diff --git a/playbooks/openshift-apps/koschei.yml b/playbooks/openshift-apps/koschei.yml
index 00e80e5f11..e946a0e1db 100644
--- a/playbooks/openshift-apps/koschei.yml
+++ b/playbooks/openshift-apps/koschei.yml
@@ -17,6 +17,12 @@
     template: frontend-config.yml
     objectname: frontend-config.yml
 
+  - role: openshift/keytab
+    key: krb5.keytab
+    secret_name: backend-keytab
+    service: koschei
+    host: "koschei-backend01{{ env_suffix }}.phx2.fedoraproject.org"
+
   - role: openshift/object
     template: frontend-deployment.yml
     objectname: frontend-deployment.yml
diff --git a/roles/openshift-apps/koschei/templates/backend-deployment.yml b/roles/openshift-apps/koschei/templates/backend-deployment.yml
index 5b436f96cb..29f3c2236b 100644
--- a/roles/openshift-apps/koschei/templates/backend-deployment.yml
+++ b/roles/openshift-apps/koschei/templates/backend-deployment.yml
@@ -21,6 +21,10 @@ spec:
         - name: config-volume
           mountPath: /etc/koschei
           readOnly: true
+        - name: keytab-volume
+          mountPath: /etc/krb5.keytab
+          subPath: krb5.keytab
+          readOnly: true
         resources:
           limits:
             memory: 256Mi
@@ -28,3 +32,6 @@ spec:
       - name: config-volume
         secret:
           secretName: backend-config
+      - name: keytab-volume
+        secret:
+          secretName: backend-keytab