diff --git a/roles/bootstrap-os/tasks/main.yml b/roles/bootstrap-os/tasks/main.yml
index c8e63a21185eb3fe8b4fa2dfd40130605b8dbe77..2c42f2d66c0d9e69072aa3021d37e30a7d7e0de9 100644
--- a/roles/bootstrap-os/tasks/main.yml
+++ b/roles/bootstrap-os/tasks/main.yml
@@ -41,6 +41,12 @@
 
 - import_tasks: setup-pipelining.yml
 
+- name: Create remote_tmp for it is used by another module
+  file:
+    path: "{{ lookup('config', 'DEFAULT_REMOTE_TMP', on_missing='skip', wantlist=True) | first | default('~/.ansible/tmp') }}"
+    state: directory
+    mode: 0700
+
 - name: Gather nodes hostnames
   setup:
     gather_subset: '!all'
diff --git a/roles/kubernetes/master/tasks/kubeadm-cleanup-old-certs.yml b/roles/kubernetes/master/tasks/kubeadm-cleanup-old-certs.yml
index e1e85e205f1d47ec6835fae19b01bbf9877a92df..10363a2c9082e3df6f85184d958417e008530a01 100644
--- a/roles/kubernetes/master/tasks/kubeadm-cleanup-old-certs.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-cleanup-old-certs.yml
@@ -1,3 +1,12 @@
 ---
+- name: kubeadm | Retrieve files to purge
+  find:
+    paths: "{{kube_cert_dir }}"
+    patterns: '*.pem'
+  register: files_to_purge_for_kubeadm
+
 - name: kubeadm | Purge old certs
-  command: "rm -f {{kube_cert_dir }}/*.pem"
+  file:
+    path: "{{ item.path }}"
+    state: absent
+  with_items: "{{ files_to_purge_for_kubeadm.files }}"
diff --git a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
index 868240b718a046211a5c5836ae663a504098804d..8ce7da7ee9cac0f059ef72eddb681aefa532ece0 100644
--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@@ -120,7 +120,7 @@
 
 - name: Stop if bad hostname
   assert:
-    that: inventory_hostname | match("[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$")
+    that: inventory_hostname is match("[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$")
     msg: "Hostname must consist of lower case alphanumeric characters, '.' or '-', and must start and end with an alphanumeric character"
   ignore_errors: "{{ ignore_assert_errors }}"
 
diff --git a/roles/kubernetes/preinstall/tasks/0090-etchosts.yml b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
index 405c885f0d0fe6fd728918de31788888d52088b3..69626833fce2cf516d2fc428c345f52083173353 100644
--- a/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
+++ b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
@@ -37,7 +37,7 @@
   with_items: "{{ (etc_hosts_content['content'] | b64decode).split('\n') }}"
   when:
     - etc_hosts_content.content is defined
-    - (item|match('^::1 .*') or item|match('^127.0.0.1 .*'))
+    - (item is match('^::1 .*') or item is match('^127.0.0.1 .*'))
 
 - name: Hosts | Update target hosts file entries dict with required entries
   set_fact:
diff --git a/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml b/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml
index 91fb9c694402e59e0869a7d15b7674d37b79968d..652223a946c45554e3aa099a971f3f786587d412 100644
--- a/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml
+++ b/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml
@@ -19,7 +19,3 @@
     state: absent
   when: dhclienthookfile is defined
   notify: Preinstall | restart network
-
-# We need to make sure the network is restarted early enough so that docker can later pick up the correct system
-# nameservers and search domains
-- meta: flush_handlers
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index 96cde3bb24fa6d4982e994d62e44f503518fd4af..2505101e82757f8e00f758decce2cdb0e0574070 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -59,6 +59,10 @@
     - bootstrap-os
     - resolvconf
 
+# We need to make sure the network is restarted early enough so that docker can later pick up the correct system
+# nameservers and search domains
+- meta: flush_handlers
+
 - name: Check if we are running inside a Azure VM
   stat:
     path: /var/lib/waagent/
diff --git a/roles/network_plugin/calico/tasks/check.yml b/roles/network_plugin/calico/tasks/check.yml
index 0482432d78bc8cf1ef44f799e68647f2a681b6aa..bcfe252368b0b0aa33775887177b0199a7449dcd 100644
--- a/roles/network_plugin/calico/tasks/check.yml
+++ b/roles/network_plugin/calico/tasks/check.yml
@@ -3,7 +3,7 @@
   assert:
     that:
       - "calico_pool_name is defined"
-      - "calico_pool_name | match('^[a-zA-Z0-9-_\\\\.]{2,63}$')"
+      - "calico_pool_name is match('^[a-zA-Z0-9-_\\\\.]{2,63}$')"
       - "ipip_mode is defined"
       - "ipip_mode in ['Always', 'CrossSubnet', 'Never']"
     msg: "Check variable definitions seems something is wrong"