Add Concourse to a test cluster
Pre-requisites
- A test cluster. For this guide, we’ll assume it’s called
david-test1
- You must install concourse
- You must have fly installed
Process
- Go to
cloud-platform-infrastructure/terraform/aws-accounts/cloud-platform-aws/vpc/eks
directory and updatenode_groups_count
andnode_size
as below to match the Manager cluster configuration, as this will support the cpu and memory demands of concourse module.
node_groups_count = {
live = "54"
manager = "4"
default = "3" > "4"
}
node_size = {
live = ["r5.xlarge", "r5.2xlarge", "r5a.xlarge"]
manager = ["m5.xlarge", "m5.2xlarge", "m5a.xlarge"]
default = ["m5.large", "m5.xlarge", "m5a.large"] > ["m5.xlarge", "m5.2xlarge", "m5a.xlarge"]
}
- Apply the changes using below terraform workflow:
terraform init
terraform workspace select <WorkspaceName>
terraform plan -var "enable_oidc_associate=false"
terraform apply -var "enable_oidc_associate=false"
- Go to
cloud-platform-infrastructure/terraform/aws-accounts/cloud-platform-aws/vpc/eks/components
directory. Amend the following file and remove the count line from the concourse module. - Apply the terraform module to your test cluster
terraform init
terraform workspace select <WorkspaceName>
terraform plan
terraform apply -target=module.concourse
Clone the concourse repository.
Login to Concourse
For this step you will need to authenticate to Concourse using your instance’s local username and password. These are stored in the kubernete secret concourse-web
in
the concourse
namespace, and can be obtained using the cloud-platform
cli tool:
cloud-platform decode-secret -n concourse -s concourse-web
Username and password are stored in the local-users
key-value pair:
"local-users": "[local-username]/[local-password]"
- Once you have these values to hand, login to Concourse with
fly
fly --target david-test1 login \
--team-name main \
--concourse-url https://concourse.apps.david-test1.cloud-platform.service.justice.gov.uk
Follow the URL this command outputs, choose to login with Username/Password, and enter your local username credentials.
- Apply your pipeline
fly --target david-test1 set-pipeline \
--pipeline plan-pipeline \
--config pipelines/david-test1/main/plan-environments.yaml
Repeat this command whenever you make changes to the pipeline yaml file.
- Set up secrets
If your pipeline requires secrets, such as AWS credentials, you need to define those as kubernetes secrets in the concourse-main
namespace (or concourse-<team name>
if you’re using a different concourse team, rather than main
)