worker job from concourse/7.11.1
The 'worker' nodes are what actually run Concourse workloads (builds, resource checking, etc). They register with Concourse via the SSH worker gateway running on the 'web' nodes.
              Github source:
              779be45 or
              master branch
            
Properties¶
baggageclaim¶
  
  
    
bind_ip¶IP on which Baggageclaim should listen for HTTP traffic. When p2p is enabled this needs to be set to 0.0.0.0
- Default
127.0.0.1
bind_port¶Port on which Baggageclaim should listen for HTTP traffic.
- Default
7788
disable_user_namespaces¶Disable remapping of user/group IDs in unprivileged volumes.
For use in combination with ‘runtime.type=houdini’.
- Default
false
driver¶Driver to use for the volume store. One of detect, overlay, btrfs, or naive.
- Default
detect
p2p¶
interface_family¶Interface family to use for peer-to-peer volume streaming.
Set 4 for IPv4 or 6 for IPv6.
- Example
4
interface_name_pattern¶Regex for determining the network interface to use for peer-to-peer volume streaming.
- Example
eth0
certs_path¶
  
    
      A path to a directory on the instance to create the resource certificates volume from.
- Default
- /etc/ssl/certs 
connection_drain_timeout¶
  
    
      Duration after which a worker should give up draining forwarded connections on shutdown.
- Default
- 1h 
container_sweeper_max_in_flight¶
  
    
      Maximum number of containers which can be swept in parallel.
containerd¶
  
  
    
allow_host_access¶Allows containers to reach host network
bin¶Path to a containerd executable (non-absolute names get resolved from $PATH).
cni_bin¶Path to CNI network plugins. For BOSH this defaults to /var/vcap/packages/concourse/bin when containerd is selected as the runtime.
config¶Path to a config file to use for the Containerd daemon.
dns_proxy_enable¶Enable a proxy DNS server for Garden. Note: this implicitly turns on container access to host network.
dns_servers¶List of DNS server IP addresses to use instead of automatically determined servers.
external_ip¶IP address to use to reach container’s mapped ports. Autodetected if not specified.
init_bin¶Path to an init executable. For BOSH this defaults to /var/vcap/packages/concourse/bin/init when containerd is selected as the runtime.
max_containers¶Maximum container capacity. 0 means no limit. Defaults to 250.
mtu¶MTU size for container network interfaces. Defaults to the MTU of the interface used for outbound access by the host.
network_pool¶Network range to use for dynamically allocated container subnets. Defaults to “10.80.0.0/16”.
oci_hooks_dir¶Path to the oci hooks dir. By default none is provided.
request_timeout¶Time to wait for requests to Containerd to complete. 0 means no timeout.
restricted_networks¶List of network ranges to which traffic from containers will be restricted.
seccomp_profile¶Path to a seccomp filter override. By default will use a restrictive default set.
debug¶
  
  
    
bind_ip¶IP address on which to listen for the pprof debugger endpoints.
- Default
127.0.0.1
bind_port¶Port on which to listen for the pprof debugger endpoints.
- Default
7776
drain_timeout¶
  
    
      Maximum wait time in Go duration format (1m = 1 minute) for worker drain to be finished. Only applies when worker is getting shutdown.
- Default
- 1h 
ephemeral¶
  
    
      If set, the worker will immediately disappear upon stalling.
- Default
- false 
external_garden_url¶
  
    
      API endpoint of an externally managed Garden server to use instead of running the embedded Garden server.
garden¶
  
  
    
allow_host_access¶Allow containers to reach the worker VM’s network.
bin¶Path to a gdn executable (non-absolute names get resolved from $PATH).
config_ini¶Contents of the Garden configuration. Use to customize the container runtime. This may over-ride any other environment variables specified. See: https://concourse-ci.org/concourse-worker.html#configuring-gdn-server
deny_networks¶Network ranges to which traffic from containers will be denied.
- Example
[]
dns_servers¶DNS servers IP addresses to use instead of automatically propagating the host’s DNS configuration.
- Example
[]
max_containers¶Maximum container capacity to advertise. 0 means no limit. Defaults to 250.
network_pool¶Network range to use for dynamically allocated container subnets. Defaults to “10.80.0.0/16”.
request_timeout¶How long to wait for requests to Garden to complete, in Go duration format (48h = 48 hours). 0 means no timeout.
- Example
5m
healthcheck¶
  
