Production JVB Config

Hello @Aaron_van_Meerten ,

I just spoke to you on The Call. Do you mind sharing Jitsi Meet’s production JVB config?

We have a setup hosted in Azure (1 JVB, 1 TURN), and we have A/V issues where we have to leave and enter the room several times to get better results. When we use meet.jit.si, we don’t have an issue.

Thanks!

There are at most 10 participants on the bridge with 8 CPU / 16 GB memory, and no firewall in between.

Bump… @Aaron_van_Meerten

Thanks!

Hi thanks for the ping. We run meet.jit.si with multiple JVBs per “shard”. The stock recommended JVB configuration was the equivalent to AWS c5.xlarge (4 vCPUs, 8GB/RAM, burstable to 10GB NIC). We have open TCP port 443, and UDP port 10000.

We run with the mod_turncredentials module enabled in our prosody instances, configured to point to our TURN servers, with nothing particularly special in that setup.

We have some tunings for UDP buffer sizes in the JVB kernel which may be of use as well:

sysctl -w net.core.rmem_max=104857600
sysctl -w net.core.netdev_max_backlog=100000
sysctl -w net.ipv4.ip_default_ttl=128

We have also applied some open file handle limits in: /etc/security/limits.d/jvb.conf

jvb - nofile 65536
jvb soft core unlimited
jvb hard core unlimited

The jvb.conf config for meet.jit.si is fairly simple:

 videobridge {
    cc {}
    health {
      sticky-failures = true
    }
    ice {
      tcp {enabled = false}
      udp {
        port = 10000
      }
      nomination-strategy="NominateFirstHostOrReflexiveValid"
    }
}

The sip-communicator.properties file is slightly more complex, with some bits redacted. Here’s the relevant parts:

org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc

org.jitsi.videobridge.ENABLE_REST_SHUTDOWN=true
org.jitsi.videobridge.shutdown.ALLOWED_SOURCE_REGEXP=127.0.0.1

org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443

org.ice4j.ice.harvest.AbstractUdpListener.SO_RCVBUF=104857600

#enable WS colibri support via JETTY
org.jitsi.videobridge.rest.jetty.port=443
org.jitsi.videobridge.rest.COLIBRI_WS_TLS=true
org.jitsi.videobridge.rest.COLIBRI_WS_DOMAIN=<REDACTED_HOST>:443
org.jitsi.videobridge.rest.jetty.tls.port=443
org.jitsi.videobridge.rest.jetty.sslContextFactory.keyStorePath=<REDACTED_PATH>
org.jitsi.videobridge.rest.jetty.sslContextFactory.keyStorePassword=<REDACTED_PW>

org.jitsi.videobridge.rest.private.jetty.host=127.0.0.1

<REDACTED_XMPP_CONFIGURATION>
<REDACTED_OCTO_CONFIGURATION>

I hope this helps anybody who is trying to get their setup working like meet.jit.si does.

2 Likes

Thank you, we will apply this and post our results soon.

Can you post more of your configs for meet.jit.si? I’d like to compare turnserver, nginx, meet and prosody.

meet.jit.si works for me where my corporate firewall only allows 80 and 443 out. I’m trying to configure my install of Jitsi the EXACT same way as meet.jit.si. Would be great if there was a tutorial on how to do this. Thanks

Thanks for this info

Where can I find jvb.conf on my server? for videobridge json that you have added.

It should be in /etc/jitsi/videobridge/jvb.conf, but this file isn’t JSON, it’s HOCON (a JSON superset).

1 Like