Skip to content

Allowing Host Access

Enable Host Access

As of v6.7.2, tasks cannot access the worker's network by default. If you require this behavior, you must now explicitly opt-in to it.

Using BOSH

  1. Create an operations file named allow-host-access.yml containing the following contents:

    1
    2
    3
    - type: replace
      path: /instance_groups/name=worker/jobs/name=worker/properties/garden?/allow_host_access?
      value: true
    
  2. Run bosh deploy with the newly created ops-file specified:

     1
     2
     3
     4
     5
     6
     7
     8
     9
    10
    11
    12
    13
    14
    15
    bosh deploy \
    -e BOSH-ENVIRONMENT-ALIAS \
    -d CONCOURSE-DEPLOYMENT-NAME \
    ./cluster/concourse.yml \
    -l versions.yml \
    -l variables.yml \
    -o ./cluster/operations/backup-atc.yml \
    -o ./cluster/operations/basic-auth.yml \
    -o ./cluster/operations/static-web.yml \
    -o ./cluster/operations/priviledged_https.yml \
    -o ./cluster/operations/tls-vars.yml \
    -o ./cluster/operations/tls.yml \
    -o ./cluster/operations/encryption.yml \
    -o allow-host-access.yml \
    --vars-store cluster-creds.yml
    

Using Helm

  1. Modify your deployment-values.yml file to include the following snippet:

    1
    2
    3
    4
    5
    6
    ...
    worker:
      env:
      - name: CONCOURSE_GARDEN_ALLOW_HOST_ACCESS
        value: "true"
    ...
    
  2. Run helm install (if creating a new deployment) or helm upgrade (if updating an existing deployment):

    1
    2
    3
    4
    5
    helm install \
        DEPLOYMENT-NAME \
        --create-namespace \
        --values ./deployment-values.yml \
        ./charts