sounds great. In our company we use chef that is part of our orchestration software (OneOps) as well but we are in process to migrate to Ansible. Ansible is so much easier than Chef into. I envision having OneOps as the tls server to provide all the visibility and FIM capabilities to the tenants. It will be amazing 😉 first step is understand how all things work together. And I have it, for now we probably will have Zentral as tls server, but the vision is to have OneOps as the tls server for all workloads it is deploying.