diff --git a/chart/jenkins-operator/templates/role.yaml b/chart/jenkins-operator/templates/role.yaml
index d6e7aaa1..f9fb9779 100644
--- a/chart/jenkins-operator/templates/role.yaml
+++ b/chart/jenkins-operator/templates/role.yaml
@@ -30,15 +30,21 @@ rules:
     resources:
       - serviceaccounts
     verbs:
+      - get
       - create
+      - list
+      - watch
   - apiGroups:
       - rbac.authorization.k8s.io
     resources:
       - roles
       - rolebindings
     verbs:
+      - get
       - create
       - update
+      - list
+      - watch
   - apiGroups:
       - ""
     resources:
diff --git a/pkg/controller/jenkins/configuration/base/resources/base_configuration_configmap.go b/pkg/controller/jenkins/configuration/base/resources/base_configuration_configmap.go
index 022a7a20..7c8c149e 100644
--- a/pkg/controller/jenkins/configuration/base/resources/base_configuration_configmap.go
+++ b/pkg/controller/jenkins/configuration/base/resources/base_configuration_configmap.go
@@ -2,6 +2,7 @@ package resources
 
 import (
 	"fmt"
+
 	"github.com/jenkinsci/kubernetes-operator/pkg/apis/jenkins/v1alpha2"
 	"github.com/jenkinsci/kubernetes-operator/pkg/controller/jenkins/constants"
 
@@ -187,8 +188,8 @@ func NewBaseConfigurationConfigMap(meta metav1.ObjectMeta, jenkins *v1alpha2.Jen
 		disableInsecureFeaturesGroovyScriptName:   disableInsecureFeatures,
 		configureKubernetesPluginGroovyScriptName: fmt.Sprintf(configureKubernetesPluginFmt,
 			jenkins.ObjectMeta.Namespace,
-			fmt.Sprintf("http://%s.%s:%d", GetJenkinsHTTPServiceName(jenkins), jenkins.ObjectMeta.Namespace, jenkins.Spec.Service.Port),
-			fmt.Sprintf("%s.%s:%d", GetJenkinsSlavesServiceName(jenkins), jenkins.ObjectMeta.Namespace, jenkins.Spec.SlaveService.Port),
+			fmt.Sprintf("http://%s:%d", GetJenkinsHTTPServiceFQDN(jenkins), jenkins.Spec.Service.Port),
+			fmt.Sprintf("%s:%d", GetJenkinsSlavesServiceFQDN(jenkins), jenkins.Spec.SlaveService.Port),
 		),
 		configureViewsGroovyScriptName:              configureViews,
 		disableJobDslScriptApprovalGroovyScriptName: disableJobDSLScriptApproval,
diff --git a/pkg/controller/jenkins/configuration/base/resources/service.go b/pkg/controller/jenkins/configuration/base/resources/service.go
index b9e2d96c..1ff6d342 100644
--- a/pkg/controller/jenkins/configuration/base/resources/service.go
+++ b/pkg/controller/jenkins/configuration/base/resources/service.go
@@ -7,6 +7,9 @@ import (
 	"github.com/jenkinsci/kubernetes-operator/pkg/controller/jenkins/constants"
 
 	corev1 "k8s.io/api/core/v1"
+
+	"net"
+	"strings"
 )
 
 // UpdateService returns new service with override fields from config
@@ -38,3 +41,35 @@ func GetJenkinsHTTPServiceName(jenkins *v1alpha2.Jenkins) string {
 func GetJenkinsSlavesServiceName(jenkins *v1alpha2.Jenkins) string {
 	return fmt.Sprintf("%s-slave-%s", constants.OperatorName, jenkins.ObjectMeta.Name)
 }
+
+// GetJenkinsHTTPServiceFQDN returns Kubernetes service FQDN used for expose Jenkins HTTP endpoint
+func GetJenkinsHTTPServiceFQDN(jenkins *v1alpha2.Jenkins) string {
+	clusterDomain := getClusterDomain()
+
+	return fmt.Sprintf("%s-http-%s.%s.svc.%s", constants.OperatorName, jenkins.ObjectMeta.Name, jenkins.ObjectMeta.Namespace, clusterDomain)
+}
+
+// GetJenkinsSlavesServiceFQDN returns Kubernetes service FQDN used for expose Jenkins slave endpoint
+func GetJenkinsSlavesServiceFQDN(jenkins *v1alpha2.Jenkins) string {
+	clusterDomain := getClusterDomain()
+
+	return fmt.Sprintf("%s-slave-%s.%s.svc.%s", constants.OperatorName, jenkins.ObjectMeta.Name, jenkins.ObjectMeta.Namespace, clusterDomain)
+}
+
+// GetClusterDomain returns Kubernetes cluster domain, default to "cluster.local"
+func getClusterDomain() string {
+	apiSvc := "kubernetes.default.svc"
+
+	clusterDomain := "cluster.local"
+
+	cname, err := net.LookupCNAME(apiSvc)
+	if err != nil {
+		return clusterDomain
+	}
+
+	clusterDomain = strings.TrimPrefix(cname, "kubernetes.default.svc")
+	clusterDomain = strings.TrimPrefix(clusterDomain, ".")
+	clusterDomain = strings.TrimSuffix(clusterDomain, ".")
+
+	return clusterDomain
+}
diff --git a/pkg/controller/jenkins/configuration/user/seedjobs/seedjobs.go b/pkg/controller/jenkins/configuration/user/seedjobs/seedjobs.go
index 7fde534e..f64ad2dc 100644
--- a/pkg/controller/jenkins/configuration/user/seedjobs/seedjobs.go
+++ b/pkg/controller/jenkins/configuration/user/seedjobs/seedjobs.go
@@ -402,9 +402,8 @@ func agentDeployment(jenkins *v1alpha2.Jenkins, namespace string, agentName stri
 							Env: []corev1.EnvVar{
 								{
 									Name: "JENKINS_TUNNEL",
-									Value: fmt.Sprintf("%s.%s:%d",
-										resources.GetJenkinsSlavesServiceName(jenkins),
-										jenkins.ObjectMeta.Namespace,
+									Value: fmt.Sprintf("%s:%d",
+										resources.GetJenkinsSlavesServiceFQDN(jenkins),
 										jenkins.Spec.SlaveService.Port),
 								},
 								{
@@ -417,9 +416,8 @@ func agentDeployment(jenkins *v1alpha2.Jenkins, namespace string, agentName stri
 								},
 								{
 									Name: "JENKINS_URL",
-									Value: fmt.Sprintf("http://%s.%s:%d",
-										resources.GetJenkinsHTTPServiceName(jenkins),
-										jenkins.ObjectMeta.Namespace,
+									Value: fmt.Sprintf("http://%s:%d",
+										resources.GetJenkinsHTTPServiceFQDN(jenkins),
 										jenkins.Spec.Service.Port,
 									),
 								},