diff --git a/Makefile b/Makefile
index 3d3306e..513cf5e 100644
--- a/Makefile
+++ b/Makefile
@@ -5,7 +5,7 @@ export CONTIV_INSTALLER_VERSION ?= $(BUILD_VERSION)
 # downloaded and built assets intended to go in installer by build.sh
 export CONTIV_ARTIFACT_STAGING := $(PWD)/artifact_staging
 # some assets are retrieved from GitHub, this is the default version to fetch
-export DEFAULT_DOWNLOAD_CONTIV_VERSION := 1.1.5
+export DEFAULT_DOWNLOAD_CONTIV_VERSION := 1.1.7
 export CONTIV_ACI_GW_VERSION ?= latest
 export NETPLUGIN_OWNER ?= contiv
 # setting NETPLUGIN_BRANCH compiles that commit on demand,
@@ -19,6 +19,9 @@ export CONTIV_V2PLUGIN_VERSION ?= $(DEFAULT_DOWNLOAD_CONTIV_VERSION)
 export CONTIV_NETPLUGIN_TARBALL_NAME := netplugin-$(CONTIV_NETPLUGIN_VERSION).tar.bz2
 export CONTIV_ANSIBLE_COMMIT ?= 8e20f56d541af8bc7a3ecbde0d9c64fa943812ed
 export CONTIV_ANSIBLE_OWNER ?= contiv
+# TODO(chrisplo): restore the normal default after 1.1.8 has been pushed
+#export CONTIV_ANSIBLE_IMAGE ?= contiv/install:$(DEFAULT_DOWNLOAD_CONTIV_VERSION)
+export CONTIV_ANSIBLE_IMAGE ?= contiv/install:1.1.7-bash-netcat
 
 # this is the classic first makefile target, and it's also the default target
 # run when `make` is invoked with no specific target.
diff --git a/README.md b/README.md
index a4fc70b..2ffdf72 100644
--- a/README.md
+++ b/README.md
@@ -39,7 +39,7 @@ Note: The full image contains only Contiv components.
 * To install Contiv v2plugin:<br> `./install/ansible/install_swarm.sh -f cfg.yml -e <ssh key> -u <username> -p`
 
 * Example host config files are available at install/ansible/cfg.yml and install/ansible/aci_cfg.yml
-* To see additional install options and examples, run <br>`./install/ansible/install_swarm.sh -h`.
+* To see additional install options and examples, such as adding arguments to ansible for verbose output and proxy settings, run <br>`./install/ansible/install_swarm.sh -h`.
 
 ### Removing Contiv
 
@@ -53,6 +53,7 @@ If you need to remove Contiv from Docker Swarm and return to your original state
 * To uninstall Contiv v2plugin:<br>
 `./install/ansible/uninstall_swarm.sh -f cfg.yml -e <ssh key> -u <username> -p`
 * Note: Adding the `-r` flag, will cleanup any Contiv state.
+* To see additional install options and examples, such as adding arguments to ansible for verbose output and proxy settings, run <br>`./install/ansible/uninstall_swarm.sh -h`.
 
 ## Kubernetes Installation
 
diff --git a/install/ansible/Dockerfile b/install/ansible/Dockerfile
index 93748bf..01f45eb 100644
--- a/install/ansible/Dockerfile
+++ b/install/ansible/Dockerfile
@@ -1,7 +1,7 @@
 FROM alpine:3.6
 
 RUN DEV_PACKAGES="python-dev gcc make musl-dev openssl-dev libffi-dev" \
- && apk add --no-cache python openssl libffi nmap-ncat py-pip $DEV_PACKAGES \
+ && apk add --no-cache bash python openssl libffi netcat-openbsd py-pip $DEV_PACKAGES \
  && pip install --upgrade pip \
  && pip install cffi \
  && pip install ansible==2.3.1.0 \
diff --git a/install/ansible/install.sh b/install/ansible/install.sh
index 546d0b6..918af44 100644
--- a/install/ansible/install.sh
+++ b/install/ansible/install.sh
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 
 set -xeuo pipefail
 
@@ -43,7 +43,14 @@ while getopts ":n:a:im:d:v:ps:" opt; do
 		netmaster=$OPTARG
 		;;
 	a)
-		ans_opts=$OPTARG
+		# make a bash array from the ansible argument
+		# it interprets single and double quotes from CLI as you might expect
+		# creating proper bash "words" for eventually passing to ansible
+		# by letting the array declaration do all the interpreting
+		# note: ans_opts=($OPTARG) and ans_opts("$OPTARG") do not work
+		# Example:
+		#   "-v --ssh-common-args=\"-o ProxyCommand='nc -x 192.168.2.1 %h %p'\"
+		declare -a 'ans_opts=('"$OPTARG"')'
 		;;
 	i)
 		install_scheduler=true
@@ -103,7 +110,7 @@ env_file=install/ansible/env.json
 # Verify ansible can reach all hosts
 
