diff --git a/inventory/host_vars/bastion01.rdu3.fedoraproject.org b/inventory/host_vars/bastion01.rdu3.fedoraproject.org
new file mode 100644
index 0000000000..a36942c625
--- /dev/null
+++ b/inventory/host_vars/bastion01.rdu3.fedoraproject.org
@@ -0,0 +1,14 @@
+---
+datacenter: rdu3
+dns1: 10.16.163.33
+dns2: 10.16.163.34
+eth0_ipv4_gw: 10.16.163.254
+eth0_ipv4_ip: 10.16.163.31
+ks_repo: https://infrastructure.fedoraproject.org/repo/rhel/RHEL9-x86_64/
+ks_url: https://infrastructure.fedoraproject.org/repo/rhel/ks/kvm-rhel
+ssh_hostnames:
+  - bastion.fedoraproject.org
+  - bastion01.fedoraproject.org
+vmhost: vmhost-x86-01.rdu3.fedoraproject.org
+volgroup: /dev/vg_guests
+vpn: false
diff --git a/inventory/host_vars/db01.iad2.fedoraproject.org b/inventory/host_vars/db01.iad2.fedoraproject.org
index 66a49a4839..9407754b08 100644
--- a/inventory/host_vars/db01.iad2.fedoraproject.org
+++ b/inventory/host_vars/db01.iad2.fedoraproject.org
@@ -70,7 +70,7 @@ nrpe_procs_crit: 900
 # db01 handles lots of apps, could have many procs if they are busy.
 #
 nrpe_procs_warn: 800
-num_cpus: 32
+num_cpus: 48
 # Should be 0.25 of memory
 shared_buffers: "24GB"
 vmhost: vmhost-x86-08.iad2.fedoraproject.org
diff --git a/inventory/inventory b/inventory/inventory
index 53bc0812f1..5eb26845fd 100644
--- a/inventory/inventory
+++ b/inventory/inventory
@@ -576,6 +576,7 @@ zabbix01.stg.iad2.fedoraproject.org
 [staging_friendly]
 noc01.iad2.fedoraproject.org
 bastion01.iad2.fedoraproject.org
+bastion01.rdu3.fedoraproject.org
 bastion02.iad2.fedoraproject.org
 batcave01.iad2.fedoraproject.org
 certgetter01.iad2.fedoraproject.org
diff --git a/playbooks/groups/bastion.yml b/playbooks/groups/bastion.yml
index b030d2eb57..8b591cee41 100644
--- a/playbooks/groups/bastion.yml
+++ b/playbooks/groups/bastion.yml
@@ -16,8 +16,7 @@
   roles:
   - base
   - rkhunter
-  - { role: openvpn/client, when: inventory_hostname == 'bastion13.fedoraproject.org' }
-  - openvpn/server
+  - { role: openvpn/server, when: datacenter == 'iad2' }
   - ipa/client
   - nagios_client
   - hosts
diff --git a/roles/chrony/templates/chrony.conf.j2 b/roles/chrony/templates/chrony.conf.j2
index 505d9116af..ac01cbef9b 100644
--- a/roles/chrony/templates/chrony.conf.j2
+++ b/roles/chrony/templates/chrony.conf.j2
@@ -4,6 +4,9 @@ server bastion01.iad2.fedoraproject.org iburst
 server bastion02.iad2.fedoraproject.org iburst
 {% elif datacenter == 'cloud'  and not ansible_hostname.startswith('cloud-noc') %}
 server cloud-noc01.fedorainfracloud.org port 124
+{% elif datacenter == 'rdu3'  and ot ansible_hostname.startswith('bastion') %}
+server bastion01.rdu3.fedoraproject.org iburst
+server bastion02.rdu3.fedoraproject.org iburst
 {% elif datacenter == 'cloud'  and ansible_hostname.startswith('cloud-noc') %}
 server 0.rhel.pool.ntp.org iburst
 server 1.rhel.pool.ntp.org iburst