diff --git a/roles/etcd/tasks/gen_certs_script.yml b/roles/etcd/tasks/gen_certs_script.yml
index 73d1ed768c7881a95a4e7b36d6a1e81f8aa24567..d474def38a014458192708dee1a99b694543c006 100644
--- a/roles/etcd/tasks/gen_certs_script.yml
+++ b/roles/etcd/tasks/gen_certs_script.yml
@@ -156,7 +156,7 @@
 
 - name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS)
   command: update-ca-certificates
-  when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "Container Linux by CoreOS"]
+  when: etcd_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Container Linux by CoreOS"]
 
 - name: Gen_certs | update ca-certificates (RedHat)
   command: update-ca-trust extract
diff --git a/roles/kubernetes/secrets/tasks/gen_certs_script.yml b/roles/kubernetes/secrets/tasks/gen_certs_script.yml
index 80f424576763fe41b80f6f5cfc83db142e046608..fd6e485df5a2100ab36be282a123409b4379d0ea 100644
--- a/roles/kubernetes/secrets/tasks/gen_certs_script.yml
+++ b/roles/kubernetes/secrets/tasks/gen_certs_script.yml
@@ -173,7 +173,7 @@
 
 - name: Gen_certs | update ca-certificates (Debian/Ubuntu/Container Linux by CoreOS)
   command: update-ca-certificates
-  when: kube_ca_cert.changed and ansible_os_family in ["Debian", "Container Linux by CoreOS"]
+  when: kube_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Container Linux by CoreOS"]
 
 - name: Gen_certs | update ca-certificates (RedHat)
   command: update-ca-trust extract
diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml
index df5e6784ba94992fc1cca9f1b04ff47e3eb03d5b..52cb193709b91b983455c6e095e473a1d7126fd1 100644
--- a/roles/reset/tasks/main.yml
+++ b/roles/reset/tasks/main.yml
@@ -92,4 +92,4 @@
       networking
       {%- endif %}
     state: restarted
-  when: ansible_os_family != "CoreOS"
+  when: ansible_os_family not in ["CoreOS", "Container Linux by CoreOS"]
diff --git a/roles/vault/tasks/bootstrap/ca_trust.yml b/roles/vault/tasks/bootstrap/ca_trust.yml
index 2bcfcc2faada236517b375a8700de633f2d11c2f..57e25610b475c2e20ca92faf04000d544f205f8b 100644
--- a/roles/vault/tasks/bootstrap/ca_trust.yml
+++ b/roles/vault/tasks/bootstrap/ca_trust.yml
@@ -13,7 +13,7 @@
       /usr/local/share/ca-certificates/kube-cluster-ca.crt
       {%- elif ansible_os_family == "RedHat" -%}
       /etc/pki/ca-trust/source/anchors/kube-cluster-ca.crt
-      {%- elif ansible_os_family == "CoreOS" -%}
+      {%- elif ansible_os_family in ["CoreOS", "Container Linux by CoreOS"] -%}
       /etc/ssl/certs/kube-cluster-ca.pem
       {%- endif %}
 
@@ -25,7 +25,7 @@
 
 - name: bootstrap/ca_trust | update ca-certificates (Debian/Ubuntu/CoreOS)
   command: update-ca-certificates
-  when: vault_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS"]
+  when: vault_ca_cert.changed and ansible_os_family in ["Debian", "CoreOS", "Container Linux by CoreOS"]
 
 - name: bootstrap/ca_trust | update ca-certificates (RedHat)
   command: update-ca-trust extract