diff --git a/playbooks/airshipctl-gate-runner.yaml b/playbooks/airshipctl-gate-runner.yaml
new file mode 100644
index 000000000..f3f205f41
--- /dev/null
+++ b/playbooks/airshipctl-gate-runner.yaml
@@ -0,0 +1,31 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- hosts: primary
+  tasks:
+    - name: "set default gate scripts"
+      set_fact:
+        gate_scripts_default:
+          - ./tools/deployment/01_install_kubectl.sh
+          - ./tools/deployment/21_systemwide_executable.sh
+          - ./tools/deployment/22_test_configs.sh
+          - ./tools/deployment/23_pull_documents.sh
+          - ./tools/deployment/24_build_ephemeral_iso.sh
+          - ./tools/deployment/25_deploy_ephemeral_node.sh
+          - ./tools/deployment/26_deploy_metal3_capi_ephemeral_node.sh
+
+    - name: "Run gate scripts"
+      include_role:
+        name: airshipctl-run-script
+      vars:
+        gate_script_path: "{{ item }}"
+      with_items: "{{ gate_scripts | default(gate_scripts_default) }}"
diff --git a/roles/airshipctl-run-script/tasks/main.yaml b/roles/airshipctl-run-script/tasks/main.yaml
new file mode 100644
index 000000000..9daccbfa9
--- /dev/null
+++ b/roles/airshipctl-run-script/tasks/main.yaml
@@ -0,0 +1,21 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: "Run script {{ gate_script_path }}"
+  shell: |
+    set -xe;
+    {{ gate_script_path }}
+  args:
+    chdir: "{{ zuul.project.src_dir }}"
+  environment:
+    remote_work_dir: "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}"
+    zuul_site_mirror_fqdn: "{{ zuul_site_mirror_fqdn }}"
diff --git a/tools/deployment/01_install_kubectl.sh b/tools/deployment/01_install_kubectl.sh
new file mode 100755
index 000000000..a936beaca
--- /dev/null
+++ b/tools/deployment/01_install_kubectl.sh
@@ -0,0 +1,24 @@
+#!/usr/bin/env bash
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -xe
+
+: ${KUBE_VERSION:="v1.16.2"}
+
+# Install kubectl
+URL="https://storage.googleapis.com"
+sudo -E curl -sSLo /usr/local/bin/kubectl \
+  "${URL}"/kubernetes-release/release/"${KUBE_VERSION}"/bin/linux/amd64/kubectl
+
+sudo -E chmod +x /usr/local/bin/kubectl
diff --git a/tools/deployment/21_systemwide_executable.sh b/tools/deployment/21_systemwide_executable.sh
new file mode 100755
index 000000000..cc23832f5
--- /dev/null
+++ b/tools/deployment/21_systemwide_executable.sh
@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -xe
+
+export USE_PROXY=${USE_PROXY:-"false"}
+export HTTPS_PROXY=${HTTPS_PROXY:-${https_proxy}}
+export HTTPS_PROXY=${HTTP_PROXY:-${http_proxy}}
+export NO_PROXY=${NO_PROXY:-${no_proxy}}
+
+echo "Build airshipctl in docker image"
+make docker-image
+
+echo "Copy airshipctl from docker image"
+DOCKER_IMAGE_TAG=$(make print-docker-image-tag)
+CONTAINER=$(docker create "${DOCKER_IMAGE_TAG}")
