diff --git a/kubernetes-templates/piston.yml b/kubernetes-templates/piston.yml
new file mode 100644
index 0000000..7665f2e
--- /dev/null
+++ b/kubernetes-templates/piston.yml
@@ -0,0 +1,82 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: piston
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: piston-sa
+  namespace: piston
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: piston-pvc
+  namespace: piston
+spec:
+  accessModes: ["ReadWriteOnce"]
+  storageClassName: nfs-storage
+  resources:
+    requests:
+      storage: 50Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: piston
+  namespace: piston
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: piston
+  template:
+    metadata:
+      labels:
+        app: piston
+    spec:
+      serviceAccountName: piston-sa
+      hostNetwork: false
+      hostPID: false
+      hostIPC: false
+      containers:
+      - name: piston
+        image: engineerman/piston:latest
+        securityContext:
+          privileged: true
+          allowPrivilegeEscalation: true
+          runAsNonRoot: false
+        ports:
+          - containerPort: 2000
+        volumeMounts:
+          - name: packages
+            mountPath: /piston/packages
+        resources:
+          requests:
+            cpu: "500m"
+            memory: "1Gi"
+          limits:
+            cpu: "1"
+            memory: "2Gi"
+      volumes:
+        - name: packages
+          persistentVolumeClaim:
+            claimName: piston-pvc
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: piston-service
+  namespace: piston
+spec:
+  type: NodePort
+  selector:
+    app: piston
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+      targetPort: 2000
+      nodePort: 31003