diff --git a/manifests/function/ephemeral/secret.yaml b/manifests/function/ephemeral/secret.yaml
index 6ee397e28..fa35d04d4 100644
--- a/manifests/function/ephemeral/secret.yaml
+++ b/manifests/function/ephemeral/secret.yaml
@@ -124,28 +124,31 @@ stringData:
     bootcmd:
     - NEED_MB=16384 # MB of storage needed for ironic images & bindmounts
     - FREE_MB=$(df -m --output=avail /var/lib | tail -n 1)
-    # if there's not enough memory-backed storage, mount an available disk
-    - if [ ${FREE_MB} -lt ${NEED_MB} ]; then
-    -   mkdir /mnt/ephemeral
-        # Use vda if provided by a hypervisor
-    -   if [ -e /dev/vda ]; then
-    -     mkfs.ext4 /dev/vda
-    -     mount /dev/vda /mnt/ephemeral
-        # Fall back to sda
-    -   elif [ -e /dev/sda ]; then
-    -     mkfs.ext4 -F /dev/sda
-    -     mount /dev/sda /mnt/ephemeral
-    -   else
-    -     echo "Not enough RAM to host images, and no available disks found"
-    -     exit 1
-    -   fi
-    -   mkdir -p /opt/metal3-dev-env/ironic/html/images
-    -   mkdir -p /mnt/ephemeral/opt/metal3-dev-env/ironic/html/images
-    -   mount --bind /mnt/ephemeral/opt/metal3-dev-env/ironic/html/images /opt/metal3-dev-env/ironic/html/images
-    -   mkdir -p /var/lib/docker /mnt/ephemeral/var/lib/docker
-    -   mount --bind /mnt/ephemeral/var/lib/docker /var/lib/docker
-    -   mkdir -p /var/lib/docker-engine /mnt/ephemeral/var/lib/docker-engine
-    -   mount --bind /mnt/ephemeral/var/lib/docker-engine /var/lib/docker-engine
-    -   mkdir -p /mnt/ephemeral/var/lib/kubelet/ /var/lib/kubelet/
-    -   mount --bind /mnt/ephemeral/var/lib/kubelet/ /var/lib/kubelet/
+    - mkdir /mnt/ephemeral
+      # if there's enough memory-backed storage, mount an available disk
+    - if [ ${FREE_MB} -ge ${NEED_MB} ]; then
+    -   mkdir -p /var/lib/images
+    -   truncate -s ${NEED_MB}M /var/lib/images/ephemeral.img
+    -   mkfs.ext4 /var/lib/images/ephemeral.img
+    -   mount /var/lib/images/ephemeral.img /mnt/ephemeral
+      # Use vda if provided by a hypervisor
+    - elif [ -e /dev/vda ]; then
+    -   mkfs.ext4 /dev/vda
+    -   mount /dev/vda /mnt/ephemeral
+      # Fall back to sda
+    - elif [ -e /dev/sda ]; then
+    -   mkfs.ext4 -F /dev/sda
+    -   mount /dev/sda /mnt/ephemeral
+    - else
+    -   echo "Not enough RAM to host images, and no available disks found"
+    -   exit 1
     - fi
+    - mkdir -p /opt/metal3-dev-env/ironic/html/images
+    - mkdir -p /mnt/ephemeral/opt/metal3-dev-env/ironic/html/images
+    - mount --bind /mnt/ephemeral/opt/metal3-dev-env/ironic/html/images /opt/metal3-dev-env/ironic/html/images
+    - mkdir -p /var/lib/docker /mnt/ephemeral/var/lib/docker
+    - mount --bind /mnt/ephemeral/var/lib/docker /var/lib/docker
+    - mkdir -p /var/lib/docker-engine /mnt/ephemeral/var/lib/docker-engine
+    - mount --bind /mnt/ephemeral/var/lib/docker-engine /var/lib/docker-engine
+    - mkdir -p /mnt/ephemeral/var/lib/kubelet/ /var/lib/kubelet/
+    - mount --bind /mnt/ephemeral/var/lib/kubelet/ /var/lib/kubelet/