The default service account name was empty, causing issues when rbac.create was disabled. This commit sets a reasonable default. Also, add a comprehensive design document.
