This repository is a fork of concourse/concourse-docker - it ditches packaging the image and only focuses on getting Concourse running with rootless** Podman + Podman Compose / Docker Compose

Refer to concourse/concourse-docker for configuration & other documentation.

** you need root access to setup a kernel module - containers runs in rootless mode

You need to run:

$ modprobe ip_tables
$ modprobe iptable_filter

as root to get around this error when starting up worker:

containerd-garden-backend exited with error: setup host network failed: create chain or flush if exists failed: running [/usr/sbin/iptables -t filter -N CONCOURSE-OPERATOR --wait]: exit status 3: iptables v1.8.7 (legacy): can't initialize iptables table `filter': Table does not exist (do you need to insmod?)

I faced this with netavark stack - I haven't tested with CNI stack.

You can persist this by appending module names to /etc/modules. After this, all the steps can be executed as rootless user.

Clone this repo

$ git clone https://github.com/Sid-Sun/concourse-podman
$ cd concourse-podman

The docker-compose.yml in this repo will get you up and running with the latest version of Concourse. To use it you'll first need to execute ./keys/generate - this will generate credentials used to authorize the Concourse components with each-other:

$ ./keys/generate
wrote private key to /keys/session_signing_key
wrote private key to /keys/tsa_host_key
wrote ssh public key to /keys/tsa_host_key.pub
wrote private key to /keys/worker_key
wrote ssh public key to /keys/worker_key.pub

The default configuration sets up a test user with test as their password and grants them access to main team. To use this in production you'll definitely want to change that - see Auth & Teams for more information..

By default, docker-compose.yml sets restart: always so podman-restart.service can restart the containers on reboots (assuming it is enabled)

• You can get either docker-compose or docker compose v2 (this repo has been tested with v2) - you can use either your distro's package manager or for v2:
  • Download the binary from docker compose git repo and place it in your $PATH with name docker-compose (yes - placing v2 compose as v1's name is fine)

• Start the Podman socker for your user systemctl start --user podman.socket & enable it systemctl enable --user podman.socket
• set the DOCKER_HOST environment variable export DOCKER_HOST=unix:///run/user/$UID/podman/podman.sock

Run docker-compose up -d to start Concourse in the background:

$ docker-compose up -d
Starting concourse-podman_db_1 ... done
Starting concourse-podman_web_1 ... done
Starting concourse-podman_worker_1 ... done

$ docker-compose ps

or

$ podman ps -a

$ docker-compose logs -f

or

$ podman logs <container>

• Install podman-compose if not already installed

Run podman-compose up -d to start Concourse in the background:

$ podman-compose up -d

$ podman-compose ps
['podman', '--version', '']
using podman version: 4.2.0
podman ps -a --filter label=io.podman.compose.project=concourse-podman
CONTAINER ID  IMAGE                                 COMMAND     CREATED         STATUS             PORTS                   NAMES
d3115c8d24fa  docker.io/library/postgres:latest     postgres    22 minutes ago  Up 22 minutes ago                          concourse-podman_db_1
97e8efa56d5e  docker.io/concourse/concourse:latest  web         22 minutes ago  Up 22 minutes ago  0.0.0.0:8080->8080/tcp  concourse-podman_web_1
1b57d6909298  docker.io/concourse/concourse:latest  worker      22 minutes ago  Up 22 minutes ago                          concourse-podman_worker_1
exit code: 0

or

$ podman ps -a

$ podman-compose logs -f

or

$ podman logs <container>