diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml
index 15e0c18ab..80e23e3db 100644
--- a/roles/network_plugin/calico/defaults/main.yml
+++ b/roles/network_plugin/calico/defaults/main.yml
@@ -127,3 +127,6 @@ calico_felix_log_severity_screen: Info
 
 # Calico container settings
 calico_allow_ip_forwarding: false
+
+# Calico IPAM strictaffinity
+calico_ipam_strictaffinity: false
diff --git a/roles/network_plugin/calico/tasks/install.yml b/roles/network_plugin/calico/tasks/install.yml
index 5df4ee2b1..c7f21ab1e 100644
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@@ -441,3 +441,14 @@
   when:
     - peer_with_router|default(false)
     - inventory_hostname in groups['k8s_cluster']
+
+- name: Calico | Configure ipam strictaffinity
+  command:
+    cmd: "{{ bin_dir }}/calicoctl.sh ipam configure --strictaffinity={{ calico_ipam_strictaffinity }}"
+  register: output
+  retries: 4
+  until: output.rc == 0
+  delay: "{{ retry_stagger | random + 3 }}"
+  when:
+    - calico_ipam_strictaffinity is defined
+    - inventory_hostname in groups['k8s_cluster']