Add service account to Kubernetes
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Magnum |
Fix Released
|
Undecided
|
Mathieu Velten |
Bug Description
Some pods deployed in a Kubernetes cluster may need to access its API. For example Kubernetes' new dashboard, or Prometheus. The usual way is to have a service account, and make the client use a token [1]. In Kubernetes it is done by creating a Secret, and exposing it to the pod on this path "/var/run/
To have that, Kubernetes needs to enable the ServiceAccount plug-in in the list of Admission Controller [2][3]. The ServiceAccount is in the recommended set of plug-ins to use [3].
[1] http://
[2] http://
[3] http://
[4] https:/
Changed in magnum: | |
assignee: | Bertrand NOEL (bertrand-noel-88) → Mathieu Velten (matmaul) |
Changed in magnum: | |
assignee: | Mathieu Velten (matmaul) → Spyros Trigazis (strigazi) |
Changed in magnum: | |
assignee: | Spyros Trigazis (strigazi) → Mathieu Velten (matmaul) |
Fix proposed to branch: master /review. openstack. org/405374
Review: https:/