diff --git a/defaults/main.yml b/defaults/main.yml
index 51058db6..c616e888 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -225,6 +225,18 @@ swift_object_max_rsync_connections: "{{ swift_max_rsync_connections }}"
 swift_do_setup: True
 swift_do_sync: True
 
+# Example swift_container_sync_realms to specify container_sync realms
+# This can exist for multiple realms (in a list)
+# swift_container_sync_realms:
+#   - name: realm1
+#     # You may want to put swift_realm_keyx in user_secrets.yml or ansible-vault
+#     # Otherwise specify it manually below.
+#     key1: {{ swift_realm_key1 }}
+#     # key2 is optional and used for rotating/deprecated keys
+#     key2: {{ swift_realm_key2 }}
+#     clustername1: https://<cluster1-ip>/v1
+#     clustername2: https://<cluster2-ip>/v1
+
 # swift packages that must be installed before anything else
 swift_requires_pip_packages:
   - virtualenv
@@ -292,6 +304,7 @@ swift_account_server_replicator_conf_overrides: {}
 swift_container_server_conf_overrides: {}
 swift_container_reconciler_conf_overrides: {}
 swift_container_server_replicator_conf_overrides: {}
+swift_container_sync_realms_conf_overrides: {}
 swift_drive_audit_conf_overrides: {}
 swift_object_server_conf_overrides: {}
 swift_object_expirer_conf_overrides: {}
diff --git a/tasks/swift_proxy_hosts.yml b/tasks/swift_proxy_hosts.yml
index f7b39c5a..d28f8d5b 100644
--- a/tasks/swift_proxy_hosts.yml
+++ b/tasks/swift_proxy_hosts.yml
@@ -32,3 +32,17 @@
     config_overrides: "{{ swift_proxy_server_conf_overrides }}"
     config_type: "ini"
   notify: Restart swift proxy services
+
+# If we've specified a container-sync realm use container-sync-realms.conf
+- name: "Swift container-sync configuration"
+  config_template:
+    src: "container-sync-realms.conf.j2"
+    dest: "/etc/swift/container-sync-realms.conf"
+    owner: "{{ swift_system_user_name }}"
+    group: "{{ swift_system_group_name }}"
+    mode: "0644"
+    config_overrides: "{{ swift_container_sync_realms_conf_overrides }}"
+    config_type: "ini"
+  when: >
+    swift_container_sync_realms is defined
+  notify: Restart swift proxy services
diff --git a/tasks/swift_storage_hosts_container.yml b/tasks/swift_storage_hosts_container.yml
index 9aee965a..008f862a 100644
--- a/tasks/swift_storage_hosts_container.yml
+++ b/tasks/swift_storage_hosts_container.yml
@@ -117,6 +117,20 @@
       config_type: "ini"
   notify: Restart swift container services
 
+# If we've specified a container-sync realm use container-sync-realms.conf
+- name: "Swift container-sync configuration"
+  config_template:
+    src: "container-sync-realms.conf.j2"
+    dest: "/etc/swift/container-sync-realms.conf"
+    owner: "{{ swift_system_user_name }}"
+    group: "{{ swift_system_group_name }}"
+    mode: "0644"
+    config_overrides: "{{ swift_container_sync_realms_conf_overrides }}"
+    config_type: "ini"
+  when: >
+    swift_container_sync_realms is defined
+  notify: Restart swift container services
+
 # We only create the dedicated replicator configuration when using a dedicated replication_network
 - name: "Swift container server replicator configuration"
   config_template:
diff --git a/templates/container-sync-realms.conf.j2 b/templates/container-sync-realms.conf.j2
new file mode 100644
index 00000000..b01189b8
--- /dev/null
+++ b/templates/container-sync-realms.conf.j2
@@ -0,0 +1,12 @@
+# {{ ansible_managed }}
+
+{% for realm in swift_container_sync_realms %}
+[{{ realm.name }}]
+key = {{ realm.key1 }}
+{%   if realm.key2 is defined %}
+key2 = {{ realm.key2 }}
+{%   endif %}
+cluster_clustername1 = {{ realm.clustername1 }}
+cluster_clustername2 = {{ realm.clustername2 }}
+
+{% endfor %}