diff --git a/software/openstack/instance-compute.cfg b/software/openstack/instance-compute.cfg
new file mode 100644
index 0000000000000000000000000000000000000000..7b8b3fdf318c3e1ba01688cabedd0fc3c3b8b584
--- /dev/null
+++ b/software/openstack/instance-compute.cfg
@@ -0,0 +1,288 @@
+#############################
+#
+# Instanciate kvm
+#
+#############################
+[buildout]
+parts =
+  certificate-authority
+  kvm-instance
+  kvm-controller-instance
+  kvm-promise
+  tunnel-ipv6-ssh
+  tunnel-ipv6-http
+  tunnel-ipv6-https
+  tunnel-ipv6-keystone
+  tunnel-ipv6-keystone-admin
+  tunnel-ipv6-novnc
+  tunnel-ipv6-glance
+  tunnel-ipv6-s3api
+  tunnel-ipv6-spice
+  tunnel-ipv6-novadb
+  tunnel-ipv6-rabbit
+  tunnel-ipv6-ec2
+  websockify-sighandler
+  novnc-promise
+  publish-kvm-connection-information
+
+eggs-directory = ${buildout:eggs-directory}
+develop-eggs-directory = ${buildout:develop-eggs-directory}
+offline = true
+
+[directory]
+recipe = slapos.cookbook:mkdirectory
+etc = $${buildout:directory}/etc
+bin = $${buildout:directory}/bin
+srv = $${buildout:directory}/srv
+var = $${buildout:directory}/var
+scripts = $${:etc}/run
+services = $${:etc}/service
+promises = $${:etc}/promise
+novnc-conf = $${:etc}/novnc
+run = $${:var}/run
+ca-dir = $${:srv}/ssl
+
+[create-mac]
+recipe = slapos.cookbook:generate.mac
+storage-path = $${directory:srv}/mac
+
+[gen-passwd]
+recipe = slapos.cookbook:generate.password
+storage-path = $${directory:srv}/passwd
+bytes = 8
+
+[gen-kvm-run]
+recipe = slapos.recipe.template
+url = ${kvm-run:location}/${kvm-run:filename}
+output = $${directory:bin}/kvm_run_raw
+mode = 0700
+
+software_type = compute
+python_path = ${buildout:executable}
+disk_path = $${directory:srv}/virtual.qcow2
+qemu_img_path = ${kvm:location}/bin/qemu-img
+disk_size = $${slap-parameter:disk-size}
+vnc_ip = $${slap-network-information:local-ipv4}
+qemu_path = ${kvm:location}/bin/qemu-system-x86_64
+mac_address = $${create-mac:mac-address}
+smp_count = $${slap-parameter:cpu-count}
+ram_size = $${slap-parameter:ram-size}
+disk_type = $${slap-parameter:disk-type}
+boot_disk_path = $${directory:srv}/boot.qcow2
+socket_path = $${directory:var}/qmp_socket
+pid_file_path = $${directory:run}/kvm_run.pid
+nbd_ip = $${slap-parameter:nbd-ip}
+nbd_port = 1024
+vnc_port = 5901
+
+[gen-kvm-controller]
+recipe = slapos.recipe.template
+url = ${kvm-controller:location}/${kvm-controller:filename}
+output = $${directory:bin}/kvm_controller_raw
+mode = 0700
+
+python_path = ${buildout:executable}
+socket_path = $${directory:var}/qmp_socket
+vnc_passwd = $${gen-passwd:passwd}
+
+[kvm-controller-instance]
+recipe = slapos.cookbook:wrapper
+command-line = $${gen-kvm-controller:output}
+wrapper-path = $${directory:scripts}/kvm_controller
+
+[kvm-instance]
+recipe = slapos.cookbook:wrapper
+command-line = $${gen-kvm-run:output}
+wrapper-path = $${directory:services}/kvm
+
+[kvm-promise]
+recipe = slapos.cookbook:check_port_listening
+path = $${directory:promises}/vnc_promise
+hostname = $${gen-kvm-run:vnc_ip}
+port = $${gen-kvm-run:vnc_port}
+
+[tunnel-ipv6-base]
