diff --git a/roles/etcd/templates/etcd-rkt.service.j2 b/roles/etcd/templates/etcd-rkt.service.j2
index 580804810..2e9e8be28 100644
--- a/roles/etcd/templates/etcd-rkt.service.j2
+++ b/roles/etcd/templates/etcd-rkt.service.j2
@@ -11,6 +11,8 @@ LimitNOFILE=40000
 
 ExecStart=/usr/bin/rkt run \
 --uuid-file-save=/var/run/etcd.uuid \
+--volume hosts,kind=host,source=/etc/hosts,readOnly=true \
+--mount volume=hosts,target=/etc/hosts \
 --volume=etc-ssl-certs,kind=host,source=/etc/ssl/certs,readOnly=true \
 --mount=volume=etc-ssl-certs,target=/etc/ssl/certs \
 --volume=etcd-cert-dir,kind=host,source={{ etcd_cert_dir }},readOnly=true \
diff --git a/roles/kubernetes/node/templates/kubelet.rkt.service.j2 b/roles/kubernetes/node/templates/kubelet.rkt.service.j2
index 522f58d8c..db7a4845c 100644
--- a/roles/kubernetes/node/templates/kubelet.rkt.service.j2
+++ b/roles/kubernetes/node/templates/kubelet.rkt.service.j2
@@ -16,6 +16,7 @@ EnvironmentFile={{kube_config_dir}}/kubelet.env
 # stage1-fly mounts /proc /sys /dev so no need to duplicate the mounts
 ExecStart=/usr/bin/rkt run \
         --volume os-release,kind=host,source=/etc/os-release,readOnly=true \
+        --volume hosts,kind=host,source=/etc/hosts,readOnly=true \
         --volume dns,kind=host,source=/etc/resolv.conf \
         --volume etc-kubernetes,kind=host,source={{ kube_config_dir }},readOnly=false \
         --volume etc-ssl-certs,kind=host,source=/etc/ssl/certs,readOnly=true \
@@ -47,6 +48,7 @@ ExecStart=/usr/bin/rkt run \
         --mount volume=var-lib-docker,target=/var/lib/docker \
         --mount volume=var-lib-kubelet,target=/var/lib/kubelet \
         --mount volume=var-log,target=/var/log \
+        --mount volume=hosts,target=/etc/hosts \
         --stage1-from-dir=stage1-fly.aci \
 {% if kube_hyperkube_image_repo == "docker" %}
         --insecure-options=image \
diff --git a/roles/vault/templates/rkt.service.j2 b/roles/vault/templates/rkt.service.j2
index b0e91dc0f..43dd8fc6d 100644
--- a/roles/vault/templates/rkt.service.j2
+++ b/roles/vault/templates/rkt.service.j2
@@ -14,6 +14,8 @@ LimitNOFILE=40000
 #   /vault/logs/    # Log files
 ExecStart=/usr/bin/rkt run \
 --insecure-options=image \
+--volume hosts,kind=host,source=/etc/hosts,readOnly=true \
+--mount volume=hosts,target=/etc/hosts \
 --volume=volume-vault-file,kind=host,source=/var/lib/vault \
 --volume=volume-vault-logs,kind=host,source={{ vault_log_dir }} \
 --volume=vault-cert-dir,kind=host,source={{ vault_cert_dir }} \