@@ -395,7 +395,17 @@ func (o CreateNodeConfigOptions) MakeNodeConfig(serverCertFile, serverKeyFile, n

 		return err

 	}

-	content, err := latestconfigapi.WriteYAML(config)

+	// Roundtrip the config to v1 and back to ensure proper defaults are set.

+	ext, err := configapi.Scheme.ConvertToVersion(config, "v1")

+	if err != nil {

+		return err

+	}

+	internal, err := configapi.Scheme.ConvertToVersion(ext, "")

+	if err != nil {

+		return err

+	}

+

+	content, err := latestconfigapi.WriteYAML(internal)

 	if err != nil {

 		return err

 	}

@@ -40,8 +40,27 @@ type NodeConfig struct {

 	// PodManifestConfig holds the configuration for enabling the Kubelet to

 	// create pods based from a manifest file(s) placed locally on the node

 	PodManifestConfig *PodManifestConfig

+

+	// DockerConfig holds Docker related configuration options.

+	DockerConfig DockerConfig

+}

+

+// DockerConfig holds Docker related configuration options.

+type DockerConfig struct {

+	// ExecHandlerName is the name of the handler to use for executing

+	// commands in Docker containers.

+	ExecHandlerName DockerExecHandlerType

 }

+type DockerExecHandlerType string

+

+const (

+	// DockerExecHandlerNative uses Docker's exec API for executing commands in containers.

+	DockerExecHandlerNative DockerExecHandlerType = "native"

+	// DockerExecHandlerNative uses nsenter for executing commands in containers.

+	DockerExecHandlerNsenter DockerExecHandlerType = "nsenter"

+)

+

 type MasterConfig struct {

 	api.TypeMeta

@@ -27,6 +27,11 @@ func init() {

 				obj.OpenShiftStoragePrefix = "openshift.io"

 			}

 		},

+		func(obj *DockerConfig) {

+			if len(obj.ExecHandlerName) == 0 {

+				obj.ExecHandlerName = DockerExecHandlerNative

+			}

+		},

 	)

 	if err != nil {

 		// If one of the conversion functions is malformed, detect it immediately.

@@ -39,8 +39,27 @@ type NodeConfig struct {

 	// PodManifestConfig holds the configuration for enabling the Kubelet to

 	// create pods based from a manifest file(s) placed locally on the node

 	PodManifestConfig *PodManifestConfig `json:"podManifestConfig"`

+

+	// DockerConfig holds Docker related configuration options.

+	DockerConfig DockerConfig `json:"dockerConfig"`

+}

+

+// DockerConfig holds Docker related configuration options.

+type DockerConfig struct {

+	// ExecHandlerName is the name of the handler to use for executing

+	// commands in Docker containers.

+	ExecHandlerName DockerExecHandlerType `json:"execHandlerName"`

 }

+type DockerExecHandlerType string

+

+const (

+	// DockerExecHandlerNative uses Docker's exec API for executing commands in containers.

+	DockerExecHandlerNative DockerExecHandlerType = "native"

+	// DockerExecHandlerNative uses nsenter for executing commands in containers.

+	DockerExecHandlerNsenter DockerExecHandlerType = "nsenter"

+)

+

 type MasterConfig struct {

 	v1.TypeMeta `json:",inline"`

@@ -19,6 +19,8 @@ const (

 apiVersion: v1

 dnsDomain: ""

 dnsIP: ""

+dockerConfig:

+  execHandlerName: ""

 imageConfig:

   format: ""

   latest: false

@@ -1,6 +1,9 @@

 package validation

 import (

+	"fmt"

+	"strings"

+

 	"github.com/GoogleCloudPlatform/kubernetes/pkg/util/fielderrors"

 	"github.com/openshift/origin/pkg/cmd/server/api"

@@ -26,5 +29,21 @@ func ValidateNodeConfig(config *api.NodeConfig) fielderrors.ValidationErrorList

 		allErrs = append(allErrs, ValidatePodManifestConfig(config.PodManifestConfig).Prefix("podManifestConfig")...)

 	}

+	allErrs = append(allErrs, ValidateDockerConfig(config.DockerConfig).Prefix("dockerConfig")...)

+

+	return allErrs

+}

+

+func ValidateDockerConfig(config api.DockerConfig) fielderrors.ValidationErrorList {

+	allErrs := fielderrors.ValidationErrorList{}

+

+	switch config.ExecHandlerName {

+	case api.DockerExecHandlerNative, api.DockerExecHandlerNsenter:

+		// ok

+	default:

+		validValues := strings.Join([]string{string(api.DockerExecHandlerNative), string(api.DockerExecHandlerNsenter)}, ", ")

+		allErrs = append(allErrs, fielderrors.NewFieldInvalid("execHandlerName", config.ExecHandlerName, fmt.Sprintf("must be one of %s", validValues)))

+	}

+

 	return allErrs

 }

@@ -226,6 +226,7 @@ func (c *NodeConfig) RunKubelet() {

 		DockerDaemonContainer:     "",

 		ConfigureCBR0:             false,

 		MaxPods:                   200,

+		DockerExecHandler:         c.DockerExecHandler,

 	}

 	kapp.RunKubelet(&kcfg, nil)

 }

@@ -62,6 +62,10 @@ type NodeConfig struct {

 	// PodManifestCheckIntervalSeconds is the interval in seconds for checking the manifest file(s) for new data

 	// The interval needs to be a positive value

 	PodManifestCheckIntervalSeconds int64

+

+	// DockerExecHandler is the handler to use for executing

+	// commands in Docker containers.

+	DockerExecHandler dockertools.ExecHandler

 }

 func BuildKubernetesNodeConfig(options configapi.NodeConfig) (*NodeConfig, error) {

@@ -98,6 +102,15 @@ func BuildKubernetesNodeConfig(options configapi.NodeConfig) (*NodeConfig, error

 		fileCheckInterval = options.PodManifestConfig.FileCheckIntervalSeconds

 	}

+	var dockerExecHandler dockertools.ExecHandler

+

+	switch options.DockerConfig.ExecHandlerName {

+	case configapi.DockerExecHandlerNative:

+		dockerExecHandler = &dockertools.NativeExecHandler{}

+	case configapi.DockerExecHandlerNsenter:

+		dockerExecHandler = &dockertools.NsenterExecHandler{}

+	}

+

 	config := &NodeConfig{

 		NodeHost:    options.NodeName,

 		BindAddress: options.ServingInfo.BindAddress,

@@ -119,6 +132,8 @@ func BuildKubernetesNodeConfig(options configapi.NodeConfig) (*NodeConfig, error

 		PodManifestPath:                 path,

 		PodManifestCheckIntervalSeconds: fileCheckInterval,

+

+		DockerExecHandler: dockerExecHandler,

 	}

 	return config, nil