---
title: BOSHを使ってConcourse CIをAWSにインストール (NAT利用版)
tags: ["BOSH", "Concourse CI", "AWS"]
categories: ["Dev", "CI", "ConcourseCI"]
date: 2016-04-24T13:13:53Z
updated: 2016-05-17T07:24:23Z
---

[前回の記事](https://blog.ik.am/entries/382)で、BOSHを使ってAWSにConcourse CIをインストールしましたが、NATを使わなかったのでイマイチでした。
本記事ではNATを使う構成を作成します。こっちがオススメです。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/17f3f2c8-cd3d-e618-1c90-f30927111b14.png)


今回は`~/bosh`ディレクトリで作業します。

### VPCの作成

BOSHをインストールするVPCの作成から始めます。

![bosh-architecture.png](https://qiita-image-store.s3.amazonaws.com/0/1852/87f3bd51-ad38-aea9-6c39-2b1bedc82bbb.png)


まずはNATゲートウェイに割り当てるElastic IPを発行します。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/9b7ee450-dc7a-2c94-788c-f0e01476074e.png)

次にVPCウィザードでVPCを作成します。「パブリックとプライベートサブネットを持つVPC」を選択してください。NATゲートウェイも作成できます。(NATインスタンスを使っても可)

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/5fef92bf-376a-46c9-72fc-6a2d4c4a0dce.png)

* VPC名: `bosh`
* アベイラビリティゾーン: `ap-northeast-1a`
* パブリックサブネット名: `public`
* アベイラビリティゾーン: `ap-northeast-1a`
* プライベートサブネット名: `private`
* Elastic IP 割り当てID: 先ほど発行したもの

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/aeae2de2-64f1-08b2-f276-776722596747.png)

「VPCの作成」をクリックすると`bosh` VPCが作成され、`public`(`10.0.0.0/24`)と`private`(`10.0.1.0/24`)サブネットが作成されます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/85e82b44-51f4-ad23-847b-2ced960827b1.png)

* `public`サブネットのIDは`subnet-69292d1e`
* `private`サブネットのIDは`subnet-6a292d1d`

また、`private`サブネットのルートテーブルがNATゲートウェイを指していることがわかります。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/dd333651-5251-3651-8407-469a03bb167c.png)

EC2のキーペアを`bosh`という名前で作成します。`bosh.pem`というファイル名で`~/bosh/`にダウンロードします。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/2f252218-44e9-11f6-b7b7-a6cee77f2d73.png)

次に`bosh`という名前のセキュリティグループを作成します。インバウンドのルールは以下の通り。

<img width="1081" alt="スクリーンショット 0028-04-24 19.48.16.png" src="https://qiita-image-store.s3.amazonaws.com/0/1852/18c11082-5c5b-6013-2da1-2dccf7c01da3.png">

また、`web`という名前のセキュリティグループも作成します。インバウンドのルールは以下の通り。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/b5d7c33e-f345-a96e-604f-534fd740e191.png)

* `bosh`セキュリティグループのIDは`sg-8b6bd9ef`
* `web`セキュリティグループのIDは`sg-8e68daea`


### BOSH Directorのインストール

![bosh-architecture のコピー.png](https://qiita-image-store.s3.amazonaws.com/0/1852/5ff0ef58-597d-daf5-3f15-8a175214ef42.png)


BOSH Directorのマニフェストファイルを`~/bosh/bosh.yml`に作成します。

[Step 1: Create a Deployment Manifest](https://bosh.io/docs/init-aws.html#create-manifest)のyamlファイルを`bosh.yml`に貼り付けてください。

