Concourse CI
| Channel | Revision | Published | Runs on |
|---|---|---|---|
| latest/edge | 12 | Today |
juju deploy concourse-ci-machine --channel edge
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
-
container-placement-strategy | string
Default: volume-locality
Container placement strategy (volume-locality, random, fewest-build-containers). Default: volume-locality
-
containerd-dns-proxy-enable | boolean
Enable containerd DNS proxy for container name resolution. Set to false to use external DNS servers directly. Default: false
-
containerd-dns-server | string
Default: 1.1.1.1,8.8.8.8
DNS servers for containerd containers (comma-separated). Used when containerd-dns-proxy-enable is false. Default: 1.1.1.1,8.8.8.8
-
enable-gpu | boolean
Enable GPU support for this worker. Requires NVIDIA drivers and nvidia-container-toolkit installed on host. Worker will be tagged with GPU capabilities for job targeting. Default: false
-
enable-metrics | boolean
Default: True
Enable Prometheus metrics endpoint on port 9391. Default: true
-
external-url | string
External URL for Concourse web UI (used for redirects and webhooks). If not set, automatically detects and uses http://<unit-ip>:<web-port> Important: Set this to your actual external URL if behind a proxy/NAT.
-
gpu-device-ids | string
Default: all
GPU device IDs to expose to worker (comma-separated). Use "all" to expose all GPUs, or specify devices like "0,1". Only used when enable-gpu is true. Default: all
-
initial-admin-username | string
Default: admin
Initial admin user for Concourse authentication. Default: admin
-
log-level | string
Default: info
Logging level for Concourse components (debug, info, warn, error). Default: info
-
max-concurrent-downloads | int
Default: 10
Maximum number of concurrent resource downloads. Default: 10
-
mode | string
Default: auto
Deployment mode for this unit:
- 'auto': Leader runs web, non-leaders run workers (recommended for multi-unit)
- 'all': Run both web and worker on this unit (default for single-unit)
- 'web': Only run web server
- 'worker': Only run worker Default: auto
-
tag | string
Comma-separated list of tags to assign to this worker. These are added to CONCOURSE_TAG and merged with any GPU-generated tags. Example: "gpu,high-mem,ssd"
-
tls-enabled | boolean
Enable TLS/HTTPS for Concourse web UI. Requires TLS certificate relation (future enhancement). Default: false
-
vault-auth-backend | string
Vault authentication backend (e.g., 'approle', 'token').
-
vault-auth-backend-max-ttl | string
Maximum TTL for the Vault authentication backend token. Example: '1h'
-
vault-auth-param | string
Comma-separated key-value pairs for the selected auth backend. Example: 'role_id:...,secret_id:...'
-
vault-ca-cert | string
Path to a PEM-encoded CA cert file to use for TLS to Vault.
-
vault-client-cert | string
Path to a PEM-encoded client certificate for TLS authentication to Vault.
-
vault-client-key | string
Path to an unencrypted, PEM-encoded private key for TLS authentication to Vault.
-
vault-client-token | string
Vault client token.
-
vault-lookup-templates | string
Vault lookup templates.
-
vault-namespace | string
Vault namespace.
-
vault-path-prefix | string
Prefix for all secret paths in Vault (e.g., '/concourse/my-team').
-
vault-url | string
URL of the Vault server. If set, enables Vault credential management. Example: https://vault.example.com:8200
-
version | string
Concourse CI version to deploy (e.g., 7.14.3). Leave empty to use the latest stable version.
-
web-port | int
Default: 8080
Port for Concourse web UI and API server. Supports dynamic changes with automatic service restart. Privileged ports (< 1024) are supported via CAP_NET_BIND_SERVICE. Default: 8080
-
worker-procs | int
Default: 1
Number of worker processes to spawn on this unit. Controls parallelism for job execution. Default: 1