In this quickstart, we will create a Kubernetes cluster, and populate it with the resource types that power Agones.
- Setting up a Google Kubernetes Engine (GKE) cluster
- Setting up a Minikube cluster
- Setting up an Amazon Web Services EKS cluster
- Setting up an Azure Kubernetes Service (AKS) cluster
- Enabling creation of RBAC resources
- Installing Agones
- What's next
Follow these steps to create a cluster and install Agones directly on Google Kubernetes Engine (GKE).
Take the following steps to enable the Kubernetes Engine API:
- Visit the Kubernetes Engine page in the Google Cloud Platform Console.
- Create or select a project.
- Wait for the API and related services to be enabled. This can take several minutes.
- Enable billing for your project.
- If you are not an existing GCP user, you may be able to enroll for a $300 US Free Trial credit.
To complete this quickstart, we can use either Google Cloud Shell or a local shell.
Google Cloud Shell is a shell environment for managing resources hosted on Google Cloud Platform (GCP). Cloud Shell comes preinstalled with the gcloud and kubectl command-line tools. gcloud provides the primary command-line interface for GCP, and kubectl provides the command-line interface for running commands against Kubernetes clusters.
If you prefer using your local shell, you must install the gcloud and kubectl command-line tools in your environment.
To launch Cloud Shell, perform the following steps:
- Go to Google Cloud Platform Console
- From the top-right corner of the console, click the Activate Google Cloud Shell button:
- A Cloud Shell session opens inside a frame at the bottom of the console. Use this shell to run
gcloudandkubectlcommands. - Set a compute zone in your geographical region with the following command. The compute zone will be something like
us-west1-a. A full list can be found here.gcloud config set compute/zone [COMPUTE_ZONE]
To install gcloud and kubectl, perform the following steps:
- Install the Google Cloud SDK, which includes the
gcloudcommand-line tool. - Initialize some default configuration by running the following command.
- When asked
Do you want to configure a default Compute Region and Zone? (Y/n)?, enterYand choose a zone in your geographical region of choice.
gcloud init
- When asked
- Install the
kubectlcommand-line tool by running the following command:gcloud components install kubectl
A cluster consists of at least one cluster master machine and multiple worker machines called nodes: Compute Engine virtual machine instances that run the Kubernetes processes necessary to make them part of the cluster.
gcloud container clusters create [CLUSTER_NAME] --cluster-version=1.10 \
--no-enable-legacy-authorization \
--tags=game-server \
--enable-basic-auth \
--password=supersecretpassword \
--scopes=https://www.googleapis.com/auth/devstorage.read_only,compute-rw,cloud-platform \
--num-nodes=3 \
--machine-type=n1-standard-1Flag explanations:
- cluster-version: Agones requires Kubernetes version 1.9+. Once the default version reaches 1.9, this will no longer be necessary.
- no-enable-legacy-authorization: This enables RBAC, the authorization scheme used by Agones to control access to resources.
- tags: Defines the tags that will be attached to new nodes in the cluster. This is to grant access through ports via the firewall created in the next step.
- enable-basic-auth/password: Sets the master auth scheme for interacting with the cluster.
- scopes: Defines the Oauth scopes required by the nodes.
- num-nodes: The number of nodes to be created in each of the cluster's zones. Default: 3
- machine-type: The type of machine to use for nodes. Default: n1-standard-1.
Finally, let's tell gcloud that we are speaking with this cluster, and get auth credentials for kubectl to use.
gcloud config set container/cluster [CLUSTER_NAME]
gcloud container clusters get-credentials [CLUSTER_NAME]We need a firewall to allow UDP traffic to nodes tagged as game-server via ports 7000-8000.
gcloud compute firewall-rules create game-server-firewall \
--allow udp:7000-8000 \
--target-tags game-server \
--description "Firewall to allow game server udp traffic"Continue to Enabling creation of RBAC resources
This will setup a Minikube cluster, running on an agones profile.
First, install Minikube, which may also require you to install a virtualisation solution, such as VirtualBox as well.
We recommend installing version 0.29.0 of minikube.
Let's use a minikube profile for agones.
minikube profile agonesThe following command starts a local minikube cluster via virtualbox - but this can be replaced by a vm-driver of your choice.
minikube start --kubernetes-version v1.10.0 --vm-driver virtualbox \
--extra-config=apiserver.admission-control=NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,ResourceQuota \
--extra-config=apiserver.authorization-mode=RBACthe --bootstrapper=localkube is required since we aren't using the
defaultprofile. (bug)
Create your EKS instance using the Getting Started Guide.
EKS does not use the normal Kubernetes networking since it is incompatible with Amazon VPC networking.
In a console, run this command to get your current cni version
kubectl describe daemonset aws-node --namespace kube-system | grep Image | cut -d "/" -f 2Output should be amazon-k8s-cni:1.2.0 or newer. To upgrade to version 1.2, run the following command.
kubectl apply -f https://raw.githubusercontent.com/aws/amazon-vpc-cni-k8s/master/config/v1.2/aws-k8s-cni.yamlContinue to Installing Agones.
