diff --git a/manifests/efk/es-dynamic-pv/es-statefulset.yaml b/manifests/efk/es-dynamic-pv/es-statefulset.yaml
index 0f5b111..4f1d10f 100644
--- a/manifests/efk/es-dynamic-pv/es-statefulset.yaml
+++ b/manifests/efk/es-dynamic-pv/es-statefulset.yaml
@@ -47,14 +47,14 @@ roleRef:
   apiGroup: ""
 ---
 # Elasticsearch deployment itself
-apiVersion: apps/v1beta2
+apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: elasticsearch-logging
   namespace: kube-system
   labels:
     k8s-app: elasticsearch-logging
-    version: v5.6.4
+    version: v6.6.1
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 spec:
@@ -63,18 +63,18 @@ spec:
   selector:
     matchLabels:
       k8s-app: elasticsearch-logging
-      version: v5.6.4
+      version: v6.6.1
   template:
     metadata:
       labels:
         k8s-app: elasticsearch-logging
-        version: v5.6.4
+        version: v6.6.1
         kubernetes.io/cluster-service: "true"
     spec:
       serviceAccountName: elasticsearch-logging
       containers:
-      #- image: gcr.io/google-containers/elasticsearch:v5.6.4
-      - image: mirrorgooglecontainers/elasticsearch:v5.6.4
+      #- image: gcr.io/fluentd-elasticsearch/elasticsearch:v6.6.1
+      - image: easzlab/elasticsearch:v6.6.1
         name: elasticsearch-logging
         resources:
           # need more cpu upon initialization, therefore burstable class
diff --git a/manifests/efk/es-static-pv/es-statefulset.yaml b/manifests/efk/es-static-pv/es-statefulset.yaml
index f8e7f4f..0816cc3 100644
--- a/manifests/efk/es-static-pv/es-statefulset.yaml
+++ b/manifests/efk/es-static-pv/es-statefulset.yaml
@@ -47,14 +47,14 @@ roleRef:
   apiGroup: ""
 ---
 # Elasticsearch deployment itself
-apiVersion: apps/v1beta2
+apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: elasticsearch-logging
   namespace: kube-system
   labels:
     k8s-app: elasticsearch-logging
-    version: v5.6.4
+    version: v6.6.1
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 spec:
@@ -63,18 +63,18 @@ spec:
   selector:
     matchLabels:
       k8s-app: elasticsearch-logging
-      version: v5.6.4
+      version: v6.6.1
   template:
     metadata:
       labels:
         k8s-app: elasticsearch-logging
-        version: v5.6.4
+        version: v6.6.1
         kubernetes.io/cluster-service: "true"
     spec:
       serviceAccountName: elasticsearch-logging
       containers:
-      #- image: gcr.io/google-containers/elasticsearch:v5.6.4
-      - image: mirrorgooglecontainers/elasticsearch:v5.6.4
+      #- image: gcr.io/fluentd-elasticsearch/elasticsearch:v6.6.1
+      - image: easzlab/elasticsearch:v6.6.1
         name: elasticsearch-logging
         resources:
           # need more cpu upon initialization, therefore burstable class
diff --git a/manifests/efk/es-without-pv/es-statefulset.yaml b/manifests/efk/es-without-pv/es-statefulset.yaml
index 4bd6584..6111fb6 100644
--- a/manifests/efk/es-without-pv/es-statefulset.yaml
+++ b/manifests/efk/es-without-pv/es-statefulset.yaml
@@ -47,14 +47,14 @@ roleRef:
   apiGroup: ""
 ---
 # Elasticsearch deployment itself
-apiVersion: apps/v1beta2
+apiVersion: apps/v1
 kind: StatefulSet
 metadata:
   name: elasticsearch-logging
   namespace: kube-system
   labels:
     k8s-app: elasticsearch-logging
-    version: v5.6.4
+    version: v6.6.1
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 spec:
@@ -63,18 +63,18 @@ spec:
   selector:
     matchLabels:
       k8s-app: elasticsearch-logging
-      version: v5.6.4
+      version: v6.6.1
   template:
     metadata:
       labels:
         k8s-app: elasticsearch-logging
-        version: v5.6.4
+        version: v6.6.1
         kubernetes.io/cluster-service: "true"
     spec:
