diff --git a/roles/kubernetes/kubeadm/defaults/main.yml b/roles/kubernetes/kubeadm/defaults/main.yml
index be13b682bf4746362bf1ce8369665255e8a84043..c9871645854474b44d2ac41f1c65a4f04615280a 100644
--- a/roles/kubernetes/kubeadm/defaults/main.yml
+++ b/roles/kubernetes/kubeadm/defaults/main.yml
@@ -1,6 +1,8 @@
 ---
 # discovery_timeout modifies the discovery timeout
 discovery_timeout: 5m0s
+# Optionally remove kube_proxy installed by kubeadm
+kube_proxy_remove: false
 
 # If non-empty, will use this string as identification instead of the actual hostname
 kube_override_hostname: >-
diff --git a/roles/kubernetes/node/defaults/main.yml b/roles/kubernetes/node/defaults/main.yml
index 99c1b8c869c9d649814365e014c8a4cf0a574276..3500dc44b6bf05d6e3cd664fe5940fa8f176949d 100644
--- a/roles/kubernetes/node/defaults/main.yml
+++ b/roles/kubernetes/node/defaults/main.yml
@@ -30,6 +30,9 @@ kubelet_disable_shared_pid: true
 ### fail with swap on (default true)
 kubelet_fail_swap_on: true
 
+# Optionally remove kube_proxy installed by kubeadm
+kube_proxy_remove: false
+
 # Reserve this space for kube resources
 kube_memory_reserved: 256M
 kube_cpu_reserved: 100m
diff --git a/roles/kubernetes/preinstall/tasks/0040-set_facts.yml b/roles/kubernetes/preinstall/tasks/0040-set_facts.yml
index db3906432f13c84a49aa94fcd29b751a3c2042cf..e8fcd36e674644b8f1a412b7789c8bcfe3b0e5ea 100644
--- a/roles/kubernetes/preinstall/tasks/0040-set_facts.yml
+++ b/roles/kubernetes/preinstall/tasks/0040-set_facts.yml
@@ -159,13 +159,6 @@
         - ../vars
       skip: true
 
-- name: force kube_proxy removal if proxy services are replaced by other means
-  set_fact:
-    kube_proxy_remove: "{{ (kube_network_plugin == 'kube-router') and (kube_router_run_service_proxy is defined and kube_router_run_service_proxy)| bool }}"
-  tags:
-    - facts
-    - kube-proxy
-
 - name: override kube_proxy_mode to ipvs if kube_proxy_remove is set, as ipvs won't require kube-proxy cleanup when kube-proxy daemonset gets deleted
   set_fact:
     kube_proxy_mode: 'ipvs'
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index 05e7ec96ae5e2ff896f4f7fe26fb93ad465b5fad..b259bc57fc730083a0784cde22a8f6a87e98a535 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -17,6 +17,9 @@ kube_version: v1.13.3
 ## Kube Proxy mode One of ['iptables','ipvs']
 kube_proxy_mode: ipvs
 
+## Delete kube-proxy daemonset if kube_proxy_remove set, e.g. kube_network_plugin providing proxy services
+kube_proxy_remove: "{{ (kube_network_plugin == 'kube-router') and (kube_router_run_service_proxy is defined and kube_router_run_service_proxy)| bool }}"
+
 # A string slice of values which specify the addresses to use for NodePorts.
 # Values may be valid IP blocks (e.g. 1.2.3.0/24, 1.2.3.4/32).
 # The default empty string slice ([]) means to use all local addresses.
diff --git a/roles/win_nodes/kubernetes_patch/defaults/main.yml b/roles/win_nodes/kubernetes_patch/defaults/main.yml
index 587f73ab42b091af8a5ee54542040db31f0ad5e6..2dd8721b9a33172d79d5f16d180dd34717fae41e 100644
--- a/roles/win_nodes/kubernetes_patch/defaults/main.yml
+++ b/roles/win_nodes/kubernetes_patch/defaults/main.yml
@@ -1,3 +1,5 @@
 ---
 
 kubernetes_user_manifests_path: "{{ ansible_env.HOME }}/kube-manifests"
+# Optionally remove kube_proxy installed by kubeadm
+kube_proxy_remove: false