Disable automounting service account token in servicelb pods

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>

pkg/servicelb/controller.go

@@ -25,6 +25,7 @@ import (
 	"k8s.io/client-go/kubernetes"
 	v1getter "k8s.io/client-go/kubernetes/typed/apps/v1"
 	coregetter "k8s.io/client-go/kubernetes/typed/core/v1"
+	utilpointer "k8s.io/utils/pointer"
 )
 
 var (
@@ -327,6 +328,9 @@ func (h *handler) newDaemonSet(svc *core.Service) (*apps.DaemonSet, error) {
 						svcNameLabel: svc.Name,
 					},
 				},
+				Spec: core.PodSpec{
+					AutomountServiceAccountToken: utilpointer.Bool(false),
+				},
 			},
 			UpdateStrategy: apps.DaemonSetUpdateStrategy{
 				Type: apps.RollingUpdateDaemonSetStrategyType,