diff --git a/roles/network_plugin/calico/templates/calico-apiserver.yml.j2 b/roles/network_plugin/calico/templates/calico-apiserver.yml.j2 index 2ee15b4c8..dabc7a3f5 100644 --- a/roles/network_plugin/calico/templates/calico-apiserver.yml.j2 +++ b/roles/network_plugin/calico/templates/calico-apiserver.yml.j2 @@ -285,35 +285,3 @@ subjects: - kind: ServiceAccount name: calico-apiserver namespace: calico-apiserver - ---- - -apiVersion: policy/v1beta1 -kind: PodSecurityPolicy -metadata: - annotations: - seccomp.security.alpha.kubernetes.io/allowedProfileNames: '*' - name: calico-apiserver -spec: - allowPrivilegeEscalation: false - fsGroup: - ranges: - - max: 65535 - min: 1 - rule: MustRunAs - hostPorts: - - max: 65535 - min: 0 - requiredDropCapabilities: - - ALL - runAsUser: - rule: RunAsAny - seLinux: - rule: RunAsAny - supplementalGroups: - ranges: - - max: 65535 - min: 1 - rule: MustRunAs - volumes: - - secret