DevOps and the pain of configuration management

Life as a DevOps

DevOps practices, like Agile, have transformed the software delivery process. Using CI/CD, automations and feedback loops, the process of building and deploying software is getting increasingly efficient. However, some painful manual processes remain and act as bottlenecks. The biggest culprit preventing the industry from achieving true continuous development is application configuration management.

Even Netflix has configuration management problems

How we do it now

Application configuration management can be divided into four main activities.

  1. Gathering configurations for all connected applications and integrated services, all of which have multiple sources and departments, which, depending on the scale of the application and organization, could mean tens to hundreds of people and applications.

  2. Sharing configurations, securely of course, with the relevant developer and product managers to allow for the relevant activities to be performed.

  3. Deploying configurations in a way that allows rolling back possible.

  4. Auditing configurations to be able to determine who has access to which configurations and what was changed, when and by who.

The Issue

There isn't a single platform that allows users to accomplish all of the above activities. This results in a complicated manual processes or distributed automations that are not standardized.

This adds a maintenance and coordination overhead, which results in an increase in lead times. Add security concerns on top of that, and you have a significant portion of lead times and deployment failures being caused by any one of the above activities.

There is nothing more frustrating than hunting down a misconfigured .properties file.

Current Solutions

The most commonly used solutions include:

  • storing configurations in a VCS

  • encrypt them with clients like gitcrypt

  • using pgp keys or client secret to decrypt the values (which are usually stored in a separate application)

While this tends to tackle some of the issue, it falls significantly short of what needs to be done.

  • The values are encrypted so the history is useless

  • Off-boarding is cumbersome due to security concerns

  • Removing the history and re-encrypting all the keys is a headache

  • There is no way to manage groups of who has access to what

ConfigTree to the rescue 💪

ConfigTree was specifically designed to tackle all of these issues By using automations and a point and click interface to manage versions, configurations, users... we will achieve minimal management overheads.

With an organization based invite system, sharing configurations is easy and off-boarding only requires removing the user from your organization and you are done. With a fine grained permission control based on applications and environments, you can control who views configuration and to what level.

Using the versioning and publish mechanisms, auditing and deployment is as simple as a single api call.

For DevOps and Security teams, ConfigTree consolidates all of the management and auditing requirements of configuration management in an easy to use SaaS platform, ready to become part of any CI/CD pipeline.

Come join us at!