diff --git a/pkg/yurtctl/cmd/revert/revert.go b/pkg/yurtctl/cmd/revert/revert.go
index 8813af51251..3c6e4a81978 100644
--- a/pkg/yurtctl/cmd/revert/revert.go
+++ b/pkg/yurtctl/cmd/revert/revert.go
@@ -242,6 +242,15 @@ func (ro *RevertOptions) RunRevert() (err error) {
 		return
 	}
 	klog.Info("complete removing yurt-hub and resetting kubelet service")
+
+	// 7.1. remove yut-hub k8s config, roleBinding role
+	err = kubeutil.DeleteYurthubSetting(ro.clientSet)
+	if err != nil {
+		klog.Error("DeleteYurthubSetting err: ", err)
+		return err
+	}
+	klog.Info("delete yurthub clusterrole and clusterrolebinding")
+
 	return
 }
 
diff --git a/pkg/yurtctl/constants/constants.go b/pkg/yurtctl/constants/constants.go
index 78e18946567..51ee8a41f09 100644
--- a/pkg/yurtctl/constants/constants.go
+++ b/pkg/yurtctl/constants/constants.go
@@ -22,6 +22,8 @@ const (
 
 	YurtctlLockConfigMapName = "yurtctl-lock"
 
+	YurthubComponentName = "yurt-hub"
+
 	YurttunnelServerComponentName   = "yurt-tunnel-server"
 	YurttunnelServerSvcName         = "x-tunnel-server-svc"
 	YurttunnelServerInternalSvcName = "x-tunnel-server-internal-svc"
diff --git a/pkg/yurtctl/util/kubernetes/apply_addons.go b/pkg/yurtctl/util/kubernetes/apply_addons.go
index 8155d534b06..44d69de38c7 100644
--- a/pkg/yurtctl/util/kubernetes/apply_addons.go
+++ b/pkg/yurtctl/util/kubernetes/apply_addons.go
@@ -17,6 +17,11 @@ limitations under the License.
 package kubernetes
 
 import (
+	"context"
+	"fmt"
+
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/kubernetes"
 
@@ -216,3 +221,25 @@ func DeployYurthubSetting(client *kubernetes.Clientset) error {
 
 	return nil
 }
+
+// DeleteYurthubSetting rm settings for yurthub pod
+func DeleteYurthubSetting(client *kubernetes.Clientset) error {
+
+	// 1. delete the ClusterRoleBinding
+	if err := client.RbacV1().ClusterRoleBindings().
+		Delete(context.Background(), constants.YurthubComponentName,
+			metav1.DeleteOptions{}); err != nil && !apierrors.IsNotFound(err) {
+		return fmt.Errorf("fail to delete the clusterrolebinding/%s: %s",
+			constants.YurthubComponentName, err)
+	}
+
+	// 2. delete the ClusterRole
+	if err := client.RbacV1().ClusterRoles().
+		Delete(context.Background(), constants.YurthubComponentName,
+			metav1.DeleteOptions{}); err != nil && !apierrors.IsNotFound(err) {
+		return fmt.Errorf("fail to delete the clusterrole/%s: %s",
+			constants.YurthubComponentName, err)
+	}
+
+	return nil
+}