Videobridge "Pair failed" when running with podman

Hello,

I’m trying to set up a Jitsi server using podman (with the official docker images), but I can’t get the video bridge working (video and audio breaks when a third user joins).

The env file I am using works for me, if I use docker and the official docker-compose.yml, but as all other services on my server run with podman, I’d prefer if I didn’t need a running docker just for jitsi.

From various Github issues and discourse posts, I’ve already tried:

  • Changing JVB_STUN_SERVERS to the ones from Google
  • JVB_TCP_HARVESTER_DISABLED=true
  • disabling IPv6 in sip-communicator.properties
  • various values for DOCKER_HOST_ADDRESS, or not setting it at all

I use the following setup:

podman pod create --name=jitsi \
       --publish 127.0.0.1:${HTTP_PORT}:80 \
       --publish 127.0.0.1:${HTTPS_PORT}:443 \
       --publish ${JVB_PORT}:${JVB_PORT}/udp \
       --publish ${JVB_TCP_PORT}:${JVB_TCP_PORT} \
       --add-host xmpp.meet.jitsi:127.0.0.1

podman create --pod jitsi --name=web \
       -v $JITSI_DATA/web/config:/config:Z \
       -v $JITSI_DATA/web/transcripts:/usr/share/jitsi-meet/transcripts:Z \
       --env-file $PWD/env \
       docker.io/jitsi/web:latest

podman create --pod jitsi --name=prosody \
       -v $JITSI_DATA/prosody/config:/config:Z \
       -v $JITSI_DATA/prosody/prosody-plugins-custom:/prosody-plugins-custom:Z \
       --env-file $PWD/env \
       docker.io/jitsi/prosody:latest

podman create --pod jitsi --name=jicofo \
       -v $JITSI_DATA/jicofo/config:/config:Z \
       --env-file $PWD/env \
       docker.io/jitsi/jicofo:latest

podman create --pod jitsi --name=jvb \
       -v $JITSI_DATA/jvb/config:/config:Z \
       --env-file $PWD/env \
       docker.io/jitsi/jvb:latest

Env file:

JICOFO_COMPONENT_SECRET=****
JICOFO_AUTH_PASSWORD=****
JVB_AUTH_PASSWORD=****
JIGASI_XMPP_PASSWORD=****
JIBRI_RECORDER_PASSWORD=****
JIBRI_XMPP_PASSWORD=****
HTTP_PORT=8000
HTTPS_PORT=8443
TZ=Europe/Berlin
PUBLIC_URL=https://my.domain
DOCKER_HOST_ADDRESS=<public server ip>
ENABLE_LETSENCRYPT=0
ENABLE_AUTH=0
ENABLE_GUESTS=1
XMPP_DOMAIN=meet.jitsi
XMPP_SERVER=xmpp.meet.jitsi
XMPP_BOSH_URL_BASE=http://xmpp.meet.jitsi:5280
XMPP_AUTH_DOMAIN=auth.meet.jitsi
XMPP_MUC_DOMAIN=muc.meet.jitsi
XMPP_INTERNAL_MUC_DOMAIN=internal-muc.meet.jitsi
XMPP_GUEST_DOMAIN=guest.meet.jitsi
JVB_BREWERY_MUC=jvbbrewery
JVB_AUTH_USER=jvb
JVB_STUN_SERVERS=meet-jit-si-turnrelay.jitsi.net:443
JVB_PORT=10000
JVB_TCP_HARVESTER_DISABLED=true
JVB_TCP_PORT=4443
JICOFO_AUTH_USER=focus
JIGASI_XMPP_USER=jigasi
JIGASI_BREWERY_MUC=jigasibrewery
JIGASI_PORT_MIN=20000
JIGASI_PORT_MAX=20050
ENABLE_RECORDING=1
XMPP_RECORDER_DOMAIN=recorder.meet.jitsi
JIBRI_RECORDER_USER=recorder
JIBRI_RECORDING_DIR=/config/recordings
JIBRI_FINALIZE_RECORDING_SCRIPT_PATH=/config/finalize.sh
JIBRI_XMPP_USER=jibri
JIBRI_BREWERY_MUC=jibribrewery
JIBRI_PENDING_TIMEOUT=90
JIBRI_STRIP_DOMAIN_JID=muc
JIBRI_LOGS_DIR=/config/logs
DISABLE_HTTPS=1

