Side Gadgets

Kubernetes 101 : Service Accounts


ByPosted at
Share

Kubernetes uses a service account to authenticate services and applications process with the API server.

The service account can be assigned to a pod for example and be
attached to role-based access control rules.

When we install kubernetesa default service account is created and it is used by pods that don't have a service account associated with them .

To create a service account named "sa_1" using the command line we use the below command:


We could also create a service account using a Yaml file as below:


We could check our newly created service account using the below command:


To see more details about our service accounts, including their authentication token, we could use the below command:


We could also check the authentication token - included in the kubernetes secret - that the service account uses as follows:


Remark:

A secret is a kubernetes object that holds "secret" information like passwords for example. The pod has access to its secret through a mounted volume.

We could assign our service account to a pod using the below:


We could also do it using a pod's Yaml file as follows:


Post a Comment
Labels
Random thoughts, and observations about our daily lives, to make us reflect about life in general.

Comments

Leave as a comment:

Archive