search

googleforgames / agones

Dedicated Game Server Hosting and Scaling for Multiplayer Games on Kubernetes
https://agones.dev
Apache License 2.0
6.1k stars 812 forks source link

Add Integration Pattern: Websockets #2001

Closed LukeWood closed 12 months ago

LukeWood commented 3 years ago

I’m really enjoying agones so far but have a problem that I’m struggling to figure out on my own. I figured others could use some documentation on how to solve this

Is your feature request related to a problem? Please describe. I’m currently trying to use agones to allocate servers for a game that uses websockets. Unfortunately - as has been reported in a few issues (https://github.com/googleforgames/agones/issues/1246) - we can’t use unsecured websockets from secured hosts. I’m trying to decide on the optimal approach between proxying all traffic, dynamically configuring an nginx proxy with entries like game-server1.domain.com , and using dynamic DNS

I’m not sure exactly what the dynamic dns solution looks like so it’s hard to compare the two. does anyone have either recommendations or a sample of these setups.

I think a section in the docs discussing this issue would be super helpful!

Describe the solution you'd like some documentation on either approach would be fantastic!

Describe alternatives you've considered The proxying solution seems somewhat simple - but it seems a bit weird to pipe all traffic through a proxy when we are already exposing public IP addresses.

LukeWood commented 3 years ago

thanks an advance for any tips or guidance!

NullSoldier commented 3 years ago

I think this is really valuable, and also talked about here. https://github.com/googleforgames/agones/issues/1246

I think the right way to do it using dynamic DNS + pass certs to game servers when it starts up. It leads to the least amount of latency added?

markmandel commented 3 years ago

Writing this down so I can find it again.

https://sslip.io/ (or related, linked on page) would work very well for this. Either self hosted, or with a custom domain name in front, or with redundancy across several of the similar services.

markmandel commented 2 years ago

Renaming the ticket, as a reference to write up a document on integration with websockets in https://agones.dev/site/docs/integration-patterns/

Arik13 commented 2 years ago

I haven't configured SSL for this solution yet, but I was able to assign dynamic domain names to my AWS EKS nodes using ExternalDNS and Route53. The records created have domains of the form "ec2-255-255-255-255.us-west-2.compute.amazonaws.com.your.domain". Not very pretty I'll admit but it works.

Allocations return a port and a domain without the root of ".your.domain". From there your API or web client can easily append ".your.domain" to the domain returned by an Allocation.

external-dns-manifest.yaml

Note: If you look at the fqdn-template arg, that was a bit of a hack that I used to get the external dns name. I'm not very familiar with go templates yet (which I assume is what external DNS is using), so if someone has a better template for getting the external dns address, please post it.

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: external-dns
  labels:
    app.kubernetes.io/name: external-dns
rules:
- apiGroups: ["route.openshift.io"]
  resources: ["routes"]
  verbs: ["get", "watch", "list"]
- apiGroups: [""]
  resources: ["services","endpoints","pods", "nodes"]
  verbs: ["get","watch","list"]
- apiGroups: ["extensions","networking.k8s.io"]
  resources: ["ingresses"]
  verbs: ["get","watch","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: external-dns-viewer
  labels:
    app.kubernetes.io/name: external-dns
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: external-dns
subjects:
  - kind: ServiceAccount
    name: external-dns
    namespace: default
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: external-dns
  labels:
    app.kubernetes.io/name: external-dns
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app.kubernetes.io/name: external-dns
  template:
    metadata:
      labels:
        app.kubernetes.io/name: external-dns
    spec:
      serviceAccountName: external-dns
      containers:
        - name: external-dns
          image: k8s.gcr.io/external-dns/external-dns:v0.11.0
          env:
            - name: AWS_DEFAULT_REGION
              value: us-west-2
          args:
          - --source=ingress
          - --source=node
          - --zone-name-filter=your.domain
          - --provider=aws
          - --log-level=debug
          - --aws-zone-type=public
          - --fqdn-template={{ (index .Status.Addresses 4).Address }}.your.domain
          - --registry=txt
          - --txt-owner-id=your-domain-dev
          - --policy=sync

external-dns-policy.json

{
    "Version": "2012-10-17",
    "Statement": [
      {
        "Effect": "Allow",
        "Action": [
          "route53:ChangeResourceRecordSets"
        ],
        "Resource": [
          "arn:aws:route53:::hostedzone/*"
        ]
      },
      {
        "Effect": "Allow",
        "Action": [
          "route53:ListHostedZones",
          "route53:ListResourceRecordSets"
        ],
        "Resource": [
          "*"
        ]
      }
    ]
  }

install-external-dns.ps1

Powershell... I know and I'm sorry

$cluster="your-cluster"
$region="us-west-2"
$namespace="default"
$serviceName="external-dns"
$policyName="AllowExternalDNSUpdates"
$policyPath="external-dns-policy.json"
$manifestPath="external-dns-manifest.yaml"

echo "Creating External DNS policy..."
$dnsPolicyARN = aws iam create-policy `
    --policy-name $policyName `
    --policy-document file://$policyPath |
    jq ".Policy.Arn" -r

echo "Creating External DNS service account..."
eksctl create iamserviceaccount `
  --cluster $cluster `
  --region $region `
  --namespace $namespace `
  --name $serviceName `
  --attach-policy-arn $dnsPolicyARN `
  --override-existing-serviceaccounts `
  --approve

echo "Installing External DNS Service..."
kubectl apply -f $manifestPath
Prakharkarsh1 commented 2 years ago

Hii @LukeWood I want to contribute to fix this issue

github-actions[bot] commented 1 year ago

'This issue is marked as Stale due to inactivity for more than 30 days. To avoid being marked as 'stale' please add 'awaiting-maintainer' label or add a comment. Thank you for your contributions '

github-actions[bot] commented 1 year ago

'This issue is marked as Stale due to inactivity for more than 30 days. To avoid being marked as 'stale' please add 'awaiting-maintainer' label or add a comment. Thank you for your contributions '

github-actions[bot] commented 1 year ago

This issue is marked as obsolete due to inactivity for last 60 days. To avoid issue getting closed in next 30 days, please add a comment or add 'awaiting-maintainer' label. Thank you for your contributions