diff --git a/.gitignore b/.gitignore
index 1377554..8f23354 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,6 @@
 *.swp
+.kitchen
+.kitchen.local.yml
+.cache
+junit-*.xml
+__pycache__
diff --git a/.kitchen.yml b/.kitchen.yml
new file mode 100644
index 0000000..1b682d6
--- /dev/null
+++ b/.kitchen.yml
@@ -0,0 +1,38 @@
+---
+driver:
+  name: vagrant
+
+platforms:
+  - name: bento/debian-9
+  - name: bento/debian-8
+  - name: bento/ubuntu-18.04
+  - name: bento/centos-7 
+
+provisioner:
+  salt_version: latest
+  name: salt_solo
+  formula: openvpn
+  require_chef: false
+  pillars:
+    top.sls:
+      base:
+        '*':
+           - test
+
+suites:
+  - name: config
+    provisioner:
+      pillars_from_files:
+        test.sls: test/config/pillars
+      state_top:
+        base:
+          '*':
+            - openvpn.config
+
+lifecycle:
+  post_converge:
+  - local: sleep 10
+
+verifier:
+  name: shell
+  command: py.test -vvv --junit-xml junit-$KITCHEN_INSTANCE.xml test/$KITCHEN_SUITE
diff --git a/test/config/pillars b/test/config/pillars
new file mode 100644
index 0000000..255eeba
--- /dev/null
+++ b/test/config/pillars
@@ -0,0 +1,81 @@
+openvpn:
+  lookup:
+    user: openvpn
+    group: openvpn
+    manage_user: True
+    manage_group: True
+    external_repo_enabled: True
+    dh_files: ['512']
+  server:
+    myserver1:
+      local: 127.0.0.1
+      port: 2000
+      proto: udp
+      topology: p2p
+      dev: tun
+      comp_lzo: "yes"
+      ifconfig: 169.254.0.1 169.254.0.2
+      log_append: /var/log/openvpn/myserver1.log
+      secret: /etc/openvpn/myserver1_secret.key
+      # /usr/sbin/openvpn --genkey --secret /dev/stdout
+      secret_content: |
+        #
+        # 2048 bit OpenVPN static key
+        #
+        -----BEGIN OpenVPN Static key V1-----
+        6b3e7b098232e9c885f8deed5c069b02
+        47a966595178cc30ebcd4e1042e019ef
+        fdfbed752e26ef7b0877e0e0a6e4e38b
+        ffed3fd9da205ff6cd39825d0f8a99ec
+        324848682062676868b57e4474791042
+        4dc4ad7f3ff7ba8815e31f950c7443c8
+        b52441384936cbf50d2f4d051d0c889a
+        f118dec5c749398cdce859fced60a4eb
+        4e78abb9939f8dbe1cbdbbcaa914b539
+        6258235dce1a8ef044a29f8ce018f183
+        4b83f17a42b788c583cf006cccb5050f
+        a1c53b22688d98a2092fcd23b160b01a
+        064d84f1355c605287b30b140c3c5fa7
+        b5e2a0a8def6eb46b3ab4a11b5cb4c96
+        4c099bf8e74b8bf4e6509de69b7a79ad
+        7391b6cf3f4ae296ecf8b552144a2947
+        -----END OpenVPN Static key V1-----
+  client:
+    myclient1:
+      remote:
+        - 127.0.0.1 2000
+      lport: 62000
+      proto: udp
+      topology: p2p
+      dev: tun
+      comp_lzo: "yes"
+      pull: False
+      tls_client: False
+      nobind: False
+      ifconfig: 169.254.0.2 169.254.0.1
+      log_append: /var/log/openvpn/myclient1.log
+      secret: /etc/openvpn/myclient1_secret.key
+      # /usr/sbin/openvpn --genkey --secret /dev/stdout
+      secret_content: |
+        #
+        # 2048 bit OpenVPN static key
+        #
+        -----BEGIN OpenVPN Static key V1-----
+        6b3e7b098232e9c885f8deed5c069b02
+        47a966595178cc30ebcd4e1042e019ef
+        fdfbed752e26ef7b0877e0e0a6e4e38b
+        ffed3fd9da205ff6cd39825d0f8a99ec
+        324848682062676868b57e4474791042
+        4dc4ad7f3ff7ba8815e31f950c7443c8
+        b52441384936cbf50d2f4d051d0c889a
+        f118dec5c749398cdce859fced60a4eb
+        4e78abb9939f8dbe1cbdbbcaa914b539
+        6258235dce1a8ef044a29f8ce018f183
+        4b83f17a42b788c583cf006cccb5050f
+        a1c53b22688d98a2092fcd23b160b01a
+        064d84f1355c605287b30b140c3c5fa7
+        b5e2a0a8def6eb46b3ab4a11b5cb4c96
+        4c099bf8e74b8bf4e6509de69b7a79ad
+        7391b6cf3f4ae296ecf8b552144a2947
+        -----END OpenVPN Static key V1-----
+
diff --git a/test/config/testinfra/test_config.py b/test/config/testinfra/test_config.py
new file mode 100644
index 0000000..e8638d3
--- /dev/null
+++ b/test/config/testinfra/test_config.py
@@ -0,0 +1,15 @@
+def test_myserver1_service(host):
+    service = host.service("openvpn@myserver1.service")
+    assert service.is_running
+    assert service.is_enabled
+
+def test_myserver1_log(host):
+    assert host.file("/var/log/openvpn/myserver1.log").contains("Initialization Sequence Completed")
+
+def test_myclient1_service(host):
+    service = host.service("openvpn@myclient1.service")
+    assert service.is_running
+    assert service.is_enabled
+
+def test_myclient1_log(host):
+    assert host.file("/var/log/openvpn/myclient1.log").contains("Initialization Sequence Completed")
diff --git a/test/conftest.py b/test/conftest.py
new file mode 100644
index 0000000..374f7e3
--- /dev/null
+++ b/test/conftest.py
@@ -0,0 +1,31 @@
+import pytest
+import testinfra
+from testinfra.backend.base import BaseBackend
+from testinfra.backend import parse_hostspec
+import os
+
+SSH_CONFIG = '.ssh-config'
+SSH_CONFIG_MAP = {
+    'KITCHEN_HOSTNAME': 'Hostname',
+    'KITCHEN_USERNAME': 'User',
+    'KITCHEN_PORT': 'Port',
+    'KITCHEN_SSH_KEY': 'IdentityFile',
+}
+
+@pytest.fixture
+def host(request, tmpdir_factory):
+    # Override the TestinfraBackend fixture,
+    # all testinfra fixtures (i.e. modules) depend on it.
+    tmpdir = tmpdir_factory.mktemp(str(id(request)))
+    image, kw = parse_hostspec(os.environ['KITCHEN_INSTANCE'])
+    ssh_config = ['Host {0}'.format(os.environ['KITCHEN_INSTANCE'])]
+    for key in SSH_CONFIG_MAP.keys():
+        if key in os.environ:
+            ssh_config.append('{0} {1}'.format(SSH_CONFIG_MAP[key], os.environ[key]))
+    ssh_config_file = tmpdir.join(SSH_CONFIG)
+    ssh_config_file.write('\n'.join(ssh_config))
+
+    # Return a dynamic created backend
+    host = testinfra.host.get_host(os.environ['KITCHEN_INSTANCE'], ssh_config=str(ssh_config_file), sudo=True)
+    host.backend.get_hostname = lambda: image
+    return host