Split out "tls_dir" into individual files so that Docker/K8s secrets management can be plugged in

Moved from GitHub dgraph/3820

Posted by sandys:

dgraph alpha has an option parameter “tls_dir” to take in TLS certificates created in a directory.

Usually this has CA certificates, node and user keys.

The industry recommended way to do secret management in Docker is through Docker Secrets : https://docs.docker.com/engine/swarm/secrets/

There are equivalents in Kubernetes as well as external tools like Hashicorp Vault. Most of them work at the file level and not at the directory level.

I request for additional parameters like “tls_ca_cert”, “tls_node_key”, etc so that these individual files can be passed in using secret management

This has been merged in master with https://github.com/dgraph-io/dgraph/pull/6821. This will be available from 20.11 release