diff --git a/manifests/redis.pp b/manifests/redis.pp
index 3f245e23b..aac853b5c 100644
--- a/manifests/redis.pp
+++ b/manifests/redis.pp
@@ -7,7 +7,15 @@ class openstack_integration::redis {
   }
   $tls_port = $openstack_integration::config::ssl ? {
     true    => 6379,
-    default => 0
+    default => undef
+  }
+  $sentinel_port = $openstack_integration::config::ssl ? {
+    true    => 0,
+    default => 26379
+  }
+  $sentinel_tls_port = $openstack_integration::config::ssl ? {
+    true    => 26379,
+    default => undef
   }
 
   class { 'redis':
@@ -21,6 +29,21 @@ class openstack_integration::redis {
     requirepass      => 'a_big_secret',
   }
 
+  class { 'redis::sentinel':
+    auth_pass         => 'a_big_secret',
+    redis_host        => $::openstack_integration::config::host,
+    redis_port        => 6379,
+    requirepass       => 'a_big_secret',
+    quorum            => 1,
+    sentinel_port     => $sentinel_port,
+    sentinel_tls_port => $sentinel_tls_port,
+    sentinel_bind     => $::openstack_integration::config::host,
+    tls_cert_file     => $::openstack_integration::params::cert_path,
+    tls_key_file      => "/etc/redis/ssl/private/${facts['networking']['fqdn']}.pem",
+    tls_ca_cert_file  => $::openstack_integration::params::ca_bundle_cert_path,
+    tls_replication   => $openstack_integration::config::ssl,
+  }
+
   if $::openstack_integration::config::ssl {
     openstack_integration::ssl_key { 'redis':
       require => Package[$::redis::package_name],