Jíti on Docker Swarm failed when more than 2 clients connect

Hi all,

I’m using Jitsi on Docker Swarm with these configurations:

  • 3 nodes
  • Initially all the containers running jicofo, video bridge, prosody, webjitsi are running on 1 node only. Everything worked fine

Then I started to scale the video bridge to 3 containers, running on 3 different nodes. Then things started going wrong:

  • If there’s only 2 clients connecting, things worked fine
  • But if there’s another client joining, then all the clients cannot see the video and audio from each other

When the error happens, I viewed the logs of all the containers running video bridge and I found these:
INFO: Pair failed: 172.18.0.14:10000/udp/host -> 192.168.1.33:52853/udp/host (stream-3da9e85d.RTP)
Apr 15, 2020 8:23:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Pair failed: 10.0.5.140:10000/udp/host -> 192.168.1.33:52853/udp/host (stream-3da9e85d.RTP)
Apr 15, 2020 8:23:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Pair failed: 10.255.0.38:10000/udp/host -> 192.168.1.33:52853/udp/host (stream-3da9e85d.RTP)

It seems like there’s some trouble in setting up the connection between the video bridge containers

Here’s my docker-compose.yml setup:

version: '3.0'

networks:
    meet_jitsi: {}
    my-jitsi:
        external: true

services:
    jicofo:
        image: jitsi/jicofo
        environment:
            ENABLE_AUTH: '1'
            JIBRI_BREWERY_MUC: jibribrewery
            JIBRI_PENDING_TIMEOUT: '90'
            JICOFO_AUTH_PASSWORD: cc0aabf95bfa1270e62fd4d4d125b219
            JICOFO_AUTH_USER: focus
            JICOFO_COMPONENT_SECRET: 6f9ae4220e0d0cbe079ab210151354dc
            JICOFO_RESERVATION_REST_BASE_URL: null
            JIGASI_BREWERY_MUC: jigasibrewery
            JVB_BREWERY_MUC: jvbbrewery
            TZ: Asia/Ho_Chi_Minh
            XMPP_AUTH_DOMAIN: auth.meet.jitsi
            XMPP_DOMAIN: meet.jitsi
            XMPP_INTERNAL_MUC_DOMAIN: internal-muc.meet.jitsi
            XMPP_SERVER: xmpp.meet.jitsi
        depends_on:
            - prosody
        networks:
            meet_jitsi: null
        volumes:
            - /jitsi/.jitsi-meet-cfg/jicofo:/config
        deploy:
            placement:
                constraints:
                    - node.role == manager
                    - node.hostname == my-host-name

    jvb:
        image: jitsi/jvb
        volumes:
            - /jitsi/.jitsi-meet-cfg/jvb:/config
        ports:
            - 10000:10000/udp
            - 4443:4443/tcp
        depends_on:
            - prosody
        environment:
            DOCKER_HOST_ADDRESS: my-host-name
            JVB_AUTH_PASSWORD: 0c8eea877c6e51040b224705f9fa48d5
            JVB_AUTH_USER: jvb
            JVB_BREWERY_MUC: jvbbrewery
            JVB_ENABLE_APIS: null
            JVB_PORT: '10000'
            JVB_STUN_SERVERS: meet-jit-si-turnrelay.jitsi.net:443
            JVB_TCP_HARVESTER_DISABLED: "true"
            JVB_TCP_PORT: '4443'
            TZ: Asia/Ho_Chi_Minh
            XMPP_AUTH_DOMAIN: auth.meet.jitsi
            XMPP_INTERNAL_MUC_DOMAIN: internal-muc.meet.jitsi
            XMPP_SERVER: xmpp.meet.jitsi
        networks:
            meet_jitsi: null
        deploy:
            replicas: 3
            placement:
                constraints:
                    - node.role == manager

