Skip to main content

How GitOps can keep gaming companies out of regulatory trouble

Google cloud services
(Image credit: Shutterstock)

The gaming industry remains highly regulated, especially when money is involved. For example, a gaming company that has operations and customers in the U.S., the European Union (EU), and Asia must comply with specific data requirements and mandates that can vary significantly between each jurisdiction. When betting is involved, there are different rules for the data involved and how the transactions, customer information, and other information is managed and archived. 

Data compliance represents just one layer of complexity. Gaming companies also need to be able to deliver highly engaging, seamless experiences to any user who has an internet connection where fantasy sports, betting, or other gaming apps are legal. 

Security best practices need to apply throughout the entire DevOps cycle, while compliance is critical for such a highly regulated industry as gaming. The relevant best practices are thus applicable from the very beginning of the development production cycle, to when an application and update is committed to Git, and through the deployment and post-deployment stages of application delivery and management. Ensuring that the right tool and platform-adoption choices are made is critical. 

In this article, we describe how it is possible to create and run gaming apps in public clouds and in on-premises environments while meeting the often strict and complicated regulations for the gaming industry in different jurisdictions. With GitOps serving as the foundation, this article details the use of Amazon Elastic Kubernetes Service (EKS), ​​which offers the capability to start, run, and scale Kubernetes applications in the AWS Cloud and Amazon EKS Distro (EKS-D) to deploy and manage gaming apps in hybrid cloud and on-premises configurations for localized environments. Using these tools a gaming company can have access to the platforms and tools they need to scale in such a way to meet compliance and regulations wherever their app or service is available.

The GitOps moment of truth

GitOps provides a consolidated and cohesive way of managing and operating applications on cloud and on-premises infrastructure — which is especially critical for gaming operations. In essence, GitOps serve as the source of truth for the desired state of distributed workloads, as well as for how the underlying infrastructure is declared. 

There has been a lot of discussion about the relationship between GitOps and DevOps. In many ways, DevOps is about breaking down the silos that have traditionally existed between developers, operations teams, and other stakeholders in order to offer improvements for continuous integration (CI), faster feedback cycles and continuous delivery (CD). GitOps — which is highly relevant to DevOps — is a principle-driven way to better fulfill some of those objectives, with Git serving as the focal point. 

Git can be compared to a firewall. It creates a clear boundary separating the integration components of the software development lifecycle from the actual delivery and deployment of new software releases and updates. In this way, it offers firewall-like functionality, separating the software-development production pipeline from the immutable version and state declaration of the application. 

GitOps principles

  • The entire system is described declaratively
  • The canonical desired system state is versioned (with Git)
  • Approved changes to the desired state are automatically applied to the system
  • Software agents ensure correctness and alert on divergence

GitOps applies to both the application and the runtime infrastructure, consisting of the infrastructure, application code, workloads, and services, and is defined by four principles. The first principle is that the entire system is continuously described declaratively. The system then becomes versioned with Git (the second principle) and is immutable until automated changes are introduced (the third principle). Software agents continuously make changes and help to ensure they have been successfully implemented (the fourth principle). 

The data and operational challenge

GitOps serves as the framework for which data and operational sovereignty can be achieved — two quintessential components for an internationally available gaming platform or app in a highly regulated industry. 

Data sovereignty applies to the ability to define where the data will reside at rest. This is important for gaming companies that generate data that must meet various types of regulations and compliance in the different jurisdictions and national boundaries. 

In the United States alone, where online or sports betting is only legal in certain states or localities, different rules and regulations apply to the data within certain states. Specifically, many states that allow online gaming require that customer data for people who reside in their state be stored within their state’s boundaries. Additionally, there is frequently a further requirement that bets need to happen on a server that is also located within the state. These two requirements mean that in order to meet the regulations, gaming companies frequently need many physical data centers, necessitating a hybrid-cloud approach.

