diff --git a/.travis.yml b/.travis.yml
index 2687786..4b1b599 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -37,7 +37,12 @@ env:
 
     # Test multiple masters in control plane with PostgreSQL
     - MOLECULE_DISTRO: geerlingguy/docker-centos8-ansible:latest
-      MOLECULE_SCENATIO: highavailability
+      MOLECULE_SCENARIO: highavailability
+
+    # Test multiple masters in control plane with DQLite
+    - MOLECULE_DISTRO: geerlingguy/docker-centos8-ansible:latest
+      MOLECULE_SCENARIO: highavailability
+      MOLECULE_PLAYBOOK: playbook-dqlite.yml
 
 install:
   # Install test dependencies.
diff --git a/molecule/highavailability/molecule.yml b/molecule/highavailability/molecule.yml
index 83e4c58..03b5567 100644
--- a/molecule/highavailability/molecule.yml
+++ b/molecule/highavailability/molecule.yml
@@ -43,7 +43,7 @@ platforms:
     networks:
       - name: k3snet
   - name: loadbalancer
-    image: nginx:1.16-alpine
+    image: nginx:1.17-alpine
     pre_build_image: true
     ports:
       - "6443:6443"
diff --git a/molecule/highavailability/nginx-loadbalancer.conf b/molecule/highavailability/nginx-loadbalancer.conf
index 5c2464e..69b37b2 100644
--- a/molecule/highavailability/nginx-loadbalancer.conf
+++ b/molecule/highavailability/nginx-loadbalancer.conf
@@ -1,20 +1,34 @@
-events { }
+worker_processes 4;
+worker_rlimit_nofile 40000;
 
-http {
+events {
+    worker_connections 8192;
+}
+
+stream {
     # Set up our upstream of control (master) nodes. The default load balancing
     # algorithm for nginx is to round-robin. Perfect!
     upstream control_plane {
-        server node2:6443;
-        server node3:6443;
+        server node2:6443 max_fails=3 fail_timeout=5s;
+        server node3:6443 max_fails=3 fail_timeout=5s;
+    }
+
+    upstream control_plane_443 {
+        server node2:443 max_fails=3 fail_timeout=5s;
+        server node3:443 max_fails=3 fail_timeout=5s;
     }
 
     # Listen on port 6443, this is our default control plane port, then pass
     # all traffic to one of the control (master) nodes.
     server {
         listen 6443;
+        proxy_pass control_plane;
+    }
 
-        location / {
-            proxy_pass http://control_plane;
-        }
+    # Listen on port 443, this is our default ssl port, then pass
+    # all traffic to one of the control (master) nodes.
+    server {
+        listen 443;
+        proxy_pass control_plane_443;
     }
 }
diff --git a/molecule/highavailability/playbook-dqlite.yml b/molecule/highavailability/playbook-dqlite.yml
new file mode 100644
index 0000000..4d41510
--- /dev/null
+++ b/molecule/highavailability/playbook-dqlite.yml
@@ -0,0 +1,15 @@
+---
+- name: Converge
+  hosts: node*
+  become: true
+  vars:
+    molecule_is_test: true
+    k3s_dqlite_datastore: true
+    k3s_use_experimental: true
+  pre_tasks:
+    - name: Set each node to be a control node
+      set_fact:
+        k3s_control_node: true
+      when: inventory_hostname in ['node2', 'node3']
+  roles:
+    - role: xanmanning.k3s
diff --git a/tasks/build/configure-k3s-cluster.yml b/tasks/build/configure-k3s-cluster.yml
index 0ec7572..1db74ec 100644
--- a/tasks/build/configure-k3s-cluster.yml
+++ b/tasks/build/configure-k3s-cluster.yml
@@ -8,12 +8,14 @@
       @@@
       {{ hostvars[item].ansible_host | default(hostvars[item].ansible_fqdn) }}
       @@@
-      {{ hostvars[item].k3s_control_node }}
+      C_{{ hostvars[item].k3s_control_node }}
+      @@@
+      P_{{ hostvars[item].k3s_primary_control_node | default(False) }}
     create: true
   loop: "{{ play_hosts }}"
 
 - name: Lookup control node from file
-  command: "grep 'True' /tmp/inventory.txt"
+  command: "grep '{{ 'P_True' if (k3s_controller_count | length > 1) else 'C_True' }}' /tmp/inventory.txt"
   changed_when: false
   register: k3s_control_delegate_raw
 
diff --git a/templates/k3s.service.j2 b/templates/k3s.service.j2
index 8b1dfb5..89ebd1a 100644
--- a/templates/k3s.service.j2
+++ b/templates/k3s.service.j2
@@ -56,6 +56,23 @@ ExecStart={{ k3s_install_dir }}/k3s
     {% endif %}
     {% if k3s_datastore_endpoint is defined and k3s_datastore_endpoint %}
         --datastore-endpoint "{{ k3s_datastore_endpoint }}"
+        {% if k3s_datastore_cafile is defined and k3s_datastore_cafile %}
+            --datastore-cafile {{ k3s_datastore_cafile }}
+        {% endif %}
+        {% if k3s_datastore_certfile is defined and k3s_datastore_certfile %}
+            --datastore-certfile {{ k3s_datastore_certfile }}
+        {% endif %}
+        {% if k3s_datastore_keyfile is defined and k3s_datastore_keyfile %}
+            --datastore-keyfile {{ k3s_datastore_keyfile }}
+        {% endif %}
+    {% endif %}
+    {% if k3s_dqlite_datastore is defined and k3s_dqlite_datastore %}
+        {% if k3s_primary_control_node is defined and k3s_primary_control_node %}
+            --cluster-init
+        {% else %}
+            --server https://{{ k3s_control_node_address }}:{{ k3s_https_port }}
+            --token {{ k3s_control_token }}
+        {% endif %}
     {% endif %}
 {% else %}
     agent