When you create a pod, if you do not specify a service account, it is automatically assigned the
default service account in the same namespace. You should create your own service account and let the API server manage its security tokens.
Automate service accounts management.
Run the following command on the Control Plane node:
ps -ef | grep kube-apiserver
Verify that the
--disable-admission-plugins argument is set to a value that does not includes
Follow the documentation and create
ServiceAccount objects as per your environment. Then, edit the API server pod specification file
/etc/kubernetes/manifests/kube-apiserver.yaml on the master node and ensure that the
--disable-admission-plugins parameter is set to a value that does not include
ServiceAccount is set.
Updated 21 days ago