January 2019
Intermediate to advanced
484 pages
11h 48m
English
In Kubernetes, there are two kinds of user account: service account and user account. All the requests to the API server are sent either by a service account or a user account. Service accounts are managed by the Kubernetes API. In contrast, user accounts are not managed and stored in Kubernetes. The following is a simple comparison of service and user accounts:
| Service account | User account | |
| Scope | Namespaced | Global |
| Used by | Processes | Normal user |
| Created by | API server or via API calls | Administrators, not by API calls |
| Managed by | API server | Outside the cluster |
By default, a Kubernetes cluster creates different service accounts for different purposes. In GKE, there are a bunch of service accounts that have been created: ...
Read now
Unlock full access