+recipe = slapos.cookbook:ipv6toipv4
+ipv6 = $${slap-network-information:global-ipv6}
+ipv4 = $${slap-network-information:local-ipv4}
+shell-path = ${dash:location}/bin/dash
+6tunnel-path = ${6tunnel:location}/bin/6tunnel
+
+[tunnel-ipv4-to6]
+recipe = slapos.cookbook:ipv4toipv6
+ipv6 = $${slap-parameter:master-address}
+ipv4 = $${slap-network-information:local-ipv4}
+shell-path = ${dash:location}/bin/dash
+6tunnel-path = ${6tunnel:location}/bin/6tunnel
+
+[tunnel-ipv6-ssh]
+<= tunnel-ipv6-base
+ipv6-port = 22222
+ipv4-port = 22222
+runner-path = $${directory:services}/6tunnel-ssh
+
+[tunnel-ipv6-http]
+<= tunnel-ipv6-base
+ipv6-port = 80
+ipv4-port = 80
+runner-path = $${directory:services}/6tunnel-http
+
+[tunnel-ipv6-https]
+<= tunnel-ipv6-base
+ipv6-port = 443
+ipv4-port = 443
+runner-path = $${directory:services}/6tunnel-https
+
+[tunnel-ipv6-keystone]
+<= tunnel-ipv4-to6
+ipv6-port = 5000
+ipv4-port = 5000
+runner-path = $${directory:services}/6tunnel-keystone
+
+[tunnel-ipv6-keystone-admin]
+<= tunnel-ipv4-to6
+ipv6-port = 35357
+ipv4-port = 35357
+runner-path = $${directory:services}/6tunnel-keystone-admin
+
+[tunnel-ipv6-novnc]
+<= tunnel-ipv4-to6
+ipv6-port = 6080
+ipv4-port = 6080
+runner-path = $${directory:services}/6tunnel-novnc
+
+[tunnel-ipv6-glance]
+<= tunnel-ipv4-to6
+ipv6-port = 9292
+ipv4-port = 9292
+runner-path = $${directory:services}/6tunnel-glance
+
+[tunnel-ipv6-spice]
+<= tunnel-ipv4-to6
+ipv6-port = 6082
+ipv4-port = 6082
+runner-path = $${directory:services}/6tunnel-spice
+
+#I don't know if this is really usefull!!
+[tunnel-ipv6-s3api]
+<= tunnel-ipv4-to6
+ipv6-port = 3333
+ipv4-port = 3333
+runner-path = $${directory:services}/6tunnel-s3api
+
+[tunnel-ipv6-ec2]
+<= tunnel-ipv4-to6
+ipv6-port = 8773
+ipv4-port = 8773
+runner-path = $${directory:services}/6tunnel-ec2
+
+[tunnel-ipv6-rabbit]
+<= tunnel-ipv4-to6
+ipv6-port = 5672
+ipv4-port = 5672
+runner-path = $${directory:services}/6tunnel-rabbit
+
+[tunnel-ipv6-novadb]
+<= tunnel-ipv4-to6
+ipv6-port = 3306
+ipv4-port = 3306
+runner-path = $${directory:services}/6tunnel-novadb
+
+[novnc-instance]
+recipe = slapos.cookbook:novnc
+path = $${ca-novnc:executable}
+ip = $${slap-network-information:global-ipv6}
+port = 6081
+vnc-ip = $${gen-kvm-run:vnc_ip}
+vnc-port = $${gen-kvm-run:vnc_port}
+novnc-location = ${noVNC:location}
+websockify-path = ${buildout:directory}/bin/websockify
+ssl-key-path = $${ca-novnc:key-file}
+ssl-cert-path = $${ca-novnc:cert-file}
+
+[websockify-sighandler]
+recipe = slapos.cookbook:signalwrapper
+wrapper-path = $${directory:services}/websockify
+wrapped-path = $${novnc-instance:path}
+
+[certificate-authority]
+recipe = slapos.cookbook:certificate_authority
+openssl-binary = ${openssl:location}/bin/openssl
+ca-dir = $${directory:ca-dir}
+requests-directory = $${cadirectory:requests}
+wrapper = $${directory:services}/certificate_authority
+ca-private = $${cadirectory:private}
+ca-certs = $${cadirectory:certs}
+ca-newcerts = $${cadirectory:newcerts}
+ca-crl = $${cadirectory:crl}
+
+[cadirectory]
+recipe = slapos.cookbook:mkdirectory
+requests = $${directory:ca-dir}/requests/
+private = $${directory:ca-dir}/private/
+certs = $${directory:ca-dir}/certs/
+newcerts = $${directory:ca-dir}/newcerts/
+crl = $${directory:ca-dir}/crl/
+
+[ca-novnc]
+<= certificate-authority
+recipe = slapos.cookbook:certificate_authority.request
+key-file = $${directory:novnc-conf}/novnc.key
+cert-file = $${directory:novnc-conf}/novnc.crt
+executable = $${directory:bin}/novnc
+wrapper = $${directory:bin}/websockify
+
+[novnc-promise]
+recipe = slapos.cookbook:check_port_listening
+path = $${directory:promises}/novnc_promise
+hostname = $${novnc-instance:ip}
+port = $${novnc-instance:port}
+
+
+[kvm-monitor]
+recipe = slapos.cookbook:generic.slapmonitor
+db-path = $${directory:srv}/slapmonitor_database
+
+
+[request-slave-frontend]
+recipe = slapos.cookbook:requestoptional
+software-url = $${slap-parameter:frontend-software-url}
+server-url = $${slap-connection:server-url}
+key-file = $${slap-connection:key-file}
+cert-file = $${slap-connection:cert-file}
+computer-id = $${slap-connection:computer-id}
+partition-id = $${slap-connection:partition-id}
+name = VNC Frontend
+software-type = $${slap-parameter:frontend-software-type}
+slave = true
+config = host port
+config-host = $${novnc-instance:ip}
+config-port = $${novnc-instance:port}
+return = url resource port domainname
+#sla = instance_guid
+#sla-instance_guid = $${slap-parameter:frontend-instance-guid}
+
+[publish-kvm-connection-information]
+recipe = slapos.cookbook:publish
+vnc-backend-url = https://[$${novnc-instance:ip}]:$${novnc-instance:port}/vnc_auto.html?host=[$${novnc-instance:ip}]&port=$${novnc-instance:port}&encrypt=1
+vnc-password = $${gen-passwd:passwd}
+vnc-url = $${request-slave-frontend:connection-url}/vnc_auto.html?host=$${request-slave-frontend:connection-domainname}&port=$${request-slave-frontend:connection-port}&encrypt=1&path=$${request-slave-frontend:connection-resource}
+ssh = ssh stack@$${tunnel-ipv6-ssh:ipv6} -p $${tunnel-ipv6-ssh:ipv6-port}
+ssh-defaul-passwd = openstack
+local-ipv4 = $${slap-network-information:local-ipv4}
+
+[slap-parameter]
+# Default values if not specified
+#frontend-instance-guid = SOFTINST-81
+frontend-software-type = frontend
+frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg
+
+ram-size = 2048
+disk-size = 20
+disk-type = virtio
+
+cpu-count = 4
+nbd-ip = 2001:470:1f14:169:dd6b:3f84:9205:c750
+domain =
+master-address = 2001:470:1f14:169:dd6b:3f84:9205:73a4
+master-passwd = openstack
diff --git a/software/openstack/instance-main.cfg b/software/openstack/instance-main.cfg
index 2e194969dd5a3cdd1abdf420afcfcc3245ce9cab..5037688e286a5441809cf06f8cc9b8a48ba1c56c 100644
--- a/software/openstack/instance-main.cfg
+++ b/software/openstack/instance-main.cfg
@@ -19,6 +19,8 @@ parts =
   tunnel-ipv6-s3api
   tunnel-ipv6-spice
   tunnel-ipv6-novadb
+  tunnel-ipv6-rabbit
+  tunnel-ipv6-ec2
   websockify-sighandler
   novnc-promise
   publish-kvm-connection-information
@@ -55,6 +57,7 @@ url = ${kvm-run:location}/${kvm-run:filename}
 output = $${directory:bin}/kvm_run_raw
 mode = 0700
 
