From cf042b2a4c212358b550ca9a791bd972d74674bd Mon Sep 17 00:00:00 2001
From: Brad Beam <brad.beam@b-rad.info>
Date: Wed, 4 Jan 2017 16:51:11 -0600
Subject: [PATCH] Create network policy directory for canal

---
 roles/network_plugin/canal/defaults/main.yml                | 4 ++++
 roles/network_plugin/canal/tasks/main.yml                   | 5 +++++
 roles/network_plugin/canal/templates/calicoctl-container.j2 | 3 ++-
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/roles/network_plugin/canal/defaults/main.yml b/roles/network_plugin/canal/defaults/main.yml
index 7caf6dcd9..60adff59f 100644
--- a/roles/network_plugin/canal/defaults/main.yml
+++ b/roles/network_plugin/canal/defaults/main.yml
@@ -14,6 +14,9 @@ canal_log_level: "info"
 canal_cert_dir: /etc/canal/certs
 etcd_cert_dir: /etc/ssl/etcd/ssl
 
+# Canal Network Policy directory
+canal_policy_dir: /etc/kubernetes/policy
+
 # Limits for apps
 calico_node_memory_limit: 500M
 calico_node_cpu_limit: 200m
@@ -27,3 +30,4 @@ calicoctl_memory_limit: 170M
 calicoctl_cpu_limit: 100m
 calicoctl_memory_requests: 70M
 calicoctl_cpu_requests: 50m
+
diff --git a/roles/network_plugin/canal/tasks/main.yml b/roles/network_plugin/canal/tasks/main.yml
index dcfb5e118..7ccbcdf2e 100644
--- a/roles/network_plugin/canal/tasks/main.yml
+++ b/roles/network_plugin/canal/tasks/main.yml
@@ -68,3 +68,8 @@
     owner: root
     group: root
   changed_when: false
+
+- name: Canal | Create network policy directory
+  file:
+    path: "{{ canal_policy_dir }}"
+    state: directory
diff --git a/roles/network_plugin/canal/templates/calicoctl-container.j2 b/roles/network_plugin/canal/templates/calicoctl-container.j2
index df11a85ef..d65d88d46 100644
--- a/roles/network_plugin/canal/templates/calicoctl-container.j2
+++ b/roles/network_plugin/canal/templates/calicoctl-container.j2
@@ -8,7 +8,8 @@
 -v {{ docker_bin_dir }}/docker:{{ docker_bin_dir }}/docker \
 -v /var/run/docker.sock:/var/run/docker.sock \
 -v /var/run/calico:/var/run/calico \
--v {{ canal_cert_dir }}:{{ calico_cert_dir }}:ro \
+-v {{ canal_cert_dir }}:{{ canal_cert_dir }}:ro \
+-v {{ canal_policy_dir }}:{{ canal_policy_dir }}:ro \
 --memory={{ calicoctl_memory_limit|regex_replace('Mi', 'M') }} --cpu-shares={{ calicoctl_cpu_limit|regex_replace('m', '') }} \
 {{ calicoctl_image_repo }}:{{ calicoctl_image_tag}} \
 $@
-- 
GitLab