The gaming industry remains highly regulated, especially when it comes to money. For example, a games company that has operations and customers in the United States, European Union (EU), and Asia must adhere to specific data requirements and mandates that can vary significantly from one jurisdiction to another. When it comes to betting, there are different rules for the data involved and how transactions, customer information, and other information are managed and archived.
Data compliance is just one layer of complexity. Gaming companies also need to be able to offer very engaging and seamless experiences to any user with an internet connection where fantasy sports, betting or other gaming applications are legal.
Security best practices should apply throughout the DevOps cycle, while compliance is essential for an industry as highly regulated as gaming. The relevant best practices are thus applicable from the start of the development production cycle, until the moment an application and an update are validated in Git, and throughout the deployment and post-deployment stages of the delivery. and application management. It is essential to ensure that the right tool and platform adoption choices are made.
In this article, we describe how it is possible to build and run gaming applications in public clouds and in on-premises environments while complying with the often strict and complicated regulations of the gaming industry in different jurisdictions. With GitOps serving as the foundation, this article details how to use the Amazon Elastic Kubernetes Service (EKS), which provides the ability to start, run, and scale Kubernetes applications in the AWS Cloud and Amazon EKS Distro. (EKS-D) to deploy and manage gaming applications in hybrid cloud and on-premises configurations for on-premises environments. By using these tools, a games company can gain access to the platforms and tools it needs to scale to meet compliance and regulations wherever its app or service is available.
GitOps moment of truth
GitOps provides a consolidated and cohesive way to manage and operate applications on cloud and on-premises infrastructure, which is especially critical for gaming operations. Essentially, GitOps serves as a source of truth for the desired state of distributed workloads, as well as how the underlying infrastructure is declared.
There has been a lot of talk about the relationship between GitOps and DevOps. In many ways, DevOps is about breaking down the silos that have traditionally existed between developers, operations teams, and other stakeholders to deliver continuous integration (CI) improvements, faster feedback cycles, and continuous delivery (CD). GitOps – which is very relevant to DevOps – is a principle-based way to better achieve some of these goals, with Git serving as the focal point.
Git can be compared to a firewall. It creates a clear boundary separating the integration components of the software development lifecycle from the actual delivery and deployment of new software releases and updates. In this way, it offers firewall-like functionality, separating the software development production pipeline from the immutable version and application state declaration.
- The whole system is described in a declarative way
- The canonical state of the desired system is versioned (with Git)
- Approved changes to the desired state are automatically applied to the system
- Software agents ensure accuracy and alerting in the event of discrepancies
GitOps applies to both application and runtime infrastructure, including infrastructure, application code, workloads, and services, and is defined by four principles. The first principle is that the whole system is continually described in a declarative manner. The system then becomes versioned with Git (the second principle) and is immutable until automated changes are introduced (the third principle). Software agents continually make changes and help ensure that they have been implemented successfully (Principle 4).
The data and operational challenge
GitOps serves as a framework for which data and operational sovereignty can be achieved – two essential components for a globally available gaming platform or application in a highly regulated industry.
Data sovereignty applies to the ability to define where data will reside at rest. This is important for gaming companies that generate data that must meet various types of regulations and compliance in different jurisdictions and national borders.
In the United States only, where sports or online betting is only legal in certain states or localities, different rules and regulations apply to data in certain states. Specifically, many states that allow online gambling require that customer data of people residing in their state be stored within their state boundaries. In addition, there is often another requirement that wagers must take place on a server also located in the state. These two requirements mean that to comply with regulations, gaming companies frequently need many physical data centers, which requires a hybrid cloud approach.
These same operational and data sovereignty challenges are applicable when extending the availability of an application to jurisdictions in Europe and Asia to ensure that user, transactional and other data within different geographic boundaries remains compliant. .
The idea of operational sovereignty is often seen as the ability to continue to operate a system or infrastructure without it being connected to the Internet. But the implementation of one-way connections is much more common, especially in the gaming industry. Such infrastructure is managed through its own control plane and has a one-way connection. This way, infrastructure users can connect, but the internet cannot connect. This configuration is considered the most typical operational-sovereign use case.
To help maintain data and operational sovereignty, Amazon EKS, EKS-D, and Weave GitOps Enterprise provide game companies with an alternative to the Kubernetes Shared Services Platform (SSP) for Kubernetes clusters running on on-premise and hybrid cloud infrastructure. The benefits of AWS include predefined APIs to improve flexibility and reduce the complexity of where workloads run. Additionally – and particularly relevant for game companies – is the benefit of being able to carefully specify where the data resides. It also includes the ability to control or operate the infrastructure from the same physical and sovereign border if required by regulation.
The audit trail provided by GitOps is useful for observability and to assess the impact of changes on infrastructure performance. This ability is particularly important for providing information to regulators if they want to know who changed what and when.
The second advantage is a consistent runbook. By being able to create a hybrid shared services platform, developers can access the platform using the same pipeline, quality assurance (QA), staging, production, and other processes for different environments. The cost benefits arise from using less expensive cloud resources compared to the previous model of running all infrastructure on-premises. Organizations can use the ephemeral ability to run AWS infrastructure in the cloud, while still being able to run this persistent layer in production on-premises when needed.
A game company has several options when looking to run its platforms outside of an AWS environment in a particular jurisdiction. One option is to use EKS by running it on a specific AWS data center located in a specific country, state, locality, or other jurisdiction. It is also possible to manage environments with EKS-Distro for use in local areas to meet regulations which may be specific to each city. The third and very popular option is to run AWS Outposts. With AWS Outposts, a game company can run EKS with a colocation service, in a data center, or in an on-premises location.
Play with GitOps
The GitOps model gives developers the ability to build and validate apps on Git without the many headaches and potential slowdowns of the production pipeline. They don’t have to reorganize each application and update them for the different environments in which they will be distributed. Unless, of course, there is a need to do so by configuring an application to provide functionality distributed across different cloud environments or on-premises running in different environments.
Developers and operators can function as one team as the GitOps process remains continuous and fluid, with Git serving as the single, enduring source of truth for the game application. Operations team members manage the infrastructure and the way it’s configured, while the developers focus on building and updating the software before it gets engaged in Git. As soon as the developers issue a pull request and merge the code, the application or update is automatically deployed via CD in the different environments.
Once in a declarative state and versioned on Git, the operations team can rely on EKS and EKS-D to evolve and manage game applications. They are able to manage the system on Git so that all applications meet localized data and operational sovereignty requirements in different jurisdictions in hybrid cloud and on-premises environments around the world.
Compliance and security risks associated with developing and delivering gaming applications can be reduced. Git serves as a single repository for permissions and compliance to be set centrally, rather than setting them individually outside of Git for each cloud or on-premises environment. Every change made to the system on Git is logged to provide a clear audit trail to track all changes and access. A reliable definition of the cluster state with the running cluster is also available, which helps ensure that tracked and auditable changes match.
In summary, DevOps teams are able to see tangible results with this Git-centric approach to developing and deploying CI / CD applications and for gaming applications on multi-cloud and on-premises environments. Thanks to GitOps, the chances of success become even higher in favor of a game app maker.
Daniel Lizio-Katzen, Strategy & Partnerships Manager, Weaving