diff --git a/.github/workflows/runner-selector.yml b/.github/workflows/runner-selector.yml
new file mode 100644
index 000000000..5c7907582
--- /dev/null
+++ b/.github/workflows/runner-selector.yml
@@ -0,0 +1,48 @@
+---
+name: Create output for `runs-on` variable
+
+on:
+  workflow_call:
+    inputs:
+      runner_env:
+        description: 'The environment input from caller workflow'
+        default: 'SMS Lab'
+        required: True
+        type: string
+    outputs:
+      runner_name_image_build:
+        description: "Image builder runner name"
+        value: ${{ jobs.define_runner.outputs.image-build-runner }}
+      runner_name_container_image_build:
+        description: "Container image build runner name"
+        value: ${{ jobs.define_runner.outputs.container-image-build-runner }}
+      runner_name_aio:
+        description: "AiO runner name"
+        value: ${{ jobs.define_runner.outputs.aio-runner }}
+
+jobs:
+  define_runner:
+    environment: ${{ inputs.runner_env }}
+    runs-on: ubuntu-latest
+    outputs:
+      image-build-runner: ${{ steps.builder-runner.outputs.runner_name_image_build }}
+      container-image-build-runner: ${{ steps.container-image-build-runner.outputs.runner_name_container_image_build }}
+      aio-runner: ${{ steps.aio-runner.outputs.runner_name_aio }}
+    steps:
+      - name: Set output for image builder runner
+        run: echo "Setting runner for ${{ inputs.runner_env }} -> ${{ vars.RUNS_ON_TARGET_IMAGE_BUILDER }}"
+
+      - id: builder-runner
+        run: echo "runner_name_image_build=${{ vars.RUNS_ON_TARGET_IMAGE_BUILDER }}" >> $GITHUB_OUTPUT
+
+      - name: Set output for container image build runner
+        run: echo "Setting runner for ${{ inputs.runner_env }} -> ${{ vars.RUNS_ON_TARGET_CONTAINER_IMAGE_BUILDER }}"
+        
+      - id: container-image-build-runner
+        run: echo "runner_name_container_image_build=${{ vars.RUNS_ON_TARGET_CONTAINER_IMAGE_BUILDER }}" >> $GITHUB_OUTPUT
+
+      - name: Set output for aio runner
+        run: echo "Setting runner for ${{ inputs.runner_env }} -> ${{ vars.RUNS_ON_TARGET_AIO }}"
+
+      - id: aio-runner
+        run: echo "runner_name_aio=${{ vars.RUNS_ON_TARGET_AIO }}" >> $GITHUB_OUTPUT
diff --git a/.github/workflows/stackhpc-container-image-build.yml b/.github/workflows/stackhpc-container-image-build.yml
index 2642b90b6..059731283 100644
--- a/.github/workflows/stackhpc-container-image-build.yml
+++ b/.github/workflows/stackhpc-container-image-build.yml
@@ -38,6 +38,13 @@ on:
         type: boolean
         required: false
         default: false
+      runner_env:
+        description: Which cloud to run on?
+        type: choice
+        default: SMS Lab
+        options:
+          - SMS Lab
+          - Leafcloud
 
 env:
   ANSIBLE_FORCE_COLOR: True
@@ -101,10 +108,15 @@ jobs:
         run: |
           echo "${{ steps.datetime_tag.outputs.datetime_tag }}"
 
+  runner-selection:
+    uses: ./.github/workflows/runner-selector.yml
+    with:
+      runner_env: ${{ inputs.runner_env }}
+
   container-image-build:
     name: Build Kolla container images
     if: github.repository == 'stackhpc/stackhpc-kayobe-config'
-    runs-on: arc-skc-container-image-builder-runner
+    runs-on: ${{ needs.runner-selection.outputs.runner_name_container_image_build }}
     timeout-minutes: 720
     permissions: {}
     strategy:
@@ -112,6 +124,7 @@ jobs:
       matrix: ${{ fromJson(needs.generate-tag.outputs.matrix) }}
     needs:
       - generate-tag
+      - runner-selection
     steps:
       - name: Install package dependencies
         run: |
diff --git a/etc/kayobe/ansible/pulp-artifact-upload.yml b/etc/kayobe/ansible/pulp-artifact-upload.yml
index 47dc70ebe..450d5348a 100644
--- a/etc/kayobe/ansible/pulp-artifact-upload.yml
+++ b/etc/kayobe/ansible/pulp-artifact-upload.yml
@@ -19,6 +19,15 @@
         patterns: "{{ file_regex }}"
       register: found_files
 
+    - name: Install pip packages
+      ansible.builtin.pip:
+        name:
+          - pyopenssl
+          - ndg-httpsclient
+          - pyasn1
+          - urllib3
+        state: present
+
     - name: Upload an artifact
       pulp.squeezer.artifact:
         pulp_url: "{{ remote_pulp_url }}"
diff --git a/terraform/aio/vm.tf b/terraform/aio/vm.tf
index 8113a5912..8f3bbe31d 100644
--- a/terraform/aio/vm.tf
+++ b/terraform/aio/vm.tf
@@ -62,6 +62,7 @@ resource "openstack_compute_instance_v2" "kayobe-aio" {
   flavor_name  = var.aio_vm_flavor
   config_drive = true
   user_data    = templatefile("templates/userdata.cfg.tpl", {ssh_public_key = file(var.ssh_public_key)})
+  security_groups = ["kayobe-runner"]
   network {
     name = var.aio_vm_network
   }