openvidu-deployment: azure - changes to let TURN work in HA deployment

2025-06-10 11:34:57 +02:00 · 2025-06-10 11:34:57 +02:00 · d8f14c6905
parent bdf4f07a28
commit d8f14c6905
2 changed files with 1 additions and 200 deletions
--- a/openvidu-deployment/pro/ha/azure/cf-openvidu-ha.bicep
+++ b/openvidu-deployment/pro/ha/azure/cf-openvidu-ha.bicep
@ -39,12 +39,6 @@ param turnOwnPublicCertificate string = ''
@description('(Optional) This setting is applicable if the certificate type is set to \'owncert\' and the TurnDomainName is specified.')
 param turnOwnPrivateCertificate string = ''

-@description('Name of the PublicIPAddress resource in Azure when using TURN server with TLS')
-param turnPublicIpAddressObject object = {
-  name: ''
-  id: ''
-}
-
@description('Visit https://openvidu.io/account')
@secure()
 param openviduLicense string
@ -1888,7 +1882,6 @@ resource scaleInActivityLogRule 'Microsoft.Insights/activityLogAlerts@2020-10-01
 /*------------------------------------------- NETWORK -------------------------------------------*/

 var isEmptyIp = publicIpAddressObject.newOrExistingOrNone == 'none'
-var turnIsEmptyIp = turnPublicIpAddressObject.newOrExistingOrNone == 'none'
 var lbName = '${stackName}-loadBalancer'
 var lbFrontEndName = 'LoadBalancerFrontEnd'
 var lbBackendPoolNameMasterNode = 'LoadBalancerBackEndMasterNode'
@ -1917,32 +1910,6 @@ resource publicIP_LoadBalancer_ifNew 'Microsoft.Network/publicIPAddresses@2023-1
  name: publicIpAddressObject.name
 }

-var ipTURNEmpty = turnPublicIpAddressObject.newOrExistingOrNone == 'none'
-
-resource publicIPAddressTurnTLSLoadBalancer 'Microsoft.Network/publicIPAddresses@2024-05-01' = if (ipTURNEmpty && turnTLSIsEnabled == true) {
-  name: '${stackName}-publicIPAddressTurnTLSLoadBalancer'
-  location: location
-  sku: {
-    name: 'Standard'
-  }
-  properties: {
-    publicIPAddressVersion: 'IPv4'
-    publicIPAllocationMethod: 'Static'
-  }
-}
-
-var ipTURNExists = turnPublicIpAddressObject.newOrExistingOrNone == 'existing'
-
-resource publicIP_TurnTLSLoadBalancer_ifExisting 'Microsoft.Network/publicIPAddresses@2023-11-01' existing = if (ipTURNExists && turnTLSIsEnabled == true) {
-  name: turnPublicIpAddressObject.name
-}
-
-var ipTURNNew = turnPublicIpAddressObject.newOrExistingOrNone == 'new'
-
-resource publicIP_TurnTLSLoadBalancer_ifNew 'Microsoft.Network/publicIPAddresses@2023-11-01' existing = if (ipTURNNew && turnTLSIsEnabled == true) {
-  name: turnPublicIpAddressObject.name
-}
-
 resource LoadBalancer 'Microsoft.Network/loadBalancers@2024-05-01' = {
  name: lbName
  location: location
@ -2058,74 +2025,6 @@ resource LoadBalancer 'Microsoft.Network/loadBalancers@2024-05-01' = {
  }
 }

