Runescape: A big data case study

There is money to be made in killing dragons, and not just the virtual kind. One of the best-known online games, World of Warcraft, charges its 10 million users around £9 per month for the privilege of playing. Activision Blizzard, the game’s publisher and developer, recently announced third quarter revenue of $751m (£471m).

However, some games fare very well without employing the subscription model. In fact, the world’s most popular MMORPG (massively multiplayer online role-playing game), with over 200 million registered accounts, is RuneScape.

The player-base is split across multiple servers, since no affordable system could possibly support that many players logging on simultaneously, let alone the fact that the game’s world itself would become so crowded it would make the London Underground in rush hour look empty.

 “An individual game server application supports 2,000 players at once,” says Remo Gettini, chief technology officer at Jagex, the game’s developers. “We can have a number of these on a physical server, usually somewhere between two and 11, depending on the server hardware. The exact number of concurrent players scales with the number of physical servers we have. 

“We tend to sit at around 50-60 per cent of our capacity, with room to turn on more servers if we need to, but in a normal day at peak we have hundreds of thousands of concurrent players. This number has remained fairly stable over the past few years, although the number of game servers a physical server box can support has increased as we have obtained more multiprocessor machines, so we have consolidated a bit.”

Uninterrupted uptime is incredibly important for a MMORPG. Unplanned server outages quickly result in frustrated players, even when they’re not paying for the service (though RuneScape offers some premium features for paying customers).

Although like most firms Jagex is cagey about its security and disaster recovery planning, it tells Computing that the game servers run Linux, and the firm uses information infrastructure firm EMC for its storage needs. All important data - including that relating to players and their accounts - is replicated to its disaster recovery site, as well as the developers’ office for tape backup.

Gettini explains that avoiding complexity is part of the answer the firm has found to battling security issues.

“We set up our servers to be as basic as possible and run only what is required. We do have a contractor party who carries out penetration testing on a regular basis. Most of the attacks are DoS- [denial of service-] based, which are mitigated by bandwidth and our IPS devices.”

While this policy has proved to be fairly successful up to now, he believes the government is not doing enough to protect UK IT businesses from cyber crime.

“I don’t think the government will ever do enough to promote or protect IT businesses, primarily because securing your assets, whether they be electronic, intellectual or physical, is typically perceived as the responsibility of the owner. Just like you have to lock your car when parked, or lock and alarm your home when you leave, you are also expected to secure your own IT infrastructure applications and information. Clearly education is part of any government’s mandate but this is a complex issue and perhaps even beyond their grasp anyway.”