hello Sir, in the latest version of K8s, the automatic secret creation along with the service account creation does not exist, right? thanks in advance!
Hi Sir , your video is very helpful to learn CKS , but one thing in version Kubernetes 1.26 we did not find any tokens and secrets in the default service account, can you please make one video about secrets,token,service account for the Kubernetes version 1.26 ..
As always thanks! :) Que: If the preferred/secure way by k8s is to have automount false, why doesn't k8s by default create (sa, and) pods without mounting the secrets. In other words, what is the adv. of pods having the (sa) secrets mounted to the pods? (Or, if automount set as false, then what is after-effect of pod not having access to (sa) secrets?)
If disableautomoubt (DAM) set to false, levereging abstraction, pod will not mount but call internally underlying secret by its reference. By default DAM set to true by nature bcas considering container can make api calls if needed. set DAM to false in service account level & restrict to read secrets. Agree with you on point and make sense. Thanks for discussing
Marvellous !! Excellent !! Never saw this much clear explanation.. Great effort.. Thank you so much
Thanks a lot Satheesh Kumar. Please do subscribe, share & keep learning
This is awesome I have done lot of lab and after a video I am surely understand what I do
Glad to hear about its helpful. Cheers and keep learning
Thanks I learned a lot today ☺️
Thank you Sanchit for the feedback. Keep Learning
Awesome
Thanks for watching and keep learning
you are the best
Thank you for the feedback. Please have look at other video's too. Keep learning
hello Sir, in the latest version of K8s, the automatic secret creation along with the service account creation does not exist, right? thanks in advance!
Yes correct In most recent versions, including Kubernetes v1.28, API credentials are obtained directly by using the TokenRequest API instead of secret
Hi Sir , your video is very helpful to learn CKS , but one thing in version Kubernetes 1.26 we did not find any tokens and secrets in the default service account, can you please make one video about secrets,token,service account for the Kubernetes version 1.26 ..
Check #14 secret types videos, i have covered that topic
th-cam.com/video/qoO8_WR8BpI/w-d-xo.html
If manging Pods through deploymets, then deplyment should be updated for automounting?
Yes correct
As always thanks! :) Que: If the preferred/secure way by k8s is to have automount false, why doesn't k8s by default create (sa, and) pods without mounting the secrets. In other words, what is the adv. of pods having the (sa) secrets mounted to the pods? (Or, if automount set as false, then what is after-effect of pod not having access to (sa) secrets?)
If disableautomoubt (DAM) set to false, levereging abstraction, pod will not mount but call internally underlying secret by its reference. By default DAM set to true by nature bcas considering container can make api calls if needed. set DAM to false in service account level & restrict to read secrets. Agree with you on point and make sense. Thanks for discussing
@@learnwithgvr if the token is not mounted then how pos will speak to api server