Skip to content
Branch: master
Find file History
vito Merge pull request #173 from continusec/fixcredhubcacert
Fix credhub colocated operator file to actually use CA cert
Latest commit 947746e Jul 31, 2019
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
cloud_configs bootstrap cluster examples Nov 27, 2017
operations Merge pull request #173 from continusec/fixcredhubcacert Jul 31, 2019
README.md Updates deploy cmd for new authn requirement Oct 13, 2018
concourse.yml Change bpm download link Jun 16, 2019
external-worker.yml surround host by quotes May 28, 2019

README.md

Cluster Concourse deployment

A clustered Concourse deployment exercises the full might of BOSH. It provides disaster recovery for your VMs, safe management of your persistent state (including resizing of the available space, snapshot/restore, etc.), and in general will make your life easier once you get it going.

You'll first need to set up the Cloud Config on your director. This part depends on your infrastructure of choice. There are a few example configs under cloud_configs/.

For example, if you're going to deploy to a BOSH Lite director, you would run:

bosh -e $BOSH_ENVIRONMENT update-cloud-config cloud_configs/vbox.yml

bosh -e $BOSH_ENVIRONMENT deploy -d concourse concourse.yml \
  -l ../versions.yml \
  --vars-store cluster-creds.yml \
  -o operations/static-web.yml \
  -o operations/basic-auth.yml \
  --var local_user.username=admin \
  --var local_user.password=admin \
  --var web_ip=10.244.15.2 \
  --var external_url=http://10.244.15.2:8080 \
  --var network_name=concourse \
  --var web_vm_type=concourse \
  --var db_vm_type=concourse \
  --var db_persistent_disk_type=db \
  --var worker_vm_type=concourse \
  --var deployment_name=concourse

This should then result in a Concourse running and listening at http://10.244.15.2:8080, ready for targeting with fly:

fly -t ci login -c http://10.244.15.2:8080 -u admin -p admin

Using BOSH BootLoader

The bbl project maintains documentation for deploying Concourse quickly and easily across a few supported IaaSes. Consult their concourse.md docs for more information.

External Concourse worker

In case you have a distributed setup with external concourse workers deployed on another BOSH you can deploy those with:

bosh -e $BOSH_ENVIRONMENT deploy -d concourse-worker external-worker.yml \
  -l ../versions.yml \
  -v external_worker_network_name=concourse \
  -v worker_vm_type=concourse-workers \
  -v instances=2 \
  -v azs=[z1] \
  -v deployment_name=concourse-worker \
  -v tsa_host=10.244.15.2 \
  -v worker_tags=[tags] \
  -l <path/to/secrets.yml>

The secrets.yml file has to contain the public tsa host key of the concourse master and the worker private key:

tsa_host_key:
  public_key: <public_key>

worker_key:
  private_key: |
    -----BEGIN RSA PRIVATE KEY-----
    ...
    -----END RSA PRIVATE KEY-----
You can’t perform that action at this time.