diff --git a/resources/haproxy_service/actions/remove.yml b/resources/haproxy_service/actions/remove.yml
new file mode 100644
index 00000000..d3c3149f
--- /dev/null
+++ b/resources/haproxy_service/actions/remove.yml
@@ -0,0 +1,6 @@
+
+- hosts: [{{ ip }}]
+  sudo: yes
+  tasks:
+    - shell: docker stop {{ name }}
+    - shell: docker rm {{ name }}
diff --git a/resources/haproxy_service/actions/run.yml b/resources/haproxy_service/actions/run.yml
new file mode 100644
index 00000000..d0527737
--- /dev/null
+++ b/resources/haproxy_service/actions/run.yml
@@ -0,0 +1,27 @@
+
+- hosts: [{{ ip }}]
+  sudo: yes
+  tasks:
+    - docker:
+       name: {{ name }}
+       image: {{ image }}
+       state: running
+       net: host
+       {% if ports.value %}
+       ports:
+         {% for port in ports.value %}
+         {% for p in port['value'] %}
+         - {{ p['value'] }}:{{ p['value'] }}
+         {% endfor %}
+         {% endfor %}
+       {% endif %}
+       {% if host_binds.value %}
+       volumes:
+         # TODO: host_binds might need more work
+         # Currently it's not that trivial to pass custom src: dst here
+         # (when a config variable is passed here from other resource)
+         # so we mount it to the same directory as on host
+         {% for bind in host_binds.value %}
+         - {{ bind['value']['src'] }}:{{ bind['value']['dst'] }}:{{ bind['value'].get('mode', 'ro') }}
+         {% endfor %}
+       {% endif %}
diff --git a/resources/haproxy_service/meta.yaml b/resources/haproxy_service/meta.yaml
new file mode 100644
index 00000000..ebd1a798
--- /dev/null
+++ b/resources/haproxy_service/meta.yaml
@@ -0,0 +1,27 @@
+id: haproxy_service
+handler: ansible
+version: 1.0.0
+input:
+    ip:
+      schema: str!
+      value:
+    image:
+      schema: str!
+      value: tutum/haproxy
+    ports:
+      schema: [{value: [{value: int}]}]
+      value: []
+    host_binds:
+      schema: [{value: {src: str, dst: str}}]
+      value: []
+    volume_binds:
+      schema: [{src: str, dst: str}]
+      value: []
+    ssh_user:
+      schema: str!
+      value:
+    ssh_key:
+      schema: str!
+      value:
+
+tags: [resources/haproxy, resource/haproxy_service]
diff --git a/resources/keystone_role/meta.yaml b/resources/keystone_role/meta.yaml
index 1d8fe6ce..6f681abf 100644
--- a/resources/keystone_role/meta.yaml
+++ b/resources/keystone_role/meta.yaml
@@ -1,4 +1,4 @@
-id: keystone_user
+id: keystone_role
 handler: ansible
 version: 1.0.0
 input:
@@ -13,13 +13,13 @@ input:
       value:
     user_name:
       schema: str!
-      value:
+      value: admin
     tenant_name:
       schema: str!
       value:
     role_name:
       schema: str!
-      value:
+      value: admin
     ip:
       schema: str!
       value:
@@ -30,4 +30,4 @@ input:
       schema: str!
       value:
 
-tags: [resource/keystone_user, resources/keystone]
+tags: [resource/keystone_role, resources/keystone]
diff --git a/resources/keystone_service/actions/run.yml b/resources/keystone_service/actions/run.yml
index 305ff7e1..9aca8f54 100644
--- a/resources/keystone_service/actions/run.yml
+++ b/resources/keystone_service/actions/run.yml
@@ -15,3 +15,6 @@
         - {{ admin_port }}:35357
         volumes:
         - {{ config_dir }}:/etc/keystone
+
+    - name: wait for keystone
+      wait_for: host={{ip}} port={{port}} timeout=20
diff --git a/resources/keystone_service/meta.yaml b/resources/keystone_service/meta.yaml
index e69f3e10..1afa7f4c 100644
--- a/resources/keystone_service/meta.yaml
+++ b/resources/keystone_service/meta.yaml
@@ -1,4 +1,4 @@
-id: keystone
+id: keystone_service
 handler: ansible
 version: 1.0.0
 input:
diff --git a/resources/keystone_service_endpoint/meta.yaml b/resources/keystone_service_endpoint/meta.yaml
index ce0b740f..2639ebdb 100644
--- a/resources/keystone_service_endpoint/meta.yaml
+++ b/resources/keystone_service_endpoint/meta.yaml
@@ -1,4 +1,4 @@
-id: keystone_user
+id: keystone_service_endpoint
 handler: ansible
 version: 1.0.0
 input:
@@ -19,19 +19,22 @@ input:
       value:
     name:
       schema: str!
-      value:
+      value: keystone
     type:
       schema: str!
-      value:
+      value: identity
     description:
       schema: str!
-      value:
+      value: OpenStack Identity Service
     publicurl:
       schema: str!
-      value:
+      value: http://{{ip}}:{{port}}/v2.0
     internalurl:
       schema: str!
-      value:
+      value: http://{{ip}}:{{port}}/v2.0
+    adminurl:
+      schema: str!
+      value: http://{{ip}}:{{admin_port}}/v2.0
     adminurl:
       schema: str!
       value:
@@ -45,5 +48,4 @@ input:
       schema: str!
       value:
 
-tags: [resource/keystone_tenant, resources/keystone]
-
+tags: [resource/keystone_service_endpoint, resources/keystone]
diff --git a/resources/keystone_tenant/meta.yaml b/resources/keystone_tenant/meta.yaml
index ac7e6d6f..5c1fd43a 100644
--- a/resources/keystone_tenant/meta.yaml
+++ b/resources/keystone_tenant/meta.yaml
@@ -1,4 +1,4 @@
-id: keystone_user
+id: keystone_tenant
 handler: ansible
 version: 1.0.0
 input:
@@ -13,7 +13,7 @@ input:
       value:
     tenant_name:
       schema: str!
-      value:
+      value: admin
     ip:
       schema: str!
       value:
diff --git a/resources/keystone_user/meta.yaml b/resources/keystone_user/meta.yaml
index edaa75d6..c0875767 100644
--- a/resources/keystone_user/meta.yaml
+++ b/resources/keystone_user/meta.yaml
@@ -13,10 +13,10 @@ input:
       value:
     user_name:
       schema: str!
-      value:
+      value: admin
     user_password:
       schema: str!
-      value:
+      value: admin
     tenant_name:
       schema: str!
       value:
diff --git a/resources/mariadb_service/actions/run.yml b/resources/mariadb_service/actions/run.yml
index 2d5950ab..e8e5c5f6 100644
--- a/resources/mariadb_service/actions/run.yml
+++ b/resources/mariadb_service/actions/run.yml
@@ -14,5 +14,5 @@
     - shell: docker exec -t {{ name }} mysql -p{{ root_password }} -uroot -e "SELECT 1"
       register: result
       until: result.rc == 0
-      retries: 20
+      retries: 30
       delay: 0.5
diff --git a/templates/profile.yml b/templates/profile.yml
index 453d908f..ce6605c9 100644
--- a/templates/profile.yml
+++ b/templates/profile.yml
@@ -10,6 +10,7 @@ extensions:
 tags: {{tags}}
 
 connections:
+  # keystone
   - for_resources: [resource/mariadb_service]
     filter_resources: [resource/mariadb_keystone_db, resource/mariadb_keystone_user]
     mapping:
@@ -39,6 +40,7 @@ connections:
     mapping:
       config_dir: config_dir
 
+  # haproxy
   - for_resources: [resource/keystone_service]
     filter_resources: [resource/haproxy_keystone_config]
     mapping:
@@ -58,3 +60,39 @@ connections:
     mapping:
       listen_ports: ports
       config_dir: host_binds
+
+  # keystone data
+  - for_resources: [resource/keystone_config]
+    filter_resources: [resource/keystone_tenant]
+    mapping: {}
+
+  - for_resources: [resource/keystone_service]
+    filter_resources: [resource/keystone_tenant]
+    mapping:
+      admin_port: keystone_port
+      ip: keystone_host
+
+  - for_resources: [resource/keystone_tenant]
+    filter_resources: [resource/keystone_user]
+    mapping: {}
+
+  - for_resources: [resource/keystone_user]
+    filter_resources: [resource/keystone_role]
+    mapping: {}
+
+  - for_resources: [resource/keystone_service]
+    filter_resources: [resource/keystone_service_endpoint]
+    mapping:
+      admin_port: admin_port
+      ip: keystone_host
+      port: port
+
+  - for_resources: [resource/keystone_config]
+    filter_resources: [resource/keystone_service_endpoint]
+    mapping:
+      admin_token: admin_token
+
+  - for_resources: [resource/keystone_service]
+    filter_resources: [resource/keystone_service_endpoint]
+    mapping:
+      admin_port: keystone_port