diff --git a/.zuul.yaml b/.zuul.yaml
index 83aaf86e..71257698 100644
--- a/.zuul.yaml
+++ b/.zuul.yaml
@@ -61,12 +61,14 @@
     name: openstack-helm-addons-sonobuoy
     required-projects:
       - openstack/openstack-helm-infra
+      - openstack/openstack-helm
     roles:
       - zuul: openstack/openstack-helm-infra
     timeout: 7200
     vars:
       osh_openstack_release: newton
       zuul_osh_infra_relative_path: ../openstack-helm-infra/
+      zuul_osh_relative_path: ../openstack-helm/
     nodeset: openstack-helm-ubuntu
     pre-run:
       - tools/gate/playbooks/osh-infra-upgrade-host.yaml
diff --git a/sonobuoy/templates/bin/_publish_results.sh.tpl b/sonobuoy/templates/bin/_publish_results.sh.tpl
new file mode 100644
index 00000000..d23dc1be
--- /dev/null
+++ b/sonobuoy/templates/bin/_publish_results.sh.tpl
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+set -xe
+
+while [ "$(ls -l $RESULTS_DIR/*.tar.gz | wc -l)" -eq 0 ]; do
+  sleep 5
+done
+
+file_name=$(ls $RESULTS_DIR/*.tar.gz | xargs -n1 basename)
+prefixed_file_name={{ .Values.conf.swift.object_name_prefix }}$file_name
+
+openstack container create {{ .Values.conf.swift.container_name }}
+openstack container show {{ .Values.conf.swift.container_name }}
+
+openstack object create --name $prefixed_file_name {{ .Values.conf.swift.container_name }} $RESULTS_DIR/$file_name
+openstack object show {{ .Values.conf.swift.container_name }} $prefixed_file_name
+
+swift post {{ .Values.conf.swift.container_name }} $prefixed_file_name -H \"X-Delete-After:{{ .Values.conf.swift.delete_objects_after_seconds }}\"
diff --git a/sonobuoy/templates/configmap-bin.yaml b/sonobuoy/templates/configmap-bin.yaml
index 7a04f7c6..e34c7671 100644
--- a/sonobuoy/templates/configmap-bin.yaml
+++ b/sonobuoy/templates/configmap-bin.yaml
@@ -22,6 +22,10 @@ kind: ConfigMap
 metadata:
   name: sonobuoy-bin
 data:
+  ks-user.sh: |
+{{- include "helm-toolkit.scripts.keystone_user" $envAll | indent 4 }}
+  publish_results.sh: |
+{{ tuple "bin/_publish_results.sh.tpl" $envAll | include "helm-toolkit.utils.template" | indent 4 }}
   run_master.sh: |
 {{ tuple "bin/_run_master.sh.tpl" $envAll | include "helm-toolkit.utils.template" | indent 4 }}
 {{- end }}
diff --git a/sonobuoy/templates/job-ks-user.yaml b/sonobuoy/templates/job-ks-user.yaml
new file mode 100644
index 00000000..b6313edd
--- /dev/null
+++ b/sonobuoy/templates/job-ks-user.yaml
@@ -0,0 +1,20 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.job_ks_user }}
+{{- $ksUserJob := dict "envAll" . "serviceName" "sonobuoy" -}}
+{{ $ksUserJob | include "helm-toolkit.manifests.job_ks_user" }}
+{{- end }}
diff --git a/sonobuoy/templates/pod-api.yaml b/sonobuoy/templates/pod-api.yaml
index 21dee2f2..390e27e6 100644
--- a/sonobuoy/templates/pod-api.yaml
+++ b/sonobuoy/templates/pod-api.yaml
@@ -58,6 +58,8 @@ metadata:
 spec:
   nodeSelector:
     {{ .Values.labels.api.node_selector_key }}: {{ .Values.labels.api.node_selector_value}}
+  initContainers:
+{{ tuple $envAll "sonobuoy" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
   containers:
   - name: kube-sonobuoy
     env:
@@ -79,6 +81,23 @@ spec:
       mountPath: /run_master.sh
       subPath: run_master.sh
       readOnly: true
+  - name: results-publisher
+{{ tuple $envAll "results_publisher" | include "helm-toolkit.snippets.image" | indent 4 }}
+    env:
+{{- with $env := dict "ksUserSecret" $envAll.Values.secrets.identity.sonobuoy }}
+{{- include "helm-toolkit.snippets.keystone_openrc_env_vars" $env | indent 4 }}
+{{- end }}
+    - name: RESULTS_DIR
+      value: {{ .Values.conf.sonobuoy.ResultsDir }}
