diff --git a/dockerfiles/k8s/Dockerfile b/dockerfiles/k8s/Dockerfile
index 3fa7164..000839c 100644
--- a/dockerfiles/k8s/Dockerfile
+++ b/dockerfiles/k8s/Dockerfile
@@ -5,7 +5,7 @@ COPY ./kubernetes.repo /etc/yum.repos.d/
 
 
 
-RUN yum install -y kubectl-1.14.9 kubeadm-1.14.9 kubelet-1.14.9 \
+RUN yum install -y kubectl-1.18.0 kubeadm-1.18.0 kubelet-1.18.0 \
     #&& mv -f /etc/systemd/system/kubelet.service.d/10-kubeadm.conf /etc/systemd/system/kubelet.service \
     && yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo \
     && yum install -y docker-ce git \
diff --git a/dockerfiles/k8s/kubelet.env b/dockerfiles/k8s/kubelet.env
index 514932b..ff607f1 100644
--- a/dockerfiles/k8s/kubelet.env
+++ b/dockerfiles/k8s/kubelet.env
@@ -1,7 +1,7 @@
 KUBELET_KUBECONFIG_ARGS=" --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
-KUBELET_SYSTEM_PODS_ARGS="--pod-manifest-path=/etc/kubernetes/manifests --allow-privileged=true"
+KUBELET_SYSTEM_PODS_ARGS="--pod-manifest-path=/etc/kubernetes/manifests --pod-infra-container-image=k8s.gcr.io/pause:3.2"
 KUBELET_NETWORK_ARGS="--network-plugin=cni --cni-conf-dir=/etc/cni/net.d --cni-bin-dir=/opt/cni/bin"
 KUBELET_DNS_ARGS="--cluster-dns=10.96.0.10 --cluster-domain=cluster.local"
 KUBELET_AUTHZ_ARGS="--authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/ca.crt"
 KUBELET_CGROUP_ARGS="--cgroup-driver=cgroupfs"
-KUBELET_EXTRA_ARGS="--fail-swap-on=false --resolv-conf=/etc/resolv.conf.override --feature-gates ExperimentalCriticalPodAnnotation=true"
+KUBELET_EXTRA_ARGS="--fail-swap-on=false --resolv-conf=/etc/resolv.conf.override"
diff --git a/dockerfiles/k8s/wrapkubeadm.sh b/dockerfiles/k8s/wrapkubeadm.sh
index 5b68329..5c4287b 100755
--- a/dockerfiles/k8s/wrapkubeadm.sh
+++ b/dockerfiles/k8s/wrapkubeadm.sh
@@ -34,7 +34,7 @@ apiserver_etcd2_backend='.spec.containers[0].command|=map(select(startswith("--s
 # Update kube-proxy CIDR, enable --masquerade-all and disable conntrack (see dind::frob-proxy below)
 function dind::proxy-cidr-and-no-conntrack {
   cluster_cidr="$(ip addr show docker0 | grep -w inet | awk '{ print $2; }')"
-  echo ".items[0].spec.template.spec.containers[0].command |= .+ [\"--cluster-cidr=${cluster_cidr}\", \"--masquerade-all\", \"--conntrack-max=0\", \"--conntrack-max-per-core=0\"]"
+  echo ".items[0].spec.template.spec.containers[0].command |= .+ [\"--cluster-cidr=${cluster_cidr}\", \"--masquerade-all\", \"--conntrack-max-per-core=0\"]"
 }