diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index c21bb0c434b5196f96cbf2282128b442089bf7bd..1014440abe046337fde60f049894933f0673b9bc 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -257,10 +257,14 @@ before_script:
 # stage: deploy-special
   MOVED_TO_GROUP_VARS: "true"
 
-.ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables
+.coreos_cilium_variables: &coreos_cilium_variables
 # stage: deploy-special
   MOVED_TO_GROUP_VARS: "true"
 
+.ubuntu_cilium_sep_variables: &ubuntu_cilium_sep_variables
+# stage: deploy-special
+  MOVED_TO_GROUP_VARS: "true"
+  
 .rhel7_weave_variables: &rhel7_weave_variables
 # stage: deploy-part1
   MOVED_TO_GROUP_VARS: "true"
@@ -459,6 +463,17 @@ gce_ubuntu-contiv-sep:
   except: ['triggers']
   only: ['master', /^pr-.*$/]
 
+gce_coreos-cilium:
+  stage: deploy-special
+  <<: *job
+  <<: *gce
+  variables:
+    <<: *gce_variables
+    <<: *coreos_cilium_variables
+  when: manual
+  except: ['triggers']
+  only: ['master', /^pr-.*$/]
+
 gce_ubuntu-cilium-sep:
   stage: deploy-special
   <<: *job
diff --git a/roles/download/defaults/main.yml b/roles/download/defaults/main.yml
index edb2b1e7545f6df72be7b83d2eadfd16ebb608aa..e97297958c012b4a1a72af883e8ac237dfd87db3 100644
--- a/roles/download/defaults/main.yml
+++ b/roles/download/defaults/main.yml
@@ -41,7 +41,7 @@ vault_version: 0.8.1
 weave_version: 2.2.0
 pod_infra_version: 3.0
 contiv_version: 1.1.7
-cilium_version: "v1.0.0-rc4"
+cilium_version: "v1.0.0-rc8"
 
 # Download URLs
 istioctl_download_url: "https://storage.googleapis.com/istio-release/releases/{{ istio_version }}/istioctl/istioctl-linux"
diff --git a/roles/network_plugin/cilium/templates/cilium-cr.yml.j2 b/roles/network_plugin/cilium/templates/cilium-cr.yml.j2
index 8eae0e8edb61a9cc3f3941e8cb0faf9512e26d55..11fd0108752328d011b3d65a393381ba19fc59c5 100755
--- a/roles/network_plugin/cilium/templates/cilium-cr.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium-cr.yml.j2
@@ -54,9 +54,11 @@ rules:
   - get
   - list
   - watch
+  - update
 - apiGroups:
   - cilium.io
   resources:
   - ciliumnetworkpolicies
+  - ciliumendpoints
   verbs:
   - "*"
diff --git a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2 b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
index 9f48a62db20e3e02b398e751cc9b786a26708a3d..3d877a5cbf2df63bf4ec131b16620b2f23ba3401 100755
--- a/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
+++ b/roles/network_plugin/cilium/templates/cilium-ds.yml.j2
@@ -79,6 +79,13 @@ spec:
                 optional: true
                 key: prometheus-serve-addr
 {% endif %}
+        resources:
+          limits:
+            cpu: {{ cilium_cpu_limit }}
+            memory: {{ cilium_memory_limit }}
+          requests:
+            cpu: {{ cilium_cpu_requests }}
+            memory: {{ cilium_memory_requests }}
         livenessProbe:
           exec:
             command:
diff --git a/tests/files/gce_centos7-cilium.yml b/tests/files/gce_centos7-cilium.yml
index ca682f7ed91328d037a96c51e57f435e8c31a84a..ec46a213d65abcfbd0636138e05b6acd041533a9 100644
--- a/tests/files/gce_centos7-cilium.yml
+++ b/tests/files/gce_centos7-cilium.yml
@@ -7,5 +7,6 @@ mode: default
 # Deployment settings
 kube_network_plugin: cilium
 deploy_netchecker: true
+enable_network_policy: true
 kubedns_min_replicas: 1
 cloud_provider: gce
diff --git a/tests/files/gce_coreos-cilium.yml b/tests/files/gce_coreos-cilium.yml
index a090039700411f85b16ea4dacbd4e3cb7fb55a6c..1778929f09bf3289bf6becd867d432e4a159f4c5 100644
--- a/tests/files/gce_coreos-cilium.yml
+++ b/tests/files/gce_coreos-cilium.yml
@@ -9,5 +9,6 @@ kube_network_plugin: cilium
 bootstrap_os: coreos
 resolvconf_mode: host_resolvconf # this is required as long as the coreos stable channel uses docker < 1.12
 deploy_netchecker: true
+enable_network_policy: true
 kubedns_min_replicas: 1
 cloud_provider: gce
diff --git a/tests/files/gce_rhel7-cilium.yml b/tests/files/gce_rhel7-cilium.yml
index d67658a6c34ead1069d7b7a85cc04c7ca665ec5b..0994d0099968e866d51b514e3c5c3e1bff5ce709 100644
--- a/tests/files/gce_rhel7-cilium.yml
+++ b/tests/files/gce_rhel7-cilium.yml
@@ -6,5 +6,6 @@ mode: default
 # Deployment settings
 kube_network_plugin: cilium
 deploy_netchecker: true
+enable_network_policy: true
 kubedns_min_replicas: 1
 cloud_provider: gce
diff --git a/tests/files/gce_ubuntu-cilium-sep.yml b/tests/files/gce_ubuntu-cilium-sep.yml
index e7150a27ec5f48004e37d69a9833a7d5290df1ff..0c0647743922dee61e1914754fb618068edc942f 100644
--- a/tests/files/gce_ubuntu-cilium-sep.yml
+++ b/tests/files/gce_ubuntu-cilium-sep.yml
@@ -6,6 +6,7 @@ mode: separate
 # Deployment settings
 kube_network_plugin: cilium
 deploy_netchecker: true
+enable_network_policy: true
 kubedns_min_replicas: 1
 cloud_provider: gce