diff --git a/firstapp/samples/shade/introduction.py b/firstapp/samples/shade/introduction.py
new file mode 100644
index 000000000..c21838b55
--- /dev/null
+++ b/firstapp/samples/shade/introduction.py
@@ -0,0 +1,108 @@
+# step-1
+userdata = '''#!/usr/bin/env bash
+
+curl -L -s https://git.openstack.org/cgit/stackforge/faafo/plain/contrib/install.sh | bash -s -- \
+-i faafo -i messaging -r api -r worker -r demo
+'''
+
+instance_name = 'all-in-one'
+testing_instance = conn.create_server(wait=True, auto_ip=False,
+    name=instance_name,
+    image=image_id, flavor=flavor_id, key_name=keypair_name,
+    security_groups=[sec_group_name],
+    userdata=userdata)
+
+# step-2
+userdata = '''#!/usr/bin/env bash
+
+curl -L -s https://git.openstack.org/cgit/stackforge/faafo/plain/contrib/install.sh | bash -s -- \
+-i faafo -i messaging -r api -r worker -r demo
+'''
+
+# step-3
+sec_group_name = 'all-in-one'
+conn.create_security_group(sec_group_name, 'network access for all-in-one application.')
+conn.create_security_group_rule(sec_group_name, 80, 80, 'TCP')
+conn.create_security_group_rule(sec_group_name, 22, 22, 'TCP')
+
+conn.search_security_groups(sec_group_name)
+
+# step-4
+conn.list_security_groups()
+
+# step-5
+conn.delete_security_group_rule(rule['id'])
+conn.delete_security_group(sec_group_name)
+
+# step-6
+conn.get_openstack_vars(testing_instance)['security_groups']
+
+# step-7
+unused_floating_ip = conn.available_floating_ip()
+
+# step-8
+# step-9
+
+# step-10
+conn.attach_ip_to_server(testing_instance['id'], unused_floating_ip['id'])
+
+# step-11
+worker_group = conn.create_security_group('worker', 'for services that run on a worker node')
+conn.create_security_group_rule(worker_group['name'], 22, 22, 'TCP')
+
+controller_group = conn.create_security_group('control', 'for services that run on a control node')
+conn.create_security_group_rule(controller_group['name'], 22, 22, 'TCP')
+conn.create_security_group_rule(controller_group['name'], 80, 80, 'TCP')
+conn.create_security_group_rule(controller_group['name'], 5672, 5672, 'TCP', remote_group_id=worker_group['id'])
+
+userdata = '''#!/usr/bin/env bash
+curl -L -s http://git.openstack.org/cgit/stackforge/faafo/plain/contrib/install.sh | bash -s -- \
+    -i messaging -i faafo -r api
+'''
+
+instance_controller_1 = conn.create_server(wait=True, auto_ip=False,
+    name='app-controller',
+    image=image_id,
+    flavor=flavor_id,
+    key_name=keypair_name,
+    security_groups=[controller_group['name']],
+    userdata=userdata)
+
+unused_floating_ip = conn.available_floating_ip()
+
+conn.attach_ip_to_server(instance_controller_1['id'], unused_floating_ip['id'])
+print('Application will be deployed to http://%s' % unused_floating_ip['floating_ip_address'])
+
+# step-12
+instance_controller_1 = conn.get_server(instance_controller_1['id'])
+
+if conn.get_server_public_ip(instance_controller_1):
+    ip_controller = conn.get_server_public_ip(instance_controller_1)
+else:
+    ip_controller = conn.get_server_private_ip(instance_controller_1)
+
+userdata = '''#!/usr/bin/env bash
+curl -L -s http://git.openstack.org/cgit/stackforge/faafo/plain/contrib/install.sh | bash -s -- \
+    -i faafo -r worker -e 'http://%(ip_controller)s' -m 'amqp://guest:guest@%(ip_controller)s:5672/'
+''' % {'ip_controller': ip_controller}
+
+instance_worker_1 = conn.create_server(wait=True, auto_ip=False,
+    name='app-worker-1',
+    image=image_id,
+    flavor=flavor_id,
+    key_name=keypair_name,
+    security_groups=[worker_group['name']],
+    userdata=userdata)
+
+unused_floating_ip = conn.available_floating_ip()
+
+conn.attach_ip_to_server(instance_worker_1['id'], unused_floating_ip['id'], wait=True)
+print('The worker will be available for SSH at %s' % unused_floating_ip['floating_ip_address'])
+
+
+# step-13
+instance_worker_1 = conn.get_server(instance_worker_1['name'])
+ip_instance_worker_1 = conn.get_server_public_ip(instance_worker_1)
+print(ip_instance_worker_1)
+
+# step-14
diff --git a/firstapp/source/introduction.rst b/firstapp/source/introduction.rst
index 88f4f9f93..98ecbb828 100644
--- a/firstapp/source/introduction.rst
+++ b/firstapp/source/introduction.rst
@@ -200,6 +200,13 @@ section?  Let's look at it again. (Note that in this subsection, we're
 just explaining what you've already done in the previous section; you
 don't need to execute these commands again.)
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-1
+        :end-before: step-2
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py
@@ -232,6 +239,13 @@ section of the image guide for guidance about which user name you
 should use when SSHing. If you still have problems logging in, ask
 your cloud provider to confirm the user name.
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-2
+        :end-before: step-3
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py
@@ -272,19 +286,32 @@ Start by creating a security group for the all-in-one instance and
 adding the appropriate rules, such as HTTP (TCP port 80) and SSH (TCP
 port 22):
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-3
+        :end-before: step-4
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py
         :start-after: step-3
         :end-before: step-4
 
