diff --git a/contrib/terraform/upcloud/README.md b/contrib/terraform/upcloud/README.md
index 21222f5b80e..eb1806d0dd0 100644
--- a/contrib/terraform/upcloud/README.md
+++ b/contrib/terraform/upcloud/README.md
@@ -71,7 +71,7 @@ terraform destroy --var-file cluster-settings.tfvars \
 * `template_name`: The name or UUID  of a base image
 * `username`: a user to access the nodes, defaults to "ubuntu"
 * `private_network_cidr`: CIDR to use for the private network, defaults to "172.16.0.0/24"
-* `private_network_dns`: DNS servers to use for nodes with only private network. Requires user_data and will recreate existing nodes. Defaults to `[]`
+* `dns_servers`: DNS servers that will be used by the nodes. Until [this is solved](https://github.com/UpCloudLtd/terraform-provider-upcloud/issues/562) this is done using user_data to reconfigure resolved. Defaults to `[]`
 * `use_public_ips`: If a NIC connencted to the Public network should be attached to all nodes by default. Can be overridden by `force_public_ip` if this is set to `false`. Defaults to `true`
 * `ssh_public_keys`: List of public SSH keys to install on all machines
 * `zone`: The zone where to run the cluster
@@ -82,7 +82,7 @@ terraform destroy --var-file cluster-settings.tfvars \
   * `mem`: memory size in MB
   * `disk_size`: The size of the storage in GB
   * `force_public_ip`: If `use_public_ips` is set to `false`, this forces a public NIC onto the machine anyway when set to `true`. Useful if you're migrating from public nodes to only private. Defaults to `false`
-  * `force_no_user_data`: If `private_network_dns` is set, existing nodes will be recreated since it will try to update their user_data. This forces this machine to not add the user_data and thus will not be recreated. Useful if you're migrating from public nodes to only private. Defaults to `false`
+  * `dns_servers`: This works the same way as the global `dns_severs` but only applies to a single node. If set to `[]` while the global `dns_servers` is set to something else, then it will not add the user_data and thus will not be recreated. Useful if you're migrating from public nodes to only private. Defaults to `null`
   * `additional_disks`: Additional disks to attach to the node.
     * `size`: The size of the additional disk in GB
     * `tier`: The tier of disk to use (`maxiops` is the only one you can choose atm)
@@ -166,6 +166,6 @@ terraform state rm -state=terraform.tfstate data.template_file.inventory
 ## Public to Private only migration
 
 Since there's no way to remove the public NIC on a machine without recreating its private NIC it's not possible to inplace change a cluster to only use private IPs.
-The way to migrate is to first set `use_public_ips` to `false`, `private_network_dns` to some DNS servers and then update all existing servers to have `force_public_ip` set to `true` and `force_no_user_data` set to `true`.
-After that you can add new nodes without `force_public_ip` and `force_no_user_data` set and create them.
+The way to migrate is to first set `use_public_ips` to `false`, `dns_servers` to some DNS servers and then update all existing servers to have `force_public_ip` set to `true` and `dns_severs` set to `[]`.
+After that you can add new nodes without `force_public_ip` and `dns_servers` set and create them.
 Add the new nodes into the cluster and when all of them are added, remove the old nodes.
diff --git a/contrib/terraform/upcloud/main.tf b/contrib/terraform/upcloud/main.tf
index 8dec8c59282..cc542a6fbfb 100644
--- a/contrib/terraform/upcloud/main.tf
+++ b/contrib/terraform/upcloud/main.tf
@@ -20,7 +20,7 @@ module "kubernetes" {
   username      = var.username
 
   private_network_cidr = var.private_network_cidr
-  private_network_dns  = var.private_network_dns
+  dns_servers          = var.dns_servers
   use_public_ips       = var.use_public_ips
 
   machines = var.machines
diff --git a/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf b/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
index a42090246c7..6904256de9f 100644
--- a/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
+++ b/contrib/terraform/upcloud/modules/kubernetes-cluster/main.tf
@@ -80,14 +80,17 @@ locals {
       }
   }
   
