Jump to content
Sign in to follow this  
  • entries
    5
  • comments
    3
  • views
    1238

Learning How Troll Purse Easily Setup Forums in AWS

Martin H Hollstein

1223 views

How Troll Purse Easily Setup Forums in AWS

Originally Posted on Troll Purse Dev Blog

After our migration to AWS, Troll Purse removed the old forums running in Digital Ocean. Troll Purse decided to start with a clean slate. Which was easy - as nobody registered (no migrations needed, just nuclear destruction of the service)! A curse that turned into a blessing. Troll Purse can now scale the forums based on usage and save some money on infrastructure. This will allow us to put more effort into our games!

site-logo.png

How To

Troll Purse decided to share with you how to set up this type of environment.

S3 Configuration

For hosting content uploaded by Troll Purse forum users, S3 was used to store images. Since NodeBB has a nice S3 upload plugin, there was little to no work other than configuration needed to enable the feature.

S3 on the otherhand, required configuration to allow access from http://forums.trollpurse.com. However, it also needed to allow access to the real DNS hostname (according to AWS) for the actual server to update data. This meant a custom S3 CORS policy and S3 Bucket Policy. Finally, the role our server would assume needed to have full access to S3 buckets. Further, Troll Purse could restrict access by bucket name.

Below are examples Troll Purse Built up to help restrict access to an S3 bucket. Note, AWS will still mark it as public. However, there was a configuration that allowed public GET without S3 being marked public.

S3 Bucket Policy

{
    "Version": "2012-10-17",
    "Id": "website access bucket Policy",
    "Statement": [
        {
            "Sid": "Allow get requests originating from your domain.",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::your-bucket-name/*",
            "Condition": {
                "StringLike": {
                    "aws:Referer": "http://your-domain-name/*"
                }
            }
        },
        {
            "Sid": "Deny get requests not originating from your domain.",
            "Effect": "Deny",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::your-bucket-name/*",
            "Condition": {
                "StringNotLike": {
                    "aws:Referer": "http://your-domain-name/*"
                }
            }
        },
        {
            "Sid": "Create, Update, Delete for ARN",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::xxxxxxxxx:role/your-role-used-for-s3-access-and-management"
            },
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::your-bucket-name/*"
        }
    ]
}

S3 CORS Policy

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>your-domain-name</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
</CORSConfiguration>

Redis Configuration

For Redis, Troll Purse used default configurations provided by AWS ElastiCache. This cache was put in a private subnet, accessible only to services in the Troll Purse VPC as configured. Currently, Troll Purse is using the free tier cache.t2.micro instance. Other than that, the Launch Configuration just needs a reference to the public DNS of the cache.

VPC Configuration

AWS VPC is great for creating logically segregated services for an environment.

Subnets

Following normal AWS architecture diagrams (shown below), Troll Purse created two subnets. There is the public subnet which will host the forum instances and the load balancer. There is then the private subnet which has no internet access. The private subnet contains the forum’s Redis service.

AWS VPC Architecture Diagram

Security Groups

Troll Purse setup two different Security Groups. One for services bound to the public subnet and another for services bound to the private subnet. The only real different is how the inboud internet traffic is configured. The public security group allows inbound internet traffic. The private security group does not allow inbound internet traffic. This is further strengthened by Route Tables

Route Tables

The Route Tables used were configured according to the afore mentioned diagram. There were two Route Tables. The first route table was created for the public subnet. This allows internet traffic in via the Internet Gateway bound to the public subnet. The second route table created was the private subnet. This Route Table did not receive configuration for public internet access.

IAM Role Configuration

To get our environment up using NodeBB with Redis, Troll Purse created a new IAM Role for EC2 instances meant to host NodeBB. This role did not need a lot of thought put into it. All it needed was full S3 Access, and full Redis access. From here Troll Purse uses two more AWS services to provide data storage for the forums.

Auto-Scaling Configuration

Using our existing configuration, Troll Purse created an Auto Scaling Configuration using the base Amazon Linux AMI on a t2.micro instance. We don’t do anything else special. Troll Purse set the default configurations of Min instances to 1 and Max instances to 1. This ensures the service will always be running one instance, whether it fails or not.

Note: Make sure to use ELB Health Checks - this will verify the web service is actually running on the instance

Launch Configuration User Data

Here is a wonderful gist provided by one of our AWESOME developers (Disclaimer: I authored this post - totally biased opinion) used as a Launch Configuration.

Soon Troll Purse will take away half of that setup and make an image for EC2 to use. Then only NodeBB configuration and launch information is required for the Launch Configuration.

EC2 Configuration

There wasn’t anything to do for EC2 since all of our instance information was setup using Auto Scaling.

Conclusion

Setting up an environment in AWS for our forums took about two days of building and verifying. These changes required no code whatsoever. All Troll Purse had to do was select from a large suite of services to support desired results. So, now that they exsist, join up on the forums!

