diff --git a/roles/kubernetes-apps/ansible/defaults/main.yml b/roles/kubernetes-apps/ansible/defaults/main.yml
index 8aa767f99f786d7579ca29b45ad40f6484e47c64..e743037f9943de5d45c1d58aa8eb5eb22bdc75a2 100644
--- a/roles/kubernetes-apps/ansible/defaults/main.yml
+++ b/roles/kubernetes-apps/ansible/defaults/main.yml
@@ -1,5 +1,8 @@
 ---
 # Limits for coredns
+
+# uncomment the line below to customize the DNS cpu limit value
+# dns_cpu_limit: 300m
 dns_memory_limit: 300Mi
 dns_cpu_requests: 100m
 dns_memory_requests: 70Mi
diff --git a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2 b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
index 316425bfd91abda8f351178d1292614697f4dcca..6cb760434386cfeb5232110c33da0ed296920ee1 100644
--- a/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
+++ b/roles/kubernetes-apps/ansible/templates/coredns-deployment.yml.j2
@@ -65,6 +65,9 @@ spec:
           # guaranteed class. Currently, this container falls into the
           # "burstable" category so the kubelet doesn't backoff from restarting it.
           limits:
+{% if dns_cpu_limit is defined %}
+            cpu: {{ dns_cpu_limit }}
+{% endif %}
             memory: {{ dns_memory_limit }}
           requests:
             cpu: {{ dns_cpu_requests }}