diff --git a/webhosting-operator/.run/experiment.run.xml b/webhosting-operator/.run/experiment (kind).run.xml
similarity index 67%
rename from webhosting-operator/.run/experiment.run.xml
rename to webhosting-operator/.run/experiment (kind).run.xml
index dead68f1..cd85374f 100644
--- a/webhosting-operator/.run/experiment.run.xml
+++ b/webhosting-operator/.run/experiment (kind).run.xml	
@@ -1,8 +1,11 @@
 <component name="ProjectRunConfigurationManager">
-  <configuration default="false" name="experiment" type="GoApplicationRunConfiguration" factoryName="Go Application">
+  <configuration default="false" name="experiment (kind)" type="GoApplicationRunConfiguration" factoryName="Go Application">
     <module name="kubernetes-controller-sharding" />
     <working_directory value="$PROJECT_DIR$/webhosting-operator" />
     <parameters value="reconcile" />
+    <envs>
+      <env name="KUBECONFIG" value="$PROJECT_DIR$/webhosting-operator/dev/kind_kubeconfig.yaml" />
+    </envs>
     <kind value="PACKAGE" />
     <package value="github.com/timebertt/kubernetes-controller-sharding/webhosting-operator/cmd/experiment" />
     <directory value="$PROJECT_DIR$" />
diff --git a/webhosting-operator/.run/webhosting-operator process (kind).run.xml b/webhosting-operator/.run/webhosting-operator (kind).run.xml
similarity index 85%
rename from webhosting-operator/.run/webhosting-operator process (kind).run.xml
rename to webhosting-operator/.run/webhosting-operator (kind).run.xml
index 2deca6af..fcb34ddf 100644
--- a/webhosting-operator/.run/webhosting-operator process (kind).run.xml	
+++ b/webhosting-operator/.run/webhosting-operator (kind).run.xml	
@@ -1,5 +1,5 @@
 <component name="ProjectRunConfigurationManager">
-  <configuration default="false" name="webhosting-operator process (kind)" type="GoApplicationRunConfiguration" factoryName="Go Application">
+  <configuration default="false" name="webhosting-operator (kind)" type="GoApplicationRunConfiguration" factoryName="Go Application">
     <module name="kubernetes-controller-sharding" />
     <working_directory value="$PROJECT_DIR$/webhosting-operator" />
     <envs>
diff --git a/webhosting-operator/Makefile b/webhosting-operator/Makefile
index d2ee606a..864a5478 100644
--- a/webhosting-operator/Makefile
+++ b/webhosting-operator/Makefile
@@ -51,7 +51,7 @@ manifests: $(CONTROLLER_GEN) ## Generate WebhookConfiguration, ClusterRole and C
 	$(CONTROLLER_GEN) rbac:roleName=operator crd paths="./..." output:rbac:artifacts:config=config/manager/rbac output:crd:artifacts:config=config/manager/crds
 
 .PHONY: generate
-generate: $(CONTROLLER_GEN) ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
+generate: $(CONTROLLER_GEN) modules ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
 	$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..."
 	hack/update-codegen.sh
 
