状態
すでに k8s に導入済みの状態から、動作するアプリケーションを作っていく
k get pods
NAME READY STATUS RESTARTS AGE
agones-allocator-84f47bf95d-648sz 1/1 Running 0 47h
1.Quickstart: Create a Game Server | Agones https://agones.dev/site/docs/getting-started/create-gameserver/
- UDP PortRange 7000~8000の開放が必要
- Agones Controller がインストール済み : OK
- kubectl 使える : OK
- Netcat が使える(?) → TCP レベルの診断ツール的なやつなのでなんでもOK
サンプルサーバーの作成?
wget https://raw.githubusercontent.com/googleforgames/agones/release-1.37.0/examples/simple-game-server/gameserver.yaml
kubectl create -f ./gameserver.yml
中身はホストされたイメージを 7654 のコンテナポート、動的ノードポートで受け付ける仕組み
apiVersion: agones.dev/v1
kind: GameServer
metadata:
generateName: simple-game-server-
spec:
ports:
- name: default
portPolicy: Dynamic
containerPort: 7654
template:
spec:
containers:
- name: simple-game-server
image: us-docker.pkg.dev/agones-images/examples/simple-game-server:0.23
resources:
requests:
memory: 64Mi
cpu: 20m
limits:
memory: 64Mi
cpu: 20m
コンテナイメージ
finch pull us-docker.pkg.dev/agones-images/examples/simple-game-server:0.23
finch images
finch history us-docker.pkg.dev/agones-images/examples/simple-game-server:0.23
<missing> 2 weeks ago ENTRYPOINT ["/server"] 0.0 B buildkit.dockerfile.v0
<missing> 2 weeks ago USER nonroot:nonroot 0.0 B buildkit.dockerfile.v0
sha256:ddcf5a224e04e05015e1e9e045b3eca3550ed0c530bce422592624e63691ce3b 2 weeks ago COPY /go/src/agones.dev/agones/examples/simp… 13.2 MiB buildkit.dockerfile.v0
<missing> 2 weeks ago WORKDIR /
finch save -o simple-game-server us-docker.pkg.dev/agones-images/examples/simple-game-server:0.23
動作中のアプリを確認する方向に切り替え
kubectl create -f https://raw.githubusercontent.com/googleforgames/agones/release-1.37.0/examples/simple-game-server/gameserver.yaml
k get gameserver
simple-game-server-8nnx8 Error 2m20s
k describe gameserver
Warning Error 2m44s gameserver-controller pods "simple-game-server-8nnx8" is forbidden: error looking up service account agones-system/agones-sdk: serviceaccount "agones-sdk" not found
これがうまくいってないように見える
kubectl apply --server-side -f https://raw.githubusercontent.com/googleforgames/agones/release-1.37.0/install/yaml/install.yaml
kubectl create namespace agones-system
kubectl apply --server-side -f https://raw.githubusercontent.com/googleforgames/agones/release-1.37.0/install/yaml/install.yaml -n agones-system
the namespace from the provided object "default" does not match the namespace "agones-system". You must pass '--namespace=default' to perform this operation.
the namespace from the provided object "default" does not match the namespace "agones-system". You must pass '--namespace=default' to perform this operation.
the namespace from the provided object "kube-system" does not match the namespace "agones-system". You must pass '--namespace=kube-system' to perform this operation.
the namespace from the provided object "default" does not match the namespace "agones-system". You must pass '--namespace=default' to perform this operation.
k get serviceaccounts -A
あーもしかしてゲームサーバーはdefault namespace でしか作成できない感じ?
