App Configuration, where does it go? Config files, env vars, external service?

preview_player
Показать описание
How do you manage your App Configuration? Things like connection strings, hostnames, 3rd party API keys, and application-specific settings like log levels. There are config files, environment variables, and external configuration services that you can use. Let me sort it out and explain the different situations so you can choose the best option. It's not a one size fits all.

🔗 EventStoreDB

💥 Join this channel to get access to a private Discord Server and any source code in my videos.

🔥 Join via Patreon

✔️ Join via YouTube

  1. CodeOpinion
  2. software architecture
  3. software design
  4. cqrs
  5. event sourcing
  6. design patterns
Рекомендации по теме
App Configuration, where 0:09:06

App Configuration, where does it go? Config files, env vars, external service?

Coding Shorts #105: 0:12:06

Coding Shorts #105: Centralize Your Azure App's Configuration

Permission manager allow 0:00:20

Permission manager allow and deny app permission #shorts

How to use 0:04:00

How to use Azure App Configuration for your ASP.NET Core app | Azure Tips and Tricks

Azure App Configuration 0:22:58

Azure App Configuration Tutorial

AWS AppConfig Tutorial 0:47:07

AWS AppConfig Tutorial for Beginners

Getting started with 0:14:42

Getting started with Azure App Configuration | Azure Friday

Managing your .NET 0:15:16

Managing your .NET app configuration like a pro

CONFIGURATION💘PERFECTA🔔para✅SAMSUNG☺️ A3,A5,A6,A7,J2, J5,J7,S5,S6,S7,S9, 0:00:18

CONFIGURATION💘PERFECTA🔔para✅SAMSUNG☺️ A3,A5,A6,A7,J2, J5,J7,S5,S6,S7,S9, A10, A20, A30,A50,A70#short...

Ignite | September 0:10:56

Ignite | September 2020 | App Configuration

Azure App Configuration 0:27:51

Azure App Configuration Updates

Azure App Configuration 0:30:21

Azure App Configuration - Making Centralized Configuration Easy

🥸Configuration Message Kaise 0:00:30

🥸Configuration Message Kaise Install kare ||😅 configuration Message || #shorts

Microsoft Intune Suite 0:33:22

Microsoft Intune Suite - Deploying Apps, Updates & Managing Security!

Azure App Configuration 0:21:14

Azure App Configuration

App Configuration in 0:50:16

App Configuration in Azure and .NET 8 - [Feature Flags, Application Settings]

Citrix Features Explained 0:02:14

Citrix Features Explained Global App Configuration Service

Azure App Configuration 0:28:17

Azure App Configuration

ASP NET Core 0:11:33

ASP NET Core appsettings json file

Azure Key Vault 0:23:27

Azure Key Vault with App Configuration introduction tutorial - 0055

How to Install 0:01:39

How to Install a Configuration Profile on iPhone / iPad

Betatalks #71 – 0:19:06

Betatalks #71 – Azure App configuration GEO replication

.NET Configuration In 0:29:58

.NET Configuration In Depth | .NET Conf 2023

How To Setup 0:07:42

How To Setup Hik-Connect Mobile App iOS Android NEW 2021

Комментарии
Автор

How are you storing your configuration? In code, config files, external services like AWS ParameterStore, Secrets Manager, Azure App Config, Key Vault? Let me know!

CodeOpinion
Автор

I mainly use environment variables, but also key vaults. We've configured Kubernetes to fetch secrets automatically from key vaults based on certain roles, and those secrets are used as arguments when starting apps. So the apps themselves doesn't integrate with the key vaults.

OeHomestead
Автор

what credentials is your app using to access the external configuration store, and where are those stored? if your app locally caches configuration, where does it cache it, and why is that anymore secure than a flat file? the idea of storing credentials is a key vault suddenly got very popular, but I haven't heard anyone explain how it's actually better - it sounds like it's just creating a new version of the same problems? plus, if there is actually a good solution to this problem, why aren't APIs and service just natively using the same strategy? I would love to see a video that actually explains these things.

RasmusSchultz
Автор

Where do you store the credentials to connect to a configuration store itself?

subbyraccoon
Автор

This video was extremely good. I seldom subscribe to anything, but this was to the point, words cherry picked pefectly. Cudos!

imlovinit
Автор

How can we make the communication between services and Configuration service secure?

peymannaji
Автор

I am really keen on reducing complexity in my apps as much as possible. So I like env variables the most. They are likely the oldest tech of all configuration options you mentioned, they are available in all systems, they are reliable, you can put them in your deployment pipelines and with a bit of fiddling you can even do some more. Under Linux you have up to 128 kb (131k Characters) available. I once did a base64 on a json config file and put it as an env variable. Worked like a charm (as long as you don't do Windows, which has a limit of 32k Characters...)

chh
Автор

We use Azure App Configuration to populate environment variables in k8s during deployment for config, and Azure Key Vault for secrets, and managed identity where possible.

AAC has a 30k req/hr limit though which is causing us headaches as we try to use it for feature flag management, even though it refreshes in the background rather than every time you need to check a flag. They seem to want you to make an AAC instance per service, which is nuts.

I'm currently writing something to get the config out of AAC and broadcast it to all services as it changes but trying not to over engineer something that should be so simple.

georgehelyar
Автор

What's your opinion about constants in application?

rajnishthakur
Автор

Hi Derek, thanks for the video! I don't think many people think about availability in the context of application configs and it is definitely worth it, especially in the case of scalable applications...

Could you give any example of what could be that config store? 🤔

I also think that it is worth of reconsideration of what COULD be stored in env vars even if it's kind of "against the rules" e.g. if we have a virtual machine hidden in some virtual private network and limited access, one could say that it is ok if we store some technical user credentials etc. without paying extra fees for azure key vault or aws secrets storages.

_IGORzysko
Автор

After fetching the secrets from configuration service (ex: AWS ParameterStore), where do you store them? The secrets that I am trying to store are static, and so there is no point of keep calling the ParameterStore to fetch the same secrets every time. For the storing mechanism, I am thinking either store these secrets in local variable of the application, in-memory cache such as Redis, or environment variables using some injection sidecar container. Any recommendation?

tungdao
Автор

Caching sensitive data / secrets gives a new problem right? How to protect those secrets.

Rein______
Автор

I mostly use Laravel and its strategy goes like this:
1) .env file with secrets and other env-specific things

2) those get loaded and saved to an in-memory config object so they can be modified at runtime

3) Classes that depend on the above convifuration are usually injected into the DI container with the default config but if you want to both change the config and keep resolving the class from DI for testing purposes, you can modify the config just before resolving the class

spicynoodle