+sudo docker cp "${CONTAINER}:/usr/local/bin/airshipctl" "/usr/local/bin/airshipctl"
+sudo docker rm "${CONTAINER}"
+
+if ! airshipctl version | grep -q 'airshipctl'; then
+  echo "Unable to verify airshipctl command. Please verify if the airshipctl is installed in /usr/local/bin/"
+else
+  echo "Airshipctl version"
+  airshipctl version
+fi
diff --git a/tools/deployment/22_test_configs.sh b/tools/deployment/22_test_configs.sh
new file mode 100755
index 000000000..0a5444b2f
--- /dev/null
+++ b/tools/deployment/22_test_configs.sh
@@ -0,0 +1,59 @@
+#!/usr/bin/env bash
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -xe
+
+export ISO_DIR=${ISO_DIR:-"/srv/iso"}
+export SERVE_PORT=${SERVE_PORT:-"8099"}
+export AIRSHIPCTL_WS=${AIRSHIPCTL_WS:-$PWD}
+export USER_NAME=${USER:-"ubuntu"}
+export USE_PROXY=${USE_PROXY:-"false"}
+export HTTPS_PROXY=${HTTPS_PROXY:-${https_proxy}}
+export HTTPS_PROXY=${HTTP_PROXY:-${http_proxy}}
+export NO_PROXY=${NO_PROXY:-${no_proxy}}
+export REMOTE_WORK_DIR=${remote_work_dir:-"/tmp/airship"}
+export AIRSHIP_CONFIG_ISO_GEN_TARGET_PATH=${ISO_DIR}
+export AIRSHIP_CONFIG_ISO_BUILDER_DOCKER_IMAGE=${BUILDER_IMAGE:-"quay.io/airshipit/isogen:latest-debian_stable"}
+export REMOTE_TYPE=redfish
+export REMOTE_INSECURE=true
+export REMOTE_PROXY=false
+export AIRSHIP_CONFIG_ISO_SERVE_HOST=${HOST:-"localhost"}
+export AIRSHIP_CONFIG_ISO_PORT=${SERVE_PORT}
+export AIRSHIP_CONFIG_ISO_NAME=${ISO_NAME:-"debian-custom.iso"}
+export SYSTEM_ACTION_RETRIES=30
+export SYSTEM_REBOOT_DELAY=30
+export AIRSHIP_CONFIG_PRIMARY_REPO_BRANCH=${BRANCH:-"master"}
+# the git repo url or local file system path to a cloned repo, e.g., /home/stack/airshipctl
+export AIRSHIP_CONFIG_PRIMARY_REPO_URL=${REPO:-"https://review.opendev.org/airship/airshipctl"}
+export AIRSHIP_SITE_NAME="manifests/site/test-site"
+export AIRSHIP_CONFIG_MANIFEST_DIRECTORY=${remote_work_dir}
+export AIRSHIP_CONFIG_CA_DATA=$(cat tools/deployment/certificates/airship_config_ca_data| base64 -w0)
+export AIRSHIP_CONFIG_EPHEMERAL_IP=${IP_Ephemeral:-"10.23.25.101"}
+export AIRSHIP_CONFIG_CLIENT_CERT_DATA=$(cat tools/deployment/certificates/airship_config_client_cert_data| base64 -w0)
+export AIRSHIP_CONFIG_CLIENT_KEY_DATA=$(cat tools/deployment/certificates/airship_config_client_key_data| base64 -w0)
+
+#Remove and Create .airship folder
+rm -rf $HOME/.airship
+mkdir -p $HOME/.airship
+
+echo "Generate ~/.airship/config and ~/.airship/kubeconfig"
+envsubst <"${AIRSHIPCTL_WS}/tools/deployment/templates/airshipconfig_template" > ~/.airship/config
+envsubst <"${AIRSHIPCTL_WS}/tools/deployment/templates/kubeconfig_template" > ~/.airship/kubeconfig
+
+if ! airshipctl config get-cluster | grep -q 'dummycluster_ephemeral' ; then
+  echo "Unable to verify the ephemeral cluster details. Please verify the ephemeral cluster configuration."
