Config Files
Often, on-prem applications will rely on one or more configuration files that end-users will edit in order to configure the application. For example, your app might expect a file at /etc/myapp/app.properties
that contains details for configuring and tuning an application:
mysql_url=mysql://some-user:password@some-host/some-database
num_queue_workers=2
This guide will walk through using Replicated to migrate off of hand-edited configuration files in favor of a more user-friendly web UI, without modifying application code.
We use .properties
for this example, but the same applies to .env
files as well as other common formats like JSON, YAML, or TOML configuration files.
Step 1: Replicated config section
The first step is defining the Replicated Config Screen UI that end-users will use to configure their instance. For the above properties file, this might look like:
config:
- name: basic
title: App Settings
items:
- title: MySQL Connection String
name: mysql_url
type: password
required: true
- name: num_queue_workers
title: Queue Worker Count
help_text: Use this field to tune the number of worker processes that will be used.
type: text
default: 2
Note that since the MySQL URL might contain a password, we’ve marked it as sensitive via the type: password
designation. This will ensure it is not displayed in the UI, and that it will be encrypted at rest in Replicated’s internal database.
Injecting the Secret
To add the secret to your app’s namespace, add the following yaml
---
# kind: scheduler-kubernetes
apiVersion: v1
kind: Secret
metadata:
name: app-properties
stringData:
app.properties: |
mysql_url={{repl ConfigOption "mysql_url"}}
num_queue_workers={{repl ConfigOption "num_queue_workers"}}
Configuring services
In your Deployment or StatefulSet, you can mount the volume from a secret wherever your application expects the file to exist
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
spec:
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
volumes:
- name: app-properties
secret:
secretName: app-properties
containers:
- name: my-app
image: quay.io/my-co/my-app:1.0.1
volumeMounts:
- name: app-properties
readOnly: true
mountPath: "/etc/myapp/"