diff --git a/Jenkinsfile b/Jenkinsfile
index 63b72a29..ebeb1f5c 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -98,6 +98,8 @@ pipeline {
                 sh """
                     cd ${GO_REPO_PATH}/verrazzano-operator
                     make push DOCKER_REPO=${env.DOCKER_REPO} DOCKER_NAMESPACE=${env.DOCKER_NAMESPACE} DOCKER_IMAGE_NAME=${DOCKER_IMAGE_NAME} CREATE_LATEST_TAG=${CREATE_LATEST_TAG}
+                    make chart-build DOCKER_IMAGE_NAME=${DOCKER_IMAGE_NAME}
+                    make chart-publish 
                    """
             }
         }
diff --git a/Makefile b/Makefile
index b6a0a2e8..46b6032b 100644
--- a/Makefile
+++ b/Makefile
@@ -154,6 +154,83 @@ k8s-deploy:
 	kubectl delete -f ${DIST_DIR}/manifests
 	kubectl apply -f ${DIST_DIR}/manifests
 
+.PHONY chart-build:
+chart-build: go-mod
+	echo "Creating helm chart archive."
+	rm -rf ${DIST_DIR}
+	mkdir ${DIST_DIR}
+	mkdir ${DIST_DIR}/charts
+	mkdir ${DIST_DIR}/crds
+	cp -r chart/Chart.yaml $(DIST_DIR)/
+	cp -r chart/templates $(DIST_DIR)/
+	cp -r vendor/${CRDGEN_PATH}/${CRD_PATH}/verrazzano.io_verrazzanobindings_crd.yaml ${DIST_DIR}/crds/verrazzano.io_verrazzanobindings_crd.yaml
+	cp -r vendor/${CRDGEN_PATH}/${CRD_PATH}/verrazzano.io_verrazzanomodels_crd.yaml ${DIST_DIR}/crds/verrazzano.io_verrazzanomodels_crd.yaml
+	cp -r vendor/${CRDGEN_PATH}/${CRD_PATH}/verrazzano.io_verrazzanomanagedclusters_crd.yaml ${DIST_DIR}/crds/verrazzano.io_verrazzanomanagedclusters_crd.yaml
+	cp -r chart/NOTES.txt  $(DIST_DIR)/
+	cp -r chart/values.yaml  $(DIST_DIR)/
+	# Fill in tag version that's being built
+	sed -i.bak -e "s/latest/${HELM_CHART_VERSION}/g" $(DIST_DIR)/Chart.yaml
+	sed -i.bak -e "s/OPERATOR_VERSION/${OPERATOR_VERSION}/g" -e "s/OPERATOR_IMAGE_NAME/${DOCKER_IMAGE_NAME}/g" $(DIST_DIR)/values.yaml
+
+	rm -rf archive
+	mkdir archive
+	tar cvzf archive/${HELM_CHART_ARCHIVE_NAME} -C ${DIST_DIR}/ .
+	mv archive/${HELM_CHART_ARCHIVE_NAME} ${DIST_DIR}/
+	rm -rf archive
+	echo "Helm chart archive created - ${HELM_CHART_ARCHIVE_NAME}."
+
+.PHONY chart-publish:
+chart-publish:
+	echo "Publishing Helm chart to OCI object storage"
+	export OCI_CLI_SUPPRESS_FILE_PERMISSIONS_WARNING=True
+	echo ${HELM_CHART_VERSION} > latest
+	helm repo index --url https://objectstorage.us-phoenix-1.oraclecloud.com/n/${DIST_OBJECT_STORE_NAMESPACE}/b/${DIST_OBJECT_STORE_BUCKET}/o/${HELM_CHART_VERSION}/ ${DIST_DIR}/
+	oci os object put --force --namespace ${DIST_OBJECT_STORE_NAMESPACE} -bn ${DIST_OBJECT_STORE_BUCKET} --name ${HELM_CHART_VERSION}/index.yaml --file ${DIST_DIR}/index.yaml
+	oci os object put --force --namespace ${DIST_OBJECT_STORE_NAMESPACE} -bn ${DIST_OBJECT_STORE_BUCKET} --name ${HELM_CHART_VERSION}/${HELM_CHART_ARCHIVE_NAME} --file ${DIST_DIR}/${HELM_CHART_ARCHIVE_NAME}
+	oci os object put --force --namespace ${DIST_OBJECT_STORE_NAMESPACE} -bn ${DIST_OBJECT_STORE_BUCKET} --name latest --file latest
+	echo "Published Helm chart to https://objectstorage.us-phoenix-1.oraclecloud.com/n/${DIST_OBJECT_STORE_NAMESPACE}/b/${DIST_OBJECT_STORE_BUCKET}/o/${HELM_CHART_VERSION}/${HELM_CHART_ARCHIVE_NAME}"
+	
+	echo "Check and upload release assets to github."
