How to Configure OCTO in Jitsi-Meet

Written by: Bagus Facsi Aginsa
Published at: 17 May 2020


This is tutorial to configure octo feature on jitsi. Octo is a feature from jitsi that can load balance the media router by cascading them, hence reducing load in media router and increasing the number of participant in 1 room.

Prerequisite

  1. jitsi-meet installed
  2. jitsi-videobridge2 installed if you want to see how to install both of them, you can chack this tutorial: How to Install Jitsi Meet with Multi Server Configuration

Concept

The concept of the octo is user connect to the nearest JVB which is defined by region on the client and videobridge. This is also valid if we use octo just for splitting jvb load. In this tutorial, we will configure octo for splitting jvb load only. To simulate this, we need a topology like this (this is just an example):

   ________________                                                       ___________________
  | jitsi-meet-web |                                                     | jitsi-videobridge |
  |    region1     |-------         __________________          ---------|      region1      |
  |________________|       |       |                  |        |         |___________________|
                           |-------| jicofo + Prosody |--------|
   ________________        |       |__________________|        |          ___________________
  | jitsi-meet-web |       |                                   |         | jitsi-videobridge |
  |    region2     |-------                                     ---------|      region2      |
  |________________|                                                     |___________________|

On this tutorial, Jitsi-meet-web region1, Jitsi-meet-web region2, Jicofo, and Prosody will be on the same VM.

Sudo Privileges

Before start we make sure that we will have no permission issue on the installation.

sudo su

JVB Configuration

Add these statement on etc/jitsi/videobridge/sip-communicator.properties

org.jitsi.videobridge.octo.BIND_ADDRESS=<your.private.ip>
org.jitsi.videobridge.octo.PUBLIC_ADDRESS=<your.public.ip>
org.jitsi.videobridge.octo.BIND_PORT=4096
org.jitsi.videobridge.REGION=<region>

if you don’t use NAT, you can fill BIND_ADDRESS and PUBLIC_ADDRESS with your public ip. Port can be configured as you wish, just make sure no firewall blocking the UDP Packet on that port. For the region, you can state different region on JVB as you need. for example: on jvb 1

org.jitsi.videobridge.REGION=region1

on jvb 2

org.jitsi.videobridge.REGION=region2

restart your jvb

systemctl restart jitsi-videobridge2

make sure your jvb is listen on port 4096/udp

netstat -ntplu | grep 4096

Jicofo Configuration

Add this statement in /etc/jitsi/jicofo/sip-communicator.properties

org.jitsi.jicofo.BridgeSelector.BRIDGE_SELECTION_STRATEGY=RegionBasedBridgeSelectionStrategy

NGINX Configuration

Create Load Balancer

Create nginx’s site configuration on your main server (that already have jitsi-meet installed)

nano /etc/nginx/sites-available/loadbalance

Copy Paste and Adjust this config to your need

upstream portal {
        least_conn;
        server  localhost:8443;
        server  localhost:8444;
}

server {
        listen 443 ssl;
        server_name <your.domain.com>;

        ssl_protocols TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:
EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";
        add_header Strict-Transport-Security "max-age=31536000";

        ssl_certificate /path/to/cert.crt;
        ssl_certificate_key /path/to/key.key;

        location / {
                proxy_set_header Host $host;
                proxy_pass https://portal;
        }

        location = /xmpp-websocket {
                proxy_pass http://<your.domain.com>:5280;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_set_header Host $host;
                tcp_nodelay on;
        }
}

load balance method on the upstream can be adjust to your need. location = /xmpp-websocket is needed if the prosody is using websocket mode.

create link

ln -s /etc/nginx/sites-available/loadbalance /etc/nginx/sites-enabled/

Config jitsi-meet site

You must already have 1 other site config that is your jitsi-meet web, open it and just change the port to 8443

...

server {
    listen 8443 ssl;
    server_name <your.domain.com>;
    
    ...
}

Create another Jitsi-meet site

Copy your jitsi-meet site config to new one

cd /etc/nginx/sites-available
cp <your.domain.com>.conf <your.domain.com>-2.conf

Change the port to 8444 and config.js file path

server {
    listen 8444 ssl;
    
    ...
    
    location = /config.js {
        alias /etc/jitsi/meet/<your.domain.com>-2-config.js;
    }
    
    ...
}

Create the second config file used by your second jitsi-meet site

cd /etc/jitsi/meet/
cp <your.domain.com>-config.js <your.domain.com>-2-config.js

create link

ln -s /etc/nginx/sites-available/<your.domain.com>-2.conf /etc/nginx/sites-enabled/

make sure that all your nginx config is ok

nginx -t

reload nginx

service nginx reload

Adjust Config.js

I hope you understand of what we are doing until now. This is basicly we made the nginx think that there are 2 jitsi-meet site. And each of jitsi-meet site has its own config.js file. This is where we define the user ‘region’.

Enable octo & define region your original config.js in /etc/jitsi/meet/<your.domain.com>-config.js

    ...
    
    testing: {
        octo: {
            probability: 1
        },
        
        ...

    },
    
    ...
    
    deploymentInfo: {
        userRegion: "region1"
    }

    ...

Enable octo & define region your second config.js in /etc/jitsi/meet/<your.domain.com>-2-config.js

    ...
    
    testing: {
        octo: {
            probability: 1
        },
        
        ...

    },
    
    ...
    
    deploymentInfo: {
        userRegion: "region2"
    }

    ...

Done!! Now the octo is activated with 2 ‘region’. You can also see in the jicofo log weather the octo is active or not.