Concourse Architecture
Concourse Architecture
Learn & practice AWS Hacking:
HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: 
HackTricks Training GCP Red Team Expert (GRTE)
Relevant data from Concourse documentation:
Architecture
ATC: web UI & build scheduler
The ATC is the heart of Concourse. It runs the web UI and API and is responsible for all pipeline scheduling. It connects to PostgreSQL, which it uses to store pipeline data (including build logs).
The checker's responsibility is to continuously checks for new versions of resources. The scheduler is responsible for scheduling builds for a job and the build tracker is responsible for running any scheduled builds. The garbage collector is the cleanup mechanism for removing any unused or outdated objects, such as containers and volumes.
TSA: worker registration & forwarding
The TSA is a custom-built SSH server that is used solely for securely registering workers with the ATC.
The TSA by default listens on port 2222, and is usually colocated with the ATC and sitting behind a load balancer.
The TSA implements CLI over the SSH connection, supporting these commands.
Workers
In order to execute tasks concourse must have some workers. These workers register themselves via the TSA and run the services Garden and Baggageclaim.
Garden: This is the Container Manage API, usually run in port 7777 via HTTP.
Baggageclaim: This is the Volume Management API, usually run in port 7788 via HTTP.
References
Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)
Last updated