diff --git a/daemon/execdriver/native/create.go b/daemon/execdriver/native/create.go
index 9ed0491940..d35043bd08 100644
--- a/daemon/execdriver/native/create.go
+++ b/daemon/execdriver/native/create.go
@@ -101,9 +101,9 @@ func (d *driver) setPrivileged(container *libcontainer.Container) (err error) {
 	container.Cgroups.DeviceAccess = true
 
 	delete(container.Context, "restrictions")
-	delete(container.DeviceNodes, "additional")
 
-	if container.DeviceNodes["required"], err = nodes.GetHostDeviceNodes(); err != nil {
+	container.OptionalDeviceNodes = nil
+	if container.RequiredDeviceNodes, err = nodes.GetHostDeviceNodes(); err != nil {
 		return err
 	}
 
diff --git a/daemon/execdriver/native/template/default_template.go b/daemon/execdriver/native/template/default_template.go
index dbe3985f9b..cbef06fbf1 100644
--- a/daemon/execdriver/native/template/default_template.go
+++ b/daemon/execdriver/native/template/default_template.go
@@ -33,11 +33,9 @@ func New() *libcontainer.Container {
 			Parent:       "docker",
 			DeviceAccess: false,
 		},
-		Context: libcontainer.Context{},
-		DeviceNodes: map[string][]string{
-			"required":   nodes.DefaultNodes,
-			"additional": {"fuse"},
-		},
+		Context:             libcontainer.Context{},
+		RequiredDeviceNodes: nodes.DefaultNodes,
+		OptionalDeviceNodes: []string{"fuse"},
 	}
 	if apparmor.IsEnabled() {
 		container.Context["apparmor_profile"] = "docker-default"
diff --git a/pkg/libcontainer/container.go b/pkg/libcontainer/container.go
index f7aa245855..6734bfd590 100644
--- a/pkg/libcontainer/container.go
+++ b/pkg/libcontainer/container.go
@@ -43,7 +43,7 @@ type Container struct {
 	// All capbilities not specified will be dropped from the processes capability mask
 	Capabilities []string `json:"capabilities,omitempty"`
 
-	// Networks specifies the container's network stop to be created
+	// Networks specifies the container's network setup to be created
 	Networks []*Network `json:"networks,omitempty"`
 
 	// Cgroups specifies specific cgroup settings for the various subsystems that the container is
@@ -60,14 +60,13 @@ type Container struct {
 	// rootfs and mount namespace if specified
 	Mounts Mounts `json:"mounts,omitempty"`
 
-	// DeviceNodes are a list of 'required' and 'additional' nodes that will be mknod into the container's
-	// rootfs at /dev
-	//
-	// Required device nodes will return an error if the host system does not have this device available
-	//
-	// Additional device nodes are created but no error is returned if the host system does not have the
-	// device avaliable for use by the container
-	DeviceNodes map[string][]string `json:"device_nodes,omitempty"`
+	// RequiredDeviceNodes are a list of device nodes that will be mknod into the container's rootfs at /dev
+	// If the host system does not support the device that the container requests an error is returned
+	RequiredDeviceNodes []string `json:"required_device_nodes,omitempty"`
+
+	// OptionalDeviceNodes are a list of device nodes that will be mknod into the container's rootfs at /dev
+	// If the host system does not support the device that the container requests the error is ignored
+	OptionalDeviceNodes []string `json:"optional_device_nodes,omitempty"`
 }
 
 // Network defines configuration for a container's networking stack
diff --git a/pkg/libcontainer/container.json b/pkg/libcontainer/container.json
index c3b0196b4a..7156260bc2 100644
--- a/pkg/libcontainer/container.json
+++ b/pkg/libcontainer/container.json
@@ -44,14 +44,12 @@
       "type": "devtmpfs"
     }
   ],
-  "device_nodes": {
-      "required": [
-          "null",
-          "zero",
-          "full",
-          "random",
-          "urandom",
-          "tty"
-      ]
-  }
+  "required_device_nodes": [
+      "null",
+      "zero",
+      "full",
+      "random",
+      "urandom",
+      "tty"
+  ]
 }
diff --git a/pkg/libcontainer/container_test.go b/pkg/libcontainer/container_test.go
index d77ce313ae..f6e991edf5 100644
--- a/pkg/libcontainer/container_test.go
+++ b/pkg/libcontainer/container_test.go
@@ -65,7 +65,7 @@ func TestContainerJsonFormat(t *testing.T) {
 	}
 
 	for _, n := range nodes.DefaultNodes {
-		if !contains(n, container.DeviceNodes["required"]) {
+		if !contains(n, container.RequiredDeviceNodes) {
 			t.Logf("devices should contain %s", n)
 			t.Fail()
 		}
diff --git a/pkg/libcontainer/mount/init.go b/pkg/libcontainer/mount/init.go
index 184df1e8ec..3fb9667b16 100644
--- a/pkg/libcontainer/mount/init.go
+++ b/pkg/libcontainer/mount/init.go
@@ -48,11 +48,11 @@ func InitializeMountNamespace(rootfs, console string, container *libcontainer.Co
 	if err := setupBindmounts(rootfs, container.Mounts); err != nil {
 		return fmt.Errorf("bind mounts %s", err)
 	}
-	if err := nodes.CopyN(rootfs, container.DeviceNodes["required"], true); err != nil {
+	if err := nodes.CopyN(rootfs, container.RequiredDeviceNodes, true); err != nil {
 		return fmt.Errorf("copy required dev nodes %s", err)
 	}
-	if err := nodes.CopyN(rootfs, container.DeviceNodes["additional"], false); err != nil {
-		return fmt.Errorf("copy additional dev nodes %s", err)
+	if err := nodes.CopyN(rootfs, container.OptionalDeviceNodes, false); err != nil {
+		return fmt.Errorf("copy optional dev nodes %s", err)
 	}
 	if err := SetupPtmx(rootfs, console, container.Context["mount_label"]); err != nil {
 		return err