ambiser
/
openvidu
mirror of https://github.com/OpenVidu/openvidu.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

deployment: Update coturn to 4.5.2 and use official docker image

pull/623/head
cruizba 2021-05-06 13:00:51 +02:00
parent e5b4c725be
commit a8174b45a9
10 changed files with 180 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
openvidu-server/deployments/ce/docker-compose/docker-compose.yml
View File

@ -75,17 +75,22 @@ services:
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
coturn:
image: openvidu/openvidu-coturn:3.0.0
image: openvidu/openvidu-coturn:4.0.0-dev1
restart: on-failure
network_mode: host
environment:
environment:
- REDIS_IP=127.0.0.1
- TURN_LISTEN_PORT=3478
- DB_NAME=0
- DB_PASSWORD=${OPENVIDU_SECRET}
- MIN_PORT=57001
- MAX_PORT=65535
- ENABLE_COTURN_LOGS=true
command:
- --log-file=stdout
- --listening-port=3478
- --fingerprint
- --lt-cred-mech
- --min-port=57001
- --max-port=65535
- --realm=openvidu
- --verbose
logging:
options:
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"

19
openvidu-server/deployments/pro/docker-compose/aws-asg-openvidu-server-pro/docker-compose.yml
View File

@ -85,18 +85,23 @@ services:
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
coturn:
image: openvidu/openvidu-coturn:3.0.0
image: openvidu/openvidu-coturn:4.0.0-dev1
restart: on-failure
network_mode: host
environment:
environment:
- REDIS_IP=127.0.0.1
- TURN_LISTEN_PORT=3478
- DB_NAME=0
- DB_PASSWORD=${OPENVIDU_SECRET}
- MIN_PORT=40000
- MAX_PORT=65535
- TURN_PUBLIC_IP=${TURN_PUBLIC_IP:-auto-ipv4}
- ENABLE_COTURN_LOGS=true
command:
- --log-file=stdout
- --external-ip=$$(detect-external-ip)
- --listening-port=3478
- --fingerprint
- --lt-cred-mech
- --min-port=40000
- --max-port=65535
- --realm=openvidu
- --verbose
logging:
options:
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"

19
openvidu-server/deployments/pro/docker-compose/openvidu-server-pro/docker-compose.yml
View File

@ -62,18 +62,23 @@ services:
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"
coturn:
image: openvidu/openvidu-coturn:3.0.0
image: openvidu/openvidu-coturn:4.0.0-dev1
restart: on-failure
network_mode: host
environment:
environment:
- REDIS_IP=127.0.0.1
- TURN_LISTEN_PORT=3478
- DB_NAME=0
- DB_PASSWORD=${OPENVIDU_SECRET}
- MIN_PORT=40000
- MAX_PORT=65535
- TURN_PUBLIC_IP=${TURN_PUBLIC_IP:-auto-ipv4}
- ENABLE_COTURN_LOGS=true
command:
- --log-file=stdout
- --external-ip=$$(detect-external-ip)
- --listening-port=3478
- --fingerprint
- --lt-cred-mech
- --min-port=40000
- --max-port=65535
- --realm=openvidu
- --verbose
logging:
options:
max-size: "${DOCKER_LOGS_MAX_SIZE:-100M}"

23
openvidu-server/docker/openvidu-coturn/Dockerfile
View File

@ -1,14 +1,17 @@
FROM ubuntu:16.04
FROM coturn/coturn:4.5.2-alpine
RUN apt-get update \
&& apt-get install -y coturn curl dnsutils
USER root
COPY ./configuration-files.sh /tmp/
COPY ./entrypoint.sh /usr/local/bin
COPY ./discover_my_public_ip.sh /usr/local/bin
RUN apk add --no-cache bind-tools
RUN chmod +x /tmp/configuration-files.sh \
&& chmod +x /usr/local/bin/entrypoint.sh \
&& chmod +x /usr/local/bin/discover_my_public_ip.sh
# Override detect-external-ip.sh script
COPY ./detect-external-ip.sh /usr/local/bin/detect-external-ip.sh
COPY ./docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]
RUN chmod +x /usr/local/bin/detect-external-ip.sh /usr/local/bin/docker-entrypoint.sh && \
chown -R nobody:nogroup /var/lib/coturn/ && \
touch /turnserver.conf && chown nobody:nogroup /turnserver.conf
USER nobody:nogroup
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["--log-file=stdout", "--external-ip=$(detect-external-ip)"]

