diff --git a/roles/build-helm-packages/defaults/main.yml b/roles/build-helm-packages/defaults/main.yml
index fc1b21922..7456bebe2 100644
--- a/roles/build-helm-packages/defaults/main.yml
+++ b/roles/build-helm-packages/defaults/main.yml
@@ -14,3 +14,5 @@
 
 version:
   helm: v2.11.0
+url:
+  google_helm_repo: https://storage.googleapis.com/kubernetes-helm
diff --git a/roles/build-helm-packages/tasks/setup-helm-serve.yaml b/roles/build-helm-packages/tasks/setup-helm-serve.yaml
index 667a2527d..302c60782 100644
--- a/roles/build-helm-packages/tasks/setup-helm-serve.yaml
+++ b/roles/build-helm-packages/tasks/setup-helm-serve.yaml
@@ -24,11 +24,12 @@
       become_user: root
       shell: |
               TMP_DIR=$(mktemp -d)
-              curl -sSL https://storage.googleapis.com/kubernetes-helm/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar -zxv --strip-components=1 -C ${TMP_DIR}
+              curl -sSL ${GOOGLE_HELM_REPO_URL}/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar -zxv --strip-components=1 -C ${TMP_DIR}
               sudo mv ${TMP_DIR}/helm /usr/bin/helm
               rm -rf ${TMP_DIR}
       environment:
         HELM_VERSION: "{{ version.helm }}"
+        GOOGLE_HELM_REPO_URL: "{{ url.google_helm_repo }}"
       args:
         executable: /bin/bash
     - name: setting up helm client
diff --git a/roles/build-images/defaults/main.yml b/roles/build-images/defaults/main.yml
index 6f1215f21..9aa34e442 100644
--- a/roles/build-images/defaults/main.yml
+++ b/roles/build-images/defaults/main.yml
@@ -25,3 +25,8 @@ proxy:
 images:
   kubernetes:
     kubeadm_aio: openstackhelm/kubeadm-aio:dev
+
+url:
+  google_kubernetes_repo: https://storage.googleapis.com/kubernetes-release/release/{{ version.kubernetes }}/bin/linux/amd64
+  google_helm_repo: https://storage.googleapis.com/kubernetes-helm
+  cni_repo: https://github.com/containernetworking/plugins/releases/download/{{ version.cni }}
diff --git a/roles/build-images/tasks/kubeadm-aio.yaml b/roles/build-images/tasks/kubeadm-aio.yaml
index 537d87bc8..c6d345e9f 100644
--- a/roles/build-images/tasks/kubeadm-aio.yaml
+++ b/roles/build-images/tasks/kubeadm-aio.yaml
@@ -53,6 +53,9 @@
                 --build-arg CNI_VERSION="{{ version.cni }}" \
                 --build-arg HELM_VERSION="{{ version.helm }}" \
                 --build-arg CHARTS="calico,flannel,tiller,kube-dns,kubernetes-keystone-webhook" \
+                --build-arg GOOGLE_KUBERNETES_REPO_URL="{{ url.google_kubernetes_repo }}" \
+                --build-arg GOOGLE_HELM_REPO_URL="{{ url.google_helm_repo }}" \
+                --build-arg CNI_REPO_URL="{{ url.cni_repo }}" \
                 --build-arg HTTP_PROXY="{{ proxy.http }}" \
                 --build-arg HTTPS_PROXY="{{ proxy.https }}" \
                 --build-arg NO_PROXY="{{ proxy.noproxy }}" \
@@ -79,6 +82,9 @@
                 --build-arg CNI_VERSION="{{ version.cni }}" \
                 --build-arg HELM_VERSION="{{ version.helm }}" \
                 --build-arg CHARTS="calico,flannel,tiller,kube-dns,kubernetes-keystone-webhook" \
+                --build-arg GOOGLE_KUBERNETES_REPO_URL="{{ url.google_kubernetes_repo }}" \
+                --build-arg GOOGLE_HELM_REPO_URL="{{ url.google_helm_repo }}" \
+                --build-arg CNI_REPO_URL="{{ url.cni_repo }}" \
                 {% if zuul_site_mirror_fqdn is defined and zuul_site_mirror_fqdn %}
                 --build-arg UBUNTU_URL="http://{{ zuul_site_mirror_fqdn }}/ubuntu/" \
                 --build-arg ALLOW_UNAUTHENTICATED="true" \
diff --git a/tools/images/kubeadm-aio/Dockerfile b/tools/images/kubeadm-aio/Dockerfile
index 12f15cd29..6faf4fa2a 100644
--- a/tools/images/kubeadm-aio/Dockerfile
+++ b/tools/images/kubeadm-aio/Dockerfile
@@ -28,12 +28,21 @@ RUN sed -i \
         /etc/apt/sources.list ;\
     echo "APT::Get::AllowUnauthenticated \"${ALLOW_UNAUTHENTICATED}\";" > /etc/apt/apt.conf.d/allow-unathenticated
 
+ARG GOOGLE_KUBERNETES_REPO_URL=https://storage.googleapis.com/kubernetes-release/release/${KUBE_VERSION}/bin/linux/amd64
+ENV GOOGLE_KUBERNETES_REPO_URL ${GOOGLE_KUBERNETES_REPO_URL}
+
+ARG GOOGLE_HELM_REPO_URL=https://storage.googleapis.com/kubernetes-helm
+ENV GOOGLE_HELM_REPO_URL ${GOOGLE_HELM_REPO_URL}
+
 ARG KUBE_VERSION="v1.10.8"
 ENV KUBE_VERSION ${KUBE_VERSION}
 
 ARG CNI_VERSION="v0.6.0"
 ENV CNI_VERSION ${CNI_VERSION}
 
+ARG CNI_REPO_URL=https://github.com/containernetworking/plugins/releases/download/$CNI_VERSION
+ENV CNI_REPO_URL ${CNI_REPO_URL}
+
 ARG HELM_VERSION="v2.11.0"
 ENV HELM_VERSION ${HELM_VERSION}
 
@@ -78,18 +87,18 @@ RUN set -ex ;\
     pip --no-cache-dir install "ansible==2.5.5" ;\
     for BINARY in kubectl kubeadm; do \
       curl -sSL -o /usr/bin/${BINARY} \
-        https://storage.googleapis.com/kubernetes-release/release/${KUBE_VERSION}/bin/linux/amd64/${BINARY} ;\
+        ${GOOGLE_KUBERNETES_REPO_URL}/${BINARY} ;\
       chmod +x /usr/bin/${BINARY} ;\
     done ;\
     mkdir -p /opt/assets/usr/bin ;\
     curl -sSL -o /opt/assets/usr/bin/kubelet \
-      https://storage.googleapis.com/kubernetes-release/release/${KUBE_VERSION}/bin/linux/amd64/kubelet ;\
+      ${GOOGLE_KUBERNETES_REPO_URL}/kubelet ;\
     chmod +x /opt/assets/usr/bin/kubelet ;\
     mkdir -p /opt/assets${CNI_BIN_DIR} ;\
-    curl -sSL https://github.com/containernetworking/plugins/releases/download/$CNI_VERSION/cni-plugins-amd64-$CNI_VERSION.tgz | \
+    curl -sSL ${CNI_REPO_URL}/cni-plugins-amd64-$CNI_VERSION.tgz | \
       tar -zxv --strip-components=1 -C /opt/assets${CNI_BIN_DIR} ;\
     TMP_DIR=$(mktemp -d) ;\
-    curl -sSL https://storage.googleapis.com/kubernetes-helm/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar -zxv --strip-components=1 -C ${TMP_DIR} ;\
+    curl -sSL ${GOOGLE_HELM_REPO_URL}/helm-${HELM_VERSION}-linux-amd64.tar.gz | tar -zxv --strip-components=1 -C ${TMP_DIR} ;\
     mv ${TMP_DIR}/helm /usr/bin/helm ;\
     rm -rf ${TMP_DIR} ;\
     apt-get purge -y --auto-remove \