       serviceAccountName: elasticsearch-logging
       containers:
-      #- image: gcr.io/google-containers/elasticsearch:v5.6.4
-      - image: mirrorgooglecontainers/elasticsearch:v5.6.4
+      #- image: gcr.io/fluentd-elasticsearch/elasticsearch:v6.6.1
+      - image: easzlab/elasticsearch:v6.6.1
         name: elasticsearch-logging
         resources:
           # need more cpu upon initialization, therefore burstable class
diff --git a/manifests/efk/fluentd-es-configmap.yaml b/manifests/efk/fluentd-es-configmap.yaml
index 09fbad0..a6d0cbe 100644
--- a/manifests/efk/fluentd-es-configmap.yaml
+++ b/manifests/efk/fluentd-es-configmap.yaml
@@ -1,6 +1,16 @@
 kind: ConfigMap
 apiVersion: v1
+metadata:
+  name: fluentd-es-config-v0.2.0
+  namespace: kube-system
+  labels:
+    addonmanager.kubernetes.io/mode: Reconcile
 data:
+  system.conf: |-
+    <system>
+      root_dir /tmp/fluentd-buffers/
+    </system>
+
   containers.input.conf: |-
     # This configuration file for Fluentd / td-agent is used
     # to watch changes to Docker log files. The kubelet creates symlinks that
@@ -101,226 +111,232 @@ data:
     # CRI Log Example:
     # 2016-02-17T00:04:05.931087621Z stdout F [info:2016-02-16T16:04:05.930-08:00] Some log text here
     <source>
-      type tail
+      @id fluentd-containers.log
+      @type tail
       path /var/log/containers/*.log
       pos_file /var/log/es-containers.log.pos
-      time_format %Y-%m-%dT%H:%M:%S.%NZ
-      tag kubernetes.*
+      tag raw.kubernetes.*
       read_from_head true
-      format multi_format
-      <pattern>
-        format json
-        time_key time
-        time_format %Y-%m-%dT%H:%M:%S.%NZ
-      </pattern>
-      <pattern>
-        format /^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$/
-        time_format %Y-%m-%dT%H:%M:%S.%N%:z
-      </pattern>
+      <parse>
+        @type multi_format
+        <pattern>
+          format json
+          time_key time
+          time_format %Y-%m-%dT%H:%M:%S.%NZ
+        </pattern>
+        <pattern>
+          format /^(?<time>.+) (?<stream>stdout|stderr) [^ ]* (?<log>.*)$/
+          time_format %Y-%m-%dT%H:%M:%S.%N%:z
+        </pattern>
+      </parse>
     </source>
+
+    # Detect exceptions in the log output and forward them as one log entry.
+    <match raw.kubernetes.**>
+      @id raw.kubernetes
+      @type detect_exceptions
+      remove_tag_prefix raw
+      message log
+      stream stream
+      multiline_flush_interval 5
+      max_bytes 500000
+      max_lines 1000
+    </match>
+
+    # Concatenate multi-line logs
+    <filter **>
+      @id filter_concat
+      @type concat
+      key message
+      multiline_end_regexp /\n$/
+      separator ""
+    </filter>
+
+    # Enriches records with Kubernetes metadata
+    <filter kubernetes.**>
+      @id filter_kubernetes_metadata
+      @type kubernetes_metadata
+    </filter>
+
+    # Fixes json fields in Elasticsearch
+    <filter kubernetes.**>
+      @id filter_parser
+      @type parser
+      key_name log
+      reserve_data true
+      remove_key_name_field true
+      <parse>
+        @type multi_format
+        <pattern>
+          format json
+        </pattern>
+        <pattern>
+          format none
+        </pattern>
+      </parse>
+    </filter>
+
   system.input.conf: |-
-    # Example:
-    # 2015-12-21 23:17:22,066 [salt.state       ][INFO    ] Completed state [net.ipv4.ip_forward] at time 23:17:22.066081
-    <source>
-      type tail
-      format /^(?<time>[^ ]* [^ ,]*)[^\[]*\[[^\]]*\]\[(?<severity>[^ \]]*) *\] (?<message>.*)$/
-      time_format %Y-%m-%d %H:%M:%S
-      path /var/log/salt/minion
-      pos_file /var/log/es-salt.pos
-      tag salt
-    </source>
 