ちなみに、本稿執筆時に使ったマニフェストは以下です。

``` yaml
---
---
name: bosh

releases:
- name: bosh
  url: https://bosh.io/d/github.com/cloudfoundry/bosh?v=256.2
  sha1: ff2f4e16e02f66b31c595196052a809100cfd5a8
- name: bosh-aws-cpi
  url: https://bosh.io/d/github.com/cloudfoundry-incubator/bosh-aws-cpi-release?v=52
  sha1: dc4a0cca3b33dce291e4fbeb9e9948b6a7be3324

resource_pools:
- name: vms
  network: private
  stemcell:
    url: https://bosh.io/d/stemcells/bosh-aws-xen-hvm-ubuntu-trusty-go_agent?v=3012
    sha1: 3380b55948abe4c437dee97f67d2d8df4eec3fc1
  cloud_properties:
    instance_type: m3.xlarge
    ephemeral_disk: {size: 25_000, type: gp2}
    availability_zone: AVAILABILITY-ZONE # <--- Replace with Availability Zone

disk_pools:
- name: disks
  disk_size: 20_000
  cloud_properties: {type: gp2}

networks:
- name: private
  type: manual
  subnets:
  - range: 10.0.0.0/24
    gateway: 10.0.0.1
    dns: [10.0.0.2]
    cloud_properties: {subnet: SUBNET-ID} # <--- Replace with Subnet ID
- name: public
  type: vip

jobs:
- name: bosh
  instances: 1

  templates:
  - {name: nats, release: bosh}
  - {name: postgres, release: bosh}
  - {name: blobstore, release: bosh}
  - {name: director, release: bosh}
  - {name: health_monitor, release: bosh}
  - {name: registry, release: bosh}
  - {name: aws_cpi, release: bosh-aws-cpi}

  resource_pool: vms
  persistent_disk_pool: disks

  networks:
  - name: private
    static_ips: [10.0.0.6]
    default: [dns, gateway]
  - name: public
    static_ips: [ELASTIC-IP] # <--- Replace with Elastic IP

  properties:
    nats:
      address: 127.0.0.1
      user: nats
      password: nats-password

    postgres: &db
      listen_address: 127.0.0.1
      host: 127.0.0.1
      user: postgres
      password: postgres-password
      database: bosh
      adapter: postgres

    registry:
      address: 10.0.0.6
      host: 10.0.0.6
      db: *db
      http: {user: admin, password: admin, port: 25777}
      username: admin
      password: admin
      port: 25777

    blobstore:
      address: 10.0.0.6
      port: 25250
      provider: dav
      director: {user: director, password: director-password}
      agent: {user: agent, password: agent-password}

    director:
      address: 127.0.0.1
      name: my-bosh
      db: *db
      cpi_job: aws_cpi
      max_threads: 10
      user_management:
        provider: local
        local:
          users:
          - {name: admin, password: admin}
          - {name: hm, password: hm-password}

    hm:
      director_account: {user: hm, password: hm-password}
      resurrector_enabled: true

    aws: &aws
      access_key_id: ACCESS-KEY-ID # <--- Replace with AWS Access Key ID
      secret_access_key: SECRET-ACCESS-KEY # <--- Replace with AWS Secret Key
      default_key_name: bosh
      default_security_groups: [bosh]
      region: REGION  # <--- Replace with Region

    agent: {mbus: "nats://nats:nats-password@10.0.0.6:4222"}

    ntp: &ntp [0.pool.ntp.org, 1.pool.ntp.org]

cloud_provider:
  template: {name: aws_cpi, release: bosh-aws-cpi}

  ssh_tunnel:
    host: ELASTIC-IP # <--- Replace with your Elastic IP address
    port: 22
    user: vcap
    private_key: ./bosh.pem # Path relative to this manifest file

  mbus: "https://mbus:mbus-password@ELASTIC-IP:6868" # <--- Replace with Elastic IP

  properties:
    aws: *aws
    agent: {mbus: "https://mbus:mbus-password@0.0.0.0:6868"}
    blobstore: {provider: local, path: /var/vcap/micro_bosh/data/cache}
    ntp: *ntp
```

以下の値を埋める必要があります。

* `ELASTIC-IP`
* `SUBNET-ID`
* `AVAILABILITY-ZONE`
* `ACCESS-KEY-ID`
* `SECRET-ACCESS-KEY`
* `REGION`


`ACCESS-KEY-ID`と`SECRET-ACCESS-KEY`は
https://bosh.io/docs/aws-iam-users.html#create
で作成したIAMユーザーのものを使用してください。

