diff --git a/assets/ziti-host/ziti-host-1.5.1.tgz b/assets/ziti-host/ziti-host-1.5.1.tgz
new file mode 100644
index 000000000..d861c6de6
Binary files /dev/null and b/assets/ziti-host/ziti-host-1.5.1.tgz differ
diff --git a/charts/ziti-host/ziti-host/1.5.1/.helmignore b/charts/ziti-host/ziti-host/1.5.1/.helmignore
new file mode 100644
index 000000000..0e8a0eb36
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/charts/ziti-host/ziti-host/1.5.1/Chart.yaml b/charts/ziti-host/ziti-host/1.5.1/Chart.yaml
new file mode 100644
index 000000000..2746cd176
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/Chart.yaml
@@ -0,0 +1,12 @@
+annotations:
+  catalog.cattle.io/certified: partner
+  catalog.cattle.io/display-name: OpenZiti Service-Hosting
+  catalog.cattle.io/release-name: ziti-host
+apiVersion: v2
+appVersion: 0.24.12
+description: Host NetFoundry services with a single replica pod
+icon: https://partner-charts.rancher.io/assets/logos/ziti-host.png
+kubeVersion: '>= 1.20'
+name: ziti-host
+type: application
+version: 1.5.1
diff --git a/charts/ziti-host/ziti-host/1.5.1/app-readme.md b/charts/ziti-host/ziti-host/1.5.1/app-readme.md
new file mode 100644
index 000000000..b5bf4a12b
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/app-readme.md
@@ -0,0 +1,7 @@
+# OpenZiti Service-Hosting Deployment for Kubernetes
+
+[OpenZiti](https://ziti.dev) makes it easy to embed Zero Trust, programmable networking directly into your app. With Ziti you can have Zero Trust, high performance networking on any Internet connection, without VPNs!
+
+You will need an enrollment token from your Ziti network to install this chart. Then you may control access to your Rancher cluster workloads by assigning services to the enrolled edge identity in your Ziti network dashboard.
+
+This chart installs a Ziti edge tunneler in a namespace of your cluster. Like all edge identities in a Ziti network, this tunneler too will need an identity. You will need to create the identity and paste its enrollment token when you install this chart. If you haven't already created your network you can do so for free with [the self-hosted quickstarts](https://openziti.github.io/) or take [the managed route with NetFoundry Teams](https://netfoundry.io/) (free tier).
diff --git a/charts/ziti-host/ziti-host/1.5.1/questions.yaml b/charts/ziti-host/ziti-host/1.5.1/questions.yaml
new file mode 100644
index 000000000..d4d0f9b59
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/questions.yaml
@@ -0,0 +1,7 @@
+questions:
+- variable: enrollmentToken
+  required: true
+  type: string
+  label: Ziti identity enrollment token
+  description: Paste the one-time enrollment token which is a JSON web token from the controller 
+  group: "Global Settings"
diff --git a/charts/ziti-host/ziti-host/1.5.1/templates/NOTES.txt b/charts/ziti-host/ziti-host/1.5.1/templates/NOTES.txt
new file mode 100644
index 000000000..509b3da01
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/templates/NOTES.txt
@@ -0,0 +1,2 @@
+1. This deployment does not provide an ingress / server port, only egress from the pod to any `serverEgress` destinations you configure in a NetFoundry network e.g. https://kubernetes.default.svc:443:
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "ziti-host.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
diff --git a/charts/ziti-host/ziti-host/1.5.1/templates/_helpers.tpl b/charts/ziti-host/ziti-host/1.5.1/templates/_helpers.tpl
new file mode 100644
index 000000000..b4b129ffe
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/templates/_helpers.tpl
@@ -0,0 +1,63 @@
+{{/*
+Expand the name of the chart.