-var tlbName = '${stackName}-turnloadBalancer'
-var tlbFrontEndName = 'TurnLoadBalancerFrontEnd'
-
-resource TurnTLSLoadbalancer 'Microsoft.Network/loadBalancers@2024-05-01' = if (turnTLSIsEnabled == true) {
-  name: tlbName
-  location: location
-  sku: {
-    name: 'Standard'
-  }
-  properties: {
-    frontendIPConfigurations: [
-      {
-        name: tlbFrontEndName
-        properties: {
-          privateIPAllocationMethod: 'Dynamic'
-          privateIPAddressVersion: 'IPv4'
-          publicIPAddress: {
-            id: turnIsEmptyIp
-              ? publicIPAddressTurnTLSLoadBalancer.id
-              : ipTURNNew ? publicIP_TurnTLSLoadBalancer_ifNew.id : publicIP_TurnTLSLoadBalancer_ifExisting.id
-          }
-        }
-      }
-    ]
-    backendAddressPools: [
-      {
-        name: lbBackendPoolNameMasterNode
-      }
-    ]
-    loadBalancingRules: [
-      {
-        name: 'TURNTLSRuleforMasterNode'
-        properties: {
-          frontendIPConfiguration: {
-            id: resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations', tlbName, tlbFrontEndName)
-          }
-          backendAddressPool: {
-            id: resourceId('Microsoft.Network/loadBalancers/backendAddressPools', tlbName, lbBackendPoolNameMasterNode)
-          }
-          frontendPort: 443
-          backendPort: 443
-          enableFloatingIP: false
-          protocol: 'Tcp'
-          enableTcpReset: true
-          loadDistribution: 'Default'
-          disableOutboundSnat: true
-          probe: {
-            id: resourceId('Microsoft.Network/loadBalancers/probes', tlbName, 'probeForHTTPSRuleMasterNode')
-          }
-        }
-      }
-    ]
-    probes: [
-      {
-        name: 'probeForTURNTLSRuleMasterNode'
-        properties: {
-          protocol: 'Http'
-          requestPath: '/'
-          port: 443
-          probeThreshold: 3
-          intervalInSeconds: 10
-          numberOfProbes: 5
-        }
-      }
-    ]
-  }
-}
-
 resource natGateway 'Microsoft.Network/natGateways@2021-05-01' = {
  name: '${stackName}-natGateway'
  location: location
--- a/openvidu-deployment/pro/ha/azure/cf-openvidu-ha.json
+++ b/openvidu-deployment/pro/ha/azure/cf-openvidu-ha.json
@ -5,7 +5,7 @@
    "_generator": {
      "name": "bicep",
      "version": "0.36.1.42791",
-      "templateHash": "3690827899778325982"
+      "templateHash": "3547117393656361477"
    }
  },
  "parameters": {
@ -81,16 +81,6 @@
        "description": "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
      }
    },
-    "turnPublicIpAddressObject": {
-      "type": "object",
-      "defaultValue": {
-        "name": "",
-        "id": ""
-      },
-      "metadata": {
-        "description": "Name of the PublicIPAddress resource in Azure when using TURN server with TLS"
-      }
-    },
    "openviduLicense": {
      "type": "securestring",
      "metadata": {
@ -567,17 +557,11 @@
    "base64delete_mediaNode_ScriptMedia": "[base64(variables('delete_mediaNode_ScriptMedia'))]",
    "isEmptyAutomationAccountName": "[equals(parameters('automationAccountName'), '')]",
    "isEmptyIp": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'none')]",
-    "turnIsEmptyIp": "[equals(parameters('turnPublicIpAddressObject').newOrExistingOrNone, 'none')]",
    "lbName": "[format('{0}-loadBalancer', parameters('stackName'))]",
    "lbFrontEndName": "LoadBalancerFrontEnd",
    "lbBackendPoolNameMasterNode": "LoadBalancerBackEndMasterNode",
    "ipExists": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'existing')]",
    "ipNew": "[equals(parameters('publicIpAddressObject').newOrExistingOrNone, 'new')]",
-    "ipTURNEmpty": "[equals(parameters('turnPublicIpAddressObject').newOrExistingOrNone, 'none')]",
-    "ipTURNExists": "[equals(parameters('turnPublicIpAddressObject').newOrExistingOrNone, 'existing')]",
-    "ipTURNNew": "[equals(parameters('turnPublicIpAddressObject').newOrExistingOrNone, 'new')]",
