diff --git a/README.md b/README.md
index aff453a85fcf2a5661582e1bed0db47755cc129d..e41ecdd3179181de9db3aff7cbe357580a120330 100644
--- a/README.md
+++ b/README.md
@@ -131,7 +131,7 @@ Note: Upstart/SysV init based OS types are not supported.
   - [kube-router](https://github.com/cloudnativelabs/kube-router) v1.1.1
   - [multus](https://github.com/intel/multus-cni) v3.6.0
   - [ovn4nfv](https://github.com/opnfv/ovn4nfv-k8s-plugin) v1.1.0
-  - [weave](https://github.com/weaveworks/weave) v2.7.0
+  - [weave](https://github.com/weaveworks/weave) v2.8.0
 - Application
   - [ambassador](https://github.com/datawire/ambassador): v1.5
   - [cephfs-provisioner](https://github.com/kubernetes-incubator/external-storage) v2.1.0-k8s1.11
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index 98ddf146b282a6cc32a02ee9d2860ad3010b92a8..16011750d653dc7d1bcc71359c2f31fa0484fedf 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -73,7 +73,7 @@ typha_enabled: false
 
 flannel_version: "v0.13.0"
 cni_version: "v0.9.0"
-weave_version: 2.7.0
+weave_version: 2.8.0
 pod_infra_version: "3.3"
 cilium_version: "v1.8.6"
 kube_ovn_version: "v1.5.2"
diff --git a/roles/network_plugin/weave/templates/weave-net.yml.j2 b/roles/network_plugin/weave/templates/weave-net.yml.j2
index 04bc8e4317f4c24ada483db19cf1720be66d2479..abf0ec7ac10584b0a4f7f9a9b24f0067a908f560 100644
--- a/roles/network_plugin/weave/templates/weave-net.yml.j2
+++ b/roles/network_plugin/weave/templates/weave-net.yml.j2
@@ -119,11 +119,34 @@ items:
             name: weave-net
         spec:
           priorityClassName: system-node-critical
+          initContainers:
+            - name: weave-init
+              image: {{ weave_kube_image_repo }}:{{ weave_kube_image_tag }}
+              imagePullPolicy: {{ k8s_image_pull_policy }}
+              command:
+                - /home/weave/init.sh
+              env:
+              securityContext:
+                privileged: true
+              volumeMounts:
+                - name: cni-bin
+                  mountPath: /host/opt
+                - name: cni-bin2
+                  mountPath: /host/home
+                - name: cni-conf
+                  mountPath: /host/etc
+                - name: lib-modules
+                  mountPath: /lib/modules
+                - name: xtables-lock
+                  mountPath: /run/xtables.lock
+                  readOnly: false
           containers:
             - name: weave
               command:
                 - /home/weave/launch.sh
               env:
+                - name: INIT_CONTAINER
+                  value: "true"
                 - name: HOSTNAME
                   valueFrom:
                     fieldRef:
@@ -191,16 +214,9 @@ items:
               volumeMounts:
                 - name: weavedb
                   mountPath: /weavedb
-                - name: cni-bin
-                  mountPath: /host/opt
-                - name: cni-bin2
-                  mountPath: /host/home
-                - name: cni-conf
-                  mountPath: /host/etc
                 - name: dbus
                   mountPath: /host/var/lib/dbus
-                - name: lib-modules
-                  mountPath: /lib/modules
+                  readOnly: true
                 - name: xtables-lock
                   mountPath: /run/xtables.lock
                   readOnly: false
@@ -224,7 +240,7 @@ items:
                   readOnly: false
           hostNetwork: true
           dnsPolicy: ClusterFirstWithHostNet
-          hostPID: true
+          hostPID: false
           restartPolicy: Always
           securityContext:
             seLinuxOptions: {}