These same data sovereignty and operational challenges are applicable when extending an app’s availability to jurisdictions in Europe and Asia to ensure that user, transactional, and other data in the different geographical boundaries remain compliant. 

The idea of operational sovereignty is often thought of as the ability to continue to operate a system or infrastructure without it being connected to the internet. But far more common — especially in the gaming industry — is the implementation of one-way connections. Such an infrastructure is managed through its own control plane and has a one-way connection out. In this way, users of the infrastructure can connect out, but the internet cannot connect in. This setup is seen as the most typical operational-sovereign use case. 

In order to help maintain data and operational sovereignty, Amazon EKS, EKS-D and Weave GitOps Enterprise offer gaming companies a Kubernetes shared-services platform (SSP) alternative for Kubernetes clusters running on on-premises and hybrid-cloud infrastructures. The benefits of AWS include preset APIs to improve flexibility and to reduce complexity for where workloads run. Additionally — and especially relevant to gaming companies — is the benefit of being able to carefully specify where the data resides. This also includes the ability to control or operate infrastructure from the same physical, sovereign boundary if regulations require it. 

The audit trail GitOps provides is useful for observability, and gauging the impact changes have on infrastructure performance. This capability is especially important for providing information to regulators should they want to know who changed what and when.

The second benefit is a consistent runbook. By being able to build a hybrid shared-services platform, developers can access the platform using the same pipeline, quality assurance (QA), staging, production, and other processes for different environments. The cost benefits stem from taking advantage of less-expensive cloud resources versus the previous model of running all infrastructure on-premises. Organizations can utilize the ephemeral ability to spin up and down AWS infrastructure in the cloud, while at the same time being able to have that persistent layer running in production on-premises when needed.

A gaming company has several options when seeking to run its platforms outside of an AWS environment in a particular jurisdiction. One option is to use EKS by running it on a specific AWS data center that is located in a specific country, state, locality, or other jurisdiction. It is also possible to manage environments with the EKS-Distro for use in local zones to meet the regulations that might be specific to individual cities. The third option — which is very popular — is to run  AWS Outposts.  With AWS Outposts, a gaming company can run EKS with a colocation service, in a data center, or in an on-premises location. 

Game on with GitOps 

The GitOps model provides developers with the ability to create and commit applications to Git without many of the headaches and potential speed bumps in the production pipeline. They do not have to reengineer each application and update them for the different environments to which they will be distributed. Unless, of course, there is the need to do so by configuring an app to offer features distributed across different cloud or on-premises environments run in different environments. 

Developers and operators are able to function as a single team as the GitOps process remains continuous and fluid with Git serving as the single and immutable source of truth for the gaming app. The operations team members manage the infrastructure and how it's configured, while the developers concentrate on creating and updating software before it is committed to Git. As soon as the developers issue a pull request and merge the code, the application or update is automatically deployed through CD across the different environments.

Once in a declarative state and versioned on Git, the operations team can rely on EKS and EKS-D to scale and manage the gaming apps. They are able to manage the system on Git in such a way so that all apps meet the localized data and operational sovereignty requirements in different jurisdictions across on-premises and hybrid clouds environments worldwide.

Compliance and security risks associated with developing and providing gaming apps can be reduced. Git serves as a single repository for permissions and compliance to be set centrally, as opposed to setting them individually outside of Git for each cloud or on-premise environment. Every change to the system on Git is recorded so that a clear audit trail to track all changes and access is provided.  A trusted definition of the state of the cluster with the actual running cluster is also made available, helping to ensure that the tracked and auditable changes match.

In summary, DevOps teams are able to see tangible results with this Git-centric approach for CI/CD and application development and deployment for gaming apps on multi-cloud and on-premises environments. Thanks to GitOps, the odds of success become that much higher in a gaming-app maker’s favor.

Daniel Lizio-Katzen, head of strategy & partnerships, Weaveworks

Daniel is head of strategy & partnerships at Weaveworks.