diff --git a/cluster/juju/layers/kubernetes-master/config.yaml b/cluster/juju/layers/kubernetes-master/config.yaml
index 18b2b691d5..4001cd979a 100644
--- a/cluster/juju/layers/kubernetes-master/config.yaml
+++ b/cluster/juju/layers/kubernetes-master/config.yaml
@@ -3,6 +3,10 @@ options:
     type: boolean
     default: True
     description: Deploy the Kubernetes Dashboard and Heapster addons
+  enable-kube-dns:
+    type: boolean
+    default: True
+    description: Deploy kube-dns addon
   dns_domain:
     type: string
     default: cluster.local
diff --git a/cluster/juju/layers/kubernetes-master/reactive/kubernetes_master.py b/cluster/juju/layers/kubernetes-master/reactive/kubernetes_master.py
index 32972b18b0..6980bd50bd 100644
--- a/cluster/juju/layers/kubernetes-master/reactive/kubernetes_master.py
+++ b/cluster/juju/layers/kubernetes-master/reactive/kubernetes_master.py
@@ -467,10 +467,10 @@ def etcd_data_change(etcd):
 @when('cdk-addons.configured')
 def send_cluster_dns_detail(kube_control):
     ''' Send cluster DNS info '''
-    # Note that the DNS server doesn't necessarily exist at this point. We know
-    # where we're going to put it, though, so let's send the info anyway.
-    dns_ip = get_dns_ip()
-    kube_control.set_dns(53, hookenv.config('dns_domain'), dns_ip)
+    enableKubeDNS = hookenv.config('enable-kube-dns')
+    dnsDomain = hookenv.config('dns_domain')
+    dns_ip = None if not enableKubeDNS else get_dns_ip()
+    kube_control.set_dns(53, dnsDomain, dns_ip, enableKubeDNS)
 
 
 @when('kube-control.connected')
@@ -592,11 +592,12 @@ def configure_cdk_addons():
     ''' Configure CDK addons '''
     remove_state('cdk-addons.configured')
     dbEnabled = str(hookenv.config('enable-dashboard-addons')).lower()
+    dnsEnabled = str(hookenv.config('enable-kube-dns')).lower()
     args = [
         'arch=' + arch(),
-        'dns-ip=' + get_dns_ip(),
         'dns-domain=' + hookenv.config('dns_domain'),
-        'enable-dashboard=' + dbEnabled
+        'enable-dashboard=' + dbEnabled,
+        'enable-kube-dns=' + dnsEnabled
     ]
     check_call(['snap', 'set', 'cdk-addons'] + args)
     if not addons_ready():
@@ -963,11 +964,10 @@ def create_kubeconfig(kubeconfig, server, ca, key=None, certificate=None,
 
 
 def get_dns_ip():
-    '''Get an IP address for the DNS server on the provided cidr.'''
-    interface = ipaddress.IPv4Interface(service_cidr())
-    # Add .10 at the end of the network
-    ip = interface.network.network_address + 10
-    return ip.exploded
+    cmd = "kubectl get service --namespace kube-system kube-dns --output json"
+    output = check_output(cmd, shell=True).decode()
+    svc = json.loads(output)
+    return svc['spec']['clusterIP']
 
 
 def get_kubernetes_service_ip():
diff --git a/cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py b/cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py
index 2071c687b7..6e7c97bdf9 100644
--- a/cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py
+++ b/cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py
@@ -545,7 +545,6 @@ def configure_kubelet(dns):
     kubelet_opts['v'] = '0'
     kubelet_opts['address'] = '0.0.0.0'
     kubelet_opts['port'] = '10250'
-    kubelet_opts['cluster-dns'] = dns['sdn-ip']
     kubelet_opts['cluster-domain'] = dns['domain']
     kubelet_opts['anonymous-auth'] = 'false'
     kubelet_opts['client-ca-file'] = ca_cert_path
@@ -554,6 +553,9 @@ def configure_kubelet(dns):
     kubelet_opts['logtostderr'] = 'true'
     kubelet_opts['fail-swap-on'] = 'false'
 
+    if (dns['enable-kube-dns']):
+        kubelet_opts['cluster-dns'] = dns['sdn-ip']
+
     privileged = is_state('kubernetes-worker.privileged')
     kubelet_opts['allow-privileged'] = 'true' if privileged else 'false'