Skip to content

Server Deployment Prerequisites

Complete this checklist once before following any other page in the Server Deployment section.

The Getting Started prerequisites cover the base tools (Chocolatey, Node.js, Docker Desktop, UE source build). This page adds what is specifically needed for cloud deployment: cluster tooling, Tailscale, GitLab registries, and a configured MIP Control Panel.

1 — Additional Dev Machine Tools

Make sure you have completed Getting Started → Prerequisites first — it covers Chocolatey, Node.js, Docker Desktop, UE source build, Git Bash, Python 3, and openssl.

The following are specific to server deployment:

kubectl

Required to manage your K3s cluster from your dev machine.

If you followed Installing Minikube & Agones, kubectl is already installed — just verify:

kubectl version --client

If you skipped the local dev setup and need to install it standalone:

choco install kubernetes-cli -y
kubectl version --client

Tailscale

Creates an encrypted mesh between your dev machine and all servers so kubectl can reach the K3s API privately — without opening port 6443 on a public firewall.

  1. Create a free account at login.tailscale.com/start
  2. Download and install the client from tailscale.com/download
  3. Sign in on your dev machine

You will also install and sign in Tailscale on each server during Setup Server. All machines must be in the same Tailscale account (or the same tailnet) for them to see each other.

2 — GitLab Setup

GitLab account

Create a free account at gitlab.com if you don't have one.

Container registries

You need two registries — one for UE game server images and one for backend images. GitLab provides a container registry automatically for every project at:

registry.gitlab.com/<your-username>/<your-project>/<image-name>

Create a GitLab project (or use an existing one). You will set the exact registry URLs when you run setup.sh in step 4.

Just using the backend, not modifying it?

You can pull the backend directly from the published registry. Pin a specific version for stability: registry.gitlab.com/kumobooks-public/mip-be-registry:v0.0.1 Use :latest only if you always want the newest build (may include breaking changes). You still need your own registry for UE server images — those are always your own game builds.

Personal Access Token

Required to push images to your registry from your dev machine.

  1. In GitLab go to Avatar → Edit profile → Access → Personal Access Tokens

  2. Click Generate Token → Generate legacy token:

    Field Value
    Token name e.g. registry-push
    Expiration Choose a date
    Scopes write_registry, read_registry, api

  3. Copy the token — you won't see it again

Log in from your dev machine:

docker login registry.gitlab.com
Prompt Enter
Username Your GitLab username (not email)
Password Your Personal Access Token (not your account password)

Docker stores the credentials locally so you only do this once per machine.

Push token vs K8s pull token

This token is for pushing images from your dev machine. For Kubernetes pods to pull images, you will create a separate read-only Deploy Token later in Kubernetes Pull Secret.

Troubleshooting docker login

"HTTP Basic: Access denied" — You are using the wrong credentials. Enter your GitLab username (not email) and the Personal Access Token (not your account password). Verify the token has write_registry scope.

"denied: access forbidden" — The token does not have permission for this registry. Check that the api scope is enabled and that your GitLab account has at least Developer access to the project.

3 — Cloud Server

You need at least one Ubuntu server (the K3s master). Worker nodes are optional for more game server capacity.

Requirement Value
OS Ubuntu 22.04 LTS or 24.04 LTS
CPU 2 vCPU minimum, 4 vCPU recommended
RAM 4 GB minimum, 8 GB recommended
Disk 20 GB minimum, 40 GB recommended
SSH Key-based auth (password auth disabled)
Tailscale Requiredkubectl connects to the K3s API via Tailscale IP, and the kubeconfig merge script fetches the Tailscale IP automatically

Install Tailscale on the server during initial setup — the Setup Server guide covers this.

4 — MIP Control Panel Setup

Run setup.sh once to configure all machine-specific paths and registry URLs. Full instructions are in Getting Started → MIP Control Panel, but the short version:

bash MIPScripts/setup.sh

It will ask for your workspace root, UE engine root, mip-be path, and GitLab registry URLs, then write everything into variables.txt and the env files.

Checklist

  • [ ] Getting Started prerequisites completed (includes Python 3, openssl, Git Bash, Docker)
  • [ ] kubectl version --client works
  • [ ] Tailscale account created and client installed + signed in on dev machine
  • [ ] GitLab account created
  • [ ] Container registry URLs ready (own project, or public MIP backend registry)
  • [ ] Personal Access Token created (write_registry + read_registry + api)
  • [ ] docker login registry.gitlab.com succeeded
  • [ ] Cloud server provisioned (Ubuntu 22.04+, SSH key-based auth, Tailscale installed and signed in)
  • [ ] bash MIPScripts/setup.sh completed
  • [ ] MIP Control Panel launches without errors

Next Steps

Follow the Server Deployment pages in order:

  1. Setup Server — harden Ubuntu, configure SSH, install Tailscale
  2. Production Hardening — firewall, fail2ban, unattended upgrades
  3. Install Docker — on the server that runs the backend
  4. Kubernetes Pull Secret — allow K8s pods to pull images
  5. Deploy Master Node — K3s + Agones
  6. Deploy Worker Node — add capacity for game server pods
  7. Deploy Backend — NestJS backend via Docker Compose