kubectl create -f https://raw.githubusercontent.com/googleforgames/agones/release-1.37.0/examples/simple-game-server/gameserver.yaml -n default
k get gameservers -n default
NAME STATE ADDRESS PORT NODE AGE
simple-game-server-xrgxm Scheduled ec2-43-207-224-246.ap-northeast-1.compute.amazonaws.com 7550 ip-192-168-38-224.ap-northeast-1.compute.internal 13s
k describe gameserver -n default
Type Reason Age From Message
---- ------ ---- ---- -------
Normal PortAllocation 27s gameserver-controller Port allocated
Normal Creating 27s gameserver-controller Pod simple-game-server-xrgxm created
Normal Scheduled 27s gameserver-controller Address and port populated
Normal RequestReady 11s gameserver-sidecar SDK state change
Normal Ready 11s gameserver-controller SDK.Ready() complete
ぽい
k exec -it simple-game-server-xrgxm /bin/bash -n default
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
Defaulted container "agones-gameserver-sidecar" out of: agones-gameserver-sidecar, simple-game-server
error: Internal error occurred: error executing command in container: failed to exec in container: failed to start exec "3d4b546078f1e35f0011f3ebe8c7e017fd5dfd0b9e2af521a52fe25a3e400f31": OCI runtime exec failed: exec failed: unable to start container process: exec: "/bin/bash": stat /bin/bash: no such file or directory: unknown
うーん。マジで中身確認する方法何もないな
ps で IP 確認できるらしいが?みえんなあ
kubectl get gs
nc -u {IP} {PORT}
自前 Agones Container 作成
Agones SDK が必要とのこと https://github.com/googleforgames/agones/blob/main/examples/rust-simple/src/main.rs
run が終了するまで待ち。 run では以下で初期化処理
let mut sdk = agones::Sdk::new(None /* default port */, None /* keep_alive */)
.await
.map_err(|e| format!("unable to create sdk client: {}", e))?;
2秒ごとにヘルスチェック実行
let health_tx = sdk.health_check();
if health_tx
.send(())
.await.is_err() {
eprintln!("Health check receiver was dropped");
break;
}
多分、次はgameserver の監視
let mut watch_client = sdk.clone();
let mut watch_client = sdk.clone();
let (tx, mut rx) = tokio::sync::oneshot::channel::<()>();
tokio::task::spawn(async move {
println!("Starting to watch GameServer updates...");
match watch_client.watch_gameserver().await {
Err(e) => println!("Failed to watch for GameServer updates: {}", e),
Ok(mut stream) => loop {
tokio::select! {
gs = stream.message() => {
match gs {
ルームの作成
https://agones.dev/site/docs/advanced/allocator-service/#send-allocation-request Allocate する方法を確認する。 これがわかれば、何らかのマッチングによって作成した部屋にユーザーを誘導することが可能になる
REST だとこの API で POST すればいけるっぽいけど、mTLS 必要っぽい。
#!/bin/bash
curl --key ${KEY_FILE} \
--cert ${CERT_FILE} \
--cacert ${TLS_CA_FILE} \
-H "Content-Type: application/json" \
--data '{"namespace":"'${NAMESPACE}'"}' \
https://${EXTERNAL_IP}/gameserverallocation \
-X POST
宛先は?
kubectl get service agones-allocator -n agones-system
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
agones-allocator LoadBalancer 10.100.172.128 hogehoge 443:30992/TCP 4d
あ〜 自動作成された NLB が受け口となっている。 ただしPrivate Subnet にあるので、ローカルアクセスしか無理っぽい雰囲気 Internal NLB ですね
あ〜やっぱり mTLS デフォルト有効なのでここ設定しないとダメぽ 結構しんどいね。mTLS だと VPC Lambda とかも使いにくいので、、
curl https://k8s-agonessy-agonesal-9a29dcd228-70dfe3a4d601a5bb.elb.ap-northeast-1.amazonaws.com/gameserverallocation
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Pyroscope install
Client / Server タイプっぽい。しかも Grafana と連携するぽい 以下はサーバーをローカルで起動したり、サーバーをk8s 上に置くタイプの場合 https://github.com/grafana/pyroscope
docker run -it -p 4040:4040 grafana/pyroscope
http://localhost:4040/?query=process_cpu%3Acpu%3Ananoseconds%3Acpu%3Ananoseconds%7Bservice_name%3D%22pyroscope%22%7D
https://grafana.com/docs/pyroscope/latest/deploy-kubernetes/helm/
https://zenn.dev/k6s4i53rx/articles/021a1d65af9e95
Grafana Agent を用いた Continuous Profiling (eBPF編) #grafana - Qiita https://qiita.com/yosshi_/items/ab8252c1b44533c5e1b6
この資料めっちゃいいかも