次に、BOSH Directorに設定するElastic IPを割り当てます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/ac351f66-f16b-d0e1-82bb-672532f2305e.png)

以上から、今回の環境では`bosh.yml`に次の設定を行えば良いです。

| 名前 | 値 | 補足 | 
|-----------|------------|---|
| `ELASTIC-IP` | `52.196.199.111` | 3箇所あるので注意 |
| `SUBNET-ID` | `subnet-69292d1e` | `public`のサブネット |
| `AVAILABILITY-ZONE` | `ap-northeast-1a` | |
| `ACCESS-KEY-ID` | `...` | |
| `SECRET-ACCESS-KEY` | `...` | |
| `REGION` | `ap-northeast-1` | |

`~/bosh`ディレクトリが以下の構成になっていることを確認してください。

``` console
t$ ls -l
total 16
-r--------@ 1 makit  720748206  1696  4 24 12:56 bosh.pem
-rw-r--r--  1 makit  720748206  3619  4 24 20:11 bosh.yml
```

下記リンクより、`bosh-init`コマンドをダウンロードして、パスの通った場所に配置してください。

https://bosh.io/docs/install-bosh-init.html

`bosh-init deploy`で`bosh.yml`を指定してください。

``` console
$ bosh-init deploy ./bosh.yml
Deployment manifest: '/Users/makit/bosh/bosh.yml'
Deployment state: '/Users/makit/bosh/bosh-state.json'

Started validating
  Downloading release 'bosh'... Skipped [Found in local cache] (00:00:00)
  Validating release 'bosh'... Finished (00:00:02)
  Downloading release 'bosh-aws-cpi'... Skipped [Found in local cache] (00:00:00)
  Validating release 'bosh-aws-cpi'... Finished (00:00:00)
  Validating cpi release... Finished (00:00:00)
  Validating deployment manifest... Finished (00:00:00)
  Downloading stemcell... Skipped [Found in local cache] (00:00:00)
  Validating stemcell... Finished (00:00:00)
Finished validating (00:00:02)

Started installing CPI
  Compiling package 'ruby_aws_cpi/c14af73d0f99b7571c4208b146f098a7af6ae7ab'... Finished (00:03:54)
  Compiling package 'bosh_aws_cpi/d30fd4f6cb22a5ad904dfe91d7499e061f1a2f54'... Finished (00:02:32)
  Installing packages... Finished (00:00:15)
  Rendering job templates... Finished (00:00:00)
  Installing job 'aws_cpi'... Finished (00:00:00)
Finished installing CPI (00:06:43)

Starting registry... Finished (00:00:00)
Uploading stemcell 'bosh-aws-xen-hvm-ubuntu-trusty-go_agent/3012'... Finished (00:00:06)

Started deploying
  Creating VM for instance 'bosh/0' from stemcell 'ami-ce319ece light'... Finished (00:00:30)
  Waiting for the agent on VM 'i-574cf3c8' to be ready... Finished (00:01:44)
  Creating disk... Finished (00:00:12)
  Attaching disk 'vol-0e478ef0' to VM 'i-574cf3c8'... Finished (00:00:17)
  Rendering job templates... Finished (00:00:05)
  Compiling package 'redis/37eae530889cb9ef4e84f9c3d0827bab5ae5cb66'... Finished (00:00:27)
  Compiling package 'nginx/1d356bbd17ed8c349fd1053093222d78559687ec'... Finished (00:01:00)
  Compiling package 'mysql/b7e73acc0bfe05f1c6cbfd97bf92d39b0d3155d5'... Finished (00:00:55)
  Compiling package 'libpq/09c8f60b87c9bd41b37b0f62159c9d77163f52b8'... Finished (00:02:00)
  Compiling package 'genisoimage/008d332ba1471bccf9d9aeb64c258fdd4bf76201'... Finished (00:00:25)
  Compiling package 'ruby_aws_cpi/c14af73d0f99b7571c4208b146f098a7af6ae7ab'... Finished (00:03:43)
  Compiling package 'postgres/55dbf1828bbb8e5fcd7dc7550cfb73de89312458'... Finished (00:04:33)
  Compiling package 'ruby/030e3d4eafd00b10bbfa879bcf44fba62139205e'... Finished (00:03:05)
  Compiling package 'nats/6a31c7bb0d5ffa2a9f43c7fd7193193438e20e92'... Finished (00:00:16)
  Compiling package 'health_monitor/48ef20eb6fc4ac8f46097644434e311388866ddf'... Finished (00:02:08)
  Compiling package 'bosh_aws_cpi/d30fd4f6cb22a5ad904dfe91d7499e061f1a2f54'... Finished (00:01:45)
  Compiling package 'director/d0b4ad15e5402b36952364956cbd66b42c08c1de'... Finished (00:03:13)
  Compiling package 'registry/293646764411fdd58e14d28b2306c575231c5755'... Finished (00:02:38)
  Updating instance 'bosh/0'... Finished (00:00:10)
  Waiting for instance 'bosh/0' to be running... Finished (00:00:10)
Finished deploying (00:29:23)

Stopping registry... Finished (00:00:00)
Cleaning up rendered CPI jobs... Finished (00:00:00)
```