-    # Example:
-    # Dec 21 23:17:22 gke-foo-1-1-4b5cbd14-node-4eoj startupscript: Finished running startup script /var/run/google.startup.script
+    # Logs from systemd-journal for interesting services.
+    # TODO(random-liu): Remove this after cri container runtime rolls out.
     <source>
-      type tail
-      format syslog
-      path /var/log/startupscript.log
-      pos_file /var/log/es-startupscript.log.pos
-      tag startupscript
-    </source>
-
-    # Examples:
-    # time="2016-02-04T06:51:03.053580605Z" level=info msg="GET /containers/json"
-    # time="2016-02-04T07:53:57.505612354Z" level=error msg="HTTP Error" err="No such image: -f" statusCode=404
-    <source>
-      type tail
-      format /^time="(?<time>[^)]*)" level=(?<severity>[^ ]*) msg="(?<message>[^"]*)"( err="(?<error>[^"]*)")?( statusCode=($<status_code>\d+))?/
-      path /var/log/docker.log
-      pos_file /var/log/es-docker.log.pos
+      @id journald-docker
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "docker.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-docker.pos
+      </storage>
+      read_from_head true
       tag docker
     </source>
 
-    # Example:
-    # 2016/02/04 06:52:38 filePurge: successfully removed file /var/etcd/data/member/wal/00000000000006d0-00000000010a23d1.wal
     <source>
-      type tail
-      # Not parsing this, because it doesn't have anything particularly useful to
-      # parse out of it (like severities).
-      format none
-      path /var/log/etcd.log
-      pos_file /var/log/es-etcd.log.pos
+      @id journald-container-runtime
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "{{ fluentd_container_runtime_service }}.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-container-runtime.pos
+      </storage>
+      read_from_head true
+      tag container-runtime
+    </source>
+
+    <source>
+      @id journald-etcd
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "etcd.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-etcd.pos
+      </storage>
+      read_from_head true
       tag etcd
     </source>
 
-    # Multi-line parsing is required for all the kube logs because very large log
-    # statements, such as those that include entire object bodies, get split into
-    # multiple lines by glog.
-
-    # Example:
-    # I0204 07:32:30.020537    3368 server.go:1048] POST /stats/container/: (13.972191ms) 200 [[Go-http-client/1.1] 10.244.1.3:40537]
     <source>
-      type tail
-      format multiline
-      multiline_flush_interval 5s
-      format_firstline /^\w\d{4}/
-      format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
-      time_format %m%d %H:%M:%S.%N
-      path /var/log/kubelet.log
-      pos_file /var/log/es-kubelet.log.pos
-      tag kubelet
-    </source>
-
-    # Example:
-    # I1118 21:26:53.975789       6 proxier.go:1096] Port "nodePort for kube-system/default-http-backend:http" (:31429/tcp) was open before and is still needed
-    <source>
-      type tail
-      format multiline
-      multiline_flush_interval 5s
-      format_firstline /^\w\d{4}/
-      format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
-      time_format %m%d %H:%M:%S.%N
-      path /var/log/kube-proxy.log
-      pos_file /var/log/es-kube-proxy.log.pos
-      tag kube-proxy
-    </source>
-
-    # Example:
-    # I0204 07:00:19.604280       5 handlers.go:131] GET /api/v1/nodes: (1.624207ms) 200 [[kube-controller-manager/v1.1.3 (linux/amd64) kubernetes/6a81b50] 127.0.0.1:38266]
-    <source>
-      type tail
-      format multiline
-      multiline_flush_interval 5s
-      format_firstline /^\w\d{4}/
-      format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
-      time_format %m%d %H:%M:%S.%N
-      path /var/log/kube-apiserver.log
-      pos_file /var/log/es-kube-apiserver.log.pos
+      @id journald-kube-apiserver
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "kube-apiserver.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-kube-apiserver.pos
+      </storage>
+      read_from_head true
       tag kube-apiserver
     </source>
 
-    # Example:
-    # I0204 06:55:31.872680       5 servicecontroller.go:277] LB already exists and doesn't need update for service kube-system/kube-ui
     <source>
-      type tail
-      format multiline
-      multiline_flush_interval 5s
-      format_firstline /^\w\d{4}/
-      format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
-      time_format %m%d %H:%M:%S.%N
-      path /var/log/kube-controller-manager.log
-      pos_file /var/log/es-kube-controller-manager.log.pos
+      @id journald-kube-controller-manager
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "kube-controller-manager.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-kube-controller-manager.pos
+      </storage>
+      read_from_head true
       tag kube-controller-manager
     </source>
 
-    # Example:
-    # W0204 06:49:18.239674       7 reflector.go:245] pkg/scheduler/factory/factory.go:193: watch of *api.Service ended with: 401: The event in requested index is outdated and cleared (the requested history has been cleared [2578313/2577886]) [2579312]
     <source>
-      type tail
-      format multiline
-      multiline_flush_interval 5s
-      format_firstline /^\w\d{4}/
-      format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
-      time_format %m%d %H:%M:%S.%N
-      path /var/log/kube-scheduler.log
-      pos_file /var/log/es-kube-scheduler.log.pos
+      @id journald-kube-scheduler
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "kube-scheduler.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-kube-scheduler.pos
+      </storage>
+      read_from_head true
       tag kube-scheduler
     </source>
 
-    # Example:
-    # I1104 10:36:20.242766       5 rescheduler.go:73] Running Rescheduler
     <source>
-      type tail
-      format multiline
-      multiline_flush_interval 5s
-      format_firstline /^\w\d{4}/
-      format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
-      time_format %m%d %H:%M:%S.%N
-      path /var/log/rescheduler.log
-      pos_file /var/log/es-rescheduler.log.pos
-      tag rescheduler
-    </source>
-
-    # Example:
-    # I0603 15:31:05.793605       6 cluster_manager.go:230] Reading config from path /etc/gce.conf
-    <source>
-      type tail
-      format multiline
-      multiline_flush_interval 5s
-      format_firstline /^\w\d{4}/
-      format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
-      time_format %m%d %H:%M:%S.%N
-      path /var/log/glbc.log
-      pos_file /var/log/es-glbc.log.pos
-      tag glbc
-    </source>
-
-    # Example:
-    # I0603 15:31:05.793605       6 cluster_manager.go:230] Reading config from path /etc/gce.conf
-    <source>
-      type tail
-      format multiline
-      multiline_flush_interval 5s
-      format_firstline /^\w\d{4}/
-      format1 /^(?<severity>\w)(?<time>\d{4} [^\s]*)\s+(?<pid>\d+)\s+(?<source>[^ \]]+)\] (?<message>.*)/
-      time_format %m%d %H:%M:%S.%N
-      path /var/log/cluster-autoscaler.log
-      pos_file /var/log/es-cluster-autoscaler.log.pos
-      tag cluster-autoscaler
-    </source>
-
-    # Logs from systemd-journal for interesting services.
-    <source>
-      type systemd
-      filters [{ "_SYSTEMD_UNIT": "docker.service" }]
-      pos_file /var/log/gcp-journald-docker.pos
-      read_from_head true
-      tag docker
-    </source>
-
-    <source>
-      type systemd
-      filters [{ "_SYSTEMD_UNIT": "kubelet.service" }]
-      pos_file /var/log/gcp-journald-kubelet.pos
+      @id journald-kubelet
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "kubelet.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-kubelet.pos
+      </storage>
       read_from_head true
       tag kubelet
     </source>
 
     <source>
-      type systemd
-      filters [{ "_SYSTEMD_UNIT": "node-problem-detector.service" }]
-      pos_file /var/log/gcp-journald-node-problem-detector.pos
+      @id journald-kube-proxy
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "kube-proxy.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-kube-proxy.pos
+      </storage>
+      read_from_head true
+      tag kube-proxy
+    </source>
+
+    <source>
+      @id journald-node-problem-detector
+      @type systemd
+      matches [{ "_SYSTEMD_UNIT": "node-problem-detector.service" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/journald-node-problem-detector.pos
+      </storage>
       read_from_head true
       tag node-problem-detector
     </source>
+
+    <source>
+      @id kernel
+      @type systemd
+      matches [{ "_TRANSPORT": "kernel" }]
+      <storage>
+        @type local
+        persistent true
+        path /var/log/kernel.pos
+      </storage>
+      <entry>
+        fields_strip_underscores true
+        fields_lowercase true
+      </entry>
+      read_from_head true
+      tag kernel
+    </source>
+
   forward.input.conf: |-
     # Takes the messages sent over TCP
     <source>
-      type forward
+      @id forward
+      @type forward
     </source>
+
   monitoring.conf: |-
     # Prometheus Exporter Plugin
     # input plugin that exports metrics
     <source>
+      @id prometheus
       @type prometheus
     </source>
 
     <source>
+      @id monitor_agent
       @type monitor_agent
     </source>
 
     # input plugin that collects metrics from MonitorAgent
     <source>
+      @id prometheus_monitor
       @type prometheus_monitor
       <labels>
         host ${hostname}
@@ -329,6 +345,7 @@ data:
 
     # input plugin that collects metrics for output plugin
     <source>
+      @id prometheus_output_monitor
       @type prometheus_output_monitor
       <labels>
         host ${hostname}
@@ -337,37 +354,34 @@ data:
 
     # input plugin that collects metrics for in_tail plugin
     <source>
+      @id prometheus_tail_monitor
       @type prometheus_tail_monitor
       <labels>
         host ${hostname}
       </labels>
     </source>
-  output.conf: |-
-    # Enriches records with Kubernetes metadata
-    <filter kubernetes.**>
-      type kubernetes_metadata
-    </filter>
 
+  output.conf: |-
     <match **>
-       type elasticsearch
-       log_level info
-       include_tag_key true
-       host elasticsearch-logging
-       port 9200
-       logstash_format true
-       # Set the chunk limits.
-       buffer_chunk_limit 2M
-       buffer_queue_limit 8
-       flush_interval 5s
-       # Never wait longer than 5 minutes between retries.
-       max_retry_wait 30
-       # Disable the limit on the number of retries (retry forever).
-       disable_retry_limit
-       # Use multiple threads for processing.
-       num_threads 2
+      @id elasticsearch
+      @type elasticsearch
+      @log_level info
+      type_name _doc
+      include_tag_key true
+      host elasticsearch-logging
+      port 9200
+      logstash_format true
+      <buffer>
+        @type file
+        path /var/log/fluentd-buffers/kubernetes.system.buffer
+        flush_mode interval
+        retry_type exponential_backoff
+        flush_thread_count 2
+        flush_interval 5s
+        retry_forever
+        retry_max_interval 30
+        chunk_limit_size 2M
+        queue_limit_length 8
+        overflow_action block
+      </buffer>
     </match>
-metadata:
-  name: fluentd-es-config-v0.1.1
-  namespace: kube-system
-  labels:
-    addonmanager.kubernetes.io/mode: Reconcile
diff --git a/manifests/efk/fluentd-es-ds.yaml b/manifests/efk/fluentd-es-ds.yaml
index 0417538..9932d35 100644
--- a/manifests/efk/fluentd-es-ds.yaml
+++ b/manifests/efk/fluentd-es-ds.yaml
@@ -45,38 +45,40 @@ roleRef:
   name: fluentd-es
   apiGroup: ""
 ---
-apiVersion: apps/v1beta2
+apiVersion: apps/v1
 kind: DaemonSet
 metadata:
-  name: fluentd-es-v2.0.2
+  name: fluentd-es-v2.4.0
   namespace: kube-system
   labels:
     k8s-app: fluentd-es
-    version: v2.0.2
+    version: v2.4.0
     kubernetes.io/cluster-service: "true"
     addonmanager.kubernetes.io/mode: Reconcile
 spec:
   selector:
     matchLabels:
       k8s-app: fluentd-es
-      version: v2.0.2
+      version: v2.4.0
   template:
     metadata:
       labels:
         k8s-app: fluentd-es
         kubernetes.io/cluster-service: "true"
-        version: v2.0.2
+        version: v2.4.0
       # This annotation ensures that fluentd does not get evicted if the node
       # supports critical pod annotation based priority scheme.
       # Note that this does not guarantee admission on the nodes (#40573).
       annotations:
         scheduler.alpha.kubernetes.io/critical-pod: ''
+        seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
     spec:
+      priorityClassName: system-node-critical
       serviceAccountName: fluentd-es
       containers:
       - name: fluentd-es
-        #image: gcr.io/google-containers/fluentd-elasticsearch:v2.0.2
-        image: mirrorgooglecontainers/fluentd-elasticsearch:v2.0.2
+        #image: k8s.gcr.io/fluentd-elasticsearch:v2.4.0
+        image: mirrorgooglecontainers/fluentd-elasticsearch:v2.4.0
         env:
         - name: FLUENTD_ARGS
           value: --no-supervisor -q
@@ -92,13 +94,10 @@ spec:
         - name: varlibdockercontainers
           mountPath: /var/lib/docker/containers
           readOnly: true
-        - name: libsystemddir
-          mountPath: /host/lib
-          readOnly: true
         - name: config-volume
           mountPath: /etc/fluent/config.d
-      nodeSelector:
-        beta.kubernetes.io/fluentd-ds-ready: "true"
+      #nodeSelector:
+        #beta.kubernetes.io/fluentd-ds-ready: "true"
       terminationGracePeriodSeconds: 30
       volumes:
       - name: varlog
@@ -107,10 +106,6 @@ spec:
       - name: varlibdockercontainers
         hostPath:
           path: /var/lib/docker/containers
-      # It is needed to copy systemd library to decompress journals
-      - name: libsystemddir
-        hostPath:
-          path: /usr/lib64
       - name: config-volume
         configMap:
-          name: fluentd-es-config-v0.1.1
+          name: fluentd-es-config-v0.2.0
diff --git a/manifests/efk/kibana-deployment.yaml b/manifests/efk/kibana-deployment.yaml
index 676abc7..e7cf9cc 100644
--- a/manifests/efk/kibana-deployment.yaml
+++ b/manifests/efk/kibana-deployment.yaml
@@ -1,4 +1,4 @@
-apiVersion: apps/v1beta2
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: kibana-logging
@@ -16,11 +16,13 @@ spec:
     metadata:
       labels:
         k8s-app: kibana-logging
+      annotations:
+        seccomp.security.alpha.kubernetes.io/pod: 'docker/default'
     spec:
       containers:
       - name: kibana-logging
-        #image: docker.elastic.co/kibana/kibana:5.6.4
-        image: jmgao1983/kibana:5.6.4
+        #image: docker.elastic.co/kibana/kibana-oss:6.6.1
+        image: easzlab/kibana-oss:6.6.1
         resources:
           # need more cpu upon initialization, therefore burstable class
           limits:
@@ -31,12 +33,7 @@ spec:
           - name: ELASTICSEARCH_URL
             value: http://elasticsearch-logging:9200
           - name: SERVER_BASEPATH
-            #value: /api/v1/proxy/namespaces/kube-system/services/kibana-logging
             value: /api/v1/namespaces/kube-system/services/kibana-logging/proxy
-          - name: XPACK_MONITORING_ENABLED
-            value: "false"
-          - name: XPACK_SECURITY_ENABLED
-            value: "false"
         ports:
         - containerPort: 5601
           name: ui