Control Tower
A tool for easily deploying self-healing, self-updating Concourse (and Grafana and CredHub!) in a single command.
TL;DR
Ensure you install the pre-requisites. After that you can download the latest Control-Tower release from Github. Users of Homebrew on macOS or Linux can also run:
$ brew install engineerbetter/tap/control-towerThen...
AWS
$ AWS_ACCESS_KEY_ID=<access-key-id> \
AWS_SECRET_ACCESS_KEY=<secret-access-key> \
control-tower deploy --iaas aws <your-project-name>GCP
$ GOOGLE_APPLICATION_CREDENTIALS=<path/to/googlecreds.json> \
control-tower deploy --iaas gcp <your-project-name>๐ ...then don't forget to please complete our quick 7-question survey so we can understand how and why you use Control Tower, and how we can make it better. ๐
Why Control Tower?
The goal of Control Tower is to be the world's easiest way to deploy and operate Concourse CI in production.
In just one command you can deploy a new Concourse environment for your team, on either AWS or GCP. Your Control Tower deployment will upgrade itself and self-heal, restoring the underlying VMs if needed. Using the same command-line tool you can do things like manage DNS, scale your environment, or manage firewall policy. CredHub is provided for secrets management and Grafana for viewing your Concourse metrics.
You can keep up to date on Control Tower announcements by reading the EngineerBetter Blog and by joining the discussion on our Community Slack.
Features
| Feature | AWS | GCP |
|---|---|---|
| Concourse IP whitelisting | + | + |
| Credhub | + | + |
| Custom domains | + | + |
| Custom tagging | BOSH only | BOSH only |
| Custom TLS certificates | + | + |
| Database vertical scaling | + | + |
| BitBucket authentication | + | + |
| GitHub authentication | + | + |
| Microsoft authentication | + | + |
| Grafana (on port 3000) | + | + |
| Interruptable worker support | + | + |
| Letsencrypt integration | + | + |
| Namespace support | + | + |
| Region selection | + | + |
| Retrieving deployment information | + | + |
| Retrieving deployment information as shell exports | + | + |
| Retrieving deployment information in JSON | + | + |
| Retrieving director NATS cert expiration | + | + |
| Rotating director NATS cert | + | + |
| Self-Update support | + | + |
| Teardown deployment | + | + |
| Web server vertical scaling | + | + |
| Worker horizontal scaling | + | + |
| Worker type selection | + | N/A |
| Worker vertical scaling | + | + |
| Zone selection | + | + |
| Customised networking | + | + |
Detailed Documentation
| Before you start | Prerequisites |
| Installing Control Tower | Installation |
| Flags on all commands | Global flags |
| Deploying a Concourse | Deploy |
| Retrieving info from a deployment | Info |
| Destroying a Concourse | Destroy |
| Maintaining your Concourse | Maintain |
| Updating | Updating |
| Metrics | Metrics |
| Credential Management | Credhub |
| How much will this cost? | Cost Estimation |
| What is it doing? - deep dive | Walkthrough |
| Want to Contribute? | Development |
| Having problems? | Troubleshooting |