30分くらいでデプロイが完了します。EC2に`bosh/0`インスタンスが作成されます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/7903b086-6416-0028-2478-38bcf2dee897.png)


BOSH CLIをインストールして、

![bosh-architecture のコピー 4.png](https://qiita-image-store.s3.amazonaws.com/0/1852/1260ae2b-8ce4-d5a1-18fe-8cef6ff7ae74.png)

``` console
$ sudo gem install bosh_cli --no-ri --no-rdoc
```

BOSH Directorの設定を行います。

``` console
$ bosh target 52.196.199.111
Target set to 'my-bosh'
Your username: admin
Enter password: admin
Logged in as 'admin'
```


### AWSの情報をBOSH Directorに設定

**2016-05-01 webインスタンスにEIPを自動で設定するように変更しました**

`cloud.yml`にこれまで準備してきたAWSの情報(availability_zone, subnet id, security group, IP address)を指定します。

``` yaml
azs:
- name: z1
  cloud_properties: {availability_zone: ap-northeast-1a}
- name: z2 # 使わないけど一応
  cloud_properties: {availability_zone: ap-northeast-1b}

vm_types:
- name: web
  cloud_properties:
    instance_type: t2.micro
    ephemeral_disk: {size: 3000, type: gp2}
    security_groups: [web, bosh]
- name: database
  cloud_properties:
    instance_type: t2.micro
    ephemeral_disk: {size: 3000, type: gp2}
- name: worker
  cloud_properties:
    instance_type: m3.medium
    ephemeral_disk: {size: 30000, type: gp2}
- name: compilation
  cloud_properties:
    instance_type: m3.medium
    ephemeral_disk: {size: 30000, type: gp2}

disk_types:
- name: database
  disk_size: 50_000
  cloud_properties: {type: gp2}

networks:
- name: web
  type: vip
- name: public
  type: manual
  subnets:
  - range: 10.0.0.0/16
    gateway: 10.0.0.1
    az: z1
    reserved: [10.0.0.2-10.0.0.10,10.0.0.55] # 55はNAT
    cloud_properties: {subnet: subnet-69292d1e} # public
- name: private
  type: manual
  subnets:
  - range: 10.0.1.0/24
    gateway: 10.0.1.1
    az: z1
    reserved: [10.0.1.2-10.0.1.10]
    cloud_properties: {subnet: subnet-6a292d1d} # private

compilation:
  workers: 8
  reuse_compilation_vms: true
  az: z1
  vm_type: compilation
  network: public
```

`bosh update cloud-config`でこのIaaS情報を適用します。

``` console
$ bosh update cloud-config cloud.yml
Acting as user 'admin' on 'my-bosh'
Successfully updated cloud config
```

### Concourse CIのマニフェストファイル作成

次に、Webインスタンスに設定するElastic IPを割り当てます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/e48c99f0-bcd7-536e-603c-baed1dbab811.png)