+    command:
+    - /publish_results.sh
+    volumeMounts:
+    - name: sonobuoy-bin
+      mountPath: /publish_results.sh
+      subPath: publish_results.sh
+      readOnly: true
+    - mountPath: {{ .Values.conf.sonobuoy.ResultsDir }}
+      name: sonobuoy-output
   restartPolicy: Never
   serviceAccountName: {{ $serviceAccountName }}
   volumes:
diff --git a/sonobuoy/templates/secret-keystone.yaml b/sonobuoy/templates/secret-keystone.yaml
new file mode 100644
index 00000000..1130faf5
--- /dev/null
+++ b/sonobuoy/templates/secret-keystone.yaml
@@ -0,0 +1,30 @@
+{{/*
+Copyright 2017 The Openstack-Helm Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/}}
+
+{{- if .Values.manifests.secret_keystone }}
+{{- $envAll := . }}
+{{- range $key1, $userClass := tuple "admin" "sonobuoy" }}
+{{- $secretName := index $envAll.Values.secrets.identity $userClass }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $secretName }}
+type: Opaque
+data:
+{{- tuple $userClass "internal" $envAll | include "helm-toolkit.snippets.keystone_secret_openrc" | indent 2 -}}
+{{- end }}
+{{- end }}
diff --git a/sonobuoy/values.yaml b/sonobuoy/values.yaml
index def42e7f..633f08a3 100644
--- a/sonobuoy/values.yaml
+++ b/sonobuoy/values.yaml
@@ -14,6 +14,9 @@
 
 images:
   tags:
+    dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1
+    ks_user: docker.io/openstackhelm/heat:ocata
+    results_publisher: docker.io/openstackhelm/heat:ocata
     sonobuoy_api: gcr.io/heptio-images/sonobuoy:v0.11.4
     systemd_logs: gcr.io/heptio-images/sonobuoy-plugin-systemd-logs:v0.1
   pull_policy: "IfNotPresent"
@@ -25,18 +28,82 @@ labels:
   api:
     node_selector_key: openstack-control-plane
     node_selector_value: enabled
+  job:
+    node_selector_key: openstack-control-plane
+    node_selector_value: enabled
 
 dependencies:
   dynamic: {}
-  static: {}
+  static:
+    sonobuoy:
+      jobs:
+      - sonobuoy-ks-user
+
+pod:
+  resources:
+    enabled: false
+    jobs:
+      ks_user:
+        requests:
+          memory: "128Mi"
+          cpu: "100m"
+        limits:
+          memory: "128Mi"
+          cpu: "2000m"
+
+secrets:
+  identity:
+    admin: sonobuoy-keystone-admin
+    sonobuoy: sonobuoy-keystone-user
+
+endpoints:
+  cluster_domain_suffix: cluster.local
+  identity:
+    name: keystone
+    auth:
+      admin:
+        region_name: RegionOne
+        username: admin
+        password: password
+        project_name: admin
+        user_domain_name: default
+        project_domain_name: default
+      sonobuoy:
+        role: admin
+        region_name: RegionOne
+        username: sonobuoy
+        password: password
+        project_name: sonobuoy
+        user_domain_name: sonobuoy
+        project_domain_name: sonobuoy
+    hosts:
+      default: keystone
+      internal: keystone-api
+    host_fqdn_override:
+      default: null
+    path:
+      default: /v3
+    scheme:
+      default: http
+    port:
+      api:
+        default: 80
+        internal: 5000
 
 manifests:
   configmap_bin: true
   configmap_plugins: true
+  job_ks_user: true
   pod_api: true
   secret_etc: true
+  secret_keystone: true
 
 conf:
+  swift:
+    container_name: sonobuoy
+    # delete objects after 1 month (60 * 60 * 24 * 30 seconds)
+    delete_objects_after_seconds: "2592000"
+    object_name_prefix: ""
   sonobuoy:
     Description: "sonobuoy run for scanner.heptio.com"
     Version: v0.11.4
diff --git a/tools/gate/playbooks/osh-addons-sonobuoy.yaml b/tools/gate/playbooks/osh-addons-sonobuoy.yaml
index dfccce7e..6e1f497b 100644
--- a/tools/gate/playbooks/osh-addons-sonobuoy.yaml
