From the course: Certified Kubernetes Application Developer (CKAD) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
API access and ServiceAccounts - Kubernetes Tutorial
From the course: Certified Kubernetes Application Developer (CKAD) Cert Prep
API access and ServiceAccounts
“
- So all actions in the Kubernetes cluster need to be authenticated and authorized. ServiceAccounts are used for basic authentication from within the Kubernetes cluster, and a role-based access control or RBAC is used to connect a ServiceAccount to a specific role. Every pod uses the default ServiceAccount to connect to the API server. And this default ServiceAccount allows a resource to get information from the API server, but not much else. Each ServiceAccount uses a secret to automount API credentials within the application. In some cases, you will need custom ServiceAccount. Do remember that most bots do fine with a default ServiceAccount, however, and if a pod needs access to resources in the cluster, a custom ServiceAccount that uses our RoleBinding to connect to a specific role is needed. For instance, this is needed for network plugins, monitoring software, and other additional components that are installed in Kubernetes. Let's have a look at these ServiceAccounts. So let's…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Watch this course anytime, anywhere.
Get started with a free trial today.
Contents
-
-
(Locked)
Module 1: Container fundamentals introduction29s
-
(Locked)
Learning objectives45s
-
(Locked)
What is a container?3m 47s
-
(Locked)
Using registries3m 25s
-
(Locked)
Starting containers8m 20s
-
(Locked)
Managing containers6m 14s
-
(Locked)
Container logging2m 44s
-
(Locked)
Lesson 1 lab: Using containers1m 1s
-
(Locked)
Lesson 1 lab solution: Using containers2m 7s
-
(Locked)
-
-
(Locked)
Learning objectives35s
-
(Locked)
Container image architecture2m
-
(Locked)
Managing container images2m 29s
-
(Locked)
Image creation options2m 29s
-
(Locked)
Using Dockerfile to build custom images4m 55s
-
(Locked)
Creating images from running containers2m 16s
-
(Locked)
Lesson 2 lab: Creating custom container images18s
-
(Locked)
Lesson 2 lab solution: Creating custom container images47s
-
(Locked)
-
-
(Locked)
Learning objectives43s
-
(Locked)
Cloud native computing2m 27s
-
(Locked)
How Kubernetes enables cloud native computing2m 4s
-
(Locked)
Kubernetes origins1m
-
(Locked)
Kubernetes and Cloud Native Computing Foundation5m 41s
-
(Locked)
Kubernetes architecture3m 40s
-
(Locked)
Essential API resources4m 23s
-
(Locked)
Lesson 3 lab: Exploring Kubernetes API resources1m 19s
-
(Locked)
Lesson 3 lab solution: Exploring Kubernetes API resources2m 29s
-
(Locked)
-
-
(Locked)
Learning objectives59s
-
(Locked)
Kubernetes deployment options3m 5s
-
(Locked)
Minikube3m 10s
-
(Locked)
Kubernetes in cloud1m 12s
-
(Locked)
Building an all-in-one Kubernetes distribution6m 23s
-
(Locked)
Running your first application5m 9s
-
(Locked)
Lesson 4 lab: Setting up a lab environment1m 1s
-
(Locked)
Lesson 4 lab solution: Setting up a lab environment1m 47s
-
(Locked)
-
-
(Locked)
Module 2: Kubernetes essentials introduction33s
-
(Locked)
Learning objectives53s
