diff --git a/.gitmodules b/.gitmodules
index fb10b10..8e06023 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -16,3 +16,6 @@
 [submodule "roles/ericomeehan.kraken-bot"]
 	path = roles/ericomeehan.kraken-bot
 	url = https://git.eom.dev/ansible-role-kraken-bot
+[submodule "roles/ericomeehan.qemu-network"]
+	path = roles/ericomeehan.qemu-network
+	url = https://git.eom.dev/ansible-role-qemu-network
diff --git a/bmcluster.yaml b/bmcluster.yaml
index f8bb2ee..8fd93dd 100644
--- a/bmcluster.yaml
+++ b/bmcluster.yaml
@@ -1,13 +1,38 @@
 ---
 # Master playbook for eom.dev
-- name: Initialize systems 
-  hosts: clusters
+- name: Initialize servers
+  hosts: servers
   become: true
   roles:
     - role: ericomeehan.debian
+      vars:
+        is_new_host: true
+    - role: ericomeehan.ericomeehan
+    - role: ericomeehan.nvidia_driver
+      vars:
+        nvidia_driver_debian_install_tesla_driver: true
+      when:
+        - nvidia_driver_needed == true
+    - role: ericomeehan.qemu-network
+
+- name: Wait for virtual machines to boot
+
+- name: Copy SSH ID to virtual machines
+
+- name: Initialize virtual machines
+  hosts: vms
+  become: true
+  roles:
+    - role: ericomeehan.debian
+      vars:
+        is_new_host: true
     - role: ericomeehan.ericomeehan
 
-- name: Initialize cluster nodes
+- name: Initialize load balancers
+  hosts: load_balancers
+  become: true
+
+- name: Initialize Kubernetes clusters
   hosts: clusters
   become: true
   pre_tasks:
@@ -37,11 +62,8 @@
     - role: geerlingguy.containerd
     - role: geerlingguy.kubernetes
     - role: geerlingguy.helm
-      when: kubernetes_role == 'control_plane'
-    - role: ericomeehan.nvidia_driver
-      vars:
-        - nvidia_driver_debian_install_tesla_driver: true
-      when: nvidia_driver_needed == true
+      when:
+        - kubernetes_role == 'control-plane'
 
 - name: Deploy services
   hosts: alpha-control-plane
@@ -50,8 +72,4 @@
   become: true
   roles:
     - role: ericomeehan.eom
-      vars:
-        target_namespace: prod
     - role: ericomeehan.gondwana
-      vars:
-        target_namespace: prod
diff --git a/eom.dev.yaml b/eom.dev.yaml
new file mode 100644
index 0000000..2cfbbe0
--- /dev/null
+++ b/eom.dev.yaml
@@ -0,0 +1,71 @@
+---
+# Master playbook for eom.dev
+- name: Initialize servers
+  hosts: servers
+  become: true
+  roles:
+    - role: ericomeehan.debian
+    - role: ericomeehan.ericomeehan
+    - role: ericomeehan.nvidia_driver
+      when: nvidia_driver_needed == true
+    - role: ericomeehan.qemu_network
+
+- name: Initialize clusters
+  hosts: clusters
+  become: true
+  pre_tasks:
+    - name: Update sysctl configuration to enable IPv4 packet forwarding
+      lineinfile:
+        path: /etc/sysctl.conf
+        line: 'net.ipv4.ip_forward = 1'
+        state: present
+    - name: Update sysctl configuration to enable IPv6 packet forwarding
+      lineinfile:
+        path: /etc/sysctl.conf
+        line: 'net.ipv6.conf.all.forwarding = 1'
+        state: present
+    - name: Reload sysctl configuration
+      command: sysctl --system
+    - name: Enable br_netfilter kernel module
+      command: modprobe br_netfilter
+    - name: Add the module to a configuration file for persistence
+      lineinfile:
+        path: /etc/modules-load.d/modules.conf
+        line: "br_netfilter"
+    - name: Install kubernetes library
+      apt:
+        name: python3-kubernetes
+        state: present
+  roles:
+    - role: geerlingguy.containerd
+    - role: geerlingguy.kubernetes
+    - role: geerlingguy.helm
+      when: kubernetes_role == 'control_plane'
+
+- name: Initialize gateway
+  hosts: gateway
+  become: true
+  roles:
+    - role: ericomeehan.gateway
+
+- name: Initialize vpn
+  hosts: vpn
+  become: true
+  roles:
+    - role: ericomeehan.vpn
+
