Hi!
So I can tell you how we do it in Agones, which is built to do this very thing!
I’ll copy paste from our FAQ:
How is traffic routed from the allocated Port to the GameServer container?
Traffic is routed to the GameServer Container utilising thehostPortfield on a Pod’s Container specification.This opens a port on the host Node and routes traffic to the container via iptables or ipvs, depending on host provider and/or network overlay.
In worst case scenarios this routing can add an extra 0.5ms latency to UDP packets, but that is extremely rare.
We do this, since you really can’t use a LoadBalancer to route UDP packets to a specific game server instance, and you don’t want or need the hop (most of the time) – it’s much better to go directly to the node.
As part of the Agones project we allow you to retrieve the IP and port(s) that are exposed through information on our GameServer CRD - which is backed by the Node IP, and the port(s) assigned to the Pod through Agones’ port management system.
Also, creating an external Service per Game Server is just not going to scale - and could be very expensive!
It does mean you need nodes with public IPs, and also a corresponding firewall rule to allow the traffic in.
You could also do this with a hostNetwok, but we decided against it (to also c/p from our FAQ):
Why did you use hostPort and not hostNetwork for your networking?
The decision was made not to usehostNetwork, as the benefits of having isolated network namespaces between game server processes give us the ability to run sidecar containers, and provides an extra layer of security to each game server process.
Now if you really want to use a LB (and maybe you do!) for UDP traffic, you might also want to look at Quilkin - a UDP proxy for game server traffic, that can route based on packet contents. For TCP traffic, depending on the type of TCP traffic you are doing (assuming websockets/http/gRPC?), there is likely a proxy you could also use similarly to route traffic based on some kind of header.