Add Concourse to a test cluster

Pre-requisites

• A test cluster. For this guide, we’ll assume it’s called david-test1
• You must install concourse
• You must have fly installed

Process

• Go to cloud-platform-infrastructure/terraform/aws-accounts/cloud-platform-aws/vpc/eks directory and update node_groups_count and node_size as below to match the Manager cluster configuration, as this will support the cpu and memory demands of concourse module.

node_groups_count = {
    live    = "54"
    manager = "4"
    default = "3" > "4"
  }
  node_size = {
    live    = ["r5.xlarge", "r5.2xlarge", "r5a.xlarge"]
    manager = ["m5.xlarge", "m5.2xlarge", "m5a.xlarge"]
    default = ["m5.large", "m5.xlarge", "m5a.large"] > ["m5.xlarge", "m5.2xlarge", "m5a.xlarge"]
  }

• Apply the changes using below terraform workflow:

terraform init
terraform workspace select <WorkspaceName>
terraform plan -var "enable_oidc_associate=false"
terraform apply -var "enable_oidc_associate=false"

• Go to cloud-platform-infrastructure/terraform/aws-accounts/cloud-platform-aws/vpc/eks/components directory. Amend the following file and remove the count line from the concourse module.
• Apply the terraform module to your test cluster

terraform init
terraform workspace select <WorkspaceName>
terraform plan
terraform apply -target=module.concourse

• Clone the concourse repository.

• Login to Concourse

For this step you will need to authenticate to Concourse using your instance’s local username and password. These are stored in the kubernete secret concourse-web in the concourse namespace, and can be obtained using the cloud-platform cli tool:

cloud-platform decode-secret -n concourse -s concourse-web

Username and password are stored in the local-users key-value pair:

"local-users": "[local-username]/[local-password]"

• Once you have these values to hand, login to Concourse with fly

fly --target david-test1 login \
    --team-name main \
    --concourse-url https://concourse.apps.david-test1.cloud-platform.service.justice.gov.uk

Follow the URL this command outputs, choose to login with Username/Password, and enter your local username credentials.

• Apply your pipeline

fly --target david-test1 set-pipeline \
    --pipeline plan-pipeline \
    --config pipelines/david-test1/main/plan-environments.yaml

Repeat this command whenever you make changes to the pipeline yaml file.

• Set up secrets

If your pipeline requires secrets, such as AWS credentials, you need to define those as kubernetes secrets in the concourse-main namespace (or concourse-<team name> if you’re using a different concourse team, rather than main)

This page was last reviewed on 16 March 2023. It needs to be reviewed again on 16 June 2023 by the page owner #cloud-platform .

This page was set to be reviewed before 16 June 2023 by the page owner #cloud-platform. This might mean the content is out of date.