+- name: Initialize nfs
+  hosts: nfs
+  become: true
+  roles:
+    - role: ericomeehan.nfs
+
+- name: Deploy services
+  hosts: control-plane
+  vars_files:
+    - vars/secrets.yaml
+  become: true
+  roles:
+    - role: ericomeehan.eom
+    - role: ericomeehan.gondwana
+    - role: ericomeehan.kraken-bot
diff --git a/eom.yaml b/eom.yaml
index e4fe2ec..d481903 100644
--- a/eom.yaml
+++ b/eom.yaml
@@ -1,10 +1,8 @@
 ---
 - name: Deploy eom.dev one service at a time
-  hosts: alpha-control-plane
+  hosts: imac
   become: true
-  vars:
-    target_namespace: prod
   vars_files:
     - ../secrets.yaml
   roles:
-    - role: ericomeehan.eom
+    - role: ericomeehan.ericomeehan
diff --git a/helm.yaml b/helm.yaml
new file mode 100644
index 0000000..d54f701
--- /dev/null
+++ b/helm.yaml
@@ -0,0 +1,43 @@
+---
+# Playbook for deploying helm charts 
+- name: Deploy WordPress using Helm
+  hosts: alpha-control-plane
+  become: true
+  vars:
+    wordpress_chart_version: "9.0.1"
+    wordpress_release_name: "wordpress"
+    wordpress_database_password: "your_database_password"
+    wordpress_service_type: "ClusterIP"
+    wordpress_service_port: 80
+    wordpress_persistence_enabled: true
+    wordpress_persistence_storageClass: "standard"
+    wordpress_persistence_size: "20Gi"
+  tasks:
+    - name: Add Helm repository for WordPress
+      helm_repo:
+        name: bitnami
+        state: present
+        url: https://charts.bitnami.com/bitnami
+
+    - name: Install WordPress Helm chart
+      helm_chart:
+        name: "{{ wordpress_release_name }}"
+        chart: "wordpress"
+        repo: "bitnami"
+        version: "{{ wordpress_chart_version }}"
+        values:
+          global:
+            imageRegistry: "docker.io"
+          service:
+            type: "{{ wordpress_service_type }}"
+            port: "{{ wordpress_service_port }}"
+          wordpressUsername: "your_wordpress_username"
+          wordpressPassword: "your_wordpress_password"
+          wordpressEmail: "your_wordpress_email"
+          wordpressDatabase:
+            password: "{{ wordpress_database_password }}"
+          persistence:
+            enabled: "{{ wordpress_persistence_enabled }}"
+            storageClass: "{{ wordpress_persistence_storageClass }}"
+            size: "{{ wordpress_persistence_size }}"
+
diff --git a/host_vars/alpha-worker-0.yml b/host_vars/alpha-worker-0.yml
index 429a7ed..db7be9a 100644
--- a/host_vars/alpha-worker-0.yml
+++ b/host_vars/alpha-worker-0.yml
@@ -2,3 +2,52 @@
 # Host vars for alpha-worker-0
 nvidia_driver_needed: true
 nvidia_driver_tesla: true
+qemu_cluster_networks:
+  - name: lan
+    bridge: br1
+    interfaces:
+      - eno2np1
+    address: 10.0.0.2
+    netmask: 255.255.255.0
+    gateway: 10.0.0.254
+qemu_cluster_machines:
+  - name: nfs
+    ram_mb: 4096
+    vcpus: 1
+    networks:
+      - lan
+  - name: control-plane
+    ram_mb: 4096
+    vcpus: 1
+    networks:
+      - lan
+  - name: worker-0
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+  - name: worker-1
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+  - name: worker-2
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+  - name: worker-3
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+  - name: worker-4
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+  - name: worker-5
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
diff --git a/host_vars/poweredge-r350.yaml b/host_vars/poweredge-r350.yaml
new file mode 100644
index 0000000..b508a4b
--- /dev/null
+++ b/host_vars/poweredge-r350.yaml
@@ -0,0 +1,36 @@
+# Host vars for poweredge-r350
+qemu_network_networks:
+  - name: wan
+    bridge: br0
+    interfaces:
+      - eno1np0
+    use_dhcp: true
+  - name: lan
+    bridge: br1
+    interfaces:
+      - eno2np1
+    use_dhcp: false
+    address: 10.0.0.1
+    netmask: 255.0.0.0
+    gateway: 10.0.0.254
+qemu_network_machines:
+  - name: gateway
+    ram_mb: 2048
+    vcpus: 1
+    networks:
+      - wan
+      - lan
+    disks:
+      - filename: gateway-vda
+        type: qcow2
+        target_dev: vda
+  - name: vpn
+    ram_mb: 2048
+    vcpus: 1
+    networks:
+      - wan
+      - lan
+    disks:
+      - filename: vpn-vda
+        type: qcow2
+        target_dev: vda
diff --git a/host_vars/poweredge-t640.yaml b/host_vars/poweredge-t640.yaml
new file mode 100644
index 0000000..b4dc88e
--- /dev/null
+++ b/host_vars/poweredge-t640.yaml
@@ -0,0 +1,90 @@
+---
+# Host vars for poweredge-t640
+nvidia_driver_needed: true
+nvidia_driver_tesla: true
+qemu_network_networks:
+  - name: lan
+    bridge: br1
+    interfaces:
+      - eno2np1
+    use_dhcp: false
+    address: 10.0.0.0
+    netmask: 255.255.0.0
+    gateway: 10.0.0.1
+qemu_network_disks:
+  - name: nfs-vda
+    type: qcow2
+    from: eom-base.qcow2
+  - name: nfs-vdb
+    type: qcow2
+    size: 16T
+  - name: control-plane-vda
+    type: qcow2
+    from: eom-base.qcow2
+  - name: worker-0-vda
+    type: qcow2
+    from: eom-base.qcow2
+  - name: worker-1-vda
+    type: qcow2
+    from: eom-base.qcow2
+  - name: worker-2-vda
+    type: qcow2
+    from: eom-base.qcow2
+qemu_network_machines:
+  - name: nfs
+    ram_mb: 4096
+    vcpus: 1
+    networks:
+      - lan
+    disks:
+      - filename: nfs-vda
+        type: qcow2
+        target_dev: vda
+      - filename: nfs-vdb
+        type: qcow2
+        target_dev: vda
+  - name: control-plane
+    ram_mb: 4096
+    vcpus: 1
+    networks:
+      - lan
+    disks:
+      - filename: control-plane-vda
+        type: qcow2
+        target_dev: vda
+  - name: worker-0
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+    disks:
+      - filename: worker-0-vda
+        type: qcow2
+        target_dev: vda
+  - name: worker-1
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+    disks:
+      - filename: worker-1-vda
+        type: qcow2
+        target_dev: vda
+  - name: worker-2
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+    disks:
+      - filename: worker-2-vda
+        type: qcow2
+        target_dev: vda
+  - name: worker-3
+    ram_mb: 16384
+    vcpus: 1
+    networks:
+      - lan
+    disks:
+      - filename: worker-3-vda
+        type: qcow2
+        target_dev: vda
diff --git a/inventories/attlocal.yml b/inventories/attlocal.yml
index 5acd805..e4c911c 100644
--- a/inventories/attlocal.yml
+++ b/inventories/attlocal.yml
@@ -10,8 +10,34 @@ all:
         imac:
           ansible-host: 192.168.1.139
     servers:
-      children:
+      hosts:
         poweredge-r350:
           ansible-host: 192.168.1.137
         poweredge-t640:
           ansible-host: 192.168.1.138
+    vms:
+      hosts:
+        gateway:
+          ansible-host: 10.0.0.1
+        vpn:
+          ansible-host: 10.0.0.2
+        nfs:
+          ansible-host: 10.0.0.3
+        load_balancers:
+          children:
+            alpha:
+              hosts:
+                alpha-load-balancer:
+                  ansible-host: 10.0.1.0
+        clusters:
+          children:
+            alpha:
+              hosts:
+                alpha-control-plane:
+                  ansible-host: 10.0.1.1
+                alpha-worker-0:
+                  ansible-host: 10.0.1.2
+                alpha-worker-1:
+                  ansible-host: 10.0.1.3
+                alpha-worker-2:
+                  ansible-host: 10.0.1.4
diff --git a/qemu.yaml b/qemu.yaml
new file mode 100644
index 0000000..c820bc7
--- /dev/null
+++ b/qemu.yaml
@@ -0,0 +1,28 @@
+---
+# Playbook for QEMU
+- name: Prepare virtualization environment
+  hosts: alpha-worker-0
+  become: true
+  vars:
+    qemu_network_networks:
+      - name: lan
