diff --git a/playbooks/04.kube-master.yml b/playbooks/04.kube-master.yml
index 8d7e993..2d3e704 100644
--- a/playbooks/04.kube-master.yml
+++ b/playbooks/04.kube-master.yml
@@ -6,10 +6,12 @@
   - kube-node
   tasks:
   - name: Making master nodes SchedulingDisabled
-    shell: "{{ bin_dir }}/kubectl cordon {{ inventory_hostname }} "
+    shell: "{{ base_dir }}/bin/kubectl cordon {{ inventory_hostname }} "
     when: "inventory_hostname not in groups['kube_node']"
     ignore_errors: true
+    connection: local
 
   - name: Setting master role name 
-    shell: "{{ bin_dir }}/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite"
+    shell: "{{ base_dir }}/bin/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite"
     ignore_errors: true
+    connection: local
diff --git a/playbooks/23.addmaster.yml b/playbooks/23.addmaster.yml
index 9dba6fe..2b3ca04 100644
--- a/playbooks/23.addmaster.yml
+++ b/playbooks/23.addmaster.yml
@@ -18,10 +18,12 @@
   # 
   tasks:
   - name: Making master nodes SchedulingDisabled
-    shell: "{{ bin_dir }}/kubectl cordon {{ NODE_TO_ADD }} "
+    shell: "{{ base_dir }}/bin/kubectl cordon {{ NODE_TO_ADD }} "
     when: "inventory_hostname not in groups['kube_node']"
     ignore_errors: true
+    connection: local
 
   - name: Setting master role name
-    shell: "{{ bin_dir }}/kubectl label node {{ NODE_TO_ADD }} kubernetes.io/role=master --overwrite"
+    shell: "{{ base_dir }}/bin/kubectl label node {{ NODE_TO_ADD }} kubernetes.io/role=master --overwrite"
     ignore_errors: true
+    connection: local
diff --git a/playbooks/90.setup.yml b/playbooks/90.setup.yml
index 972cece..65ea1a1 100644
--- a/playbooks/90.setup.yml
+++ b/playbooks/90.setup.yml
@@ -43,13 +43,15 @@
   - kube-node
   tasks:
   - name: Making master nodes SchedulingDisabled
-    shell: "{{ bin_dir }}/kubectl cordon {{ inventory_hostname }} "
+    shell: "{{ base_dir }}/bin/kubectl cordon {{ inventory_hostname }} "
     when: "inventory_hostname not in groups['kube_node']" 
     ignore_errors: true
+    connection: local
 
   - name: Setting master role name
-    shell: "{{ bin_dir }}/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite"
+    shell: "{{ base_dir }}/bin/kubectl label node {{ inventory_hostname }} kubernetes.io/role=master --overwrite"
     ignore_errors: true
+    connection: local
 
 # to set up 'kube_node' nodes
 - hosts: kube_node
diff --git a/roles/kube-master/tasks/main.yml b/roles/kube-master/tasks/main.yml
index 59fdef9..3927c67 100644
--- a/roles/kube-master/tasks/main.yml
+++ b/roles/kube-master/tasks/main.yml
@@ -7,9 +7,6 @@
   - kubectl
   tags: upgrade_k8s
 
-- name: 分发 kubeconfig配置文件
-  copy: src={{ cluster_dir }}/kubectl.kubeconfig dest=/root/.kube/config mode=0400
-
 - name: 分发controller/scheduler kubeconfig配置文件
   copy: src={{ cluster_dir }}/{{ item }} dest=/etc/kubernetes/{{ item }}
   with_items:
@@ -68,7 +65,6 @@
     regexp: "^    server"
     line: "    server: https://127.0.0.1:{{ SECURE_PORT }}"
   with_items:
-  - "/root/.kube/config"
   - "/etc/kubernetes/kube-controller-manager.kubeconfig"
   - "/etc/kubernetes/kube-scheduler.kubeconfig"
 
@@ -116,20 +112,31 @@
   delay: 3
   tags: upgrade_k8s, restart_master
 
-- name: 以轮询的方式等待master服务启动完成
-  command: "{{ bin_dir }}/kubectl get node"
-  register: result
-  until:    result.rc == 0
-  retries:  5
-  delay: 6
-  tags: upgrade_k8s, restart_master
+- block:
+    - name: 复制kubectl.kubeconfig
+      shell: 'cd {{ cluster_dir }} && cp -f kubectl.kubeconfig {{ inventory_hostname }}-kubectl.kubeconfig'
 
-- name: 获取user:kubernetes是否已经绑定对应角色
-  shell: "{{ bin_dir }}/kubectl get clusterrolebindings|grep kubernetes-crb || echo 'notfound'"
-  register: crb_info
-  run_once: true
+    - name: 替换 kubeconfig 的 apiserver 地址
+      lineinfile:
+        dest: "{{ cluster_dir }}/{{ inventory_hostname }}-kubectl.kubeconfig"
+        regexp: "^    server"
+        line: "    server: https://{{ inventory_hostname }}:{{ SECURE_PORT }}"
 
-- name: 创建user:kubernetes角色绑定
-  command: "{{ bin_dir }}/kubectl create clusterrolebinding kubernetes-crb --clusterrole=cluster-admin --user=kubernetes"
-  run_once: true
-  when: "'notfound' in crb_info.stdout"
+    - name: 轮询等待master服务启动完成
+      command: "{{ base_dir }}/bin/kubectl --kubeconfig={{ cluster_dir }}/{{ inventory_hostname }}-kubectl.kubeconfig get node"
+      register: result
+      until:    result.rc == 0
+      retries:  5
+      delay: 6
+      tags: upgrade_k8s, restart_master
+
+    - name: 获取user:kubernetes是否已经绑定对应角色
+      shell: "{{ base_dir }}/bin/kubectl get clusterrolebindings|grep kubernetes-crb || echo 'notfound'"
+      register: crb_info
+      run_once: true
+
+    - name: 创建user:kubernetes角色绑定
+      command: "{{ base_dir }}/bin/kubectl create clusterrolebinding kubernetes-crb --clusterrole=cluster-admin --user=kubernetes"
+      run_once: true
+      when: "'notfound' in crb_info.stdout"
+  connection: local