diff --git a/README.md b/README.md
index 20cde43395e2ed80ec1e1b2ce46a94a8e2be0e33..854edfb3dac34f4484bfa2c15340dcce3d9c51e7 100644
--- a/README.md
+++ b/README.md
@@ -124,14 +124,14 @@ Note: Upstart/SysV init based OS types are not supported.
   - [cni-plugins](https://github.com/containernetworking/plugins) v0.8.6
   - [calico](https://github.com/projectcalico/calico) v3.15.1
   - [canal](https://github.com/projectcalico/canal) (given calico/flannel versions)
-  - [cilium](https://github.com/cilium/cilium) v1.8.1
+  - [cilium](https://github.com/cilium/cilium) v1.8.2
   - [contiv](https://github.com/contiv/install) v1.2.1
   - [flanneld](https://github.com/coreos/flannel) v0.12.0
   - [kube-ovn](https://github.com/alauda/kube-ovn) v1.3.0
   - [kube-router](https://github.com/cloudnativelabs/kube-router) v1.0.1
   - [multus](https://github.com/intel/multus-cni) v3.6.0
   - [ovn4nfv](https://github.com/opnfv/ovn4nfv-k8s-plugin) v1.0.0
-  - [weave](https://github.com/weaveworks/weave) v2.6.5
+  - [weave](https://github.com/weaveworks/weave) v2.7.0
 - Application
   - [ambassador](https://github.com/datawire/ambassador): v1.5
   - [cephfs-provisioner](https://github.com/kubernetes-incubator/external-storage) v2.1.0-k8s1.11
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index 1380c6b4c894f42429f9973bcfad045ac56dee85..9ef2ec9eb960c9b3c5b28f7a454b42a97f15203e 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -76,10 +76,10 @@ flannel_version: "v0.12.0"
 
 cni_version: "v0.8.6"
 
-weave_version: 2.6.5
+weave_version: 2.7.0
 pod_infra_version: "3.2"
 contiv_version: 1.2.1
-cilium_version: "v1.8.1"
+cilium_version: "v1.8.2"
 kube_ovn_version: "v1.3.0"
 kube_router_version: "v1.0.1"
 multus_version: "v3.6"
diff --git a/roles/network_plugin/weave/templates/weave-net.yml.j2 b/roles/network_plugin/weave/templates/weave-net.yml.j2
index c9ac057a142b1e8b5336d2be29a02de6b15861a0..28540bcfa5e6aa3d4fc19a7b22f8baa3da36d6e9 100644
--- a/roles/network_plugin/weave/templates/weave-net.yml.j2
+++ b/roles/network_plugin/weave/templates/weave-net.yml.j2
@@ -181,7 +181,7 @@ items:
                   port: 6784
               resources:
                 requests:
-                  cpu: 10m
+                  cpu: 50m
               securityContext:
                 privileged: true
               volumeMounts:
@@ -199,6 +199,7 @@ items:
                   mountPath: /lib/modules
                 - name: xtables-lock
                   mountPath: /run/xtables.lock
+                  readOnly: false
             - name: weave-npc
               env:
                 - name: HOSTNAME
@@ -210,12 +211,13 @@ items:
               imagePullPolicy: {{ k8s_image_pull_policy }}
               resources:
                 requests:
-                  cpu: 10m
+                  cpu: 50m
               securityContext:
                 privileged: true
               volumeMounts:
                 - name: xtables-lock
                   mountPath: /run/xtables.lock
+                  readOnly: false
           hostNetwork: true
           dnsPolicy: ClusterFirstWithHostNet
           hostPID: true