-
-.. note:: :code:`ex_create_security_group_rule()` takes ranges of
-          ports as input. This is why ports 80 and 22 are passed
-          twice.
+    .. note:: :code:`ex_create_security_group_rule()` takes ranges of
+              ports as input. This is why ports 80 and 22 are passed
+              twice.
 
 You can list available security groups with:
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-4
+        :end-before: step-5
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py
@@ -294,6 +321,13 @@ You can list available security groups with:
 
 Once you've created a rule or group, you can also delete it:
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-5
+        :end-before: step-6
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py
@@ -303,6 +337,13 @@ Once you've created a rule or group, you can also delete it:
 
 To see which security groups apply to an instance, you can:
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-6
+        :end-before: step-7
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py
@@ -349,28 +390,38 @@ then associate it to your instance's network interface.
         :end-before: step-8
 
 
-If you have no free floating IPs that have been previously allocated
-for your project, first select a floating IP pool offered by your
-provider. In this example, we have selected the first one and assume
-that it has available IP addresses.
-
-.. only:: libcloud
+    If you have no free floating IPs that have been previously allocated
+    for your project, first select a floating IP pool offered by your
+    provider. In this example, we have selected the first one and assume
+    that it has available IP addresses.
 
     .. literalinclude:: ../samples/libcloud/introduction.py
         :start-after: step-8
         :end-before: step-9
 
-Now request that an address from this pool be allocated to your project.
-
-.. only:: libcloud
+    Now request that an address from this pool be allocated to your project.
 
     .. literalinclude:: ../samples/libcloud/introduction.py
         :start-after: step-9
         :end-before: step-10
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-7
+        :end-before: step-8
+
 Now that you have an unused floating IP address allocated to your
 project, attach it to an instance.
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-10
+        :end-before: step-11
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py
@@ -409,6 +460,13 @@ Parameter  Description            Values
 
 .. todo:: https://bugs.launchpad.net/openstack-manuals/+bug/1439918
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-11
+        :end-before: step-12
+
 .. only:: libcloud
 
 
@@ -424,6 +482,12 @@ Next, start a second instance, which will be the worker instance:
 
 .. todo :: more text necessary here...
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-12
+        :end-before: step-13
 
 .. only:: libcloud
 
@@ -460,6 +524,13 @@ Login to the worker instance, :code:`app-worker-1`, with SSH, using
 the previous added SSH key pair "demokey". Start by getting the IP
 address of the worker:
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+        :language: python
+        :start-after: step-13
+        :end-before: step-14
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py
@@ -589,6 +660,11 @@ This comprehensive code sample lets you view and run the code as a single script
 Before you run this script, confirm that you have set your authentication
 information, the flavor ID, and image ID.
 
+.. only:: shade
+
+    .. literalinclude:: ../samples/shade/introduction.py
+       :language: python
+
 .. only:: libcloud
 
     .. literalinclude:: ../samples/libcloud/introduction.py