Service Accounts

  1. 서비스 계정 갯수 확인

    kubectl get serviceaccounts
    controlplane ~ ➜  kubectl get serviceaccounts
    NAME      SECRETS   AGE
    default   1         5m2s
  2. 서비스 계정 상세 보기

    controlplane ~ ➜  kubectl describe serviceaccounts 
    Name:                default
    Namespace:           default
    Labels:              <none>
    Annotations:         <none>
    Image pull secrets:  <none>
    Mountable secrets:   default-token-4ps9v
    Tokens:              default-token-4ps9v
    Events:              <none>
  3. 서비스 계정 생성

    kubectl create serviceaccount dashboard-sa
  4. 서비스 계정을 연동하여 deployment 생성

    apiVersion: apps/v1
    kind: Deployment
    metadata:
      name: web-dashboard
      namespace: default
    spec:
      replicas: 1
      selector:
        matchLabels:
          name: web-dashboard
      strategy:
        rollingUpdate:
          maxSurge: 25%
          maxUnavailable: 25%
        type: RollingUpdate
      template:
        metadata:
          creationTimestamp: null
          labels:
            name: web-dashboard
        spec:
          serviceAccountName: dashboard-sa
          containers:
          - image: gcr.io/kodekloud/customimage/my-kubernetes-dashboard
            imagePullPolicy: Always
            name: web-dashboard
            ports:
            - containerPort: 8080
              protocol: TCP