diff --git a/roles/kubernetes-apps/cluster_roles/tasks/main.yml b/roles/kubernetes-apps/cluster_roles/tasks/main.yml
index b58670c0f0de8176fc6138c574cce0907c676f5f..3f696a9fec1f734edd3d21a262ba0afc97c4a1b3 100644
--- a/roles/kubernetes-apps/cluster_roles/tasks/main.yml
+++ b/roles/kubernetes-apps/cluster_roles/tasks/main.yml
@@ -20,7 +20,7 @@
 
 - name: Apply workaround to allow all nodes with cert O=system:nodes to register
   kube:
-    name: "system:node"
+    name: "kubespray:system:node"
     kubectl: "{{bin_dir}}/kubectl"
     resource: "clusterrolebinding"
     filename: "{{ kube_config_dir }}/node-crb.yml"
diff --git a/roles/kubernetes-apps/cluster_roles/templates/node-crb.yml.j2 b/roles/kubernetes-apps/cluster_roles/templates/node-crb.yml.j2
index 98e82dff7f296156874c31594dd577fc388161e7..9a4a3c46e103e4fde4d61ee99e94f13eb8daff28 100644
--- a/roles/kubernetes-apps/cluster_roles/templates/node-crb.yml.j2
+++ b/roles/kubernetes-apps/cluster_roles/templates/node-crb.yml.j2
@@ -6,7 +6,7 @@ metadata:
     rbac.authorization.kubernetes.io/autoupdate: "true"
   labels:
     kubernetes.io/bootstrapping: rbac-defaults
-  name: system:node
+  name: kubespray:system:node
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole