Skip to content
/ cf-concourse Public

An experiment: running concourse as an app on cloudfoundry

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cf-container-networking/cf-concourse

BranchesTags

Repository files navigation

Concourse as a CloudFoundry app

A demo of CF container networking

Example

  1. Open a security hole in your CloudFoundry
PATCH_FILE="`pwd`/nsync.patch"
pushd ~/workspace/cf-release/src/capi-release/src/code.cloudfoundry.org/nsync
  git apply $PATCH_FILE
popd
  1. Pry it open even more
bosh edit deployment

and set

diego_privileged_containers: true

  1. Deploy cf + diego + netman

  2. Wire up a Postgres database somehow 0. For example by re-using the one in CF, update the cf deployment manifest to add a new database and user to postgres: yaml properties: databases: databases: - citext: false name: concourse tag: concourse roles: - name: concourse password: admin tag: admin

    1. Allow access to that database
    cf create-security-group the_db <(echo '[ { "destination": "10.244.0.30", "protocol": "all" } ]')
cf bind-running-security-group the_db
    1. Update your web-manifest.yml with the connection string
    POSTGRES_DATA_SOURCE: postgres://admin:[email protected]/concourse

  3. Generate required keys for Concourse, by following the instructions for using Concourse as standalone binaries.

mkdir -p credentials
pushd credentials
  ssh-keygen -t rsa -f host_key -N ''
  ssh-keygen -t rsa -f worker_key -N ''
  ssh-keygen -t rsa -f session_signing_key -N ''
  cp worker_key.pub authorized_worker_keys
popd
  1. Pull in binaries for jq and concourse
mkdir -p bin
curl -L -o bin/jq https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64
curl -L -o bin/concourse https://github.com/concourse/concourse/releases/download/v1.6.0/concourse_linux_amd64
  1. Deploy
cf push -f web-manifest.yml
WEB_INTERNAL_IP=$(cf ssh concourse-web -c './app/get-my-ip')
cf push -f worker-manifest.yml --no-start
cf set-env concourse-worker CONCOURSE_TSA_HOST $WEB_INTERNAL_IP
cf access-allow concourse-worker concourse-web --protocol tcp --port 4444
cf access-allow concourse-web concourse-worker --protocol tcp --port 7777
cf access-allow concourse-web concourse-worker --protocol tcp --port 7788
cf start concourse-worker
  1. Kick the tires
fly -t cf-concourse login -c http://concourse.bosh-lite.com
fly -t cf-concourse set-pipeline -p example -c example-pipeline.yml
open http://concourse.bosh-lite.com

About

An experiment: running concourse as an app on cloudfoundry

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages