diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/secrets.yml b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/secrets.yml
index edee085..9fcc875 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/secrets.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/metacluster/tasks/secrets.yml
@@ -7,46 +7,46 @@
     kubeconfig: "{{ kubeconfig.path }}"
     # values: "{{ components.sealedsecrets.chart_values }}"
 
-- name: Store hypervisor details in configmap/secret
-  kubernetes.core.k8s:
-    state: present
-    template: "{{ item.kind }}.j2"
-    kubeconfig: "{{ kubeconfig.path }}"
-  vars:
-    _template:
-      name: "{{ item.name }}"
-      namespace: "{{ item.namespace }}"
-      annotations: "{{ item.annotations | default('{}') | indent(width=4, first=True) }}"
-      labels: "{{ item.labels | default('{}') | indent(width=4, first=True) }}"
-      data: "{{ item.data }}"
-  loop:
-    - name: hypervisor-credentials
-      namespace: kube-system
-      kind: secret
-      data:
-        - key: HV_FQDN
-          value: "{{ vapp['hv.fqdn'] | b64encode }}"
-        - key: HV_USERNAME
-          value: "{{ vapp['hv.username'] | b64encode }}"
-        - key: HV_PASSWORD
-          value: "{{ vapp['hv.password'] | b64encode }}"
-    - name: hypervisor-ippool
-      namespace: kube-system
-      kind: configmap
-      data:
-        - key: VAPP_MOREF
-          value: "{{ moref_id }}"
-        - key: VAPP_IPPOOL_FQDN
-          value: "{{ vapp['metacluster.fqdn'] }}"
-        - key: VAPP_IPPOOL_NETWORK
-          value: "{{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('network') }}"
-        - key: VAPP_IPPOOL_NETMASK
-          value: "{{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('netmask') }}"
-        - key: VAPP_IPPOOL_DNSSERVER
-          value: "{{ vapp['guestinfo.dnsserver'] }}"
-        - key: VAPP_IPPOOL_GATEWAY
-          value: "{{ vapp['guestinfo.gateway'] }}"
-        - key: VAPP_IPPOOL_RANGE
-          value: "{{ vapp['ippool.startip'] + '#' + (vapp['ippool.startip'] | netaddr_iter_iprange(vapp['ippool.endip']) | length | string) }}"
-  loop_control:
-    label: "{{ item.kind + '/' + item.name + ' (' + item.namespace + ')' }}"
+# - name: Store hypervisor details in configmap/secret
+#   kubernetes.core.k8s:
+#     state: present
+#     template: "{{ item.kind }}.j2"
+#     kubeconfig: "{{ kubeconfig.path }}"
+#   vars:
+#     _template:
+#       name: "{{ item.name }}"
+#       namespace: "{{ item.namespace }}"
+#       annotations: "{{ item.annotations | default('{}') | indent(width=4, first=True) }}"
+#       labels: "{{ item.labels | default('{}') | indent(width=4, first=True) }}"
+#       data: "{{ item.data }}"
+#   loop:
+#     - name: hypervisor-credentials
+#       namespace: kube-system
+#       kind: secret
+#       data:
+#         - key: HV_FQDN
+#           value: "{{ vapp['hv.fqdn'] | b64encode }}"
+#         - key: HV_USERNAME
+#           value: "{{ vapp['hv.username'] | b64encode }}"
+#         - key: HV_PASSWORD
+#           value: "{{ vapp['hv.password'] | b64encode }}"
+#     - name: hypervisor-ippool
+#       namespace: kube-system
+#       kind: configmap
+#       data:
+#         - key: VAPP_MOREF
+#           value: "{{ moref_id }}"
+#         - key: VAPP_IPPOOL_FQDN
+#           value: "{{ vapp['metacluster.fqdn'] }}"
+#         - key: VAPP_IPPOOL_NETWORK
+#           value: "{{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('network') }}"
+#         - key: VAPP_IPPOOL_NETMASK
+#           value: "{{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('netmask') }}"
+#         - key: VAPP_IPPOOL_DNSSERVER
+#           value: "{{ vapp['guestinfo.dnsserver'] }}"
+#         - key: VAPP_IPPOOL_GATEWAY
+#           value: "{{ vapp['guestinfo.gateway'] }}"
+#         - key: VAPP_IPPOOL_RANGE
+#           value: "{{ vapp['ippool.startip'] + '#' + (vapp['ippool.startip'] | netaddr_iter_iprange(vapp['ippool.endip']) | length | string) }}"
+#   loop_control:
+#     label: "{{ item.kind + '/' + item.name + ' (' + item.namespace + ')' }}"
diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
index bfd3821..109d69e 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/clusterapi.yml
@@ -25,6 +25,21 @@
         version: "{{ components.clusterapi.workload.version.k8s }}"
         vip: "{{ vapp['workloadcluster.vip'] }}"
 