`concourse.yml`にConcourse CIをデプロイするための設定を記述します。

`web`は`public`サブネット、`db`と`worker`は`private`サブネットに置く。

``` yaml
---
name: concourse

director_uuid: <%= `bosh status --uuid` %>

releases:
- name: concourse
  version: latest
- name: garden-linux
  version: latest

stemcells:
- alias: trusty
  os: ubuntu-trusty
  version: latest

instance_groups:
- name: web
  instances: 1
  vm_type: web
  stemcell: trusty
  azs: [z1]
  networks:
  - name: public
    default: [dns, gateway]
  - name: web
    static_ips: [52.193.12.79] # Should be changed!!
  jobs:
  - name: atc
    release: concourse
    properties:
      # replace with your CI's externally reachable URL, e.g. https://ci.foo.com
      external_url: http://52.193.12.79:8080

      # replace with username/password, or configure GitHub auth
      basic_auth_username: concourse
      basic_auth_password: password

      postgresql_database: &atc_db atc

      # Allow viewing of pipelines as an anonymous user if the job is configured with `public: true`
      publicly_viewable: true
  - name: tsa
    release: concourse
    properties: {}

- name: db
  instances: 1
  vm_type: database
  stemcell: trusty
  persistent_disk_type: database
  azs: [z1]
  networks: [{name: private}]
  jobs:
  - name: postgresql
    release: concourse
    properties:
      databases:
      - name: *atc_db
        # make up a role and password
        role: REPLACE_ME
        password: REPLACE_ME

- name: worker
  instances: 1
  vm_type: worker
  stemcell: trusty
  azs: [z1]
  networks: [{name: private}]
  jobs:
  - name: groundcrew
    release: concourse
    properties: {}
  - name: baggageclaim
    release: concourse
    properties: {}
  - name: garden
    release: garden-linux
    properties:
      garden:
        listen_network: tcp
        listen_address: 0.0.0.0:7777

update:
  canaries: 1
  max_in_flight: 1
  serial: false
  canary_watch_time: 1000-60000
  update_watch_time: 1000-60000

```


### Concourse CIをデプロイ

![bosh-architecture のコピー 3.png](https://qiita-image-store.s3.amazonaws.com/0/1852/e82b0ea9-320b-f5b6-419c-887bedc4d378.png)


まずはベースVMイメージであるStemcellとConcourse CIで必要となるリリースをBOSHにアップロードします。
リリースは[http://bosh.io](http://bosh.io)から確認できます。

``` console
$ bosh upload stemcell https://bosh.io/d/stemcells/bosh-aws-xen-hvm-ubuntu-trusty-go_agent?v=3215.4
$ bosh upload release https://bosh.io/d/github.com/concourse/concourse?v=1.1.0
$ bosh upload release https://bosh.io/d/github.com/cloudfoundry-incubator/garden-linux-release?v=0.337.0
```

``` console
$ bosh deployment concourse.yml 
Deployment set to '/Users/makit/bosh/concourse.yml'
$ bosh deploy
```

