diff --git a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
index 881f850df..40d8ff88e 100644
--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@@ -109,7 +109,7 @@
 - name: Stop if RBAC and anonymous-auth are not enabled when insecure port is disabled
   assert:
     that: rbac_enabled and kube_api_anonymous_auth
-  when: kube_apiserver_insecure_port == 0
+  when: kube_apiserver_insecure_port == 0 and inventory_hostname in groups['kube-master']
   ignore_errors: "{{ ignore_assert_errors }}"
 
 - name: Stop if kernel version is too low
diff --git a/roles/reset/tasks/main.yml b/roles/reset/tasks/main.yml
index ca54c51c4..e3a586a7a 100644
--- a/roles/reset/tasks/main.yml
+++ b/roles/reset/tasks/main.yml
@@ -110,12 +110,18 @@
 - name: Clear IPVS virtual server table
   shell: "ipvsadm -C"
   when:
-    - kube_proxy_mode == 'ipvs'
+    - kube_proxy_mode == 'ipvs' and inventory_hostname in groups['k8s-cluster']
+
+- name: reset | check kube-ipvs0 network device
+  stat:
+    path: /sys/class/net/kube-ipvs0
+  register: kube_ipvs0
 
 - name: reset | Remove kube-ipvs0
   command: "ip link del kube-ipvs0"
   when:
     - kube_proxy_mode == 'ipvs'
+    - kube_ipvs0.stat.exists
 
 - name: reset | delete some files and directories
   file: