# ConfigValues This topic describes the Replicated KOTS ConfigValues resource. ConfigValues is used to set application configuration values during automated or headless installations from the command line. For information about the Replicated KOTS Config custom resource, which is used to customize the application-specific configuration fields on the Admin Console config screen, see [Config](custom-resource-config). ## Overview The ConfigValues resource lists the values and defaults for each application configuration item defined in the Replicated KOTS [Config](custom-resource-config) resource in the release. In automated or headless installations, end users provide a ConfigValues resource with the install command to set the application configuration values from the command line rather than through the Admin Console UI. For more information about performing headless installations with Replicated Embedded Cluster, see [Automate Embedded Cluster Installations](/enterprise/installing-embedded-automation). For information about performing headless installations with KOTS in an existing cluster, see [Install with the KOTS CLI](/enterprise/installing-existing-cluster-automation). Additionally, for each installation, the Admin Console automatically generates a ConfigValues resource and makes it available for download in the Admin Console **View files** tab or with the [`kots get config`](/reference/kots-cli-get-config) command. For more information, see [Download the ConfigValues for an Installation](#download) below. The following image shows how application configuration items defined a Config resource map to a ConfigValues resource: ![Config fields mapped from Config resource to ConfigValues resource](/images/configvalues-diagram.png) [View a larger version of this image](/images/configvalues-diagram.png) As shown in the image above, the `values` key in the ConfigValues resource lists each item from the Config resource by its `name`. For each item, the ConfigValues resource lists the user-supplied value as well as the default that was defined in the Config resource (if applicable). ## Example ```yaml apiVersion: kots.io/v1beta1 kind: ConfigValues spec: values: config_item_name: default: example_default_value value: example_value boolean_config_item_name: value: "1" password_config_item_name: valuePlaintext: exampleplaintextpassword select_one_config_item_name: default: default_option_name value: selected_option_name ``` ## Requirements * Linux operating system * x86-64 architecture * systemd * At least 2GB of memory and 2 CPU cores * The disk on the host must have a maximum P99 write latency of 10 ms. This supports etcd performance and stability. For more information about the disk write latency requirements for etcd, see [Disks](https://etcd.io/docs/latest/op-guide/hardware/#disks) in _Hardware recommendations_ and [What does the etcd warning “failed to send out heartbeat on time” mean?](https://etcd.io/docs/latest/faq/) in the etcd documentation. * The user performing the installation must have root access to the machine, such as with `sudo`. * The data directory used by Embedded Cluster must have 40Gi or more of total space and be less than 80% full. By default, the data directory is `/var/lib/embedded-cluster`. The directory can be changed by passing the `--data-dir` flag with the Embedded Cluster `install` command. For more information, see [install](/reference/embedded-cluster-install). Note that in addition to the primary data directory, Embedded Cluster creates directories and files in the following locations: - `/etc/cni` - `/etc/k0s` - `/opt/cni` - `/opt/containerd` - `/run/calico` - `/run/containerd` - `/run/k0s` - `/sys/fs/cgroup/kubepods` - `/sys/fs/cgroup/system.slice/containerd.service` - `/sys/fs/cgroup/system.slice/k0scontroller.service` - `/usr/libexec/k0s` - `/var/lib/calico` - `/var/lib/cni` - `/var/lib/containers` - `/var/lib/kubelet` - `/var/log/calico` - `/var/log/containers` - `/var/log/embedded-cluster` - `/var/log/pods` - `/usr/local/bin/k0s` * (Online installations only) Access to replicated.app and proxy.replicated.com or your custom domain for each * Embedded Cluster is based on k0s, so all k0s system requirements and external runtime dependencies apply. See [System requirements](https://docs.k0sproject.io/stable/system-requirements/) and [External runtime dependencies](https://docs.k0sproject.io/stable/external-runtime-deps/) in the k0s documentation. ## Limitation Replicated template functions are not supported in the ConfigValues resource. To set an application configuration item to a value rendered by a template function, you can use a template function in the `default` or `value` property for the item in the [Config](custom-resource-config) resource. For more information about working with Replicated template functions, see [About Replicated Template Functions](/reference/template-functions-about). ## Spec ### values.