diff --git a/ENVIRONMENT.rst b/ENVIRONMENT.rst
index f791a75de..1ad827829 100644
--- a/ENVIRONMENT.rst
+++ b/ENVIRONMENT.rst
@@ -104,6 +104,7 @@ Environment Configuration Settings
 - **KUBERNETES_ROLE_LABEL**: name of the label containing Postgres role when running on Kubernetens. Default is 'spilo-role'.
 - **KUBERNETES_SCOPE_LABEL**: name of the label containing cluster name. Default is 'version'.
 - **KUBERNETES_LABELS**: a JSON describing names and values of other labels used by Patroni on Kubernetes to locate its metadata. Default is '{"application": "spilo"}'.
+- **KUBERNETES_CLUSTER_DOMAIN**: DNS domain for the kubernetes cluster. Default is 'cluster.local'.
 - **INITDB_LOCALE**: database cluster's default UTF-8 locale (en_US by default)
 - **ENABLE_WAL_PATH_COMPAT**: old Spilo images were generating wal path in the backup store using the following template ``/spilo/{WAL_BUCKET_SCOPE_PREFIX}{SCOPE}{WAL_BUCKET_SCOPE_SUFFIX}/wal/``, while new images adding one additional directory (``{PGVERSION}``) to the end. In order to avoid (unlikely) issues with restoring WALs (from S3/GC/and so on) when switching to ``spilo-13`` please set the ``ENABLE_WAL_PATH_COMPAT=true`` when deploying old cluster with ``spilo-13`` for the first time. After that the environment variable could be removed. Change of the WAL path also mean that backups stored in the old location will not be cleaned up automatically.
 - **WALE_DISABLE_S3_SSE**, **WALG_DISABLE_S3_SSE**: by default wal-e/wal-g are configured to encrypt files uploaded to S3. In order to disable it you can set this environment variable to ``true``.
diff --git a/postgres-appliance/runit/patroni/run b/postgres-appliance/runit/patroni/run
index c92fe9708..56126b7c1 100755
--- a/postgres-appliance/runit/patroni/run
+++ b/postgres-appliance/runit/patroni/run
@@ -24,7 +24,7 @@ then
 fi
 
 # Only small subset of environment variables is allowed. We don't want accidentally disclose sensitive information
-for E in $(printenv -0 | tr '\n' ' ' | sed 's/\x00/\n/g' | grep -vE '^(KUBERNETES_(SERVICE|PORT|ROLE)[_=]|((POD_(IP|NAMESPACE))|HOSTNAME|PATH|PGHOME|LC_ALL|ENABLE_PG_MON)=)' | sed 's/=.*//g'); do
+for E in $(printenv -0 | tr '\n' ' ' | sed 's/\x00/\n/g' | grep -vE '^(KUBERNETES_(SERVICE|PORT|ROLE|CLUSTER)[_=]|((POD_(IP|NAMESPACE))|HOSTNAME|PATH|PGHOME|LC_ALL|ENABLE_PG_MON)=)' | sed 's/=.*//g'); do
     unset $E
 done
 
diff --git a/postgres-appliance/scripts/callback_role.py b/postgres-appliance/scripts/callback_role.py
index 393b069ce..a40e40cd0 100755
--- a/postgres-appliance/scripts/callback_role.py
+++ b/postgres-appliance/scripts/callback_role.py
@@ -13,8 +13,9 @@
 KUBE_NAMESPACE_FILENAME = KUBE_SERVICE_DIR + 'namespace'
 KUBE_TOKEN_FILENAME = KUBE_SERVICE_DIR + 'token'
 KUBE_CA_CERT = KUBE_SERVICE_DIR + 'ca.crt'
+KUBE_CLUSTER_DOMAIN = os.environ.get("KUBERNETES_CLUSTER_DOMAIN", 'cluster.local')
 
-KUBE_API_URL = 'https://kubernetes.default.svc.cluster.local/api/v1/namespaces'
+KUBE_API_URL = 'https://kubernetes.default.svc.' + KUBE_CLUSTER_DOMAIN + '/api/v1/namespaces'
 
 logger = logging.getLogger(__name__)
 
diff --git a/postgres-appliance/scripts/configure_spilo.py b/postgres-appliance/scripts/configure_spilo.py
index fa2f3ca9c..598b99440 100755
--- a/postgres-appliance/scripts/configure_spilo.py
+++ b/postgres-appliance/scripts/configure_spilo.py
@@ -577,6 +577,7 @@ def get_placeholders(provider):
     placeholders.setdefault('PAM_OAUTH2', '')
     placeholders.setdefault('CALLBACK_SCRIPT', '')
     placeholders.setdefault('DCS_ENABLE_KUBERNETES_API', '')
+    placeholders.setdefault('KUBERNETES_CLUSTER_DOMAIN', 'cluster.local')
     placeholders.setdefault('KUBERNETES_ROLE_LABEL', 'spilo-role')
     placeholders.setdefault('KUBERNETES_SCOPE_LABEL', 'version')
     placeholders.setdefault('KUBERNETES_LABELS', KUBERNETES_DEFAULT_LABELS)