cforciea

What is Resurgence? Wasn't that the name of the server that was briefly up then got torched after a fake DMCA before Homecoming existed?

Sorry, meant the Titan Network.

Wait, is this the talks that TonyV said were happening with Titan Networkin April, or the talks TonyV said were happening with Titan Network in August, or the talks that were happening when the game shut down, or maybe this guy from 2014 https://www.cohtitan.com/forum/index.php?topic=10284.0? How about you guys stop talking about this until it actually happens? Giving people potentially false hope in order to give yourself an extra air of legitimacy is just cruel. (edited to clear up name confusion)

You have a license that lets you go active-active and not active-passive? You can also read off of log ship replicas as long as they aren't currently in the middle of a restore operation, and restore operations are on a schedule. Repeatedly citing security is a red herring; you already have firewall pinholes going to the secure part of your network, and I'm willing to bet it's a lot easier to validate the security properties of a microservice using read-only db access to serve get requests of effectively nonsensitive data than it is to be sure that ncsoft's auth server isn't going to do something evil. Running without a way for people to protect their own character data also affects them daily, the effect is just in the form of risk. People just tend to be bad at risk management. Even so, I'm curious what would happen if you sent out a survey asking your players which is more important: being able to play during peak hours with less time in login queues and fewer crashes, or providing mitigation against the risk of their characters all going away. I have a funny feeling that there is a very large segment that would choose the latter, but don't understand the technology or the situation well enough to even understand that it's something that could happen to them, and that there's a way to mitigate it. And thus they don't go asking for it.

There are lots of options here besides "provide a client-side system for autosaving characters with RSA signatures" and "make a tool that hoses the game servers." I'm in no way advocating for doing anything dangerous or poorly architected, regardless of any claims about what doing it "correctly" would look like.

I'll own up to misunderstanding what you meant by dbquery. I had assumed you either just meant generally a database query, or something like the bit of LINQ library that also generates database queries, not to an existing executable. I also got off my butt and looked at the source for the tool other servers are running, and yep that's what's going on. My bad. I wouldn't particularly worry about "the same format". As long as the data is parseable, somebody can always write a tool later to munge it to however it needs to look, especially if you open source whatever model code you'd be using to serialize it. If the concern is just security, it'd be pretty trivial to throw up a lightweight API server using a framework in your language of choice, toss nginx in front of it, and limit requests to a specific incoming IP. Then your public-facing web server can just query that. The amount of code difference there is pretty negligible. Actually using a replica would indeed generate more costs, but as I alluded to, I'd think you'd want a replica anyway. The alternative is all sorts of potential hilarity when you lose a drive on your db server and need to do a raid rebuild, or a rollback if the db eats its fingers. If the goal is stability, that should be pretty high on your list regardless of any export functionality. If you do your interesting logic in an API layer separate from the website to alleviate your existing security concern, then all you are rewriting is the ability to read and display the output from that backend API call. Burdensome is substantially better than nonexistent. Don't let perfect be the enemy of good enough. It's perfectly possible to throw together something that gives us safety now and then still build those other, cooler things later. Besides, I bet if you create a crappy web interface, other people could throw together a tool to log in to your website, crawl through the character list, and scrape all of the characters without you having to build anything else. Given how the centralized control model worked out for me in 2012, I tend to think that doing it "right" in this case is at least throwing together something simple so your players can manage their own character data before worrying about whether you can get more than 2000 players on a shard, but you are, of course, entitled to your own priorities.

That's something we've looked at and had internal discussions on. The short answer is that it's something we would like to be able to do; there are just some technical details that need to be worked out to be able to do it at scale. The brute force method (using dbquery) causes lag for other players when you use it on a server that's hosting more than a few hundred online. Huh? Relational databases are really good at pulling small amounts of data out of a bunch of tables using indices. I can't imagine what you mean by that being a brute force method. It's literally the primary job of a RDMS. If you were feeling really iffy about it, just make a downstream replica of your db server and have the queries run there. I'm assuming you guys have one of those anyway, unless you like fun large scale outages and rollbacks because your db server fell over.

When is Homecoming going to support character to text file exports? There's no way I can possibly convince myself to play on a server where I'm a C&D away from losing all my characters again.