diff --git a/openbao/ingress.yaml b/openbao/ingress.yaml
new file mode 100644
index 0000000..f2d8197
--- /dev/null
+++ b/openbao/ingress.yaml
@@ -0,0 +1,19 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: openbao
+  namespace: openbao
+  annotations:
+    kubernetes.io/ingress.class: nginx
+spec:
+  rules:
+  - host: openbao.apps.undercloud.dev
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: openbao
+            port:
+              number: 8200
\ No newline at end of file
diff --git a/openbao/namespace.yaml b/openbao/namespace.yaml
new file mode 100644
index 0000000..d2639d9
--- /dev/null
+++ b/openbao/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: openbao
\ No newline at end of file
diff --git a/openbao/openbao.yaml b/openbao/openbao.yaml
new file mode 100644
index 0000000..212e114
--- /dev/null
+++ b/openbao/openbao.yaml
@@ -0,0 +1,83 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: openbao-data
+  namespace: openbao
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi
+  storageClassName: cephfs-hyper
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: openbao-config
+  namespace: openbao
+data:
+  bao.hcl: |
+    ui = true
+
+    listener "tcp" {
+      address     = "0.0.0.0:8200"
+      tls_disable = 1
+    }
+
+    storage "file" {
+      path = "/openbao/data"
+    }
+
+    disable_mlock = true
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: openbao
+  namespace: openbao
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: openbao
+  template:
+    metadata:
+      labels:
+        app: openbao
+    spec:
+      containers:
+        - name: openbao
+          image: ghcr.io/openbao/openbao:2.4.3
+          imagePullPolicy: IfNotPresent
+          args:
+            - "server"
+            - "-config=/openbao/config/bao.hcl"
+          ports:
+            - containerPort: 8200
+              name: http
+          volumeMounts:
+            - name: config
+              mountPath: /openbao/config
+            - name: data
+              mountPath: /openbao/data
+      volumes:
+        - name: config
+          configMap:
+            name: openbao-config
+        - name: data
+          persistentVolumeClaim:
+            claimName: openbao-data
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: openbao
+  namespace: openbao
+spec:
+  selector:
+    app: openbao
+  ports:
+    - port: 8200
+      targetPort: 8200
+  type: ClusterIP
\ No newline at end of file