diff --git a/PROJECT b/PROJECT
index 0062b0f..823f86e 100644
--- a/PROJECT
+++ b/PROJECT
@@ -17,4 +17,13 @@ resources:
   kind: IPXEBootConfig
   path: github.com/ironcore-dev/ipxe-operator/api/v1alpha1
   version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: ironcore.dev
+  group: boot
+  kind: HTTPBootConfig
+  path: github.com/ironcore-dev/ipxe-operator/api/v1alpha1
+  version: v1alpha1
 version: "3"
diff --git a/api/v1alpha1/httpbootconfig_types.go b/api/v1alpha1/httpbootconfig_types.go
new file mode 100644
index 0000000..3d38849
--- /dev/null
+++ b/api/v1alpha1/httpbootconfig_types.go
@@ -0,0 +1,61 @@
+// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and IronCore contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package v1alpha1
+
+import (
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// HTTPBootConfigSpec defines the desired state of HTTPBootConfig
+type HTTPBootConfigSpec struct {
+	SystemUUID string   `json:"systemUUID,omitempty"`
+	SystemIPs  []string `json:"systemIP,omitempty"` // TODO: Add the custom serialization. For now validate at the controller.
+
+	KernelURL   string `json:"kernelURL,omitempty"`
+	InitrdURL   string `json:"initrdURL,omitempty"`
+	SquashfsURL string `json:"squashfsURL,omitempty"`
+
+	IgnitionSecretRef *corev1.LocalObjectReference `json:"ignitionSecretRef,omitempty"`
+
+	CmdLine string `json:"cmdLine,omitempty"`
+}
+
+// HTTPBootConfigStatus defines the observed state of HTTPBootConfig
+type HTTPBootConfigStatus struct {
+	State HTTPConfigState `json:"state,omitempty"`
+}
+
+type HTTPConfigState string
+
+const (
+	HTTPConfigStateReady   HTTPConfigState = "Ready"
+	HTTPConfigStatePending HTTPConfigState = "Pending"
+	HTTPConfigStateError   HTTPConfigState = "Error"
+)
+
+//+kubebuilder:object:root=true
+//+kubebuilder:subresource:status
+
+// HTTPBootConfig is the Schema for the httpbootconfigs API
+type HTTPBootConfig struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   HTTPBootConfigSpec   `json:"spec,omitempty"`
+	Status HTTPBootConfigStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// HTTPBootConfigList contains a list of HTTPBootConfig
+type HTTPBootConfigList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []HTTPBootConfig `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&HTTPBootConfig{}, &HTTPBootConfigList{})
+}
diff --git a/api/v1alpha1/ipxebootconfig_types.go b/api/v1alpha1/ipxebootconfig_types.go
index 2ee02ae..f8f153d 100644
--- a/api/v1alpha1/ipxebootconfig_types.go
+++ b/api/v1alpha1/ipxebootconfig_types.go
@@ -38,7 +38,6 @@ const DefaultIgnitionKey = "ignition"
 
 // IPXEBootConfigStatus defines the observed state of IPXEBootConfig
 type IPXEBootConfigStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
 	// Important: Run "make" to regenerate code after modifying this file
 	State IPXEBootConfigState `json:"state,omitempty"`
 }
diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
index 9975419..7a7967c 100644
--- a/api/v1alpha1/zz_generated.deepcopy.go
+++ b/api/v1alpha1/zz_generated.deepcopy.go
@@ -8,10 +8,99 @@
 package v1alpha1
 
 import (
-	v1 "k8s.io/api/core/v1"
+	"k8s.io/api/core/v1"
 	runtime "k8s.io/apimachinery/pkg/runtime"
 )
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HTTPBootConfig) DeepCopyInto(out *HTTPBootConfig) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	out.Spec = in.Spec
+	out.Status = in.Status
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPBootConfig.
+func (in *HTTPBootConfig) DeepCopy() *HTTPBootConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(HTTPBootConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *HTTPBootConfig) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HTTPBootConfigList) DeepCopyInto(out *HTTPBootConfigList) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]HTTPBootConfig, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPBootConfigList.
+func (in *HTTPBootConfigList) DeepCopy() *HTTPBootConfigList {
+	if in == nil {
+		return nil
+	}
+	out := new(HTTPBootConfigList)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *HTTPBootConfigList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HTTPBootConfigSpec) DeepCopyInto(out *HTTPBootConfigSpec) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPBootConfigSpec.
+func (in *HTTPBootConfigSpec) DeepCopy() *HTTPBootConfigSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(HTTPBootConfigSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *HTTPBootConfigStatus) DeepCopyInto(out *HTTPBootConfigStatus) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new HTTPBootConfigStatus.
+func (in *HTTPBootConfigStatus) DeepCopy() *HTTPBootConfigStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(HTTPBootConfigStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *IPXEBootConfig) DeepCopyInto(out *IPXEBootConfig) {
 	*out = *in
diff --git a/cmd/main.go b/cmd/main.go
index a6e6047..c902719 100644
--- a/cmd/main.go
+++ b/cmd/main.go
@@ -188,6 +188,13 @@ func main() {
 			os.Exit(1)
 		}
 	}
+	if err = (&controller.HTTPBootConfigReconciler{
+		Client: mgr.GetClient(),
+		Scheme: mgr.GetScheme(),
+	}).SetupWithManager(mgr); err != nil {
+		setupLog.Error(err, "unable to create controller", "controller", "HTTPBootConfig")
+		os.Exit(1)
+	}
 	//+kubebuilder:scaffold:builder
 
