Amazing. I have been searching for a solution to create a web application to get status of k8s cluster. The explanation is phenomenal and worked this way.
This is really great. Thank you. I think now I have better understanding how K8s operator pattern communicates with the api-server via HTTPS. It was just a black box for me before I watch this :)
Greate video! Thanks for sharing! One thing I notice if you do kubectl describe sa appsa after you do the rolebinding will not list the role or the rolebinding associatted. Again Thanks!
i created eks cluster fargate in private subnets, while creating service account using terraform from local, giving error could not reach cluster endpoint, is it expected?
are you going into container? how you are referring CA=/var/run... ? this path is available on the container only right ? then you did not show us how you are going into container ?
Does this demo incorporate best practices for secrets management? In other words, are there additional things one would need to do in a production environment to ensure that there is minimum risk of exfiltration of keys, or impersonation, etc.? If not, what are the next steps for finding out about securing the system?
This is indeed not a video about secrets management. It merely looks at the specific concept of Kubernetes service accounts and how you create a service account to access the Kubernetes API from inside the cluster. It does not look at Kubernetes secrets, or potentially encrypting them in etcd or how you work with application secrets from external stores etc...
The best explaination of ServiceAccount on RUclips. Even Udemy instructors don't have this content.
Thank you for your kind comment. I am glad you liked it!
Thanks for your illustration, I really learnt a lot in it!
I was struggling with the service account concept and now that has gone, awesome content. thanks!!!
Great explanation, everything clear and smooth.
Very nice video. Easy to understand the basics and working of service accounts. Thanks for sharing.
Amazing. I have been searching for a solution to create a web application to get status of k8s cluster. The explanation is phenomenal and worked this way.
Glad it helped!
This is really great. Thank you. I think now I have better understanding how K8s operator pattern communicates with the api-server via HTTPS. It was just a black box for me before I watch this :)
Thank you for clear-cut explanation.
brilliant topic and lecturer is awesome! thank you
superb explaination. Thanks alot
Super great explanation! Thank you!
Excellent video!!! Thank you sooooo much for sharing!🙏🙏🙏🙏🙏
Nice, thanks a lot! I was always confused about what service account does...
This is really helpful! Thank you!
Thank you for such a great explanation!
Glad it was helpful!
Fantastic. Thanks.
Great work
Perfect, thank you.
Really nice video. Thanks!
Amazing!!
nice and esay to follow, thank you¡¡¡
Pretty amazing. Keep up the good work.
Thanks a lot, very useful.
Glad it was helpful!
Thanks brother for such an informative video...
You're welcome!
Thank you very much for this video
amazing, thank you so much!
You're welcome!
thanks a lot!
Greate video! Thanks for sharing! One thing I notice if you do kubectl describe sa appsa after you do the rolebinding will not list the role or the rolebinding associatted. Again Thanks!
Excellent content
i created eks cluster fargate in private subnets, while creating service account using terraform from local, giving error could not reach cluster endpoint, is it expected?
I do not work with EKS or Fargate so I can’t be very helpful here I’m afraid.
are you going into container? how you are referring CA=/var/run... ? this path is available on the container only right ? then you did not show us how you are going into container ?
Indeed, I did not show that. In k9s, just press s on the pod to get a shell. Otherwise use
kubectl exec --stdin --tty PODNAME -- bash
@@GeertBaeke Thank you so much, this is in details explanation.
What kubernetes cluster are you running? Azure AKS?
Yes, AKS. Some videos just use Kind or K3S though…
Does this demo incorporate best practices for secrets management? In other words, are there additional things one would need to do in a production environment to ensure that there is minimum risk of exfiltration of keys, or impersonation, etc.? If not, what are the next steps for finding out about securing the system?
This is indeed not a video about secrets management. It merely looks at the specific concept of Kubernetes service accounts and how you create a service account to access the Kubernetes API from inside the cluster. It does not look at Kubernetes secrets, or potentially encrypting them in etcd or how you work with application secrets from external stores etc...
Hi @Geert Baeke
What linux distribution you use, it looks very fancy. Would you like to share?
Hi, it is Windows Subsystem for Linux 2 on Win10 running in Windows Terminal. Its just Ubuntu 18.04 with Oh My Zsh and customizations...
how can I delete that service account?