+++ b/tools/gate/playbooks/osh-addons-sonobuoy.yaml
@@ -1,5 +1,91 @@
 - hosts: primary
   tasks:
+    - name: Build Charts
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/010-setup-client.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
+    - name: Deploy MariaDB
+      environment:
+        OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
+        OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
+        zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/020-deploy-mariadb.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
+    - name: Deploy RabbitMQ
+      environment:
+        OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
+        OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
+        zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/030-deploy-rabbitmq.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
+    - name: Deploy Memcached
+      environment:
+        OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
+        OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
+        zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/040-deploy-memcached.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
+    - name: Deploy Keystone
+      environment:
+        OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
+        OSH_PATH: "{{ zuul_osh_relative_path | default('') }}"
+        zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/050-deploy-keystone.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
+    - name: Deploy Ceph
+      environment:
+        OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
+        OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
+        zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/080-deploy-ceph.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
+    - name: Activate Ceph Namespace
+      environment:
+        OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
+        OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
+        zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/085-ceph-ns-activate.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
+    - name: Deploy RadosGW
+      environment:
+        OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
+        OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
+        zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/090-radosgw-openstack.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
+    - name: Deploy Ingress
+      environment:
+        OSH_EXTRA_HELM_ARGS: "{{ zuul_osh_extra_helm_args_relative_path | default('') }}"
+        OSH_INFRA_PATH: "{{ zuul_osh_infra_relative_path | default('') }}"
+        zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
+      shell: |
+        set -xe;
+        ./tools/gate/scripts/100-ingress.sh
+      args:
+        chdir: "{{ zuul_osh_addons_relative_path | default(zuul.project.src_dir) }}"
     - name: Install and Test Sonobuoy Chart
       shell: |
         set -xe;
diff --git a/tools/gate/scripts/080-deploy-ceph.sh b/tools/gate/scripts/080-deploy-ceph.sh
new file mode 100755
index 00000000..f14be4d3
--- /dev/null
+++ b/tools/gate/scripts/080-deploy-ceph.sh
@@ -0,0 +1,101 @@
+#!/bin/bash
+
+# Copyright 2017 The Openstack-Helm Authors.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+set -xe
+
+#NOTE: Lint and package chart
+: ${OSH_INFRA_PATH:="../openstack-helm-infra"}
+for CHART in ceph-mon ceph-osd ceph-client ceph-provisioners; do
+  make -C ${OSH_INFRA_PATH} "${CHART}"
+done
+
+#NOTE: Deploy command
+
+: ${OSH_EXTRA_HELM_ARGS:=""}
