diff --git a/roles/k3s/post/tasks/main.yml b/roles/k3s/post/tasks/main.yml
index e79d558..ee93888 100644
--- a/roles/k3s/post/tasks/main.yml
+++ b/roles/k3s/post/tasks/main.yml
@@ -6,7 +6,8 @@
     owner: root
     group: root
     mode: 0644
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Copy metallb namespace manifest to first master
   template:
@@ -15,7 +16,8 @@
     owner: root
     group: root
     mode: 0644
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Copy metallb CRs manifest to first master
   template:
@@ -24,7 +26,8 @@
     owner: root
     group: root
     mode: 0644
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Copy metallb main manifest to first master
   template:
@@ -33,36 +36,42 @@
     owner: root
     group: root
     mode: 0644
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Apply metallb-system namespace
   command: >-
     k3s kubectl apply -f /tmp/k3s/metallb-namespace.yaml
   changed_when: true
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Test metallb-system namespace
   command: >-
     k3s kubectl -n metallb-system
   changed_when: true
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Apply metallb crds and service
   command: >-
     k3s kubectl apply -f /tmp/k3s/metallb.yaml
   changed_when: true
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Wait for metallb controller to be running
   command: >-
     kubectl wait deployment -n metallb-system controller --for condition=Available=True --timeout=60s
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Wait for metallb webhook service to be running
   command: >-
     kubectl wait -n metallb-system --for=jsonpath='{.status.phase}'=Running pods \
     --selector component=controller --timeout=60s
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 # TODO:// if there is a race condition, we'll have to manually wait here
 # - name: Wait for all metallb services to come up
@@ -73,49 +82,57 @@
   command: >-
     kubectl wait pods -n metallb-system --for condition=Ready \
     --selector component=controller,app=metallb --timeout=60s
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Wait for the metallb controller readyReplicas
   command: >-
     kubectl wait -n metallb-system --for=jsonpath='{.status.readyReplicas}'=1 replicasets \
       --selector component=controller,app=metallb --timeout=60s
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Wait for the metallb controller fullyLabeledReplicas
   command: >-
     kubectl wait -n metallb-system --for=jsonpath='{.status.fullyLabeledReplicas}'=1 replicasets \
       --selector component=controller,app=metallb --timeout=60s
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Wait for the metallb  controller availableReplicas
   command: >-
     kubectl wait -n metallb-system --for=jsonpath='{.status.availableReplicas}'=1 replicasets \
       --selector component=controller,app=metallb --timeout=60s
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Test metallb-system webhook-service endpoint
   command: >-
     k3s kubectl -n metallb-system get endpoints webhook-service
   changed_when: true
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Apply metallb CRs
   command: >-
     k3s kubectl apply -f /tmp/k3s/metallb-crs.yaml
   changed_when: true
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Test metallb-system IPAddressPool
   command: >-
     k3s kubectl -n metallb-system get IPAddressPool
   changed_when: true
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Test metallb-system L2Advertisement
   command: >-
     k3s kubectl -n metallb-system get L2Advertisement
   changed_when: true
-  when: ansible_host == hostvars[groups['master'][0]]['ansible_host'] | default(groups['master'][0])
+  with_items: "{{ groups['master'] }}"
+  run_once: true
 
 - name: Remove tmp director used for manifests
   file: