diff --git a/projects/kubernetes/Boxfile b/projects/kubernetes/Boxfile
index e82025a02..8b8468635 100644
--- a/projects/kubernetes/Boxfile
+++ b/projects/kubernetes/Boxfile
@@ -67,12 +67,11 @@ def kubelet_cmd
     /hyperkube kubelet
       --kubeconfig=/etc/kubernetes/kubelet.conf --require-kubeconfig=true
       --pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true
-      --network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin
       --cluster-dns=10.96.0.10 --cluster-domain=cluster.local
       --cgroups-per-qos=false --enforce-node-allocatable=""
-      --node-ip="192.168.65.2"
-      --enable-cri=false
   )
+  #--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin
+  #--node-ip="192.168.65.2"
 end
 
 def create_kubelet_wrapper
diff --git a/projects/kubernetes/README.md b/projects/kubernetes/README.md
new file mode 100644
index 000000000..883b4869e
--- /dev/null
+++ b/projects/kubernetes/README.md
@@ -0,0 +1,22 @@
+# Kubernetes
+
+This project aims to demonstrate how one can create minimal and immutable Kubernetes OS images with Moby.
+
+Make sure to `cd projects/kubernetes` first.
+
+Build container & OS images:
+```
+make
+```
+
+Boot Kubernetes master OS image using `hyperkit` on macOS:
+```
+../../bin/moby run hyperkit -mem 4096 -cpus 2 kube-master
+```
+
+Manually initialise master with `kubeadm`:
+```
+runc exec kubelet kubeadm init --skip-preflight-checks
+```
+
+Once `kubeadm` exits, try `runc exec kubelet kubectl get nodes`.
diff --git a/projects/kubernetes/kube-master.yml b/projects/kubernetes/kube-master.yml
index a276bf18d..dfbf851b2 100644
--- a/projects/kubernetes/kube-master.yml
+++ b/projects/kubernetes/kube-master.yml
@@ -53,7 +53,9 @@ daemon:
     binds:
      - /dev:/dev
      - /lib/modules:/lib/modules
-     - /var:/var
+     - /var/run:/var/run
+     - /var/lib:/var/lib
+     - /etc/kubernetes:/etc/kubernetes
   - name: kubelet
     image: "errordeveloper/mobykube:master"
     capabilities:
@@ -64,7 +66,14 @@ daemon:
      - type: cgroup
        options: ["rw","nosuid","noexec","nodev","relatime"]
     binds:
-     - /etc/resolv.conf:/etc/resolv.conf
-     - /var:/var
+     - /dev:/dev
+     - /var/run:/var/run
+     - /var/lib:/var/lib
+     # TODO /{etc,opt}/cni & /var/lib/kubelet:rw,rshared
+     - /var/log:/var/log #/var/log/containers
+     - /etc/kubernetes:/etc/kubernetes
+files:
+  - path: etc/kubernetes/.empty
+    contents: '# workaround to create parent directory'
 outputs:
   - format: kernel+initrd