diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/cleanup.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/cleanup.yml
index 38b8205..ed1b7ee 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/cleanup.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/cleanup.yml
@@ -4,6 +4,7 @@
     path: /opt/metacluster/container-images/*.tar
     format: gz
     remove: yes
+  ignore_errors: yes
 
 - name: Cleanup tempfile
   ansible.builtin.file:
diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
index 4218350..56be3b3 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
@@ -23,6 +23,7 @@
         network: "{{ vcenter_info.network }}"
         resourcepool: "{{ vcenter_info.resourcepool }}"
       cluster:
+        nodetemplate: "{{ downstream.node_template.image.name }}"
         publickey: "{{ vapp['guestinfo.rootsshkey'] }}"
         version: "{{ components.clusterapi.workload.version.k8s }}"
         vip: "{{ vapp['workloadcluster.vip'] }}"
diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/templates/clusterctl.j2 b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/templates/clusterctl.j2
index c0898c9..184da82 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/templates/clusterctl.j2
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/templates/clusterctl.j2
@@ -28,11 +28,11 @@ VSPHERE_STORAGE_POLICY: ""
 VSPHERE_NETWORK: "{{ _template.hv.network }}"
 VSPHERE_RESOURCE_POOL: "{{ _template.hv.resourcepool }}"
 VSPHERE_FOLDER: ""
-VSPHERE_TEMPLATE: "{{ _template.hv.nodetemplate }}"
+
+VSPHERE_TEMPLATE: "{{ _template.cluster.nodetemplate }}"
+VSPHERE_SSH_AUTHORIZED_KEY: "{{ _template.cluster.publickey }}"
 
 KUBERNETES_VERSION: "{{ _template.cluster.version }}"
 CONTROL_PLANE_ENDPOINT_IP: "{{ _template.cluster.vip }}"
 VIP_NETWORK_INTERFACE: "ens192"
 EXP_CLUSTER_RESOURCE_SET: "true"
-
-VSPHERE_SSH_AUTHORIZED_KEY: "{{ _template.cluster.publickey }}"
diff --git a/ansible/roles/metacluster/tasks/staging.yml b/ansible/roles/metacluster/tasks/staging.yml
index c156091..4f621c7 100644
--- a/ansible/roles/metacluster/tasks/staging.yml
+++ b/ansible/roles/metacluster/tasks/staging.yml
@@ -12,10 +12,7 @@
     version: "{{ platform.gitops.repository.revision }}"
     dest: /opt/metacluster/git-repositories/gitops
 
-- name: Download node-template images
+- name: Download node-template image
   ansible.builtin.uri:
-    url: "{{ item.url }}"
-    dest: /opt/workloadcluster/node-templates/{{ downstream.node_templates.prefix }}{{ item.name }}
-  loop: "{{ downstream.node_templates.images }}"
-  loop_control:
-    label: "{{ downstream.node_templates.prefix }}{{ item.name }}"
+    url: "{{ downstream.node_template.image.url }}"
+    dest: /opt/workloadcluster/node-templates/{{ downstream.node_template.image.name }}
diff --git a/ansible/vars/workloadcluster.yml b/ansible/vars/workloadcluster.yml
index e28b66b..db508e3 100644
--- a/ansible/vars/workloadcluster.yml
+++ b/ansible/vars/workloadcluster.yml
@@ -1,8 +1,7 @@
 downstream:
 
-  node_templates:
-    prefix: ClusterAPITemplate_
-    images:
+  node_template:
+    image:
       # Refer to `https://github.com/kubernetes-sigs/cluster-api-provider-vsphere/blob/v1.3.5/README.md#kubernetes-versions-with-published-ovas` for a list of supported node templates
-      - url: https://storage.googleapis.com/capv-images/release/v1.23.5/ubuntu-2004-kube-v1.23.5.ova
-        name: ubuntu-2004-kube-v1.23.5.ova
+      url: https://storage.googleapis.com/capv-images/release/v1.23.5/ubuntu-2004-kube-v1.23.5.ova
+      name: ubuntu-2004-kube-v1.23.5.ova