diff --git a/docs/dns-stack.md b/docs/dns-stack.md
index 60eadc4b64e810c1e957fa6f0b9d6b4e8a2be934..f1675127ab97286014704924f26c5c9defc279b6 100644
--- a/docs/dns-stack.md
+++ b/docs/dns-stack.md
@@ -60,6 +60,10 @@ By default, no other option than the ones hardcoded (see `roles/kubernetes-apps/
 
 Custom options to be added to the kubernetes coredns plugin.
 
+### coredns_kubernetes_extra_domains
+
+Extra domains to be forwarded to the kubernetes coredns plugin.
+
 ### coredns_external_zones
 
 Array of optional external zones to coredns forward queries to. It's  injected into
diff --git a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
index 189157d59a35c942e8ac0604e9d726db03665813..85d4029296c252092daf6ccdcd20c2a106152d32 100644
--- a/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
+++ b/inventory/sample/group_vars/k8s_cluster/k8s-cluster.yml
@@ -211,6 +211,8 @@ enable_coredns_k8s_endpoint_pod_names: false
 # Apply extra options to coredns kubernetes plugin
 # coredns_kubernetes_extra_opts:
 #   - 'fallthrough example.local'
+# Forward extra domains to the coredns kubernetes plugin
+# coredns_kubernetes_extra_domains: ''
 
 # Can be docker_dns, host_resolvconf or none
 resolvconf_mode: host_resolvconf
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
index d92d7884902298a995003d40f2beb1ba87224db7..36de0d996e3cf65fcfcfd574437551d9b6b7019b 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
@@ -36,7 +36,7 @@ data:
             lameduck 5s
         }
         ready
-        kubernetes {{ dns_domain }} {% if enable_coredns_reverse_dns_lookups %}in-addr.arpa ip6.arpa {% endif %}{
+        kubernetes {{ dns_domain }} {% if coredns_kubernetes_extra_domains is defined %}{{ coredns_kubernetes_extra_domains }} {% endif %}{% if enable_coredns_reverse_dns_lookups %}in-addr.arpa ip6.arpa {% endif %}{
           pods insecure
 {% if enable_coredns_k8s_endpoint_pod_names %}
           endpoint_pod_names