diff --git a/charts/base/templates/clusterrolebindings.yaml b/charts/base/templates/clusterrolebindings.yaml
index 3aadf1f..d6612a1 100644
--- a/charts/base/templates/clusterrolebindings.yaml
+++ b/charts/base/templates/clusterrolebindings.yaml
@@ -56,3 +56,21 @@ subjects:
     name: nullplatform-crd-installer-sa
     namespace: {{ .Release.Namespace }}
 {{- end }}
+---
+{{- if .Values.logging.ensureLease }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: nullplatform-lease-installer-binding
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-weight": "-5"
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: nullplatform-lease-installer
+subjects:
+  - kind: ServiceAccount
+    name: nullplatform-lease-installer-sa
+    namespace: {{ .Values.namespaces.nullplatformTools }}
+{{- end }}
diff --git a/charts/base/templates/clusterroles.yaml b/charts/base/templates/clusterroles.yaml
index 6298b55..53350c8 100644
--- a/charts/base/templates/clusterroles.yaml
+++ b/charts/base/templates/clusterroles.yaml
@@ -41,3 +41,17 @@ rules:
   - apiGroups: ["apiextensions.k8s.io"]
     resources: ["customresourcedefinitions"]
     verbs: ["get", "list", "create", "update", "patch"]
+---
+{{- if .Values.logging.ensureLease }}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: nullplatform-lease-installer
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-weight": "-5"
+rules:
+  - apiGroups: ["coordination.k8s.io"]
+    resources: ["leases"]
+    verbs: ["get", "create", "patch"]
+{{- end }}
diff --git a/charts/base/templates/daemonset.yaml b/charts/base/templates/daemonset.yaml
index 2ae6a08..b535a4c 100644
--- a/charts/base/templates/daemonset.yaml
+++ b/charts/base/templates/daemonset.yaml
@@ -29,24 +29,6 @@ spec:
       tolerations:
         {{- toYaml .Values.logging.tolerations | nindent 8 }}
       {{- end }}
-      {{- if .Values.logging.ensureLease }}
-      initContainers:
-        - name: ensure-lease
-          image: bitnami/kubectl:latest
-          command:
-            - /bin/sh
-            - -c
-            - |
-              kubectl apply -f - <<'EOF'
-              apiVersion: coordination.k8s.io/v1
-              kind: Lease
-              metadata:
-                name: nullplatform-metrics-extractor
-                namespace: {{ .Values.namespaces.nullplatformTools }}
-              spec:
-                holderIdentity: ""
-              EOF
-      {{- end }}
       containers:
         - name: nullplatform-log-controller
           image: {{ .Values.logging.controller.image }}
diff --git a/charts/base/templates/lease.yaml b/charts/base/templates/lease.yaml
index 684f780..b46db06 100644
--- a/charts/base/templates/lease.yaml
+++ b/charts/base/templates/lease.yaml
@@ -1,9 +1,8 @@
 apiVersion: coordination.k8s.io/v1
 kind: Lease
 metadata:
-    name: nullplatform-metrics-extractor
-    namespace: nullplatform-tools
-spec:
-    holderIdentity: ""
-
-
+  name: nullplatform-metrics-extractor
+  namespace: {{ .Values.namespaces.nullplatformTools }}
+  annotations:
+    "helm.sh/hook": "pre-install"
+    "helm.sh/hook-delete-policy": "before-hook-creation"
diff --git a/charts/base/templates/pre-install-lease.yaml b/charts/base/templates/pre-install-lease.yaml
new file mode 100644
index 0000000..61c5ed2
--- /dev/null
+++ b/charts/base/templates/pre-install-lease.yaml
@@ -0,0 +1,28 @@
+{{- if .Values.logging.ensureLease }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: ensure-nullplatform-lease
+  namespace: {{ .Values.namespaces.nullplatformTools }}
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+spec:
+  template:
+    spec:
+      serviceAccountName: nullplatform-lease-installer-sa
+      containers:
+      - name: ensure-lease
+        image: docker.io/bitnami/kubectl:latest
+        command:
+          - /bin/sh
+          - -c
+          - |
+            kubectl apply -f - <<'EOF'
+            apiVersion: coordination.k8s.io/v1
+            kind: Lease
+            metadata:
+              name: nullplatform-metrics-extractor
+              namespace: {{ .Values.namespaces.nullplatformTools }}
+            EOF
+      restartPolicy: OnFailure
+{{- end }}
diff --git a/charts/base/templates/serviceaccount.yaml b/charts/base/templates/serviceaccount.yaml
index 5a95e06..cdd9fbb 100644
--- a/charts/base/templates/serviceaccount.yaml
+++ b/charts/base/templates/serviceaccount.yaml
@@ -14,3 +14,14 @@ metadata:
     "helm.sh/hook": "pre-install,pre-upgrade"
     "helm.sh/hook-weight": "-5"
 {{- end }}
+---
+{{- if .Values.logging.ensureLease }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: nullplatform-lease-installer-sa
+  namespace: {{ .Values.namespaces.nullplatformTools }}
+  annotations:
+    "helm.sh/hook": "pre-install,pre-upgrade"
+    "helm.sh/hook-weight": "-5"
+{{- end }}