May 2018
Intermediate to advanced
554 pages
13h 51m
English
Content preview from Kubernetes Cookbook - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
How to do it...
In Kubernetes, there are two types of account; service accounts and user accounts. The major difference between them is that user accounts are not stored and managed in Kubernetes itself. They cannot be added through API calls. The following table is a simple comparison:
|
|
Service account |
User account |
|
Scope |
Namespaced |
Global |
|
Used by |
Processes |
Normal user |
|
Created by |
API server or via API calls |
Administrators, can't be added via API calls |
|
Managed by |
API server |
Outside the cluster |
Service accounts are used by processes inside a Pod to contact the API server. Kubernetes by default will create a service account named default. If there is no service account associated with a Pod, it'll ...