マニフェストファイルの内容を確認して`yes`を入力するとパッケージのコンパイルとVMの作成が始まります。

``` console
Acting as user 'admin' on deployment 'concourse' on 'my-bosh'
Getting deployment properties from director...
Unable to get properties list from director, trying without it...

Detecting deployment changes
----------------------------
...
Please review all changes carefully

Deploying
---------
Are you sure you want to deploy? (type 'yes' to continue): yes

Director task 4
  Started preparing deployment > Preparing deployment. Done (00:00:00)

  Started preparing package compilation > Finding packages to compile. Done (00:00:00)

  Started compiling packages
  Started compiling packages > tar/cfd0d2ff9e0773446e403cef583e0f01cd61f592
  ...
     Done compiling packages (00:10:00)

  Started creating missing vms
  Started creating missing vms > web/0 (4f054380-9d66-4941-b10d-e8f2bb85012b)
  Started creating missing vms > db/0 (088b24f6-7c39-4d8b-a39a-9f16eee1a16f)
  Started creating missing vms > worker/0 (4cc9b8f1-ddf7-49e2-aff1-54bb228739ba)
     Done creating missing vms > db/0 (088b24f6-7c39-4d8b-a39a-9f16eee1a16f) (00:01:39)
     Done creating missing vms > worker/0 (4cc9b8f1-ddf7-49e2-aff1-54bb228739ba) (00:01:42)
     Done creating missing vms > web/0 (4f054380-9d66-4941-b10d-e8f2bb85012b) (00:01:45)
     Done creating missing vms (00:01:45)

  Started updating job db > db/0 (088b24f6-7c39-4d8b-a39a-9f16eee1a16f) (canary)
  Started updating job web > web/0 (4f054380-9d66-4941-b10d-e8f2bb85012b) (canary)
  Started updating job worker > worker/0 (4cc9b8f1-ddf7-49e2-aff1-54bb228739ba) (canary)
     Done updating job web > web/0 (4f054380-9d66-4941-b10d-e8f2bb85012b) (canary) (00:00:16)
     Done updating job db > db/0 (088b24f6-7c39-4d8b-a39a-9f16eee1a16f) (canary) (00:00:51)
     Done updating job worker > worker/0 (4cc9b8f1-ddf7-49e2-aff1-54bb228739ba) (canary) (00:01:30)

Task 4 done

Started		2016-04-24 12:18:46 UTC
Finished	2016-04-24 12:33:23 UTC
Duration	00:14:37

Deployed 'concourse' to 'my-bosh'
```

15分くらいで完了します。デプロイが完了すると`web/0`、`db/0`、`worker0`というインスタンスができます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/c3d931d6-92fd-23ed-a46a-3e4505e9c8e9.png)

Web UIにアクセスできます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/6b46fe83-72ca-b15e-30d3-022211897348.png)

これでConcourse CIのデプロイが完了です！

なお、本記事にELBを追加したVPCを作成するCloud FormationのjsonはConcourse CIのGitHubレポジトリにあります。こちらを使えば本記事の「BOSH Directorのインストール」から始められます。またWebインスタンスのElastic IPを払い出す代わりにELBからWebインスタンスにマッピングすれば良いです。
https://github.com/concourse/concourse/blob/master/manifests/cloudformation.json
こちらの場合はNATゲートウェイではなくNATインスタンスが作成されます。

### パイプラインのデプロイ

次の簡単なパイプライン(`hello.yml`)を実行してみましょう

```
---
jobs:
- name: hello
  plan:
  - task: say-hello
    config:
      platform: linux
      image_resource:
        type: docker-image
        source:
          repository: getourneau/alpine-bash-git
      run:
        path: sh
        args:
        - -c
        - |
          echo "Hello World"
```

パイプラインを`fly`でデプロイします。（`fly`コマンドを最新にしてください。Web UIからダウンロードできます）

まずはログイン。

``` console
$ fly -t aws login -c http://52.193.12.79:8080
username: concourse
password: password
target saved
```

そしてパイプラインをデプロイ。

``` console
$ fly -t aws sp -p hello -c hello.yml
$ fly -t aws up -p hello
```

再度UIにアクセスするとパイプラインが表示されます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/a61e92a9-cdb7-e6c7-5a01-af0190aac0fa.png)

`hello`ジョブをクリック

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/4c3d4678-ff78-426d-46d5-88eb86751865.png)

(+)ボタンをクリックすると、認証情報の入力が求められます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/ef279a2b-2693-c62a-61a6-8d22371587ca.png)

ログイン後、再度(+)ボタンをクリック

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/4c3d4678-ff78-426d-46d5-88eb86751865.png)

ジョブが実行され、無事成功します。NAT経由でprivateネットワークのWorker VMからDocker Hubへアクセスできていることがわかります。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/c2d82a22-a6e2-50fd-3ff8-9a7e376b6ac0.png)

### Workerをスケールアウト

パイプラインをたくさん作って、ジョブをたくさん実行すると1 Workerでは負荷が高いです。Concourse CIではWorkerを増やすことでスケールアウト可能です。

BOSHを使うとインスタンス(VM)の管理が簡単です。Worker数を3に変えたい場合は、
`concourse.yml`の`worker`の`instances`を3に変えれば良いです。

``` yaml
- name: worker
  instances: 3
  vm_type: worker
```