 echo "Verifying ansible reachability"
-ansible all -vvv $ans_opts -i $host_inventory -m setup -a 'filter=ansible_distribution*' | tee $inventory_log
+ansible all "${ans_opts[@]}" -i $host_inventory -m setup -a 'filter=ansible_distribution*' | tee $inventory_log
 if egrep -q 'FAIL|UNREACHABLE' $inventory_log; then
 	echo "WARNING Some of the hosts are not accessible via passwordless SSH"
 	echo " "
@@ -118,7 +125,7 @@ netmaster_control_if=$(grep -A10 $netmaster $contiv_config | grep -m 1 control |
 # Get the ansible node
 node_name=$(grep $netmaster $host_inventory | awk '{print $1}' | xargs)
 # Get the service VIP for netmaster for the control interface
-service_vip=$(ansible $node_name -m setup $ans_opts -i $host_inventory | grep -A 100 ansible_$netmaster_control_if | grep -A 4 ipv4 | grep address | awk -F \" '{print $4}' | xargs)
+service_vip=$(ansible $node_name -m setup "${ans_opts[@]}" -i $host_inventory | grep -A 100 ansible_$netmaster_control_if | grep -A 4 ipv4 | grep address | awk -F \" '{print $4}' | xargs)
 
 if [ "$service_vip" == "" ]; then
 	service_vip=$netmaster
@@ -179,7 +186,7 @@ log_file="/var/contiv/$log_file_name"
 echo "Ansible extra vars from env.json:"
 cat "$env_file"
 # run playbook
-ansible-playbook $ans_opts -i "$host_inventory" -e@"$env_file" $ansible_path/install_plays.yml | tee $log_file
+ansible-playbook "${ans_opts[@]}" -i "$host_inventory" -e@"$env_file" $ansible_path/install_plays.yml | tee $log_file
 rm -rf "$env_file.bak"
 
 unreachable=$(grep "PLAY RECAP" -A 9999 $log_file | awk -F "unreachable=" '{print $2}' | awk '{print $1}' | grep -v "0" | xargs)
diff --git a/install/ansible/install_swarm.sh b/install/ansible/install_swarm.sh
index 3d739ff..3747391 100755
--- a/install/ansible/install_swarm.sh
+++ b/install/ansible/install_swarm.sh
@@ -42,6 +42,7 @@ Additional Options:
 -d   string     Forwarding mode (“routing” or “bridge”). Default mode is “bridge”
 -c   string
 -k   string
+-a   string     Additonal ansible arguments such as "-v --ssh-common-args=\"-o ProxyCommand='nc -x 192.168.2.1 %h %p'\""
 
 Advanced Options:
 -v   string     ACI Image (default is contiv/aci-gw:latest). Use this to specify a specific version of the ACI Image.
@@ -79,7 +80,7 @@ while getopts ":f:n:a:e:ipm:d:v:u:c:k:s:" opt; do
 			netmaster=$OPTARG
 			;;
 		a)
-			ans_opts=$OPTARG
+			ans_opts="$OPTARG"
 			;;
 		e)
 			ans_key=$OPTARG
@@ -145,9 +146,9 @@ if [[ -f $ans_key ]]; then
 fi
 
 if [ "$ans_opts" == "" ]; then
-	ans_opts=" --private-key $def_ans_key -u $ans_user"
+	ans_opts="--private-key $def_ans_key -u $ans_user"
 else
-	ans_opts=$(printf '%q', $ans_opts)" --private-key $def_ans_key -u $ans_user"
+    ans_opts+=" --private-key $def_ans_key -u $ans_user"
 fi
 
 # Generate SSL certs for auth proxy
@@ -161,7 +162,7 @@ if [[ ! -f "$host_tls_cert" || ! -f "$host_tls_key" ]]; then
 fi
 
 echo "Starting the installer container"
-image_name="contiv/install:__CONTIV_INSTALL_VERSION__"
+image_name="__CONTIV_INSTALL_VERSION__"
 mounts[0]="-v"
 mounts[1]="$(pwd)/install:/install:Z"
 mounts[2]="-v"
@@ -170,4 +171,4 @@ mounts[4]="-v"
 mounts[5]="$src_conf_path:$container_conf_path:Z"
 mounts[6]="-v"
 mounts[7]="$(pwd)/contiv_cache:/var/contiv_cache:Z"
-docker run --rm --net=host "${mounts[@]}" $image_name sh -c "./install/ansible/install.sh $netmaster_param -a \"$ans_opts\" $install_scheduler -m $contiv_network_mode -d $fwd_mode $aci_param $cluster_param $v2plugin_param"
+docker run --rm --net=host "${mounts[@]}" $image_name ./install/ansible/install.sh $netmaster_param -a "$ans_opts" $install_scheduler -m $contiv_network_mode -d $fwd_mode $aci_param $cluster_param $v2plugin_param
diff --git a/install/ansible/uninstall_swarm.sh b/install/ansible/uninstall_swarm.sh
index 7631f06..874c186 100755
--- a/install/ansible/uninstall_swarm.sh
+++ b/install/ansible/uninstall_swarm.sh
@@ -44,6 +44,7 @@ Advanced Options:
 -g              Remove docker images
 -s   string     URL of the cluster store to be used (for example etcd://etcd master or netmaster IP:2379)
 Additional parameters can also be updated in install/ansible/env.json file.
+-a   string     Additonal ansible arguments such as "-v --ssh-common-args=\"-o ProxyCommand='nc -x 192.168.2.1 %h %p'\""
 
