diff --git a/ansible/roles/observability/tasks/main.yml b/ansible/roles/observability/tasks/main.yml
index 42df453..845dacf 100644
--- a/ansible/roles/observability/tasks/main.yml
+++ b/ansible/roles/observability/tasks/main.yml
@@ -172,39 +172,50 @@
       register: prometheus_patch
       changed_when: true
 
-    - name: Wait for Tailscale to assign LoadBalancer IP (Grafana)
+    - name: Wait for Tailscale endpoint (IP/hostname) for Grafana
       shell: >-
         kubectl -n {{ observability_namespace }} get svc kube-prometheus-stack-grafana
-        -o jsonpath='{.status.loadBalancer.ingress[0].ip}'
+        -o go-template='{{"{{"}}range .status.loadBalancer.ingress{{"}}"}}{{"{{"}}if .ip{{"}}"}}{{"{{"}}.ip{{"}}"}}{{"{{"}}else{{"}}"}}{{"{{"}}.hostname{{"}}"}}{{"{{"}}end{{"}}"}}{{"{{"}}end{{"}}"}}'
       register: grafana_lb_ip
       until: grafana_lb_ip.stdout | length > 0
-      retries: 30
+      retries: 18
       delay: 10
       changed_when: false
+      failed_when: false
 
-    - name: Wait for Tailscale to assign LoadBalancer IP (Prometheus)
+    - name: Wait for Tailscale endpoint (IP/hostname) for Prometheus
       shell: >-
         kubectl -n {{ observability_namespace }} get svc kube-prometheus-stack-prometheus
-        -o jsonpath='{.status.loadBalancer.ingress[0].ip}'
+        -o go-template='{{"{{"}}range .status.loadBalancer.ingress{{"}}"}}{{"{{"}}if .ip{{"}}"}}{{"{{"}}.ip{{"}}"}}{{"{{"}}else{{"}}"}}{{"{{"}}.hostname{{"}}"}}{{"{{"}}end{{"}}"}}{{"{{"}}end{{"}}"}}'
       register: prometheus_lb_ip
       until: prometheus_lb_ip.stdout | length > 0
-      retries: 30
+      retries: 18
       delay: 10
       changed_when: false
+      failed_when: false
+
+    - name: Warn if Tailscale endpoint assignment is still pending
+      debug:
+        msg: |
+          Tailscale service endpoint assignment is still pending.
+          Grafana endpoint: {{ grafana_lb_ip.stdout | default('') }}
+          Prometheus endpoint: {{ prometheus_lb_ip.stdout | default('') }}
+          Deployment continues; services may become reachable shortly.
+      when: (grafana_lb_ip.stdout | default('') | length == 0) or (prometheus_lb_ip.stdout | default('') | length == 0)
 
     - name: Show Tailscale access details
       debug:
         msg: |
           Observability stack deployed with Tailscale access!
           
-          Grafana: http://grafana (or http://{{ grafana_lb_ip.stdout }})
-          Prometheus: http://prometheus (or http://{{ prometheus_lb_ip.stdout }})
+          Grafana: http://grafana{% if grafana_lb_ip.stdout | default('') | length > 0 %} (or http://{{ grafana_lb_ip.stdout }}){% endif %}
+          Prometheus: http://prometheus{% if prometheus_lb_ip.stdout | default('') | length > 0 %} (or http://{{ prometheus_lb_ip.stdout }}){% endif %}
           
           Login: admin / {{ grafana_password_effective }}
           
           Access via:
           - MagicDNS: http://grafana or http://prometheus (if enabled)
-          - Direct IP: http://{{ grafana_lb_ip.stdout }} or http://{{ prometheus_lb_ip.stdout }}
+          - Direct endpoint: {% if grafana_lb_ip.stdout | default('') | length > 0 %}http://{{ grafana_lb_ip.stdout }}{% else %}(pending){% endif %} / {% if prometheus_lb_ip.stdout | default('') | length > 0 %}http://{{ prometheus_lb_ip.stdout }}{% else %}(pending){% endif %}
           - Tailnet FQDN: http://grafana.{{ tailscale_tailnet | default('tailnet.ts.net') }}
           
           Note: Ensure Tailscale Kubernetes Operator is installed first