+        bridge: br1
+        interfaces:
+          - eno2np1
+        use_dhcp: false
+        address: 10.0.0.2
+        netmask: 255.255.255.0
+        gateway: 10.0.0.254
+    qemu_network_machines:
+      - name: nfs
+        ram_mb: 4096
+        vcpus: 1
+        networks:
+          - lan
+        disks:
+          - filename: nfs-vda
+            type: qcow2
+            target_dev: vda
+          - filename: nfs-vdb
+            type: qcow2
+            target_dev: vda
diff --git a/roles/ericomeehan.qemu-network b/roles/ericomeehan.qemu-network
new file mode 160000
index 0000000..aa1a12a
--- /dev/null
+++ b/roles/ericomeehan.qemu-network
@@ -0,0 +1 @@
+Subproject commit aa1a12a3f5cdf6398b4f6dbc2df00e48a55542c4
diff --git a/templates/vm_template.xml.j2 b/templates/vm_template.xml.j2
new file mode 100644
index 0000000..3d1309e
--- /dev/null
+++ b/templates/vm_template.xml.j2
@@ -0,0 +1,52 @@
+<domain type='kvm'>
+  <name>{{ vm_name }}</name>
+  <memory unit='MiB'>{{ vm_ram_mb }}</memory>
+  <vcpu placement='static'>{{ vm_vcpus }}</vcpu>
+  <os>
+    <type arch='x86_64' machine='pc-q35-5.2'>hvm</type>
+    <boot dev='hd'/>
+  </os>
+  <cpu mode='host-model' check='none'/>
+  <devices>
+    <emulator>/usr/bin/qemu-system-x86_64</emulator>
+    <disk type='file' device='disk'>
+      <driver name='qemu' type='qcow2'/>
+      <source file='{{ libvirt_pool_dir }}/{{ vm_name }}.qcow2'/>
+      <target dev='vda' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
+    </disk>
+    <interface type='network'>
+      <source network='{{ vm_net }}'/>
+      <model type='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
+    </interface>
+    <channel type='unix'>
+      <target type='virtio' name='org.qemu.guest_agent.0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='1'/>
+    </channel>
+    <channel type='spicevmc'>
+      <target type='virtio' name='com.redhat.spice.0'/>
+      <address type='virtio-serial' controller='0' bus='0' port='2'/>
+    </channel>
+    <input type='tablet' bus='usb'>
+      <address type='usb' bus='0' port='1'/>
+    </input>
+    <input type='mouse' bus='ps2'/>
+    <input type='keyboard' bus='ps2'/>
+    <graphics type='spice' autoport='yes'>
+      <listen type='address'/>
+      <image compression='off'/>
+    </graphics>
+    <video>
+      <model type='qxl' ram='65536' vram='65536' vgamem='16384' heads='1' primary='yes'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
+    </video>
+    <memballoon model='virtio'>
+      <address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
+    </memballoon>
+    <rng model='virtio'>
+      <backend model='random'>/dev/urandom</backend>
+      <address type='pci' domain='0x0000' bus='0x07' slot='0x00' function='0x0'/>
+    </rng>
+  </devices>
+</domain>
diff --git a/test.yaml b/test.yaml
new file mode 100644
index 0000000..568782d
--- /dev/null
+++ b/test.yaml
@@ -0,0 +1,13 @@
+---
+- name: Create a copy of an existing qcow2 image
+  hosts: localhost
+  gather_facts: no
+  tasks:
+    - name: Create a new qcow2 image from an existing one
+      libvirt_volume:
+        name: new-image.qcow2
+        source: /home/eric/Downloads/debian-12-nocloud-amd64.qcow2
+        pool: default
+        format: qcow2
+        state: present
+
diff --git a/virtual-machine.yaml b/virtual-machine.yaml
new file mode 100644
index 0000000..8727467
--- /dev/null
+++ b/virtual-machine.yaml
@@ -0,0 +1,18 @@
+---
+# Playbook for base virtual-machine
+- name: Initialize system
+  hosts: imac
+  become: true
+  vars_files:
+    - ../secrets.yaml
+  roles:
+    - role: ericomeehan.debian
+      vars:
+        is_new_host: true
+    - role: ericomeehan.ericomeehan
+  tasks:
+    - name: Install additional packages
+      apt:
+        update_cache: true
+        name:
+          - cloud-init