diff --git a/apis/management.cattle.io/v3/k8s_defaults.go b/apis/management.cattle.io/v3/k8s_defaults.go
index 2a258a6a..c94d543f 100644
--- a/apis/management.cattle.io/v3/k8s_defaults.go
+++ b/apis/management.cattle.io/v3/k8s_defaults.go
@@ -14,6 +14,11 @@ var (
 		K8sV110: v110SystemImages,
 	}
 
+	// K8sVersionServiceOptions - service options per k8s version
+	K8sVersionServiceOptions = map[string]KubernetesServicesOptions{
+		K8sV110: v110ServiceOptions,
+	}
+
 	// K8SVersionToSystemImages16 - images map for 1.6. Keeping it sepate in case we have to diverge
 	K8SVersionToSystemImages16 = map[string]RKESystemImages{
 		K8sV18:  v18SystemImages,
@@ -136,4 +141,14 @@ var (
 		Tiller:                    "rancher/tiller:v2.8.2",
 		Dashboard:                 "rancher/kubernetes-dashboard-amd64:v1.8.3",
 	}
+
+	// v110 service options
+	v110ServiceOptions = KubernetesServicesOptions{
+		KubeAPI: map[string]string{
+			"tls-cipher-suites": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
+		},
+		Kubelet: map[string]string{
+			"tls-cipher-suites": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
+		},
+	}
 )
diff --git a/apis/management.cattle.io/v3/rke_types.go b/apis/management.cattle.io/v3/rke_types.go
index 2b535e0e..68468584 100644
--- a/apis/management.cattle.io/v3/rke_types.go
+++ b/apis/management.cattle.io/v3/rke_types.go
@@ -409,3 +409,16 @@ type FlannelNetworkProvider struct {
 
 type CanalNetworkProvider struct {
 }
+
+type KubernetesServicesOptions struct {
+	// Additional options passed to KubeAPI
+	KubeAPI map[string]string `json:"kubeapi"`
+	// Additional options passed to Kubelet
+	Kubelet map[string]string `json:"kubelet"`
+	// Additional options passed to Kubeproxy
+	Kubeproxy map[string]string `json:"kubeproxy"`
+	// Additional options passed to KubeController
+	KubeController map[string]string `json:"kubeController"`
+	// Additional options passed to Scheduler
+	Scheduler map[string]string `json:"scheduler"`
+}