Docker Container Support

[Aeioyoo]

It'd be very nice, and much more secure, if TCA could run services containerized, like Pterodactyl.

 

Currently, the most secure option we have is using Run As -> User per Service.

 

Although better than long ago, using containers would still be much better.

 

Currently, we can't allow DLL uploading for security. However, CS:GO and other games use DLLs/SO files for mods/plugins. This is less than ideal, as we have to keep up a mod manager, constantly adding more to it and updating existing mods. This isn't a good experience for the client, having to contact us to add new mods. Even non-dll files, like Minecraft Jars and SourceMod plugins have the potential to cause damage; as they run with the same privileges as the tcagame user for the service: for example writing/reading to files outside the service, email spamming, resource abusing etc. Some games also store things in AppData, /home etc. That's no problem with Docker.

Containers would run totally isolated from eachother. Since the file system and usage are isolated, we could start allowing DLL uploads. It also allows us to easily allocate CPU/Memory/Storage on Linux where this was previously hard.

It also allows a whole new hosting sector, the pre-packaged nature of containers would open up things like Node.js discord bot hosting.

 

Adding support would mean rebuilding from the ground up, though. I've heard it was being considered when TCA updates .net version. This would be a brilliant feature, modernizing and improving TCA a lot. I'm sure if it was developed today rather than having such a history, it would have been with Docker.

Edited February 20, 2021 by Aeioyoo

[Dennis]

Docker support is something that has been talked about internally. If it's going to happen (which I think it is), it's not happening in the near future. There's still a lot to do before MVC is finished.

[Cidvond]

Woot! +1 for docker. I was just thinking about if this was possible today.  

[Alexr03]

+1 Would be cool.