-
(Locked)
Options for running Kubernetes applications1m 31s
-
(Locked)
Pod structure and use4m 32s
-
(Locked)
Running pods the DevOps way6m 51s
-
(Locked)
Generating YAML files2m 29s
-
(Locked)
Multi-container pods4m 45s
-
(Locked)
Namespaces4m 43s
-
(Locked)
Pod troubleshooting5m 34s
-
(Locked)
Lesson 5 lab: Managing pods30s
-
(Locked)
Lesson 5 lab solution: Managing pods2m 43s
-
(Locked)
-
-
(Locked)
Learning objectives48s
-
(Locked)
Init containers4m 15s
-
(Locked)
Sidecar containers6m 33s
-
(Locked)
Using port forwarding to access pods2m 53s
-
(Locked)
restartPolicy4m 30s
-
(Locked)
Jobs6m 49s
-
(Locked)
CronJobs4m 53s
-
(Locked)
Cleaning up resources3m 23s
-
(Locked)
Lesson 6 lab: Managing pod advanced features29s
-
(Locked)
Lesson 6 lab solution: Managing pod advanced features4m 30s
-
(Locked)
-
-
(Locked)
Learning objectives47s
-
(Locked)
Ephemeral and persistent storage2m 29s
-
(Locked)
Configuring pod volume storage9m 15s
-
(Locked)
Configuring persistent volumes9m 6s
-
(Locked)
StorageClass3m 16s
-
(Locked)
Configuring PersistentVolumeClaims4m 54s
-
(Locked)
Configuring pod storage with PV and PVC3m 17s
-
(Locked)
Lesson 7 lab: Setting up storage46s
-
(Locked)
Lesson 7 lab solution: Setting up storage7m 38s
-
(Locked)
-
-
(Locked)
Module 3: Application deployment introduction21s
-
(Locked)
Learning objectives44s
-
(Locked)
Running applications as deployments1m 36s
-
(Locked)
Labels, selectors, and annotations9m 13s
-
(Locked)
Deployment scalability2m 16s
-
(Locked)
Deployment updates5m 41s
-
(Locked)
Deployment history3m 51s
-
(Locked)
StatefulSet5m 43s
-
(Locked)
DaemonSet2m 38s
-
(Locked)
AutoScaling5m 48s
-
(Locked)
Lesson 8 lab: Managing deployments27s
-
(Locked)
Lesson 8 lab solution: Managing deployments4m 39s
-
(Locked)
-
-
(Locked)
Learning objectives31s
-
(Locked)
Running applications from YAML files51s
-
(Locked)
The Helm package manager8m 12s
-
(Locked)
Managing applications with Helm6m 37s
-
(Locked)
Using Kustomize4m 45s
-
(Locked)
Lesson 9 lab: Managing applications with Helm14s
-
(Locked)
Lesson 9 lab solution: Managing applications with Helm1m 49s
-
(Locked)
-
-
(Locked)
Module 4: Services and networking introduction26s
-
(Locked)
Learning objectives50s
-
(Locked)
Kubernetes networking4m 16s
-
(Locked)
Services3m 58s
-
(Locked)
Creating services7m 21s
-
(Locked)
Service resources in microservices1m 17s
-
(Locked)
Services and DNS4m 37s
-
(Locked)
NetworkPolicy7m 1s
-
(Locked)
Advanced networking: Gateway API and Istio2m 5s
-
(Locked)
Lesson 10 lab: Managing services50s
-
(Locked)
Lesson 10 lab solution: Managing services3m 31s
-
(Locked)
-
-
(Locked)
Learning objectives53s
-
(Locked)
Managing incoming traffic58s
-
(Locked)
Ingress components4m 53s
-
(Locked)
Installing ecosystem ingress controllers2m 59s
-
(Locked)
Using the Minikube ingress controller5m 9s
-
(Locked)
Using ingress4m 17s
-
(Locked)
Configuring ingress rules6m 42s
-
(Locked)
Understanding Gateway API4m 13s
-
(Locked)
Configuring Gateway API3m 18s
-
(Locked)
Using Gateway API to provide access to applications10m 16s
-
(Locked)
Troubleshooting networking5m 45s
-
(Locked)
Lesson 11 lab: Managing incoming traffic25s
-
