Kubernetes Authenticating认证
User in Kubernetes
All Kubernetes clusters have two categories of users: service accounts managed by Kubernetes, and normal users.
Kubernentes集群有两类用户:一类是正常的用户(人),另一类service accounts由Kubernetes管理。它们被绑定到指定的namespace,作为secret被挂载到pod内部,用来在pod内与kubernetes API通信。
认证策略 Authentication strategies
- X509 Client Certs
- Static Token File
- Static Password File
- Service Account Tokens
- OpenID Connect Tokens
- Webhook Token Authentication
- Authenticating Proxy
- Keystone Password
- Anonymous requests
