diff --git a/.pipelines/npm/npm-conformance-tests.yaml b/.pipelines/npm/npm-conformance-tests.yaml
index 21a347e33a..ae68233dc0 100644
--- a/.pipelines/npm/npm-conformance-tests.yaml
+++ b/.pipelines/npm/npm-conformance-tests.yaml
@@ -108,7 +108,7 @@ stages:
             IS_STRESS_TEST: "false"
           v2-linux-stress:
             AZURE_CLUSTER: "conformance-v2-linux-stress"
-            PROFILE: "v2-background"
+            PROFILE: "v2-linux-stress"
             IS_STRESS_TEST: "true"
           v2-place-first:
             AZURE_CLUSTER: "conformance-v2-place-first"
@@ -123,6 +123,7 @@ stages:
         RESOURCE_GROUP: $[ stagedependencies.setup.setup.outputs['EnvironmentalVariables.RESOURCE_GROUP'] ]
         TAG: $[ stagedependencies.setup.setup.outputs['EnvironmentalVariables.TAG'] ]
         FQDN: empty
+        PUBLIC_IP_NAME: $(RESOURCE_GROUP)-$(PROFILE)-public-ip
       steps:
         - checkout: self
 
@@ -137,6 +138,23 @@ stages:
               echo created RG $(RESOURCE_GROUP) in $(LOCATION)
               az version
 
+        - task: AzureCLI@2
+          displayName: "Create public IP with a service tag"
+          inputs:
+            azureSubscription: $(BUILD_VALIDATIONS_SERVICE_CONNECTION)
+            scriptType: "bash"
+            scriptLocation: "inlineScript"
+            inlineScript: |
+              az network public-ip create \
+                --name $(PUBLIC_IP_NAME) \
+                --resource-group $(RESOURCE_GROUP) \
+                --allocation-method Static \
+                --ip-tags 'FirstPartyUsage=/DelegatedNetworkControllerTest' \
+                --location $(LOCATION) \
+                --sku Standard \
+                --tier Regional \
+                --version IPv4
+
         - task: AzureCLI@2
           displayName: "Deploy NPM to Test Cluster"
           inputs:
@@ -150,6 +168,9 @@ stages:
               chmod +x kubectl
               echo Cluster $(AZURE_CLUSTER)
               echo Resource $(RESOURCE_GROUP)
+              echo Public IP $(PUBLIC_IP_NAME)
+              export PUBLIC_IP_ID=$(az network public-ip show -g $(RESOURCE_GROUP) -n $(PUBLIC_IP_NAME) --query id -o tsv)
+              echo Public IP ID $PUBLIC_IP_ID
 
               if [[ $(AZURE_CLUSTER) == *ws22 ]] # * is used for pattern matching
               then
@@ -166,7 +187,8 @@ stages:
                     --network-plugin azure \
                     --vm-set-type VirtualMachineScaleSets \
                     --node-vm-size Standard_D4s_v3 \
-                    --node-count 1
+                    --node-count 1 \
+                    --load-balancer-outbound-ips $PUBLIC_IP_ID
 
                 if [ $? != 0 ]
                 then
@@ -213,7 +235,8 @@ stages:
                 az aks create --no-ssh-key \
                 --resource-group $(RESOURCE_GROUP) \
                 --name $(AZURE_CLUSTER) \
-                --network-plugin azure
+                --network-plugin azure \
+                --load-balancer-outbound-ips $PUBLIC_IP_ID
 
                 if [ $? != 0 ]
                 then
diff --git a/.pipelines/npm/npm-scale-test.yaml b/.pipelines/npm/npm-scale-test.yaml
index 99d13007b1..f297d27baf 100644
--- a/.pipelines/npm/npm-scale-test.yaml
+++ b/.pipelines/npm/npm-scale-test.yaml
@@ -139,6 +139,19 @@ jobs:
             echo "Creating resource group named $(RESOURCE_GROUP)"
             az group create --name $(RESOURCE_GROUP) -l $(LOCATION) -o table
 
+            export PUBLIC_IP_NAME=$(RESOURCE_GROUP)-$(PROFILE)-public-ip
+            echo "Creating public IP with a service tag named $PUBLIC_IP_NAME"
+            az network public-ip create \
+                --name $PUBLIC_IP_NAME \
+                --resource-group $(RESOURCE_GROUP) \
+                --allocation-method Static \
+                --ip-tags 'FirstPartyUsage=/DelegatedNetworkControllerTest' \
+                --location $(LOCATION) \
+                --sku Standard \
+                --tier Regional \
+                --version IPv4
+            export PUBLIC_IP_ID=$(az network public-ip show -g $(RESOURCE_GROUP) -n $PUBLIC_IP_NAME --query id -o tsv)
+
             export CLUSTER_NAME=$(RESOURCE_GROUP)-$(PROFILE)
             echo "Creating cluster named $CLUSTER_NAME"
             az aks create \
@@ -152,7 +165,8 @@ jobs:
                 --node-vm-size Standard_D4s_v3 \
                 --node-count 1 \
                 --tier standard \
-                --max-pods 100
+                --max-pods 100 \
+                --load-balancer-outbound-ips $PUBLIC_IP_ID
 
             echo "Getting credentials to $CLUSTER_NAME"
             az aks get-credentials -g $(RESOURCE_GROUP) -n $CLUSTER_NAME --overwrite-existing --file ./kubeconfig
diff --git a/npm/azure-npm.yaml b/npm/azure-npm.yaml
index 137a2c5665..a19a1b974e 100644
--- a/npm/azure-npm.yaml
+++ b/npm/azure-npm.yaml
@@ -112,7 +112,6 @@ spec:
             - name: tmp
               mountPath: /tmp
       hostNetwork: true
-      hostUsers: false
       nodeSelector:
         kubernetes.io/os: linux
       volumes:
diff --git a/npm/examples/azure-npm-lite.yaml b/npm/examples/azure-npm-lite.yaml
index 37339b0598..cbd8666536 100644
--- a/npm/examples/azure-npm-lite.yaml
+++ b/npm/examples/azure-npm-lite.yaml
@@ -112,7 +112,6 @@ spec:
             - name: tmp
               mountPath: /tmp
       hostNetwork: true
-      hostUsers: false
       nodeSelector:
         kubernetes.io/os: linux
       volumes: