From the course: Kubernetes Essential Training: Application Development
Unlock the full course today
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Working with RBAC - Kubernetes Tutorial
From the course: Kubernetes Essential Training: Application Development
Working with RBAC
- [Instructor] The first step is to give the pod a user identity separate from the other pods. So all pods run as a user, a machine user called a service account. Now there's a service account that always exists called default. And unless you specify otherwise, all pods run as this service account called default. We could give the permissions that envbin needs to this default service account, but that would also give them to every other pod too. So we're not going to want to do that. We're going to want to make our own service account. I have a definition for one here, and it's pretty much the simplest object you can imagine. It's right in the core API group, it's, I've typed service account. It's got a name and it doesn't even have a spec. There is no configuration for this object. It just simply has to exist, so, let's apply it. I've also got a definition for an envbin pod so we can apply that too, but if we take a…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
Ensuring availability with liveness and readiness probes12m 28s
-
(Locked)
Managing resource usage with requests and limits9m 2s
-
(Locked)
The scheduler and influencing container placement7m 41s
-
(Locked)
Node affinity and anti-affinity5m 29s
-
(Locked)
The Horizontal Pod Autoscaler (HPA)10m 45s
-
(Locked)
Providing configuration with ConfigMaps8m 40s
-
(Locked)
Supplying sensitive data with Secrets3m 44s
-
(Locked)
Keeping secure with network policies5m 21s
-
(Locked)
Role-based access control in Kubernetes2m 18s
-
(Locked)
Working with RBAC5m 46s
-
-
-
-