Tutorial: Use dynamic configuration in Azure Kubernetes Service

If you use Azure Kubernetes Service (AKS), this tutorial shows you how to enable dynamic configuration for your workloads in AKS by leveraging Azure App Configuration and its Kubernetes Provider. The tutorial assumes that you work through the quickstart and have an App Configuration Kubernetes Provider set up, so before proceeding, make sure you complete the Use Azure App Configuration in Azure Kubernetes Service quickstart.

Tip

See options for workloads hosted in Kubernetes to access Azure App Configuration.

Prerequisites

Finish the quickstart: Use Azure App Configuration in Azure Kubernetes Service.

Add a sentinel key

A sentinel key is a key that you update after you complete the change of all other keys. Your app monitors the sentinel key. When a change is detected, your app refreshes all configuration values. This approach helps to ensure the consistency of configuration in your app and reduces the overall number of requests made to your App Configuration store, compared to monitoring all keys for changes.

Add the following key-value to your App Configuration store. For more information about how to add key-values to a store using the Azure portal or the CLI, go to Create a key-value.

Key Value
Settings:Sentinel 1

Reload data from App Configuration

  1. Open the appConfigurationProvider.yaml file located in the Deployment directory. Then, add the refresh section under the configuration property. It enables configuration refresh by monitoring the sentinel key.

    apiVersion: azconfig.io/v1
    kind: AzureAppConfigurationProvider
    metadata:
      name: appconfigurationprovider-sample
    spec:
      endpoint: <your-app-configuration-store-endpoint>
      target:
        configMapName: configmap-created-by-appconfig-provider
        configMapData: 
          type: json
          key: mysettings.json
      auth:
        workloadIdentity:
          managedIdentityClientId: <your-managed-identity-client-id>
      configuration:
        refresh:
          enabled: true
          monitoring:
            keyValues:
            - key: Settings:Sentinel
    

    Tip

    By default, the Kubernetes provider polls the monitoring key-values every 30 seconds for change detection. However, you can change this behavior by setting the interval property of the refresh. If you want to reduce the number of requests to your App Configuration store, you can adjust it to a higher value.

  2. Open the deployment.yaml file in the Deployment directory and add the following content to the spec.containers section. Your application loads configuration from a volume-mounted file the App Configuration Kubernetes provider generates. By setting this environment variable, your application can use polling to monitor changes in mounted files.

    env:
    - name: DOTNET_USE_POLLING_FILE_WATCHER
      value: "true"
    
  3. Run the following command to deploy the change. Replace the namespace if you're using your existing AKS application.

    kubectl apply -f ./Deployment -n appconfig-demo
    
  4. Open a browser window, and navigate to the IP address obtained in the previous step. The web page looks like this:

    Screenshot of the web app with old values.

  5. Update the following key-values in your App Configuration store, ensuring to update the sentinel key last.

    Key Value
    Settings:Message Hello from Azure App Configuration - now with live updates!
    Settings:Sentinel 2
  6. After refreshing the browser a few times, you'll see the updated content once the ConfigMap is updated in 30 seconds.

    Screenshot of the web app with updated values.

Reload ConfigMap and Secret

App Configuration Kubernetes provider generates ConfigMaps or Secrets that can be used as environment variables or volume-mounted files. This tutorial demonstrated how to load configuration from a JSON file using the .NET JSON configuration provider, which automatically reloads the configuration whenever a change is detected in the mounted file. As a result, your application gets the updated configuration automatically whenever the App Configuration Kubernetes provider updates the ConfigMap.

If your application is dependent on environment variables for configuration, it may require a restart to pick up any updated values. In Kubernetes, the application restart can be orchestrated using rolling updates on the corresponding pods or containers. To automate configuration updates, you may leverage third-party tools like stakater/Reloader, which can automatically trigger rolling updates upon any changes made to ConfigMaps or Secrets.

Next steps

To learn more about the Azure App Configuration Kubernetes Provider, see Azure App Configuration Kubernetes Provider reference.