+	@rm -rf response.txt
+	@curl -ksH "Authorization: token ${GITHUB_API_TOKEN}" "https://api.github.com/repos/verrazzano/verrazzano-operator/releases/tags/${HELM_CHART_VERSION}" -o response.txt
+	@while [ ! -f response.txt ]; do sleep 1; done;
+	@cat response.txt
+	@set -e; \
+	msg=$$(jq -r .message response.txt); \
+	if [ "$$msg" == "Not Found" ]; then \
+		echo "No release found associated with version ${HELM_CHART_VERSION}, skipping uploading release assets."; \
+	else \
+		id=$$(jq -r .id response.txt); \
+		if [ -z "$$id" ]; then \
+			echo "Error: Failed to get release id for tag: ${HELM_CHART_VERSION}."; \
+			exit 1; \
+		else \
+			existingAssetId=$$(jq -r '.assets[] | select(.name == ("${HELM_CHART_ARCHIVE_NAME}")) | .id' response.txt); \
+			if [ ! -z "$$existingAssetId" ]; then \
+				echo "Release asset with name ${HELM_CHART_ARCHIVE_NAME} already exists with ID $$existingAssetId for release ${HELM_CHART_VERSION}. Deleting..."; \
+				status=$$(curl -w '%{http_code}' -s -k -X DELETE -H "Authorization: token ${GITHUB_API_TOKEN}" "https://api.github.com/repos/verrazzano/verrazzano-operator/releases/assets/$$existingAssetId"); \
+				if [ "$$status" != "204" ]; then \
+					echo "Unable to delete existing asset with name ${HELM_CHART_ARCHIVE_NAME} for release ${HELM_CHART_VERSION}, invalid status ${status}, aborting.."; \
+					echo "$$status"; \
+					exit 1; \
+				fi; \
+				echo "Deleted asset with name ${HELM_CHART_ARCHIVE_NAME} for release ${HELM_CHART_VERSION}."; \
+			fi; \
+			echo "Uploading ${HELM_CHART_ARCHIVE_NAME} to release ${HELM_CHART_VERSION}."; \
+			status=$$(curl -s -o /dev/null -w '%{http_code}' --data-binary @"${DIST_DIR}/${HELM_CHART_ARCHIVE_NAME}" -H "Authorization: token ${GITHUB_API_TOKEN}" -H "Content-Type: application/octet-stream" "https://uploads.github.com/repos/verrazzano/verrazzano-operator/releases/$$id/assets?name=${HELM_CHART_ARCHIVE_NAME}"); \
+			if [ "$$status" != "201" ]; then \
+				echo "Unable to upload asset with name ${HELM_CHART_ARCHIVE_NAME} for release ${HELM_CHART_VERSION}, invalid status ${status}, aborting.."; \
+				echo "$$status"; \
+				exit 1; \
+			fi; \
+			echo "Uploaded ${HELM_CHART_ARCHIVE_NAME} to release ${HELM_CHART_VERSION}."; \
+		fi; \
+	fi; \
+	set +e
+
+	rm -rf response.txt
+	rm -rf ${DIST_DIR}
+
 .PHONY release-version:
 release-version:
 	@set -e; \
diff --git a/README.md b/README.md
index cd9d41be..f178720b 100644
--- a/README.md
+++ b/README.md
@@ -27,10 +27,25 @@ should be installed on which VerrazzanoManagedCluster.
 triggers a reprocessing of the owning VerrazzanoBinding.  This causes any drift in expecting state to immediately
 be fixed by the Verrazzano Operator.
 
+## Verrazzano Helm Chart
+
+The `chart` directory contains helm chart for Verrazzano that packages together the core elements that will be installed into the Verrazzano Management Cluster - micro operators,
+verrazzano-operator, verrazzano-monitoring-operator, etc - into a single Helm chart.
+
+### Chart Parameters
+
+See `./chart/values.yaml` for the full list of configurable parameters that can be set using
+`--set parameter=value` when installing the Helm chart.
+
+### Chart helm repo
+
+Helm charts for Verrazzano are published as release assets - see https://github.com/verrazzano/verrazzano-operator/releases for available releases.
+
 ## Release
 
 A github release is created on every successful build on the master branch. The release version is obtained by incrementing the minor version of last release by 1. On a successful release, this repo
 - publises a Docker image: `container-registry.oracle.com/verrazzano/verrazzano-operator:<release-version>`
+- publishes a new version of verrazzano-helm-chart at `https://github.com/verrazzano/verrazzano-operator/releases/download/<release-version>/verrazzano-<release-version>.tgz`
 
 ## Building
 
@@ -51,6 +66,15 @@ Docker push:
 make push
 ```
 
+## Updating the CRDs
+
+The CRDs are auto generated by the Verrazzano project `verrazzano-crd-generator`.  The steps to include changes made to the yaml files that create the CRDs are:
+
+* Make the API changes in the `verrazzano-crd-generator` project
+* Tag the master branch of `verrazzano-crd-generator` (e.g. 0.n)
+* Edit `go.mod` to use the newly tagged API changes.  For example `github.com/verrazzano/verrazzano-coh-cluster-operator v1.2.0`
+* make go-install
+
 ## Running
 
 First, as a one-time operation, create relevant CRDs in the cluster where you'll be running the Verrazzano Operator:
diff --git a/chart/.helmignore b/chart/.helmignore
new file mode 100644
index 00000000..ea96df22
--- /dev/null
+++ b/chart/.helmignore
@@ -0,0 +1,7 @@
+# Copyright (c) 2020, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+test
+*.txt
+.gitignore
+.idea
+.git
\ No newline at end of file
diff --git a/chart/Chart.yaml b/chart/Chart.yaml
new file mode 100644
index 00000000..c5a189e9
--- /dev/null
+++ b/chart/Chart.yaml
@@ -0,0 +1,6 @@
+# Copyright (c) 2020, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+apiVersion: v1
+description: A Helm chart for Verrazzano
+name: verrazzano-helm-chart
+version: "latest"
diff --git a/chart/NOTES.txt b/chart/NOTES.txt
new file mode 100644
index 00000000..79b675b2
--- /dev/null
+++ b/chart/NOTES.txt
@@ -0,0 +1 @@
+Verrazzano Helm chart has been installed!