再度、`bosh deploy`するとマニフェストファイルの変更点が表示されるので、確認してyes

``` console
$ bosh deploy
Acting as user 'admin' on deployment 'concourse' on 'my-bosh'
Getting deployment properties from director...

Detecting deployment changes
----------------------------
instance_groups:
- name: worker
  instances: 1
  instances: 3
Please review all changes carefully

Deploying
---------
Are you sure you want to deploy? (type 'yes' to continue): yes

Director task 15
  Started preparing deployment > Preparing deployment. Done (00:00:01)

  Started preparing package compilation > Finding packages to compile. Done (00:00:00)

  Started creating missing vms
  Started creating missing vms > worker/2 (0ef55559-db1d-4dbb-b074-1560fef1f13a)
  Started creating missing vms > worker/1 (68155c10-f34c-4fe2-bace-64b8be2dd1c0)
     Done creating missing vms > worker/2 (0ef55559-db1d-4dbb-b074-1560fef1f13a) (00:01:53)
     Done creating missing vms > worker/1 (68155c10-f34c-4fe2-bace-64b8be2dd1c0) (00:02:05)
     Done creating missing vms (00:02:05)

  Started updating job web > web/0 (4f054380-9d66-4941-b10d-e8f2bb85012b) (canary)
  Started updating job db > db/0 (088b24f6-7c39-4d8b-a39a-9f16eee1a16f) (canary)
  Started updating job worker
  Started updating job worker > worker/0 (4cc9b8f1-ddf7-49e2-aff1-54bb228739ba) (canary)
     Done updating job web > web/0 (4f054380-9d66-4941-b10d-e8f2bb85012b) (canary) (00:00:15)
     Done updating job db > db/0 (088b24f6-7c39-4d8b-a39a-9f16eee1a16f) (canary) (00:03:29)
     Done updating job worker > worker/0 (4cc9b8f1-ddf7-49e2-aff1-54bb228739ba) (canary) (00:04:26)
  Started updating job worker > worker/2 (0ef55559-db1d-4dbb-b074-1560fef1f13a). Done (00:01:23)
  Started updating job worker > worker/1 (68155c10-f34c-4fe2-bace-64b8be2dd1c0). Done (00:01:27)
     Done updating job worker (00:07:16)

Task 15 done

Started		2016-04-24 12:49:36 UTC
Finished	2016-04-24 12:58:58 UTC
Duration	00:09:22

Deployed 'concourse' to 'my-bosh'
```

デプロイが完了したら、EC2に`worker/1`と`worker/2`ができます。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/6d82fc64-724a-ea97-689b-bf8a513172da.png)

workerが3インスタンスになったので、ジョブを実行した時にDockerイメージが再ダウンロードされることがあるでしょう。Worker毎にキャッシュを持っているため、キャッシュの無いインスタンスに振られたらDockerイメージのダウンロードが改めて行われます。

----

BOSHによるConcourse CIのインストールはこの記事を見ながら行えばそんなに難しく無いはずです。
BOSH環境ができれば、例えばConcourseのバージョンアップも

``` console
$ bosh upload release https://bosh.io/d/github.com/concourse/concourse?v=1.2.0
$ bosh deploy
```

