Jump to content

Docker Container Support


Aeioyoo

Recommended Posts

It'd be very nice, and much more secure, if TCA could run services containerized, like Pterodactyl.

 

Currently, the most secure option we have is using Run As -> User per Service.

 

Although better than long ago, using containers would still be much better.

 

Currently, we can't allow DLL uploading for security. However, CS:GO and other games use DLLs/SO files for mods/plugins. This is less than ideal, as we have to keep up a mod manager, constantly adding more to it and updating existing mods. This isn't a good experience for the client, having to contact us to add new mods. Even non-dll files, like Minecraft Jars and SourceMod plugins have the potential to cause damage; as they run with the same privileges as the tcagame user for the service: for example writing/reading to files outside the service, email spamming, resource abusing etc. Some games also store things in AppData, /home etc. That's no problem with Docker.

Containers would run totally isolated from eachother. Since the file system and usage are isolated, we could start allowing DLL uploads. It also allows us to easily allocate CPU/Memory/Storage on Linux where this was previously hard.

It also allows a whole new hosting sector, the pre-packaged nature of containers would open up things like Node.js discord bot hosting.

 

Adding support would mean rebuilding from the ground up, though. I've heard it was being considered when TCA updates .net version. This would be a brilliant feature, modernizing and improving TCA a lot. I'm sure if it was developed today rather than having such a history, it would have been with Docker.

Edited by Aeioyoo
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use