Cloud Network Architecture for Online & Mobile Gaming Industry
If you have been tasked with building infrastructure for a company that develops online or mobile games; your priority is to keep the games up & running with great performance. To name a few examples; making sure all event logs are properly setup, those logs are forwarded for analytics, and you are using scripting tools to manage new games as well as new software releases. As a result, networking in the cloud may be the last thing on your mind, however, cloud networking should become a substrate that you don’t have to worry about so you may focus your time on the real stuff, the games.
Where would you start?
How do you build a cloud network for gaming? What is a good network architecture?
You should consider the following dimensions beyond agility, connectivity and security.
· Shared Resources: What are my common DevOps tools and which region should they be hosted? For example, I use chef to build images and Jenkins for continue testing. Which region should these tools be hosted?
· Cost Metrics: This is related to managing the life cycle of games. How do I help my team gain knowledge of how much it costs to develop a game, test a game, and run a game?
· Performance: Where should I host the games so that gamers have the best experience playing the games?
· Access: How do my DevOps engineers access the tools and resources in VPCs? How do developers access gaming applications in VPCs for development and testing? How do I restrict developers from accessing production database?
Be it a public cloud or hybrid cloud deployment, these key metrics are the pillars that build a successful cloud infrastructure for mobile and online game development/publishing. The vital constructs Aviatrix uses to enable such a productive cloud architecture are the following:
· Management VPC: Shared Resources call for a management VPC where all tools and common applications are hosted.
· Multi Accounts: Assigning each game project as a separate AWS account segmented into several VPCs automatically insulates Cost Metrics, unmasking analytical clarity. You may even consider giving multiple AWS accounts per game, to further separate production and non-production VPCs.
· Multi Regions: Deploying games in multiple AWS regions ensures shortest latency to your users around the world. For example, if you have a large gamer-community in Europe, setting up a production VPC in AWS-Ireland or -Frankfurt will relate to a better user experience for your European customer base. Taking it one step further, adding game applications for those users in VPC’s in those regions will further increase the user experience leading to better understanding of a growing market space.
· Profile Based VPN Access: Give DevOps and developers SSL VPN access to VPCs. Profile based VPN solution dynamically pushes access policies when a user connects, thus gives different privileges to administrators, developers and contractors.
Examples of best practices in designing a cloud network architecture in the gaming industry are illustrated in Figures 1, 2, & 3. Instead of each game project being a standalone VPC, each game is assigned an account with multiple VPCs in each game-account. Each VPC is segmented based on the development, user, and cost metrics that provides the necessary visibility to constantly improve your organization’s success. The common denominator to reach a successful architecture is to instantiate a Management VPC embedded with a gateway with the ability to route transitively. This Management VPC hosts all tools and networks securely to all other VPCs for software updates, administration and to ensure access control.
For production VPCs where actual games and applications are hosted in the case for gaming publishers; multi-region deployments are important for best user experience by users. User metrics become extremely important in this case.
In both diagrams, one Aviatrix Controller is launched in the management VPC. From the controller’s web console, you can:
· Create AWS accounts,
· Launches Aviatrix gateways,
· Build inter region VPC peering.
· DevOps and developers access all VPCs directly through an Elastics Load Balanced Aviatrix VPN gateways in the management VPC as privileges permit.
Amalgamating all of the concepts discussed, the most successful gaming companies that have found success in scaling their cloud platform utilized a variation of the following architecture:
