diff --git a/releasenotes/notes/workaround_ssh_known_host_atomic_update-481e0baf3b3d6342.yaml b/releasenotes/notes/workaround_ssh_known_host_atomic_update-481e0baf3b3d6342.yaml
new file mode 100644
index 000000000..5f49ce054
--- /dev/null
+++ b/releasenotes/notes/workaround_ssh_known_host_atomic_update-481e0baf3b3d6342.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+  - Workaround `bug 1810932 <https://bugs.launchpad.net/tripleo/+bug/1810932>`__ by
+    scripting an in-place update of ssh_known_hosts
+
diff --git a/roles/tripleo-ssh-known-hosts/tasks/main.yml b/roles/tripleo-ssh-known-hosts/tasks/main.yml
index 7430ad62c..77e2e82f5 100644
--- a/roles/tripleo-ssh-known-hosts/tasks/main.yml
+++ b/roles/tripleo-ssh-known-hosts/tasks/main.yml
@@ -1,11 +1,29 @@
 ---
-- name: Add hosts key in /etc/ssh/ssh_known_hosts for live/cold-migration
+- name: Add host keys in /etc/ssh/ssh_known_hosts for live/cold-migration
   become: true
-  lineinfile:
-    path: /etc/ssh/ssh_known_hosts
-    line: "{{ ssh_known_hosts[hostvars[item]['ansible_hostname'] | lower] + ' ssh-rsa ' + hostvars[item]['ansible_ssh_host_key_rsa_public'] }}"
-    create: yes
-  with_items: "{{ groups['overcloud']|intersect(play_hosts) }}"
+  block:
+    # Workaround https://bugs.launchpad.net/tripleo/+bug/1810932
+    # Ansible modules perform a replace instead of in-place modification.
+    # This breaks propagation of changes to containers that bind mount ssh_known_hosts
+    - name: Create temporary file for ssh_known_hosts
+      tempfile:
+        state: file
+      register: ssh_known_hosts_tmp
+    - name: Create a temporary copy of ssh_known_hosts
+      shell: |
+        if [[ -e /etc/ssh/ssh_known_hosts ]]; then
+          cat /etc/ssh/ssh_known_hosts > '{{ ssh_known_hosts_tmp.path }}'
+        fi
+    - name: Add host keys to temporary ssh_known_hosts
+      lineinfile:
+        path: "{{ ssh_known_hosts_tmp.path }}"
+        line: "{{ ssh_known_hosts[hostvars[item]['ansible_hostname'] | lower] + ' ssh-rsa ' + hostvars[item]['ansible_ssh_host_key_rsa_public'] }}"
+        create: yes
+      with_items: "{{ groups['overcloud']|intersect(play_hosts) }}"
+    - name: In-place update of /etc/ssh_known_hosts
+      shell: |
+        cat '{{ ssh_known_hosts_tmp.path }}' > /etc/ssh/ssh_known_hosts
+        rm -f '{{ ssh_known_hosts_tmp.path }}'
   tags:
     - tripleo_ssh_known_hosts