Authentication and authorization
Authentication and authorization are important from DevOps' point of view. Authentication verifies users and checks if the users are really who they represent themselves to be. Authorization, on the other hand, checks what permission levels users have. Kubernetes supports different authentication and authorization modules.
The following is an illustration that shows how the Kubernetes API server processes the access control when it receives a request.

Access control in API server
When the request comes to API server, firstly, it establishes a TLS connection by validating the clients' certificate with the certificate authority (CA) in the API server. The CA in the API server is usually at /etc/kubernetes/
, and the clients' certificate is usually at $HOME/.kube/config
. After the handshake, it goes to the authentication stage. In Kuberentes, authentication module are chain-based. We could use more than one authentication and authorization modules. When the request...