diff --git a/cluster/ci/config/cluster-autoscaler.yaml b/cluster/ci/config/cluster-autoscaler.yaml
index 175b930705da..517383f79a8e 100644
--- a/cluster/ci/config/cluster-autoscaler.yaml
+++ b/cluster/ci/config/cluster-autoscaler.yaml
@@ -45,6 +45,14 @@ items:
     - get
     - list
     - watch
+  - apiGroups:
+    - ""
+    resources:
+    - events
+    verbs:
+    - create
+    - update
+    - patch
   - apiGroups:
     - extensions
     - apps
@@ -56,6 +64,14 @@ items:
     - get
     - list
     - watch
+  - apiGroups:
+    - storage.k8s.io
+    resources:
+    - storageclasses
+    verbs:
+    - get
+    - list
+    - watch
   - apiGroups:
     - policy
     resources:
diff --git a/cluster/ci/config/metrics-server.yaml b/cluster/ci/config/metrics-server.yaml
index 4dd9545628c2..e5b79059e582 100644
--- a/cluster/ci/config/metrics-server.yaml
+++ b/cluster/ci/config/metrics-server.yaml
@@ -1,6 +1,11 @@
 kind: List
 apiVersion: v1
 items:
+- apiVersion: v1
+  kind: ServiceAccount
+  metadata:
+    name: metrics-server
+    namespace: kube-system
 - apiVersion: v1
   kind: Service
   metadata:
@@ -35,13 +40,15 @@ items:
           app: metrics-server
       spec:
         containers:
-        - args:
+        - command: 
+          - /usr/bin/metrics-server
+          args:
           - --v=6
           - --tls-private-key-file=/etc/tls/tls.key
           - --tls-cert-file=/etc/tls/tls.crt
           - --source=kubernetes.summary_api:?kubeletPort=10250&kubeletHttps=1
           - --secure-port=8443
-          image: docker-registry.default.svc:5000/ci/kubernetes-metrics:latest
+          image: docker-registry.default.svc:5000/openshift/origin-v3.10:metrics-server
           imagePullPolicy: IfNotPresent
           name: metrics-server
           volumeMounts:
@@ -58,6 +65,7 @@ items:
   kind: Role
   metadata:
     name: metrics-server
+    namespace: kube-system
   rules:
   - apiGroups:
     - ""
@@ -66,8 +74,6 @@ items:
     resourceNames:
     - extension-apiserver-authentication
     verbs:
-    - update
-    - patch
     - get
   - apiGroups:
     - ""
@@ -81,4 +87,44 @@ items:
     - events
     verbs:
     - create
-  # oc policy add-role-to-user metrics-server -z metrics-server -n kube-system
+- apiVersion: rbac.authorization.k8s.io/v1beta1
+  kind: RoleBinding
+  metadata:
+    name: metrics-server
+    namespace: kube-system
+  subjects:
+  - kind: ServiceAccount
+    apiGroup: ""
+    name: metrics-server
+    namespace: kube-system
+  roleRef:
+    kind: Role
+    apiGroup: rbac.authorization.k8s.io
+    name: metrics-server
+    namespace: kube-system
+- apiVersion: rbac.authorization.k8s.io/v1beta1
+  kind: ClusterRoleBinding
+  metadata:
+    name: metrics-server
+  subjects:
+  - kind: ServiceAccount
+    apiGroup: ""
+    name: metrics-server
+    namespace: kube-system
+  roleRef:
+    kind: ClusterRole
+    apiGroup: rbac.authorization.k8s.io
+    name: cluster-reader
+- apiVersion: apiregistration.k8s.io/v1beta1
+  kind: APIService
+  metadata:
+    name: v1beta1.metrics.k8s.io
+  spec:
+    service:
+      name: metrics-server
+      namespace: kube-system
+    group: metrics.k8s.io
+    version: v1beta1
+    insecureSkipTLSVerify: true
+    groupPriorityMinimum: 100
+    versionPriority: 100
\ No newline at end of file