diff --git a/README.md b/README.md
index eb8eab8b69..9f60374f0c 100644
--- a/README.md
+++ b/README.md
@@ -163,14 +163,14 @@ Open ports / Network security
 ---------------------------
 
 The server needs port 6443 to be accessible by the nodes.  The nodes need to be able to reach
-other nodes over UDP port 4789.  This is used for flannel VXLAN.  If you don't use flannel
-and provide your own custom CNI, then 4789 is not needed by k3s. The node should not listen
+other nodes over UDP port 8472.  This is used for flannel VXLAN.  If you don't use flannel
+and provide your own custom CNI, then 8472 is not needed by k3s. The node should not listen
 on any other port.  k3s uses reverse tunneling such that the nodes make outbound connections
 to the server and all kubelet traffic runs through that tunnel.
 
 IMPORTANT. The VXLAN port on nodes should not be exposed to the world, it opens up your
 cluster network to accessed by anyone.  Run your nodes behind a firewall/security group that
-disables access to port 4789.
+disables access to port 8472.
 
 
 Server HA
@@ -217,7 +217,7 @@ k3s includes and defaults to containerd. Why? Because it's just plain better. If
 run with Docker first stop and think, "Really? Do I really want more headache?" If still
 yes then you just need to run the agent with the `--docker` flag
 
-     k3s agent -u ${SERVER_URL} -t ${NODE_TOKEN} --docker &
+     k3s agent -s ${SERVER_URL} -t ${NODE_TOKEN} --docker &
 
 systemd
 -------
diff --git a/pkg/deploy/controller.go b/pkg/deploy/controller.go
index 9a86d64981..6061c92cc2 100644
--- a/pkg/deploy/controller.go
+++ b/pkg/deploy/controller.go
@@ -251,6 +251,18 @@ func checksum(bytes []byte) string {
 	return hex.EncodeToString(d[:])
 }
 
+func isEmptyYaml(yaml []byte) bool {
+	isEmpty := true
+	lines := bytes.Split(yaml, []byte("\n"))
+	for _, l := range lines {
+		s := bytes.TrimSpace(l)
+		if string(s) != "---" && !bytes.HasPrefix(s, []byte("#")) && string(s) != "" {
+			isEmpty = false
+		}
+	}
+	return isEmpty
+}
+
 func yamlToObjects(in io.Reader) ([]runtime.Object, error) {
 	var result []runtime.Object
 	reader := yamlDecoder.NewYAMLReader(bufio.NewReaderSize(in, 4096))
@@ -263,12 +275,14 @@ func yamlToObjects(in io.Reader) ([]runtime.Object, error) {
 			return nil, err
 		}
 
-		obj, err := toObjects(raw)
-		if err != nil {
-			return nil, err
-		}
+		if !isEmptyYaml(raw) {
+			obj, err := toObjects(raw)
+			if err != nil {
+				return nil, err
+			}
 
-		result = append(result, obj...)
+			result = append(result, obj...)
+		}
 	}
 
 	return result, nil
@@ -279,6 +293,7 @@ func toObjects(bytes []byte) ([]runtime.Object, error) {
 	if err != nil {
 		return nil, err
 	}
+
 	obj, _, err := unstructured.UnstructuredJSONScheme.Decode(bytes, nil, nil)
 	if err != nil {
 		return nil, err
diff --git a/pkg/servicelb/controller.go b/pkg/servicelb/controller.go
index 9010570b13..11e0bbae31 100644
--- a/pkg/servicelb/controller.go
+++ b/pkg/servicelb/controller.go
@@ -272,11 +272,8 @@ func (h *handler) newDeployment(svc *core.Service) (*apps.Deployment, error) {
 		},
 	}
 
-	for i, port := range svc.Spec.Ports {
-		portName := port.Name
-		if portName == "" {
-			portName = fmt.Sprintf("port-%d", i)
-		}
+	for _, port := range svc.Spec.Ports {
+		portName := fmt.Sprintf("lb-port-%d", port.Port)
 		container := core.Container{
 			Name:            portName,
 			Image:           image,