 	if err := mgr.AddHealthzCheck("healthz", healthz.Ping); err != nil {
diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml
index 68a198b..3f594f7 100644
--- a/config/crd/kustomization.yaml
+++ b/config/crd/kustomization.yaml
@@ -3,17 +3,20 @@
 # It should be run by config/default
 resources:
 - bases/boot.ironcore.dev_ipxebootconfigs.yaml
+- bases/boot.ironcore.dev_httpbootconfigs.yaml
 #+kubebuilder:scaffold:crdkustomizeresource
 
 patches:
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
 # patches here are for enabling the conversion webhook for each CRD
 #- path: patches/webhook_in_ipxebootconfigs.yaml
+#- path: patches/webhook_in_httpbootconfigs.yaml
 #+kubebuilder:scaffold:crdkustomizewebhookpatch
 
 # [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
 # patches here are for enabling the CA injection for each CRD
 #- path: patches/cainjection_in_ipxebootconfigs.yaml
+#- path: patches/cainjection_in_httpbootconfigs.yaml
 #+kubebuilder:scaffold:crdkustomizecainjectionpatch
 
 # [WEBHOOK] To enable webhook, uncomment the following section
diff --git a/config/rbac/httpbootconfig_editor_role.yaml b/config/rbac/httpbootconfig_editor_role.yaml
new file mode 100644
index 0000000..f772cfe
--- /dev/null
+++ b/config/rbac/httpbootconfig_editor_role.yaml
@@ -0,0 +1,31 @@
+# permissions for end users to edit httpbootconfigs.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: clusterrole
+    app.kubernetes.io/instance: httpbootconfig-editor-role
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: ipxe-operator
+    app.kubernetes.io/part-of: ipxe-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: httpbootconfig-editor-role
+rules:
+- apiGroups:
+  - boot.ironcore.dev
+  resources:
+  - httpbootconfigs
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - boot.ironcore.dev
+  resources:
+  - httpbootconfigs/status
+  verbs:
+  - get
diff --git a/config/rbac/httpbootconfig_viewer_role.yaml b/config/rbac/httpbootconfig_viewer_role.yaml
new file mode 100644
index 0000000..76a9b31
--- /dev/null
+++ b/config/rbac/httpbootconfig_viewer_role.yaml
@@ -0,0 +1,27 @@
+# permissions for end users to view httpbootconfigs.
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: clusterrole
+    app.kubernetes.io/instance: httpbootconfig-viewer-role
+    app.kubernetes.io/component: rbac
+    app.kubernetes.io/created-by: ipxe-operator
+    app.kubernetes.io/part-of: ipxe-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: httpbootconfig-viewer-role
+rules:
+- apiGroups:
+  - boot.ironcore.dev
+  resources:
+  - httpbootconfigs
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - boot.ironcore.dev
+  resources:
+  - httpbootconfigs/status
+  verbs:
+  - get
diff --git a/config/samples/httpbootconfig.yaml b/config/samples/httpbootconfig.yaml
new file mode 100644
index 0000000..0cd2aaa
--- /dev/null
+++ b/config/samples/httpbootconfig.yaml
@@ -0,0 +1,20 @@
+apiVersion: boot.ironcore.dev/v1alpha1
+kind: HTTPBootConfig
+metadata:
+  labels:
+    app.kubernetes.io/name: httpbootconfig
+    app.kubernetes.io/instance: httpbootconfig-sample
+    app.kubernetes.io/part-of: ipxe-operator
+    app.kubernetes.io/managed-by: kustomize
+    app.kubernetes.io/created-by: ipxe-operator
+  name: httpbootconfig-sample
+spec:
+  systemUUID: 1234
+  systemIPs:
+    - 1.2.3.4
+  ignitionSecretRef:
+    name: ignition-sample
+  kernelURL: "10.0.0.1/ipxe/rootfs.vmlinuz"
+  initrdURL: "10.0.0.1/ipxe/rootfs.initrd"
+  squashfsURL: "10.0.0.1/ipxe/root.squashfs"
+  
diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml
index f8719ea..79cf5cc 100644
--- a/config/samples/kustomization.yaml
+++ b/config/samples/kustomization.yaml
@@ -1,4 +1,5 @@
 ## Append samples of your project ##
 resources:
 - boot_v1alpha1_ipxebootconfig.yaml
+- boot_v1alpha1_httpbootconfig.yaml
 #+kubebuilder:scaffold:manifestskustomizesamples
diff --git a/internal/controller/httpbootconfig_controller.go b/internal/controller/httpbootconfig_controller.go
new file mode 100644
index 0000000..8267278
--- /dev/null
+++ b/internal/controller/httpbootconfig_controller.go
@@ -0,0 +1,49 @@
+// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and IronCore contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package controller
+
+import (
+	"context"
+
+	"k8s.io/apimachinery/pkg/runtime"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+
+	bootv1alpha1 "github.com/ironcore-dev/ipxe-operator/api/v1alpha1"
+)
+