  
    
bind_ip¶IP address on which to listen for health checking requests.
bind_port¶Port on which to listen for health checking requests.
timeout¶HTTP timeout for the full duration of health checking.
http_proxy_url¶
  
    
      Proxy to use for outgoing http requests from containers.
https_proxy_url¶
  
    
      Proxy to use for outgoing https requests from containers.
log_level¶
  
    
      The log level for the worker. When set to debug, you’ll see a lot more information.
- Default
- info 
no_proxy¶
  
    
      A list domains and IPs with optional port for which the proxy should be bypassed.
- Example
- 
            
            - localhost - 127.0.0.1 - example.com - domain.com:8080 
runtime¶
  
    
      Container runtime for worker. Possible values are “guardian”, “containerd”, and “houdini”. Please note that Houdini is insecure and does not run tasks in containers.
- Example
- 
            
            guardian 
sweep_interval¶
  
    
      Interval on which to destroy containers and volumes marked for garbage collection.
- Default
- 30s 
tags¶
  
    
      An array of tags to advertise for each worker.
- Example
- 
            
            - special 
team¶
  
    
      Register the worker for a single team.
If not specified, the worker will be shared across all teams.
tracing¶
  
  
    
attributes¶Attributes to attach to traces as metadata.
- Example
environment: ci
honeycomb_api_key¶Honeycomb.io API Key.
honeycomb_dataset¶Name of dataset.
- Example
web
jaeger_endpoint¶jaeger HTTP-based Thrift collector.
- Example
http://jaeger:14268/api/traces
jaeger_service¶Name of the service being traced.
- Example
web
jaeger_tags¶Tags to include in components.
- Example
foo:bar,caz:zaz
otlp_address¶OTLP address to send traces to.
- Example
otel-collector:55860
otlp_headers¶Headers to attach to each tracing message.
- Example
lightstep-access-token: mysecrettoken
otlp_use_tls¶Whether to use TLS for the OTLP connection.
service_name¶Service name to attach to traces as metadata.
- Example
concourse-web
stackdriver_projectid¶GCP’s Project ID
- Example
my-projectid
volume_sweeper_max_in_flight¶
  
    
      Maximum number of volumes which can be swept in parallel.
worker_gateway¶
  
  
    
host_public_key¶Public key to verify for the TSA server. If not specified, the
weblink is used.
- Example
ssh-rsa ...
hosts¶Addresses (host:port) of TSA servers to register with.
If not specified, the
weblink is used.
rebalance_interval¶The interval on which the worker will connect to a new SSH gateway and drain the old connection. This has the effect of rebalancing the forwarded workers across the SSH gateways over time.
- Example
4h
worker_key¶SSH key to use when authenticating with the TSA.
- Example
private_key: |+ -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY----- public_key: ssh-rsa ...
Templates¶
            Templates are rendered and placed onto corresponding
            instances during the deployment process. This job's templates
            will be placed into /var/vcap/jobs/worker/ directory
            (learn more).
          
- bin/concourse_start(from- concourse_start.erb)
- bin/concourse_stop(from- concourse_stop.erb)
- bin/ctl(from- ctl.erb)
- bin/drain(from- drain.erb)
- bin/pre_start(from- pre_start.erb)
- config/concourse.service(from- concourse.service)
- config/env.sh(from- env.sh.erb)
- config/garden.ini(from- garden.ini.erb)
- config/worker_gateway_host_key.pub(from- worker_gateway_host_key.pub.erb)
Packages¶
            Packages are compiled and placed onto corresponding
            instances during the deployment process. Packages will be
            placed into /var/vcap/packages/ directory.