Jitsi quick install and LXD in Ubuntu 18.04

ok… in my container named “jitsi”:

# nc -l 10000 -u

in my LXD Host:

echo “123” | nc -u 10.107.254.195 10000

back in my container this appears:

# nc -l 10000 -u
123

actually what I was saying was:

is 10.107.254.195 your LXD bridge address or your host IP address on your LAN (you should do the test from one of your laptops too)

ok… in my container named “jitsi”:

# nc -l 10000 -u

in my LXD Host:

echo “123” | nc -u 10.107.254.195 10000

back in my container this appears:

# nc -l 10000 -u
123

NOTE: I am using the LXD Device Proxy to port forward UDP 10000 to container so I instead of using the LXD IP I use the Public IP of the Host/Server I still get:

$ echo “123” | nc -u 192.168.1.81 10000

back in my container this appears:

# nc -l 10000 -u
123

BTW… what were the two logs you wanted to see?

@gpatel-fr

Also, just fyi in an LXD host/server you can forward ports to any LXD container using the following:

$ lxc config device add cn_name myport443 proxy listen=tcp:0.0.0.0:443 connect=tcp:127.0.0.1:443

where:

cn_name = the target container name

myport443 is ONLY a label you can call this anything just so it reminds you which proxy device is doing what port

proxy listen=tcp:0.0.0.0:443 = on the Host/Server Listen for anything coming in on port 443

connect=tcp:127.0.0.1:443 = and connect that traffic on the Host/Server to port 443 inside “cn_name” container

NOTE: the above is fowarding TCP port 443. If you wanted to forward UDP Port 10000 it would be:

$ lxc config device add cn_name myport10000 proxy listen=udp:0.0.0.0:10000 connect=udp:127.0.0.1:10000

On the LXD Host/Server you can check what is being forwarded to you cn_name container by:

$ lxc config device show cn_name

which in my case displays:

myport80:
connect: tcp:127.0.0.1:80
listen: tcp:0.0.0.0:80
type: proxy
myport443:
connect: tcp:127.0.0.1:443
listen: tcp:0.0.0.0:443
type: proxy
myport4443:
connect: tcp:127.0.0.1:4443
listen: tcp:0.0.0.0:4443
type: proxy
myport10000:
connect: udp:127.0.0.1:10000
listen: udp:0.0.0.0:10000
type: proxy

/var/log/prosody/prosody.log
/var/log/jitsi/jicofo.log
/var/log/jitsi/jvb.log

and yes, I know about the LXD proxy, I just don’t want to use it.

It’s been a year now and we have not used jitsi (on our own server) ever since. My container has been deleted and I haven’t been using jitsi for the last months.

If I remember correctly, at some point we dealt with the same issue with d/c happening after a small amount of time.

It looks to me like you didn’t check this. Or did you?

thanks for the response but yes I have tried both 127.0.0.1 and the LXD Container’s own IP and get the same results.

Well, I got annoyed, took a 20.04 container that was on my workstation LXD setup, installed Jitsi with the quick install, picked self-signed certificate, after the install browsed to https://mycontainer; accepted the certificate, nothing more, nothing less; launched a conference, waited for one hour: no disconnect.

Okay… deleted old LXD container and created a new one.
Reinstalled Jitsi exactly as per:
Self-Hosting Guide - Debian/Ubuntu server

I put the logs on my Google Drive so here are the Links to each of them:

jvb.log

jicofo.log

prosody.log

@gpatel-fr
I didn’t ask if you were using SNAP LXD. I am.

What Web-Server do you use on your host? Can you post your proxy configuration?

@pelen

I’m installing jitsi in and LXD container using the default steps outlined in the
Self-Hosting Guide - Debian/Ubuntu server

So I assume its Nginx webserver.

When you ask for the “proxy” configuration… just to be clear is this a file or part of a file installed by
Jitsi? Or do you want to know what ports I am forwarding from the LXD container’s Host/Server to the LXD container?

@gpatel-fr

Still doing some google searches for LXD and Jitsi and found this thread that you were part of.

And from what you wrote on that thread your installing of Jitsi into LXD also required an Nginx
server running the the LXD’s Host/Server as well as in the LXD Jitsi container? So it looks like a bit more than what was documented in the Jitsi Self-Hosting Guide - Debian/Ubuntu server

I kept thinking that the vanilla guide wasn’t going to work w/out something like the Host running Nginx too and that pointing to the LXD Jitsi container.

gpatel-fr

Apr 4

I proxy from my main nginx install on the host (having a similar role to your haproxy) to the nginx installed in the LXD jitsi container; I have edited the container nginx conf file (created by jitsi upgrade) to drop the ssl so I have a classical setup, the main nginx on the host does the ssl stuff, it has exposed its 443 port to the internet (of course) and it proxies to the container on port 80 doing simple HTTP (the container port 80 is not exposed to the internet). The host port 10000 (and only this port) is NATted to the container port 10000.
By and large I have a similar setup to the one I had with jvb1, the port 443 is managing https jitsi through a reverse proxy, and the 10000 port is directly exposed. The only change is that the jitsi container is exposing a HTTP port managed by nginx instead of jetty. It’s probably not a high performance setup but my hardware is not so great so I can’t hope to manage dozens of clients anyway.

About coturn, it seems only necessary if you can’t expose port 10000 but it’s said to be less performant and it seems a royal pain to setup so I dropped it without mercy.

I am talking about the host. Depending on your network configuration and as far as I know, simple port forwarding will not suffice. You have to do reverse proxying in your web host on the host system.

Why do you want Jitsi to run in LXD?

Same reasons people use it in Docker.

Easy to clone

Doesn’t install anything into my Host

I can have many installations of Jitsi dedicated to many different groups.

@pelen
I wanted you to know that I found an extremely easy way to install Jitsi in LXD containers without having to deal with reverse proxies, port-forwards etc.

LXD has for a while now supported several Host Interface types:

  • Using macvlan
  • Using bridged .
  • Using routed .
  • Using ipvlan .

Default is usually the “bridged” LXDBR0 interface. However, using this means your container is behind the LXDBR0 DNSMASQ/NAT and as you know Jitsi requires a bit of configuration to work around that.

If instead you create an LXD Container using the “routed” your container appears to be on the Host’s LAN (ie if the host is 192.168.1.92… your Container can be given the IP 192.168.1.200)

Now setting up Jitsi is dead simple. Just create the contaiiner with a “routed” interface.
Enter the container:

$ lxc exec my-container bash
.
Install Jitsi as would for any non-container server.

To learn how to create a “routed” LXD container read Simos Xenitellis blog on it:

Anyway I changed my approach and used an LXD Container with a “routed” interface and Jitsi worked off the bat.

Brian Mullan

Hey, thanks for the update and I’m very happy you finally found a solution that works for you.

I’d rather still use the reverse proxy. For me it works anyway. Nevertheless I’m definitely looking into the routed option for future projects as this might definitely be handy in some cases!

So, thanks!