| This repository is a fork of the original control-tower by EngineerBetter, which is no longer actively maintained. This fork is maintained by Softwire for our own internal purposes. While we continue to make updates, we offer no warranties, guarantees, or official support for external use. If you decide to use this fork, you do so at your own risk. |
A tool for easily deploying self-healing, self-updating Concourse (and Grafana and CredHub!) in a single command.
Ensure you install the pre-requisites. After that you can download the latest Control-Tower release from Github. Users of Homebrew on macOS or Linux can also run:
$ brew install engineerbetter/tap/control-towerThen...
$ AWS_ACCESS_KEY_ID=<access-key-id> \
AWS_SECRET_ACCESS_KEY=<secret-access-key> \
control-tower deploy --iaas aws <your-project-name>$ GOOGLE_APPLICATION_CREDENTIALS=<path/to/googlecreds.json> \
control-tower deploy --iaas gcp <your-project-name>📋 ...then don't forget to please complete our quick 7-question survey so we can understand how and why you use Control Tower, and how we can make it better. 📋
The goal of Control Tower is to be the world's easiest way to deploy and operate Concourse CI in production.
In just one command you can deploy a new Concourse environment for your team, on either AWS or GCP. Your Control Tower deployment will upgrade itself and self-heal, restoring the underlying VMs if needed. Using the same command-line tool you can do things like manage DNS, scale your environment, or manage firewall policy. CredHub is provided for secrets management and Grafana for viewing your Concourse metrics.
You can keep up to date on Control Tower announcements by reading the EngineerBetter Blog and by joining the discussion on our Community Slack.
| Feature | AWS | GCP |
|---|---|---|
| Concourse IP whitelisting | + | + |
| Credhub | + | + |
| Custom domains | + | + |
| Custom tagging | BOSH only | BOSH only |
| Custom TLS certificates | + | + |
| Database vertical scaling | + | + |
| BitBucket authentication | + | + |
| GitHub authentication | + | + |
| Microsoft authentication | + | + |
| Grafana (on port 3000) | + | + |
| Interruptable worker support | + | + |
| Letsencrypt integration | + | + |
| Namespace support | + | + |
| Region selection | + | + |
| Retrieving deployment information | + | + |
| Retrieving deployment information as shell exports | + | + |
| Retrieving deployment information in JSON | + | + |
| Retrieving director NATS cert expiration | + | + |
| Rotating director NATS cert | + | + |
| Self-Update support | + | + |
| Teardown deployment | + | + |
| Web server vertical scaling | + | + |
| Worker horizontal scaling | + | + |
| Worker type selection | + | N/A |
| Worker vertical scaling | + | + |
| Zone selection | + | + |
| Customised networking | + | + |
| Before you start | Prerequisites |
| Installing Control Tower | Installation |
| Flags on all commands | Global flags |
| Deploying a Concourse | Deploy |
| Retrieving info from a deployment | Info |
| Destroying a Concourse | Destroy |
| Maintaining your Concourse | Maintain |
| Updating | Updating |
| Metrics | Metrics |
| Credential Management | Credhub |
| How much will this cost? | Cost Estimation |
| What is it doing? - deep dive | Walkthrough |
| Want to Contribute? | Development |
| Having problems? | Troubleshooting |