创建admin1
[root@node1 ~]# kubectl create serviceaccount admin1 -n kube-system
serviceaccount/admin1 created
删除admin1
kubectl delete clusterrolebinding admin1
绑定权限
[root@node1 ~]# kubectl create clusterrolebinding admin1 --clusterrole=cluster-admin --serviceaccount=kube-system:admin1
clusterrolebinding.rbac.authorization.k8s.io/admin1 created
查看token
[root@node1 ~]# kubectl describe secrets -n kube-system $(kubectl -n kube-system get secret | awk '/admin1/{print $1}')
Name: admin1-token-zdsd4
Namespace: kube-system
Labels: <none>
Annotations: kubernetes.io/service-account.name: admin1
kubernetes.io/service-account.uid: dde747e4-1d0c-42ae-8750-54b055363633
Type: kubernetes.io/service-account-token
Data
====
ca.crt: 1066 bytes
namespace: 11 bytes
token: eyJhbGciOiJSUzI1NiIsImtpZCI6Ik1xNVBGdjBzYU1GbzJJMndNb0plSHY5OW1PVkNENVZQb1I2emxPSV85T00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJhZG1pbjEtdG9rZW4temRzZDQiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiYWRtaW4xIiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQudWlkIjoiZGRlNzQ3ZTQtMWQwYy00MmFlLTg3NTAtNTRiMDU1MzYzNjMzIiwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50Omt1YmUtc3lzdGVtOmFkbWluMSJ9.isiL4N5oREttK51ksue4GDrd4pHBaEHiEhEnp7BeLgB-0Dog0KES4jChQwmuu2l0TNdDXLABmneSHFWlmJg0KZfjSum0gpEoCj5SoEg3gDO4n75JAQw8p4LYXjYlDJyx3T-Opqu4PI_bKWU9ebJ9cnzzaSINjbwP9F1JckxFF8bqsoW71vnYwmMQ1SWtT0RG5jINMFPfyOQCwhHBZJjaZYFCCN43_PUeKw-A509jodJCYhSgm-Fz7I8tA370upq7e97o4Jx6KaIIOpYVWjKdaRKsuJgCvxm7rwRK9WuRXpu_wMKRP4U9F5p34MblLSo5uCmAr3ZufMp7OWJVX3vgCQ