+else
+  echo "Verify airshipctl configuration"
+  airshipctl config get-cluster
+fi
diff --git a/tools/deployment/23_pull_documents.sh b/tools/deployment/23_pull_documents.sh
new file mode 100755
index 000000000..608d7fbaf
--- /dev/null
+++ b/tools/deployment/23_pull_documents.sh
@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -xe
+
+echo "Pull site documents using airshipctl"
+airshipctl document pull --debug
diff --git a/tools/deployment/24_build_ephemeral_iso.sh b/tools/deployment/24_build_ephemeral_iso.sh
new file mode 100755
index 000000000..730dbd8db
--- /dev/null
+++ b/tools/deployment/24_build_ephemeral_iso.sh
@@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -xe
+
+export USER_NAME=${USER:-"ubuntu"}
+
+ISO_DIR=${ISO_DIR:-"/srv/iso"}
+CLEANUP_SERVE_DIR=${CLEANUP_SERVE_DIR:-"false"}
+SITE_NAME=${SITE_NAME:-test-site}
+
+#Create serving directories and assign permission and ownership
+sudo rm -rf ${ISO_DIR}
+sudo mkdir -p ${ISO_DIR}
+sudo chmod -R 755 ${ISO_DIR}
+sudo chown -R ${USER_NAME} ${ISO_DIR}
+
+echo "Build ephemeral iso"
+airshipctl image build --debug
+
+echo "List generated iso"
+ls -lth ${ISO_DIR}
+
+echo "Remove the container used for iso generation"
+sudo docker rm $(docker ps -a -f status=exited -q)
+
+#cleanup the directories
+if [ "${CLEANUP_SERVE_DIR}" == "true" ] || [ "${CLEANUP_SERVE_DIR}" == "True" ]; then
+  echo "Clean directories used by ephemeral iso build"
+  sudo rm -rf ${ISO_DIR}
+fi
diff --git a/tools/deployment/25_deploy_ephemeral_node.sh b/tools/deployment/25_deploy_ephemeral_node.sh
new file mode 100755
index 000000000..9583575ba
--- /dev/null
+++ b/tools/deployment/25_deploy_ephemeral_node.sh
@@ -0,0 +1,41 @@
+#!/usr/bin/env bash
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -xe
+
+#Default wait timeout is 3600 seconds
+export TIMEOUT=${TIMEOUT:-3600}
+export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
+
+echo "Deploy ephemeral node using redfish with iso"
+airshipctl baremetal remotedirect --debug
+
+#Wait till ephemeral node is ready
+end=$(($(date +%s) + $TIMEOUT))
+echo "Waiting $TIMEOUT seconds for ephemeral node to be ready."
+while true; do
+    if (kubectl --request-timeout 20s --kubeconfig $KUBECONFIG get nodes ephemeral -o jsonpath='{.status.conditions[?(@.type=="Ready")].status}' | grep -q True) ; then
+        echo -e "\nEphemeral node is ready."
+        kubectl --request-timeout 20s --kubeconfig $KUBECONFIG get nodes
+        break
+    else
+        now=$(date +%s)
+        if [ $now -gt $end ]; then
+            echo -e "\nEphemeral node was not ready before TIMEOUT."
+            exit 1
+        fi
+        echo -n .
+        sleep 15
+    fi
+done
diff --git a/tools/deployment/26_deploy_metal3_capi_ephemeral_node.sh b/tools/deployment/26_deploy_metal3_capi_ephemeral_node.sh
new file mode 100755
index 000000000..b402a1ca2
--- /dev/null
+++ b/tools/deployment/26_deploy_metal3_capi_ephemeral_node.sh
@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -xe
+
+export KUBECONFIG=${KUBECONFIG:-"$HOME/.airship/kubeconfig"}
+
+echo "Deploy metal3.io components to ephemeral node"
+airshipctl phase apply initinfra --debug
+
+echo "Waiting for metal3 pods to come up"
+kubectl --kubeconfig $KUBECONFIG wait --for=condition=ready pods --all --timeout=1000s -A
+kubectl --kubeconfig $KUBECONFIG --namespace metal3 get pods
+
+echo "Deploy cluster components to ephemeral node"
+airshipctl cluster init --debug
+
+echo "Waiting for clusterapi pods to come up"
+kubectl --kubeconfig $KUBECONFIG wait --for=condition=available deploy --all --timeout=1000s -A
+kubectl --kubeconfig $KUBECONFIG get pods --all-namespaces
diff --git a/tools/deployment/30_deploy_controlplane.sh b/tools/deployment/30_deploy_controlplane.sh
new file mode 100755
index 000000000..103eef10a
--- /dev/null
+++ b/tools/deployment/30_deploy_controlplane.sh
@@ -0,0 +1,105 @@
+#!/usr/bin/env bash
+
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -ex
+
+TARGET_IMAGE_DIR="/srv/iso"
+EPHEMERAL_DOMAIN_NAME="air-ephemeral"
+TARGET_IMAGE_URL="https://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img"
+
+# TODO (dukov) this is needed due to sushy tools inserts cdrom image to
+# all vms. This can be removed once sushy tool is fixed
+echo "Ensure all cdrom images are ejected."