Originally Posted on Troll Purse Dev Blog



0 Comments


Recommended Comments

There are no comments to display.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Advertisement
  • Advertisement
  • Blog Entries

  • Similar Content

    • By JoAndRoPo
      Hi!
      I'm creating a spider solitaire game in my free time and will be adding daily challenges. There will be a challenge each day until the end of the month. After which, the challenges will reset for the next month. 
      I do have some in mind but for a card game, creating unique challenges for each day is kind of tough.
      I played Microsoft's Spider Solitaire's daily challenges and found them to be the same/boring after a while. 
      I would love to hear your ideas (unique) if any. Something different from the daily challenges created by Microsoft Spider Solitaire. 
    • By Agent3
      Hi! I'm looking for a c++ hobbyist (intermediate experience, due to difficulty level) interested in helping recreating some basic core Splatoon mechanics to learn and practice.
      Ink (painting, teamcolor) Player controls (squid form, humanoid form, camera) Weapons (shooter, charger, and roller). I already have some techniques in mind for creating the ink, which I'd discuss privately in a DM. ^^
      Discord: Agent#8875
    • By Sakirin is Cool
      Heyo,
      I represent Node Collective LLC and we're making a large open world, FPS style game. Something sort of like Farcry 5.
      We already established a large team of professionals and college grads. We're in need of many more programmers for UE4.
      So if anyone is wishing to develop their skill, and pick up some of the slack for mechanics, that'd be awesome!
       
      Contact: sakirintannoy@gmail.com
      Discord: Sakirin is Cool#0850
       
      - Sakirin
      More project information will be posted upon contact with the company. 
    • By william.equal
      Hi,
      I’d like to show you my current video project “Game Audio Lookout”. It is not a game itself but a series on YouTube about how music and sound design in games work.
      There is three episodes I produced within the last month and I’m planning to release them on a regular basis!
      Currently I made 3 episodes so far:
      Enhancing Gameplay with Music in Celeste -
      https://www.youtube.com/watch?v=NYjlfL7dHCQ
      On the surface, “Celeste” is a brutally hard 2D platforming game about climbing the imaginary Celeste Mountain but it is much more than that. It narrates a compelling story of main character Madeline fighting with her demon doppelgänger. Gameplay-wise, super tricky levels combined with tight controls let you fail and re-try over and over again. But what it makes it even more enjoyable is the wonderful soundtrack composed by Lena Raine we’ll have a look at in this episode of “Game Audio Lookout”.
      EarthBound - A Quirky Artistic Synergy of Story, Art and Music -
      https://www.youtube.com/watch?v=ZH4DqgvkE0k
      In fact, there’s many ways how the three elements writing, artwork and sound can play together. There’s AAA titles with cinematic writing, photorealistic graphics and epic orchestral music on the one hand. Another good example is the “Super Mario Odyssey” world “Steam Gardens” with its funky vibes due to a coherent artistic feel of character design, graphics and audio. But today, we’ll go back to the Super Nintendo era to have a look at one of the strangest games Nintendo ever created: “Earthbound”
      Deconstructing a Musical Level in Rayman Legends -
      https://www.youtube.com/watch?v=3UIhBZuj2HI
      Rayman Legends has found its way into many “Best Platformer Games of All-Time” lists. Though it closely fails to beat the uncrowned king Super Mario, it found a safe place next the Nintendo mascot.
      The Rayman series was created by French game designer Michel Ancel and started in 1995 with the 2D jump’n’run Rayman. It was followed by two 3D platforming games: Rayman 2 and Rayman 3. But the series went back to 2D sidescrolling with Rayman Origins in 2011. Origins was also the first Rayman game using the UbiArt Framwork which also was adopted by the 2013 release “Rayman Legends”.
      In this episode we’ll deconstruct one of the incredible musical stages in Rayman Legends.
      Playlist link to all episodes so far:
      https://www.youtube.com/watch?v=NYjlfL7dHCQ&list=PLBhIWrMLhhmowCQyCRaDEMWDH-l5lunnL
      Link to my channel:
      https://www.youtube.com/channel/UCm4XW_MrNfZrjQkj9iuxK9A
    • By Sergey-Kh
      I'm taking my first steps in programming with Direct3D. I have a very basic pipeline setup, and all I want to get from it is an antialiased smooth image. But I get this:

      First, I can't get rid of stair effect though I have 4x MSAA enabled already in my pipeline (DXGI_SAMPLE_DESC::Count is 4 and Quality is 0): 

      And second, I get this noisy texturing though I have mipmaps generated and LINEAR filtering set in the sampler state.

      Am I missing something or doing wrong? I would appreciate any advice on that.
      Here is my code:
      1) Renderer class:
      2) Vertex shader:
      3) Pixel shader:
      Thank you in advance!
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!