でOKです。
インスタンスの死活管理＆自動復旧も行われます。

BOSH怖くない。


----

2016-05-01 追記

Concourse CI 1.2.0がリリースされたのでアップデートしてみました。

``` console
$ bosh upload release https://bosh.io/d/github.com/concourse/concourse?v=1.2.0
Acting as user 'director' on 'my-bosh'
Using remote release `https://bosh.io/d/github.com/concourse/concourse?v=1.2.0'
RSA 1024 bit CA certificates are loaded due to old openssl compatibility

Director task 52
  Started downloading remote release > Downloading remote release. Done (00:00:26)

  Started extracting release > Extracting release. Done (00:00:02)

  Started verifying manifest > Verifying manifest. Done (00:00:00)

  Started resolving package dependencies > Resolving package dependencies. Done (00:00:00)

  Started creating new packages
  Started creating new packages > archive_resource/f69174a0e5b48ed4585baf131ace4666d9754d45. Done (00:00:01)
  Started creating new packages > atc/f4614e036088679e50af54706524e6730a203e60. Done (00:00:00)
  Started creating new packages > blackbox/4dfbdb25e294a132c489bfbcc2b4806f7c279bbb. Done (00:00:00)
  Started creating new packages > bosh_deployment_resource/817d7bc99d0251184c12348ce4e4165642c17bd2. Done (00:00:00)
  Started creating new packages > bosh_io_release_resource/29ed95f9047058deff77778aeb2c2fce25373a15. Done (00:00:00)
  Started creating new packages > bosh_io_stemcell_resource/31ebe1032b96e995b01a150a89a6dd13ac1ea9e1. Done (00:00:00)
  Started creating new packages > cf_resource/8046944214f7227eb1108061e5b420087b91515e. Done (00:00:01)
  Started creating new packages > concourse_version/8d4c7ded505c1d83ac2847e9657411ad0fda4ca3. Done (00:00:00)
  Started creating new packages > docker_image_resource/74e825a9d7f16f662f66abb4a9ecb7d5893c3259. Done (00:00:00)
  Started creating new packages > fly/c9d1724778cb02f815be8a7331059ae667ecb377. Done (00:00:00)
  Started creating new packages > git_resource/143a9afbd89586cff1e18714a6fd4214c06dea9e. Done (00:00:00)
  Started creating new packages > github_release_resource/e873826e19b20efe11ab531c009dec6f6df12a6b. Done (00:00:00)
  Started creating new packages > golang/69f4e820bb43cb872465d0829e4dbadf45bce46d. Done (00:00:01)
  Started creating new packages > pool_resource/6a9a33acf0287f00fbcc55273dd07ec58ca02116. Done (00:00:00)
  Started creating new packages > resource_discovery/4466391828fde6d7eb61a7afdcb76ee77996e77c. Done (00:00:00)
  Started creating new packages > s3_resource/9aa8a26e9e607cc067e814f6b49b4b8836c714e4. Done (00:00:01)
  Started creating new packages > semver_resource/dddb61a5f61e4e90fa83b99e1c4558516c14e235. Done (00:00:00)
  Started creating new packages > time_resource/6448d9d249dbb964432258d9048fa867c62ed416. Done (00:00:00)
  Started creating new packages > tracker_resource/b8268b94fd19eec5a1cc5b6c225371c37e5ff144. Done (00:00:00)
  Started creating new packages > tsa/f6f6a1ec63ac58ca0de8141adf7e09b741255af7. Done (00:00:00)
  Started creating new packages > vagrant_cloud_resource/7e13f8d239c490a0d3035bf86d2f9404cdff0bb4. Done (00:00:00)
     Done creating new packages (00:00:04)

  Started processing 8 existing packages > Processing 8 existing packages. Done (00:00:00)

  Started creating new jobs
  Started creating new jobs > atc/cfd24c3b60fdccaf1d6808dedae989fa65b1db4d. Done (00:00:00)
  Started creating new jobs > groundcrew/ae0bc338bacaae63e016de4e4569bdedb156e1f1. Done (00:00:01)
     Done creating new jobs (00:00:01)

  Started processing 4 existing jobs > Processing 4 existing jobs. Done (00:00:00)

  Started release has been created > concourse/1.2.0. Done (00:00:00)

Task 52 done

Started		2016-04-30 16:43:17 UTC
Finished	2016-04-30 16:43:50 UTC
Duration	00:00:33

Release uploaded


$ bosh deploy
Acting as user 'director' on deployment 'concourse' on 'my-bosh'
Getting deployment properties from director...
RSA 1024 bit CA certificates are loaded due to old openssl compatibility

Detecting deployment changes
----------------------------
releases:
- name: concourse
  version: 1.1.0
  version: 1.2.0
Please review all changes carefully

Deploying
---------
Are you sure you want to deploy? (type 'yes' to continue): yes
```

簡単ですね。

![image](https://qiita-image-store.s3.amazonaws.com/0/1852/ceb45294-3bba-ea83-4277-14c190f834a0.png)