 Examples:
 1. Uninstall Contiv and Docker Swarm on hosts specified by cfg.yml. 
@@ -71,7 +72,7 @@ while getopts ":f:n:a:e:ipm:d:v:u:rgs:" opt; do
 			netmaster=$OPTARG
 			;;
 		a)
-			ans_opts=$OPTARG
+			ans_opts="$OPTARG"
 			;;
 		e)
 			ans_key=$OPTARG
@@ -141,15 +142,16 @@ if [[ -f $ans_key ]]; then
 fi
 
 if [ "$ans_opts" == "" ]; then
-	ans_opts=" --private-key $def_ans_key -u $ans_user"
+	ans_opts="--private-key $def_ans_key -u $ans_user"
 else
-	ans_opts=$(printf '%q', $ans_opts)" --private-key $def_ans_key -u $ans_user"
+	# escape each word in the array and put spaces between the words
+    ans_opts+=" --private-key $def_ans_key -u $ans_user"
 fi
 echo "Starting the uninstaller container"
-image_name="contiv/install:__CONTIV_INSTALL_VERSION__"
+image_name="__CONTIV_INSTALL_VERSION__"
 install_mount="-v $(pwd)/install:/install:Z"
 ansible_mount="-v $(pwd)/ansible:/ansible:Z"
 config_mount="-v $src_conf_path:$container_conf_path:Z"
 cache_mount="-v $(pwd)/contiv_cache:/var/contiv_cache:Z"
 mounts="$install_mount $ansible_mount $cache_mount $config_mount"
-docker run --rm --net=host $mounts $image_name sh -c "./install/ansible/uninstall.sh $netmaster_param -a \"$ans_opts\" $uninstall_scheduler $uninstall_v2plugin -m $contiv_network_mode -d $fwd_mode $aci_param $reset_params $cluster_param"
+docker run --rm --net=host $mounts $image_name ./install/ansible/uninstall.sh $netmaster_param -a "$ans_opts" $uninstall_scheduler $uninstall_v2plugin -m $contiv_network_mode -d $fwd_mode $aci_param $reset_params $cluster_param
diff --git a/scripts/build.sh b/scripts/build.sh
index fc2592f..4431afc 100755
--- a/scripts/build.sh
+++ b/scripts/build.sh
@@ -18,7 +18,7 @@ fi
 
 pull_images=${CONTIV_CI_HOST:-"false"}
 aci_gw_version=${CONTIV_ACI_GW_VERSION:-"latest"}
-ansible_image_version=${CONTIV_ANSIBLE_IMAGE_VERSION:-$DEFAULT_DOWNLOAD_CONTIV_VERSION}
+ansible_image_version=${CONTIV_ANSIBLE_IMAGE:-contiv/install:$DEFAULT_DOWNLOAD_CONTIV_VERSION}
 auth_proxy_version=${CONTIV_API_PROXY_VERSION:-$DEFAULT_DOWNLOAD_CONTIV_VERSION}
 docker_version=${CONTIV_DOCKER_VERSION:-1.12.6}
 etcd_version=${CONTIV_ETCD_VERSION:-v2.3.8}
@@ -52,7 +52,7 @@ cp -a "${CONTIV_ARTIFACT_STAGING}/ansible" ${output_dir}/
 files=$(find $output_dir -type f -name "*.yaml" -or -name "*.sh" -or -name "*.json")
 sed -i.bak 's/__ACI_GW_VERSION__/'"$aci_gw_version"'/g' $files
 sed -i.bak 's/__API_PROXY_VERSION__/'"$auth_proxy_version"'/g' $files
-sed -i.bak 's/__CONTIV_INSTALL_VERSION__/'"$ansible_image_version"'/g' $files
+sed -i.bak 's#__CONTIV_INSTALL_VERSION__#'"$ansible_image_version"'#g' $files
 sed -i.bak 's/__CONTIV_VERSION__/'"$CONTIV_NETPLUGIN_VERSION"'/g' $files
 sed -i.bak 's/__DOCKER_VERSION__/'"$docker_version"'/g' $files
 sed -i.bak 's/__ETCD_VERSION__/'"$etcd_version"'/g' $files