+CEPH_PUBLIC_NETWORK="$($OSH_INFRA_PATH/tools/deployment/multinode/kube-node-subnet.sh)"
+CEPH_CLUSTER_NETWORK="$($OSH_INFRA_PATH/tools/deployment/multinode/kube-node-subnet.sh)"
+[ -s /tmp/ceph-fs-uuid.txt ] || uuidgen > /tmp/ceph-fs-uuid.txt
+CEPH_FS_ID="$(cat /tmp/ceph-fs-uuid.txt)"
+#NOTE(portdirect): to use RBD devices with Ubuntu kernels < 4.5 this
+# should be set to 'hammer'
+. /etc/os-release
+if [ "x${ID}" == "xubuntu" ] && \
+   [ "$(uname -r | awk -F "." '{ print $2 }')" -lt "5" ]; then
+  CRUSH_TUNABLES=hammer
+else
+  CRUSH_TUNABLES=null
+fi
+tee /tmp/ceph.yaml <<EOF
+endpoints:
+  identity:
+    namespace: openstack
+  object_store:
+    namespace: ceph
+  ceph_mon:
+    namespace: ceph
+network:
+  public: ${CEPH_PUBLIC_NETWORK}
+  cluster: ${CEPH_CLUSTER_NETWORK}
+deployment:
+  storage_secrets: true
+  ceph: true
+  rbd_provisioner: true
+  cephfs_provisioner: true
+  client_secrets: false
+  rgw_keystone_user_and_endpoints: false
+bootstrap:
+  enabled: true
+conf:
+  ceph:
+    global:
+      fsid: ${CEPH_FS_ID}
+  rgw_ks:
+    enabled: true
+  pool:
+    crush:
+      tunables: ${CRUSH_TUNABLES}
+    target:
+      # NOTE(portdirect): 5 nodes, with one osd per node
+      osd: 5
+      pg_per_osd: 100
+  storage:
+    osd:
+      - data:
+          type: directory
+          location: /var/lib/openstack-helm/ceph/osd/osd-one
+        journal:
+          type: directory
+          location: /var/lib/openstack-helm/ceph/osd/journal-one
+EOF
+
+for CHART in ceph-mon ceph-osd ceph-client ceph-provisioners; do
+  helm upgrade --install ${CHART} ${OSH_INFRA_PATH}/${CHART} \
+    --namespace=ceph \
+    --values=/tmp/ceph.yaml \
+    ${OSH_EXTRA_HELM_ARGS} \
+    ${OSH_EXTRA_HELM_ARGS_CEPH_DEPLOY}
+
+  #NOTE: Wait for deploy
+  ./tools/gate/scripts/wait-for-pods.sh ceph
+
+  #NOTE: Validate deploy
+  MON_POD=$(kubectl get pods \
+    --namespace=ceph \
+    --selector="application=ceph" \
+    --selector="component=mon" \
+    --no-headers | awk '{ print $1; exit }')
+  kubectl exec -n ceph ${MON_POD} -- ceph -s
+done
diff --git a/tools/gate/scripts/085-ceph-ns-activate.sh b/tools/gate/scripts/085-ceph-ns-activate.sh
new file mode 100755
index 00000000..43deb6a2
--- /dev/null
+++ b/tools/gate/scripts/085-ceph-ns-activate.sh
@@ -0,0 +1,63 @@
+#!/bin/bash
+
+# Copyright 2017 The Openstack-Helm Authors.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+set -xe
+
+#NOTE: Lint and package chart
+: ${OSH_INFRA_PATH:="../openstack-helm-infra"}
+make -C ${OSH_INFRA_PATH} ceph-provisioners
+
+#NOTE: Deploy command
+: ${OSH_EXTRA_HELM_ARGS:=""}
+CEPH_PUBLIC_NETWORK="$($OSH_INFRA_PATH/tools/deployment/multinode/kube-node-subnet.sh)"
+CEPH_CLUSTER_NETWORK="$($OSH_INFRA_PATH/tools/deployment/multinode/kube-node-subnet.sh)"
+tee /tmp/ceph-openstack-config.yaml <<EOF
+endpoints:
+  identity:
+    namespace: openstack
+  object_store:
+    namespace: ceph
+  ceph_mon:
+    namespace: ceph
+network:
+  public: ${CEPH_PUBLIC_NETWORK}
+  cluster: ${CEPH_CLUSTER_NETWORK}
+deployment:
+  storage_secrets: false
+  ceph: false
+  rbd_provisioner: false
+  cephfs_provisioner: false
+  client_secrets: true
+  rgw_keystone_user_and_endpoints: false
+bootstrap:
+  enabled: false
+conf:
+  rgw_ks:
+    enabled: true
+EOF
+helm upgrade --install ceph-openstack-config ${OSH_INFRA_PATH}/ceph-provisioners \
+  --namespace=openstack \
+  --values=/tmp/ceph-openstack-config.yaml \
+  ${OSH_EXTRA_HELM_ARGS} \
+  ${OSH_EXTRA_HELM_ARGS_CEPH_NS_ACTIVATE}
+
+#NOTE: Wait for deploy
+./tools/gate/scripts/wait-for-pods.sh openstack
+
+#NOTE: Validate Deployment info