+- name: Update image references to use local registry
+  ansible.builtin.replace:
+    dest: "{{ item.root + '/' + item.path }}"
+    regexp: '([ ]+image:[ "]+)(?!({{ _template.pattern }}|"{{ _template.pattern }}))'
+    replace: '\1{{ _template.pattern }}'
+  vars:
+    _template:
+      pattern: registry.{{ vapp['metacluster.fqdn'] }}/library/
+  loop: "{{ lookup('community.general.filetree', '/opt/metacluster/wip') }}"
+  loop_control:
+    label: "{{ item.path }}"
+  when:
+    - item.path is search('.yaml')
+    - item.path is not search("clusterctl.yaml|metadata.yaml")
+
 - name: Initialize Cluster API management cluster
   ansible.builtin.shell:
     cmd: >-
@@ -35,18 +50,3 @@
         --config ./clusterctl.yaml \
         --kubeconfig {{ kubeconfig.path }}
     chdir: /opt/metacluster/cluster-api
-
-# - name: Update image references to use local registry
-#   # This should ASAP be changed to be idempotent!
-#   # ansible.builtin.lineinfile:
-#   #   path: "{{ item.root + '/' + item.path }}"
-#   #   regexp: (.*image:[ "]+)(.*)
-#   #   line: \g<1>registry.{{ vapp['metacluster.fqdn'] }}/library/\g<2>
-#   # loop: "{{ lookup('community.general.filetree', '/opt/metacluster/cluster-api') }}"
-#   # when:
-#   #   - item.path | match('.yaml')
-#   #   - not (item.path | search("clusterctl.yaml|metadata.yaml"))
-#   ansible.builtin.shell:
-#     cmd: >-
-#       find . -type f | xargs -I {} sed -r 's|(image:[ "]+)|\1registry.{{ vapp['metacluster.fqdn'] }}/library/|' -i {}
-#     chdir: /opt/metacluster/cluster-api
diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/hypervisor.yml b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/hypervisor.yml
index a83da4c..1fbe035 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/hypervisor.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/hypervisor.yml
@@ -55,3 +55,20 @@
   loop: "{{ govc_inventory.results }}"
   loop_control:
     label: "{{ item.item.attribute }}"
+
+- name: Configure network protocol profile on hypervisor
+  ansible.builtin.shell:
+    cmd: >-
+      npp-prepper \
+        --server {{ vapp['hv.fqdn'] }} \
+        --username {{ vapp['hv.username'] }} \
+        --password {{ vapp['hv.password'] }} \
+        dc \
+        --name {{ vcenter_info.datacenter }} \
+        --portgroup {{ vcenter_info.network }} \
+        --startaddress {{ vapp['ippool.startip'] }} \
+        --endaddress {{ vapp['ippool.endip'] }} \
+        --netmask {{ (vapp['guestinfo.ipaddress'] + '/' + vapp['guestinfo.prefixlength']) | ansible.utils.ipaddr('netmask') }} \
+        {{ vapp['guestinfo.dnsserver'] | split(',') | map('trim') | map('regex_replace', '^', '--dnsserver ') | join(' ') }} \
+        --dnsdomain {{ vapp['metacluster.fqdn'] }} \
+        --gateway {{ vapp['guestinfo.gateway'] }}
diff --git a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml
index 522290d..658b6d7 100644
--- a/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml
+++ b/ansible/roles/firstboot/files/ansible_payload/roles/workloadcluster/tasks/nodetemplates.yml
@@ -40,13 +40,14 @@
     - name: Add vApp properties on deployed VM's
       ansible.builtin.shell:
         cmd: >-
-          vappprop-manager \
+          npp-prepper \
             --server {{ vapp['hv.fqdn'] }} \
             --username {{ vapp['hv.username'] }} \
             --password {{ vapp['hv.password'] }} \
+            vm \
             --datacenter {{ vcenter_info.datacenter }} \
-            --network {{ vcenter_info.network }} \
-            --virtualmachine {{ item.instance.hw_name }}
+            --portgroup {{ vcenter_info.network }} \
+            --name {{ item.instance.hw_name }}
       when: existing_ova.results[index] is failed
       loop: "{{ ova_deploy.results }}"
       loop_control:
diff --git a/ansible/vars/metacluster.yml b/ansible/vars/metacluster.yml
index c13ab0c..ceeee5b 100644
--- a/ansible/vars/metacluster.yml
+++ b/ansible/vars/metacluster.yml
@@ -211,7 +211,7 @@ dependencies:
     - kubernetes.core
 
   container_images:
-    - vmware/powerclicore:12.7
+    # - vmware/powerclicore:12.7
     # The following list is generated by running the following commands:
     #   $ clusterctl init -i vsphere:<version> [...]
     #   $ clusterctl generate cluster <name> [...] | yq eval '.data.data' | yq --no-doc eval '.. | .image? | select(.)' | sort -u
@@ -246,8 +246,8 @@ dependencies:
       extra_opts: --strip-components=2
     - filename: yq
       url: http://github.com/mikefarah/yq/releases/download/v4.30.5/yq_linux_amd64
-    - filename: vappprop-manager
-      url: https://code.spamasaurus.com/api/packages/djpbessems/generic/vappprop-manager/v0.3.2/vappprop-manager
+    - filename: npp-prepper
+      url: https://code.spamasaurus.com/api/packages/djpbessems/generic/npp-prepper/v0.4.3/npp-prepper
 
   packages:
     apt: