The Who’s Who of the Azure Configuration Management Landscape
I recently had a conversation with Matthew Bonig and we discussed configuration management options on Microsoft Azure. It got me thinking, with so many services we can host our applications — from serverless, to containers, to traditional Virtual Machines — what are all the ways we can get configuration into our applications across Azure?
I made this diagram to illustrate Azure’s Configuration Management Landscape using platform, service-specific and platform-agnostic features that enjoy native-platform support.
IMAGE
You see a recurring pattern. Many services employ their own service-specific configuration management capabilities built-in like App Settings on Azure App Service and Azure Functions or Environment Variables on Azure Container Instances. These service-specific configuration features all support KeyVault integration which allow you to pull in Secrets stored in KeyVault rather than encouraging you to store secrets in the service-specific configuration stores.
Container Orchestrators like AKS and Azure Service Fabric both employ their own native configuration methods such as ConfigMaps for Kubernetes and Application and Service Manifests for Service Fabric. However, they both employ KeyVault integration for secret storage as well.
Virtual Machines have the most platform-independent options such as Cloud-Init and DSC, which makes sense, but also have Custom Script Extensions which allow us to make last-mile configuration on launch of our new VMs.
All of these configuration options minimize the development time of your application code be facilitating the injection of these configuration settings as environment variables within your application’s host environment with no platform-specific code.
However, if you choose to do so, you can talk directly to Azure KeyVault and Azure App Config service by directly integrating with them via their respective SDKs so that no matter where you host your applications and services, they are only one hop away from all their configuration.
These are just the options available built-in to the platform of Azure. This doesn’t even include all the 3rd party tools that are numerous. Some that focus on specific niches while others that have a broader mission.
Which of these options do you employ most in your workloads? Did I miss any built-in Azure configuration management options? Do you use a 3rd party tool? If so which one? I’m curious to know how the Azure community is employing all of these different ways of configuring our workloads on Azure.