diff --git a/src/cloud-api-adaptor/install/charts/peerpods/providers/docker.yaml b/src/cloud-api-adaptor/install/charts/peerpods/providers/docker.yaml
index cc6a70c8ed..5c3e9ead5c 100644
--- a/src/cloud-api-adaptor/install/charts/peerpods/providers/docker.yaml
+++ b/src/cloud-api-adaptor/install/charts/peerpods/providers/docker.yaml
@@ -40,12 +40,12 @@ providerConfigs:
     # DOCKER_HOST: "unix:///var/run/docker.sock"
 
     # Docker network name to connect to
-    # (default: "defaultDockerNetworkName")
-    # DOCKER_NETWORK_NAME: "defaultDockerNetworkName"
+    # (default: "bridge")
+    # DOCKER_NETWORK_NAME: "bridge"
 
     # Docker image to use for podvm
-    # (default: "defaultPodVMDockerImage")
-    # DOCKER_PODVM_IMAGE: "defaultPodVMDockerImage"
+    # (default: "quay.io/confidential-containers/podvm-docker-image")
+    # DOCKER_PODVM_IMAGE: "quay.io/confidential-containers/podvm-docker-image"
 
     # Use TLS and verify the remote server certificate
     # (default: "false")
diff --git a/src/cloud-api-adaptor/install/charts/peerpods/providers/ibmcloud.yaml b/src/cloud-api-adaptor/install/charts/peerpods/providers/ibmcloud.yaml
index 31d9adc604..137e8a4b76 100644
--- a/src/cloud-api-adaptor/install/charts/peerpods/providers/ibmcloud.yaml
+++ b/src/cloud-api-adaptor/install/charts/peerpods/providers/ibmcloud.yaml
@@ -23,8 +23,8 @@ providerConfigs:
     # CLOUD_CONFIG_VERIFY: "false"
 
     # Use non-CVMs for peer pods
-    # (default: "false")
-    # DISABLECVM: "false"
+    # (default: "true")
+    # DISABLECVM: "true"
 
     # Enable encrypted scratch space for pod VMs
     # (default: "false")
diff --git a/src/cloud-api-adaptor/install/charts/peerpods/providers/libvirt.yaml b/src/cloud-api-adaptor/install/charts/peerpods/providers/libvirt.yaml
index d245d78511..a7787e5121 100644
--- a/src/cloud-api-adaptor/install/charts/peerpods/providers/libvirt.yaml
+++ b/src/cloud-api-adaptor/install/charts/peerpods/providers/libvirt.yaml
@@ -28,8 +28,8 @@ providerConfigs:
     # CLOUD_CONFIG_VERIFY: "false"
 
     # Use non-CVMs for peer pods
-    # (default: "false")
-    # DISABLECVM: "false"
+    # (default: "true")
+    # DISABLECVM: "true"
 
     # Enable encrypted scratch space for pod VMs
     # (default: "false")
@@ -48,32 +48,32 @@ providerConfigs:
     # LIBVIRT_CPU: "2"
 
     # Path to OVMF
-    # (default: "defaultFirmware")
-    # LIBVIRT_EFI_FIRMWARE: "defaultFirmware"
+    # (default: "/usr/share/OVMF/OVMF_CODE_4M.fd")
+    # LIBVIRT_EFI_FIRMWARE: "/usr/share/OVMF/OVMF_CODE_4M.fd"
 
     # Libvirt's LaunchSecurity element for Confidential VMs: s390-pv. If omitted, will automatically determine.
-    # (default: "defaultLaunchSecurity")
-    # LIBVIRT_LAUNCH_SECURITY: "defaultLaunchSecurity"
+    # (default: "")
+    # LIBVIRT_LAUNCH_SECURITY: ""
 
     # Amount of memory in MiB
     # (default: "8192")
     # LIBVIRT_MEMORY: "8192"
 
     # libvirt network pool
-    # (default: "defaultNetworkName")
-    # LIBVIRT_NET: "defaultNetworkName"
+    # (default: "default")
+    # LIBVIRT_NET: "default"
 
     # libvirt storage pool
-    # (default: "defaultPoolName")
-    # LIBVIRT_POOL: "defaultPoolName"
+    # (default: "default")
+    # LIBVIRT_POOL: "default"
 
     # libvirt URI
-    # (default: "defaultURI")
-    # LIBVIRT_URI: "defaultURI"
+    # (default: "qemu+ssh://root@192.168.122.1/system?no_verify=1")
+    # LIBVIRT_URI: "qemu+ssh://root@192.168.122.1/system?no_verify=1"
 
     # libvirt volume name
-    # (default: "defaultVolName")
-    # LIBVIRT_VOL_NAME: "defaultVolName"
+    # (default: "podvm-base.qcow2")
+    # LIBVIRT_VOL_NAME: "podvm-base.qcow2"
 
     # pause image to be used for the pods
     # (default: "")
diff --git a/src/cloud-providers/cmd/config-extractor/main.go b/src/cloud-providers/cmd/config-extractor/main.go
index e4a2c79dd2..3005ca1c23 100644
--- a/src/cloud-providers/cmd/config-extractor/main.go
+++ b/src/cloud-providers/cmd/config-extractor/main.go
@@ -104,12 +104,16 @@ func parseFile(path string) ([]FlagInfo, error) {
 		return nil, err
 	}
 
+	// Parse all constants from the package directory
+	dir := filepath.Dir(path)
+	constants := parsePackageConstants(dir, fset)
+
 	var flags []FlagInfo
 
 	// Find all reg.XxxWithEnv calls anywhere in the file
 	ast.Inspect(node, func(n ast.Node) bool {
 		if call, ok := n.(*ast.CallExpr); ok {
-			if flagInfo, _ := extractFlagRegistrarCall(call, fset); flagInfo != nil {
+			if flagInfo, _ := extractFlagRegistrarCall(call, fset, constants); flagInfo != nil {
 				flags = append(flags, *flagInfo)
 			}
 		}
@@ -119,6 +123,60 @@ func parseFile(path string) ([]FlagInfo, error) {
 	return flags, nil
 }
 
+// parsePackageConstants extracts all const declarations from all .go files in the directory
+func parsePackageConstants(dir string, fset *token.FileSet) map[string]string {
+	constants := make(map[string]string)
+
+	pkgs, err := parser.ParseDir(fset, dir, nil, parser.ParseComments)
+	if err != nil {
+		return constants
+	}
+
+	for _, pkg := range pkgs {
+		for _, file := range pkg.Files {
+			extractConstants(file, constants)
+		}
+	}
+
+	return constants
+}
+
+// extractConstants walks through an AST file and extracts all const declarations
+func extractConstants(node *ast.File, constants map[string]string) {
+	ast.Inspect(node, func(n ast.Node) bool {
+		if genDecl, ok := n.(*ast.GenDecl); ok && genDecl.Tok == token.CONST {
+			for _, spec := range genDecl.Specs {
+				if valueSpec, ok := spec.(*ast.ValueSpec); ok {
+					for i, name := range valueSpec.Names {
+						if i < len(valueSpec.Values) {
+							if val, ok := exprToLiteral(valueSpec.Values[i]); ok {
+								constants[name.Name] = val
+							}
+						}
+					}
+				}
+			}
+		}
+		return true
+	})
+}
+
+// exprToLiteral extracts literal values from expressions (for const declarations)
+// Returns (value, ok) where ok indicates if parsing succeeded
+func exprToLiteral(expr ast.Expr) (string, bool) {
+	switch e := expr.(type) {
+	case *ast.BasicLit:
+		return strings.Trim(e.Value, `"`), true
+	case *ast.UnaryExpr:
+		if e.Op == token.SUB {
+			if val, ok := exprToLiteral(e.X); ok {
+				return "-" + val, true
+			}
+		}
+	}
+	return "", false
+}
+
 func filterFlags(flags []FlagInfo, predicate func(FlagInfo) bool) []FlagInfo {
 	var filtered []FlagInfo
 	for _, f := range flags {
@@ -129,7 +187,7 @@ func filterFlags(flags []FlagInfo, predicate func(FlagInfo) bool) []FlagInfo {
 	return filtered
 }
 
-func extractFlagRegistrarCall(call *ast.CallExpr, fset *token.FileSet) (*FlagInfo, string) {
+func extractFlagRegistrarCall(call *ast.CallExpr, fset *token.FileSet, constants map[string]string) (*FlagInfo, string) {
 	// Look for calls like: reg.StringWithEnv(...), reg.IntWithEnv(...), etc.
 	sel, ok := call.Fun.(*ast.SelectorExpr)
 	if !ok {
@@ -182,7 +240,7 @@ func extractFlagRegistrarCall(call *ast.CallExpr, fset *token.FileSet) (*FlagInf
 		}
 
