Create network policy directory for canal

roles/network_plugin/canal/defaults/main.yml

@@ -14,6 +14,9 @@ canal_log_level: "info"
 canal_cert_dir: /etc/canal/certs
 etcd_cert_dir: /etc/ssl/etcd/ssl
 
+# Canal Network Policy directory
+canal_policy_dir: /etc/kubernetes/policy
+
 # Limits for apps
 calico_node_memory_limit: 500M
 calico_node_cpu_limit: 200m
@@ -27,3 +30,4 @@ calicoctl_memory_limit: 170M
 calicoctl_cpu_limit: 100m
 calicoctl_memory_requests: 70M
 calicoctl_cpu_requests: 50m
+

roles/network_plugin/canal/tasks/main.yml

@@ -68,3 +68,8 @@
     owner: root
     group: root
   changed_when: false
+
+- name: Canal | Create network policy directory
+  file:
+    path: "{{ canal_policy_dir }}"
+    state: directory

roles/network_plugin/canal/templates/calicoctl-container.j2

@@ -8,7 +8,8 @@
 -v {{ docker_bin_dir }}/docker:{{ docker_bin_dir }}/docker \
 -v /var/run/docker.sock:/var/run/docker.sock \
 -v /var/run/calico:/var/run/calico \
--v {{ canal_cert_dir }}:{{ calico_cert_dir }}:ro \
+-v {{ canal_cert_dir }}:{{ canal_cert_dir }}:ro \
+-v {{ canal_policy_dir }}:{{ canal_policy_dir }}:ro \
 --memory={{ calicoctl_memory_limit|regex_replace('Mi', 'M') }} --cpu-shares={{ calicoctl_cpu_limit|regex_replace('m', '') }} \
 {{ calicoctl_image_repo }}:{{ calicoctl_image_tag}} \
 $@