Service Accounts

The Service accounts are used by application to interact with the cluster such as Prometheus to interact with the cluster and pull the cluster metrics for performance monitoring and tools like Jenkins will use them to deploy applications to the cluster.

When a service account is created, we also need to create a token using the CLI to allow external applications will authenticate with the kube-api server this token is a Secret object.

if the application is deployed on the cluster itself, we can just reference the secret in the definition file and the secret is already available to the application