Expand KAS TLS documentation section

What does this MR do?

This MR documents how to set up KAS to talk through TLS (grpcs) for the ports that it exposes. It also explains how to configure GitLab itself to initiate communication to KAS while using grpcs, as well as adding ingress annotations to make the proxied TLS to work properly.

The exception here is the communication to Prometheus and the two way TLS communication with Redis. I've decided to open separate issues for these two because:

• The prometheus TLS configuration seems kinda cumbersome, and I didn't manage to make it work yet. I still want to successfully test it and define what's the best way to document it.
• It doesn't seem that we have any Redis docs at all on how to enable TLS for services to talk to Redis. So, I'd like to have some guidance from maintainers regarding what's the preferred approach for this one.

In the future, this documentation will be even simpler, once we facilitate the UI to enable TLS: #3927 (closed)

Related issues

#3842 (closed)

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

• Merge Request Title and Description are up to date, accurate, and descriptive
• MR targeting the appropriate branch
• MR has a green pipeline on GitLab.com
• When ready for review, MR is labeled "~workflow::ready for review" per the Distribution MR workflow

Expected (please provide an explanation if not completing)

• Test plan indicating conditions for success has been posted and passes
• Documentation created/updated
• Tests added
• Integration tests added to GitLab QA
• Equivalent MR/issue for omnibus-gitlab opened
• Validate potential values for new configuration settings. Formats such as integer 10, duration 10s, URI scheme://user:passwd@host:port may require quotation or other special handling when rendered in a template and written to a configuration file.