Concourse and Kubernetes


I’ve been exploring deploying Concourse on Kubernetes and I wanted to make sure I’m correctly understanding how it all works. It looks like the only way to do it is to run a fixed number of workers (give or take Kubernetes’ pod scaling ability) and they have to be started with privileged: true so they can then launch new containers inside the Kubernetes pod/container structure. But Kubernetes won’t know anything about those build containers because they are launch directly by Garden.

Is there any way to set up Garden to launch build pods via Kubernetes itself? It looks like this should be structurally possible within Garden, but I couldn’t find any code to that effect from some skimming. Would be nice to not have to worry about scaling the workers up and down if all the heavy lifting was being done by the Kubernetes scheduler itself.

–Noah Kantrowitz


It’s something that’s being explored, but not available yet. I don’t have links handy but checkout the concourse RFCs on github for example



I would kindly ask if there is any progress on this topic - i.e. is there a way to run Concourse on Kubernetes that makes use of k8s pod orchestration and not require privileged mode? This seems to be a blocking issue for ops teams.

Kind Regards,


Hey friends. The RFC that @edude03 mentioned can be found here:

I’ll also add that we’re keeping an eye on the progress of KNative and the Pipeline CRD (, as we think we may be able to leverage a lot of that work in the future