Kubernetes Service Account in detail | Service Account tutorial
Vivek Singh
View ChannelAbout
Hey, My name is Vivek, I am Software Engineer working around Open Source and Cloud Native technologies around Kubernetes primarily using Go as programming language. In this channel I am going to create videos about Containers, Kubernetes, Go programming language and Software Engineering in general. In these videos I am planning to actually show you things by doing, instead of just talking about them; so that you would actually learn about them and can use them either at your work or as some other place.
Latest Posts
Video Description
In this video I talked about what are Kubernetes Service Account resources and how do we can use them in the processes (programs) that are running in Kubernetes, to access Kubernetes API-Server. We also talked about the controllers that are responsible for creating the Service Accounts in every namespace and making sure that the Service Account that is being referred from Pod is actually available. Apart from that we actually looked into the content of the secret that gets create when we create a Service Account, how we can create that secret by our own. There was some confusion at 27:15 where I wanted to confirm if the command that we ran `kubectl get pods` was using the token that was mounted in the pod but in hurry couldn't confirm. Here is how the log looks like ``` kubectl get pods -v 6 I0321 17:57:00.285247 185 merged_client_builder.go:164] Using in-cluster namespace I0321 17:57:00.285372 185 merged_client_builder.go:122] Using in-cluster configuration ``` and using in-cluster configuration simply means that, kubectl is getting authentication details from `/var/run/secrets/kubernetes.io/serviceaccount/` Web: https://viveksingh.dev/ *SA : Service Account 00:00 Introduction 00:18 Agenda 00:27 Users of Kubernetes Cluster 02:18 What are Kubernetes Service Accounts 03:45 Service Account Controllers 04:44 Default Service Account in a Pod and privilege 06:40 Summary of what have been discussed 07:20 Secret that Service Account refers to 08:40 Create a namespace to demo things 09:45 Detailed look into the Service Account's Secret 10:49 What is ca.crt in the SA's Secret 14:30 What is token in the SA's Secret 15:16 Using details from SA's Secret to access API Server 19:10 How SA details are mounted in Pod 21:00 How an application uses the mounted SA 22:50 Access that default SA has 28:36 Name format of SA user 29:29 Don't mount SA token automatically 31:41 Creating SA secret manually 33:05 Creating custom Service Account 35:09 Like and Subscribe
Boost Kubernetes Skills: Get Equipped Today!
AI-recommended products based on this video
How to Draw Patterns: Easy and Fun Step-by-Step Guide for Unique Creations
Dan&Darci Fairy Magic Potion Kit for Kids - Gifts for Girls - 6 7 8 9 10 Year Old Girl Gift - Christmas Ideas - Toys 8-10 7-8 - Arts and Crafts for Kid Ages 6-8 Years - Magical Workshop Craft Kits
TRAUSI HD Webcam with Microphone, Noise Cancellation, Privacy Cover, Wide-Angle Lens, Auto Light Correction, Plug & Play USB Webcam for Laptop, Desktop, PC, Mac, Zoom, Skype, Streaming (1080P, Black)
TRAUSI 1080P HD Webcam with Microphone, Noise Cancellation, Privacy Cover, Wide-Angle Lens, Auto Light Correction, Plug & Play USB Webcam for Laptop, Desktop, PC, Mac, Zoom, Skype, Streaming Black
10Gtek USB WiFi Adapter, for PC, AC600M USB WiFi Dongle 802.11ac Wireless Network Adapter with Dual Band 2.4GHz/5Ghz for Desktop Laptop Support Windows 10/8/7/XP, MAC OS, Linux etc
1300Mbps Wireless WiFi Adapter, USB3.0 WiFi Dongle 2.4G/5G 802.11AC Network Adapter Receiver with High Gain Antenna for Desktop Laptop PC, Support Windows 11/10/8/8.1/7/Vista/XP, Mac 10.6-10.15
Firefly Variety 8 Pack - Fire Starter Accessory for Swiss Army Victorinox Knives (Neon Green-Yellow Glow)
9-in-1 5000A 150PSI Car Battery Booster Jump Starter with Air Compressor (All Gas/9L Diesel), Portable Car Battery Booster Pack, Safe Durable Car Jump Starter with Extended Jumper Cables, Glove, Light
【DDR3 RAM】 GIGASTONE 16GB Kit (2x8GB) DDR3/DDR3L 1600MHz (1333MHz) PC3-12800 (PC3-10600) CL11 1.35V/1.5V 2Rx8 UDIMM 240 Pin Unbuffered Non ECC High Performance PC Desktop Memory Upgrade
【DDR3 RAM】 GIGASTONE 32GB Kit (4x8GB) DDR3/DDR3L 1600MHz (1333MHz) PC3-12800 (PC3-10600) CL11 1.35V/1.5V 2Rx8 UDIMM 240 Pin Unbuffered Non ECC High Performance PC Desktop Memory Upgrade
【DDR3 RAM Laptop Only】 GIGASTONE 16GB Kit (2x8GB) DDR3/DDR3L 1600MHz (1333MHz) PC3-12800 (PC3-10600) CL11 1.35V/1.5V 2Rx8 SODIMM 204 Pin Unbuffered Non ECC High Performance Notebook Memory Upgrade
TEAMGROUP Elite DDR4 16GB Kit (2 x 8GB) 3200MHz PC4-25600 CL22 Unbuffered Non-ECC 1.2V SODIMM 260-Pin Laptop Notebook PC Computer Memory Module Ram Upgrade - TED416G3200C22DC-S01