Follow these steps to create a cluster and install Agones directly on Azure Kubernetes Service (AKS) .
You can use either Azure Cloud Shell or install the Azure CLI on your local shell in order to install AKS in your own Azure subscription. Cloud Shell comes preinstalled with az and kubectl utilities whereas you need to install them locally if you want to use your local shell. If you use Windows 10, you can use the WIndows Subsystem for Windows as well.
If you are using Azure CLI from your local shell, you need to login to your Azure account by executing the az login command and following the login procedure.
Here are the steps you need to follow to create a new AKS cluster (additional instructions and clarifications are listed here):
# Declare necessary variables, modify them according to your needs
AKS_RESOURCE_GROUP=akstestrg # Name of the resource group your AKS cluster will be created in
AKS_NAME=akstest # Name of your AKS cluster
AKS_LOCATION=westeurope # Azure region in which you'll deploy your AKS cluster
# Create the Resource Group where your AKS resource will be installed
az group create --name $AKS_RESOURCE_GROUP --location $AKS_LOCATION
# Create the AKS cluster - this might take some time. Type 'az aks create -h' to see all available options
# The following command will create a single Node AKS cluster. Node size is Standard A1 v1 and Kubernetes version is 1.9.6. Plus, SSH keys will be generated for you, use --ssh-key-value to provide your values
az aks create --resource-group $AKS_RESOURCE_GROUP --name $AKS_NAME --node-count 1 --generate-ssh-keys --node-vm-size Standard_A1_v2 --kubernetes-version 1.9.6 --enable-rbac
# Install kubectl
sudo az aks install-cli
# Get credentials for your new AKS cluster
az aks get-credentials --resource-group $AKS_RESOURCE_GROUP --name $AKS_NAMEAlternatively, you can use the Azure Portal to create a new AKS cluster (instructions).
For Agones to work correctly, we need to allow UDP traffic to pass through to our AKS cluster. To achieve this, we must update the NSG (Network Security Group) with the proper rule. A simple way to do that is:
- Login to the Azure Portal
- Find the resource group where the AKS resources are kept, which should have a name like
MC_resourceGroupName_AKSName_westeurope. Alternative, you can typeaz resource show --namespace Microsoft.ContainerService --resource-type managedClusters -g $AKS_RESOURCE_GROUP -n $AKS_NAME -o json | jq .properties.nodeResourceGroup - Find the Network Security Group object, which should have a name like
aks-agentpool-********-nsg - Select Inbound Security Rules
- Select Add to create a new Rule with UDP as the protocol and 7000-8000 as the Destination Port Ranges. Pick a proper name and leave everything else at their default values
Alternatively, you can use the following command, after modifying the RESOURCE_GROUP_WITH_AKS_RESOURCES and NSG_NAME values:
az network nsg rule create \
--resource-group RESOURCE_GROUP_WITH_AKS_RESOURCES \
--nsg-name NSG_NAME \
--name AgonesUDP \
--access Allow \
--protocol Udp \
--direction Inbound \
--priority 520 \
--source-port-range "*" \
--destination-port-range 7000-8000Nodes in AKS don't get a Public IP by default. To assign a Public IP to a Node, find the Resource Group where the AKS resources are installed on the portal (it should have a name like MC_resourceGroupName_AKSName_westeurope). Then, you can follow the instructions here to create a new Public IP and assign it to the Node/VM. For more information on Public IPs for VM NICs, see this document. If you are looking for an automated way to create and assign Public IPs for your AKS Nodes, check this project.
Continue to Installing Agones.
To install Agones, a service account needs permission to create some special RBAC resource types.
# Kubernetes Engine
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole cluster-admin --user `gcloud config get-value account`
# Minikube
kubectl create clusterrolebinding cluster-admin-binding \
--clusterrole=cluster-admin --serviceaccount=kube-system:defaultThis will install Agones in your cluster.
We can install Agones to the cluster using the install.yaml file.
kubectl create namespace agones-system
kubectl apply -f https://github.com/GoogleCloudPlatform/agones/raw/release-0.5.0/install/yaml/install.yamlYou can also find the install.yaml in the latest agones-install zip from the releases archive.
Note: Installing Agones with the
install.yamlwill setup the TLS certificates stored in this repository for securing kubernetes webhooks communication. If you want to generate new certificates or use your own, we recommend using the helm installation.
Also, we can install Agones using Helm package manager. If you want more details and configuration options see the Helm installation guide for Agones
To confirm Agones is up and running, run the following command:
kubectl describe --namespace agones-system podsIt should describe the single pod created in the agones-system namespace, with no error messages or status. The Conditions section should look like this:
Conditions:
Type Status
Initialized True
Ready True
PodScheduled True
That's it! This creates the Custom Resource Definitions that power Agones and allows us to define resources of type GameServer.
- Go through the Create a Game Server Quickstart