\ No newline at end of file
diff --git a/chart/index.yaml b/chart/index.yaml
new file mode 100644
index 00000000..eb5f31c0
--- /dev/null
+++ b/chart/index.yaml
@@ -0,0 +1,164 @@
+apiVersion: v1
+entries:
+  verrazzano-helm-chart:
+  - apiVersion: v1
+    created: "2020-08-21T18:35:33.54064907Z"
+    description: A Helm chart for Verrazzano
+    digest: 11bdeb447de2134955e70a56a20c0b40829da5b1ed20c7d7221315f952f49c2a
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.83/verrazzano-v0.0.83.tgz
+    version: v0.0.83
+  - apiVersion: v1
+    created: "2020-08-20T17:24:08.988723726Z"
+    description: A Helm chart for Verrazzano
+    digest: bf27e5a0bffb036c14a0e781c30cc6cfff1d2cbee88cb7871237023aa18d0b6e
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.82/verrazzano-v0.0.82.tgz
+    version: v0.0.82
+  - apiVersion: v1
+    created: "2020-08-19T14:22:00.619651918Z"
+    description: A Helm chart for Verrazzano
+    digest: 38e44341ce2212aed91e1223ff929ff6045953b3008d5544d14dd789e206385e
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.81/verrazzano-v0.0.81.tgz
+    version: v0.0.81
+  - apiVersion: v1
+    created: "2020-08-19T13:16:47.194880096Z"
+    description: A Helm chart for Verrazzano
+    digest: dd3735f9de49e532d7dff38f0541edcdc0a64edb37816ff4a8a801b250eec605
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.80/verrazzano-v0.0.80.tgz
+    version: v0.0.80
+  - apiVersion: v1
+    created: "2020-08-18T02:37:58.666358547Z"
+    description: A Helm chart for Verrazzano
+    digest: 9d4b69caf26a1cd84e3e958d43b81b750f438f4d9b62b2db2a7672c1e694628d
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.79/verrazzano-v0.0.79.tgz
+    version: v0.0.79
+  - apiVersion: v1
+    created: "2020-08-14T16:25:44.575779564Z"
+    description: A Helm chart for Verrazzano
+    digest: a8ff6487d7cb86849fbc8d97f5635c182ed9396cbeae7e14906986a0775c609f
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.78/verrazzano-v0.0.78.tgz
+    version: v0.0.78
+  - apiVersion: v1
+    created: "2020-08-14T13:52:12.940935482Z"
+    description: A Helm chart for Verrazzano
+    digest: 94360955068e58403020670389074d0fe61561cec1353f47ebf3f6f29b8508ad
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.77/verrazzano-v0.0.77.tgz
+    version: v0.0.77
+  - apiVersion: v1
+    created: "2020-08-14T01:36:51.769943586Z"
+    description: A Helm chart for Verrazzano
+    digest: 732d90659279e8836961913d9d185e68d2503479dd291a4d9b0eeb054d58650d
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.76/verrazzano-v0.0.76.tgz
+    version: v0.0.76
+  - apiVersion: v1
+    created: "2020-08-13T01:35:38.089123332Z"
+    description: A Helm chart for Verrazzano
+    digest: 2977ce8ed42f9816867f345d4faea980e78f0e9604e81e1aa15cf6fdb92b69f1
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.75/verrazzano-v0.0.75.tgz
+    version: v0.0.75
+  - apiVersion: v1
+    created: "2020-08-12T20:12:56.117452546Z"
+    description: A Helm chart for Verrazzano
+    digest: 34c4a43acd7561ceaa2b1f2577ed239eb0830a3a9ddacfd3eea2e2def7f3714a
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.74/verrazzano-v0.0.74.tgz
+    version: v0.0.74
+  - apiVersion: v1
+    created: "2020-08-11T11:20:27.389029215Z"
+    description: A Helm chart for Verrazzano
+    digest: 94e2b6fec4900e3167ab330488589a808acea3dfa05f0beb1ad1c4da306a9d93
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.73/verrazzano-v0.0.73.tgz
+    version: v0.0.73
+  - apiVersion: v1
+    created: "2020-08-10T18:13:46.604508291Z"
+    description: A Helm chart for Verrazzano
+    digest: d6b696d43cd0f93c45696d498746c1bb2bf214b3b9323af692f837d05ee5b0a9
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.72/verrazzano-v0.0.72.tgz
+    version: v0.0.72
+  - apiVersion: v1
+    created: "2020-08-10T15:23:37.678311946Z"
+    description: A Helm chart for Verrazzano
+    digest: 4efc19e6f932f8e94531d49ead0d8825f49e64c53ebf46a3dbe90b2f98c4b88c
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.71/verrazzano-v0.0.71.tgz
+    version: v0.0.71
+  - apiVersion: v1
+    created: "2020-08-10T14:37:40.414777082Z"
+    description: A Helm chart for Verrazzano
+    digest: e1678ba43fdf2505a21230c43282ee9a82882198bdfa717982e0dbc62a9a8c3d
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.70/verrazzano-v0.0.70.tgz
+    version: v0.0.70
+  - apiVersion: v1
+    created: "2020-08-07T14:58:37.374188262Z"
+    description: A Helm chart for Verrazzano
+    digest: bf7ddcf957a031abaa993668051a1a446584fe8de91fe30efb8ee1edc142c663
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.69/verrazzano-v0.0.69.tgz
+    version: v0.0.69
+  - apiVersion: v1
+    created: "2020-08-06T19:18:17.410348731Z"
+    description: A Helm chart for Verrazzano
+    digest: 3d7f8429c7d03a07cd5970462ae7ba93cd029e1b598a0c328791ff8ee4fdc730
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.68/verrazzano-v0.0.68.tgz
+    version: v0.0.68
+  - apiVersion: v1
+    created: "2020-07-31T23:19:55.692572993Z"
+    description: A Helm chart for Verrazzano
+    digest: 95839a39712bcb9898b760161ed77942d439a379bdd4c2de7c0723b1555cb72f
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.67/verrazzano-v0.0.67.tgz
+    version: v0.0.67
+  - apiVersion: v1
+    created: "2020-07-31T11:46:20.197312383Z"
+    description: A Helm chart for Verrazzano
+    digest: 491401305a06094f3a23acb743806dc2f068c9c2f70455792377f636442c84a8
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.66/verrazzano-v0.0.66.tgz
+    version: v0.0.66
+  - apiVersion: v1
+    created: "2020-07-31T11:32:38.215218533Z"
+    description: A Helm chart for Verrazzano
+    digest: 2413a5962100b865303d057c581101d394d3edce79e8e9dfd3e1b0a47d6d4253
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.65/verrazzano-v0.0.65.tgz
+    version: v0.0.65
+  - apiVersion: v1
+    created: "2020-07-30T14:14:34.43783853Z"
+    description: A Helm chart for Verrazzano
+    digest: f94278ead57ed302f82ab809e2ee16d3488783682331d06e7d620525f593bca8
+    name: verrazzano-helm-chart
+    urls:
+    - https://github.com/verrazzano/verrazzano-operator/releases/download/v0.0.64/verrazzano-v0.0.64.tgz
+    version: v0.0.64
+generated: "2020-08-21T18:35:33.533804782Z"
diff --git a/chart/latest b/chart/latest
new file mode 100644
index 00000000..0627cf0a
--- /dev/null
+++ b/chart/latest
@@ -0,0 +1 @@
+v0.0.83
diff --git a/chart/templates/01-verrazzano-operator.yaml b/chart/templates/01-verrazzano-operator.yaml
new file mode 100644
index 00000000..0ff336ef
--- /dev/null
+++ b/chart/templates/01-verrazzano-operator.yaml
@@ -0,0 +1,304 @@
+# Copyright (c) 2020, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Values.verrazzanoOperator.name }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Values.verrazzanoOperator.name }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ .Values.verrazzanoOperator.name }}
+  template:
+    metadata:
+      labels:
+        app: {{ .Values.verrazzanoOperator.name }}
+    spec:
+      containers:
+        - name: {{ .Values.verrazzanoOperator.name }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          image: {{ .Values.verrazzanoOperator.imageName }}:{{ .Values.verrazzanoOperator.imageVersion }}
+          args:
+            - --v=4
+            - --verrazzanoUri={{ .Values.config.envName }}.{{ .Values.config.dnsSuffix }}
+            - --enableMonitoringStorage={{ .Values.config.enableMonitoringStorage }}
+            - --sslVerify={{ .Values.verrazzanoOperator.sslVerify }}
+            - --apiServerRealm={{ .Values.verrazzanoOperator.apiServerRealm }}
+          env:
+            - name: COH_MICRO_IMAGE
+              value: {{ .Values.verrazzanoOperator.cohMicroImage }}
+            - name: HELIDON_MICRO_IMAGE
+              value: {{ .Values.verrazzanoOperator.helidonMicroImage }}
+            - name: WLS_MICRO_IMAGE
+              value: {{ .Values.verrazzanoOperator.wlsMicroImage }}
+            - name: PROMETHEUS_PUSHER_IMAGE
+              value: {{ .Values.verrazzanoOperator.prometheusPusherImage }}
+            - name: NODE_EXPORTER_IMAGE
+              value: {{ .Values.verrazzanoOperator.nodeExporterImage }}
+            - name: FILEBEAT_IMAGE
+              value: {{ .Values.verrazzanoOperator.filebeatImage }}
+            - name: JOURNALBEAT_IMAGE
+              value: {{ .Values.verrazzanoOperator.journalbeatImage }}
+            - name: WEBLOGIC_OPERATOR_IMAGE
+              value: {{ .Values.verrazzanoOperator.weblogicOperatorImage }}
+            - name: FLUENTD_IMAGE
+              value: {{ .Values.verrazzanoOperator.fluentdImage }}
+      serviceAccount: {{ .Values.verrazzanoOperator.name }}
+---
+kind: Service
+apiVersion: v1
+metadata:
+  name: {{ .Values.verrazzanoOperator.name }}
+  namespace: {{ .Release.Namespace }}
+spec:
+  selector:
+    app: {{ .Values.verrazzanoOperator.name }}
+  type: ClusterIP
+  ports:
+    - name: api
+      protocol: TCP
+      port: 3456
+      targetPort: 3456
+---
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  annotations:
+    external-dns.alpha.kubernetes.io/target: verrazzano-ingress.{{ .Values.config.envName }}.{{ .Values.config.dnsSuffix }}
+    kubernetes.io/tls-acme: "true"
+  name: {{ .Values.verrazzanoOperator.name }}-ingress
+  namespace: {{ .Release.Namespace }}
+spec:
+  rules:
+    - host: api.{{ .Values.config.envName }}.{{ .Values.config.dnsSuffix }}
+      http:
+        paths:
+          - backend:
+              serviceName: {{ .Values.verrazzanoOperator.name }}
+              servicePort: 3456
+            path: /
+  tls:
+    - hosts:
+        - api.{{ .Values.config.envName }}.{{ .Values.config.dnsSuffix }}
+      secretName: {{ .Values.config.envName }}-secret
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.verrazzanoOperator.name }}
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Values.verrazzanoOperator.name }}
+rules:
+  - apiGroups:
+      - verrazzano.io
+    resources:
+      - '*'
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - delete
+  - apiGroups:
+      - verrazzano.io
+    resources:
+      - verrazzanomonitoringinstances
+      - wlsoperators
+      - helidonapps
+      - cohclusters
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+      - pods/exec
+      - configmaps
+      - endpoints
+      - events
+      - namespaces
+      - persistentvolumeclaims
+      - secrets
+      - services
+    verbs:
+      - '*'
+  - apiGroups:
+      - ""
+    resources:
+      - daemonsets
+      - nodes
+      - serviceaccounts
+      - pods/log
+      - pods/portforward
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - delete
+      - patch
+      - deletecollection
+  - apiGroups:
+      - apps
+    resources:
+      - deployments
+      - daemonsets
+      - replicasets
+      - statefulsets
+    verbs:
+      - '*'
+  - apiGroups:
+      - apps
+    resources:
+      - deployments/finalizers
+    resourceNames:
+      - coherence-operator
+    verbs:
+      - update
+  - apiGroups:
+      - extensions
+    resources:
+      - podsecuritypolicies
+    resourceNames:
+      - system-node-exporter
+    verbs:
+      - use
+  - apiGroups:
+      - extensions
+    resources:
+      - daemonsets
+      - replicasets
+      - statefulsets
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+  - apiGroups:
+      - authentication.k8s.io
+    resources:
+      - tokenreviews
+    verbs:
+      - create
+  - apiGroups:
+      - authorization.k8s.io
+    resources:
+      - subjectaccessreviews
+    verbs:
+      - create
+  - apiGroups:
+      - rbac.authorization.k8s.io
+    resources:
+      - clusterroles
+      - clusterrolebindings
+      - roles
+      - rolebindings
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+  - apiGroups:
+      - networking.istio.io
+    resources:
+      - gateways
+      - virtualservices
+      - serviceentries
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+  - apiGroups:
+      - apiextensions.k8s.io
+    resources:
+      - customresourcedefinitions
+    verbs:
+      - '*'
+  - apiGroups:
+      - coherence.oracle.com
+    resources:
+      - '*'
+    verbs:
+      - '*'
+  - apiGroups:
+      - weblogic.oracle
+    resources:
+      - domains
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+      - patch
+      - deletecollection
+  - apiGroups:
+      - weblogic.oracle
+    resources:
+      - domains/status
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - patch
+  - apiGroups:
+      - batch
+    resources:
+      - jobs
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - delete
+      - patch
+      - deletecollection
+  - apiGroups:
+      - monitoring.coreos.com
+    resources:
+      - servicemonitors
+    verbs:
+      - get
+      - create
+  - nonResourceURLs:
+      - /version/*
+    verbs:
+      - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Values.verrazzanoOperator.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Values.verrazzanoOperator.name }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Values.verrazzanoOperator.name }}
+    namespace: {{ .Release.Namespace }}
diff --git a/chart/templates/02-verrazzano-cluster-operator.yaml b/chart/templates/02-verrazzano-cluster-operator.yaml
new file mode 100644
index 00000000..67c2663a
--- /dev/null
+++ b/chart/templates/02-verrazzano-cluster-operator.yaml
@@ -0,0 +1,76 @@
+# Copyright (c) 2020, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Values.clusterOperator.name }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Values.clusterOperator.name }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ .Values.clusterOperator.name }}
+  template:
+    metadata:
+      labels:
+        app: {{ .Values.clusterOperator.name }}
+    spec:
+      containers:
+        - name: {{ .Values.clusterOperator.name }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          image: {{ .Values.clusterOperator.imageName }}:{{ .Values.clusterOperator.imageVersion }}
+          args:
+            - --v=4
+            - --rancherURL={{ .Values.clusterOperator.rancherURL }}
+            - --rancherUserName={{ .Values.clusterOperator.rancherUserName }}
+            - --rancherPassword={{ .Values.clusterOperator.rancherPassword }}
+            - --rancherHost={{ .Values.clusterOperator.rancherHostname }}
+      serviceAccount: {{ .Values.clusterOperator.name }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.clusterOperator.name }}
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Values.clusterOperator.name }}
+rules:
+  - apiGroups:
+      - verrazzano.io
+    resources:
+      - verrazzanomanagedclusters
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+  - apiGroups:
+      - ""
+    resources:
+      - secrets
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Values.clusterOperator.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Values.clusterOperator.name }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Values.clusterOperator.name }}
+    namespace: {{ .Release.Namespace }}
diff --git a/chart/templates/03-verrazzano-monitoring-operator.yaml b/chart/templates/03-verrazzano-monitoring-operator.yaml
new file mode 100644
index 00000000..cd7d74af
