diff --git a/inventory/group_vars/all/ssl.yml b/inventory/group_vars/all/ssl.yml
index c4c52e9052..4b6952ea14 100644
--- a/inventory/group_vars/all/ssl.yml
+++ b/inventory/group_vars/all/ssl.yml
@@ -22,7 +22,7 @@ ssl_cipher_suite_tls12: "{{ ssl_cipher_suite | default('ECDH+AESGCM:DH+AESGCM:EC
 ssl_cipher_suite_tls13: "TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256"
 
 #variables used in OSA roles which call the PKI role
-openstack_pki_dir: "/etc/openstack_deploy/pki"
+openstack_pki_dir: "{{ openstack_config_dir }}/pki"
 openstack_pki_service_intermediate_cert_name: "ExampleCorpIntermediate"
 
 openstack_pki_service_intermediate_cert_path: "{{ openstack_pki_dir ~ '/roots/' ~ openstack_pki_service_intermediate_cert_name ~ '/certs/' ~ openstack_pki_service_intermediate_cert_name ~ '.crt' }}"
diff --git a/scripts/get-ansible-role-requirements.yml b/scripts/get-ansible-role-requirements.yml
index 84d56e2abc..d988084e85 100644
--- a/scripts/get-ansible-role-requirements.yml
+++ b/scripts/get-ansible-role-requirements.yml
@@ -102,12 +102,12 @@
 
         - name: Ensure overrides directory exists
           file:
-            path: '/etc/openstack_deploy'
+            path: "{{ config_dir }}"
             state: directory
 
         - name: Create overrides for openstack_services git repos to use local cache
           blockinfile:
-            path: '/etc/openstack_deploy/user_variables_zuulrepos.yml'
+            path: "{{ config_dir }}/user_variables_zuulrepos.yml"
             block: "{{ service_git_repos | join('\n') }}"
             create: yes
 
@@ -164,12 +164,13 @@
 
   vars:
     ansible_python_interpreter: "/opt/ansible-runtime/bin/python"
+    config_dir: "{{ lookup('env', 'OSA_CONFIG_DIR') | default('/etc/openstack_deploy', true) }}"
     required_roles: "{{ lookup('file', role_file) | from_yaml }}"
     openstack_services_file: "{{ playbook_dir }}/../playbooks/defaults/repo_packages/openstack_services.yml"
     role_file: "{{ playbook_dir }}/../ansible-role-requirements.yml"
     role_path_default: '/etc/ansible/roles'
     user_roles: "{{ lookup('file', user_role_path, errors='ignore')|default([], true) | from_yaml }}"
-    user_role_path: "{{ lookup('env', 'OSA_CONFIG_DIR') | default('/etc/openstack_deploy', true) ~ '/' ~ (user_role_file|default('')) }}"
+    user_role_path: "{{ config_dir ~ '/' ~ (user_role_file|default('')) }}"
     git_clone_retries: 2
     git_clone_retry_delay: 5
     role_clone_default_depth: 20
diff --git a/scripts/run-upgrade.sh b/scripts/run-upgrade.sh
index f5082f2203..27a7f9b9fe 100755
--- a/scripts/run-upgrade.sh
+++ b/scripts/run-upgrade.sh
@@ -36,6 +36,9 @@ export SOURCE_SERIES="xena"
 # The expected target series name
 export TARGET_SERIES="yoga"
 
+# The expected OSA config dir
+export OSA_CONFIG_DIR="${OSA_CONFIG_DIR:-/etc/openstack_deploy}"
+
 ## Functions -----------------------------------------------------------------
 
 function run_lock {
@@ -44,7 +47,7 @@ function run_lock {
   run_item="$2"
   hashed_run_item=($(echo $run_item | md5sum))
 
-  upgrade_marker="/etc/openstack_deploy/upgrade-${TARGET_SERIES}/$hashed_run_item.complete"
+  upgrade_marker="${OSA_CONFIG_DIR}/upgrade-${TARGET_SERIES}/$hashed_run_item.complete"
 
   if [ ! -f "$upgrade_marker" ];then
     # note(sigmavirus24): use eval so that we properly turn strings like
@@ -85,24 +88,24 @@ function run_lock {
 }
 
 function check_for_current {
-    if [[ ! -d "/etc/openstack_deploy" ]]; then
+    if [[ ! -d "${OSA_CONFIG_DIR}" ]]; then
       echo "--------------ERROR--------------"
-      echo "/etc/openstack_deploy directory not found."
+      echo "${OSA_CONFIG_DIR} directory not found."
       echo "It appears you do not have a current environment installed."
       exit 2
     fi
 }
 
 function create_working_dir {
-    if [ ! -d  "/etc/openstack_deploy/upgrade-${TARGET_SERIES}" ]; then
-        mkdir -p "/etc/openstack_deploy/upgrade-${TARGET_SERIES}"
+    if [ ! -d  "${OSA_CONFIG_DIR}/upgrade-${TARGET_SERIES}" ]; then
+        mkdir -p "${OSA_CONFIG_DIR}/upgrade-${TARGET_SERIES}"
     fi
 }
 
 function bootstrap_ansible {
-    if [ ! -f "/etc/openstack_deploy/upgrade-${TARGET_SERIES}/bootstrap-ansible.complete" ]; then
+    if [ ! -f "${OSA_CONFIG_DIR}/upgrade-${TARGET_SERIES}/bootstrap-ansible.complete" ]; then
       "${SCRIPTS_PATH}/bootstrap-ansible.sh"
-      touch /etc/openstack_deploy/upgrade-${TARGET_SERIES}/bootstrap-ansible.complete
+      touch ${OSA_CONFIG_DIR}/upgrade-${TARGET_SERIES}/bootstrap-ansible.complete
     else
       echo "Ansible has been bootstrapped for ${TARGET_SERIES} already, skipping..."
     fi
@@ -158,7 +161,7 @@ function main {
     # Backup source series artifacts
     source_series_backup_file="/openstack/backup-openstack-ansible-${SOURCE_SERIES}.tar.gz"
     if [[ ! -e ${source_series_backup_file} ]]; then
-      tar zcf ${source_series_backup_file} /etc/openstack_deploy /etc/ansible/ /usr/local/bin/openstack-ansible.rc
+      tar zcf ${source_series_backup_file} ${OSA_CONFIG_DIR} /etc/ansible/ /usr/local/bin/openstack-ansible.rc
     fi
 
     # Environment variables may be set to a previous/incorrect location.