+software_type = main
 python_path = ${buildout:executable}
 disk_path = $${directory:srv}/virtual.qcow2
 qemu_img_path = ${kvm:location}/bin/qemu-img
@@ -147,12 +150,24 @@ ipv6-port = 9292
 ipv4-port = 9292
 runner-path = $${directory:services}/6tunnel-glance
 
+[tunnel-ipv6-rabbit]
+<= tunnel-ipv6-base
+ipv6-port = 5672
+ipv4-port = 5672
+runner-path = $${directory:services}/6tunnel-rabbit
+
 [tunnel-ipv6-spice]
 <= tunnel-ipv6-base
 ipv6-port = 6082
 ipv4-port = 6082
 runner-path = $${directory:services}/6tunnel-spice
 
+[tunnel-ipv6-ec2]
+<= tunnel-ipv6-base
+ipv6-port = 8773
+ipv4-port = 8773
+runner-path = $${directory:services}/6tunnel-ec2
+
 #I don't know if this is really usefull!!
 [tunnel-ipv6-s3api]
 <= tunnel-ipv6-base
@@ -224,7 +239,7 @@ db-path = $${directory:srv}/slapmonitor_database
 
 [request-slave-frontend]
 recipe = slapos.cookbook:requestoptional
-software-url = $${slap-parameter:frontend-software-url}
+software-url = $${slap-parameter:kvm-frontend-url}
 server-url = $${slap-connection:server-url}
 key-file = $${slap-connection:key-file}
 cert-file = $${slap-connection:cert-file}
@@ -237,8 +252,32 @@ config = host port
 config-host = $${novnc-instance:ip}
 config-port = $${novnc-instance:port}
 return = url resource port domainname
-sla = instance_guid
-sla-instance_guid = $${slap-parameter:frontend-instance-guid}
+#sla = instance_guid
+#sla-instance_guid = $${slap-parameter:frontend-instance-guid}
+
+[request-openstack-frontend]
+<= slap-connection
+recipe = slapos.cookbook:requestoptional
+name = Frontend OpenStack
+# XXX We have hardcoded SR URL here.
+software-url = $${slap-parameter:frontend-software-url}
+slave = true
+config = url custom_domain
+config-url = http://[$${slap-network-information:global-ipv6}]:80/
+return = site_url
+config-custom_domain = $${slap-parameter:domain}
+
+[request-openstack-vnc-frontend]
+<= slap-connection
+recipe = slapos.cookbook:requestoptional
+name = Frontend OpenStack VNC
+# XXX We have hardcoded SR URL here.
+software-url = $${slap-parameter:frontend-software-url}
+slave = true
+config = url custom_domain
+config-url = http://[$${slap-network-information:global-ipv6}]:6080/
+return = site_url
+config-custom_domain = $${slap-parameter:domain}
 
 [publish-kvm-connection-information]
 recipe = slapos.cookbook:publish
@@ -246,13 +285,16 @@ vnc-backend-url = https://[$${novnc-instance:ip}]:$${novnc-instance:port}/vnc_au
 vnc-password = $${gen-passwd:passwd}
 vnc-url = $${request-slave-frontend:connection-url}/vnc_auto.html?host=$${request-slave-frontend:connection-domainname}&port=$${request-slave-frontend:connection-port}&encrypt=1&path=$${request-slave-frontend:connection-resource}
 ssh = ssh stack@$${tunnel-ipv6-ssh:ipv6} -p $${tunnel-ipv6-ssh:ipv6-port}
+server-url = $${request-openstack-frontend:connection-site_url}
+openstack-vnc = $${request-openstack-vnc-frontend:connection-site_url}
+openstack-services-host = $${slap-network-information:global-ipv6}
 ssh-defaul-passwd = openstack
 