+for vm in $(sudo virsh list --all --name |grep -v ${EPHEMERAL_DOMAIN_NAME})
+do
+  sudo virsh domblklist $vm |
+    awk 'NF==2 {print $1}' |
+    grep -v Target |
+    xargs -I{} sudo virsh change-media $vm {} --eject || :
+done
+
+echo "Download target image"
+DOWNLOAD="200"
+if [ -e ${TARGET_IMAGE_DIR}/target-image.qcow2 ]
+then
+    MTIME=$(date -d @$(stat -c %Y ${TARGET_IMAGE_DIR}/target-image.qcow2) +"%a, %d %b %Y %T %Z")
+    DOWNLOAD=$(curl -sSLI \
+        --write-out '%{http_code}' \
+        -H "If-Modified-Since: ${MTIME}" \
+        ${TARGET_IMAGE_URL} | tail -1)
+fi
+if [ "${DOWNLOAD}" != "304" ]
+then
+    curl -sSLo ${TARGET_IMAGE_DIR}/target-image.qcow2 ${TARGET_IMAGE_URL}
+fi
+md5sum /srv/iso/target-image.qcow2 | cut -d ' ' -f 1 > ${TARGET_IMAGE_DIR}/target-image.qcow2.md5sum
+
+echo "Create target k8s cluster resources"
+airshipctl phase apply controlplane
+
+echo "Get kubeconfig from secret"
+KUBECONFIG=""
+N=0
+MAX_RETRY=6
+DELAY=10
+until [ "$N" -ge ${MAX_RETRY} ]
+do
+  KUBECONFIG=$(kubectl --request-timeout 10s --kubeconfig ${HOME}/.airship/kubeconfig \
+               get secret target-cluster-kubeconfig -o jsonpath='{.data.value}' || true)
+
+  if [[ ! -z "$KUBECONFIG" ]]; then
+      break
+  fi
+
+  N=$((N+1))
+  echo "$N: Retry to get kubeconfig from secret."
+  sleep ${DELAY}
+done
+
+if [[ -z "$KUBECONFIG" ]]; then
+  echo "Could not get kubeconfig from sceret."
+  exit 1
+fi
+
+echo "Create kubeconfig"
+echo ${KUBECONFIG} | base64 -d > /tmp/targetkubeconfig
+
+echo "Check kubectl version"
+VERSION=""
+N=0
+MAX_RETRY=30
+DELAY=60
+until [ "$N" -ge ${MAX_RETRY} ]
+do
+  VERSION=$(timeout 20 kubectl --kubeconfig /tmp/targetkubeconfig version | grep 'Server Version' || true)
+
+  if [[ ! -z "$VERSION" ]]; then
+      break
+  fi
+
+  N=$((N+1))
+  echo "$N: Retry to get kubectl version."
+  sleep ${DELAY}
+done
+
+if [[ -z "$VERSION" ]]; then
+  echo "Could not get kubectl version."
