diff --git a/roles/kubernetes/master/defaults/main/main.yml b/roles/kubernetes/master/defaults/main/main.yml
index ab11069187540e265e4d9dd16c2b91218b8e1af6..7ac75af85152649f0f7e535911d05efdb186ff65 100644
--- a/roles/kubernetes/master/defaults/main/main.yml
+++ b/roles/kubernetes/master/defaults/main/main.yml
@@ -23,6 +23,11 @@ kube_apiserver_storage_backend: etcd3
 # By default, force back to etcd2. Set to true to force etcd3 (experimental!)
 force_etcd3: false
 
+# Associated interfaces must be reachable by the rest of the cluster, and by
+# CLI/web clients.
+kube_controller_manager_bind_address: 0.0.0.0
+kube_scheduler_bind_address: 0.0.0.0
+
 # audit support
 kubernetes_audit: false
 # path to audit log file
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
index 55861c511343fdbc73738598ae0b422db7f0d80b..2d5fb69785b368afd815d54d6e9f19ae003e29ed 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1alpha3.yaml.j2
@@ -129,6 +129,7 @@ controllerManagerExtraArgs:
   node-monitor-period: {{ kube_controller_node_monitor_period }}
   pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }}
   node-cidr-mask-size: "{{ kube_network_node_prefix }}"
+  address: {{ kube_controller_manager_bind_address }}
 {% if kube_feature_gates %}
   feature-gates: {{ kube_feature_gates|join(',') }}
 {% endif %}
@@ -142,6 +143,7 @@ controllerManagerExtraArgs:
   cloud-config: {{ kube_config_dir }}/cloud_config
 {% endif %}
 schedulerExtraArgs:
+  address: {{ kube_scheduler_bind_address }}
 {% if kube_feature_gates %}
   feature-gates: {{ kube_feature_gates|join(',') }}
 {% endif %}
diff --git a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2 b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
index ab8a5f791c6ea65733f0931fc6d825e8ea43e78d..3159e15d955419e7353f48f28f610b17c219f54a 100644
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta1.yaml.j2
@@ -172,6 +172,7 @@ controllerManager:
     node-monitor-period: {{ kube_controller_node_monitor_period }}
     pod-eviction-timeout: {{ kube_controller_pod_eviction_timeout }}
     node-cidr-mask-size: "{{ kube_network_node_prefix }}"
+    address: {{ kube_controller_manager_bind_address }}
 {% if kube_feature_gates %}
     feature-gates: {{ kube_feature_gates|join(',') }}
 {% endif %}
@@ -205,6 +206,7 @@ controllerManager:
 {% endif %}
 scheduler:
   extraArgs:
+    address: {{ kube_controller_manager_bind_address }}
 {% if kube_feature_gates %}
     feature-gates: {{ kube_feature_gates|join(',') }}
 {% endif %}