diff --git a/elements/oat-client/README.rst b/elements/oat-client/README.rst
new file mode 100644
index 00000000..501c87bb
--- /dev/null
+++ b/elements/oat-client/README.rst
@@ -0,0 +1,19 @@
+==========
+oat-client
+==========
+This element installs oat-client on the image, that's necessary for
+trusted boot feature in Ironic to work.
+
+Intel TXT will measure BIOS, Option Rom and Kernel/Ramdisk during trusted
+boot, the oat-client will securely fetch the hash values from TPM.
+
+.. note::
+    This element only works on Fedora.
+
+Put `fedora-oat.repo` into `/etc/yum.repos.d/`::
+
+  export DIB_YUM_REPO_CONF=/etc/yum.repos.d/fedora-oat.repo
+
+.. note::
+    OAT Repo is lack of a GPG signature check on packages, which can be
+    tracked on: https://github.com/OpenAttestation/OpenAttestation/issues/26
diff --git a/elements/oat-client/element-deps b/elements/oat-client/element-deps
new file mode 100644
index 00000000..7076aba9
--- /dev/null
+++ b/elements/oat-client/element-deps
@@ -0,0 +1 @@
+package-installs
diff --git a/elements/oat-client/package-installs.yaml b/elements/oat-client/package-installs.yaml
new file mode 100644
index 00000000..a82109a4
--- /dev/null
+++ b/elements/oat-client/package-installs.yaml
@@ -0,0 +1,2 @@
+oat-client:
+oat-commandtool:
diff --git a/elements/oat-client/yum.repos.d/fedora-oat.repo b/elements/oat-client/yum.repos.d/fedora-oat.repo
new file mode 100644
index 00000000..32e3957b
--- /dev/null
+++ b/elements/oat-client/yum.repos.d/fedora-oat.repo
@@ -0,0 +1,8 @@
+# Place this file in your /etc/yum.repos.d/ directory
+
+[oat]
+name=oat 2.2 packages and dependencies
+baseurl=http://repos.fedorapeople.org/repos/gwei3/oat/fedora-$releasever/$basearch/
+enabled=1
+skip_if_unavailable=1
+gpgcheck=0