 [slap-parameter]
 # Default values if not specified
-frontend-instance-guid = SOFTINST-81
 frontend-software-type = frontend
-frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg
+kvm-frontend-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg
+frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
 
 ram-size = 2048
 disk-size = 20
diff --git a/software/openstack/instance.cfg b/software/openstack/instance.cfg
index 040449bbfa32fd7753e32c0e1e58594cd2fad82c..883580fd973cc25dea102eebb6ee56e5f2578d2a 100644
--- a/software/openstack/instance.cfg
+++ b/software/openstack/instance.cfg
@@ -8,7 +8,8 @@ offline = true
 
 [switch-softwaretype]
 recipe = slapos.cookbook:softwaretype
-default = ${template-kvm:output}
+default = ${template-openstack-main:output}
+compute = ${template-openstack-compute:output}
 
 [slap-connection]
 # part to migrate to new - separated words
diff --git a/software/openstack/software.cfg b/software/openstack/software.cfg
index 966d29a095548684843d49f8dbb73c8ee21c2543..49eabae762c56f72bc34c9d1575af3e819acf6d4 100644
--- a/software/openstack/software.cfg
+++ b/software/openstack/software.cfg
@@ -24,17 +24,24 @@ eggs =
   slapos.cookbook
   slapos.toolbox
 
-[template-kvm]
+[template-openstack-main]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-main.cfg
-md5sum = 1ab7b31c6df203988c693cef80663d8d
+md5sum = 2c67b51e981ad2ee404ff6001fa4b901
 output = ${buildout:directory}/template-openstack-main.cfg
 mode = 0644
 
+[template-openstack-compute]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance-compute.cfg
+md5sum = 0a27f45735999aef7c4af2bbc09557de
+output = ${buildout:directory}/template-openstack-compute.cfg
+mode = 0644
+
 [template]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance.cfg
-md5sum = 5e426ac6182e30d651d53cf03abeef5d
+md5sum = 078532437caafea4d515fb27267de6ee
 output = ${buildout:directory}/template.cfg
 mode = 0644
 
@@ -52,7 +59,7 @@ md5sum = 04a94f04344a6169af242dea03b8c52d
 [kvm-run]
 <= template-download
 filename = kvm-run.in
-md5sum = 66d8385453de3c332a48052ecd2dbd2b
+md5sum = 7c05088023d252e98aa1574880dd1afb
 
 [networkcache]
 # signature certificates of the following uploaders.
diff --git a/software/openstack/templates/kvm-run.in b/software/openstack/templates/kvm-run.in
index 14d03eed0757c63878e284bc889b3dcb0f2ea988..4a470bfaba2a6910294b5758cbcb6a0469de6574 100644
--- a/software/openstack/templates/kvm-run.in
+++ b/software/openstack/templates/kvm-run.in
@@ -33,7 +33,10 @@ if not os.path.exists(disk_path):
       disk_path, '${:disk_size}G'])
 
 # Generate NAT rules for ssh connexion
-nat_rules = ",".join("hostfwd=tcp:${:vnc_ip}:%s-:%s" % (port, port) for port in [80, 443, 5000, 6080, 6082, 3333, 9292, 3306, 35357])
+if "${:software_type}".strip() == "compute":
+  nat_rules = ",".join("hostfwd=tcp:${:vnc_ip}:%s-:%s" % (port, port) for port in [80, 443])
+else:
+  nat_rules = ",".join("hostfwd=tcp:${:vnc_ip}:%s-:%s" % (port, port) for port in [80, 443, 5000, 6080, 6082, 3333, 9292, 3306, 35357])
 
 kvm_argument_list = ['${:qemu_path}',
   '-enable-kvm', '-net', 'nic,macaddr=${:mac_address}',