feat(*): add tencent cloud provider and clb plugin

[imroc]

About me

Thanks a lot for this awesome project! I'm roc, an engineer from the Tencent Kubernetes Engine(TKE) team.

Background

TKE has tke-extend-network-controller, which supports network access for room-based games and exposes game rooms by binding game server pod to CLB(Cloud Load Balancer) listener exclusively(1 CLB listener, 1 POD ip:port).

tke-extend-network-controller does not rely on OpenKruiseGame(OKG) or Agones, But OKG users prefer to define the game room network in the OKG way, this PR add the tencentcloud provider to OKG and add the clb plugin, which based on tke-extend-network-controller's DedicatedCLBListener(Atomic capability to bind a pod ip:port to a clb's port).

Why not based on LoadBalaner service ?

Others OKG lb plugins (e.g. AlibabaCloud-SLB, Volcengine-CLB) are based on LoadBalancer service, which use annotation to reuse existing LoadBalaner, and define lb port on the LoadBalancer service.

But for TKE, a lot of LoadBalancer service reuse the same LoadBalancer is not recommended and disabled by default, this is mainly because of the service-controller's reconciliation performance issues for this scenario, which may cause a long delay in the binding or unbinding operation, and it is difficult to optimize due to historical and architectural reasons. This is also why tke-extend-network-controller introduce DedicatedCLBListener rather than based on LoadBalancer service to reuse clb to bind pods.

How to use

This plugin is for TKE Users, User need install tke-extend-network-controller first (can be installed through TKE application marketplace), then make sure tencentcloud provider is enabled:

[tencentcloud]
enable = true
[tencentcloud.clb]
max_port = 1100
min_port = 1000

And define TencentCloud-CLB network for GameServerSet:

apiVersion: game.kruise.io/v1alpha1
kind: GameServerSet
metadata:
  name: clb-nginx
  namespace: default
spec:
  replicas: 2
  updateStrategy:
    rollingUpdate:
      podUpdatePolicy: InPlaceIfPossible
  network:
    networkType: TencentCloud-CLB
    networkConf:
      - name: ClbIds
        value: "lb-3ip9k5kr,lb-4ia8k0yh"
      - name: PortProtocols
        value: "80/TCP,7777/UDP"
  gameServerTemplate:
    spec:
      containers:
        - image: nginx
          name: nginx

You could found auto created dedicatedclblisteners:

$ kubectl get dedicatedclblisteners.networking.cloud.tencent.com
NAME                LBID          LBPORT   POD           STATE
clb-nginx-0-7ndzj   lb-3ip9k5kr   1003     clb-nginx-0   Bound
clb-nginx-0-gqmbm   lb-3ip9k5kr   1002     clb-nginx-0   Bound
clb-nginx-1-pdckl   lb-3ip9k5kr   1001     clb-nginx-1   Bound
clb-nginx-1-zk9st   lb-3ip9k5kr   1000     clb-nginx-1   Bound

And you can also found clb's ip:port(externalAddresses) for gameserver pod on GameServer's networkStatus:

  networkStatus:
    createTime: "2024-10-28T03:16:20Z"
    currentNetworkState: Ready
    desiredNetworkState: Ready
    externalAddresses:
    - ip: 139.155.64.52
      ports:
      - name: "80"
        port: 1002
        protocol: TCP
    - ip: 139.155.64.52
      ports:
      - name: "7777"
        port: 1003
        protocol: UDP
    internalAddresses:
    - ip: 172.16.7.106
      ports:
      - name: "80"
        port: 80
        protocol: TCP
    - ip: 172.16.7.106
      ports:
      - name: "7777"
        port: 7777
        protocol: UDP
    lastTransitionTime: "2024-10-28T03:16:20Z"
    networkType: TencentCloud-CLB

Check more info in user_manuals/network.md.

What's Next

• Add RBAC permission for networking.cloud.tencent.com apiGroup in kruise-game chart's rbac_role.yaml after this PR is merged.
• Add doc for openkruise.io after this PR is merged.

[imroc]

e2e failure is not related, re-run could succeed (new commit only have doc change)