diff --git a/docs/dns-stack.md b/docs/dns-stack.md
index f4de31544b58fd2362a54a1fb4497a70ddd3590f..6215114af40e5e45a0a873917d869c27e65310d0 100644
--- a/docs/dns-stack.md
+++ b/docs/dns-stack.md
@@ -50,7 +50,7 @@ DNS modes supported by Kubespray
 You can modify how Kubespray sets up DNS for your cluster with the variables ``dns_mode`` and ``resolvconf_mode``.
 
 ## dns_mode
-``dns_mode`` configures how Kubespray will setup cluster DNS. There are three modes available:
+``dns_mode`` configures how Kubespray will setup cluster DNS. There are four modes available:
 
 #### dnsmasq_kubedns (default)
 This installs an additional dnsmasq DaemonSet which gives more flexibility and lifts some
@@ -62,6 +62,12 @@ other queries are forwardet to the nameservers found in ``upstream_dns_servers``
 This does not install the dnsmasq DaemonSet and instructs kubelet to directly use kubedns/skydns for
 all queries.
 
+#### manual
+This does not install dnsmasq or kubedns, but allows you to specify
+`manual_dns_server`, which will be configured on nodes for handling Pod DNS.
+Use this method if you plan to install your own DNS server in the cluster after
+initial deployment.
+
 #### none
 This does not install any of dnsmasq and kubedns/skydns. This basically disables cluster DNS completely and
 leaves you with a non functional cluster.
diff --git a/inventory/group_vars/k8s-cluster.yml b/inventory/group_vars/k8s-cluster.yml
index 4d767d702296aad0d43821ac3dda7e16f94ebb39..1411bd4782e37dd2fd7aed011f59ad8c243dfa7b 100644
--- a/inventory/group_vars/k8s-cluster.yml
+++ b/inventory/group_vars/k8s-cluster.yml
@@ -112,8 +112,11 @@ kube_apiserver_insecure_port: 8080 # (http)
 cluster_name: cluster.local
 # Subdomains of DNS domain to be resolved via /etc/resolv.conf for hostnet pods
 ndots: 2
-# Can be dnsmasq_kubedns, kubedns or none
+# Can be dnsmasq_kubedns, kubedns, manual or none
 dns_mode: kubedns
+# Set manual server if using a custom cluster DNS server
+#manual_dns_server: 10.x.x.x
+
 # Can be docker_dns, host_resolvconf or none
 resolvconf_mode: docker_dns
 # Deploy netchecker app to verify DNS resolve as an HTTP service
diff --git a/roles/docker/tasks/set_facts_dns.yml b/roles/docker/tasks/set_facts_dns.yml
index bcec0bf710147d2ea118b3b6e431796d2c229445..ad30ba47fb439f6ecd6ef34858021ae1c0ab537d 100644
--- a/roles/docker/tasks/set_facts_dns.yml
+++ b/roles/docker/tasks/set_facts_dns.yml
@@ -7,6 +7,8 @@
         {{ [ skydns_server ] }}
       {%- elif dns_mode == 'dnsmasq_kubedns' -%}
         {{ [ dnsmasq_dns_server ] }}
+      {%- elif dns_mode == 'manual' -%}
+        {{ [ manual_dns_server ] }}
       {%- endif -%}
 
 - name: set base docker dns facts
diff --git a/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2 b/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
index a1429c82153799619ddaf993b80192a3939b3eec..0846cdb8237afc13eaa5049ed2309285e412520b 100644
--- a/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
+++ b/roles/kubernetes/node/templates/kubelet.kubeadm.env.j2
@@ -50,6 +50,8 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
 {% set kubelet_args_cluster_dns %}--cluster-dns={{ skydns_server }}{% endset %}
 {% elif dns_mode == 'dnsmasq_kubedns' %}
 {% set kubelet_args_cluster_dns %}--cluster-dns={{ dnsmasq_dns_server }}{% endset %}
+{% elif dns_mode == 'manual' %}
+{% set kubelet_args_cluster_dns %}--cluster-dns={{ manual_dns_server }}{% endset %}
 {% else %}
 {% set kubelet_args_cluster_dns %}{% endset %}
 {% endif %}
diff --git a/roles/kubernetes/node/templates/kubelet.standard.env.j2 b/roles/kubernetes/node/templates/kubelet.standard.env.j2
index fbb63760432640d9ae21206d7c24db48a8acbc94..959769b3a30db3059bb2e82253c60310bbd53c26 100644
--- a/roles/kubernetes/node/templates/kubelet.standard.env.j2
+++ b/roles/kubernetes/node/templates/kubelet.standard.env.j2
@@ -39,6 +39,8 @@ KUBELET_HOSTNAME="--hostname-override={{ kube_override_hostname }}"
 {% set kubelet_args_cluster_dns %}--cluster-dns={{ skydns_server }}{% endset %}
 {% elif dns_mode == 'dnsmasq_kubedns' %}
 {% set kubelet_args_cluster_dns %}--cluster-dns={{ dnsmasq_dns_server }}{% endset %}
+{% elif dns_mode == 'manual' %}
+{% set kubelet_args_cluster_dns %}--cluster-dns={{ manual_dns_server }}{% endset %}
 {% else %}
 {% set kubelet_args_cluster_dns %}{% endset %}
 {% endif %}
diff --git a/roles/kubernetes/preinstall/tasks/set_resolv_facts.yml b/roles/kubernetes/preinstall/tasks/set_resolv_facts.yml
index 65d351857726fc7c339e1138d7af25b0caadfd17..b13d49b07971c7f6eb856afc7a7d57db8fbfd8e6 100644
--- a/roles/kubernetes/preinstall/tasks/set_resolv_facts.yml
+++ b/roles/kubernetes/preinstall/tasks/set_resolv_facts.yml
@@ -95,6 +95,8 @@
     dnsmasq_server: |-
       {%- if dns_mode == 'kubedns' and not dns_early|bool -%}
         {{ [ skydns_server ] + upstream_dns_servers|default([]) }}
+      {%- elif dns_mode == 'manual' and not dns_early|bool -%}
+        {{ [ manual_dns_server ] + upstream_dns_servers|default([]) }}
       {%- elif dns_early|bool -%}
         {{ upstream_dns_servers|default([]) }}
       {%- else -%}
diff --git a/roles/kubespray-defaults/defaults/main.yaml b/roles/kubespray-defaults/defaults/main.yaml
index f57cd5b27e085f2bce4b10f17008903d68a802ba..b2f1935e3055feca135e5cad4a498a5185d3acbf 100644
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -33,8 +33,12 @@ retry_stagger: 5
 cluster_name: cluster.local
 # Subdomains of DNS domain to be resolved via /etc/resolv.conf for hostnet pods
 ndots: 2
-# Can be dnsmasq_kubedns, kubedns or none
+# Can be dnsmasq_kubedns, kubedns, manual or none
 dns_mode: kubedns
+
+# Should be set to a cluster IP if using a custom cluster DNS
+# manual_dns_server: 10.x.x.x
+
 # Can be docker_dns, host_resolvconf or none
 resolvconf_mode: docker_dns
 # Deploy netchecker app to verify DNS resolve as an HTTP service