Dynamic TLS injection for Dgraph with Hashicorp Vault


#1

Hey guys
would it be possible to integrate Dgraph with Hashicorp stack, namely Vault ? I want to inject certificates dynamically to secure connection between my client and server.
Also, would it be possible top use consul connect instead of Dgraph built in service discovery? It would be much easier for me to have a central location in which I can monitor all my services.


(Daniel Mai) #2

You should be able to use Vault and Consul as-is alongside Dgraph. Dgraph’s TLS configuration should be able to read the certificates written to disk by Vault and Dgraph can use Consul DNS entries for its own cluster addresses.