would do when using nova-client before starting the playbook.
 # cloud_provider:
+# If set the possible values are either 'gce', 'aws', 'openstack' or 'vsphere'
+# When vsphere or openstack are used make sure to source in the openstack/vsphere credentials
+# like you would do when using nova-client/vsphere before starting the playbook.
 
 ## Set these proxy values in order to update docker daemon to use proxies
 # http_proxy: ""
diff --git a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2 b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
index 4100e8a34..d213a9cb1 100644
--- a/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
+++ b/roles/kubernetes/master/templates/manifests/kube-apiserver.manifest.j2
@@ -36,7 +36,7 @@ spec:
 {% endif %}
     - --v={{ kube_log_level | default('2') }}
     - --allow-privileged=true
-{% if cloud_provider is defined and cloud_provider == "openstack" %}
+{% if cloud_provider is defined and (cloud_provider == "openstack" or cloud_provider == 'vsphere') %}
     - --cloud-provider={{ cloud_provider }}
     - --cloud-config={{ kube_config_dir }}/cloud_config
 {% elif cloud_provider is defined and cloud_provider == "aws" %}
diff --git a/roles/kubernetes/node/templates/kubelet.j2 b/roles/kubernetes/node/templates/kubelet.j2
index 53f2915d9..3f91ca10a 100644
--- a/roles/kubernetes/node/templates/kubelet.j2
+++ b/roles/kubernetes/node/templates/kubelet.j2
@@ -33,7 +33,7 @@ DOCKER_SOCKET="--docker-endpoint=unix:/var/run/weave/weave.sock"
 {% endif %}
 # Should this cluster be allowed to run privileged docker containers
 KUBE_ALLOW_PRIV="--allow-privileged=true"
-{% if cloud_provider is defined and cloud_provider == "openstack" %}
+{% if cloud_provider is defined and (cloud_provider == "openstack" or cloud_provider == "vsphere") %}
 KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }} --cloud-config={{ kube_config_dir }}/cloud_config"
 {% elif cloud_provider is defined and cloud_provider == "aws" %}
 KUBELET_CLOUDPROVIDER="--cloud-provider={{ cloud_provider }}"
diff --git a/roles/kubernetes/preinstall/defaults/main.yml b/roles/kubernetes/preinstall/defaults/main.yml
index 3eae9757d..f0df8de45 100644
--- a/roles/kubernetes/preinstall/defaults/main.yml
+++ b/roles/kubernetes/preinstall/defaults/main.yml
@@ -45,3 +45,13 @@ openstack_username: "{{ lookup('env','OS_USERNAME')  }}"
 openstack_password: "{{ lookup('env','OS_PASSWORD')  }}"
 openstack_region: "{{ lookup('env','OS_REGION_NAME')  }}"
 openstack_tenant_id: "{{ lookup('env','OS_TENANT_ID')  }}"
+
+# For the vSphere integration kubelet will need credentials to access
+# the api. Per default this values will be
+# read from the environment.
+vsphere_username: "{{ lookup('env', VSPHERE_USERNAME ) }}"
+vsphere_password: "{{ lookup('env', VSPHERE_PASSWORD ) }}"
+vsphere_server: "{{ lookup('env', VSPHERE_SERVER ) }}"
+vsphere_datacenter: "{{ lookup('env', VSPHERE_DATACENTER ) }}"
+vsphere_datastore: "{{ lookup('env', VSPHERE_DATASTORE ) }}"
+vsphere_working_dir: "{{ lookup('env', VSPHERE_WORKING_DIR ) }}"
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index 49e69a907..4d7fc0e91 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -60,11 +60,11 @@
 
 - name: check cloud_provider value
   fail:
-    msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws' or 'openstack'"
-  when: cloud_provider is defined and cloud_provider not in ['generic', 'gce', 'aws', 'openstack']
+    msg: "If set the 'cloud_provider' var must be set either to 'generic', 'gce', 'aws', 'openstack' or 'vsphere'"
+  when: cloud_provider is defined and cloud_provider not in ['generic', 'gce', 'aws', 'openstack', 'vsphere']
 
-- include: openstack-credential-check.yml
-  when: cloud_provider is defined and cloud_provider == 'openstack'
+- include: "{{ cloud_provider}}-credential-check.yml"
+  when: cloud_provider is defined and (cloud_provider == 'openstack' or cloud_provider == 'vsphere')
 
 - name: Create cni directories
   file:
@@ -122,12 +122,12 @@
   when: ansible_os_family == "RedHat"
   changed_when: False
 
-- name: Write openstack cloud-config
+- name: "Write {{ cloud_provider}} cloud-config"
   template:
-    src: openstack-cloud-config.j2
+    src: "{{ cloud_provider }}-cloud-config.j2"
     dest: "{{ kube_config_dir }}/cloud_config"
     group: "{{ kube_cert_group }}"
     mode: 0640
-  when: cloud_provider is defined and cloud_provider == "openstack"
+  when: cloud_provider is defined and (cloud_provider == "openstack" or cloud_provider == "vsphere")
 
 - include: etchosts.yml
diff --git a/roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml b/roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml
new file mode 100644
index 000000000..8f0b3ba50
--- /dev/null
+++ b/roles/kubernetes/preinstall/tasks/vsphere-credential-check.yml
@@ -0,0 +1,30 @@
+---
+- name: check vsphere_username value
+  fail:
+    msg: "vsphere_username is missing"
+  when: vsphere_username is not defined or vsphere_username == ""
+
+- name: check vsphere_password value
+  fail:
+    msg: "vsphere_password is missing"
+  when: vsphere_password is not defined or vsphere_password == ""
+
+- name: check vsphere_server value
+  fail:
+    msg: "vsphere_server is missing"
+  when: vsphere_server is not defined or vsphere_server == ""
+
+- name: check vsphere_datacenter value
+  fail:
+    msg: "vsphere_datacenter is missing"
+  when: vsphere_datacenter is not defined or vsphere_datacenter == ""
+
+- name: check vsphere_datastore value
+  fail:
+    msg: "vsphere_datastore is missing"
+  when: vsphere_datastore is not defined or vsphere_datastore == ""
+
+- name: check vsphere_working_dir value
+  fail:
+    msg: "vsphere_working_dir is missing"
+  when: vsphere_working_dir is not defined or vsphere_working_dir == ""
diff --git a/roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2 b/roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2
new file mode 100644
index 000000000..d350f973c
--- /dev/null
+++ b/roles/kubernetes/preinstall/templates/vsphere-cloud-config.j2
@@ -0,0 +1,9 @@
+[Global]
+user = {{ vsphere_username }}
+password = {{ vsphere_password }}
+server = {{ vsphere_server }}
+port = 443
+insecure-flag = true
+datacenter = {{ vsphere_datacenter }}
+datastore = {{ vsphere_datastore }}
+working-dir = {{ vsphere_working_dir }}