+  exit 1
+fi
+
+echo "Check nodes status"
+kubectl --kubeconfig /tmp/targetkubeconfig wait --for=condition=Ready node --all --timeout 900s
+
+echo "Get cluster state"
+kubectl --kubeconfig ${HOME}/.airship/kubeconfig get cluster
diff --git a/tools/deployment/certificates/airship_config_ca_data b/tools/deployment/certificates/airship_config_ca_data
new file mode 100644
index 000000000..154d71f88
--- /dev/null
+++ b/tools/deployment/certificates/airship_config_ca_data
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICyDCCAbCgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl
+cm5ldGVzMB4XDTE5MTIyNjA4MjgyNFoXDTI5MTIyMzA4MjgyNFowFTETMBEGA1UE
+AxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM1R
+S4wygj3iSBAf9BGBTKZyU1pbgChd6Y7IzKZedhjC6+y5dBiZo5eLzgkDsh38/XCS
+zqOKeypNQp3yAYKvbJHx786qHVY685d5XT3Z8srUTsT4yZcsdp3WyGt34yv36/AI
+1+SePQ+uNIzczo3DuhWGFhB97V6pF+EQ0eUcynM9shd/p0YQsX4ufXqhCD5ZsfvT
+pdku/Mi2ZuFRWTQKMxjjs5wgdAZpl6st/fdnfpwT9p/VN4nirg0K19DSHQILukSc
+oMwmsAx2kflHMhOk89Kqi0Ih/g2s4Ea4oYDYzktcbQgn0wIjggfvus3zQlG37ipa
+8qTsKefTgdR8gfBC5FMCAwEAAaMjMCEwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB
+/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAIzOA/M1ZdFPIswehZ1nzbtTSTDn
+Ds2VxRWEgrQEc3RbewkSdm9AKs0TdtdwDnpD/kQbCrKlDxQwEh74VMHVXbAZt7lW
+BJotOmqux1a8JbICE9cGAGG1oKH9GocXDYcBs907rLHu+iW1g/LUtna7WRjjjfpK
+qFzQf8gIPvH3OAgpuEUgqLyAO2kEgzVpN6pARqJvUFK6MD4c1f2yqXlp5xk7gEJr
+S48ZazwDfYEfWrkvWuagogS6JKon5DgFudxH5s6JyzGyOVvtxmScao8sqh+7Qy2n
+2/1UqNY+He7LxwN+bHpbB15KH159dsnKpQn4NDmcI6kVrw05I1H9ddAlato=
+-----END CERTIFICATE-----
diff --git a/tools/deployment/certificates/airship_config_client_cert_data b/tools/deployment/certificates/airship_config_client_cert_data
new file mode 100644
index 000000000..b428286c2
--- /dev/null
+++ b/tools/deployment/certificates/airship_config_client_cert_data
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID0DCCArgCFEtPoxFXJ5kTSVMt49YjppP/xBbyMA0GCSqGSIb3DQEBCwUAMBUx
+EzARBgNVBAMTCmt1YmVybmV0ZXMwHhcNMjAwMTI0MTkxNTEwWhcNMjkxMjAyMTkx
+NTEwWjA0MRkwFwYDVQQDDBBrdWJlcm5ldGVzLWFkbWluMRcwFQYDVQQKDA5zeXN0
+ZW06bWFzdGVyczCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMbhXTRk
+V6bewlR0afZAu0Fael9tmE8ZHQ/hkZHxnN76l6TPYmpboh4oF3F0Qjo4NKZ95TnZ
+49chWn4xRbeYOSnDp0iWD3wJWRVyiQoUAra9MpuO6EESQilUF5sqsEWQWU20DM+A
+Gq+Y4gg7x2uCHSvMFRi+4L9EiWGlgD2/oXWRnMXK04LPj6OoudofbwdfOrzu0OVE
