agones
agones copied to clipboard
googleforgames
Add Integration Pattern: Websockets
I’m really enjoying agones so far but have a problem that I’m struggling to figure out on my own. I figured others could use some documentation on how to solve this
Is your feature request related to a problem? Please describe. I’m currently trying to use agones to allocate servers for a game that uses websockets. Unfortunately - as has been reported in a few issues (https://github.com/googleforgames/agones/issues/1246) - we can’t use unsecured websockets from secured hosts. I’m trying to decide on the optimal approach between proxying all traffic, dynamically configuring an nginx proxy with entries like game-server1.domain.com , and using dynamic DNS
I’m not sure exactly what the dynamic dns solution looks like so it’s hard to compare the two. does anyone have either recommendations or a sample of these setups.
I think a section in the docs discussing this issue would be super helpful!
Describe the solution you'd like some documentation on either approach would be fantastic!
Describe alternatives you've considered The proxying solution seems somewhat simple - but it seems a bit weird to pipe all traffic through a proxy when we are already exposing public IP addresses.
I think this is really valuable, and also talked about here. https://github.com/googleforgames/agones/issues/1246
I think the right way to do it using dynamic DNS + pass certs to game servers when it starts up. It leads to the least amount of latency added?
Writing this down so I can find it again.
https://sslip.io/ (or related, linked on page) would work very well for this. Either self hosted, or with a custom domain name in front, or with redundancy across several of the similar services.
Renaming the ticket, as a reference to write up a document on integration with websockets in https://agones.dev/site/docs/integration-patterns/
I haven't configured SSL for this solution yet, but I was able to assign dynamic domain names to my AWS EKS nodes using ExternalDNS and Route53. The records created have domains of the form "ec2-255-255-255-255.us-west-2.compute.amazonaws.com.your.domain". Not very pretty I'll admit but it works.
Allocations return a port and a domain without the root of ".your.domain". From there your API or web client can easily append ".your.domain" to the domain returned by an Allocation.
external-dns-manifest.yaml
Note: If you look at the fqdn-template arg, that was a bit of a hack that I used to get the external dns name. I'm not very familiar with go templates yet (which I assume is what external DNS is using), so if someone has a better template for getting the external dns address, please post it.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: external-dns
labels:
app.kubernetes.io/name: external-dns
rules:
- apiGroups: ["route.openshift.io"]
resources: ["routes"]
verbs: ["get", "watch", "list"]
- apiGroups: [""]
resources: ["services","endpoints","pods", "nodes"]
verbs: ["get","watch","list"]
- apiGroups: ["extensions","networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get","watch","list"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: external-dns-viewer
labels:
app.kubernetes.io/name: external-dns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: external-dns
subjects:
- kind: ServiceAccount
name: external-dns
namespace: default
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: external-dns
labels:
app.kubernetes.io/name: external-dns
spec:
strategy:
type: Recreate
selector:
matchLabels:
app.kubernetes.io/name: external-dns
template:
metadata:
labels:
app.kubernetes.io/name: external-dns
spec:
serviceAccountName: external-dns
containers:
- name: external-dns
image: k8s.gcr.io/external-dns/external-dns:v0.11.0
env:
- name: AWS_DEFAULT_REGION
value: us-west-2
args:
- --source=ingress
- --source=node
- --zone-name-filter=your.domain
- --provider=aws
- --log-level=debug
- --aws-zone-type=public
- --fqdn-template={{ (index .Status.Addresses 4).Address }}.your.domain
- --registry=txt
- --txt-owner-id=your-domain-dev
- --policy=sync
external-dns-policy.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"route53:ChangeResourceRecordSets"
],
"Resource": [
"arn:aws:route53:::hostedzone/*"
]
},
{
"Effect": "Allow",
"Action": [
"route53:ListHostedZones",
"route53:ListResourceRecordSets"
],
"Resource": [
"*"
]
}
]
}
install-external-dns.ps1
Powershell... I know and I'm sorry
$cluster="your-cluster"
$region="us-west-2"
$namespace="default"
$serviceName="external-dns"
$policyName="AllowExternalDNSUpdates"
$policyPath="external-dns-policy.json"
$manifestPath="external-dns-manifest.yaml"
echo "Creating External DNS policy..."
$dnsPolicyARN = aws iam create-policy `
--policy-name $policyName `
--policy-document file://$policyPath |
jq ".Policy.Arn" -r
echo "Creating External DNS service account..."
eksctl create iamserviceaccount `
--cluster $cluster `
--region $region `
--namespace $namespace `
--name $serviceName `
--attach-policy-arn $dnsPolicyARN `
--override-existing-serviceaccounts `
--approve
echo "Installing External DNS Service..."
kubectl apply -f $manifestPath
'This issue is marked as Stale due to inactivity for more than 30 days. To avoid being marked as 'stale' please add 'awaiting-maintainer' label or add a comment. Thank you for your contributions '
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
'This issue is marked as Stale due to inactivity for more than 30 days. To avoid being marked as 'stale' please add 'awaiting-maintainer' label or add a comment. Thank you for your contributions '
This issue is marked as obsolete due to inactivity for last 60 days. To avoid issue getting closed in next 30 days, please add a comment or add 'awaiting-maintainer' label. Thank you for your contributions