44
openvidu-server/docker/openvidu-coturn/README.md
View File

@ -1,42 +1,4 @@
# Coturn OpenVidu
# OpenVidu Coturn
This is a docker image to launch a coturn server. Environment variables can be defined to modify the files `/etc/default/coturn` and `cat>/etc/turnserver.conf`.
## Environment variables
### Turn configuration
- TURN_PUBLIC_IP: Public ip where coturn will be placed. If this environment variable is not setted, it will get the ip returned by `curl ifconfig.co`.
- TURN_LISTEN_PORT: Port where turn will be listening.
### Turn credentials
- REDIS_IP: Redis where credentials are stored
- DB_NAME: Name of the database in redis
- DB_PASSWORD: Password of the redis database
# Execution example
Actual version of OpenVidu need to be located in the same node because tokens sends the url for turn/stun connections with the host url.
## Execute turn locally next to the redis database
You need to have a redis database running:
```
docker run --rm --name some-redis -d -p 6379:6379 redis
```
Get the ip of the container and after that, run coturn, you can use url as ip too, in this example I am running coturn with nip.io:
```
docker run -it -e REDIS_IP=172.17.0.2 -e DB_NAME=0 -e DB_PASSWORD=turn -e MIN_PORT=40000 -e MAX_PORT=65535 -e TURN_PUBLIC_IP=auto -e TURN_LISTEN_PORT=3478 --network=host openvidu/openvidu-coturn
```
## Execute turn locally with fixed username and password
```
docker run -it -e TURN_PUBLIC_IP=auto -e TURN_USERNAME_PASSWORD=<USER>:<PASSWORD> -e MIN_PORT=40000 -e MAX_PORT=65535 -e TURN_LISTEN_PORT=3478 --network=host openvidu/openvidu-coturn
```
# Kubernetes
TODO
This is a minor modification from the official [coturn/coturn](https://hub.docker.com/r/coturn/coturn) image.
It just replace the `detect-external-ip.sh` with a custom one to use DNS to resolve getting the public IP.

31
openvidu-server/docker/openvidu-coturn/configuration-files.sh
View File

@ -1,31 +0,0 @@
#!/bin/bash
# Enable turn
cat>/etc/default/coturn<<EOF
TURNSERVER_ENABLED=1
EOF
# Turn server configuration
cat>/etc/turnserver.conf<<EOF
listening-port=${TURN_LISTEN_PORT}
fingerprint
lt-cred-mech
max-port=${MAX_PORT:-65535}
min-port=${MIN_PORT:-40000}
simple-log
pidfile="/var/run/turnserver.pid"
realm=openvidu
verbose
EOF
if [[ ! -z "${TURN_PUBLIC_IP}" ]]; then
echo "external-ip=${TURN_PUBLIC_IP}" >> /etc/turnserver.conf
fi
if [[ ! -z "${REDIS_IP}" ]] && [[ ! -z "${DB_NAME}" ]] && [[ ! -z "${DB_PASSWORD}" ]]; then
echo "redis-userdb=\"ip=${REDIS_IP} dbname=${DB_NAME} password=${DB_PASSWORD} connect_timeout=30\"" >> /etc/turnserver.conf
fi
if [[ ! -z "${TURN_USERNAME_PASSWORD}" ]]; then
echo "user=${TURN_USERNAME_PASSWORD}" >> /etc/turnserver.conf
fi

8
openvidu-server/docker/openvidu-coturn/create_image.sh
View File

@ -1,10 +1,8 @@
#!/bin/bash
VERSION=$1
if [[ ! -z $VERSION ]]; then
cp ../utils/discover_my_public_ip.sh ./discover_my_public_ip.sh
docker build --rm -t openvidu/openvidu-coturn:$VERSION .
rm ./discover_my_public_ip.sh
else
echo "Error: You need to specify a version as first argument"
fi
fi

115
openvidu-server/docker/openvidu-coturn/detect-external-ip.sh Normal file
View File

