ungleich-k8s/certificates-dns.md

## Objective

Allow a service to acquire a DNS name and a certificate for the DNS
name.

## Potential flow

* A deployment (?) with annotations domain: xyz.example.com is created
* The DNS entry xyz.example.com pointing to the Service is created
* The certifcatce for xyz.example.com is requested/stored
* All pods get access to the certificate, serve https


## DNS

* Could try to reuse existing CoreDNS

## Letsencrypt / Certificates for services [WIP]

* Maybe using certmanager

```
kubectl apply -f
https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml
```
++index link 2021-06-09 18:14:49 +00:00			`## Objective`

			`Allow a service to acquire a DNS name and a certificate for the DNS`
			`name.`

			`## Potential flow`

			`* A deployment (?) with annotations domain: xyz.example.com is created`
			`* The DNS entry xyz.example.com pointing to the Service is created`
			`* The certifcatce for xyz.example.com is requested/stored`
			`* All pods get access to the certificate, serve https`


			`## DNS`

			`* Could try to reuse existing CoreDNS`

			`## Letsencrypt / Certificates for services [WIP]`

			`* Maybe using certmanager`

			```
			`kubectl apply -f`
			`https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml`
			```