(Locked)
Lesson 11 lab solution: Managing incoming traffic4m 4s
-
(Locked)
-
-
(Locked)
Module 5: Application environment, configuration, and security introduction27s
-
(Locked)
Learning objectives44s
-
(Locked)
Why decoupling is important2m 12s
-
(Locked)
Providing variables to Kubernetes applications3m 33s
-
(Locked)
Providing variables with ConfigMaps5m 52s
-
(Locked)
Providing configuration files using ConfigMaps5m 14s
-
(Locked)
Secrets1m 40s
-
(Locked)
Configuring applications to use secrets5m 30s
-
(Locked)
Secrets and authenticated registry access5m 43s
-
(Locked)
Lesson 12 lab: Using ConfigMaps and secrets29s
-
(Locked)
Lesson 12 lab solution: Using ConfigMaps and secrets1m 54s
-
(Locked)
-
-
(Locked)
Learning objectives36s
-
(Locked)
DevOps and GitOps1m 11s
-
(Locked)
Blue/green deployments13m 3s
-
(Locked)
Canary deployments15m 44s
-
(Locked)
Lesson 13 lab: Deploying Kubernetes applications the DevOps way35s
-
(Locked)
Lesson 13 lab solution: Deploying Kubernetes applications the DevOps way4m 13s
-
(Locked)
-
-
(Locked)
Learning objectives37s
-
(Locked)
Understanding the Kubernetes API9m 32s
-
(Locked)
Using curl to work with API objects4m 44s
-
(Locked)
Understanding API deprecations3m 38s
-
(Locked)
Extending the API2m 23s
-
(Locked)
CustomResourceDefinitions4m 10s
-
(Locked)
Operators2m 34s
-
(Locked)
Lesson 14 lab: Using CustomResourceDefinitions18s
-
(Locked)
Lesson 14 lab solution: Using CustomResourceDefinitions33s
-
(Locked)
-
-
(Locked)
Learning objectives56s
-
(Locked)
Authentication and authorization1m 55s
-
(Locked)
API access and ServiceAccounts2m 55s
-
(Locked)
Role based access control (RBAC)7m 4s
-
(Locked)
SecurityContext4m 59s
-
(Locked)
Resource requests, limits, and quotas8m 41s
-
(Locked)
Lesson 15 lab: Managing security settings32s
-
(Locked)
Lesson 15 lab solution: Managing security settings1m 14s
-
(Locked)
-
-
(Locked)
Module 6: Application observability and maintenance introduction17s
-
(Locked)
Learning objectives38s
-
(Locked)
Determining a troubleshooting strategy3m 7s
-
(Locked)
Analyzing failing applications5m 55s
-
(Locked)
Analyzing network access problems8m 32s
-
(Locked)
Monitoring cluster event logs1m 21s
-
(Locked)
Troubleshooting authentication logs1m 3s
-
(Locked)
Debugging Kubernetes applications3m 27s
-
(Locked)
Lesson 16 lab: Troubleshooting applications24s
-
(Locked)
Lesson 16 lab solution: Troubleshooting applications1m 23s
-
(Locked)
-
-
(Locked)
Module 7: Sample exam introduction13s
-
(Locked)
Learning objectives47s
-
(Locked)
Exam tips5m 9s
-
(Locked)
Tasks overview6m 54s
-
(Locked)
Grading the exam57s
-
(Locked)
Working with namespaces5m 23s
-
(Locked)
Finding pods1m 38s
-
(Locked)
Creating a ConfigMap5m 31s
-
(Locked)
Using a sidecar4m 56s
-
(Locked)
Using probes1m 30s
-
(Locked)
Creating a deployment4m 48s
-
(Locked)
Exposing applications3m 24s
-
(Locked)
Managing NetworkPolicy4m 44s
-
(Locked)
Using storage5m 37s
-
(Locked)
Using Helm1m 36s
-
(Locked)
Managing resource restrictions2m 18s
-
(Locked)
Creating canary deployments5m 22s
-
(Locked)
Defining container restrictions4m 6s
-
(Locked)
Using a Dockerfile2m 26s
-
(Locked)
Using ServiceAccount2m 32s
-
(Locked)