 		// Extract default value from arg[2]
-		flagInfo.Default = exprToString(call.Args[2])
+		flagInfo.Default = exprToString(call.Args[2], constants)
 
 		// Extract env var from arg[3]: "ENV_VAR"
 		if lit, ok := call.Args[3].(*ast.BasicLit); ok && lit.Kind == token.STRING {
@@ -228,16 +286,20 @@ func getFunctionName(fun ast.Expr) string {
 	return ""
 }
 
-func exprToString(expr ast.Expr) string {
+func exprToString(expr ast.Expr, constants map[string]string) string {
 	switch e := expr.(type) {
 	case *ast.BasicLit:
 		return strings.Trim(e.Value, `"`)
 	case *ast.Ident:
+		// Try to resolve constant value first
+		if val, ok := constants[e.Name]; ok {
+			return val
+		}
 		return e.Name
 	case *ast.UnaryExpr:
 		// Handle negative numbers
 		if e.Op == token.SUB {
-			return "-" + exprToString(e.X)
+			return "-" + exprToString(e.X, constants)
 		}
 	}
 	return ""
diff --git a/src/cloud-providers/ibmcloud/manager.go b/src/cloud-providers/ibmcloud/manager.go
index d9805fd6f7..2fbd92d759 100644
--- a/src/cloud-providers/ibmcloud/manager.go
+++ b/src/cloud-providers/ibmcloud/manager.go
@@ -34,7 +34,7 @@ func (_ *Manager) ParseCmd(flags *flag.FlagSet) {
 	reg.StringWithEnv(&ibmcloudVPCConfig.VpcID, "vpc-id", "", "IBMCLOUD_VPC_ID", "VPC ID")
 	reg.StringWithEnv(&ibmcloudVPCConfig.ClusterID, "cluster-id", "", "IBMCLOUD_CLUSTER_ID", "Cluster ID")
 
-	reg.BoolWithEnv(&ibmcloudVPCConfig.DisableCVM, "disable-cvm", false, "DISABLECVM", "Use non-CVMs for peer pods")
+	reg.BoolWithEnv(&ibmcloudVPCConfig.DisableCVM, "disable-cvm", true, "DISABLECVM", "Use non-CVMs for peer pods")
 
 	// Flags without environment variable support (pass empty string for envVarName)
 	reg.StringWithEnv(&ibmcloudVPCConfig.CRTokenFileName, "cr-token-filename", "/var/run/secrets/tokens/vault-token", "", "Projected service account token")
diff --git a/src/cloud-providers/libvirt/manager.go b/src/cloud-providers/libvirt/manager.go
index f645751ccf..9527a371dc 100644
--- a/src/cloud-providers/libvirt/manager.go
+++ b/src/cloud-providers/libvirt/manager.go
@@ -16,13 +16,13 @@ var libvirtcfg Config
 type Manager struct{}
 
 const (
-	defaultURI            = "qemu:///system"
+	defaultURI            = "qemu+ssh://root@192.168.122.1/system?no_verify=1"
 	defaultPoolName       = "default"
 	defaultNetworkName    = "default"
 	defaultDataDir        = "/var/lib/libvirt/images"
 	defaultVolName        = "podvm-base.qcow2"
 	defaultLaunchSecurity = ""
-	defaultFirmware       = ""
+	defaultFirmware       = "/usr/share/OVMF/OVMF_CODE_4M.fd"
 	defaultCPU            = "2"
 	defaultMemory         = "8192"
 )
@@ -46,7 +46,7 @@ func (_ *Manager) ParseCmd(flags *flag.FlagSet) {
 
 	// Flags without environment variable support (pass empty string for envVarName)
 	reg.StringWithEnv(&libvirtcfg.DataDir, "data-dir", defaultDataDir, "", "libvirt storage dir")
-	reg.BoolWithEnv(&libvirtcfg.DisableCVM, "disable-cvm", false, "DISABLECVM", "Use non-CVMs for peer pods")
+	reg.BoolWithEnv(&libvirtcfg.DisableCVM, "disable-cvm", true, "DISABLECVM", "Use non-CVMs for peer pods")
 }
 
 func (_ *Manager) LoadEnv() {