Files that allow you to change the behavior of an application without modifying its code: the anatomy of config files, their formats, and why they are so critical in production.
A config file (configuration file) is a structure that defines the settings determining the runtime behavior of an application, service, or system in a human-readable file independent of the source code. Parameters such as host addresses, port numbers, log levels, timeout values, feature flags, and connection pool sizes typically live in a config file.
The critical point here is this: software runs without a config file, but every environment change (dev → staging → production) would require the source code to be recompiled. A config file breaks this dependency; you can run the same binary or container image in different environments with different config files.
This principle is also clearly defined in the third rule of the 12-Factor App methodology: configuration must be strictly separated from code.
Format selection is based on the balance between readability, data type richness, comment support, and compatibility with ecosystem tools.
| Format | Strength | Typical Use Case |
|---|---|---|
| YAML | Highly human-readable, naturally expresses hierarchical structure. | Kubernetes manifests, Ansible playbooks, CI/CD pipelines |
| JSON | Standard for programmatic parsing, easy schema validation (JSON Schema). | API configs, package.json, tsconfig.json |
| TOML | Clear and type-safe syntax, free from YAML's ambiguities. | Rust (Cargo.toml), Python (pyproject.toml) |
| INI | Simple key=value structure, low learning curve. | Windows applications, legacy system services |
| XML | Strong schema validation (XSD) and namespace support. | Enterprise Java applications (Spring, web.xml) |
| .env | Maps 1-to-1 with environment variables, practical for secrets. | 12-factor applications, Docker Compose |
YAML's indentation-sensitive nature can lead to silent failures in large-scale config files. For this reason, teams using YAML usually add a yamllint or schema validation step to their CI pipeline.
application.yml in Spring Boot, .env + dotenv library in Node.js, and settings.py in Python.
ConfigMap and Secret objects. ConfigMaps carry behavioral settings, while Secrets carry sensitive data, both of which are injected into pods.
The most common mistake regarding config files is writing sensitive data like database passwords or API keys in plaintext into the file and committing it to version control. In mature systems, behavioral configs are kept in Git, while secrets are stored in tools like Vault or AWS Secrets Manager.
Config drift is the gradual deviation of a system's actual configuration from the defined reference (baseline) configuration. It occurs when a manual hotfix is not reflected back to the code repository. During an incident, root cause analysis can take hours because the "documented" config and the "actual" config differ.
This is exactly the class of problems that ODYA Automated NOC's configuration change management module focuses on solving: continuous monitoring of device and service configs, automatic detection of deviations from the baseline, and maintaining an auditable change history.
config.dev.yaml, config.prod.yaml or an environment variable override mechanism should be used.
A config file stores settings in a persistent file, whereas an environment variable holds variables injected at runtime at the OS or container level. In practice, they are often used together: the file carries default values, and environment variables override them.
The actual config is periodically compared with the reference (baseline) config. Doing this manually is error-prone; therefore, automation tools that perform continuous monitoring (NOC platforms, IaC drift detection) are preferred.
YAML is better if it will be frequently edited by humans (Kubernetes manifests, CI pipelines); JSON is more suitable if it will be generated and consumed by machines (API responses, automated exports). TOML is a good middle-ground option for projects seeking type safety.
ODYA Automated NOC automatically detects config drift in your infrastructure and maintains an auditable change history.
Get More Information →