diff --git a/salt/pillars/rancher.sls b/salt/pillars/rancher.sls
index 06e9e5d..db61946 100644
--- a/salt/pillars/rancher.sls
+++ b/salt/pillars/rancher.sls
@@ -1,7 +1,5 @@
 rancher:
   root_password: rancher
-  ram: 2048
+  ram: 4096
   vcpus: 2
-  url: docker.io/rancher/rancher
-  tag: v2.6.2
   bootstrapPassword: rancher
diff --git a/update.sh b/update.sh
index 30bafbe..cf63f19 100755
--- a/update.sh
+++ b/update.sh
@@ -305,6 +305,61 @@ storage:
       contents:
         inline: |
           rancher.${SALT_network_domain}
+    - path: /root/rancher_install.sh
+      mode: 0700
+      overwrite: true
+      contents:
+        inline: |
+          #!/bin/bash
+          # Fix DNS to point to admin server
+          sed -i 's/^NETCONFIG_DNS_STATIC_SERVERS=""/NETCONFIG_DNS_STATIC_SERVERS="172.18.0.1"/' /etc/sysconfig/network/config
+          netconfig update -f
+          
+          echo "Installing k3s"
+          curl -sfL https://get.k3s.io | sh -
+          
+          echo "Waiting for k3s to be healthy"
+          while ! kubectl get cs &> /dev/null;do sleep 1; done
+          
+          echo "fetching Helm"
+          cd /root/bin
+          if [[ -f helm ]]; then
+              HELM_CURRENT=\$(./helm version | sed -n 's/.*Version:"\(v[0-9]*\.[0-9]*\.[0-9]*\)".*/\1/p')
+          else
+              HELM_CURRENT="N/A"
+          fi
+          HELM_STABLE="\$(curl -Ls https://github.com/helm/helm/releases | egrep 'href="/helm/helm/releases/tag/v[0-9]+.[0-9]+.[0-9]+\"' |  head -n 1 | sed -n 's/.*tag\/\(v.*\)" data.*/\1/p')"
+          echo "Installed version:     \$HELM_CURRENT"
+          echo "Latest stable version: \$HELM_STABLE"
+          if [[ "\$HELM_CURRENT" != "\$HELM_STABLE" ]]; then
+              echo "updating to \$HELM_STABLE"
+              curl -LO https://get.helm.sh/helm-\$HELM_STABLE-linux-amd64.tar.gz
+              tar xvzf helm-\$HELM_STABLE-linux-amd64.tar.gz --strip-components=1 linux-amd64/helm
+              rm helm-\$HELM_STABLE-linux-amd64.tar.gz
+          fi
+          echo ""
+          
+          
+          echo "installing cert-manager"
+          helm repo add jetstack https://charts.jetstack.io
+          helm repo update
+          helm --kubeconfig /etc/rancher/k3s/k3s.yaml install cert-manager jetstack/cert-manager \\
+            --namespace cert-manager \\
+            --create-namespace \\
+            --set installCRDs=true \\
+            --version v1.5.1
+          kubectl wait --for=condition=available --timeout=600s deployment/cert-manager --namespace cert-manager
+          
+          echo "installing rancher"
+          helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
+          helm repo update
+          kubectl create namespace cattle-system
+          helm --kubeconfig /etc/rancher/k3s/k3s.yaml install rancher rancher-latest/rancher \\
+            --namespace cattle-system \\
+            --set hostname=rancher.${SALT_network_domain} \\
+            --set bootstrapPassword=${SALT_rancher_bootstrapPassword} \\
+            --set replicas=1
+
 EOF
 
     # Create the ignition file
@@ -314,6 +369,8 @@ EOF
     else
         sudo podman run -i --rm quay.io/coreos/fcct:release --pretty --strict < $HOME/rancherVM.yaml > $HOME/rancherVM.ign
     fi
+    
+    [[ -d "$HOME"/.kube ]] || mkdir "$HOME"/.kube
 
     #create the rancher VM
     sudo virt-install --import --connect qemu:///system \
@@ -322,7 +379,7 @@ EOF
 	--vcpus "$SALT_rancher_vcpus" \
 	--disk size=20,backing_store=/var/lib/libvirt/images/openSUSE-MicroOS.x86_64-ContainerHost-kvm-and-xen.qcow2,bus=virtio \
 	--os-variant=opensusetumbleweed \
-	--network bridge=br0,model=virtio,mac=E8:01:F0:52:2E:E2\
+	--network bridge=br0,model=virtio \
 	--noautoconsole \
 	--graphics spice,listen=127.0.0.1 \
 	--qemu-commandline="-fw_cfg name=opt/com.coreos/config,file=$HOME/rancherVM.ign"
@@ -335,27 +392,10 @@ EOF
     printf "\nAdding rancher VM into ssh known_hosts\n"
     ssh-keyscan -H "rancher.${SALT_network_domain}" >> $HOME/.ssh/known_hosts
     ssh-keyscan -H "${SALT_network_ip%.*}.${SALT_network_hosts_rancher}" >> $HOME/.ssh/known_hosts
-    echo "Setting DNS server"
-    ssh root@rancher."${SALT_network_domain}" sed -i "s/^NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"${SALT_network_ip}\"/" /etc/sysconfig/network/config
-
-    #TODO: need to reboot guest for some reason, stop answering to ping in this stage
-    #TODO: need to investigate why
-    echo "Reboot rancher VM"
-    sudo virsh destroy rancher
-    sleep 5
-    sudo virsh start rancher
-        printf "%s" "Waiting for rancher VM ssh to come up"
-    while ! nc -z rancher."${SALT_network_domain}" 22 &> /dev/null; do
-        printf "%c" "."
-        sleep 1
-    done
-
-    echo "Installing k3s"
-    ssh root@rancher."${SALT_network_domain}" 'bash -c "curl -sfL https://get.k3s.io | sh -"'
-    echo "Waiting for k3s to be healthy"
-    ssh root@rancher."${SALT_network_domain}" 'bash -c "while ! kubectl get cs &> /dev/null;do sleep 1; done"'
-
-
+    ssh root@rancher."${SALT_network_domain}" /root/rancher_install.sh
+    ssh root@rancher."${SALT_network_domain}" cat /etc/rancher/k3s/k3s.yaml > $HOME/.kube/rancher.yaml
+    sed -i "s/127.0.0.1/${SALT_network_ip%.*}.${SALT_network_hosts_rancher}/g" $HOME/.kube/rancher.yaml
+    sed -i 's/default/rancher/g' $HOME/.kube/rancher.yaml
 }
 
 #########################