diff --git a/cmd/kubeadm/app/cmd/join.go b/cmd/kubeadm/app/cmd/join.go
index 9fb8346062a..3371d70e185 100644
--- a/cmd/kubeadm/app/cmd/join.go
+++ b/cmd/kubeadm/app/cmd/join.go
@@ -33,6 +33,7 @@ import (
 	kubeconfigphase "k8s.io/kubernetes/cmd/kubeadm/app/phases/kubeconfig"
 	"k8s.io/kubernetes/cmd/kubeadm/app/preflight"
 	kubeadmutil "k8s.io/kubernetes/cmd/kubeadm/app/util"
+
 	"k8s.io/kubernetes/pkg/api"
 	clientcmdapi "k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api"
 	"k8s.io/kubernetes/pkg/runtime"
@@ -129,7 +130,7 @@ func (j *Join) Validate() error {
 	return validation.ValidateNodeConfiguration(j.cfg).ToAggregate()
 }
 
-// Run executes worked node provisioning and tries to join an existing cluster.
+// Run executes worker node provisioning and tries to join an existing cluster.
 func (j *Join) Run(out io.Writer) error {
 	var cfg *clientcmdapi.Config
 	// TODO: delete this first block when we move Token to the discovery interface
@@ -138,7 +139,6 @@ func (j *Join) Run(out io.Writer) error {
 		if err != nil {
 			return err
 		}
-
 		connectionDetails, err := kubenode.EstablishMasterConnection(j.cfg.Discovery.Token, clusterInfo)
 		if err != nil {
 			return err
@@ -161,8 +161,7 @@ func (j *Join) Run(out io.Writer) error {
 		}
 	}
 
-	err := kubeconfigphase.WriteKubeconfigToDisk(path.Join(kubeadmapi.GlobalEnvParams.KubernetesDir, kubeconfigphase.KubeletKubeConfigFileName), cfg)
-	if err != nil {
+	if err := kubeconfigphase.WriteKubeconfigToDisk(path.Join(kubeadmapi.GlobalEnvParams.KubernetesDir, kubeconfigphase.KubeletKubeConfigFileName), cfg); err != nil {
 		return err
 	}
 
diff --git a/cmd/kubeadm/app/discovery/BUILD b/cmd/kubeadm/app/discovery/BUILD
index dbfdba28e74..b9d70038b59 100644
--- a/cmd/kubeadm/app/discovery/BUILD
+++ b/cmd/kubeadm/app/discovery/BUILD
@@ -20,6 +20,7 @@ go_library(
         "//cmd/kubeadm/app/discovery/file:go_default_library",
         "//cmd/kubeadm/app/discovery/https:go_default_library",
         "//cmd/kubeadm/app/discovery/token:go_default_library",
+        "//pkg/client/unversioned/clientcmd:go_default_library",
         "//pkg/client/unversioned/clientcmd/api:go_default_library",
         "//vendor:github.com/spf13/pflag",
     ],
diff --git a/cmd/kubeadm/app/discovery/discovery.go b/cmd/kubeadm/app/discovery/discovery.go
index ef5e3087067..a981c41dae0 100644
--- a/cmd/kubeadm/app/discovery/discovery.go
+++ b/cmd/kubeadm/app/discovery/discovery.go
@@ -18,14 +18,53 @@ package discovery
 
 import (
 	"fmt"
+	"io/ioutil"
+	"net/http"
 
 	kubeadmapi "k8s.io/kubernetes/cmd/kubeadm/app/apis/kubeadm"
+
+	"k8s.io/kubernetes/pkg/client/unversioned/clientcmd"
 	clientcmdapi "k8s.io/kubernetes/pkg/client/unversioned/clientcmd/api"
 )
 
-func For(c kubeadmapi.Discovery) (*clientcmdapi.Config, error) {
+// For identifies and executes the desired discovery mechanism.
+func For(d kubeadmapi.Discovery) (*clientcmdapi.Config, error) {
 	switch {
+	case d.File != nil:
+		return runFileDiscovery(d.File)
+	case d.HTTPS != nil:
+		return runHTTPSDiscovery(d.HTTPS)
+	case d.Token != nil:
+		// TODO move token discovery here
+		return runTokenDiscovery(d.Token)
 	default:
-		return nil, fmt.Errorf("unimplemented")
+		return nil, fmt.Errorf("Couldn't find a valid discovery configuration. Please provide one.")
 	}
 }
+
+// runFileDiscovery executes file-based discovery.
+func runFileDiscovery(fd *kubeadmapi.FileDiscovery) (*clientcmdapi.Config, error) {
+	return clientcmd.LoadFromFile(fd.Path)
+}
+
+// runHTTPSDiscovery executes HTTPS-based discovery.
+func runHTTPSDiscovery(hd *kubeadmapi.HTTPSDiscovery) (*clientcmdapi.Config, error) {
+	response, err := http.Get(hd.URL)
+	if err != nil {
+		return nil, err
+	}
+	defer response.Body.Close()
+
+	kubeconfig, err := ioutil.ReadAll(response.Body)
+	if err != nil {
+		return nil, err
+	}
+
+	return clientcmd.Load(kubeconfig)
+}
+
+// TODO implement
+// runTokenDiscovery executes token-based discovery.
+func runTokenDiscovery(td *kubeadmapi.TokenDiscovery) (*clientcmdapi.Config, error) {
+	return nil, fmt.Errorf("Couldn't find a valid discovery configuration. Please provide one.")
+}
diff --git a/cmd/kubeadm/app/node/csr.go b/cmd/kubeadm/app/node/csr.go
index 9c279e11c82..883ba34568c 100644
--- a/cmd/kubeadm/app/node/csr.go
+++ b/cmd/kubeadm/app/node/csr.go
@@ -29,12 +29,13 @@ import (
 	certutil "k8s.io/kubernetes/pkg/util/cert"
 )
 
+// TODO @mikedanese move this to PerformTLSBootstrap
 func PerformTLSBootstrapDeprecated(connection *ConnectionDetails) (*clientcmdapi.Config, error) {
 	fmt.Println("[csr] Created API client to obtain unique certificate for this node, generating keys and certificate signing request")
 
 	key, err := certutil.MakeEllipticPrivateKeyPEM()
 	if err != nil {
-		return nil, fmt.Errorf("failed to generating private key [%v]", err)
+		return nil, fmt.Errorf("failed to generate private key [%v]", err)
 	}
 	cert, err := csr.RequestNodeCertificate(connection.CertClient.CertificateSigningRequests(), key, connection.NodeName)
 	if err != nil {
@@ -80,7 +81,7 @@ func PerformTLSBootstrap(cfg *clientcmdapi.Config) error {
 
 	key, err := certutil.MakeEllipticPrivateKeyPEM()
 	if err != nil {
-		return fmt.Errorf("failed to generating private key [%v]", err)
+		return fmt.Errorf("failed to generate private key [%v]", err)
 	}
 	cert, err := csr.RequestNodeCertificate(c.Certificates().CertificateSigningRequests(), key, name)
 	if err != nil {