default policy

cluster/addons/podsecuritypolicies/privileged.yaml

@@ -0,0 +1,32 @@
+apiVersion: extensions/v1beta1
+kind: PodSecurityPolicy
+metadata:
+  annotations:
+    kubernetes.io/description: 'privileged allows access to all privileged and host
+      features and the ability to run as any user, any group, any fsGroup, and with
+      any SELinux context.'
+  creationTimestamp: 2016-05-06T19:28:58Z
+  name: privileged
+spec:
+  privileged: true
+  defaultAddCapabilities: null
+  requiredDropCapabilities: null
+  allowedCapabilities: null
+  volumes:
+  - '*'
+  hostNetwork: true
+  hostPorts:
+  -
+    min: 0
+    max: 65535
+  hostIPC: true
+  hostPID: true
+  runAsUser:
+    rule: 'RunAsAny'
+  seLinux:
+    rule: 'RunAsAny'
+  supplementalGroups:
+    rule: 'RunAsAny'
+  fsGroup:
+    rule: 'RunAsAny'
+  readOnlyRootFilesystem: false