+kubectl get -n openstack jobs --show-all
+kubectl get -n openstack secrets
+kubectl get -n openstack configmaps
diff --git a/tools/gate/scripts/090-radosgw-openstack.sh b/tools/gate/scripts/090-radosgw-openstack.sh
new file mode 100755
index 00000000..99bcbddd
--- /dev/null
+++ b/tools/gate/scripts/090-radosgw-openstack.sh
@@ -0,0 +1,64 @@
+#!/bin/bash
+
+# Copyright 2017 The Openstack-Helm Authors.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+set -xe
+
+#NOTE: Lint and package chart
+: ${OSH_INFRA_PATH:="../openstack-helm-infra"}
+make -C ${OSH_INFRA_PATH} ceph-rgw
+
+#NOTE: Deploy command
+: ${OSH_EXTRA_HELM_ARGS:=""}
+CEPH_PUBLIC_NETWORK="$($OSH_INFRA_PATH/tools/deployment/multinode/kube-node-subnet.sh)"
+CEPH_CLUSTER_NETWORK="$($OSH_INFRA_PATH/tools/deployment/multinode/kube-node-subnet.sh)"
+tee /tmp/radosgw-openstack.yaml <<EOF
+endpoints:
+  identity:
+    namespace: openstack
+  object_store:
+    namespace: openstack
+  ceph_mon:
+    namespace: ceph
+network:
+  public: ${CEPH_PUBLIC_NETWORK}
+  cluster: ${CEPH_CLUSTER_NETWORK}
+deployment:
+  storage_secrets: false
+  ceph: true
+  rbd_provisioner: false
+  cephfs_provisioner: false
+  client_secrets: false
+  rgw_keystone_user_and_endpoints: true
+bootstrap:
+  enabled: false
+conf:
+  rgw_ks:
+    enabled: true
+pod:
+  replicas:
+    rgw: 1
+EOF
+helm upgrade --install radosgw-openstack ${OSH_INFRA_PATH}/ceph-rgw \
+  --namespace=openstack \
+  --values=/tmp/radosgw-openstack.yaml \
+  ${OSH_EXTRA_HELM_ARGS} \
+  ${OSH_EXTRA_HELM_ARGS_CEPH_RGW}
+
+#NOTE: Wait for deploy
+./tools/gate/scripts/wait-for-pods.sh openstack
+
+#NOTE: Validate Deployment info
+helm status radosgw-openstack
diff --git a/tools/gate/scripts/100-ingress.sh b/tools/gate/scripts/100-ingress.sh
new file mode 100755
index 00000000..456525db
--- /dev/null
+++ b/tools/gate/scripts/100-ingress.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+
+# Copyright 2017 The Openstack-Helm Authors.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+set -xe
+
+#NOTE: Deploy global ingress
+: ${OSH_INFRA_PATH:="../openstack-helm-infra"}
+tee /tmp/ingress-kube-system.yaml << EOF
+pod:
+  replicas:
+    error_page: 2
+deployment:
+  mode: cluster
+  type: DaemonSet
+network:
+  host_namespace: true
+EOF
+helm upgrade --install ingress-kube-system ${OSH_INFRA_PATH}/ingress \
+  --namespace=kube-system \
+  --values=/tmp/ingress-kube-system.yaml \
+  ${OSH_EXTRA_HELM_ARGS} \
+  ${OSH_EXTRA_HELM_ARGS_INGRESS_KUBE_SYSTEM}
+
+#NOTE: Wait for deploy
+./tools/gate/scripts/wait-for-pods.sh kube-system
+
+#NOTE: Display info
+helm status ingress-kube-system
+
+#NOTE: Deploy namespaced ingress controllers
+for NAMESPACE in openstack ceph; do
+  #NOTE: Deploy namespace ingress
+  tee /tmp/ingress-${NAMESPACE}.yaml << EOF
+pod:
+  replicas:
+    ingress: 2
+    error_page: 2
+EOF
+  helm upgrade --install ingress-${NAMESPACE} ${OSH_INFRA_PATH}/ingress \
+    --namespace=${NAMESPACE} \
+    --values=/tmp/ingress-${NAMESPACE}.yaml
+
+  #NOTE: Wait for deploy
+  ./tools/gate/scripts/wait-for-pods.sh ${NAMESPACE}
+
+  #NOTE: Display info
+  helm status ingress-${NAMESPACE}
+done
diff --git a/tools/gate/scripts/sonobuoy.sh b/tools/gate/scripts/sonobuoy.sh
index 1b5fc3ad..cc8272bb 100755
--- a/tools/gate/scripts/sonobuoy.sh
+++ b/tools/gate/scripts/sonobuoy.sh
@@ -17,5 +17,7 @@
 set -xe
 
 helm dependency update sonobuoy
-helm install sonobuoy --namespace=heptio-sonobuoy --name=sonobuoy
+helm upgrade --install sonobuoy sonobuoy \
+    --namespace=heptio-sonobuoy \
+    --set endpoints.identity.namespace=openstack
 helm test sonobuoy