diff --git a/molecule/default/tasks/apply.yml b/molecule/default/tasks/apply.yml
index d47ed276..1dd49e17 100644
--- a/molecule/default/tasks/apply.yml
+++ b/molecule/default/tasks/apply.yml
@@ -316,16 +316,13 @@
           - containerPort: 8080
             name: http
             protocol: TCP
-
-    - name: Remove the serviceaccount
-      k8s:
-        state: absent
-        definition:
-          apiVersion: v1
-          kind: ServiceAccount
-          metadata:
-            name: apply-deploy
-            namespace: "{{ apply_namespace }}"
+        k8s_pod_resources:
+          requests:
+            cpu: 100m
+            memory: 100Mi
+          limits:
+            cpu: 100m
+            memory: 100Mi
 
     - name: Update the earlier deployment
       k8s:
@@ -351,6 +348,53 @@
           - containerPort: 8080
             name: http
             protocol: TCP
+        k8s_pod_resources:
+          requests:
+            cpu: 50m
+          limits:
+            cpu: 50m
+            memory: 50Mi
+
+    - name: Remove the serviceaccount
+      k8s:
+        state: absent
+        definition:
+          apiVersion: v1
+          kind: ServiceAccount
+          metadata:
+            name: apply-deploy
+            namespace: "{{ apply_namespace }}"
+
+    - name: Apply deployment after service account removed
+      k8s:
+        definition:
+          apiVersion: apps/v1
+          kind: Deployment
+          metadata:
+            name: apply-deploy
+            namespace: "{{ apply_namespace }}"
+          spec:
+            replicas: 1
+            selector:
+              matchLabels:
+                app: "{{ k8s_pod_name }}"
+            template: "{{ k8s_pod_template }}"
+        wait: yes
+        apply: yes
+      vars:
+        k8s_pod_name: apply-deploy
+        k8s_pod_image: gcr.io/kuar-demo/kuard-amd64:v0.10.0-green
+        k8s_pod_service_account: apply-deploy
+        k8s_pod_ports:
+          - containerPort: 8080
+            name: http
+            protocol: TCP
+        k8s_pod_resources:
+          requests:
+            cpu: 50m
+          limits:
+            cpu: 50m
+            memory: 50Mi
       register: deploy_after_serviceaccount_removal
       ignore_errors: yes
 
diff --git a/molecule/default/tasks/waiter.yml b/molecule/default/tasks/waiter.yml
index 98ee6416..92d1adc7 100644
--- a/molecule/default/tasks/waiter.yml
+++ b/molecule/default/tasks/waiter.yml
@@ -229,6 +229,12 @@
             protocol: TCP
       register: update_deploy
 
+    # It looks like the Deployment is updated to have the desired state *before* the pods are terminated
+    # Wait a couple of seconds to allow the old pods to at least get to Terminating state
+    - name: Avoid race condition
+      pause:
+        seconds: 2
+
     - name: Get updated pods
       k8s_info:
         api_version: v1
diff --git a/molecule/default/vars/main.yml b/molecule/default/vars/main.yml
index 2fdaa77f..069a0139 100644
--- a/molecule/default/vars/main.yml
+++ b/molecule/default/vars/main.yml
@@ -15,14 +15,17 @@ k8s_pod_spec:
         exec:
           command:
             - /bin/true
-      resources:
-        limits:
-          cpu: "100m"
-          memory: "100Mi"
+      resources: "{{ k8s_pod_resources }}"
       ports: "{{ k8s_pod_ports }}"
 
+
 k8s_pod_service_account: default
 
+k8s_pod_resources:
+  limits:
+    cpu: "100m"
+    memory: "100Mi"
+
 k8s_pod_command: []
 
 k8s_pod_ports: []