Couple of months ago I wanted to talk about the Configuration Triad: Configuration Provisioning, Distribution and Provider.
If have not seen my Open Source Config Provider, C5Store, well you can find it on github.
Going to talk about the triad in reverse in kind of the way an application developer works with configuration.
Provider is the interface to a configuration
Hard coding is the simplest form, the values are provided in code.
Typically a developer uses a file, reads from the file, deserializes it into memory and then puts the values where they need to go. Values are provided from a file.
When you graduate to a library, the library takes the provider role. The library becomes the point of access for configuration values. Those values could change which the library will give to you on query.
C5Store is a library that takes on the role of being provider of configuration values. Values that change can be detected by the library and the application reconfigured.
Management and Distribution is the storage part of configuration
Hardcoded values are managed and distributed with the code/binary.
The file system is the typical storage choice of management and distribution where value are distributed into files.
More recently, JSON over HTTP has become a distribution source where applications will read the data into memory.
Git is a way to both manage and distribute configuration to a ton of servers where the configuration values are read into files.
- It is cheap to do assuming getting SSH keys is cheap.
- History is for free.
- Humans and authorized applications can push configuration changes easily.
- Every application instance can fetch from git or a daemon can fetch into a specific place for an application to read it. External service can act in the way the daemon does but distribute over RPC.
Provisioning is the acquisition of configuration values
Hardcoded and file values are provisioned manually. Human types it in.
It can be automated via a UI or a command line program.
Individual values can be generated such as UUIDs, random numbers, alphabet, etc. via a custom program. Custom program would allow secrets to be provisioned and encrypted.
I have chosen Git/File System to be the distribution mechanism for configuration. I prefer the to cache values on the file system or in another application instead of an application directly fetching it from git. Git should be able to go down while applications can be restarted. I prefer a human, like me, being able to pull values, change them and push them.
I have chosen to provision my configuration using a custom program to prevent mistakes primarily. A UI application can easily pull from git and push values into git.
It is really simple and easy to work with. No crazy magic needed.