From 8ed6f0d60cefdf224d21bda2935bdaf9403b9992 Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@nico-notebook.schottelius.org>
Date: Wed, 9 Jun 2021 20:14:49 +0200
Subject: [PATCH] ++index link

---
 README.md           |  5 +++++
 certificates-dns.md | 25 +++++++++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 certificates-dns.md

diff --git a/README.md b/README.md
index 260b170..8ed52fb 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,10 @@
 
 This project is testing, deploying and using IPv6 only k8s clusters.
 
+## Docs
+
+* [Setting up the cluster with calico](v3-calico/README.md)
+
 ## Working
 
 * networking (calico)
@@ -15,3 +19,4 @@ This project is testing, deploying and using IPv6 only k8s clusters.
 * prometheus in the cluster
 * argocd (?) for CI and upgrades
 * Maybe LoadBalancer support (our ClusterIP already does that though)
+* (Other) DNS entrys for services
diff --git a/certificates-dns.md b/certificates-dns.md
new file mode 100644
index 0000000..0554eda
--- /dev/null
+++ b/certificates-dns.md
@@ -0,0 +1,25 @@
+## Objective
+
+Allow a service to acquire a DNS name and a certificate for the DNS
+name.
+
+## Potential flow
+
+* A deployment (?) with annotations domain: xyz.example.com is created
+* The DNS entry xyz.example.com pointing to the Service is created
+* The certifcatce for xyz.example.com is requested/stored
+* All pods get access to the certificate, serve https
+
+
+## DNS
+
+* Could try to reuse existing CoreDNS
+
+## Letsencrypt / Certificates for services [WIP]
+
+* Maybe using certmanager
+
+```
+kubectl apply -f
+https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml
+```