diff --git a/charts/sn-platform/conf/toolset/pulsar/clean_tls.sh b/charts/sn-platform/conf/toolset/pulsar/clean_tls.sh
index 884cc383e..743df35ca 100755
--- a/charts/sn-platform/conf/toolset/pulsar/clean_tls.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/clean_tls.sh
@@ -81,14 +81,14 @@ done
 
 function delete_ca() {
     local tls_ca_secret="${release}-ca-tls"
-    /pulsar/kubectl delete secret ${tls_ca_secret} -n ${namespace}
+    ${KUBECTL_BIN} delete secret ${tls_ca_secret} -n ${namespace}
 }
 
 function delete_server_cert() {
     local component=$1
     local server_cert_secret="${release}-tls-${component}"
 
-    /pulsar/kubectl delete secret ${server_cert_secret} \
+    ${KUBECTL_BIN} delete secret ${server_cert_secret} \
         -n ${namespace}
 }
 
@@ -96,7 +96,7 @@ function delete_client_cert() {
     local component=$1
     local client_cert_secret="${release}-tls-${component}"
 
-    /pulsar/kubectl delete secret ${client_cert_secret} \
+    ${KUBECTL_BIN} delete secret ${client_cert_secret} \
         -n ${namespace}
 }
 
diff --git a/charts/sn-platform/conf/toolset/pulsar/cleanup_helm_release.sh b/charts/sn-platform/conf/toolset/pulsar/cleanup_helm_release.sh
index 76f7573ca..9b2809b49 100755
--- a/charts/sn-platform/conf/toolset/pulsar/cleanup_helm_release.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/cleanup_helm_release.sh
@@ -73,15 +73,15 @@ release=${release:-pulsar-dev}
 
 function delete_namespace() {
     if [[ "${delete_namespace}" == "true" ]]; then
-        /pulsar/kubectl delete namespace ${namespace}
+        ${KUBECTL_BIN} delete namespace ${namespace}
     fi
 }
 
 # delete the cc admin secrets
-/pulsar/kubectl delete -n ${namespace} secret ${release}-admin-secret
+${KUBECTL_BIN} delete -n ${namespace} secret ${release}-admin-secret
 
 # delete tokens
-/pulsar/kubectl get secrets -n ${namespace} | grep ${release}-token- | awk '{print $1}' | xargs /pulsar/kubectl delete secrets -n ${namespace}
+${KUBECTL_BIN} get secrets -n ${namespace} | grep ${release}-token- | awk '{print $1}' | xargs ${KUBECTL_BIN} delete secrets -n ${namespace}
 
 # delete namespace
 delete_namespace
diff --git a/charts/sn-platform/conf/toolset/pulsar/common_auth.sh b/charts/sn-platform/conf/toolset/pulsar/common_auth.sh
index ede8c86eb..c0844647c 100755
--- a/charts/sn-platform/conf/toolset/pulsar/common_auth.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/common_auth.sh
@@ -23,7 +23,6 @@ if [ -z "$CHART_HOME" ]; then
     exit 1
 fi
 
-OUTPUT=${CHART_HOME}/output
 OUTPUT_BIN=${OUTPUT}/bin
 PULSARCTL_VERSION=v2.10.2.2
 PULSARCTL_BIN=/pulsar/bin/pulsarctl
diff --git a/charts/sn-platform/conf/toolset/pulsar/decommission_bookies.sh b/charts/sn-platform/conf/toolset/pulsar/decommission_bookies.sh
index 55e2823f7..7c240c264 100755
--- a/charts/sn-platform/conf/toolset/pulsar/decommission_bookies.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/decommission_bookies.sh
@@ -89,8 +89,8 @@ autorecovery_pod=${autorecovery_pod:-autorecovery}
 for ((i=replicas; i>=1; i--))
 do
     j=$((i-1))
-    echo /pulsar/kubectl -n ${namespace} scale --replicas=${j} sts/${statefulset}
-    /pulsar/kubectl -n ${namespace} scale --replicas=${j} sts/${statefulset}
-    echo /pulsar/kubectl -n ${autorecovery_namespace} exec -it ${autorecovery_pod} -- bin/bookkeeper shell decommissionbookie -bookieid ${statefulset}-${j}.${statefulset}.${namespace}.svc.cluster.local:3181
-    /pulsar/kubectl -n ${autorecovery_namespace} exec -it ${autorecovery_pod} -- bin/bookkeeper shell decommissionbookie -bookieid ${statefulset}-${j}.${statefulset}.${namespace}.svc.cluster.local:3181
+    echo ${KUBECTL_BIN} -n ${namespace} scale --replicas=${j} sts/${statefulset}
+    ${KUBECTL_BIN} -n ${namespace} scale --replicas=${j} sts/${statefulset}
+    echo ${KUBECTL_BIN} -n ${autorecovery_namespace} exec -it ${autorecovery_pod} -- bin/bookkeeper shell decommissionbookie -bookieid ${statefulset}-${j}.${statefulset}.${namespace}.svc.cluster.local:3181
+    ${KUBECTL_BIN} -n ${autorecovery_namespace} exec -it ${autorecovery_pod} -- bin/bookkeeper shell decommissionbookie -bookieid ${statefulset}-${j}.${statefulset}.${namespace}.svc.cluster.local:3181
 done
diff --git a/charts/sn-platform/conf/toolset/pulsar/generate_token.sh b/charts/sn-platform/conf/toolset/pulsar/generate_token.sh
index 7dd1b656e..d38fd0c2c 100755
--- a/charts/sn-platform/conf/toolset/pulsar/generate_token.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/generate_token.sh
@@ -96,11 +96,11 @@ function pulsar::jwt::generate_symmetric_token() {
     trap "test -f $tmpfile && rm $tmpfile" RETURN
     tokentmpfile=$(mktemp)
     trap "test -f $tokentmpfile && rm $tokentmpfile" RETURN
-    /pulsar/kubectl get -n ${namespace} secrets ${secret_name} -o jsonpath="{.data['SECRETKEY']}" | base64 --decode > ${tmpfile}
+    ${KUBECTL_BIN} get -n ${namespace} secrets ${secret_name} -o jsonpath="{.data['SECRETKEY']}" | base64 --decode > ${tmpfile}
     ${PULSARCTL_BIN} token create -a HS256 --secret-key-file ${tmpfile} --subject ${role} 2&> ${tokentmpfile}
     newtokentmpfile=$(mktemp)
     tr -d '\n' < ${tokentmpfile} > ${newtokentmpfile}
-    /pulsar/kubectl create secret generic ${token_name} -n ${namespace} --from-file="TOKEN=${newtokentmpfile}" --from-literal="TYPE=symmetric"
+    ${KUBECTL_BIN} create secret generic ${token_name} -n ${namespace} --from-file="TOKEN=${newtokentmpfile}" --from-literal="TYPE=symmetric"
 }
 
 function pulsar::jwt::generate_asymmetric_token() {
@@ -111,11 +111,11 @@ function pulsar::jwt::generate_asymmetric_token() {
     trap "test -f $privatekeytmpfile && rm $privatekeytmpfile" RETURN
     tokentmpfile=$(mktemp)
     trap "test -f $tokentmpfile && rm $tokentmpfile" RETURN
-    /pulsar/kubectl get -n ${namespace} secrets ${secret_name} -o jsonpath="{.data['PRIVATEKEY']}" | base64 --decode > ${privatekeytmpfile}
+    ${KUBECTL_BIN} get -n ${namespace} secrets ${secret_name} -o jsonpath="{.data['PRIVATEKEY']}" | base64 --decode > ${privatekeytmpfile}
     ${PULSARCTL_BIN} token create -a RS256 --private-key-file ${privatekeytmpfile} --subject ${role} 2&> ${tokentmpfile}
     newtokentmpfile=$(mktemp)
     tr -d '\n' < ${tokentmpfile} > ${newtokentmpfile}
-    /pulsar/kubectl create secret generic ${token_name} -n ${namespace} --from-file="TOKEN=${newtokentmpfile}" --from-literal="TYPE=asymmetric"
+    ${KUBECTL_BIN} create secret generic ${token_name} -n ${namespace} --from-file="TOKEN=${newtokentmpfile}" --from-literal="TYPE=asymmetric"
 }
 
 if [[ "${symmetric}" == "true" ]]; then
diff --git a/charts/sn-platform/conf/toolset/pulsar/generate_token_secret_key.sh b/charts/sn-platform/conf/toolset/pulsar/generate_token_secret_key.sh
index f5c9f28a3..a3acbee8c 100755
--- a/charts/sn-platform/conf/toolset/pulsar/generate_token_secret_key.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/generate_token_secret_key.sh
@@ -82,9 +82,9 @@ function pulsar::jwt::generate_symmetric_key() {
     tmpfile=$(mktemp)
     trap "test -f $tmpfile && rm $tmpfile" RETURN
     ${PULSARCTL_BIN} token create-secret-key --output-file ${tmpfile}
-    mv $tmpfile SECRETKEY
-    /pulsar/kubectl create secret generic ${secret_name} -n ${namespace} --from-file=SECRETKEY
-    rm SECRETKEY
+    mv $tmpfile $OUTPUT/SECRETKEY
+    ${KUBECTL_BIN} create secret generic ${secret_name} -n ${namespace} --from-file=$OUTPUT/SECRETKEY
+    rm $OUTPUT/SECRETKEY
 }
 
 function pulsar::jwt::generate_asymmetric_key() {
@@ -95,11 +95,11 @@ function pulsar::jwt::generate_asymmetric_key() {
     publickeytmpfile=$(mktemp)
     trap "test -f $publickeytmpfile && rm $publickeytmpfile" RETURN
     ${PULSARCTL_BIN} token create-key-pair -a RS256 --output-private-key ${privatekeytmpfile} --output-public-key ${publickeytmpfile}
-    mv $privatekeytmpfile PRIVATEKEY
-    mv $publickeytmpfile PUBLICKEY
-    /pulsar/kubectl create secret generic ${secret_name} -n ${namespace} --from-file=PRIVATEKEY --from-file=PUBLICKEY
-    rm PRIVATEKEY
-    rm PUBLICKEY
+    mv $privatekeytmpfile $OUTPUT/PRIVATEKEY
+    mv $publickeytmpfile $OUTPUT/PUBLICKEY
+    ${KUBECTL_BIN} create secret generic ${secret_name} -n ${namespace} --from-file=$OUTPUT/PRIVATEKEY --from-file=$OUTPUT/PUBLICKEY
+    rm $OUTPUT/PRIVATEKEY
+    rm $OUTPUT/PUBLICKEY
 }
 
 if [[ "${symmetric}" == "true" ]]; then
diff --git a/charts/sn-platform/conf/toolset/pulsar/get_token.sh b/charts/sn-platform/conf/toolset/pulsar/get_token.sh
index 38c9272f7..25aeb0525 100755
--- a/charts/sn-platform/conf/toolset/pulsar/get_token.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/get_token.sh
@@ -84,8 +84,8 @@ release=${release:-pulsar-dev}
 function pulsar::jwt::get_token() {
     local token_name="${release}-token-${role}"
 
-    local token=$(/pulsar/kubectl get -n ${namespace} secrets ${token_name} -o jsonpath="{.data['TOKEN']}" | base64 --decode)
-    local token_type=$(/pulsar/kubectl get -n ${namespace} secrets ${token_name} -o jsonpath="{.data['TYPE']}" | base64 --decode)
+    local token=$(${KUBECTL_BIN} get -n ${namespace} secrets ${token_name} -o jsonpath="{.data['TOKEN']}" | base64 --decode)
+    local token_type=$(${KUBECTL_BIN} get -n ${namespace} secrets ${token_name} -o jsonpath="{.data['TYPE']}" | base64 --decode)
 
     echo "token type: ${token_type}"
     echo "-------------------------"
diff --git a/charts/sn-platform/conf/toolset/pulsar/gke_bootstrap_script.sh b/charts/sn-platform/conf/toolset/pulsar/gke_bootstrap_script.sh
index e6f20599a..86eea6538 100755
--- a/charts/sn-platform/conf/toolset/pulsar/gke_bootstrap_script.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/gke_bootstrap_script.sh
@@ -58,7 +58,7 @@ function bootstrap(){
 
   echo "Wait for metrics API service"
   # Helm 2.15 and 3.0 bug https://github.com/helm/helm/issues/6361#issuecomment-550503455
-  /pulsar/kubectl --namespace=kube-system wait --for=condition=Available --timeout=5m apiservices/v1beta1.metrics.k8s.io
+  ${KUBECTL_BIN} --namespace=kube-system wait --for=condition=Available --timeout=5m apiservices/v1beta1.metrics.k8s.io
 
   helm repo update
 }
diff --git a/charts/sn-platform/conf/toolset/pulsar/prepare_helm_release.sh b/charts/sn-platform/conf/toolset/pulsar/prepare_helm_release.sh
index 68e55a300..b61484a3c 100755
--- a/charts/sn-platform/conf/toolset/pulsar/prepare_helm_release.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/prepare_helm_release.sh
@@ -18,6 +18,7 @@
 # under the License.
 #
 
+set -x;
 CHART_HOME=$(unset CDPATH && cd $(dirname "${BASH_SOURCE[0]}")/../.. && pwd)
 cd ${CHART_HOME}
 
@@ -94,7 +95,7 @@ pulsar_superusers=${pulsar_superusers:-"proxy-admin,broker-admin,admin,pulsar-ma
 
 function generate_gcs_offloader_service_account_keyfile() {
     local secret_name="${release}-gcs-offloader-service-account"
-    /pulsar/kubectl create secret generic ${secret_name} -n ${namespace} \
+    ${KUBECTL_BIN} create secret generic ${secret_name} -n ${namespace} \
         --from-file="gcs.json=${gcs_offloader_service_account_keyfile}"
 }
 
@@ -102,7 +103,7 @@ pulsar_superusers=${pulsar_superusers:-"proxy-admin,broker-admin,admin,pulsar-ma
 
 function do_create_namespace() {
     if [[ "${create_namespace}" == "true" ]]; then
-        /pulsar/kubectl create namespace ${namespace}
+        ${KUBECTL_BIN} create namespace ${namespace}
     fi
 }
 
diff --git a/charts/sn-platform/conf/toolset/pulsar/setup-clouddns-resolver-service-account.sh b/charts/sn-platform/conf/toolset/pulsar/setup-clouddns-resolver-service-account.sh
index 1c4afed80..3c8a30b22 100755
--- a/charts/sn-platform/conf/toolset/pulsar/setup-clouddns-resolver-service-account.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/setup-clouddns-resolver-service-account.sh
@@ -46,7 +46,7 @@ gcloud iam service-accounts keys create ${RESOLVER_NAME}-key.json \
    --iam-account ${RESOLVER_NAME}@$PROJECT_ID.iam.gserviceaccount.com
 
 echo "Save the service account key as a kubernete secret '${HELM_RELEASE}-${RESOLVER_NAME}-svc-acct' in namespace '${NAMESPACE}'."
-/pulsar/kubectl create secret generic ${HELM_RELEASE}-${RESOLVER_NAME}-svc-acct \
+${KUBECTL_BIN} create secret generic ${HELM_RELEASE}-${RESOLVER_NAME}-svc-acct \
    --from-file=${RESOLVER_NAME}-key.json -n ${NAMESPACE}
 
 echo "Remove the generated key."
diff --git a/charts/sn-platform/conf/toolset/pulsar/upload-lets-encrypt-ca.sh b/charts/sn-platform/conf/toolset/pulsar/upload-lets-encrypt-ca.sh
index d84b9cefb..9a0be2909 100755
--- a/charts/sn-platform/conf/toolset/pulsar/upload-lets-encrypt-ca.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/upload-lets-encrypt-ca.sh
@@ -29,5 +29,5 @@ PEM="${CA_NAME}.pem"
 
 NAMESPACE=$1
 
-/pulsar/kubectl create secret generic ${CA_NAME}  \
+${KUBECTL_BIN} create secret generic ${CA_NAME}  \
    --from-file=${PEM} -n ${NAMESPACE}
diff --git a/charts/sn-platform/conf/toolset/pulsar/upload_tls.sh b/charts/sn-platform/conf/toolset/pulsar/upload_tls.sh
index 94b3f764d..668001d6d 100755
--- a/charts/sn-platform/conf/toolset/pulsar/upload_tls.sh
+++ b/charts/sn-platform/conf/toolset/pulsar/upload_tls.sh
@@ -91,7 +91,7 @@ ca_cert_file=${tlsdir}/certs/ca.cert.pem
 
 function upload_ca() {
     local tls_ca_secret="${release}-ca-tls"
-    /pulsar/kubectl create secret generic ${tls_ca_secret} -n ${namespace} --from-file="ca.crt=${ca_cert_file}"
+    ${KUBECTL_BIN} create secret generic ${tls_ca_secret} -n ${namespace} --from-file="ca.crt=${ca_cert_file}"
 }
 
 function upload_server_cert() {
@@ -100,7 +100,7 @@ function upload_server_cert() {
     local tls_cert_file="${tlsdir}/servers/${component}/${component}.cert.pem"
     local tls_key_file="${tlsdir}/servers/${component}/${component}.key-pk8.pem"
 
-    /pulsar/kubectl create secret generic ${server_cert_secret} \
+    ${KUBECTL_BIN} create secret generic ${server_cert_secret} \
         -n ${namespace} \
         --from-file="tls.crt=${tls_cert_file}" \
         --from-file="tls.key=${tls_key_file}" \
@@ -113,7 +113,7 @@ function upload_client_cert() {
     local tls_cert_file="${tlsdir}/clients/${component}/${component}.cert.pem"
     local tls_key_file="${tlsdir}/clients/${component}/${component}.key-pk8.pem"
 
-    /pulsar/kubectl create secret generic ${client_cert_secret} \
+    ${KUBECTL_BIN} create secret generic ${client_cert_secret} \
         -n ${namespace} \
         --from-file="tls.crt=${tls_cert_file}" \
         --from-file="tls.key=${tls_key_file}" \