BahriyaBAHRIYAby Mamluk

Deploy a Worker Container with Terraform

A worker container runs background processes — queue consumers, data pipelines, or anything that does not serve HTTP traffic. Workers have the same compute and scaling features as HTTP containers, but no public hostname, no ingress, and no traffic management.

Updated 23 Jun 20262 min read

A worker container runs background processes — queue consumers, data pipelines, or anything that does not serve HTTP traffic. Workers have the same compute and scaling features as HTTP containers, but no public hostname, no ingress, and no traffic management.

Required fields

FieldTypeExampleDescription
handlestring"queue-worker"Permanent identifier.
namestring"Queue Worker"Display name.
imagestring"myorg/worker:v1"Full image reference including tag.
typestring"worker"Must be set to worker. The type is permanent.
mincpustring"100"Guaranteed CPU in millicores.
minmemorystring"256"Guaranteed memory in megabytes.
autoscalingminreplicasstring"1"Minimum number of running instances.
activeregionslist["falkenstein-1"]One or more regions to deploy to.
projectstringbahriya_project.x.idThe project UUID (not handle).

Workers do not need containerport or healthcheckpath. If your worker exposes a port for internal health checks, you can set both — but they are optional.

Minimal example

resource "bahriya_container" "worker" {
  handle    = "queue-worker"
  name      = "Queue Worker"
  type      = "worker"
  image     = "myorg/worker:v1.0.0"
  mincpu    = "100"
  minmemory = "256"
 
  autoscalingminreplicas = "1"
  activeregions          = ["falkenstein-1"]
  project                = bahriya_project.app.id
}

With environment variables and secrets

resource "bahriya_secret" "queue_url" {
  handle = "queue-url"
  name   = "Queue URL"
  value  = var.queue_url
}
 
resource "bahriya_container" "worker" {
  handle    = "queue-worker"
  name      = "Queue Worker"
  type      = "worker"
  image     = "myorg/worker:v1.0.0"
  mincpu    = "250"
  minmemory = "512"
 
  autoscalingminreplicas = "2"
  autoscalingmaxreplicas = "8"
 
  activeregions = ["falkenstein-1", "helsinki-1"]
  project       = bahriya_project.app.id
 
  newenvvar {
    key   = "CONCURRENCY"
    value = "10"
  }
 
  secretsenvvar {
    secret = bahriya_secret.queue_url.handle
    name   = "QUEUE_URL"
  }
}

With an optional health check

If your worker exposes an HTTP endpoint for health monitoring:

resource "bahriya_container" "worker" {
  handle          = "queue-worker"
  name            = "Queue Worker"
  type            = "worker"
  image           = "myorg/worker:v1.0.0"
  containerport   = "9090"
  healthcheckpath = "/health"
  mincpu          = "250"
  minmemory       = "512"
 
  autoscalingminreplicas = "1"
  activeregions          = ["falkenstein-1"]
  project                = bahriya_project.app.id
}

Notes

  • The type field is set at creation and cannot be changed. You cannot convert a worker to an HTTP container or vice versa.
  • Workers do not get a public hostname or TLS certificate.
  • Autoscaling works the same as HTTP containers — based on CPU or memory utilisation targets.