diff --git a/cmd/vcpctl/main.go b/cmd/vcpctl/main.go
new file mode 100644
index 000000000..27fcd3b65
--- /dev/null
+++ b/cmd/vcpctl/main.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// The vcpctl tool is responsible for facilitating cloud controller manager provisioning
+
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/spf13/cobra"
+	"k8s.io/cloud-provider-vsphere/cmd/vcpctl/provision"
+)
+
+func main() {
+
+	provision.AddProvision(cmd)
+	if err := cmd.Execute(); err != nil {
+		fmt.Fprintf(os.Stderr, "error: %v\n", err)
+		os.Exit(1)
+	}
+	fmt.Printf("\nCompleted!\n")
+}
+
+var cmd = &cobra.Command{
+	Use:   "vcpctl",
+	Short: "The vcpctl tool is responsible for facilitating cloud controller mananger provisioining.",
+	Long: `Deploying a cloud provider on vSphere is a task that has many prerequisites, this tool provides these needs:
+* Perform vSphere configuration health check.
+* Create vSphere role with a minimal set of permissioins.
+* Create vSphere solution user, to be used with CCM
+* Convert old in-tree vsphere.conf configuration files to new configMap
+
+`,
+
+	Run: RunMain,
+}
+
+func RunMain(cmd *cobra.Command, args []string) {
+	cmd.Help()
+}
diff --git a/cmd/vcpctl/provision/provision.go b/cmd/vcpctl/provision/provision.go
new file mode 100644
index 000000000..7b1826dcb
--- /dev/null
+++ b/cmd/vcpctl/provision/provision.go
@@ -0,0 +1,81 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package provision
+
+import (
+	"fmt"
+
+	"github.com/spf13/cobra"
+)
+
+var (
+	configFile      string
+	interactive     bool
+	oldInTreeConfig bool
+
+	// vCenter IP.
+	vchost string
+	// vCenter port.
+	vcport string
+	// True if vCenter uses self-signed cert.
+	insecure bool
+	// Datacenter in which VMs are located.
+	datacenter string
+	// Name of the secret were vCenter credentials are present.
+	secretName string
+	// Secret Namespace where secret will be present that has vCenter credentials.
+	secretNamespace string
+	// vCenter username.
+	vcUser string
+	// vCenter password in clear text.
+	vcPassword string
+)
+
+var provisionCmd = &cobra.Command{
+	Use:   "provision",
+	Short: "Initialize provisioning with vSphere cloud provider",
+	Long: `Starting prerequisites for deploying a cloud provider on vSphere, in cluding :
+	[x] vSphere configuration health check.
+	[x] Create vSphere solution user.
+	[x] Create vSohere role with minimal set of premissions.
+  `,
+	Example: `# Specify interaction mode or declaration mode (default)
+	vcpctl provision --interactive=false
+`,
+	Run: RunProvision,
+}
+
+func AddProvision(cmd *cobra.Command) {
+	provisionCmd.Flags().StringVar(&configFile, "config", "", "vsphere cloud provider config file path")
+	provisionCmd.Flags().BoolVar(&oldInTreeConfig, "oldConfig", false, "old int-tree vsphere configuration file, true or false")
+	provisionCmd.Flags().BoolVar(&interactive, "interactive", true, "specify interactive mode (true) as default, set (false) for declarative mode for automation")
+
+	provisionCmd.Flags().StringVar(&vchost, "vchost", "", "specify vCenter IP ")
+	provisionCmd.Flags().StringVar(&vcport, "vcport", "", "specify vCenter Port ")
+	provisionCmd.Flags().StringVar(&vcUser, "vcuser", "", "specify vCenter user ")
+	provisionCmd.Flags().StringVar(&vcPassword, "vcpassword", "", "specify vCenter Password ")
+	provisionCmd.Flags().BoolVar(&insecure, "insecure", false, "Don't verify the server's certificate chain")
+	provisionCmd.Flags()
+
+	cmd.AddCommand(provisionCmd)
+}
+
+func RunProvision(cmd *cobra.Command, args []string) {
+	// TODO (fanz): implement provision
+	fmt.Println("Perform cloud provider provisioning...")
+
+}
diff --git a/pkg/cli/cli.go b/pkg/cli/cli.go
new file mode 100644
index 000000000..b99f3614a
--- /dev/null
+++ b/pkg/cli/cli.go
@@ -0,0 +1,64 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cli
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/vmware/govmomi"
+	"k8s.io/cloud-provider-vsphere/pkg/cloudprovider/vsphere"
+)
+
+func ParseConfig(configFile string) (vsphere.Config, error) {
+	var cfg vsphere.Config
+	if len(configFile) == 0 {
+		return cfg, fmt.Errorf("Please specify vsphere cloud config file, e.g. --config vsphere.conf")
+	}
+	if _, err := os.Stat(configFile); err != nil {
+		return cfg, fmt.Errorf("Can not find config file %s, %v", configFile, err)
+	}
+	f, err := os.Open(configFile)
+	if err != nil {
+		return cfg, fmt.Errorf("Can not open config file %s, %v", configFile, err)
+	}
+	cfg, err = readConfig(f)
+	if err != nil {
+		return cfg, err
+	}
+	return cfg, err
+}
+
+// TODO (fanz) : Perform vSphere configuration health check on VM:
+func CheckVSphereConfig(config vsphere.Config) error {
+	return nil
+}
+
+// TODO (fanz) : Create vSphere role with minimal set of permissions
+func CreateRole() error {
+	return nil
+}
+
+// TODO (fanz) : Create vSphere solution user (generate keypair), to be used with CCM
+func CreateSolutionUser(o ClientOption, c *govmomi.Client) error {
+	return nil
+}
+
+// TODO (fanz) :  Convert old in-tree vsphere.conf configuration files to new configmap
+func ConvertOldConfig(old string) (vsphere.Config, error) {
+	return vsphere.Config{}, nil
+}
diff --git a/pkg/cli/client.go b/pkg/cli/client.go
new file mode 100644
index 000000000..7c5d322e3
--- /dev/null
+++ b/pkg/cli/client.go
@@ -0,0 +1,37 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cli
+
+import (
+	"context"
+
+	"github.com/vmware/govmomi"
+	"github.com/vmware/govmomi/vim25/soap"
+)
+
+type ClientOption struct {
+	hostURL  string
+	insecure bool
+}
+
+func (o *ClientOption) NewClient(ctx context.Context) (*govmomi.Client, error) {
+	u, err := soap.ParseURL(o.hostURL)
+	if err != nil {
+		return nil, err
+	}
+	return govmomi.NewClient(ctx, u, o.insecure)
+}
diff --git a/pkg/cli/config.go b/pkg/cli/config.go
new file mode 100644
index 000000000..8d4022785
--- /dev/null
+++ b/pkg/cli/config.go
@@ -0,0 +1,28 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package cli
+
+import (
+	"io"
+
+	"k8s.io/cloud-provider-vsphere/pkg/cloudprovider/vsphere"
+)
+
+func readConfig(config io.Reader) (vsphere.Config, error) {
+	// TODO : implement
+	return vsphere.Config{}, nil
+}