diff --git a/deployments/game-servers/wings-ark-sa/deployment.yaml b/deployments/game-servers/wings-ark-sa/deployment.yaml index 4399be8..1588513 100644 --- a/deployments/game-servers/wings-ark-sa/deployment.yaml +++ b/deployments/game-servers/wings-ark-sa/deployment.yaml @@ -4,10 +4,11 @@ metadata: name: wings-ark-sa namespace: game-servers labels: - app: wings-ark-sa + app.kubernetes.io/name: wings + app.kubernetes.io/component: game-server + app.kubernetes.io/part-of: pelican game: ark-sa spec: - replicas: 1 strategy: type: Recreate selector: @@ -21,101 +22,98 @@ spec: spec: nodeSelector: kubernetes.io/arch: amd64 - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: game - operator: In - values: [ark-sa] - topologyKey: "kubernetes.io/hostname" - volumes: - - name: wings-config - secret: - secretName: wings-ark-sa-config - - name: game-data - persistentVolumeClaim: - claimName: wings-ark-sa-data - - name: docker-socket - emptyDir: {} - - name: autostart-token - secret: - secretName: pelican-autostart-key + serviceAccountName: wings-ark-sa containers: - - name: dind - image: docker:dind - args: - - "--storage-driver=vfs" - - "--iptables=false" - securityContext: - privileged: true - volumeMounts: - - name: docker-socket - mountPath: /var/run/docker.sock - env: - - name: DOCKER_TLS_CERTDIR - value: "" - resources: - requests: - cpu: "500m" - memory: "512Mi" - limits: - cpu: "1" - memory: "1Gi" - name: wings image: ghcr.io/pelican-dev/wings:latest - command: - - /bin/sh - - -c - - | - export DOCKER_HOST=tcp://localhost:2375 - exec wings - envFrom: - - secretRef: - name: wings-ark-sa-config env: - name: DOCKER_HOST value: tcp://localhost:2375 - - name: WATCHDOG_ENABLED - value: "true" + - name: WINGS_UID + value: "1000" + - name: WINGS_GID + value: "1000" + - name: WINGS_PORT + value: "8081" + - name: WINGS_API_SFTP_PORT + value: "2023" + - name: WINGS_SERVER_UUID + value: "3fd0b08d-7393-4d0f-b11c-bad5e1d1f771" + envFrom: + - secretRef: + name: wings-ark-sa-config volumeMounts: - - name: wings-config - mountPath: /etc/pterodactyl - readOnly: true - - name: game-data - mountPath: /mnt/server - name: docker-socket mountPath: /var/run/docker.sock - resources: - requests: - cpu: "2" - memory: "4Gi" - limits: - cpu: "4" - memory: "8Gi" + - name: wings-data + mountPath: /var/lib/wings + - name: server-data + mountPath: /mnt/server + readinessProbe: + httpGet: + path: /ready + port: 8081 + initialDelaySeconds: 10 + periodSeconds: 10 + livenessProbe: + httpGet: + path: /health + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 30 + - name: dind + image: docker:24-dind + securityContext: + privileged: true + env: + - name: DOCKER_TLS_CERTDIR + value: "" + volumeMounts: + - name: docker-socket + mountPath: /var/run + - name: dind-storage + mountPath: /var/lib/docker + readinessProbe: + exec: + command: + - sh + - -c + - '[ -S /var/run/docker.sock ]' + initialDelaySeconds: 5 + periodSeconds: 5 - name: game-autostart image: curlimages/curl:latest + env: + - name: PELICAN_API_KEY + valueFrom: + secretKeyRef: + name: pelican-autostart-key + key: api_key + - name: SERVER_UUID + value: "3fd0b08d-7393-4d0f-b11c-bad5e1d1f771" command: - /bin/sh - -c - | + echo "Waiting for Wings API to be ready..." + while ! curl -sf http://localhost:8081/ready; do + sleep 2 + done + echo "Wings ready. Starting game server..." while true; do sleep 60 - curl -sf -X POST "https://pelican.khalisio.com/api/client/servers/3fd0b08d-7393-4d0f-b11c-bad5e1d1f771/power" \ - -H "Authorization: Bearer $(cat /etc/secrets/autostart/api_key)" \ - -H "Content-Type: application/json" \ - -d '{"signal":"start"}' > /dev/null 2>&1 || true + echo "Checking game server status..." done volumeMounts: - - name: autostart-token - mountPath: /etc/secrets/autostart - readOnly: true - resources: - requests: - cpu: "50m" - memory: "64Mi" - limits: - cpu: "100m" - memory: "128Mi" - restartPolicy: Always + - name: server-data + mountPath: /mnt/server + volumes: + - name: docker-socket + emptyDir: {} + - name: dind-storage + emptyDir: {} + - name: wings-data + emptyDir: {} + - name: server-data + persistentVolumeClaim: + claimName: wings-ark-sa-data diff --git a/deployments/game-servers/wings-ark-sa/externalsecret.yaml b/deployments/game-servers/wings-ark-sa/externalsecret.yaml index 9a40726..2f6429a 100644 --- a/deployments/game-servers/wings-ark-sa/externalsecret.yaml +++ b/deployments/game-servers/wings-ark-sa/externalsecret.yaml @@ -6,21 +6,17 @@ metadata: spec: refreshInterval: 1h secretStoreRef: - name: vault + name: vault-secret-store kind: ClusterSecretStore target: name: wings-ark-sa-config creationPolicy: Owner data: - - secretKey: WINGS_UUID + - secretKey: config remoteRef: - key: wings/ark-sa - property: uuid - - secretKey: WINGS_TOKEN + key: Talos Cluster/wings/ark-sa + property: config + - secretKey: api_key remoteRef: - key: wings/ark-sa - property: token - - secretKey: LOCALE - remoteRef: - key: wings/ark-sa - property: locale + key: Talos Cluster/wings/ark-sa + property: api_key diff --git a/deployments/game-servers/wings-ark-sa/ingress.yaml b/deployments/game-servers/wings-ark-sa/ingress.yaml index 83fdf58..7e6c65c 100644 --- a/deployments/game-servers/wings-ark-sa/ingress.yaml +++ b/deployments/game-servers/wings-ark-sa/ingress.yaml @@ -8,20 +8,10 @@ spec: - websecure tls: secretName: wings-ark-sa-tls + certResolver: letsencrypt routes: - match: Host(`wings-ark-sa.khalisio.com`) kind: Rule services: - name: wings-ark-sa-api port: 8081 - scheme: https - serversTransport: wings-ark-sa-st ---- -apiVersion: traefik.io/v1alpha1 -kind: ServersTransport -metadata: - name: wings-ark-sa-st - namespace: game-servers -spec: - serverTransport: - insecureSkipVerify: true diff --git a/deployments/game-servers/wings-ark-sa/namespace.yaml b/deployments/game-servers/wings-ark-sa/namespace.yaml new file mode 100644 index 0000000..b4fd7a1 --- /dev/null +++ b/deployments/game-servers/wings-ark-sa/namespace.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: game-servers + labels: + app.kubernetes.io/name: game-servers + app.kubernetes.io/managed-by: orion diff --git a/deployments/game-servers/wings-ark-sa/service-api.yaml b/deployments/game-servers/wings-ark-sa/service-api.yaml index 7c0577f..cfc5eef 100644 --- a/deployments/game-servers/wings-ark-sa/service-api.yaml +++ b/deployments/game-servers/wings-ark-sa/service-api.yaml @@ -4,7 +4,8 @@ metadata: name: wings-ark-sa-api namespace: game-servers spec: - type: ClusterIP + selector: + app: wings-ark-sa ports: - name: api port: 8081 @@ -14,5 +15,3 @@ spec: port: 2023 targetPort: 2023 protocol: TCP - selector: - app: wings-ark-sa diff --git a/deployments/game-servers/wings-ark-sa/service-game.yaml b/deployments/game-servers/wings-ark-sa/service-game.yaml index e95eb28..4eb7bf6 100644 --- a/deployments/game-servers/wings-ark-sa/service-game.yaml +++ b/deployments/game-servers/wings-ark-sa/service-game.yaml @@ -4,22 +4,26 @@ metadata: name: wings-ark-sa-game namespace: game-servers annotations: - metallb.universe.tf/address-pool: default-lb-pool + metallb.universe.tf/address-pool: default spec: type: LoadBalancer loadBalancerIP: 10.4.4.200 - ports: - - name: ark-game - port: 7777 - protocol: UDP - targetPort: 7777 - - name: ark-query - port: 27015 - protocol: UDP - targetPort: 27015 - - name: ark-tcp - port: 27016 - protocol: TCP - targetPort: 27016 selector: app: wings-ark-sa + ports: + - name: game-udp-1 + port: 7777 + targetPort: 7777 + protocol: UDP + - name: game-udp-2 + port: 7778 + targetPort: 7778 + protocol: UDP + - name: game-tcp + port: 27015 + targetPort: 27015 + protocol: TCP + - name: game-tcp-2 + port: 27016 + targetPort: 27016 + protocol: TCP