I've read documentation, I've seen exemples, but I don't know why would I add a serviceAccount in my pods ?
The 'elasticsearch' exemple from Kubernetes (https://github.com/kubernetes/kubernetes/tree/master/examples/elasticsearch) has a service account 'elasticsearch', what does it grant ?
Thank you.
The service accounts inject authentication credentials into the pod to talk to the Kubernetes service (e.g. the apiserver).
This is important if you are building an application that needs to inspect the pods/services/controllers that are running in the cluster to have correct behavior. For example, the kube2sky container watches services and endpoints to provide DNS within the cluster by connecting to the Kubernetes service.