Indranil Dey:
Hi,
I have a query for the below question:
1.Create the ServiceAccount with the name monitoring in the namespace api-access.
2.Create a new Pod named nginx with the image nginx and assign the ServiceAccount to it.
Open an interactive shell, and locate the authentication token of the assigned ServiceAccount.
Write the contents of the authentication token to the file token.txt.
My approach:
1.Created sa with specs.
2.
kubectl run nginx --image=nginx --restart=Never --serviceaccount=monitoring -n api-access
This is the secret created associated with the sa monitoring-token-6m4tn.
Ran this command : k get secret -n api-access monitoring-token-6m4tn -o yaml -n api-access.Got the token: from the secret and added into the file token.txt.
But it was not accepted as solution.The given solution is:
The authentication token is available at the path /var/run/secrets/kubernetes.io/serviceaccount/token
$ kubectl exec -it nginx -n api-access -- cat /var/run/secrets/kubernetes.io/serviceaccount/token > token.txt
When i ran describe command on the pod, i can see the same secret was mounted on the path /var/run/secrets/kubernetes.io/serviceaccount/token and even both tokens were different.
Can someone please clarify?