--- /dev/null
+++ b/chart/templates/03-verrazzano-monitoring-operator.yaml
@@ -0,0 +1,729 @@
+# Copyright (c) 2020, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: verrazzanomonitoringinstances.verrazzano.io
+spec:
+  group: verrazzano.io
+  version: v1
+  scope: Namespaced
+  names:
+    kind: VerrazzanoMonitoringInstance
+    listKind: VerrazzanoMonitoringInstanceList
+    plural: verrazzanomonitoringinstances
+    singular: verrazzanomonitoringinstance
+    shortNames:
+      - vmi
+  validation:
+    openAPIV3Schema:
+      properties:
+        metadata:
+          properties:
+            name:
+              type: string
+              pattern: '^\w[^._]+$'
+              maxLength: 32
+            namespace:
+              type: string
+              pattern: '^\w[^._]+$'
+              maxLength: 32
+          required:
+            - name
+            - namespace
+        spec:
+          properties:
+            lock:
+              type: boolean
+            alertmanager:
+              properties:
+                config:
+                  type: string
+                  pattern: '[A-Za-z0-9-_]+'
+                configMap:
+                  type: string
+                  pattern: '^\w[^.]+$'
+                enabled:
+                  type: boolean
+                resources:
+                  properties:
+                    limitCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    limitMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    requestCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    requestMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+              required:
+                - enabled
+            api:
+              properties:
+                replicas:
+                  type: number
+                  pattern: '\d+'
+                resources:
+                  properties:
+                    limitCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    limitMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    requestCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    requestMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+            elasticsearch:
+              properties:
+                enabled:
+                  type: boolean
+                resources:
+                  properties:
+                    limitCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    limitMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    requestCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    requestMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    maxSizeDisk:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    minSizeDisk:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                storage:
+                  properties:
+                    availabilityDomain:
+                      type: string
+                      pattern: '^[A-Z]+(-?[A-Z0-9]+)*$'
+                    size:
+                      type: string
+                      pattern: '^[1-9]+\d*(Mi|Gi)$'
+                    pvcNames:
+                      type: array
+                      minItems: 0
+                      items:
+                        type: string
+                        pattern: '[A-Za-z0-9-_]+'
+                retentionPeriodDays:
+                  type: number
+                  pattern: '\d+'
+                retentionPeriodMonths:
+                  type: number
+                  pattern: '\d+'
+                openPeriodDays:
+                  type: number
+                  pattern: '\d+'
+                openPeriodMonths:
+                  type: number
+                  pattern: '\d+'
+            grafana:
+              properties:
+                enabled:
+                  type: boolean
+                resources:
+                  properties:
+                    limitCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    limitMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    requestCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    requestMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                storage:
+                  properties:
+                    availabilityDomain:
+                      type: string
+                      pattern: '^[A-Z]+(-?[A-Z0-9]+)*$'
+                    size:
+                      type: string
+                      pattern: '^[1-9]+\d*(Mi|Gi)$'
+                    pvcNames:
+                      type: array
+                      minItems: 0
+                      items:
+                        type: string
+                        pattern: '[A-Za-z0-9-_]+'
+                datasourcesConfigMap:
+                  type: string
+                  pattern: '^\w[^.]+$'
+                dashboardsConfigMap:
+                  type: string
+                  pattern: '^\w[^.]+$'
+            kibana:
+              properties:
+                enabled:
+                  type: boolean
+                replicas:
+                  type: number
+                  pattern: '\d+'
+                resources:
+                  properties:
+                    limitCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    limitMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    requestCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    requestMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+            prometheus:
+              properties:
+                enabled:
+                  type: boolean
+                resources:
+                  properties:
+                    limitCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    limitMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    requestCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    requestMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    maxSizeDisk:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    minSizeDisk:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                storage:
+                  properties:
+                    availabilityDomain:
+                      type: string
+                      pattern: '^[A-Z]+(-?[A-Z0-9]+)*$'
+                    size:
+                      type: string
+                      pattern: '^[1-9]+\d*(Mi|Gi)$'
+                    pvcNames:
+                      type: array
+                      minItems: 0
+                      items:
+                        type: string
+                        pattern: '[A-Za-z0-9-_]+'
+                config:
+                  type: string
+                  pattern: '[A-Za-z0-9-_]+'
+                rulesConfig:
+                  type: string
+                  pattern: '[A-Za-z0-9-_]+'
+                retentionPeriod:
+                  type: number
+                  pattern: '\d+'
+            prometheusGW:
+              properties:
+                configMap:
+                  type: string
+                  pattern: '^\w[^.]+$'
+                resources:
+                  properties:
+                    limitCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    limitMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                    requestCPU:
+                      type: string
+                      pattern: '^([1-9]\d*|\d+\.\d{1,2})m?$'
+                    requestMemory:
+                      type: string
+                      pattern: '^[1-9]\d*(Mi|Gi)$'
+                maintenanceSchedule:
+                  type: string
+            autoSecret:
+              type: boolean
+            secretsName:
+              type: string