+*/}}
+
+{{- define "ziti-host.name" -}}
+    {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "ziti-host.fullname" -}}
+    {{- if .Values.fullnameOverride }}
+        {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+    {{- else }}
+        {{- $name := default .Chart.Name .Values.nameOverride }}
+    {{- if contains $name .Release.Name }}
+        {{- .Release.Name | trunc 63 | trimSuffix "-" }}
+    {{- else }}
+        {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+    {{- end }}
+    {{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "ziti-host.chart" -}}
+    {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "ziti-host.labels" -}}
+helm.sh/chart: {{ include "ziti-host.chart" . }}
+{{ include "ziti-host.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "ziti-host.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "ziti-host.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "ziti-host.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "ziti-host.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
diff --git a/charts/ziti-host/ziti-host/1.5.1/templates/secrets.yaml b/charts/ziti-host/ziti-host/1.5.1/templates/secrets.yaml
new file mode 100644
index 000000000..310b73bc4
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/templates/secrets.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "ziti-host.fullname" . }}-identity
+type: Opaque
+data:
+  enrollment-token: {{ .Values.enrollmentToken | b64enc }}
diff --git a/charts/ziti-host/ziti-host/1.5.1/templates/service.yaml b/charts/ziti-host/ziti-host/1.5.1/templates/service.yaml
new file mode 100644
index 000000000..eab5929ec
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/templates/service.yaml
@@ -0,0 +1,79 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "ziti-host.fullname" . }}
+  labels:
+    {{- include "ziti-host.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicas }}
+  selector:
+    matchLabels:
+      {{- include "ziti-host.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "ziti-host.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "ziti-host.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      dnsPolicy: {{ .Values.dnsPolicy }}
+      containers:
+        - name: {{ .Chart.Name }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: {{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            {{- toYaml .Values.ports | nindent 12 }}
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+          {{ if .Values.image.command }}
+          command: {{ .Values.image.command }}
+          {{ end }}
+          args:
+            {{- toYaml .Values.image.args | nindent 12 }}
+          env:
+            - name: NF_REG_NAME
+              value: {{ include "ziti-host.fullname" . }}-identity
+          volumeMounts:
+            - mountPath: /enrollment-token
+              name: enrollment-token
+              readOnly: true
+            - mountPath: /netfoundry
+              name: persisted-identity
+              readOnly: false
+      hostNetwork: {{ .Values.hostNetwork }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+        - name: enrollment-token
+          secret:
+            secretName: {{ include "ziti-host.fullname" . }}-identity
+            defaultMode: 0400
+            items:
+            - key: enrollment-token
+              path: {{ include "ziti-host.fullname" . }}-identity.jwt
+        - name: persisted-identity
+          persistentVolumeClaim:
+            claimName: {{ include "ziti-host.fullname" . }}
+
+
diff --git a/charts/ziti-host/ziti-host/1.5.1/templates/serviceaccount.yaml b/charts/ziti-host/ziti-host/1.5.1/templates/serviceaccount.yaml
new file mode 100644
index 000000000..e31c0ce7d
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/templates/serviceaccount.yaml
@@ -0,0 +1,12 @@
+{{- if .Values.serviceAccount.create -}}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ include "ziti-host.serviceAccountName" . }}
+  labels:
+    {{- include "ziti-host.labels" . | nindent 4 }}
+  {{- with .Values.serviceAccount.annotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+{{- end }}
diff --git a/charts/ziti-host/ziti-host/1.5.1/templates/storage.yaml b/charts/ziti-host/ziti-host/1.5.1/templates/storage.yaml
new file mode 100644
index 000000000..1c8291f20
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/templates/storage.yaml
@@ -0,0 +1,14 @@
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "ziti-host.fullname" . }}
+  labels:
+    {{- include "ziti-host.labels" . | nindent 4 }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.accessMode | quote }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size | quote }}
+{{- end -}}
diff --git a/charts/ziti-host/ziti-host/1.5.1/values.yaml b/charts/ziti-host/ziti-host/1.5.1/values.yaml
new file mode 100644
index 000000000..16e6f5898
--- /dev/null
+++ b/charts/ziti-host/ziti-host/1.5.1/values.yaml
@@ -0,0 +1,76 @@
+# Default values for ziti-host.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+ingress:
+  enabled: false
+
+persistence:
+  enabled: true
+  accessMode: ReadWriteOnce
+  size: 100Mi
+
+image:
+  repository: netfoundry/ziti-tunnel
+#  pullPolicy: Never
+  pullPolicy: Always
+#  pullPolicy: IfNotPresent
+  # Overrides the image tag whose default is the chart appVersion.
+#  tag: helmtest
+#   command: ["sh", "-c", "while true; do sleep 11; done"]
+  args:
+    - "host"  # exec "ziti-tunnel host" to only host, not intercept, no DNS
+    - "--svcPollRate"
+    - "15"
+
+dnsPolicy: ClusterFirstWithHostNet
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  # Specifies whether a service account should be created
+  create: true
+  # Annotations to add to the service account
+  annotations: {}
+  # The name of the service account to use.
+  # If not set and create is true, a name is generated using the fullname template
+  name: ""
+
+podAnnotations: {}
+
+podSecurityContext: {}
+  # fsGroup: 2000
+
+hostNetwork: False
+securityContext: {}
+  # capabilities:
+  #   add:
+  #     - NET_ADMIN
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+ports: []
+
+nodeSelector: {}
+#  kubernetes.io/role: master
+
+tolerations: []
+  # - key: node-role.kubernetes.io/master
+  #   operator: Exists
+  #   effect: NoSchedule
+
+affinity: {}
+
+replicas: 1
\ No newline at end of file
diff --git a/index.yaml b/index.yaml
index 4b78bfbc0..4903ba9e0 100755
--- a/index.yaml
+++ b/index.yaml
@@ -3946,4 +3946,21 @@ entries:
     urls:
     - assets/vals-operator/vals-operator-0.2.1.tgz
     version: 0.2.1
+  ziti-host:
+  - annotations:
+      catalog.cattle.io/certified: partner
+      catalog.cattle.io/display-name: OpenZiti Service-Hosting
+      catalog.cattle.io/release-name: ziti-host
+    apiVersion: v2
+    appVersion: 0.24.12
+    created: "2022-03-12T22:09:23.519926097-05:00"
+    description: Host NetFoundry services with a single replica pod
+    digest: ab8c3ed227d94ac33b2186d7856d2eea329c321d5fa95be8150e1cc1473ea42f
+    icon: https://partner-charts.rancher.io/assets/logos/ziti-host.png
+    kubeVersion: '>= 1.20'
+    name: ziti-host
+    type: application
+    urls:
+    - assets/ziti-host/ziti-host-1.5.1.tgz
+    version: 1.5.1
 generated: "2021-06-23T17:44:55.374388-07:00"