diff --git a/inventory/sample/group_vars/k8s_cluster/addons.yml b/inventory/sample/group_vars/k8s_cluster/addons.yml
index cc4478c4c..32892923f 100644
--- a/inventory/sample/group_vars/k8s_cluster/addons.yml
+++ b/inventory/sample/group_vars/k8s_cluster/addons.yml
@@ -14,7 +14,7 @@ registry_enabled: false
 
 # Metrics Server deployment
 metrics_server_enabled: false
-# metrics_server_container_port: 4443
+# metrics_server_container_port: 10250
 # metrics_server_kubelet_insecure_tls: true
 # metrics_server_metric_resolution: 15s
 # metrics_server_kubelet_preferred_address_types: "InternalIP,ExternalIP,Hostname"
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index a3893d789..428e7ce62 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -1079,7 +1079,7 @@ dnsautoscaler_image_tag: "{{ dnsautoscaler_version }}"
 registry_version: "2.8.1"
 registry_image_repo: "{{ docker_image_repo }}/library/registry"
 registry_image_tag: "{{ registry_version }}"
-metrics_server_version: "v0.6.2"
+metrics_server_version: "v0.6.3"
 metrics_server_image_repo: "{{ kube_image_repo }}/metrics-server/metrics-server"
 metrics_server_image_tag: "{{ metrics_server_version }}"
 local_volume_provisioner_version: "v2.5.0"
diff --git a/roles/kubernetes-apps/metrics_server/defaults/main.yml b/roles/kubernetes-apps/metrics_server/defaults/main.yml
index 993eed6c1..934e67b75 100644
--- a/roles/kubernetes-apps/metrics_server/defaults/main.yml
+++ b/roles/kubernetes-apps/metrics_server/defaults/main.yml
@@ -1,5 +1,5 @@
 ---
-metrics_server_container_port: 4443
+metrics_server_container_port: 10250
 metrics_server_kubelet_insecure_tls: true
 metrics_server_kubelet_preferred_address_types: "InternalIP,ExternalIP,Hostname"
 metrics_server_metric_resolution: 15s
diff --git a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2 b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
index 686cde0fc..db9498bfd 100644
--- a/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
+++ b/roles/kubernetes-apps/metrics_server/templates/metrics-server-deployment.yaml.j2
@@ -23,8 +23,6 @@ spec:
       labels:
         app.kubernetes.io/name: metrics-server
         version: {{ metrics_server_version }}
-      annotations:
-        seccomp.security.alpha.kubernetes.io/pod: 'runtime/default'
     spec:
       priorityClassName: system-cluster-critical
       serviceAccountName: metrics-server
@@ -70,10 +68,14 @@ spec:
           initialDelaySeconds: 40
         securityContext:
           readOnlyRootFilesystem: true
-          runAsGroup: 10001
           runAsNonRoot: true
-          runAsUser: 10001
+          runAsUser: 1000
           allowPrivilegeEscalation: false
+          seccompProfile:
+            type: RuntimeDefault
+          capabilities:
+            drop:
+              - ALL
         resources:
           limits:
             cpu: {{ metrics_server_limits_cpu }}
diff --git a/roles/kubernetes-apps/metrics_server/templates/resource-reader.yaml.j2 b/roles/kubernetes-apps/metrics_server/templates/resource-reader.yaml.j2
index 3d9ea8118..9c4a3b752 100644
--- a/roles/kubernetes-apps/metrics_server/templates/resource-reader.yaml.j2
+++ b/roles/kubernetes-apps/metrics_server/templates/resource-reader.yaml.j2
@@ -5,13 +5,18 @@ metadata:
   labels:
     addonmanager.kubernetes.io/mode: Reconcile
 rules:
-  - apiGroups:
-      - ""
-    resources:
-      - pods
-      - nodes
-      - nodes/metrics
-    verbs:
-      - get
-      - list
-      - watch
+- apiGroups:
+  - ""
+  resources:
+  - nodes/metrics
+  verbs:
+  - get
+- apiGroups:
+  - ""
+  resources:
+  - pods
+  - nodes
+  verbs:
+  - get
+  - list
+  - watch