--- charts-original/templates/cilium-agent/daemonset.yaml
+++ charts/templates/cilium-agent/daemonset.yaml
@@ -1,3 +1,11 @@
+{{- if empty .Values.global.clusterCIDRv4 }}
+{{- $_ := set .Values.ipv4 "enabled" false -}}
+{{- end }}
+
+{{- if not (empty .Values.global.clusterCIDRv6) }}
+{{- $_ := set .Values.ipv6 "enabled" true -}}
+{{- end }}
+
 {{- if and .Values.agent (not .Values.preflight.enabled) }}
 
 {{- /*  Default values with backwards compatibility */ -}}
@@ -73,7 +81,7 @@
       {{- end }}
       containers:
       - name: cilium-agent
-        image: {{ include "cilium.image" .Values.image | quote }}
+        image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         {{- if .Values.sleepAfterInit }}
         command:
@@ -391,7 +399,7 @@
         {{- end }}
       {{- if .Values.monitor.enabled }}
       - name: cilium-monitor
-        image: {{ include "cilium.image" .Values.image | quote }}
+        image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         command:
         - /bin/bash
@@ -419,7 +427,7 @@
       # Required to mount cgroup2 filesystem on the underlying Kubernetes node.
       # We use nsenter command with host's cgroup and mount namespaces enabled.
       - name: mount-cgroup
-        image: {{ include "cilium.image" .Values.image | quote }}
+        image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         env:
         - name: CGROUP_ROOT
@@ -464,7 +472,7 @@
               - SYS_PTRACE
           {{- end}}
       - name: apply-sysctl-overwrites
-        image: {{ include "cilium.image" .Values.image | quote }}
+        image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         env:
         - name: BIN_PATH
@@ -512,7 +520,7 @@
       # from a privileged container because the mount propagation bidirectional
       # only works from privileged containers.
       - name: mount-bpf-fs
-        image: {{ include "cilium.image" .Values.image | quote }}
+        image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         args:
         - 'mount | grep "/sys/fs/bpf type bpf" || mount -t bpf bpf /sys/fs/bpf'
@@ -532,7 +540,7 @@
       {{- end }}
       {{- if and .Values.nodeinit.enabled .Values.nodeinit.bootstrapFile }}
       - name: wait-for-node-init
-        image: {{ include "cilium.image" .Values.image | quote }}
+        image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         command:
         - sh
@@ -545,9 +553,11 @@
         volumeMounts:
         - name: cilium-bootstrap-file-dir
           mountPath: "/tmp/cilium-bootstrap.d"
+        securityContext:
+          privileged: true
       {{- end }}
       - name: clean-cilium-state
-        image: {{ include "cilium.image" .Values.image | quote }}
+        image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         command:
         - /init-container.sh
@@ -627,7 +637,7 @@
         {{- end }}
       {{- if and .Values.waitForKubeProxy (ne $kubeProxyReplacement "strict") }}
       - name: wait-for-kube-proxy
-        image: {{ include "cilium.image" .Values.image | quote }}
+        image: "{{ template "system_default_registry" . }}{{ include "cilium.image" .Values.image }}"
         imagePullPolicy: {{ .Values.image.pullPolicy }}
         securityContext:
           privileged: true