diff --git a/confluent_osdeploy/common/opt/confluent/bin/apiclient b/confluent_osdeploy/common/opt/confluent/bin/apiclient
index af66b7aa..5a526c19 100644
--- a/confluent_osdeploy/common/opt/confluent/bin/apiclient
+++ b/confluent_osdeploy/common/opt/confluent/bin/apiclient
@@ -100,6 +100,9 @@ class HTTPSClient(client.HTTPConnection, object):
         self.sock = ctx.wrap_socket(psock, server_hostname=host)
 
     def grab_url(self, url, data=None, returnrsp=False):
+        return self.grab_url_with_status(url, data, returnrsp)[1]
+
+    def grab_url_with_status(self, url, data=None, returnrsp=False):
         if data:
             method = 'POST'
         else:
@@ -108,9 +111,9 @@ class HTTPSClient(client.HTTPConnection, object):
         rsp = self.getresponse()
         if rsp.status >= 200 and rsp.status < 300:
             if returnrsp:
-                return rsp
+                return rsp.status, rsp
             else:
-                return rsp.read()
+                return rsp.status, rsp.read()
         raise Exception(rsp.read())
 
 if __name__ == '__main__':
@@ -121,8 +124,26 @@ if __name__ == '__main__':
     if len(sys.argv) == 1:
         HTTPSClient()
         sys.exit(0)
-    if sys.argv[-2] == '-o':
-        with open(sys.argv[3], 'wb') as outf:
+    try:
+        outbin = sys.argv.index('-o')
+        sys.argv.pop(outbin)
+        outbin = sys.argv.pop(outbin)
+    except ValueError:
+        outbin = None
+    try:
+        waitfor = sys.argv.index('-w')
+        sys.argv.pop(waitfor)
+        waitfor = int(sys.argv.pop(waitfor))
+    except ValueError:
+        waitfor = None
+    try:
+        data = sys.argv.index('-d')
+        sys.argv.pop(data)
+        data = sys.argv.pop(data)
+    except ValueError:
+        data = None
+    if outbin:
+        with open(outbin, 'wb') as outf:
             reader = HTTPSClient(json=json).grab_url(
                 sys.argv[1], data, returnrsp=True)
             chunk = reader.read(16384)
@@ -130,8 +151,13 @@ if __name__ == '__main__':
                 outf.write(chunk)
                 chunk = reader.read(16384)
         sys.exit(0)
-    elif len(sys.argv) > 2 and not os.path.exists(sys.argv[-1]):
-        data = sys.argv[-1]
-    if os.path.exists(sys.argv[-1]):
+    if len(sys.argv) > 2 and os.path.exists(sys.argv[-1]):
         data = open(sys.argv[-1]).read()
-    sys.stdout.write(HTTPSClient(json=json).grab_url(sys.argv[1], data).decode())
+    if waitfor:
+        client = HTTPSClient(json=json)
+        status = 201
+        while status != waitfor:
+            status, rsp = client.grab_url_with_status(sys.argv[1], data)
+            sys.stdout.write(rsp.decode())
+    else:
+        sys.stdout.write(HTTPSClient(json=json).grab_url(sys.argv[1], data).decode())
diff --git a/confluent_osdeploy/el8/profiles/default/ansible/firstboot.d/README.txt b/confluent_osdeploy/el8/profiles/default/ansible/firstboot.d/README.txt
new file mode 100644
index 00000000..97e5f506
--- /dev/null
+++ b/confluent_osdeploy/el8/profiles/default/ansible/firstboot.d/README.txt
@@ -0,0 +1,25 @@
+Ansible playbooks ending in .yml or .yaml that are placed into this directory will be executed at the
+appropriate phase of the install process.
+
+The 'hosts' may be omitted, and if included will be ignored, replaced with the host that is specifically
+requesting the playbooks be executed.
+
+Also, the playbooks will be executed on the deployment server. Hence it may be slower in aggregate than
+running content under scripts/ which ask much less of the deployment server
+
+Here is an example of what a playbook would look like broadly:
+
+- name: Example
+  gather_facts: no
+  tasks:
+       - name: Example1
+         lineinfile:
+           path: /etc/hosts
+           line: 1.2.3.4 test1
+           create: yes
+       - name: Example2
+         lineinfile:
+           path: /etc/hosts
+           line: 1.2.3.5 test2
+           create: yes
+
diff --git a/confluent_osdeploy/el8/profiles/default/ansible/post.d/README.txt b/confluent_osdeploy/el8/profiles/default/ansible/post.d/README.txt
new file mode 100644
index 00000000..97e5f506
--- /dev/null
+++ b/confluent_osdeploy/el8/profiles/default/ansible/post.d/README.txt
@@ -0,0 +1,25 @@
+Ansible playbooks ending in .yml or .yaml that are placed into this directory will be executed at the
+appropriate phase of the install process.
+
+The 'hosts' may be omitted, and if included will be ignored, replaced with the host that is specifically
+requesting the playbooks be executed.
+
+Also, the playbooks will be executed on the deployment server. Hence it may be slower in aggregate than
+running content under scripts/ which ask much less of the deployment server
+
+Here is an example of what a playbook would look like broadly:
+
+- name: Example
+  gather_facts: no
+  tasks:
+       - name: Example1
+         lineinfile:
+           path: /etc/hosts
+           line: 1.2.3.4 test1
+           create: yes
+       - name: Example2
+         lineinfile:
+           path: /etc/hosts
+           line: 1.2.3.5 test2
+           create: yes
+
diff --git a/confluent_osdeploy/el8/profiles/default/scripts/firstboot.sh b/confluent_osdeploy/el8/profiles/default/scripts/firstboot.sh
index a1c10d82..9f073b80 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/firstboot.sh
+++ b/confluent_osdeploy/el8/profiles/default/scripts/firstboot.sh
@@ -19,6 +19,9 @@ run_remote firstboot.custom
 run_remote_parts firstboot
 
 
+# Induce execution of remote configuration, e.g. ansible plays in ansible/firstboot.d/
+run_remote_config firstboot
+
 curl -X POST -d 'status: complete' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/updatestatus
 systemctl disable firstboot
 rm /etc/systemd/system/firstboot.service
diff --git a/confluent_osdeploy/el8/profiles/default/scripts/functions b/confluent_osdeploy/el8/profiles/default/scripts/functions
index 65407850..1c517124 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/functions
+++ b/confluent_osdeploy/el8/profiles/default/scripts/functions
@@ -73,3 +73,21 @@ run_remote_python() {
     cd - > /dev/null
     return $retcode
 }
+
+run_remote_config() {
+    echo
+    set_confluent_vars
+    apiclient=/opt/confluent/bin/apiclient
+    if [ -f /etc/confluent/apiclient ]; then
+        apiclient=/etc/confluent/apiclient
+    fi
+    echo '---------------------------------------------------------------------------'
+    echo Requesting to run remote configuration for "'$*'" from $mgr under profile $profile
+    /usr/libexec/platform-python $apiclient /confluent-api/self/remoteconfig/"$*" -d {}
+    /usr/libexec/platform-python $apiclient /confluent-api/self/remoteconfig/status -w 204
+    echo
+    echo 'Completed remote configuration
+    echo '---------------------------------------------------------------------------'
+    return
+}
+
diff --git a/confluent_osdeploy/el8/profiles/default/scripts/post.sh b/confluent_osdeploy/el8/profiles/default/scripts/post.sh
index 0bac726b..ca3f351e 100644
--- a/confluent_osdeploy/el8/profiles/default/scripts/post.sh
+++ b/confluent_osdeploy/el8/profiles/default/scripts/post.sh
@@ -8,8 +8,6 @@ chmod og-rwx /etc/confluent/*
 export mgr profile nodename
 . /etc/confluent/functions
 
-curl -X POST -d 'status: staged' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/updatestatus
-
 
 if [ -f /tmp/cryptboot ]; then
     run_remote tpm_luks.sh
@@ -36,3 +34,7 @@ run_remote post.custom
 
 # Also, scripts may be placed into 'post.d', e.g. post.d/01-runfirst.sh, post.d/02-runsecond.sh
 run_remote_parts post
+
+# Induce execution of remote configuration, e.g. ansible plays in ansible/post.d/
+run_remote_config post
+curl -X POST -d 'status: staged' -H "CONFLUENT_NODENAME: $nodename" -H "CONFLUENT_APIKEY: $apikey" https://$mgr/confluent-api/self/updatestatus