ambiser
/
openvidu
mirror of https://github.com/OpenVidu/openvidu.git
8
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

openvidu-deployment: azure - changes to let TURN work in HA deployment

master
Piwccle 2025-06-10 11:34:57 +02:00
parent bdf4f07a28
commit d8f14c6905
2 changed files with 1 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
openvidu-deployment/pro/ha/azure/cf-openvidu-ha.bicep
View File

@ -39,12 +39,6 @@ param turnOwnPublicCertificate string = ''
@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.') @description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
param turnOwnPrivateCertificate string = '' param turnOwnPrivateCertificate string = ''
@description('Name of the PublicIPAddress resource in Azure when using TURN server with TLS')
param turnPublicIpAddressObject object = {
name: ''
id: ''
}
@description('Visit https://openvidu.io/account') @description('Visit https://openvidu.io/account')
@secure() @secure()
param openviduLicense string param openviduLicense string
@ -1888,7 +1882,6 @@ resource scaleInActivityLogRule 'Microsoft.Insights/activityLogAlerts@2020-10-01
/*------------------------------------------- NETWORK -------------------------------------------*/ /*------------------------------------------- NETWORK -------------------------------------------*/
var isEmptyIp = publicIpAddressObject.newOrExistingOrNone == 'none' var isEmptyIp = publicIpAddressObject.newOrExistingOrNone == 'none'
var turnIsEmptyIp = turnPublicIpAddressObject.newOrExistingOrNone == 'none'
var lbName = '${stackName}-loadBalancer' var lbName = '${stackName}-loadBalancer'
var lbFrontEndName = 'LoadBalancerFrontEnd' var lbFrontEndName = 'LoadBalancerFrontEnd'
var lbBackendPoolNameMasterNode = 'LoadBalancerBackEndMasterNode' var lbBackendPoolNameMasterNode = 'LoadBalancerBackEndMasterNode'
@ -1917,32 +1910,6 @@ resource publicIP_LoadBalancer_ifNew 'Microsoft.Network/publicIPAddresses@2023-1
name: publicIpAddressObject.name name: publicIpAddressObject.name
} }
var ipTURNEmpty = turnPublicIpAddressObject.newOrExistingOrNone == 'none'
resource publicIPAddressTurnTLSLoadBalancer 'Microsoft.Network/publicIPAddresses@2024-05-01' = if (ipTURNEmpty && turnTLSIsEnabled == true) {
name: '${stackName}-publicIPAddressTurnTLSLoadBalancer'
location: location
sku: {
name: 'Standard'
}
properties: {
publicIPAddressVersion: 'IPv4'
publicIPAllocationMethod: 'Static'
}
}
var ipTURNExists = turnPublicIpAddressObject.newOrExistingOrNone == 'existing'
resource publicIP_TurnTLSLoadBalancer_ifExisting 'Microsoft.Network/publicIPAddresses@2023-11-01' existing = if (ipTURNExists && turnTLSIsEnabled == true) {
name: turnPublicIpAddressObject.name
}
var ipTURNNew = turnPublicIpAddressObject.newOrExistingOrNone == 'new'
resource publicIP_TurnTLSLoadBalancer_ifNew 'Microsoft.Network/publicIPAddresses@2023-11-01' existing = if (ipTURNNew && turnTLSIsEnabled == true) {
name: turnPublicIpAddressObject.name
}
resource LoadBalancer 'Microsoft.Network/loadBalancers@2024-05-01' = { resource LoadBalancer 'Microsoft.Network/loadBalancers@2024-05-01' = {
name: lbName name: lbName
location: location location: location
@ -2058,74 +2025,6 @@ resource LoadBalancer 'Microsoft.Network/loadBalancers@2024-05-01' = {
} }
} }
var tlbName = '${stackName}-turnloadBalancer'
var tlbFrontEndName = 'TurnLoadBalancerFrontEnd'
resource TurnTLSLoadbalancer 'Microsoft.Network/loadBalancers@2024-05-01' = if (turnTLSIsEnabled == true) {
name: tlbName
location: location
sku: {
name: 'Standard'
}
properties: {
frontendIPConfigurations: [
{
name: tlbFrontEndName
properties: {
privateIPAllocationMethod: 'Dynamic'
privateIPAddressVersion: 'IPv4'
publicIPAddress: {
id: turnIsEmptyIp
? publicIPAddressTurnTLSLoadBalancer.id
: ipTURNNew ? publicIP_TurnTLSLoadBalancer_ifNew.id : publicIP_TurnTLSLoadBalancer_ifExisting.id
}
}
}
]
backendAddressPools: [
{
name: lbBackendPoolNameMasterNode
}
]
loadBalancingRules: [
{
name: 'TURNTLSRuleforMasterNode'
properties: {
frontendIPConfiguration: {
id: resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations', tlbName, tlbFrontEndName)
}
backendAddressPool: {
id: resourceId('Microsoft.Network/loadBalancers/backendAddressPools', tlbName, lbBackendPoolNameMasterNode)
}
frontendPort: 443
backendPort: 443
enableFloatingIP: false
protocol: 'Tcp'
enableTcpReset: true
loadDistribution: 'Default'
disableOutboundSnat: true
probe: {
id: resourceId('Microsoft.Network/loadBalancers/probes', tlbName, 'probeForHTTPSRuleMasterNode')
}
}
}
]
probes: [
{
name: 'probeForTURNTLSRuleMasterNode'
properties: {
protocol: 'Http'
requestPath: '/'
port: 443
probeThreshold: 3
intervalInSeconds: 10
numberOfProbes: 5
}
}
]
}
}
resource natGateway 'Microsoft.Network/natGateways@2021-05-01' = { resource natGateway 'Microsoft.Network/natGateways@2021-05-01' = {
name: '${stackName}-natGateway' name: '${stackName}-natGateway'
location: location location: location

100
openvidu-deployment/pro/ha/azure/cf-openvidu-ha.json
View File

@ -5,7 +5,7 @@
"_generator": { "_generator": {
"name": "bicep", "name": "bicep",
"version": "0.36.1.42791", "version": "0.36.1.42791",
"templateHash": "3690827899778325982" "templateHash": "3547117393656361477"
} }
}, },
"parameters": { "parameters": {
@ -81,16 +81,6 @@
"description": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified." "description": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
} }
}, },
"turnPublicIpAddressObject": {
"type": "object",
"defaultValue": {
"name": "",
"id": ""
},
"metadata": {
"description": "Name of the PublicIPAddress resource in Azure when using TURN server with TLS"
}
},
"openviduLicense": { "openviduLicense": {
"type": "securestring", "type": "securestring",
"metadata": { "metadata": {
@ -567,17 +557,11 @@
"base64delete_mediaNode_ScriptMedia": "[base64(variables('delete_mediaNode_ScriptMedia'))]", "base64delete_mediaNode_ScriptMedia": "[base64(variables('delete_mediaNode_ScriptMedia'))]",
"isEmptyAutomationAccountName": "[equals(parameters('automationAccountName'), '')]", "isEmptyAutomationAccountName": "[equals(parameters('automationAccountName'), '')]",
"isEmptyIp": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'none')]", "isEmptyIp": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'none')]",
"turnIsEmptyIp": "[equals(parameters('turnPublicIpAddressObject').newOrExistingOrNone, 'none')]",
"lbName": "[format('{0}-loadBalancer', parameters('stackName'))]", "lbName": "[format('{0}-loadBalancer', parameters('stackName'))]",
"lbFrontEndName": "LoadBalancerFrontEnd", "lbFrontEndName": "LoadBalancerFrontEnd",
"lbBackendPoolNameMasterNode": "LoadBalancerBackEndMasterNode", "lbBackendPoolNameMasterNode": "LoadBalancerBackEndMasterNode",
"ipExists": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'existing')]", "ipExists": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'existing')]",
"ipNew": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'new')]", "ipNew": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'new')]",
"ipTURNEmpty": "[equals(parameters('turnPublicIpAddressObject').newOrExistingOrNone, 'none')]",
"ipTURNExists": "[equals(parameters('turnPublicIpAddressObject').newOrExistingOrNone, 'existing')]",
"ipTURNNew": "[equals(parameters('turnPublicIpAddressObject').newOrExistingOrNone, 'new')]",
"tlbName": "[format('{0}-turnloadBalancer', parameters('stackName'))]",
"tlbFrontEndName": "TurnLoadBalancerFrontEnd",
"networkSettings": { "networkSettings": {
"vNetAddressPrefix": "10.0.0.0/16", "vNetAddressPrefix": "10.0.0.0/16",
"subnetAddressPrefixMaster1": "10.0.1.0/24", "subnetAddressPrefixMaster1": "10.0.1.0/24",
@ -1154,20 +1138,6 @@
"publicIPAllocationMethod": "Static" "publicIPAllocationMethod": "Static"
} }
}, },
{
"condition": "[and(variables('ipTURNEmpty'), equals(variables('turnTLSIsEnabled'), true()))]",
