-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Closed
Labels
area/kubernetesRelated to running Dgraph on K8sRelated to running Dgraph on K8sarea/operationsRelated to operational aspects of the DB, including signals, flags, env vars, etc.Related to operational aspects of the DB, including signals, flags, env vars, etc.kind/enhancementSomething could be better.Something could be better.status/acceptedWe accept to investigate/work on it.We accept to investigate/work on it.
Description
dgraph alpha has an option parameter "tls_dir" to take in TLS certificates created in a directory.
Usually this has CA certificates, node and user keys.
The industry recommended way to do secret management in Docker is through Docker Secrets : https://docs.docker.com/engine/swarm/secrets/
There are equivalents in Kubernetes as well as external tools like Hashicorp Vault. Most of them work at the file level and not at the directory level.
I request for additional parameters like "tls_ca_cert", "tls_node_key", etc so that these individual files can be passed in using secret management
vipulmathur and erhlee-bird
Metadata
Metadata
Assignees
Labels
area/kubernetesRelated to running Dgraph on K8sRelated to running Dgraph on K8sarea/operationsRelated to operational aspects of the DB, including signals, flags, env vars, etc.Related to operational aspects of the DB, including signals, flags, env vars, etc.kind/enhancementSomething could be better.Something could be better.status/acceptedWe accept to investigate/work on it.We accept to investigate/work on it.