Adding videobridges
Follow Jitsi Load balancing guide and the video https://youtu.be/LyGV4uW8km8
This has been deployed on several machines, see #42 (closed) . Bare metal preferred.
Prepare server
rename server to bridgeN in /etc/hosts
and /etc/hostname
and reboot
apply ansible playbook hardening.yml
(in /etc/ansible
). May
require: python apt-get install python-apt
orln --symbolic /usr/bin/python3 /usr/bin/python
Change /ansible/hosts
and test first with ansible all -m ping
from your laptop. Then run with ansible-playbook playbook.yml
After that check SSH port an do a sshd -t
after running the script so you do not lock yourself out! You better add missing keys:
/usr/bin/ssh-keygen -A
or do each manually:
ssh-keygen -b 1024 -t rsa -f /etc/ssh/ssh_host_key
ssh-keygen -b 1024 -t rsa -f /etc/ssh/ssh_host_rsa_key
ssh-keygen -b 1024 -t dsa -f /etc/ssh/ssh_host_dsa_key
Add host name and repo as in this guide first steps https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md#basic-jitsi-meet-install
Option 1: Jitsi stable release
Now works with default Java 11. Install Java 8 from other repo #50 (comment 21586)
echo 'deb https://download.jitsi.org stable/' >> /etc/apt/sources.list.d/jitsi-stable.list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
apt update
apt install jitsi-videobridge2
Option 2: Jitsi unstable repo
Has newer version of videobridge, which is considered stable and which should work fine with Java 11 (default in buster).
echo 'deb https://download.jitsi.org unstable/' >> /etc/apt/sources.list.d/jitsi-unstable.list
wget -qO - https://download.jitsi.org/jitsi-key.gpg.key | apt-key add -
apt update
apt-get install jitsi-videobridge2
configure the new bridge as MUC
From here the video explains installing only videobridge on VM: https://youtu.be/LyGV4uW8km8?t=879 (component version)
enable MUC in /etc/jitsi/videobridge/sip-communicator.properties
# MUC variant
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=meet.fairkom.net
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.meet.fairkom.net
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=xxxyyy
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.meet.fairkom.net
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=4234327b-26a6-4c78-bc6e-cecd7588bc45
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
org.jitsi.videobridge.ENABLE_REST_SHUTDOWN=true
org.jitsi.videobridge.shutdown.ALLOWED_SOURCE_REGEXP=127.0.0.1
not used parameters in jvb2 (was component until May 3 2020 on OVH server)
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=turn.fairkom.net:443,meet-jit-si-turnrelay.jitsi.net:443
org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=focus@auth.fairmeeting.net/.*
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc,colibri,pubsub
org.jitsi.videobridge.PUBSUB_SERVICE=fairmeeting.net
org.jitsi.videobridge.PUBSUB_NODE=sharedStatsNode
org.jitsi.videobridge.STATISTICS_INTERVAL=5000
# org.ice4j.ice.harvest.ALLOWED_ADDRESSES=144.76.116.175
org.jitsi.videobridge.ENABLE_REST_SHUTDOWN=true
define in /etc/jitsi/videobridge/config
JVB_HOSTNAME=meet.fairkom.net
JVB_HOST=meet.fairkom.net
JVB_SECRET=secret
# extra options to pass to the JVB daemon
JVB_OPTS="--apis=,"
do some kernel performance tweaking
In /etc/systemd/system.conf
add
# jitsi performance
DefaultLimitNOFILE=65000
DefaultLimitNPROC=65000
DefaultTasksMax=65000
increase the TCP and UDP receive buffer size
check default settings first with sysctl -a | grep mem
append in /etc/sysctl.conf
# increase Linux TCP buffer limits
net.core.rmem_max = 10485760
net.core.wmem_max = 10485760
net.core.netdev_max_backlog=100000
# increase Linux autotuning TCP buffer limits
# min, default, and max number of bytes to use
net.ipv4.tcp_mem = 382401 509869 764802
net.ipv4.tcp_rmem = 4096 131072 6291456
net.ipv4.tcp_wmem = 4096 16384 4194304
# increase Linux autotuning UDP buffer limits
net.ipv4.udp_mem = 764178 1018904 1528356
load with sysctl -p
Assign more memory to videobridges
In /usr/share/jitsi-videobridge/lib/videobridge.rc
VIDEOBRIDGE_MAX_MEMORY=8192m
on fairmeeting main server
Let bridges communicate with MUC #55 (closed)
Previously we had to enter a bridge as component with its secret in /etc/prosody/conf.avail/fairmeeting.net.cfg.lua
Component "jvb-HOSTINGPARTNER-0.fairmeeting.net"
component_secret = "secret"
and then do
service prosody restart
service jitsi-videobridge restart
For statistics, check /var/log/jitsi/jicofo.log like https://youtu.be/LyGV4uW8km8?t=1269 for messages like Video stream count for: