c12s-kubespray/roles/kubernetes-apps/policy_controller/calico/tasks/main.yml

- set_fact:
    calico_cert_dir: "{{ canal_cert_dir }}"
  when: kube_network_plugin == 'canal'
  tags: [facts, canal]

- name: Write calico-policy-controller yaml
  template:
    src: calico-policy-controller.yml.j2
    dest: "{{kube_config_dir}}/calico-policy-controller.yml"
  when: inventory_hostname == groups['kube-master'][0]
  tags: canal

- name: Start of Calico policy controller
  kube:
    name: "calico-policy-controller"
    kubectl: "{{bin_dir}}/kubectl"
    filename: "{{kube_config_dir}}/calico-policy-controller.yml"
    namespace: "{{system_namespace}}"
    resource: "rs"
  when: inventory_hostname == groups['kube-master'][0]
  tags: canal