+S4txknKPBcPTSv11eZYXckBDV3OlLD4Fwu0w570rw370+hJXvVqwvcodcf6D/PWY
+0jigwjiyBnggWam8QQcwSnwz4wNlWxJ9S2YBEoZmulURQZYY9etApJAtS3N9T6T6
+Z/JRQtGad2fNWSbLDrNjuMNLhAadLBxIPzA5vVZNZjRdtC0Sni2QT15iHZxwTqr4
+jDPCJXEu7++qqjPVWTiFK+rjqSaKZjUfUiJGBBVrnQfBD4smFsdN0yroma6Nc4L5
+JKmQWSGvguhm3mnlb1QiTYjurdRPDSfvl+CCGnp5BI/gZp2AuHs/5JJU2esVo/Ll
+EOtwR9wWwwWq0/f8WKtxmTk1529JvtPFAt0ymBV8Plvebupbbjyni/lVm2Nbezue
+x+e0JMlkVZqfbDRKn7J6YJrGYmBPUtBWhIY3oZIU1DQr8IIHnGfbVhZTy0MH2ABA
+uvUPqKRVO4Pi1E1x8A6yeOyTCrpx/JAk5rGdAgMBAAEwDQYJKoZIhvcNAQELBQAD
+ggEBAIcE3PqdvCMPH2rs1rDJODHv7Ai8KMOUvOF/tF9jGa/HPInHwFUE4ImnWPx6
+UGA2Q5n1lD1FBU4OC8xIYsuoKUPTy5OKzISL4Fg/IDpnxI9kMyf5+LGN7ho+nRfk
+BfJInUXoKDEmgxvsIaFwXzlkRL2s/YJaFQG15R+5c1rrBfwgI8P9NGzhC5qxgJj/
+m8+xO0hWRbHbIkCmMzDbojBIhZ/M+ouXGWhz/SjJhuxYMPgzNLfAFs/O15ZJ7waw
+gvhHg7/a9S4oP+Dc+Okuk2Eu1Fc/A9XzV379ihMYnnotP2WVxVwoFYAH45GPp6lP
+BBl26y1sbLn9zhfXQBH1ZE7A0eQ=
+-----END CERTIFICATE-----
diff --git a/tools/deployment/certificates/airship_config_client_key_data b/tools/deployment/certificates/airship_config_client_key_data
new file mode 100644
index 000000000..2940608b1
--- /dev/null
+++ b/tools/deployment/certificates/airship_config_client_key_data
@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKQIBAAKCAgEAxuFdNGRXpt7CVHRp9kC7QVp6X22YTxkdD+GRkfGc3vqXpM9i
+aluiHigXcXRCOjg0pn3lOdnj1yFafjFFt5g5KcOnSJYPfAlZFXKJChQCtr0ym47o
+QRJCKVQXmyqwRZBZTbQMz4Aar5jiCDvHa4IdK8wVGL7gv0SJYaWAPb+hdZGcxcrT
+gs+Po6i52h9vB186vO7Q5URLi3GSco8Fw9NK/XV5lhdyQENXc6UsPgXC7TDnvSvD
+fvT6Ele9WrC9yh1x/oP89ZjSOKDCOLIGeCBZqbxBBzBKfDPjA2VbEn1LZgEShma6
+VRFBlhj160CkkC1Lc31PpPpn8lFC0Zp3Z81ZJssOs2O4w0uEBp0sHEg/MDm9Vk1m
+NF20LRKeLZBPXmIdnHBOqviMM8IlcS7v76qqM9VZOIUr6uOpJopmNR9SIkYEFWud
+B8EPiyYWx03TKuiZro1zgvkkqZBZIa+C6GbeaeVvVCJNiO6t1E8NJ++X4IIaenkE
+j+BmnYC4ez/kklTZ6xWj8uUQ63BH3BbDBarT9/xYq3GZOTXnb0m+08UC3TKYFXw+
+W95u6ltuPKeL+VWbY1t7O57H57QkyWRVmp9sNEqfsnpgmsZiYE9S0FaEhjehkhTU
+NCvwggecZ9tWFlPLQwfYAEC69Q+opFU7g+LUTXHwDrJ47JMKunH8kCTmsZ0CAwEA
+AQKCAgABvSSweZQenGH8lQv8IDLC7oSVYwLq5iBP7Dv2l7M0a+J5iWql3Wk8dENI
+NakCk006i20+pT4NunftFIc0hLszN0e2JcG65uYFfvvdv7EKYfsYSxaSwxMbA2Y1
+cBkccpelS0a1ZbxV/rMzOTqUIQ4aPO2OStTyNyowVV8aqxtBSOWjARP6V9A8sRP2
+6UFyQg3kav4ekwtKC9Mo90EopidIsgc/HbNdBnm0RCRv4mMC6eOMzt4ltQSetm+s
+ZFE0fC9r90F18EEeR6GLF1thH39JMaEr6+sqzNVWSUOTlM7c9HNyA2HrrnvxUQSN
+awJFVHANcXIJ0jqobrdz17LlkHEQFs3Kv4ep4wDBJ2Qtz+1uAocRhWvRibqXD7Lx
+VjOtdrOXwdT1cfk+6QsTLYAJGzmt7lcS6B3gc2GZcIXl25YjMD5eXikWDsxXZkuP