"type": "Microsoft.Network/publicIPAddresses",
"apiVersion": "2024-05-01",
"name": "[format('{0}-publicIPAddressTurnTLSLoadBalancer', parameters('stackName'))]",
"location": "[variables('location')]",
"sku": {
"name": "Standard"
},
"properties": {
"publicIPAddressVersion": "IPv4",
"publicIPAllocationMethod": "Static"
}
},
{ {
"type": "Microsoft.Network/loadBalancers", "type": "Microsoft.Network/loadBalancers",
"apiVersion": "2024-05-01", "apiVersion": "2024-05-01",
@ -1285,74 +1255,6 @@
"[resourceId('Microsoft.Network/publicIPAddresses', format('{0}-publicIPAddressLoadBalancer', parameters('stackName')))]" "[resourceId('Microsoft.Network/publicIPAddresses', format('{0}-publicIPAddressLoadBalancer', parameters('stackName')))]"
] ]
}, },
{
"condition": "[equals(variables('turnTLSIsEnabled'), true())]",
"type": "Microsoft.Network/loadBalancers",
"apiVersion": "2024-05-01",
"name": "[variables('tlbName')]",
"location": "[variables('location')]",
"sku": {
"name": "Standard"
},
"properties": {
"frontendIPConfigurations": [
{
"name": "[variables('tlbFrontEndName')]",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"privateIPAddressVersion": "IPv4",
"publicIPAddress": {
"id": "[if(variables('turnIsEmptyIp'), resourceId('Microsoft.Network/publicIPAddresses', format('{0}-publicIPAddressTurnTLSLoadBalancer', parameters('stackName'))), if(variables('ipTURNNew'), resourceId('Microsoft.Network/publicIPAddresses', parameters('turnPublicIpAddressObject').name), resourceId('Microsoft.Network/publicIPAddresses', parameters('turnPublicIpAddressObject').name)))]"
}
}
}
],
"backendAddressPools": [
{
"name": "[variables('lbBackendPoolNameMasterNode')]"
}
],
"loadBalancingRules": [
{
"name": "TURNTLSRuleforMasterNode",
"properties": {
"frontendIPConfiguration": {
"id": "[resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations', variables('tlbName'), variables('tlbFrontEndName'))]"
},
"backendAddressPool": {
"id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('tlbName'), variables('lbBackendPoolNameMasterNode'))]"
},
"frontendPort": 443,
"backendPort": 443,
"enableFloatingIP": false,
"protocol": "Tcp",
"enableTcpReset": true,
"loadDistribution": "Default",
"disableOutboundSnat": true,
"probe": {
"id": "[resourceId('Microsoft.Network/loadBalancers/probes', variables('tlbName'), 'probeForHTTPSRuleMasterNode')]"
}
}
}
],
"probes": [
{
"name": "probeForTURNTLSRuleMasterNode",
"properties": {
"protocol": "Http",
"requestPath": "/",
"port": 443,
"probeThreshold": 3,
"intervalInSeconds": 10,
"numberOfProbes": 5
}
}
]
},
"dependsOn": [
"[resourceId('Microsoft.Network/publicIPAddresses', format('{0}-publicIPAddressTurnTLSLoadBalancer', parameters('stackName')))]"
]
},
{ {
"type": "Microsoft.Network/natGateways", "type": "Microsoft.Network/natGateways",
"apiVersion": "2021-05-01", "apiVersion": "2021-05-01",