Kubernetes Authenticating认证

User in Kubernetes

All Kubernetes clusters have two categories of users: service accounts managed by Kubernetes, and normal users.

Kubernentes集群有两类用户：一类是正常的用户（人），另一类service accounts由Kubernetes管理。它们被绑定到指定的namespace，作为secret被挂载到pod内部，用来在pod内与kubernetes API通信。

认证策略 Authentication strategies

• X509 Client Certs
• Static Token File
• Static Password File
• Service Account Tokens
• OpenID Connect Tokens
• Webhook Token Authentication
• Authenticating Proxy
• Keystone Password
• Anonymous requests