++os3ThqxfHKnHNlmbORIZC1ovCSdI4VeZsjY41K9+GMiwWJMdzKiFJw6TvnTRRWS
+Lhwa3Q9AVc/LH4H/OmOjX74A3YIl+D1UPwwW0/2l8KpM3EVgmWjRLWVHFpMLbMJW
+eVJwwJRawmfKtvzmOJDyaMrInXjL3/HMDikpSraG1rNw5IJ39rYtAHQD5/UnfTdH
+K5ucjEnq7Ot32GZ3proE55daAcHPnKn8jXgVJMD29hypFo/fQQKCAQEA+An4hH1E
+oF+qeqioatw7g0iWPP3BzIq8FVmklFVAaQySo0Sd1XPrna+GDEAWtpylV1yfFdGj
+Hw8au96zTftn5fBFD1XmMNCYy7+3owWp++SpaC/1637WooyKF0cTSoqa3dEnEKRK
+xLavkIEQ279tA4UT+GU+zSoCOPPM4MIKzhGACs6ujtrK1Mqzp+BabWsFPn7bum+U
+DGHR+4+ZokA/T67inbTqeL0W2B64LrATDzY/v86TFmmZjYDhtJGRHYVT9OWIttEY
+6vmP3tkWNMktGl8m1bCAGCRepkrqHqYsLXnFCfYHQm9sihh/3rEV6u1F1d+tSrE2
+kSVU8xUX50lqMQKCAQEAzUN6ZKIQ6WdOOEGvr0LQ/XUs24mG37yF28IP2DqaAYes
+rsklSv7eIOSeew1mBDuBFIvnFoq5lFP7qxVpB2Z3MHiC1SZrVRf9PN7B4asrcr0+
+t0vKCWXQHi5PAxnqwXoa67D5ny0vyoWIUQp2dFLvB0Bjtos/j2EhzIfNV2mT9myn
+VAvNXGmfw8IRB/Wb0i3Cw4Z+roYuu2dDz6QL3PUo7XKKycg4uS55zK/qfOsOebnf
+zlwvjllMJ+fTQG73+BzH4NHXk6jFYC58ypkuwtrbfbMiJFNY8rWZm/MMwUCZVCCy
+yIqCqGAPzoi2SNsHKZNRj7vYCwPAWzO1bv1Fp/a3LQKCAQEAxm3Ll8pTNW1zB8+X
+dG2dWqieMErdWFIAp5/gTx5oeeGqCd1h2xpyeuKpfXFj+lEU4O/jAOSF99nwjC1c
+Cl2+v6/Yv6z7iz/FjPJh6ZQlabODZys/NFdzQ/TkoDynDTIXNK8W7nRQsFBp4VOv
+de0NPAyhbk0o0Z7yyjcYRxJU7IgJhBvWf8g/Db7fvMR58yDzwAxioiKTMNis0PAP
+e0Kko42IE5xhG5hCB0GEHS2VAc1ncH3FI9/1DMP3TKpLim9YPAnItmBO6+Qcma3X
+2wC6CWfnvHoH78hgw+4Yn85Wd0b8P7zID/jtvwhce331x8xr2u6nRqLAwZs4+4J7
+bfdIcQKCAQAC/be73ay3afz2zuY7fJLFDr8Pl+pyOjINKL/IW9pAqXR3u5CijiI4
+gnxYuLJC34cbAIrmhjD8G1kwfghgxjp4Z1kot/2aaNYU2/4hRrhEXMOcMiuIhYZJ
+2kzmc6s7FIdt5c9NZYAryFRbMfbV7Rt0lJifYVoUwcqXS2dPncc9MQojLGTasuNU
+G/DZl9ekcWxEIyKXcncd3fxb+zz9BEmLZD7nf9ZrxGSb+fhFx7sXRQEg5bD/twdo
+EXW/m55bbDfxa71jdnMh2quQ3DiVOFE4fLLDqr9CEilh32HRMxrI4g0Y5QPQZk30
+qYNWfnKVRYNLv+X/CxfzfEZpjqFEOFElAoIBAQCKzGbFvlzwPZRhxs7vUv19yHQp
+C1fGx0oKiD1R5fpYPkOEQAentAJDsraTl7/kH69WOUmD5Ox1mjrDPtkS8ZxWbRWx
+Fb2K+rqc4mpaZpdNWONNK3+tMfk+oAQqe2IMIWnw5HfmZc4MPcKtnFPbRSNAtjKp
+D6hoh/pW2gcDP4qZMYVoEm81VXdFCPhNb+Mbu/Sx2hPxSGWa5Fi73xKpYjy3pHJT
+XZ2ciG7EMCsJeoGKaQvcBcY/4iRDahWHVrilIXIArPuwfUB2o6BdTtjYGyNlgcfx
+qXKxipShA6VSbzugGzdtGMxE2zDGTI19qRC/z9CDDC5e2SAFjlBTWD2PrcqN
+-----END RSA PRIVATE KEY-----
diff --git a/tools/deployment/templates/airshipconfig_template b/tools/deployment/templates/airshipconfig_template
new file mode 100644
index 000000000..a3812f6d0
--- /dev/null
+++ b/tools/deployment/templates/airshipconfig_template
@@ -0,0 +1,52 @@
+apiVersion: airshipit.org/v1alpha1