@ -0,0 +1,115 @@
#!/usr/bin/env sh
# shellcheck shell=dash
#/ Use DNS to find out about the external IP of the running system.
#/
#/ This script is useful when running from a machine that sits behind a NAT.
#/ Due to how NAT works, machines behind it belong to an internal or private
#/ subnet, with a different address space than the external or public side.
#/
#/ Typically it is possible to make an HTTP request to a number of providers
#/ that offer the external IP in their response body (eg: ifconfig.me). However,
#/ why do a slow and heavy HTTP request, when DNS exists and is much faster?
#/ Well established providers such as OpenDNS or Google offer special hostnames
#/ that, when resolved, will actually return the IP address of the caller.
#/
#/ https://unix.stackexchange.com/questions/22615/how-can-i-get-my-external-ip-address-in-a-shell-script/81699#81699
#/
#/
#/ Arguments
#/ ---------
#/
#/ --ipv4
#/
#/ Find the external IPv4 address.
#/ Optional. Default: Enabled.
#/
#/ --ipv6
#/
#/ Find the external IPv6 address.
#/ Optional. Default: Disabled.
# Shell setup
# ===========
# Shell options for strict error checking.
for OPTION in errexit errtrace pipefail nounset; do
set -o | grep -wq "$OPTION" && set -o "$OPTION"
done
# Trace all commands (to stderr).
#set -o xtrace
# Shortcut: REAL_EXTERNAL_IP
# ==========================
if [ -n "${REAL_EXTERNAL_IP:-}" ]; then
echo "$REAL_EXTERNAL_IP"
exit 0
fi
# Parse call arguments
# ====================
CFG_IPV4="true"
while [ $# -gt 0 ]; do
case "${1-}" in
--ipv4) CFG_IPV4="true" ;;
--ipv6) CFG_IPV4="false" ;;
*)
echo "Invalid argument: '${1-}'" >&2
exit 1
;;
esac
shift
done
# Discover the external IP address
# ================================
if [ "$CFG_IPV4" = "true" ]; then
COMMANDS='dig @resolver1.opendns.com myip.opendns.com A -4 +short
dig @ns1.google.com o-o.myaddr.l.google.com TXT -4 +short | tr -d \"
dig @1.1.1.1 whoami.cloudflare TXT CH -4 +short | tr -d \"
dig @ns1-1.akamaitech.net whoami.akamai.net A -4 +short'
is_valid_ip() {
# Check if the input looks like an IPv4 address.
# Doesn't check if the actual values are valid; assumes they are.
echo "$1" | grep -Eq '^([0-9]{1,3}\.){3}[0-9]{1,3}$'
}
else
COMMANDS='dig @resolver1.opendns.com myip.opendns.com AAAA -6 +short
dig @ns1.google.com o-o.myaddr.l.google.com TXT -6 +short | tr -d \"
dig @2606:4700:4700::1111 whoami.cloudflare TXT CH -6 +short | tr -d \"'
is_valid_ip() {
# Check if the input looks like an IPv6 address.
# It's almost impossible to check the IPv6 representation because it
# varies wildly, so just check that there are at least 2 colons.
[ "$(echo "$1" | awk -F':' '{print NF-1}')" -ge 2 ]
}
fi
echo "$COMMANDS" | while read -r COMMAND; do
if IP="$(eval "$COMMAND")" && is_valid_ip "$IP"; then
echo "$IP"
exit 100 # Exits the pipe subshell.
fi
done
if [ $? -eq 100 ]; then
exit 0
else
echo "[$0] All providers failed" >&2
exit 1
fi

11
openvidu-server/docker/openvidu-coturn/docker-entrypoint.sh Normal file
View File

@ -0,0 +1,11 @@
#!/bin/sh
if [ ! -z "${REDIS_IP}" ] && [ ! -z "${DB_NAME}" ] && [ ! -z "${DB_PASSWORD}" ]; then
echo "redis-userdb=\"ip=${REDIS_IP} dbname=${DB_NAME} password=${DB_PASSWORD} connect_timeout=30\"" >> turnserver.conf
fi
# If command starts with an option, prepend with turnserver binary.
if [ "${1:0:1}" == '-' ]; then
set -- turnserver "$@"
fi
exec $(eval "echo $@")

31
openvidu-server/docker/openvidu-coturn/entrypoint.sh
View File

@ -1,31 +0,0 @@
#!/bin/bash
# Set debug mode
DEBUG=${DEBUG:-false}
[ "$DEBUG" == "true" ] && set -x
#Check parameters
[[ "${TURN_PUBLIC_IP}" == "auto-ipv4" ]] && export TURN_PUBLIC_IP=$(/usr/local/bin/discover_my_public_ip.sh)
[[ "${TURN_PUBLIC_IP}" == "auto-ipv6" ]] && export TURN_PUBLIC_IP=$(/usr/local/bin/discover_my_public_ip.sh --ipv6)
[[ -z "${ENABLE_COTURN_LOGS}" ]] && export ENABLE_COTURN_LOGS=true
echo "TURN public IP: ${TURN_PUBLIC_IP:-"empty"}"
[[ ! -z "${TURN_LISTEN_PORT}" ]] && echo "TURN listening port: ${TURN_LISTEN_PORT}" ||
{ echo "TURN_LISTEN_PORT environment variable is not defined"; exit 1; }
[[ ! -z "${MIN_PORT}" ]] && echo "Defined min port coturn: ${MIN_PORT}" || echo "Min port coturn: 40000"
[[ ! -z "${MAX_PORT}" ]] && echo "Defined max port coturn: ${MAX_PORT}" || echo "Max port coturn: 65535"
# Load configuration files of coturn
source /tmp/configuration-files.sh
# Remove temp file with configuration parameters
rm /tmp/configuration-files.sh
if [[ "${ENABLE_COTURN_LOGS}" == "true" ]]; then
/usr/bin/turnserver -c /etc/turnserver.conf -v --log-file /dev/null
else
/usr/bin/turnserver -c /etc/turnserver.conf -v --log-file /dev/null --no-stdout-log
fi