diff --git a/webhosting-operator/config/experiment/base/job.yaml b/webhosting-operator/config/experiment/base/job.yaml
index 03ee2325..d3863c62 100644
--- a/webhosting-operator/config/experiment/base/job.yaml
+++ b/webhosting-operator/config/experiment/base/job.yaml
@@ -14,6 +14,9 @@ spec:
         image: experiment:latest
         args:
         - --zap-log-level=info
+        env:
+        - name: DISABLE_HTTP2
+          value: "true"
         ports:
         - name: metrics
           containerPort: 8080
diff --git a/webhosting-operator/config/external-dns/patch-deployment.yaml b/webhosting-operator/config/external-dns/patch-deployment.yaml
index 5d2aa40d..359d1fd7 100644
--- a/webhosting-operator/config/external-dns/patch-deployment.yaml
+++ b/webhosting-operator/config/external-dns/patch-deployment.yaml
@@ -18,7 +18,7 @@ spec:
         - --google-zone-visibility=public
         - --policy=sync
         - --registry=txt
-        - --txt-owner-id=shoot--timebertt--sharding-0e61b9e9-b7ce-4a71-a502-89f366015617-ond-460a37
+        - --txt-owner-id=shoot--timebertt--sharding-d657103c-eb4f-4a02-9af3-8ee7dc8d6e12-ond-82dc04
         - --interval=1m
         # ensure the records are not owned by short-lived acme solvers managed by cert-manager or website ingresses
         - --label-filter=acme.cert-manager.io/http01-solver!=true,app!=website
diff --git a/webhosting-operator/config/manager/default/manager.yaml b/webhosting-operator/config/manager/default/manager.yaml
index e355f4a1..8bfd11e3 100644
--- a/webhosting-operator/config/manager/default/manager.yaml
+++ b/webhosting-operator/config/manager/default/manager.yaml
@@ -18,6 +18,9 @@ spec:
         image: controller:latest
         args:
         - --zap-log-level=info
+        env:
+        - name: DISABLE_HTTP2
+          value: "true"
         ports:
         - name: metrics
           containerPort: 8080
diff --git a/webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml b/webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml
index fe8eda77..7468ff71 100644
--- a/webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml
+++ b/webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml
@@ -28,4 +28,4 @@ spec:
     mutate:
       patchStrategicMerge:
         spec:
-          replicas: 1
+          replicas: 4
diff --git a/webhosting-operator/config/policy/controlplane/kube-apiserver.yaml b/webhosting-operator/config/policy/controlplane/kube-apiserver.yaml
index f74ab6a3..cd98ea64 100644
--- a/webhosting-operator/config/policy/controlplane/kube-apiserver.yaml
+++ b/webhosting-operator/config/policy/controlplane/kube-apiserver.yaml
@@ -29,7 +29,7 @@ spec:
     mutate:
       patchStrategicMerge:
         spec:
-          replicas: 1
+          replicas: 4
   # set static requests/limits on kube-apiserver to ensure similar evaluation environment between load test runs
   - name: resources
     match:
diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/kyverno-test.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/kyverno-test.yaml
index 92042fe1..bec2c941 100644
--- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/kyverno-test.yaml
+++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/kyverno-test.yaml
@@ -2,7 +2,7 @@ name: kube-apiserver-scale-awake
 policies:
 - ../../kube-apiserver-scale.yaml
 resources:
-# spec.replicas=2 -> expect spec.replicas=1
+# spec.replicas=2 -> expect spec.replicas=4
 - scale.yaml
 variables: variables.yaml
 results:
diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/scale_expected.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/scale_expected.yaml
index 9a8da48c..817f8bb9 100644
--- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/scale_expected.yaml
+++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/scale_expected.yaml
@@ -4,4 +4,4 @@ metadata:
   name: kube-apiserver
   namespace: shoot--timebertt--sharding
 spec:
-  replicas: 1
+  replicas: 4
diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-awake_expected.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-awake_expected.yaml
index 07c91f7b..86097fee 100644
--- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-awake_expected.yaml
+++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-awake_expected.yaml
@@ -7,7 +7,7 @@ metadata:
   name: kube-apiserver-awake
   namespace: shoot--timebertt--sharding
 spec:
-  replicas: 1
+  replicas: 4
   template:
     spec:
       containers:
diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-null_expected.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-null_expected.yaml
index 0901cc6a..b61d5fa1 100644
--- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-null_expected.yaml
+++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-null_expected.yaml
@@ -7,7 +7,7 @@ metadata:
   name: kube-apiserver-null
   namespace: shoot--timebertt--sharding
 spec:
-  replicas: 1
+  replicas: 4
   template:
     spec:
       containers:
diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kyverno-test.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kyverno-test.yaml
index 0185af6a..7aec544b 100644
--- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kyverno-test.yaml
+++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kyverno-test.yaml
@@ -2,9 +2,9 @@ name: kube-apiserver
 policies:
 - ../../kube-apiserver.yaml
 resources:
-# spec.replicas=2 -> expect spec.replicas=1
+# spec.replicas=2 -> expect spec.replicas=4
 - kube-apiserver-awake.yaml
-# spec.replicas=null -> expect spec.replicas=1
+# spec.replicas=null -> expect spec.replicas=4
 - kube-apiserver-null.yaml
 # spec.replicas=0 -> expect skip
 - kube-apiserver-hibernated.yaml
diff --git a/webhosting-operator/config/policy/default/kustomization.yaml b/webhosting-operator/config/policy/default/kustomization.yaml
deleted file mode 100644
index e609fb24..00000000
--- a/webhosting-operator/config/policy/default/kustomization.yaml
+++ /dev/null
@@ -1,4 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-
-resources: []
diff --git a/webhosting-operator/config/policy/shoot/kustomization.yaml b/webhosting-operator/config/policy/shoot/kustomization.yaml
index f94da50c..50bf8242 100644
--- a/webhosting-operator/config/policy/shoot/kustomization.yaml
+++ b/webhosting-operator/config/policy/shoot/kustomization.yaml
@@ -2,7 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
 resources:
-- ../default
 - experiment-scheduling.yaml
 - scale-up-worker-experiment.yaml
 - webhosting-operator-scheduling.yaml
diff --git a/webhosting-operator/hack/update-codegen.sh b/webhosting-operator/hack/update-codegen.sh
index 14fba620..5819bcb4 100755
--- a/webhosting-operator/hack/update-codegen.sh
+++ b/webhosting-operator/hack/update-codegen.sh
@@ -29,7 +29,7 @@ EOF
 fi
 
 # fetch code-generator module to execute the scripts from the modcache (we don't vendor here)
-CODE_GENERATOR_DIR="$(go list -tags tools -f '{{ .Dir }}' k8s.io/code-generator)"
+CODE_GENERATOR_DIR="$(go list -m -tags tools -f '{{ .Dir }}' k8s.io/code-generator)"
 
 rm -f ${GOPATH}/bin/*-gen
 
diff --git a/webhosting-operator/shoot.yaml b/webhosting-operator/shoot.yaml
index c9d79fd8..43dfaab2 100644
--- a/webhosting-operator/shoot.yaml
+++ b/webhosting-operator/shoot.yaml
@@ -18,7 +18,7 @@ spec:
       nodeCIDRMaskSize: 20
     kubeProxy:
       mode: IPTables
-    version: "1.25"
+    version: "1.26"
     verticalPodAutoscaler:
       enabled: true
   maintenance:
diff --git a/webhosting-operator/skaffold.yaml b/webhosting-operator/skaffold.yaml
index 50ff0ecc..c015b65d 100644
--- a/webhosting-operator/skaffold.yaml
+++ b/webhosting-operator/skaffold.yaml
@@ -21,18 +21,6 @@ metadata:
 requires:
 - configs:
   - kyverno
-manifests:
-  kustomize:
-    paths:
-    - config/policy/default
-deploy:
-  kubectl:
-    defaultNamespace: ""
-    flags:
-      apply:
-      - --server-side
-      - --force-conflicts
-  statusCheck: false
 profiles:
 - name: shoot
   activation:
@@ -41,6 +29,14 @@ profiles:
     kustomize:
       paths:
       - config/policy/shoot
+  deploy:
+    kubectl:
+      defaultNamespace: ""
+      flags:
+        apply:
+        - --server-side
+        - --force-conflicts
+    statusCheck: false
 ---
 apiVersion: skaffold/v4beta6
 kind: Config