+bootstrapInfo:
+  dummy_bootstrap_config:
+    container:
+      volume: ${AIRSHIP_CONFIG_ISO_GEN_TARGET_PATH}:/config
+      image: ${AIRSHIP_CONFIG_ISO_BUILDER_DOCKER_IMAGE}
+      containerRuntime: docker
+    remoteDirect:
+      remoteType: ${REMOTE_TYPE}
+      insecure: ${REMOTE_INSECURE}
+      useproxy: ${REMOTE_PROXY}
+      isoUrl: http://${AIRSHIP_CONFIG_ISO_SERVE_HOST}:${AIRSHIP_CONFIG_ISO_PORT}/${AIRSHIP_CONFIG_ISO_NAME}
+    builder:
+      userDataFileName: user-data
+      networkConfigFileName: network-config
+      outputMetadataFileName: output-metadata.yaml
+managementConfiguration:
+  dummy_management_config:
+    type: ${REMOTE_TYPE}
+    insecure: ${REMOTE_INSECURE}
+    useproxy: ${REMOTE_PROXY}
+    systemActionRetries: ${SYSTEM_ACTION_RETRIES}
+    systemRebootDelay: ${SYSTEM_REBOOT_DELAY}
+
+clusters:
+  dummycluster:
+    clusterType:
+      ephemeral:
+        bootstrapInfo: dummy_bootstrap_config
+        clusterKubeconf: dummycluster_ephemeral
+        managementConfiguration: dummy_management_config
+contexts:
+  dummy_cluster:
+    contextKubeconf: dummy_cluster
+    manifest: dummy_manifest
+currentContext: dummy_cluster
+kind: Config
+manifests:
+  dummy_manifest:
+    primaryRepositoryName: primary
+    repositories:
+      primary:
+        checkout:
+          branch: ${AIRSHIP_CONFIG_PRIMARY_REPO_BRANCH}
+          force: false
+          remoteRef: ""
+          tag: ""
+        url: ${AIRSHIP_CONFIG_PRIMARY_REPO_URL}
+    subPath: ${AIRSHIP_SITE_NAME}
+    targetPath: ${AIRSHIP_CONFIG_MANIFEST_DIRECTORY}
+users:
+  dummy_user: {}
diff --git a/tools/deployment/templates/kubeconfig_template b/tools/deployment/templates/kubeconfig_template
new file mode 100644
index 000000000..68422eaae
--- /dev/null
+++ b/tools/deployment/templates/kubeconfig_template
@@ -0,0 +1,19 @@
+apiVersion: v1
+clusters:
+- cluster:
+    certificate-authority-data: ${AIRSHIP_CONFIG_CA_DATA}
+    server: https://${AIRSHIP_CONFIG_EPHEMERAL_IP}:6443
+  name: dummycluster_ephemeral
+contexts:
+- context:
+    cluster: dummycluster_ephemeral
+    user: kubernetes-admin
+  name: dummy_cluster
+current-context: dummy_cluster
+kind: Config
+preferences: {}
+users:
+- name: kubernetes-admin
+  user:
+    client-certificate-data: ${AIRSHIP_CONFIG_CLIENT_CERT_DATA}
+    client-key-data: ${AIRSHIP_CONFIG_CLIENT_KEY_DATA}