+// HTTPBootConfigReconciler reconciles a HTTPBootConfig object
+type HTTPBootConfigReconciler struct {
+	client.Client
+	Scheme *runtime.Scheme
+}
+
+//+kubebuilder:rbac:groups=boot.ironcore.dev,resources=httpbootconfigs,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups=boot.ironcore.dev,resources=httpbootconfigs/status,verbs=get;update;patch
+//+kubebuilder:rbac:groups=boot.ironcore.dev,resources=httpbootconfigs/finalizers,verbs=update
+
+// Reconcile is part of the main kubernetes reconciliation loop which aims to
+// move the current state of the cluster closer to the desired state.
+// TODO(user): Modify the Reconcile function to compare the state specified by
+// the HTTPBootConfig object against the actual cluster state, and then
+// perform operations to make the cluster state reflect the state specified by
+// the user.
+//
+// For more details, check Reconcile and its Result here:
+// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.17.0/pkg/reconcile
+func (r *HTTPBootConfigReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
+	_ = log.FromContext(ctx)
+
+	// TODO(user): your logic here
+
+	return ctrl.Result{}, nil
+}
+
+// SetupWithManager sets up the controller with the Manager.
+func (r *HTTPBootConfigReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewControllerManagedBy(mgr).
+		For(&bootv1alpha1.HTTPBootConfig{}).
+		Complete(r)
+}
diff --git a/internal/controller/httpbootconfig_controller_test.go b/internal/controller/httpbootconfig_controller_test.go
new file mode 100644
index 0000000..40a03d7
--- /dev/null
+++ b/internal/controller/httpbootconfig_controller_test.go
@@ -0,0 +1,71 @@
+// SPDX-FileCopyrightText: 2024 SAP SE or an SAP affiliate company and IronCore contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package controller
+
+import (
+	"context"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	"k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/types"
+	"sigs.k8s.io/controller-runtime/pkg/reconcile"
+
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+	bootv1alpha1 "github.com/ironcore-dev/ipxe-operator/api/v1alpha1"
+)
+
+var _ = Describe("HTTPBootConfig Controller", func() {
+	Context("When reconciling a resource", func() {
+		const resourceName = "test-resource"
+
+		ctx := context.Background()
+
+		typeNamespacedName := types.NamespacedName{
+			Name:      resourceName,
+			Namespace: "default", // TODO(user):Modify as needed
+		}
+		httpbootconfig := &bootv1alpha1.HTTPBootConfig{}
+
+		BeforeEach(func() {
+			By("creating the custom resource for the Kind HTTPBootConfig")
+			err := k8sClient.Get(ctx, typeNamespacedName, httpbootconfig)
+			if err != nil && errors.IsNotFound(err) {
+				resource := &bootv1alpha1.HTTPBootConfig{
+					ObjectMeta: metav1.ObjectMeta{
+						Name:      resourceName,
+						Namespace: "default",
+					},
+					// TODO(user): Specify other spec details if needed.
+				}
+				Expect(k8sClient.Create(ctx, resource)).To(Succeed())
+			}
+		})
+
+		AfterEach(func() {
+			// TODO(user): Cleanup logic after each test, like removing the resource instance.
+			resource := &bootv1alpha1.HTTPBootConfig{}
+			err := k8sClient.Get(ctx, typeNamespacedName, resource)
+			Expect(err).NotTo(HaveOccurred())
+
+			By("Cleanup the specific resource instance HTTPBootConfig")
+			Expect(k8sClient.Delete(ctx, resource)).To(Succeed())
+		})
+		It("should successfully reconcile the resource", func() {
+			By("Reconciling the created resource")
+			controllerReconciler := &HTTPBootConfigReconciler{
+				Client: k8sClient,
+				Scheme: k8sClient.Scheme(),
+			}
+
+			_, err := controllerReconciler.Reconcile(ctx, reconcile.Request{
+				NamespacedName: typeNamespacedName,
+			})
+			Expect(err).NotTo(HaveOccurred())
+			// TODO(user): Add more specific assertions depending on your controller's reconciliation logic.
+			// Example: If you expect a certain status condition after reconciliation, verify it here.
+		})
+	})
+})
diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go
index f1121a2..025f2f2 100644
--- a/internal/controller/suite_test.go
+++ b/internal/controller/suite_test.go
@@ -87,6 +87,9 @@ var _ = BeforeSuite(func() {
 	Expect(bootv1alpha1.AddToScheme(scheme.Scheme)).NotTo(HaveOccurred())
 	Expect(metalv1alpha1.AddToScheme(scheme.Scheme)).NotTo(HaveOccurred())
 
+	err = bootv1alpha1.AddToScheme(scheme.Scheme)
+	Expect(err).NotTo(HaveOccurred())
+
 	//+kubebuilder:scaffold:scheme
 
 	k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme})