diff --git a/Makefile b/Makefile
index f7cc54625..491031c46 100644
--- a/Makefile
+++ b/Makefile
@@ -26,10 +26,14 @@ endif
 # Image URL to use all building/pushing image targets
 IMAGE_NAME := cluster-api-provider-maas-controller
 REGISTRY ?= "us-east1-docker.pkg.dev/spectro-images/dev/${USER}/cluster-api"
-SPECTRO_VERSION ?= 4.0.0-dev-29082025
+SPECTRO_VERSION ?= 4.0.0-dev-18102025-01
 IMG_TAG ?= v0.6.1-spectro-${SPECTRO_VERSION}
 CONTROLLER_IMG ?= ${REGISTRY}/${IMAGE_NAME}
 
+
+LXD_IMAGE_NAME ?= "lxd-initializer"
+LXD_CONTROLLER_IMG ?= ${REGISTRY}/${LXD_IMAGE_NAME}
+
 # Set --output-base for conversion-gen if we are not within GOPATH
 ifneq ($(abspath $(REPO_ROOT)),$(shell go env GOPATH)/src/github.com/spectrocloud/cluster-api-provider-maas)
 	GEN_OUTPUT_BASE := --output-base=$(REPO_ROOT)
@@ -213,17 +217,14 @@ version: ## Prints version of current make
 # --------------------------------------------------------------------
 # LXD-initializer image (privileged DaemonSet)
 # --------------------------------------------------------------------
-INIT_IMAGE_NAME ?= "lxd-initializer"
-INIT_IMG_TAG    ?= $(IMG_TAG)          # reuse the same tag as controller
-INIT_DRI_IMG    ?= us-east1-docker.pkg.dev/spectro-images/dev/$(USER)/cluster-api/$(INIT_IMAGE_NAME):$(INIT_IMG_TAG)
 
 .PHONY: lxd-initializer-docker-build
 lxd-initializer-docker-build: ## Build LXD initializer image
 	docker buildx build --load --platform linux/$(ARCH) \
 	    -f lxd-initializer/Dockerfile \
 	    ${BUILD_ARGS} \
-	    lxd-initializer -t $(INIT_DRI_IMG)
+	    lxd-initializer -t $(LXD_CONTROLLER_IMG):$(IMG_TAG)
 
 .PHONY: lxd-initializer-docker-push
 lxd-initializer-docker-push: ## Push LXD initializer image
-	docker push $(INIT_DRI_IMG)
\ No newline at end of file
+	docker push $(LXD_CONTROLLER_IMG):$(IMG_TAG)
\ No newline at end of file
diff --git a/controllers/templates/lxd_initializer_ds.yaml b/controllers/templates/lxd_initializer_ds.yaml
index 38176c9df..3662a8617 100644
--- a/controllers/templates/lxd_initializer_ds.yaml
+++ b/controllers/templates/lxd_initializer_ds.yaml
@@ -29,32 +29,29 @@ spec:
         effect: "NoSchedule"
       initContainers:
       - name: ensure-lxd
-        image: ubuntu:22.04
+        image: us-east1-docker.pkg.dev/spectro-images/cluster-api/lxd-initializer:v0.6.1-spectro-4.7.13
+        imagePullPolicy: IfNotPresent
         command:
-        - /bin/bash
+        - /bin/sh
         - -c
         - |
           set -ex
-          if ! command -v lxd >/dev/null 2>&1; then
-            echo "LXD not present, installing via snap";
-            apt-get update;
-            apt-get install -y snapd systemd;
-            systemctl enable --now snapd.socket;
-            snap install lxd --channel=5.0/stable;
-          fi
-          echo "Ensuring LXD daemon is running on host";
-          if nsenter -t 1 -m -p -- systemctl is-active --quiet snap.lxd.daemon; then
-            echo "LXD daemon already active";
+          # Install LXD on host if missing (operate only via nsenter on the host)
+          if nsenter -t 1 -m -p -- test -x /snap/bin/lxd; then
+            echo "LXD present on host"
           else
-            echo "Starting LXD daemon via host systemd";
-            nsenter -t 1 -m -p -- systemctl start snap.lxd.daemon || snap start --enable lxd.daemon;
+            echo "Installing LXD via snap on host"
+            nsenter -t 1 -m -p -- sh -c 'command -v apt-get >/dev/null 2>&1 && apt-get update || true'
+            nsenter -t 1 -m -p -- sh -c 'command -v apt-get >/dev/null 2>&1 && apt-get install -y snapd systemd || true'
+            nsenter -t 1 -m -p -- systemctl enable --now snapd.socket || true
+            nsenter -t 1 -m -p -- snap install lxd --channel=5.0/stable
           fi
+          # Ensure daemon running
+          nsenter -t 1 -m -p -- sh -c 'systemctl is-active --quiet snap.lxd.daemon || systemctl start snap.lxd.daemon || snap start --enable lxd.daemon'
           # Wait for LXD to report readiness (up to 5 minutes)
           echo "Waiting for LXD to become ready on host (timeout 5 min)…"
-          if ! nsenter -t 1 -m -p -- /snap/bin/lxd waitready --timeout 300 ; then
-            echo "LXD did not become ready after 5 minutes"; exit 1;
-          fi
-          echo "Host LXD is ready";
+          nsenter -t 1 -m -p -- /snap/bin/lxd waitready --timeout 300
+          echo "Host LXD is ready"
 
         securityContext:
           privileged: true
@@ -73,8 +70,8 @@ spec:
           mountPropagation: HostToContainer
       containers:
       - name: lxd-initializer
-        image: us-east1-docker.pkg.dev/spectro-images/dev/amit/cluster-api/lxd-initializer:v0.6.1-spectro-4.0.0-dev-17102025-01
-        imagePullPolicy: Always
+        image: us-east1-docker.pkg.dev/spectro-images/cluster-api/lxd-initializer:v0.6.1-spectro-4.7.13
+        imagePullPolicy: IfNotPresent
         securityContext:
           privileged: true
         env:
@@ -93,7 +90,7 @@ spec:
         - name: NIC_PARENT
           value: "${NIC_PARENT}"
         - name: STORAGE_SIZE
-          value: "${STORAGE_SIZE}"                   
+          value: "${STORAGE_SIZE}"
         - name: NETWORK_BRIDGE
           value: "${NETWORK_BRIDGE}"
         - name: SKIP_NETWORK_UPDATE
@@ -138,3 +135,11 @@ spec:
       serviceAccount: lxd-initializer
       serviceAccountName: lxd-initializer
       restartPolicy: Always
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: lxdhost.cluster.com/initialized
+                operator: NotIn
+                values: ["true"]
diff --git a/lxd-initializer/integration.md b/lxd-initializer/integration.md
index c8c9468bc..c0b08b1dd 100644
--- a/lxd-initializer/integration.md
+++ b/lxd-initializer/integration.md
@@ -67,11 +67,11 @@ make build
 make docker-push REGISTRY=<your-registry> TAG=<your-tag>
 
 # Update the DaemonSet manifest with your registry and tag
-sed -i 's/${REGISTRY}/<your-registry>/g' lxd-initializer-daemonset.yaml
-sed -i 's/${TAG}/<your-tag>/g' lxd-initializer-daemonset.yaml
+sed -i 's/${REGISTRY}/<your-registry>/g' ../controllers/templates/lxd_initializer_ds.yaml
+sed -i 's/${TAG}/<your-tag>/g' ../controllers/templates/lxd_initializer_ds.yaml
 
 # Apply the DaemonSet manifest
-kubectl apply -f lxd-initializer-daemonset.yaml
+kubectl apply -f ../controllers/templates/lxd_initializer_ds.yaml
 ```
 
 ### 2. Configure CAPMaaS to Use the DaemonSet
diff --git a/lxd-initializer/lxd-initializer-daemonset.yaml b/lxd-initializer/lxd-initializer-daemonset.yaml
deleted file mode 100644
index 496fdd785..000000000
--- a/lxd-initializer/lxd-initializer-daemonset.yaml
+++ /dev/null
@@ -1,71 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: lxd-initializer
-  namespace: capmaas-system
-  labels:
-    app: lxd-initializer
-    cluster.x-k8s.io/provider: infrastructure-maas
-spec:
-  selector:
-    matchLabels:
-      app: lxd-initializer
-  template:
-    metadata:
-      labels:
-        app: lxd-initializer
-    spec:
-      serviceAccountName: lxd-initializer
-      hostNetwork: true
-      hostPID: true
-      containers:
-      - name: lxd-initializer
-        image: us-east1-docker.pkg.dev/spectro-images/dev/amit/cluster-api/lxd-initializer:v0.6.1-spectro-4.0.0-dev-17102025-01
-        imagePullPolicy: Always
-        securityContext:
-          privileged: true
-        volumeMounts:
-        - name: var-lib-lxd
-          mountPath: /var/lib/lxd
-        - name: var-snap-lxd
-          mountPath: /var/snap/lxd
-        - name: run
-          mountPath: /run
-        - name: tmp
-          mountPath: /tmp
-        command:
-        - /lxd-initializer
-        args:
-        - --action=daemon
-        env:
-        - name: NODE_NAME
-          valueFrom:
-            fieldRef:
-              fieldPath: spec.nodeName
-        - name: NODE_IP
-          valueFrom:
-            fieldRef:
-              fieldPath: status.hostIP
-        - name: STORAGE_BACKEND
-          value: "zfs"
-        - name: NETWORK_BRIDGE
-          value: "br0"
-        - name: SKIP_NETWORK_UPDATE
-          value: "true"
-        - name: ZONE
-          value: "default"
-        - name: RESOURCE_POOL
-          value: "" # Auto-detect resource pool
-      volumes:
-      - name: var-lib-lxd
-        hostPath:
-          path: /var/lib/lxd
-      - name: var-snap-lxd
-        hostPath:
-          path: /var/snap/lxd
-      - name: run
-        hostPath:
-          path: /run
-      - name: tmp
-        hostPath:
-          path: /tmp 
\ No newline at end of file