+              pattern: '^\w[^.]+$'
+            ingresstargetdnsname:
+              type: string
+              pattern: '[a-z]+[a-z0-9-.]*'
+            preserveOnDelete:
+              type: boolean
+            uri:
+              type: string
+              pattern: '[A-Za-z0-9-_]+'
+            externalSiteMonitor:
+              properties:
+                providers:
+                  type: array
+                  items:
+                    type: string
+                    pattern: '[A-Za-z0-9-_]+'
+                alertContact:
+                  type: string
+                  pattern: '[A-Za-z0-9-_]+'
+                alertThresholdMinutes:
+                  type: number
+                alertRecurrenceMinutes:
+                  type: number
+                ignoreSSLErrors:
+                  type: boolean
+                monitorIntervalSeconds:
+                  type: number
+                basicAuthSecretName:
+                  type: number
+            pagerduty:
+              properties:
+                id:
+                  type: string
+                  pattern: '[A-Za-z0-9]+'
+            bastille:
+              properties:
+                url:
+                  type: array
+                  items:
+                    type: string
+                    pattern: '^(http(s?)://)?((\w+\.)?\w+\.\w+|((2[0-5]{2}|1[0-9]{2}|[0-9]{1,2})\.){3}(2[0-5]{2}|1[0-9]{2}|[0-9]{1,2})(:[1-9]\d*)?)(/)?$'
+            slack:
+              properties:
+                id:
+                  type: string
+                  pattern: '[A-Za-z0-9-_]+'
+                url:
+                  type: string
+                  pattern: '^(http(s?)://)?((\w+\.)?\w+\.\w+|((2[0-5]{2}|1[0-9]{2}|[0-9]{1,2})\.){3}(2[0-5]{2}|1[0-9]{2}|[0-9]{1,2})(:[1-9]\d*)?)(/)?$'
+            serviceType:
+              type: string
+              pattern: '[A-Za-z0-9-_]+'
+            versioning:
+              properties:
+                currentVersion:
+                  type: string
+                  pattern: '[A-Za-z0-9-_]+'
+                desiredVersion:
+                  type: string
+                  pattern: '[A-Za-z0-9-_]+'
+      required:
+        - metadata
+        - spec
+---
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: vmo-oci-config
+  namespace: {{ .Release.Namespace }}
+data:
+  {{ if ne .Values.oci.objectStore.namespace "" }}
+  namespace: {{ .Values.oci.objectStore.namespace | b64enc }}
+  {{ end }}
+  {{ if ne .Values.oci.objectStore.bucketName "" }}
+  bucket_name: {{ .Values.oci.objectStore.bucketName | b64enc }}
+  {{ end }}
+  {{ if ne .Values.oci.userOcid "" }}
+  user_ocid: {{ .Values.oci.userOcid | b64enc }}
+  {{ end }}
+  {{ if ne .Values.oci.region "" }}
+  region: {{ .Values.oci.region | b64enc }}
+  {{ end }}
+  {{ if ne .Values.oci.tenancyOcid "" }}
+  tenancy_ocid: {{ .Values.oci.tenancyOcid | b64enc }}
+  {{ end }}
+  {{ if ne .Values.oci.fingerprint "" }}
+  fingerprint: {{ .Values.oci.fingerprint | b64enc }}
+  {{ end }}
+  {{ if ne .Values.oci.privateKey "" }}
+  private_key: {{ .Values.oci.privateKey | b64enc }}
+  {{ end }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.monitoringOperator.name }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    k8s-app: {{ .Values.monitoringOperator.name }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    k8s-app: {{ .Values.monitoringOperator.name }}
+  name: {{ .Values.monitoringOperator.name }}-cluster-role
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - nodes
+      - nodes/proxy
+      - persistentvolumeclaims
+      - services
+      - configmaps
+      - secrets
+      - namespaces
+      - endpoints
+      - pods
+      - serviceaccounts
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+  - apiGroups:
+      - ""
+    resources:
+      - events
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - patch
+  # Following rule required to allow operator to grant API "create" verb on "pods/exec"
+  - apiGroups:
+      - ""
+    resources:
+      - pods/exec
+    verbs:
+      - create
+  # Following rule required to allow operator to grant API "get" verb on "pods/log"
+  - apiGroups:
+      - ""
+    resources:
+      - pods/log
+    verbs:
+      - get
+  - apiGroups:
+      - apiextensions.k8s.io
+    resources:
+      - customresourcedefinitions
+    verbs:
+      - create
+      - get
+      - list
+      - watch
+      - delete
+  - apiGroups:
+      - apps
+    resources:
+      - deployments
+      - statefulsets
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - delete
+  - apiGroups:
+      - rbac.authorization.k8s.io
+    resources:
+      - rolebindings
+      - clusterrolebindings
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+  - apiGroups:
+      - rbac.authorization.k8s.io
+    resources:
+      - clusterroles
+      - roles
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+    resources:
+      - ingresses
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - delete
+  - apiGroups:
+      - extensions
+    resources:
+      - jobs
+    verbs:
+      - get
+      - list
+      - watch
+      - create
+      - update
+      - delete
+  - apiGroups:
+      - batch
+    resources:
+      - jobs
+      - cronjobs
+    verbs:
+      - create
+      - get
+      - patch
+      - update
+      - delete
+      - list
+      - watch
+  - apiGroups:
+      - storage.k8s.io
+    resources:
+      - storageclasses
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - verrazzano.io
+    resources:
+      - verrazzanomonitoringinstances
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+  - nonResourceURLs: ["/metrics"]
+    verbs: ["get"]
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    k8s-app: {{ .Values.monitoringOperator.name }}
+  name: {{ .Values.monitoringOperator.name }}-cluster-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Values.monitoringOperator.name }}-cluster-role
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Values.monitoringOperator.name }}
+    namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  labels:
+    k8s-app: {{ .Values.monitoringOperator.name }}
+  name: {{ .Values.monitoringOperator.name }}-cluster-role-default-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Values.monitoringOperator.name }}-cluster-role
+subjects:
+  - kind: ServiceAccount
+    name: default
+    namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: vmi-cluster-role-default
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - configmaps
+      - secrets
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+  - apiGroups:
+      - ""
+    resources:
+      - pods
+    verbs:
+      - get
+      - list
+      - watch
+      - delete
+  # Following rule required to grant Cirith "create" verb on "pods/exec"
+  - apiGroups:
+      - ""
+    resources:
+      - pods/exec
+    verbs:
+      - create
+  - apiGroups:
+      - ""
+    resources:
+      - pods/log
+    verbs:
+      - get
+  - apiGroups:
+      - "batch"
+      - "extensions"
+    resources:
+      - jobs
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+      - create
+      - delete
+  - apiGroups:
+      - verrazzano.io
+    resources:
+      - verrazzanomonitoringinstances
+    verbs:
+      - get
+      - list
+      - watch
+      - update
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Values.monitoringOperator.name }}-get-nodes
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - nodes
+    verbs:
+      - list
+---
+# grants role allowing permission to list nodes to all system:serviceaccounts (pods).
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Values.monitoringOperator.name }}-get-nodes
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Values.monitoringOperator.name }}-get-nodes
+subjects:
+  - kind: Group
+    name: system:serviceaccounts
+    apiGroup: rbac.authorization.k8s.io
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Values.monitoringOperator.name }}-config
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Values.monitoringOperator.name }}
+data:
+  config: |
+    metricsPort: {{ .Values.monitoringOperator.metricsPort }}
+    defaultSimpleCompReplicas: {{ .Values.monitoringOperator.defaultSimpleCompReplicas }}
+    defaultPrometheusReplicas: {{ .Values.monitoringOperator.defaultPrometheusReplicas }}
+    defaultIngressTargetDNSName: {{ .Values.config.envName }}-verrazzano-ingress.{{ .Values.config.dnsSuffix }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Values.monitoringOperator.name }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    k8s-app: {{ .Values.monitoringOperator.name }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      k8s-app: {{ .Values.monitoringOperator.name }}
+  template:
+    metadata:
+      labels:
+        k8s-app: {{ .Values.monitoringOperator.name }}
+    spec:
+      containers:
+        - name: {{ .Values.monitoringOperator.name }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          image: {{ .Values.monitoringOperator.imageName }}:{{ .Values.monitoringOperator.imageVersion }}
+          ports:
+            - containerPort: 8080
+              name: http
+              protocol: TCP
+            - containerPort: {{ .Values.monitoringOperator.metricsPort }}
+              name: metrics
+              protocol: TCP
+          env:
+            - name: GRAFANA_IMAGE
+              value: {{ .Values.monitoringOperator.grafanaImage }}
+            - name: PROMETHEUS_IMAGE
+              value: {{ .Values.monitoringOperator.prometheusImage }}
+            - name: PROMETHEUS_INIT_IMAGE
+              value: {{ .Values.monitoringOperator.prometheusInitImage }}
+            - name: PROMETHEUS_GATEWAY_IMAGE
+              value: {{ .Values.monitoringOperator.prometheusGatewayImage }}
+            - name: ALERT_MANAGER_IMAGE
+              value: {{ .Values.monitoringOperator.alertManagerImage }}
+            - name: ELASTICSEARCH_WAIT_IMAGE
+              value: {{ .Values.monitoringOperator.esWaitImage }}
+            - name: ELASTICSEARCH_IMAGE
+              value: {{ .Values.monitoringOperator.esImage }}
+            - name: ELASTICSEARCH_INIT_IMAGE
+              value: {{ .Values.monitoringOperator.esInitImage }}
+            - name: KIBANA_IMAGE
+              value: {{ .Values.monitoringOperator.kibanaImage }}
+            - name: ELASTICSEARCH_WAIT_TARGET_VERSION
+              value: {{ .Values.monitoringOperator.esWaitTargetVersion }}
+            - name: VERRAZZANO_MONITORING_INSTANCE_API_IMAGE
+              value: {{ .Values.monitoringOperator.monitoringInstanceApiImage }}
+            - name: CONFIG_RELOADER_IMAGE
+              value: {{ .Values.monitoringOperator.configReloaderImage }}
+            - name: NODE_EXPORTER_IMAGE
+              value: {{ .Values.monitoringOperator.nodeExporterImage }}
+          livenessProbe:
+            failureThreshold: 5
+            httpGet:
+              path: /health
+              port: 8080
+              scheme: HTTP
+            initialDelaySeconds: 3
+            periodSeconds: 10
+            successThreshold: 1
+            timeoutSeconds: 5
+          args:
+            - --v=4
+            - --namespace={{ .Release.Namespace }}
+      serviceAccountName: {{ .Values.monitoringOperator.name }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.monitoringOperator.name }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    k8s-app: {{ .Values.monitoringOperator.name }}
+spec:
+  type: ClusterIP
+  ports:
+    - port: {{ .Values.monitoringOperator.metricsPort }}
+      targetPort: {{ .Values.monitoringOperator.metricsPort }}
+      name: metrics
+  selector:
+    k8s-app: {{ .Values.monitoringOperator.name }}
\ No newline at end of file
diff --git a/chart/templates/04-verrazzano-admission-controller.yaml b/chart/templates/04-verrazzano-admission-controller.yaml
new file mode 100644
index 00000000..b8d59287
--- /dev/null
+++ b/chart/templates/04-verrazzano-admission-controller.yaml
@@ -0,0 +1,117 @@
+# Copyright (c) 2020, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Values.verrazzanoAdmissionController.name }}
+  namespace: {{ .Release.Namespace }}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ .Values.verrazzanoAdmissionController.name }}
+rules:
+  - apiGroups:
+      - verrazzano.io
+    resources:
+      - verrazzanobindings
+      - verrazzanomanagedclusters
+      - verrazzanomodels
+    verbs:
+      - get
+      - list
+  - apiGroups:
+      - ""
+    resources:
+      - namespaces
+      - secrets
+    verbs:
+      - get
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ .Values.verrazzanoAdmissionController.name }}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ .Values.verrazzanoAdmissionController.name }}
+subjects:
+  - kind: ServiceAccount
+    name: {{ .Values.verrazzanoAdmissionController.name }}
+    namespace: {{ .Release.Namespace }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Values.verrazzanoAdmissionController.name }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    name: {{ .Values.verrazzanoAdmissionController.name }}
+spec:
+  ports:
+    - name: webhook
+      port: 443
+      targetPort: 8080
+  selector:
+    name: {{ .Values.verrazzanoAdmissionController.name }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Values.verrazzanoAdmissionController.controllerName }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    name: {{ .Values.verrazzanoAdmissionController.name }}
