diff --git a/cluster/gce/trusty/configure.sh b/cluster/gce/trusty/configure.sh
index ecb0ec2880..e8cf21e69e 100644
--- a/cluster/gce/trusty/configure.sh
+++ b/cluster/gce/trusty/configure.sh
@@ -193,20 +193,23 @@ install_kube_binary_config() {
     cp /tmp/kubernetes/server/bin/kube-scheduler.tar /run/kube-docker-files/
     cp -r /tmp/kubernetes/addons /run/kube-docker-files/
   fi
-  # For a testing cluster, we use kubelet, kube-proxy, and kubectl binaries
-  # from the release tarball and place them in /usr/local/bin. For a non-test
-  # cluster, we use the binaries pre-installed in the image, or pull and place
-  # them in /usr/bin if they are not pre-installed.
-  BINARY_PATH="/usr/bin/"
-  if [ "${TEST_CLUSTER:-}" = "true" ]; then
-    BINARY_PATH="/usr/local/bin/"
-  fi
-  if ! which kubelet > /dev/null || ! which kube-proxy > /dev/null || [ "${TEST_CLUSTER:-}" = "true" ]; then
-    cp /tmp/kubernetes/server/bin/kubelet "${BINARY_PATH}"
-    cp /tmp/kubernetes/server/bin/kubectl "${BINARY_PATH}"
+  # Use the binary from the release tarball if they are not preinstalled, or if this is
+  # a test cluster.
+  readonly BIN_PATH="/usr/bin"
+  if ! which kubelet > /dev/null || ! which kubectl > /dev/null; then
+    cp /tmp/kubernetes/server/bin/kubelet "${BIN_PATH}"
+    cp /tmp/kubernetes/server/bin/kubectl "${BIN_PATH}"
+  elif [ "${TEST_CLUSTER:-}" = "true" ]; then
+    mkdir -p /home/kubernetes/bin
+    cp /tmp/kubernetes/server/bin/kubelet /home/kubernetes/bin
+    cp /tmp/kubernetes/server/bin/kubectl /home/kubernetes/bin
+    mount --bind /home/kubernetes/bin/kubelet "${BIN_PATH}/kubelet"
+    mount --bind -o remount,ro,^noexec "${BIN_PATH}/kubelet" "${BIN_PATH}/kubelet"
+    mount --bind /home/kubernetes/bin/kubectl "${BIN_PATH}/kubectl"
+    mount --bind -o remount,ro,^noexec "${BIN_PATH}/kubectl" "${BIN_PATH}/kubectl"
   fi
   # Clean up.
-  rm -rf "/tmp/kubernetes"
+  rm -rf /tmp/kubernetes
   rm "/tmp/${k8s_tar}"
   rm "/tmp/${k8s_sha1}"
 
@@ -281,11 +284,7 @@ assemble_kubelet_flags() {
 }
 
 restart_docker_daemon() {
-  # Assemble docker deamon options
-  DOCKER_OPTS="-p /var/run/docker.pid --bridge=cbr0 --iptables=false --ip-masq=false"
-  if [ "${TEST_CLUSTER:-}" = "true" ]; then
-    DOCKER_OPTS="${DOCKER_OPTS} --log-level=debug"
-  fi
+  readonly DOCKER_OPTS="-p /var/run/docker.pid --bridge=cbr0 --iptables=false --ip-masq=false"
   echo "DOCKER_OPTS=\"${DOCKER_OPTS} ${EXTRA_DOCKER_OPTS:-}\"" > /etc/default/docker
   # Make sure the network interface cbr0 is created before restarting docker daemon
   while ! [ -L /sys/class/net/cbr0 ]; do
diff --git a/cluster/gce/trusty/master.yaml b/cluster/gce/trusty/master.yaml
index 8fdfdb48a1..2f2a922cdc 100644
--- a/cluster/gce/trusty/master.yaml
+++ b/cluster/gce/trusty/master.yaml
@@ -124,15 +124,11 @@ script
 	echo "Start kubelet upstart job"
 	. /etc/kube-configure.sh
 	. /etc/kube-env
-	BINARY_PATH="/usr/bin/kubelet"
-	if [ "${TEST_CLUSTER:-}" = "true" ]; then
-		BINARY_PATH="/usr/local/bin/kubelet"
-	fi
 	# Assemble command line flags based on env variables, which will put the string
 	# of flags in variable KUBELET_CMD_FLAGS
 	assemble_kubelet_flags
 	
-	${BINARY_PATH} \
+	/usr/bin/kubelet \
 		--enable-debugging-handlers=false \
 		--cloud-provider=gce \
 		--config=/etc/kubernetes/manifests \
@@ -219,11 +215,7 @@ script
 
 	. /etc/kube-env
 	export HOME="/root"
-	if [ "${TEST_CLUSTER:-}" = "true" ]; then
-		export KUBECTL_BIN="/usr/local/bin/kubectl"
-	else
-		export KUBECTL_BIN="/usr/bin/kubectl"
-	fi
+	export KUBECTL_BIN="/usr/bin/kubectl"
 	export TOKEN_DIR="/etc/srv/kubernetes"
 	export kubelet_kubeconfig_file="/var/lib/kubelet/kubeconfig"
 	export TRUSTY_MASTER="true"
diff --git a/cluster/gce/trusty/node.yaml b/cluster/gce/trusty/node.yaml
index 3d930a4c23..fc072bb6c5 100644
--- a/cluster/gce/trusty/node.yaml
+++ b/cluster/gce/trusty/node.yaml
@@ -122,15 +122,11 @@ script
 	echo "Start kubelet upstart job"
 	. /etc/kube-configure.sh
 	. /etc/kube-env
-	BINARY_PATH="/usr/bin/kubelet"
-	if [ "${TEST_CLUSTER:-}" = "true" ]; then
-		BINARY_PATH="/usr/local/bin/kubelet"
-	fi
 	# Assemble command line flags based on env variables, which will put the string
 	# of flags in variable KUBELET_CMD_FLAGS.
 	assemble_kubelet_flags
 
-	${BINARY_PATH} \
+	/usr/bin/kubelet \
 		--api-servers=https://${KUBERNETES_MASTER_NAME} \
 		--enable-debugging-handlers=true \
 		--cloud-provider=gce \