-    "tlbName": "[format('{0}-turnloadBalancer', parameters('stackName'))]",
-    "tlbFrontEndName": "TurnLoadBalancerFrontEnd",
    "networkSettings": {
      "vNetAddressPrefix": "10.0.0.0/16",
      "subnetAddressPrefixMaster1": "10.0.1.0/24",
@ -1154,20 +1138,6 @@
        "publicIPAllocationMethod": "Static"
      }
    },
-    {
-      "condition": "[and(variables('ipTURNEmpty'), equals(variables('turnTLSIsEnabled'), true()))]",
-      "type": "Microsoft.Network/publicIPAddresses",
-      "apiVersion": "2024-05-01",
-      "name": "[format('{0}-publicIPAddressTurnTLSLoadBalancer', parameters('stackName'))]",
-      "location": "[variables('location')]",
-      "sku": {
-        "name": "Standard"
-      },
-      "properties": {
-        "publicIPAddressVersion": "IPv4",
-        "publicIPAllocationMethod": "Static"
-      }
-    },
    {
      "type": "Microsoft.Network/loadBalancers",
      "apiVersion": "2024-05-01",
@ -1285,74 +1255,6 @@
        "[resourceId('Microsoft.Network/publicIPAddresses', format('{0}-publicIPAddressLoadBalancer', parameters('stackName')))]"
      ]
    },
-    {
-      "condition": "[equals(variables('turnTLSIsEnabled'), true())]",
-      "type": "Microsoft.Network/loadBalancers",
-      "apiVersion": "2024-05-01",
-      "name": "[variables('tlbName')]",
-      "location": "[variables('location')]",
-      "sku": {
-        "name": "Standard"
-      },
-      "properties": {
-        "frontendIPConfigurations": [
-          {
-            "name": "[variables('tlbFrontEndName')]",
-            "properties": {
-              "privateIPAllocationMethod": "Dynamic",
-              "privateIPAddressVersion": "IPv4",
-              "publicIPAddress": {
-                "id": "[if(variables('turnIsEmptyIp'), resourceId('Microsoft.Network/publicIPAddresses', format('{0}-publicIPAddressTurnTLSLoadBalancer', parameters('stackName'))), if(variables('ipTURNNew'), resourceId('Microsoft.Network/publicIPAddresses', parameters('turnPublicIpAddressObject').name), resourceId('Microsoft.Network/publicIPAddresses', parameters('turnPublicIpAddressObject').name)))]"
-              }
-            }
-          }
-        ],
-        "backendAddressPools": [
-          {
-            "name": "[variables('lbBackendPoolNameMasterNode')]"
-          }
-        ],
-        "loadBalancingRules": [
-          {
-            "name": "TURNTLSRuleforMasterNode",
-            "properties": {
-              "frontendIPConfiguration": {
-                "id": "[resourceId('Microsoft.Network/loadBalancers/frontendIPConfigurations', variables('tlbName'), variables('tlbFrontEndName'))]"
-              },
-              "backendAddressPool": {
-                "id": "[resourceId('Microsoft.Network/loadBalancers/backendAddressPools', variables('tlbName'), variables('lbBackendPoolNameMasterNode'))]"
-              },
-              "frontendPort": 443,
-              "backendPort": 443,
-              "enableFloatingIP": false,
-              "protocol": "Tcp",
-              "enableTcpReset": true,
-              "loadDistribution": "Default",
-              "disableOutboundSnat": true,
-              "probe": {
-                "id": "[resourceId('Microsoft.Network/loadBalancers/probes', variables('tlbName'), 'probeForHTTPSRuleMasterNode')]"
-              }
-            }
-          }
-        ],
-        "probes": [
-          {
-            "name": "probeForTURNTLSRuleMasterNode",
-            "properties": {
-              "protocol": "Http",
-              "requestPath": "/",
-              "port": 443,
-              "probeThreshold": 3,
-              "intervalInSeconds": 10,
-              "numberOfProbes": 5
-            }
-          }
-        ]
-      },
-      "dependsOn": [
-        "[resourceId('Microsoft.Network/publicIPAddresses', format('{0}-publicIPAddressTurnTLSLoadBalancer', parameters('stackName')))]"
-      ]
-    },
    {
      "type": "Microsoft.Network/natGateways",
      "apiVersion": "2021-05-01",