diff --git a/docs/dns-stack.md b/docs/dns-stack.md
index 263145266002be63956443a6769c6b2126140151..bd9e00d7491a68ff223b34d6fe7b7f56066b54c1 100644
--- a/docs/dns-stack.md
+++ b/docs/dns-stack.md
@@ -40,8 +40,6 @@ is not set, a default resolver is chosen (depending on cloud provider or 8.8.8.8
 DNS servers to be added *after* the cluster DNS. Used by all ``resolvconf_mode`` modes. These serve as backup
 DNS servers in early cluster deployment when no cluster DNS is available yet.
 
-## DNS modes supported by Kubespray
-
 ### coredns_external_zones
 
 Array of optional external zones to coredns forward queries to. It's  injected into
@@ -69,9 +67,23 @@ coredns_external_zones:
 or as INI
 
 ```ini
-coredns_external_zones=[{"cache": 30,"zones":["example.com","example.io:453"],"nameservers":["1.1.1.1","2.2.2.2"]}]'
+coredns_external_zones='[{"cache": 30,"zones":["example.com","example.io:453"],"nameservers":["1.1.1.1","2.2.2.2"]}]'
 ```
 
+### dns_etchosts (coredns)
+
+Optional hosts file content to coredns use as /etc/hosts file. This will also be used by nodelocaldns, if enabled.
+
+Example:
+
+```yaml
+dns_etchosts: |
+  192.168.0.100 api.example.com
+  192.168.0.200 ingress.example.com
+```
+
+## DNS modes supported by Kubespray
+
 You can modify how Kubespray sets up DNS for your cluster with the variables ``dns_mode`` and ``resolvconf_mode``.
 
 ### dns_mode
@@ -182,6 +194,10 @@ nodelocaldns_external_zones:
   - 192.168.0.53
 ```
 
+### dns_etchosts (nodelocaldns)
+
+See [dns_etchosts](#dns_etchosts-coredns) above.
+
 ## Limitations
 
 * Kubespray has yet ways to configure Kubedns addon to forward requests SkyDns can
diff --git a/docs/vars.md b/docs/vars.md
index f3e621b0463dbbfe5a759dbf6ec5c8b174d6ba3c..db672a389e059f224680da3ea4b3ebc7cf0ba2ea 100644
--- a/docs/vars.md
+++ b/docs/vars.md
@@ -99,6 +99,7 @@ variables to match your requirements.
   addition to Kubespray deployed DNS
 * *nameservers* - Array of DNS servers configured for use by hosts
 * *searchdomains* - Array of up to 4 search domains
+* *dns_etchosts* - Content of hosts file for coredns and nodelocaldns
 
 For more information, see [DNS
 Stack](https://github.com/kubernetes-sigs/kubespray/blob/master/docs/dns-stack.md).
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
index 4a42327ce2f1922710e2065b57b1985d359dbcd3..6f0044ccbb1182f77218a709d9cda589b489451d 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-config.yml.j2
@@ -17,6 +17,11 @@ data:
         loadbalance
         cache {{ block['cache'] | default(5) }}
         reload
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
 {%   endfor %}
 {% endif %}
@@ -50,4 +55,13 @@ data:
         loop
         reload
         loadbalance
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
+{% if dns_etchosts | default(None) %}
+  hosts: |
+   {{ dns_etchosts }}
+{% endif %}
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
index 5f082c22eab093290ad12a1a2910015d62f047f6..6a7253422285230330374415fa2595ad2290d960 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
@@ -110,3 +110,7 @@ spec:
             items:
             - key: Corefile
               path: Corefile
+{% if dns_etchosts | default(None) %}
+            - key: hosts
+              path: hosts
+{% endif %}
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
index dd5732f896508a0b849df65bbee9c14721d874a6..3ec5eb771cd7e01d515f24937137600f26899bd0 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-config.yml.j2
@@ -19,6 +19,11 @@ data:
         forward . {{ block['nameservers'] | join(' ') }}
         prometheus :9253
         log
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
 {% endfor %}
 {% endif %}
@@ -36,6 +41,11 @@ data:
         }
         prometheus :9253
         health {{ nodelocaldns_ip }}:{{ nodelocaldns_health_port }}
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
     in-addr.arpa:53 {
         errors
@@ -67,4 +77,13 @@ data:
         bind {{ nodelocaldns_ip }}
         forward . {{ upstreamForwardTarget }}
         prometheus :9253
+{% if dns_etchosts | default(None) %}
+        hosts /etc/coredns/hosts {
+          fallthrough
+        }
+{% endif %}
     }
+{% if dns_etchosts | default(None) %}
+  hosts: |
+   {{ dns_etchosts }}
+{% endif %}
diff --git a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2 b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
index 6ef230d95f955e36e16c6f66ee3b04e6f92a7a72..b92749c8b8e823764a67312bcfc55a81292a1005 100644
--- a/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/nodelocaldns-daemonset.yml.j2
@@ -79,6 +79,10 @@ spec:
             items:
             - key: Corefile
               path: Corefile
+{% if dns_etchosts | default(None) %}
+            - key: hosts
+              path: hosts
+{% endif %}
         - name: xtables-lock
           hostPath:
             path: /run/xtables.lock