-  node_user_data = <<EOF
-%{ if length(var.private_network_dns) > 0 ~}
+  node_user_data = {
+    for name, machine in var.machines :
+      name => <<EOF
+%{ if ( length(machine.dns_servers != null ? machine.dns_servers : [] ) > 0 ) || ( length(var.dns_servers) > 0 && machine.dns_servers == null ) ~}
 #!/bin/bash
-echo -e "[Resolve]\nDNS=${ join(" ",var.private_network_dns) }" > /etc/systemd/resolved.conf
+echo -e "[Resolve]\nDNS=${ join(" ", length(machine.dns_servers != null ? machine.dns_servers : []) > 0 ? machine.dns_servers : var.dns_servers) }" > /etc/systemd/resolved.conf
 
 systemctl restart systemd-resolved
 %{ endif ~}
 EOF
+  }
 }
 
 resource "upcloud_network" "private" {
@@ -178,9 +181,8 @@ resource "upcloud_server" "master" {
     create_password = false
   }
 
-  metadata = !each.value.force_no_user_data && local.node_user_data != "" ? true : null
-
-  user_data = !each.value.force_no_user_data && local.node_user_data != "" ? local.node_user_data : null
+  metadata = local.node_user_data[each.key] != "" ? true : null
+  user_data = local.node_user_data[each.key] != "" ? local.node_user_data[each.key] : null
 }
 
 resource "upcloud_server" "worker" {
@@ -244,9 +246,8 @@ resource "upcloud_server" "worker" {
     create_password = false
   }
 
-  metadata = !each.value.force_no_user_data && local.node_user_data != "" ? true : null
-
-  user_data = !each.value.force_no_user_data && local.node_user_data != "" ? local.node_user_data : null
+  metadata = local.node_user_data[each.key] != "" ? true : null
+  user_data = local.node_user_data[each.key] != "" ? local.node_user_data[each.key] : null
 }
 
 resource "upcloud_server" "bastion" {
diff --git a/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf b/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf
index f2c30afb1e3..eeb1a70c4f3 100644
--- a/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf
+++ b/contrib/terraform/upcloud/modules/kubernetes-cluster/variables.tf
@@ -20,7 +20,7 @@ variable "username" {}
 
 variable "private_network_cidr" {}
 
-variable "private_network_dns" {}
+variable "dns_servers" {}
 
 variable "use_public_ips" {}
 
@@ -34,7 +34,7 @@ variable "machines" {
     disk_size = number
     server_group : string
     force_public_ip : optional(bool, false)
-    force_no_user_data : optional(bool, false)
+    dns_servers : optional(set(string))
     additional_disks = map(object({
       size = number
       tier = string
diff --git a/contrib/terraform/upcloud/variables.tf b/contrib/terraform/upcloud/variables.tf
index 0356955cf9b..a4ec44efc77 100644
--- a/contrib/terraform/upcloud/variables.tf
+++ b/contrib/terraform/upcloud/variables.tf
@@ -32,8 +32,8 @@ variable "private_network_cidr" {
   default     = "172.16.0.0/24"
 }
 
-variable "private_network_dns" {
-  description = "The DNS server for nodes when using private network only"
+variable "dns_servers" {
+  description = "DNS servers that will be used by the nodes. Until [this is solved](https://github.com/UpCloudLtd/terraform-provider-upcloud/issues/562) this is done using user_data to reconfigure resolved"
 
   type    = set(string)
   default = []
@@ -56,7 +56,7 @@ variable "machines" {
     disk_size = number
     server_group : string
     force_public_ip : optional(bool, false)
-    force_no_user_data : optional(bool, false)
+    dns_servers : optional(set(string))
     additional_disks = map(object({
       size = number
       tier = string