Kubernetes安全機制
簡介(未完成)
火得一塌糊塗的kubernetes有哪些值得初學者學習的? Kubernetes 是透明的,它沒有隱藏的內部 API。換句話說 Kubernetes 系統內部用來互動的 API 和我們用來與 Kubernetes 互動的 API 相同 。這樣做的好處是,當 Kubernetes 預設的元件無法滿足我們的需求時,我們可以利用已有的 API 實現我們自定義的特性。
使用者
- User accounts are for humans. Service accounts are for processes, which run in pods.
- User accounts are intended to be global. Names must be unique across all namespaces of a cluster, future user resource will not be namespaced. Service accounts are namespaced.
access the API
Controlling Access to the Kubernetes API
Self-signed certificate In cryptography and computer security, a self-signed certificate is an identity certificate that is signed by the same entity whose identity it certifies.
訪問一個普通的https api 要什麼
對比一下