[item_name].default The item's default value, as defined in the [Config](custom-resource-config) custom resource in the release. #### Example ```yaml apiVersion: kots.io/v1beta1 kind: ConfigValues spec: values: certificate_source: default: generate_internal deploy_postgres: default: "1" value: "0" service_type: default: cluster_ip value: node_port node_port_port: default: "443" value: "3000" ``` ### values.[item_name].value The user-supplied value for the application configuration item. #### Example ```yaml apiVersion: kots.io/v1beta1 kind: ConfigValues spec: values: slack_clientid: value: T057KR02S slackernews_domain: value: hello.ingress.replicatedcluster.com slackernews_admin_user_emails: value: mandy@nitflex.com, jeff@nitflex.com, anil@nitflex.com service_type: value: node_port node_port_port: value: "443" ``` :::note In the ConfigValues resource that is automatically generated by the Admin Console as part of installation, the `value` property might also be set to one of the following: * A value rendered by a Replicated template function. For example, a [`hidden`](/reference/custom-resource-config#hidden) item defined in the Config resource could use the Replicated [RandomString](/reference/template-functions-static-context#randomstring) template function to set the value with `value: repl{{ RandomString 40}}`. In this case, the value for the item in the ConfigValues would be generated by the template function and not user-supplied. For more information about using Replicated template functions, see [About Replicated Template Functions](/reference/template-functions-about). * An encrypted empty string. For any `password` configuration items without a user-supplied value, the Admin Console sets the value to an empty string. In the ConfigValues generated for the installation, this empty string is automatically encrypted. * An empty mapping (`{}`). For configuration items without a user-supplied `value` or a `default` set, the value is set to `{}`. ::: ### values.[item_name].valuePlaintext {#valueplaintext} A plain text value. For any configuration items of type [`password`](/reference/custom-resource-config#password), the password must be provided in plain text in a `valuePlaintext` property rather than in the `value` property. During installation, the Admin Console encrypts the values set in `valuePlaintext`. In the ConfigValues resource that is automatically generated as part of installation, these encrypted values are saved in `value` properties. The image below shows how a `valuePlaintext` value is encrypted and added to a `value` property during installation: ![valuesPlaintext field in ConfigValues](/images/configvalues-plaintext.png) [View a larger version of this image](/images/configvalues-plaintext.png) #### Example ```yaml apiVersion: kots.io/v1beta1 kind: ConfigValues spec: values: slack_bot_token: valuePlaintext: examplebottoken slack_clientsecret: valuePlaintext: exampleclientsecret slack_user_token: valuePlaintext: exampleusertoken ``` ## Download the ConfigValues for an Installation {#download} For each installation, the Admin Console automatically generates a ConfigValues resource and makes it available for download in the Admin Console **View files** tab or with the [`kots get config`](/reference/kots-cli-get-config) command. To get the ConfigValues file from an installed application instance: 1. Install the target release in a development environment. You can either install the release with Replicated Embedded Cluster or install in an existing cluster with KOTS. For more information, see [Online Installation with Embedded Cluster](/enterprise/installing-embedded) or [Online Installation in Existing Clusters](/enterprise/installing-existing-cluster). 1. Depending on the installer that you used, do one of the following to get the ConfigValues for the installed instance: * **For Embedded Cluster installations**: In the Admin Console, go to the **View files** tab. In the filetree, go to **upstream > userdata** and open **config.yaml**, as shown in the image below: ![ConfigValues file in the Admin Console View Files tab](/images/admin-console-view-files-configvalues.png) [View a larger version of this image](/images/admin-console-view-files-configvalues.png) * **For KOTS installations in an existing cluster**: Run the `kubectl kots get config` command to view the generated ConfigValues file: ```bash kubectl kots get config --namespace APP_NAMESPACE --decrypt ``` Where: * `APP_NAMESPACE` is the cluster namespace where KOTS is running. * The `--decrypt` flag decrypts all configuration fields with `type: password`. In the downloaded ConfigValues file, the decrypted value is stored in a `valuePlaintext` field. The output of the `kots get config` command shows the contents of the ConfigValues file. For more information about the `kots get config` command, including additional flags, see [kots get config](/reference/kots-cli-get-config).