diff --git a/cesnet-mcc/inventory/99-all.yaml b/cesnet-mcc/inventory/99-all.yaml
index d39c6a731488c50c7297ef06adbccffb61cda12b..509e2f42f13351ac6df5170841039b5689168751 100644
--- a/cesnet-mcc/inventory/99-all.yaml
+++ b/cesnet-mcc/inventory/99-all.yaml
@@ -13,4 +13,5 @@ all:
     site_name: cesnet-mcc
     vault_mount_point: eosc/dev
 
+    gateway_hostname: gateway-cesnet.eosc.zcu.cz
     grafana_hostname: grafana-cesnet.eosc.zcu.cz
diff --git a/cesnet-mcc/playbooks/gateway.yaml b/cesnet-mcc/playbooks/gateway.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..93a5bbaff95445482025109647e50f4bc1f2af2e
--- /dev/null
+++ b/cesnet-mcc/playbooks/gateway.yaml
@@ -0,0 +1,71 @@
+---
+- name: Enterprise Gateway Deployment
+  hosts: master
+  become: true
+  vars:
+    namespace: gateway
+    version: 3.2.2
+  tasks:
+    - name: Enterprise Gateway Configuration
+      copy:
+        dest: /tmp/gateway.yaml
+        mode: 0640
+        content: |
+          global:
+            rbac: true
+          deployment:
+            replicas: 1
+            # serviceAccountName: 'enterprise-gateway-sa'
+            terminationGracePeriodSeconds: 60
+          ingress:
+            enabled: true
+            annotations:
+              kubernetes.io/ingress.class: "nginx"
+              # kubernetes.io/tls-acme: "true"
+            hosts:
+            - "{{ gateway_hostname }}"
+            # tls:
+            # - hosts:
+            #   - "{{ gateway_hostname }}"
+            #   secretName: acme-tls-grafana
+          kip:
+            enabled: true
+            # serviceAccountName: 'kernel-image-puller-sa'
+            # podSecurityPolicy:
+            #   create: true
+          service:
+            type: "ClusterIP"
+            ports:
+              # Enterprise Gateway reqursts
+              - name: http
+                port: 8888
+                targetPort: 8888
+              # Kernel connection info responses
+              - name: http-reponse
+                port: 8887
+                targetPort: 8887
+    - name: Enterprise Gateway Download
+      get_url:
+        url: "https://github.com/jupyter-server/enterprise_gateway/releases/download/v{{ version }}/jupyter_enterprise_gateway_helm-{{ version }}.tar.gz"
+        dest: "/tmp/jupyter_enterprise_gateway_helm-{{ version }}.tar.gz"
+        mode: 0644
+    - name: Enterprise Gateway Helm
+      vars:
+        config: >-
+          --namespace {{ namespace }}
+          --kube-context kubernetes-admin@kubernetes
+          -f /tmp/gateway.yaml
+          enterprise-gateway
+          /tmp/jupyter_enterprise_gateway_helm-{{ version }}.tar.gz
+      shell: |-
+        helm status --namespace {{ namespace }} enterprise-gateway
+        if [ $? -ne 0 ]; then
+          kubectl create namespace {{ namespace }} || :
+          helm install {{ config }}
+        else
+          helm upgrade {{ config }}
+        fi
+      environment:
+        KUBECONFIG: /etc/kubernetes/admin.conf
+        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      when: true