This repo contains an initial set of cluster components for deploying containerized game-server to be installed and configured by eksctl through GitOps. It was build based on the GitOps tutorial
- game server deployment with its rbac and reginal config map under game-server
- Cluster autoscaler -- to automatically add/remove nodes to/from your cluster based on its usage.
- Prometheus (its Alertmanager, its operator, its
node-exporter
,kube-state-metrics
, andmetrics-server
) -- for powerful metrics & alerts. - Grafana -- for a rich way to visualize metrics via dashboards you can create, explore, and share.
- Kubernetes dashboard -- Kubernetes' standard dashboard.
- Fluentd & Amazon's CloudWatch agent -- for cluster & containers' log collection, aggregation & analytics in CloudWatch.
A running EKS cluster with IAM policies for:
- The game-server deployment assumed an image is deployed to ECR. The game-server pipeline is defined in containerized-game-servers
- The game-server instance uses host-network:true so no ingress controller or LB is needed.
- The game-server pods need permisions to publish its status to an SQS queue
- auto-scaler
- CloudWatch
Here is a sample ClusterConfig
manifest that shows how to enable these policies.
N.B.: policies are configured at node group level. Therefore, depending on your use-case, you may want to:
- add these policies to all node groups,
- add node selectors to the ALB ingress, auto-scaler and CloudWatch pods, so that they are deployed on the nodes configured with these policies.
- Populate the cluster name by replacing
{{.ClusterName}}
- Populate the region name by replacing
{{.Region}}
e.g.us-west-2
- This example does not use Helm, hence
--with-helm=false
- The last argument is the profile/template repo, e.g.,
[email protected]:yahavb/game-server-gitops-profile.git
- the
--git-url
is the destination git repo that the sys/devops will use to manage the cluster i.e. editing, adding, removing files to induce changes in the cluster.
export EKSCTL_EXPERIMENTAL=true
eksctl enable profile -r `{{.Region}}` --with-helm=false \
--git-url [email protected]:yahavb/weave-workshop.git \
--git-email [email protected] --cluster {{.ClusterName}} \
[email protected]:aws-samples/amazon-eks-profile-for-gameserver.git
The game-server pod runs on the ephermal port range over UDP. It is required to configure a security group that allows the access to the game-servers port ranges.