diff --git a/example.py b/example.py
index 01290e27..c228d61b 100644
--- a/example.py
+++ b/example.py
@@ -26,7 +26,6 @@ def deploy():
 
     node1 = resource.create('node1', 'resources/ro_node/', {'ip': '10.0.0.3', 'ssh_key': '/vagrant/.vagrant/machines/solar-dev1/virtualbox/private_key', 'ssh_user': 'vagrant'})
     node2 = resource.create('node2', 'resources/ro_node/', {'ip': '10.0.0.4', 'ssh_key': '/vagrant/.vagrant/machines/solar-dev2/virtualbox/private_key', 'ssh_user': 'vagrant'})
-    node3 = resource.create('node3', 'resources/ro_node/', {'ip': '10.0.0.5', 'ssh_key' : '/vagrant/.vagrant/machines/solar-dev3/virtualbox/private_key', 'ssh_user': 'vagrant'})
 
     mariadb_service1 = resource.create('mariadb_service1', 'resources/mariadb_service', {'image': 'mariadb', 'root_password': 'mariadb', 'port': 3306, 'ip': '', 'ssh_user': '', 'ssh_key': ''})
     keystone_db = resource.create('keystone_db', 'resources/mariadb_db/', {'db_name': 'keystone_db', 'login_password': '', 'login_user': 'root', 'login_port': '', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
@@ -38,17 +37,17 @@ def deploy():
     keystone_config2 = resource.create('keystone_config2', 'resources/keystone_config/', {'config_dir': '/etc/solar/keystone', 'ip': '', 'ssh_user': '', 'ssh_key': '', 'admin_token': 'admin', 'db_password': '', 'db_name': '', 'db_user': '', 'db_host': '', 'db_port': ''})
     keystone_service2 = resource.create('keystone_service2', 'resources/keystone_service/', {'port': 5002, 'admin_port': 35357, 'image': '', 'ip': '', 'ssh_key': '', 'ssh_user': '', 'config_dir': ''})
 
-    haproxy_keystone_config = resource.create('haproxy_keystone1_config', 'resources/haproxy_keystone_config/', {'name': 'keystone_config', 'listen_port':5000, 'servers':[], 'ports':[]})
-    haproxy_config = resource.create('haproxy_config', 'resources/haproxy', {'ip': '', 'ssh_key': '', 'ssh_user': '', 'configs_names':[], 'configs_ports':[], 'listen_ports':[], 'configs':[], 'config_dir': ''})
-    haproxy_service = resource.create('haproxy_service', 'resources/docker_container/', {'image': 'tutum/haproxy', 'ports': [], 'host_binds': [], 'volume_binds':[], 'ip': '', 'ssh_key': '', 'ssh_user': ''})
+    haproxy_keystone_config = resource.create('haproxy_keystone1_config', 'resources/haproxy_keystone_config/', {'name': 'keystone_config', 'listen_port': 5000, 'servers': [], 'ports':[]})
+    haproxy_config = resource.create('haproxy_config', 'resources/haproxy', {'ip': '', 'ssh_key': '', 'ssh_user': '', 'configs_names': [], 'configs_ports': [], 'listen_ports': [], 'configs':[], 'config_dir': ''})
+    haproxy_service = resource.create('haproxy_service', 'resources/docker_container/', {'image': 'tutum/haproxy', 'ports': [], 'host_binds': [], 'volume_binds': [], 'ip': '', 'ssh_key': '', 'ssh_user': ''})
 
-    glance_db = resource.create('glance_db', 'resources/mariadb_db/', {'db_name':'glance_db', 'login_password':'', 'login_user':'root', 'login_port': '', 'ip':'', 'ssh_user':'', 'ssh_key':''})
-    glance_db_user = resource.create('glance_db_user', 'resources/mariadb_user/', {'new_user_name' : 'glance', 'new_user_password' : 'glance', 'db_name':'', 'login_password':'', 'login_user':'root', 'login_port': '', 'ip':'', 'ssh_user':'', 'ssh_key':''})
+    glance_db = resource.create('glance_db', 'resources/mariadb_db/', {'db_name': 'glance_db', 'login_password': '', 'login_user': 'root', 'login_port': '', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
+    glance_db_user = resource.create('glance_db_user', 'resources/mariadb_user/', {'new_user_name': 'glance', 'new_user_password': 'glance', 'db_name': '', 'login_password': '', 'login_user': 'root', 'login_port': '', 'ip': '', 'ssh_user': '', 'ssh_key': ''})
 
-    glance_keystone_user = resource.create('glance_keystone_user', 'resources/keystone_user', {'user_name': 'glance_admin', 'user_password': 'password1234', 'tenant_name': 'service_admins', 'keystone_host': '', 'keystone_port': '', 'login_user': '', 'login_token': '', 'ip': '', 'ssh_key': '', 'ssh_user': ''})
+    glance_keystone_user = resource.create('glance_keystone_user', 'resources/keystone_user', {'user_name': 'glance_admin', 'user_password': 'password1234', 'tenant_name': 'service_admins', 'role_name': 'glance_admin', 'keystone_host': '', 'keystone_admin_port': '', 'login_user': '', 'login_token': '', 'ip': '', 'ssh_key': '', 'ssh_user': ''})
 
     glance_config = resource.create('glance_config', 'resources/glance_config/', {'ip': '', 'ssh_key': '', 'ssh_user': '', 'keystone_ip': '', 'keystone_port': '', 'config_dir': {}, 'api_port': '', 'registry_port': '', 'mysql_ip': '', 'mysql_db': '', 'mysql_user': '', 'mysql_password': '', 'keystone_admin_user': '', 'keystone_admin_password': '', 'keystone_admin_tenant': ''})
-    glance_container = resource.create('glance_container', 'resources/docker_container/', {'image' : 'krystism/openstack-glance', 'ports': [{'value': [{'value': 9191}, {'value': 9292}]}], 'host_binds': [], 'volume_binds':[], 'ip':'', 'ssh_key':'', 'ssh_user':''})
+    glance_container = resource.create('glance_container', 'resources/glance_service/', {'image': 'cgenie/centos-rdo-glance-api', 'ports': [{'value': [{'value': 9191}, {'value': 9292}]}], 'host_binds': [], 'volume_binds': [], 'db_password': '', 'keystone_password': '', 'keystone_admin_token': '', 'keystone_host': '', 'ip': '', 'ssh_key': '', 'ssh_user': ''})
 
 
     ####
@@ -98,22 +97,27 @@ def deploy():
     signals.connect(glance_db, glance_db_user, {'db_name': 'db_name'})
 
     # glance keystone user
-    signals.connect(haproxy_keystone_config, glance_keystone_user, {'listen_port': 'keystone_port'})
+    signals.connect(haproxy_keystone_config, glance_keystone_user, {'listen_port': 'keystone_admin_port'})
     signals.connect(haproxy_service, glance_keystone_user)  # standard ip, ssh_key, ssh_user
     signals.connect(haproxy_service, glance_keystone_user, {'ip': 'keystone_host'})
     signals.connect(keystone_config1, glance_keystone_user, {'admin_token': 'login_token'})
     signals.connect(glance_keystone_user, glance_config, {'user_name': 'keystone_admin_user', 'user_password': 'keystone_admin_password', 'tenant_name': 'keystone_admin_tenant'})
 
     # glance
-    signals.connect(node3, glance_config)
+    signals.connect(node2, glance_config)
     signals.connect(haproxy_keystone_config, glance_config, {'listen_port': 'keystone_port'})
     signals.connect(haproxy_service, glance_config, {'ip': 'keystone_ip'})
     signals.connect(mariadb_service1, glance_config, {'ip': 'mysql_ip'})
     signals.connect(glance_db, glance_config, {'db_name': 'mysql_db'})
     signals.connect(glance_db_user, glance_config, {'new_user_name': 'mysql_user', 'new_user_password': 'mysql_password'})
-    signals.connect(node3, glance_container)
+    signals.connect(node2, glance_container)
     signals.connect(glance_config, glance_container, {'config_dir': 'host_binds'})
 
