diff --git a/roles/keycloak_quarkus/README.md b/roles/keycloak_quarkus/README.md
index 2ba3c99..a9dbea0 100644
--- a/roles/keycloak_quarkus/README.md
+++ b/roles/keycloak_quarkus/README.md
@@ -101,6 +101,9 @@ Role Defaults
 |`keycloak_quarkus_systemd_wait_for_log` | Whether systemd unit should wait for service to be up in logs | `false` |
 |`keycloak_quarkus_systemd_wait_for_timeout`| How long to wait for service to be alive (seconds) | `60` |
 |`keycloak_quarkus_systemd_wait_for_delay`| Activation delay for service systemd unit (seconds) | `10` |
+|`keycloak_quarkus_restart_strategy`| Strategy task file for restarting in HA (one of provided restart/['serial.yml','none.yml','serial_then_parallel.yml']) or path to file when providing custom strategy | `restart/serial.yml` |
+|`keycloak_quarkus_restart_health_check`| Whether to wait for successful health check after restart | `{{ keycloak_quarkus_ha_enabled }}` |
+|`keycloak_quarkus_restart_pause`| Seconds to wait between restarts in HA strategy | `15` |
 
 
 #### Hostname configuration
diff --git a/roles/keycloak_quarkus/defaults/main.yml b/roles/keycloak_quarkus/defaults/main.yml
index 0dde230..c152a20 100644
--- a/roles/keycloak_quarkus/defaults/main.yml
+++ b/roles/keycloak_quarkus/defaults/main.yml
@@ -154,7 +154,7 @@ keycloak_quarkus_providers: []
 keycloak_quarkus_policies: []
 keycloak_quarkus_supported_policy_types: ['password-blacklists']
 
-# files in restart directory (one of [ 'serial', 'none', 'verify_first' ]), or path to file when providing custom strategy
+# files in restart directory (one of [ 'serial', 'none', 'serial_then_parallel' ]), or path to file when providing custom strategy
 keycloak_quarkus_restart_strategy: restart/serial.yml
 keycloak_quarkus_restart_health_check: "{{ keycloak_quarkus_ha_enabled }}"
 keycloak_quarkus_restart_pause: 15
diff --git a/roles/keycloak_quarkus/meta/argument_specs.yml b/roles/keycloak_quarkus/meta/argument_specs.yml
index 01dbfb9..3e06525 100644
--- a/roles/keycloak_quarkus/meta/argument_specs.yml
+++ b/roles/keycloak_quarkus/meta/argument_specs.yml
@@ -433,12 +433,12 @@ argument_specs:
                 type: "bool"
             keycloak_quarkus_restart_health_check:
                 default: "{{ keycloak_quarkus_ha_enabled }}"
-                description: "Whether to wait on successful health check after restart"
+                description: "Whether to wait for successful health check after restart"
                 type: "bool"
             keycloak_quarkus_restart_strategy:
                 description: >
-                  Strategy task file for restarting in HA, one of [ 'serial', 'none', 'verify_first' ] below, or path to
-                  file when providing custom strategy
+                  Strategy task file for restarting in HA, one of restart/[ 'serial', 'none', 'serial_then_parallel' ].yml, or path to
+                  file when providing custom strategy; when keycloak_quarkus_ha_enabled and keycloak_quarkus_restart_health_check == true
                 default: "restart/serial.yml"
                 type: "str"
             keycloak_quarkus_restart_pause:
diff --git a/roles/keycloak_quarkus/tasks/restart.yml b/roles/keycloak_quarkus/tasks/restart.yml
index 9255114..bcb8c1d 100644
--- a/roles/keycloak_quarkus/tasks/restart.yml
+++ b/roles/keycloak_quarkus/tasks/restart.yml
@@ -15,3 +15,9 @@
   retries: 25
   delay: 10
   when: keycloak_quarkus_restart_health_check
+
+- name: Pause to give distributed ispn caches time to (re-)replicate back onto first host
+  ansible.builtin.pause:
+    seconds: "{{ keycloak_quarkus_restart_pause }}"
+  when:
+    - keycloak_quarkus_ha_enabled
diff --git a/roles/keycloak_quarkus/tasks/restart/serial.yml b/roles/keycloak_quarkus/tasks/restart/serial.yml
index 74e8e3b..d98dbf9 100644
--- a/roles/keycloak_quarkus/tasks/restart/serial.yml
+++ b/roles/keycloak_quarkus/tasks/restart/serial.yml
@@ -3,6 +3,9 @@
   throttle: 1
   loop: "{{ ansible_play_hosts }}"
   block:
-    - name: "Restart and enable {{ keycloak.service_name }} service on first host"
-      ansible.builtin.include_tasks: ../restart.yml
-      delegate_to: "{{ item }}"
+    - name: "Restart and enable {{ keycloak.service_name }} service on {{ item }}"
+      ansible.builtin.include_tasks:
+        file: ../restart.yml
+        apply:
+          delegate_to: "{{ item }}"
+          run_once: true
diff --git a/roles/keycloak_quarkus/tasks/restart/verify_first.yml b/roles/keycloak_quarkus/tasks/restart/serial_then_parallel.yml
similarity index 85%
rename from roles/keycloak_quarkus/tasks/restart/verify_first.yml
rename to roles/keycloak_quarkus/tasks/restart/serial_then_parallel.yml
index 64e2f53..372a302 100644
--- a/roles/keycloak_quarkus/tasks/restart/verify_first.yml
+++ b/roles/keycloak_quarkus/tasks/restart/serial_then_parallel.yml
@@ -1,5 +1,5 @@
 ---
-- name: Verify first restarted service with health URL, then rest in parallel
+- name: Verify first restarted service with health URL, then rest restart in parallel
   block:
     - name: "Restart and enable {{ keycloak.service_name }} service on first host"
       ansible.builtin.systemd:
@@ -28,7 +28,10 @@
         - keycloak_quarkus_ha_enabled
 
     - name: "Restart and enable {{ keycloak.service_name }} service on other hosts"
-      ansible.builtin.include_tasks: ../restart.yml
-      delegate_to: "{{ item }}"
-      loop: "{{ ansible_play_hosts }}"
+      ansible.builtin.systemd:
+        name: "{{ keycloak.service_name }}"
+        enabled: true
+        state: restarted
+        daemon_reload: true
+      become: true
       when: inventory_hostname != ansible_play_hosts | first