diff --git a/agents.tf b/agents.tf
index 43453b4..a3ac5b6 100644
--- a/agents.tf
+++ b/agents.tf
@@ -1,14 +1,9 @@
-resource "random_pet" "agents" {
-  count  = length(local.agent_nodepools)
-  length = 1
-}
-
 module "agents" {
   source = "./modules/host"
 
   for_each = local.agent_nodepools
 
-  name                   = var.use_cluster_name_in_node_name ? "${random_pet.cluster.id}-${each.value.nodepool_name}-${random_pet.agents[each.value.index].id}" : "${each.value.nodepool_name}-${random_pet.agents[each.value.index].id}"
+  name                   = "${var.use_cluster_name_in_node_name ? "${random_pet.cluster.id}-" : ""}${each.value.nodepool_name}"
   ssh_keys               = [hcloud_ssh_key.k3s.id]
   public_key             = var.public_key
   private_key            = var.private_key
diff --git a/control_planes.tf b/control_planes.tf
index 3ed4825..e4db4c9 100644
--- a/control_planes.tf
+++ b/control_planes.tf
@@ -1,13 +1,8 @@
-resource "random_pet" "control_planes" {
-  count  = var.control_plane_count
-  length = 1
-}
-
 module "control_planes" {
   source = "./modules/host"
 
   count                  = var.control_plane_count
-  name                   = var.use_cluster_name_in_node_name ? "${random_pet.cluster.id}-control-plane-${random_pet.control_planes[count.index].id}" : "control-plane-${random_pet.control_planes[count.index].id}"
+  name                   = "${var.use_cluster_name_in_node_name ? "${random_pet.cluster.id}-" : ""}control-plane"
   ssh_keys               = [hcloud_ssh_key.k3s.id]
   public_key             = var.public_key
   private_key            = var.private_key
diff --git a/modules/host/locals.tf b/modules/host/locals.tf
index 1fcef4d..46e0f81 100644
--- a/modules/host/locals.tf
+++ b/modules/host/locals.tf
@@ -10,4 +10,7 @@ locals {
   ssh_identity_file = var.private_key == null ? var.public_key : var.private_key
   # shared flags for ssh to ignore host keys, to use our ssh identity file for all connections during provisioning.
   ssh_args = "-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -i ${local.ssh_identity_file}"
+
+  # the hosts name with its unique suffix attached
+  name = "${var.name}-${random_pet.server.id}"
 }
diff --git a/modules/host/main.tf b/modules/host/main.tf
index e085883..e397391 100644
--- a/modules/host/main.tf
+++ b/modules/host/main.tf
@@ -1,5 +1,25 @@
+resource "random_pet" "server" {
+  length  = 1
+  keepers = {
+    # We re-create the id (and server) whenever one of those attributes
+    # changes. This should include all input variables to this module,
+    # but NO SENSITIVE values as they might be logged here.
+    name = var.name
+    public_key = var.public_key
+    additional_public_keys = join(",", var.additional_public_keys)
+    ssh_keys = join(",", var.ssh_keys)
+    firewall_ids = join(",", var.firewall_ids)
+    placement_group_id = var.placement_group_id
+    labels = join(",", [for k, v in var.labels: "${k}=${v}" ])
+    location = var.location
+    ipv4_subnet_id = var.ipv4_subnet_id
+    private_ipv4 = var.private_ipv4
+    server_type = var.server_type
+  }
+}
+
 resource "hcloud_server" "server" {
-  name = var.name
+  name = local.name
 
   image              = "ubuntu-20.04"
   rescue             = "linux64"
@@ -90,7 +110,7 @@ data "template_cloudinit_config" "config" {
     content = templatefile(
       "${path.module}/templates/userdata.yaml.tpl",
       {
-        hostname          = var.name
+        hostname          = local.name
         sshAuthorizedKeys = concat([local.ssh_public_key], var.additional_public_keys)
       }
     )