+    signals.connect(glance_db_user, glance_container, {'new_user_password': 'db_password'})
+    signals.connect(glance_keystone_user, glance_container, {'user_password': 'keystone_password'})
+    signals.connect(glance_keystone_user, glance_container, {'login_token': 'keystone_admin_token'})
+    signals.connect(haproxy_config, glance_container, {'ip': 'keystone_host'})
+
 
     has_errors = False
     for r in [node1,
@@ -144,7 +148,6 @@ def deploy():
 
     # run
     actions.resource_action(mariadb_service1, 'run')
-    time.sleep(10)
     actions.resource_action(keystone_db, 'run')
     actions.resource_action(keystone_db_user, 'run')
     actions.resource_action(keystone_config1, 'run')
@@ -165,6 +168,20 @@ def deploy():
     requests.get('http://%s:%s' % (keystone_service1.args['ip'].value, keystone_service1.args['port'].value))
     requests.get('http://%s:%s' % (keystone_service2.args['ip'].value, keystone_service2.args['port'].value))
     requests.get('http://%s:%s' % (haproxy_service.args['ip'].value, haproxy_service.args['ports'].value[0]['value'][0]['value']))
+
+    requests.post(
+        'http://%s:%s/v2.0/tokens' % (haproxy_service.args['ip'].value, haproxy_keystone_config.args['listen_port'].value),
+        {
+            'auth': {
+                'tenantName': glance_keystone_user.args['tenant_name'],
+                'passwordCredentials': {
+                    'username': glance_keystone_user.args['user_name'],
+                    'password': glance_keystone_user.args['user_password'],
+                }
+            }
+        }
+    )
+
     requests.get('http://%s:%s' % (glance_container.args['ip'].value, glance_container.args['ports'].value[0]['value'][0]['value']))
     requests.get('http://%s:%s' % (glance_container.args['ip'].value, glance_container.args['ports'].value[0]['value'][1]['value']))
 
diff --git a/resources/docker_container/meta.yaml b/resources/docker_container/meta.yaml
index 9808149d..76a25600 100644
--- a/resources/docker_container/meta.yaml
+++ b/resources/docker_container/meta.yaml
@@ -12,10 +12,10 @@ input:
       schema: [{value: [{value: int}]}]
       value: []
     host_binds:
-      schema: [{value: {src: str, dst: str}}]
+      schema: [{value: {src: str, dst: str, mode: str}}]
       value: []
     volume_binds:
-      schema: [{src: str, dst: str}]
+      schema: [{src: str, dst: str, mode: str}]
       value: []
     ssh_user:
       schema: str!
diff --git a/resources/glance_config/meta.yaml b/resources/glance_config/meta.yaml
index a52c6ae5..01f66385 100644
--- a/resources/glance_config/meta.yaml
+++ b/resources/glance_config/meta.yaml
@@ -13,8 +13,8 @@ input:
       value: []
 
     config_dir:
-      schema: {src: str!, dst: str!}
-      value: {src: /etc/solar/glance, dst: /etc/glance}
+      schema: {src: str!, dst: str!, mode: str}
+      value: {src: /etc/solar/glance, dst: /etc/glance, mode: rw}
     api_port:
       schema: int!
       value: 9292
diff --git a/resources/glance_service/actions/remove.yml b/resources/glance_service/actions/remove.yml
new file mode 100644
index 00000000..d3c3149f
--- /dev/null
+++ b/resources/glance_service/actions/remove.yml
@@ -0,0 +1,6 @@
+
+- hosts: [{{ ip }}]
+  sudo: yes
+  tasks:
+    - shell: docker stop {{ name }}
+    - shell: docker rm {{ name }}
diff --git a/resources/glance_service/actions/run.yml b/resources/glance_service/actions/run.yml
new file mode 100644
index 00000000..fa365283
--- /dev/null
+++ b/resources/glance_service/actions/run.yml
@@ -0,0 +1,33 @@
+
+- hosts: [{{ ip }}]
+  sudo: yes
+  tasks:
+    - docker:
+       name: {{ name }}
+       image: {{ image }}
+       state: running
+       net: host
+       {% if ports.value %}
+       ports:
+         {% for port in ports.value %}
+         {% for p in port['value'] %}
+         - {{ p['value'] }}:{{ p['value'] }}
+         {% endfor %}
+         {% endfor %}
+       {% endif %}
+       {% if host_binds.value %}
+       volumes:
+         # TODO: host_binds might need more work
+         # Currently it's not that trivial to pass custom src: dst here
+         # (when a config variable is passed here from other resource)
+         # so we mount it to the same directory as on host
+         {% for bind in host_binds.value %}
+         - {{ bind['value']['src'] }}:{{ bind['value']['dst'] }}:{{ bind['value'].get('mode', 'ro') }}
+         {% endfor %}
+       {% endif %}
+       env:
+         GLANCE_DB_PASSWORD: {{ db_password }}
+         GLANCE_KEYSTONE_PASSWORD: {{ keystone_password }}
+         KEYSTONE_ADMIN_SERVICE_HOST: {{ keystone_host }}
+         KEYSTONE_ADMIN_TOKEN: {{ keystone_admin_token }}
+         KEYSTONE_PUBLIC_SERVICE_HOST: {{ keystone_host }}
diff --git a/resources/glance_service/meta.yaml b/resources/glance_service/meta.yaml
new file mode 100644
index 00000000..f1f06b6c
--- /dev/null
+++ b/resources/glance_service/meta.yaml
@@ -0,0 +1,40 @@
+id: container
+handler: ansible
+version: 1.0.0
+input:
+    ip:
+      schema: str!
+      value:
+    image:
+      schema: str!
+      value:
+    ports:
+      schema: [{value: [{value: int}]}]
+      value: []
+    host_binds:
+      schema: [{value: {src: str, dst: str, mode: str}}]
+      value: []
+    volume_binds:
+      schema: [{src: str, dst: str, mode: str}]
+      value: []
+    ssh_user:
+      schema: str!
+      value: []
+    ssh_key:
+      schema: str!
+      value: []
+
+    db_password:
+      schema: str!
+      value:
+    keystone_admin_token:
+      schema: str!
+      value:
+    keystone_password:
+      schema: str!
+      value:
+    keystone_host:
+      schema: str!
+      value:
+
+tags: [resource/container]
diff --git a/resources/mariadb_service/actions/run.yml b/resources/mariadb_service/actions/run.yml
index 089b66ad..08fa7cd1 100644
--- a/resources/mariadb_service/actions/run.yml
+++ b/resources/mariadb_service/actions/run.yml
@@ -9,7 +9,7 @@
         ports:
         - {{ port }}:3306
         env:
-            MYSQL_ROOT_PASSWORD: {{ root_password }}
+          MYSQL_ROOT_PASSWORD: {{ root_password }}
     - shell: docker exec -t {{ name }} mysql -p{{ root_password }} -uroot -e "select 1"
       register: result
       until: result.rc == 0
diff --git a/solar/solar/core/handlers/ansible.py b/solar/solar/core/handlers/ansible.py
index edba4b36..a812c19c 100644
--- a/solar/solar/core/handlers/ansible.py
+++ b/solar/solar/core/handlers/ansible.py
@@ -1,7 +1,6 @@
 # -*- coding: utf-8 -*-
 import os
 import subprocess
-import yaml
 
 from solar.core.handlers.base import BaseHandler
 
@@ -14,7 +13,11 @@ class Ansible(BaseHandler):
         print 'playbook_file', playbook_file
         call_args = ['ansible-playbook', '-i', inventory_file, playbook_file]
         print 'EXECUTING: ', ' '.join(call_args)
-        subprocess.call(call_args)
+        try:
+            subprocess.check_output(call_args)
+        except subprocess.CalledProcessError as e:
+            print e.output
+            raise
 
     #def _get_connection(self, resource):
     #    return {'ssh_user': '',