Learning about App Configuration architecture and workload isolation
Learn about the IBM Cloud® App Configuration service architecture, the service dependencies, and how customer workloads are isolated from each other in App Configuration instances.
App Configuration architecture
IBM Cloud App Configuration service is offered in the regions: Dallas, Washington DC, London, Frankfurt, Toronto, Tokyo, Osaka, Sydney and Sao Paulo. Every region supported, has its own IBM Cloud Kubernetes Service cluster with several worker nodes. Each worker node runs several instances of App Configuration service components. Each region is fronted by a global load balancer and a web application firewall.
App Configuration service persists tenant data in highly available database. A single regional database is used to store the data of all tenants in that particular region.
The data is stored across multiple zones in each region for high availability. Data that is stored is encrypted and persisted in a database cluster that is spread across availability zones. All databases connections use TLS/SSL encryption for data in transit.

The Feature server component provides the API interface to the App Configuration service.
The data store component stores all configuration, metrics, instance details, and environments data.
The App Configuration UI is the front-end component, which can be used to manage the configuration data.
Analytics server component collects the usage metrics for configuration data and stores it to the data store at instance level.
App Configuration workload isolation
Each regional deployment of the IBM Cloud® App Configuration serves multiple tenants that are identified by the IBM service instance.
- The IBM Cloud App Configuration service in a region is a multi-tenant highly available service.
- The configuration data that is collected and processed by the IBM Cloud App Configuration service is associated with the service instance that is created by a tenant. This configuration data is not visible to the other service instances by virtue of this association.
- Data for all tenants is colocated in the same data store and segmented by the tenant-specific instance
guid
. Retrieval of tenant-specific data is enforced by access control policies.