    prosody:
        image: jitsi/prosody
        volumes:
            - /jitsi/.jitsi-meet-cfg/prosody:/config
        environment:
            AUTH_TYPE: 'jwt'
            ENABLE_AUTH: '1'
            ENABLE_GUESTS: '0'
            GLOBAL_CONFIG: null
            GLOBAL_MODULES: null
            JIBRI_RECORDER_PASSWORD: f3c8121cb1e7a00c3c9831c551595054
            JIBRI_RECORDER_USER: recorder
            JIBRI_XMPP_PASSWORD: 17894dcc9034562328866482b30de955
            JIBRI_XMPP_USER: jibri
            JICOFO_AUTH_PASSWORD: cc0aabf95bfa1270e62fd4d4d125b219
            JICOFO_AUTH_USER: focus
            JICOFO_COMPONENT_SECRET: 6f9ae4220e0d0cbe079ab210151354dc
            JIGASI_XMPP_PASSWORD: ad3f487562166c34961829a804d60b18
            JIGASI_XMPP_USER: jigasi
            JVB_AUTH_PASSWORD: 0c8eea877c6e51040b224705f9fa48d5
            JVB_AUTH_USER: jvb
            JWT_ACCEPTED_AUDIENCES: null
            JWT_ACCEPTED_ISSUERS: null
            JWT_ALLOW_EMPTY: null
            JWT_APP_ID: my-app
            JWT_APP_SECRET: my-secret
            JWT_ASAP_KEYSERVER: null
            JWT_AUTH_TYPE: 'token'
            JWT_TOKEN_AUTH_MODULE: null
            LDAP_AUTH_METHOD: null
            LDAP_BASE: null
            LDAP_BINDDN: null
            LDAP_BINDPW: null
            LDAP_FILTER: null
            LDAP_START_TLS: null
            LDAP_TLS_CACERT_DIR: null
            LDAP_TLS_CACERT_FILE: null
            LDAP_TLS_CHECK_PEER: null
            LDAP_TLS_CIPHERS: null
            LDAP_URL: null
            LDAP_USE_TLS: null
            LDAP_VERSION: null
            LOG_LEVEL: null
            TZ: Asia/Ho_Chi_Minh
            XMPP_AUTH_DOMAIN: auth.meet.jitsi
            XMPP_DOMAIN: meet.jitsi
            XMPP_GUEST_DOMAIN: guest.meet.jitsi
            XMPP_INTERNAL_MUC_DOMAIN: internal-muc.meet.jitsi
            XMPP_INTERNAL_MUC_MODULES: ''
            XMPP_MODULES: ''
            XMPP_MUC_DOMAIN: muc.meet.jitsi
            XMPP_MUC_MODULES: ''
            XMPP_RECORDER_DOMAIN: recorder.meet.jitsi
        expose:
            - '5222'
            - '5347'
            - '5280'
        networks:
            meet_jitsi:
                aliases:
                    - xmpp.meet.jitsi
        deploy:
            placement:
                constraints:
                    - node.role == manager
                    - node.hostname == my-host-name

    webjitsi:
        image: jitsi/web
        volumes:
            - /jitsi/.jitsi-meet-cfg/web:/config
        environment:
            DISABLE_HTTPS: '1'
            ENABLE_AUTH: '1'
            ENABLE_GUESTS: '0'
            ENABLE_HTTP_REDIRECT: null
            ENABLE_LETSENCRYPT: null
            ENABLE_RECORDING: '1'
            ENABLE_TRANSCRIPTIONS: null
            ETHERPAD_URL_BASE: null
            JIBRI_BREWERY_MUC: jibribrewery
            JIBRI_PENDING_TIMEOUT: '90'
            JIBRI_RECORDER_PASSWORD: f3c8121cb1e7a00c3c9831c551595054
            JIBRI_RECORDER_USER: recorder
            JIBRI_XMPP_PASSWORD: 17894dcc9034562328866482b30de955
            JIBRI_XMPP_USER: jibri
            JICOFO_AUTH_USER: focus
            LETSENCRYPT_DOMAIN: null
            LETSENCRYPT_EMAIL: null
            PUBLIC_URL: null
            TZ: Asia/Ho_Chi_Minh
            XMPP_AUTH_DOMAIN: auth.meet.jitsi
            XMPP_BOSH_URL_BASE: http://xmpp.meet.jitsi:5280
            XMPP_DOMAIN: meet.jitsi
            XMPP_GUEST_DOMAIN: guest.meet.jitsi
            XMPP_MUC_DOMAIN: muc.meet.jitsi
            XMPP_RECORDER_DOMAIN: recorder.meet.jitsi
        deploy:
            placement:
                constraints:
                    - node.role == manager
                    - node.hostname == my-host-name
            labels:
                - "traefik.backend=webjitsi"
                - "traefik.docker.network=my-jitsi"
                - "traefik.enable=true"
                - "traefik.frontend.rule=Host:meet.my.vn"
                - "traefik.port=80"
        networks:
            meet_jitsi:
                aliases:
                    - meet.jitsi
            my-jitsi: null

    whoami:
        image: jwilder/whoami
        deploy:
            labels:
                - traefik.port=8000
                - traefik.backend=whoami
                - traefik.frontend.rule=Host:testjitsi.my.vn
                - traefik.enable=true
                - traefik.docker.network=my-jitsi
        networks:
            my-jitsi: null

Anyone has any ideas on this situation ? Thanks :smiley: