explaingit

kelseyhightower/confd

8,416GoAudience · ops devopsComplexity · 3/5Setup · moderate

TLDR

confd is a small Go tool that keeps server config files automatically up to date by reading values from a central store like etcd, Consul, or Vault and rewriting the files whenever values change.

Mindmap

mindmap
  root((confd))
    What it does
      Watches config store
      Renders templates
      Reloads services
    Data sources
      etcd and Consul
      Vault and Redis
      AWS SSM DynamoDB
      Environment vars
    Template system
      Go templates
      Key references
      Target file output
    Setup
      Prebuilt binaries
      Build from Go source
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Automatically regenerate an Nginx config file and reload the server when upstream addresses change in etcd or Consul.

USE CASE 2

Sync database credentials from AWS SSM Parameter Store into a config file on the server and restart the app on change.

USE CASE 3

Replace static config files with templates that pull live values from Vault for secrets management.

USE CASE 4

Watch Redis keys and regenerate application config files whenever those keys are updated.

Tech stack

GoetcdConsulRedisVaultZooKeeperAmazon DynamoDBAWS SSM

Getting it running

Difficulty · moderate Time to first run · 30min

Requires a running external data store such as etcd, Consul, or Vault, the etcd v2 backend is being removed in favor of etcd v3.

In plain English

confd is a small Go tool that keeps configuration files on a server up to date by reading values from a central data store and writing them into files using templates. When a value in the data store changes, confd notices and rewrites the affected config files, then optionally restarts or reloads the application that depends on those files. The supported data sources include etcd, Consul, Redis, Vault, ZooKeeper, Amazon DynamoDB, AWS SSM Parameter Store, and plain environment variables. This gives teams flexibility in choosing where they store configuration values, while confd handles the job of translating those values into whatever file format the application expects. The template system works by writing a template file that refers to keys in the data store, similar to how a web template refers to variables. confd watches the keys, and whenever they change it renders the template with the new values and writes the result to the target file path. The README is short and points to separate documentation files for installation and a quick-start walkthrough. The project is actively being updated to support newer versions of Go and to clean up older backend code. The etcd v2 backend is being removed in favor of etcd v3, and a few template helper functions that relied on an unmaintained encryption library have been dropped in recent updates. Building from source requires Go 1.10 or newer. Prebuilt binaries and installation instructions are available in the project's documentation directory. The README notes a community IRC channel on Freenode and a Google Groups mailing list for users who have questions.

Copy-paste prompts

Prompt 1
Set up confd to watch a key in etcd and regenerate an Nginx upstream config file when the address changes, then reload Nginx automatically.
Prompt 2
I'm storing database credentials in AWS SSM Parameter Store. Show me a confd template and resource config that writes them into a config file on the server.
Prompt 3
Write a confd template for an application config file that pulls HOST, PORT, and DB_PASSWORD from Consul.
Prompt 4
How do I run confd in one-time mode versus watch mode, and when should I use each in a deployment pipeline?
Open on GitHub → Explain another repo

← kelseyhightower on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.