damencho
commented
3 hours ago Have you allowed the udp 10000 port from jvb public address to the internal one?
Closed Tring-Bhavesh closed 1 hour ago
damencho
commented
3 hours ago Have you allowed the udp 10000 port from jvb public address to the internal one?
Tring-Bhavesh
commented
3 hours ago Yes, I have opened all ports and IPs. My server is open to all for testing purposes. MY ALB's SG and ECS share the same Security Group which to open to the public for all ports and IPs
damencho
commented
3 hours ago Does the ALB support udp at all as it seems it is fronting your deployment?
aaronkvanmeerten
commented
3 hours ago Unless you have explicitly assigned a JVB to run on an ECS node with a public IP address, or configured an NLB with UDP port 10000 forwarded to the JVB, you won't get any media. Media doesn't flow through the same path as the ALB, so a different solution needs to be used.
aaronkvanmeerten
commented
3 hours ago Does the ALB support udp at all as it seems it is fronting your deployment?
No, ALB only supports HTTP(s) over TCP, no UDP at all.
Tring-Bhavesh
commented
3 hours ago If so, how come two users are able to share the video and audio and not the third one?
Also, I followed the docker-compose setup from your docs directly in EC2 and had an ALB in front of that which is working perfectly. How come this is possible with ALB and ECS is not possible with ALB? I configured the PUBLIC_URL to have the domain name configured on my ALB
damencho
commented
3 hours ago They communicate directly. Your problem is the ALB that it blocks Access to the jvb media port.
Tring-Bhavesh
commented
2 hours ago Let me make this clear.
Working Setup: EC2 + ALB
Not Working Setup: ECS + ALB
aaronkvanmeerten
commented
2 hours ago EC2 + ALB means EC2 instances likely had public IP addresses assigned (elastic IPs). Then with port 10000 UDP open, all will work as expected. Web traffic will come in on the ALB to the nginx containers, the users will negotiate for their WebRTC connection details, which will include the IP of the JVBs on the EC2 instances.
In the ECS world, none of the containers will have their ports mapped to public addresses so the traffic will not flow the JVB.
In both cases, for 2 users we use peer-to-peer for media, which means none of your traffic is going through the JVB but instead goes direclty browser to browser.
Tring-Bhavesh
commented
2 hours ago ok, if so how can I configure ECS? I have hosted my ECS Ec2 instance in my public subnet, so when I use the Public IP:8443, can able to see the Jitsi meet. I have configured dynamic port mapping something like this
"portMappings": [
{
"name": "web-80-tcp",
"containerPort": 80,
"hostPort": 0,
"protocol": "tcp"
},
{
"name": "web-443-tcp",
"containerPort": 443,
"hostPort": 0,
"protocol": "tcp"
}
],I do not know exactly how to configure it via ECS as I have never done it before. However, I believe you will need to use an NLB instead of (or in addition to) an ALB.
Tring-Bhavesh
commented
1 hour ago Ok, let me try with NLB. Can I configure NLB with 443 and give the domain mapped with NLB in the PUBLIC_URL and try? What should be the listener? and what should the port be on the target group? can you help me with this?
NLB Configuration
TG Configuration
aaronkvanmeerten
commented
1 hour ago This has gone way past a github issue and belongs on https://community.jitsi.org/ instead. I do not have any specifics to offer around NLB configuration w.r.t. ECS as I'm not familiar with ECS. However, I do know you'll want to map port 10000 to the JVB container port 10000, and then set the JVB_ADVERTISE_IPS to the NLB IP address.
I am closing this and hoping you will open a community issue if you need further guidance on this.
We hosted Jitsi in AWS ECS with ALB with HTTPS Listener. Audio and video work when two users join, but audio and video do not work when the third user joins.