diff --git a/docs/dns-stack.md b/docs/dns-stack.md
index 09d60822712df1750f6aff43f4cfa4ca1242c66e..6e51504ab54d8456230765b5920d019bbfb9e298 100644
--- a/docs/dns-stack.md
+++ b/docs/dns-stack.md
@@ -143,6 +143,11 @@ coredns_default_zone_cache_block: |
   }
 ```
 
+### systemd_resolved_disable_stub_listener
+
+Whether or not to set `DNSStubListener=no` when using systemd-resolved. Defaults to `true` on Flatcar.
+You might need to set it to `true` if CoreDNS fails to start with `address already in use` errors.
+
 ## DNS modes supported by Kubespray
 
 You can modify how Kubespray sets up DNS for your cluster with the variables ``dns_mode`` and ``resolvconf_mode``.
diff --git a/roles/kubernetes/preinstall/defaults/main.yml b/roles/kubernetes/preinstall/defaults/main.yml
index 147039b0841fd7247463002a4bb2008af7bfcd3c..8839ec4668e6614a1877ecf59839fd705b5264c7 100644
--- a/roles/kubernetes/preinstall/defaults/main.yml
+++ b/roles/kubernetes/preinstall/defaults/main.yml
@@ -140,3 +140,6 @@ redhat_os_family_extensions:
 # Extending some distributions into the debian os family
 debian_os_family_extensions:
   - "UnionTech OS Server 20"
+
+# Sets DNSStubListener=no, useful if you get "0.0.0.0:53: bind: address already in use"
+systemd_resolved_disable_stub_listener: "{{ ansible_os_family in ['Flatcar', 'Flatcar Container Linux by Kinvolk'] }}"
diff --git a/roles/kubernetes/preinstall/templates/resolved.conf.j2 b/roles/kubernetes/preinstall/templates/resolved.conf.j2
index 901fd2473df8d6b29077b3e502596bfc0ebafbb1..0a3b40d84d2c9e46e23bcc1c7b4923688f35e41c 100644
--- a/roles/kubernetes/preinstall/templates/resolved.conf.j2
+++ b/roles/kubernetes/preinstall/templates/resolved.conf.j2
@@ -14,7 +14,7 @@ Domains={{ searchdomains|default([]) | join(' ') }}
 #MulticastDNS=no
 DNSSEC=no
 Cache=no-negative
-{% if ansible_os_family in ["Flatcar", "Flatcar Container Linux by Kinvolk"] %}
+{% if systemd_resolved_disable_stub_listener | bool %}
 DNSStubListener=no
 {% else %}
 #DNSStubListener=yes