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: {{ .Values.verrazzanoAdmissionController.name }}
+  template:
+    metadata:
+      name: {{ .Values.verrazzanoAdmissionController.controllerName }}
+      labels:
+        name: {{ .Values.verrazzanoAdmissionController.name }}
+    spec:
+      containers:
+        - name: webhook
+          image: {{ .Values.verrazzanoAdmissionController.imageName }}:{{ .Values.verrazzanoAdmissionController.imageVersion }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          args:
+            - --v=4
+            - --verrazzanoUri={{ .Values.config.envName }}.{{ .Values.config.dnsSuffix }}
+          volumeMounts:
+            - name: webhook-certs
+              mountPath: /etc/certs
+              readOnly: true
+      volumes:
+        - name: webhook-certs
+          secret:
+            secretName: {{ .Values.verrazzanoAdmissionController.name }}
+      serviceAccount: {{ .Values.verrazzanoAdmissionController.name }}
+---
+apiVersion: admissionregistration.k8s.io/v1beta1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name: {{ .Values.verrazzanoAdmissionController.name }}
+webhooks:
+  - name: verrazzano-validation.oracle.com
+    clientConfig:
+      service:
+        name: {{ .Values.verrazzanoAdmissionController.name }}
+        namespace: {{ .Release.Namespace }}
+        path: "/validate"
+      caBundle: {{ b64enc .Values.verrazzanoAdmissionController.caBundle }}
+    rules:
+      - resources: ["verrazzanobindings"]
+        apiGroups: ["verrazzano.io"]
+        apiVersions: ["v1beta1"]
+        operations: ["CREATE","UPDATE"]
+      - resources: ["verrazzanomodels"]
+        apiGroups: ["verrazzano.io"]
+        apiVersions: ["v1beta1"]
+        operations: ["CREATE","UPDATE","DELETE"]
+    sideEffects: None
+    failurePolicy: Fail
diff --git a/chart/values.yaml b/chart/values.yaml
new file mode 100644
index 00000000..431ba13a
--- /dev/null
+++ b/chart/values.yaml
@@ -0,0 +1,78 @@
+# Copyright (c) 2020, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
+name: verrazzano
+
+image:
+  pullPolicy: Always
+  terminationGracePeriodSeconds: 60
+
+verrazzanoOperator:
+  name: verrazzano-operator
+  imageName: phx.ocir.io/stevengreenberginc/verrazzano/OPERATOR_IMAGE_NAME
+  imageVersion: OPERATOR_VERSION
+  sslVerify: true
+  cohMicroImage: phx.ocir.io/stevengreenberginc/verrazzano/verrazzano-coh-cluster-operator:v0.0.8
+  helidonMicroImage: phx.ocir.io/stevengreenberginc/verrazzano/verrazzano-helidon-app-operator:v0.0.7
+  wlsMicroImage: phx.ocir.io/stevengreenberginc/verrazzano/verrazzano-wko-operator:v0.0.10
+  prometheusPusherImage: container-registry.oracle.com/verrazzano/prometheus-pusher:1.0.1-ff71638-19
+  nodeExporterImage: container-registry.oracle.com/verrazzano/node-exporter:0.18.1-0f43627-7
+  filebeatImage: container-registry.oracle.com/verrazzano/filebeat:6.8.3-8218206-8
+  journalbeatImage: container-registry.oracle.com/verrazzano/journalbeat:6.8.3-8218206-8
+  weblogicOperatorImage: oracle/weblogic-kubernetes-operator:3.0.0
+  fluentdImage: container-registry.oracle.com/verrazzano/fluentd-kubernetes-daemonset:v1.10.4-6ce326d-17
+  apiServerRealm: verrazzano-system
+
+monitoringOperator:
+  name: verrazzano-monitoring-operator
+  imageName: phx.ocir.io/stevengreenberginc/verrazzano/verrazzano-monitoring-operator
+  imageVersion: v0.0.18
+  metricsPort: 8090
+  defaultSimpleCompReplicas: 1
+  defaultPrometheusReplicas: 1
+  grafanaImage: container-registry.oracle.com/olcne/grafana:v6.4.4
+  prometheusImage: container-registry.oracle.com/olcne/prometheus:v2.13.1
+  prometheusInitImage: container-registry.oracle.com/os/oraclelinux:7-slim@sha256:9b86d1332a883ee8f68dd44ba42133de518b2e0ec1cc70257e59fb4da86b1ad3
+  prometheusGatewayImage: container-registry.oracle.com/verrazzano/prometheus-pushgateway:1.2.0-6893444-10
+  alertManagerImage: prom/alertmanager:v0.16.0
+  esWaitTargetVersion: 7.6.1
+  esImage: container-registry.oracle.com/verrazzano/elasticsearch:7.6.1-1d68e1a-2
+  esWaitImage: phx.ocir.io/stevengreenberginc/verrazzano/verrazzano-monitoring-instance-eswait:v0.0.18
+  esInitImage: container-registry.oracle.com/os/oraclelinux:7.8@sha256:46fc083cf0250ed5260fa6fe822d7d4c139ca1f7fc38e4a17ba662464bd1df4a
+  kibanaImage: container-registry.oracle.com/verrazzano/kibana:7.6.1-ccfddab-1
+  monitoringInstanceApiImage: phx.ocir.io/stevengreenberginc/verrazzano/verrazzano-monitoring-instance-api:v0.0.7
+  configReloaderImage: container-registry.oracle.com/verrazzano/configmap-reload:0.3-81d6423-33
+  nodeExporterImage: container-registry.oracle.com/verrazzano/node-exporter:0.18.1-0f43627-7
+
+clusterOperator:
+  name: verrazzano-cluster-operator
+  imageName: phx.ocir.io/stevengreenberginc/verrazzano/verrazzano-cluster-operator
+  imageVersion: v0.0.8
+  rancherURL:
+  rancherUserName:
+  rancherPassword:
+  rancherHostname:
+
+verrazzanoAdmissionController:
+  name: verrazzano-validation
+  controllerName: verrazzano-admission-controller
+  imageName: phx.ocir.io/stevengreenberginc/verrazzano/verrazzano-admission-controller
+  imageVersion: v0.0.14
+  caBundle:
+
+# OCI-related values
+oci:
+  region: ""
+  tenancyOcid: ""
+  userOcid: ""
+  fingerprint: ""
+  privateKey: ""
+  compartment: ""
+  clusterOcid: ""
+  objectStore:
+    bucketName: ""
+    namespace: ""
+
+config:
+  envName:
+  dnsSuffix: verrazzano.io
+  enableMonitoringStorage: true
diff --git a/ignore_copyright_check.txt b/ignore_copyright_check.txt
index 62bd611d..9d81a104 100644
--- a/ignore_copyright_check.txt
+++ b/ignore_copyright_check.txt
@@ -1,4 +1,7 @@
 # Copyright (c) 2020, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
 pkg/assets/assets.go
+chart/NOTES.txt
+chart/index.yaml
+chart/latest
 LICENSES-OLCNE.pdf