26 lines
593 B
Markdown
26 lines
593 B
Markdown
|
## Objective
|
||
|
|
|
||
|
|
Allow a service to acquire a DNS name and a certificate for the DNS
|
||
|
|
name.
|
||
|
|
|
||
|
|
## Potential flow
|
||
|
|
|
||
|
|
* A deployment (?) with annotations domain: xyz.example.com is created
|
||
|
|
* The DNS entry xyz.example.com pointing to the Service is created
|
||
|
|
* The certifcatce for xyz.example.com is requested/stored
|
||
|
|
* All pods get access to the certificate, serve https
|
||
|
|
|
||
|
|
|
||
|
|
## DNS
|
||
|
|
|
||
|
|
* Could try to reuse existing CoreDNS
|
||
|
|
|
||
|
|
## Letsencrypt / Certificates for services [WIP]
|
||
|
|
|
||
|
|
* Maybe using certmanager
|
||
|
|
|
||
|
|
```
|
||
|
|
kubectl apply -f
|
||
|
|
https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml
|
||
|
|
```
|