Concourse CI, a CI/CD tool whose charm lies in the minimalist design, is widely applied to the CI/CD of each Cloud Foundry module. Concourse CI officially provides the standard Docker images and you can use Alibaba Cloud Container Service to deploy a set of Concourse CI applications rapidly.

Get to know the principle of Concourse if you are not familiar with the Concourse CI tool. For more information, see Concourse official website.

Create a swarm cluster

Log on to the Container Service console to create a cluster. In this example, create a swarm cluster with one node.

For how to create a cluster, see Create a cluster.

Note You must configure the external URL for Concourse, which allows you to access the Web service of Concourse from the current machine. Therefore, retain the Elastic IP (EIP) when creating a cluster.

Configure security group rules

The Concourse component ATC listens to the port 8080 by default. Therefore, you must configure the inbound permissions of port 8080 for the cluster security group.

  1. In the Container Service console, click Swarm > Clusters in the left-side navigation pane. Click Manage at the right of the created cluster.
  2. On the Basic Information page, click the security group ID.
  3. Click Security Group Rules in the left-side navigation pane. Click Add Security Group Rules in the upper-right corner.
  4. Configure the inbound permissions of port 8080 for the security group and then click OK.

Create keys in the ECS instance

You must generate three private keys for running Concourse safely.

  1. Log on to the Elastic Compute Service (ECS) instance. In the root directory, create the directories keys/web and keys/worker . You can run the following command to create these two directories rapidly.
    mkdir -p keys/web keys/worker
  2. Run the following commands to generate three private keys.
    ssh-keygen -t rsa -f tsa_host_key -N ''
    ssh-keygen -t rsa -f worker_key -N ''
    ssh-keygen -t rsa -f session_signing_key -N ''
  3. Copy the certificate to the corresponding directory.
    cp ./keys/worker/ ./keys/web/authorized_worker_keys
    cp ./keys/web/ ./keys/worker

Deploy Concourse CI

  1. Log on to the Container Service console.
  2. Click Swarm > Configurations in the left-side navigation pane. Click Create in the upper-right corner. Enter CONCOURSE_EXTERNAL_URL as the Variable Name and http://your-ecs-public-ip:8080 as the Variable Value.
  3. Click Applications in the left-side navigation pane. Select the cluster used in this example from the Cluster drop-down list. Click Create Application in the upper-right corner.
  4. Enter the basic information for the application you are about to create. Select Create with Orchestration Template. Use the following template:
    version: '2'
         image: postgres:9.5
         privileged: true
           POSTGRES_DB: concourse
           POSTGRES_USER: concourse
           POSTGRES_PASSWORD: changeme
           PGDATA: /database
         image: concourse/concourse
         links: [concourse-db]
         command: web
         privileged: true
         depends_on: [concourse-db]
         ports: ["8080:8080"]              
         volumes: ["/root/keys/web:/concourse-keys"]   
         restart: unless-stopped # required so that it retries until conocurse-db comes up
           CONCOURSE_POSTGRES_HOST: concourse-db
           CONCOURSE_POSTGRES_USER: concourse
         image: concourse/concourse
         privileged: true
         links: [concourse-web]
         depends_on: [concourse-web]
         command: worker
         volumes: ["/keys/worker:/concourse-keys"]
           CONCOURSE_TSA_HOST: concourse-web
  5. Click Create and Deploy. The Template Parameter dialog box appears. Select the configuration file to be associated with from the Associated Configuration File drop-down list. Click Replace Variable and then click OK.
    After the application is created, the following three services are started.
    Then, the Concourse CI deployment is finished. Enter http://your-ecs-public-ip:8080 in the browser to access the Concourse CI.

Run a CI task (Hello world)

  1. In the browser opened in the last section, download the CLI corresponding to your operating system and install the CLI client. Use ECS (Ubuntu 16.04) as an example.
  2. For Linux and Mac OS X systems, you must add the execution permissions to the downloaded FLY CLI file first. Then, install the CLI to the system and add it to $PATH.
    chmod +x fly
     install fly /usr/local/bin/fly
  3. After the installation, you can check the version.
    $fly -v
  4. Connect to the target. The username and password are concourse and changeme by default.
    $ fly -t lite login -c http://your-ecs-public-ip:8080
     in to team 'main'
     username: concourse
  5. Save the following configuration template as hello.yml.
     - name: hello-world
       - task: say-hello
           platform: linux
             type: docker-image
             source: {repository: ubuntu}
             path: echo
             args: ["Hello, world!"]
  6. Register the task.
    fly -t lite set-pipeline -p hello-world -c hello.yml
  7. Start the migration task.
    fly -t lite unpause-pipeline -p hello-world
    The page indicating the successful execution is as follows.

For more information about the characteristics of Concourse CI, see Concourse CI project.