diff --git a/playbooks/roles/base-server/files/95disable-recommends b/playbooks/roles/base-server/files/95disable-recommends
new file mode 100644
index 0000000000..c378775f89
--- /dev/null
+++ b/playbooks/roles/base-server/files/95disable-recommends
@@ -0,0 +1,2 @@
+APT::Install-Recommends "0";
+APT::Install-Suggests "0";
\ No newline at end of file
diff --git a/playbooks/roles/base-server/tasks/Debian.yaml b/playbooks/roles/base-server/tasks/Debian.yaml
index 7c0cf76ceb..5a708227bb 100644
--- a/playbooks/roles/base-server/tasks/Debian.yaml
+++ b/playbooks/roles/base-server/tasks/Debian.yaml
@@ -1,3 +1,11 @@
+- name: Disable install of additional recommends and suggests packages
+  copy:
+     mode: 0444
+     src: 95disable-recommends
+     dest: /etc/apt/apt.conf.d/
+     owner: root
+     group: root
+
 # NOTE(ianw) There are ordering issues with this.  Hopefully when
 # we're bionic only we can just remove ntp
 - name: Install NTP
diff --git a/testinfra/test_base.py b/testinfra/test_base.py
index 8560afcd41..1a99e6c345 100644
--- a/testinfra/test_base.py
+++ b/testinfra/test_base.py
@@ -162,3 +162,11 @@ def test_logrotate(host):
         assert cfg_file.exists
         assert cfg_file.contains('/var/log/ansible/run_all_cron.log')
 
+
+def test_no_recommends(host):
+    if host.system_info.distribution in ['ubuntu', 'debian']:
+        cfg_file = host.file("/etc/apt/apt.conf.d/95disable-recommends")
+        assert cfg_file.exists
+
+        assert cfg_file.contains('^APT::Install-Recommends "0"')
+        assert cfg_file.contains('^APT::Install-Suggests "0"')