Port 8000 is reverse-proxied via caddy (this works with the docker-compose variant and with podman it only breaks for >2 users, so I don’t think this is a problem)

Ports 10000 (JVB_PORT) and 4443 (JVB_TCP_PORT) are both open and reachable from the outside (I tried the instructions from here for testing 10000/udp and checked if they are open with nmap for both)

Contents of sip-communicator.properties:

org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=10.0.2.100
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=46.38.237.194

jvb container log during startup:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-set-timezone: executing... 
[cont-init.d] 01-set-timezone: exited 0.
[cont-init.d] 10-config: executing... 
[cont-init.d] 10-config: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
Jan 28, 2021 4:05:44 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Initialized newConfig: merge of system properties,/config/jvb.conf: 1,system properties,reference.conf @ jar:file:/usr/share/jitsi-videobridge/jitsi-videobridge.jar!/reference.conf: 1,reference.conf @ jar:file:/usr/share/jitsi-videobridge/lib/ice4j-3.0-22-g67ffceb.jar!/reference.conf: 1,reference.conf @ jar:file:/usr/share/jitsi-videobridge/lib/jitsi-media-transform-1.0-198-g1babb83.jar!/reference.conf: 1
Jan 28, 2021 4:05:44 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: loading config file at path /config/sip-communicator.properties
Jan 28, 2021 4:05:44 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Initialized legacyConfig: sip communicator props (no description provided)
Jan 28, 2021 4:05:44 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Reloading the Typesafe config source (previously reloaded 0 times).
Jan 28, 2021 4:05:45 PM org.ice4j.ice.harvest.MappingCandidateHarvesters initialize
INFO: Using AwsCandidateHarvester.
Jan 28, 2021 4:05:45 PM org.ice4j.ice.harvest.StunMappingCandidateHarvester discover
INFO: Discovered public address <public ip of server>:42610/udp from STUN server 130.61.132.30:443/udp using local address 10.0.2.100:0/udp
Jan 28, 2021 4:05:45 PM org.jitsi.utils.logging2.LoggerImpl log
WARNING: Disabling certificate verification!
Jan 28, 2021 4:05:45 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: LastNReducer with reductionScale: 0.75 recoverScale: 1.25 impactTime: PT1M minLastN: 0 maxEnforcedLastN: 40
Jan 28, 2021 4:05:45 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: TaskPools detected 2 processors, creating the CPU pool with that many threads
Jan 28, 2021 4:05:45 PM org.jitsi.utils.logging2.LoggerImpl log
WARNING: Running with open files limit 4096 (hard 4096), thread limit 31605 (hard 31605). These values are too low and they will limit the number of participants that the bridge can serve simultaneously.
Jan 28, 2021 4:05:45 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting with 60 second interval.
Jan 28, 2021 4:05:45 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Started with interval=10000, timeout=PT30S, maxDuration=PT3S, stickyFailures=false.
Jan 28, 2021 4:05:45 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Not starting CallstatsService, disabled in configuration.
Jan 28, 2021 4:05:45 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting public http server
Jan 28, 2021 4:05:46 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Base URL: wss://my.domain/colibri-ws/10.0.2.100
Jan 28, 2021 4:05:46 PM org.eclipse.jetty.util.log.Log initialized
INFO: Logging initialized @1699ms to org.eclipse.jetty.util.log.JavaUtilLog
Jan 28, 2021 4:05:46 PM org.ice4j.ice.harvest.MappingCandidateHarvesters maybeAdd
INFO: Discarding a mapping harvester: org.ice4j.ice.harvest.AwsCandidateHarvester, face=null, mask=null
Jan 28, 2021 4:05:46 PM org.ice4j.ice.harvest.MappingCandidateHarvesters maybeAdd
INFO: Discarding a mapping harvester with duplicate addresses: org.ice4j.ice.harvest.StunMappingCandidateHarvester, face=/10.0.2.100, mask=/<public ip of server>. Kept: org.ice4j.ice.harvest.MappingCandidateHarvester, face=/10.0.2.100, mask=/<public ip of server>
Jan 28, 2021 4:05:46 PM org.ice4j.ice.harvest.MappingCandidateHarvesters initialize
INFO: Using org.ice4j.ice.harvest.MappingCandidateHarvester, face=/10.0.2.100, mask=/<public ip of server>
Jan 28, 2021 4:05:46 PM org.ice4j.ice.harvest.MappingCandidateHarvesters initialize
INFO: Initialized mapping harvesters (delay=1161ms).  stunDiscoveryFailed=false
Jan 28, 2021 4:05:46 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Registering servlet at /colibri-ws/*, baseUrl = wss://my.domain/colibri-ws/10.0.2.100
Jan 28, 2021 4:05:46 PM org.eclipse.jetty.server.Server doStart
INFO: jetty-9.4.15.v20190215; built: 2019-02-15T16:53:49.381Z; git: eb70b240169fcf1abbd86af36482d1c49826fa0b; jvm 1.8.0_275-b01
Jan 28, 2021 4:05:46 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Connected.
Jan 28, 2021 4:05:46 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Logging in.
Jan 28, 2021 4:05:46 PM org.eclipse.jetty.server.handler.ContextHandler doStart
INFO: Started o.e.j.s.ServletContextHandler@7393222f{/,null,AVAILABLE}
Jan 28, 2021 4:05:46 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Joined MUC: jvbbrewery@internal-muc.meet.jitsi
Jan 28, 2021 4:05:46 PM org.eclipse.jetty.server.AbstractConnector doStart
INFO: Started ServerConnector@ca6a93e{HTTP/1.1,[http/1.1]}{0.0.0.0:9090}
Jan 28, 2021 4:05:46 PM org.eclipse.jetty.server.Server doStart
INFO: Started @2170ms
Jan 28, 2021 4:05:46 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting private http server
Jan 28, 2021 4:05:46 PM org.eclipse.jetty.server.Server doStart
INFO: jetty-9.4.15.v20190215; built: 2019-02-15T16:53:49.381Z; git: eb70b240169fcf1abbd86af36482d1c49826fa0b; jvm 1.8.0_275-b01
Jan 28, 2021 4:05:47 PM org.glassfish.jersey.internal.inject.Providers checkProviderRuntime
WARNING: A provider org.jitsi.rest.Version registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider org.jitsi.rest.Version will be ignored. 
Jan 28, 2021 4:05:47 PM org.glassfish.jersey.internal.inject.Providers checkProviderRuntime
WARNING: A provider org.jitsi.rest.Health registered in SERVER runtime does not implement any provider interfaces applicable in the SERVER runtime. Due to constraint configuration problems the provider org.jitsi.rest.Health will be ignored. 
Jan 28, 2021 4:05:47 PM org.eclipse.jetty.server.handler.ContextHandler doStart
INFO: Started o.e.j.s.ServletContextHandler@5a9800f8{/,null,AVAILABLE}
Jan 28, 2021 4:05:47 PM org.eclipse.jetty.server.AbstractConnector doStart
INFO: Started ServerConnector@143d9a93{HTTP/1.1,[http/1.1]}{0.0.0.0:8080}
Jan 28, 2021 4:05:47 PM org.eclipse.jetty.server.Server doStart
INFO: Started @3230ms

Container log after clients connect:

Jan 28, 2021 4:14:55 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Performed a successful health check in PT0S. Sticky failure: false
Jan 28, 2021 4:15:05 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Performed a successful health check in PT0S. Sticky failure: false
Jan 28, 2021 4:15:15 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Performed a successful health check in PT0S. Sticky failure: false
Jan 28, 2021 4:15:25 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Performed a successful health check in PT0S. Sticky failure: false
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting connection status monitor
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: create_conf, id=d62d261c01de65df gid=282641
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Gathering candidates for component stream-c953a6dd.RTP.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Ignoring empty DtlsFingerprint extension: <transport xmlns='urn:xmpp:jingle:transports:ice-udp:1'><fingerprint xmlns='urn:xmpp:jingle:apps:dtls:0' required='false'/></transport>
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ds_change ds_id=c953a6dd
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Gathering candidates for component stream-3e8cbbe8.RTP.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Ignoring empty DtlsFingerprint extension: <transport xmlns='urn:xmpp:jingle:transports:ice-udp:1'><fingerprint xmlns='urn:xmpp:jingle:apps:dtls:0' required='false'/></transport>
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: The remote side is acting as DTLS client, we'll act as server
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting the Agent without remote candidates.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start ICE connectivity establishment.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Init checklist for stream stream-c953a6dd
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed from Waiting to Running.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed old=Waiting new=Running
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start connectivity checks.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: The remote side is acting as DTLS client, we'll act as server
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting the Agent without remote candidates.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start ICE connectivity establishment.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Init checklist for stream stream-3e8cbbe8
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed from Waiting to Running.
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed old=Waiting new=Running
Jan 28, 2021 4:15:31 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start connectivity checks.
Jan 28, 2021 4:15:32 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Update remote candidate for stream-3e8cbbe8.RTP: 192.168.178.53:32943/udp
Jan 28, 2021 4:15:32 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: new Pair added: 10.0.2.100:10000/udp/host -> 192.168.178.53:32943/udp/host (stream-3e8cbbe8.RTP).
Jan 28, 2021 4:15:32 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Pair failed: 10.0.2.100:10000/udp/host -> 192.168.178.53:32943/udp/host (stream-3e8cbbe8.RTP)
Jan 28, 2021 4:15:32 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Update remote candidate for stream-c953a6dd.RTP: 192.168.178.53:59905/udp
Jan 28, 2021 4:15:32 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: new Pair added: 10.0.2.100:10000/udp/host -> 192.168.178.53:59905/udp/host (stream-c953a6dd.RTP).
Jan 28, 2021 4:15:32 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Pair failed: 10.0.2.100:10000/udp/host -> 192.168.178.53:59905/udp/host (stream-c953a6dd.RTP)
Jan 28, 2021 4:15:35 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Performed a successful health check in PT0S. Sticky failure: false
Jan 28, 2021 4:15:45 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Performed a successful health check in PT0S. Sticky failure: false
Jan 28, 2021 4:15:45 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Running expire()
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Gathering candidates for component stream-96f981d6.RTP.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Ignoring empty DtlsFingerprint extension: <transport xmlns='urn:xmpp:jingle:transports:ice-udp:1'><fingerprint xmlns='urn:xmpp:jingle:apps:dtls:0' required='false'/></transport>
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: The remote side is acting as DTLS client, we'll act as server
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting the Agent without remote candidates.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start ICE connectivity establishment.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Init checklist for stream stream-96f981d6
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed from Waiting to Running.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed old=Waiting new=Running
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start connectivity checks.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Expiring.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Stopping
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Stopping
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed from Running to Terminated.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed old=Running new=Terminated
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Closing.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Expired.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Gathering candidates for component stream-3e8cbbe8.RTP.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Ignoring empty DtlsFingerprint extension: <transport xmlns='urn:xmpp:jingle:transports:ice-udp:1'><fingerprint xmlns='urn:xmpp:jingle:apps:dtls:0' required='false'/></transport>
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Expiring.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ds_change ds_id=96f981d6
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Stopping
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Stopping
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed from Running to Terminated.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed old=Running new=Terminated
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Closing.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Expired.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Gathering candidates for component stream-c953a6dd.RTP.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Ignoring empty DtlsFingerprint extension: <transport xmlns='urn:xmpp:jingle:transports:ice-udp:1'><fingerprint xmlns='urn:xmpp:jingle:apps:dtls:0' required='false'/></transport>
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: The remote side is acting as DTLS client, we'll act as server
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting the Agent without remote candidates.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start ICE connectivity establishment.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Init checklist for stream stream-c953a6dd
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed from Waiting to Running.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed old=Waiting new=Running
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start connectivity checks.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: The remote side is acting as DTLS client, we'll act as server
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Starting the Agent without remote candidates.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start ICE connectivity establishment.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Init checklist for stream stream-3e8cbbe8
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed from Waiting to Running.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed old=Waiting new=Running
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Start connectivity checks.
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Update remote candidate for stream-c953a6dd.RTP: 192.168.178.53:54465/udp
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: new Pair added: 10.0.2.100:10000/udp/host -> 192.168.178.53:54465/udp/host (stream-c953a6dd.RTP).
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Update remote candidate for stream-c953a6dd.RTP: 192.168.178.53:54465/udp
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Not adding duplicate remote candidate: 192.168.178.53:54465/udp
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Update remote candidate for stream-3e8cbbe8.RTP: 192.168.178.53:47757/udp
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: new Pair added: 10.0.2.100:10000/udp/host -> 192.168.178.53:47757/udp/host (stream-3e8cbbe8.RTP).
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Update remote candidate for stream-3e8cbbe8.RTP: 192.168.178.53:47757/udp
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Pair failed: 10.0.2.100:10000/udp/host -> 192.168.178.53:54465/udp/host (stream-c953a6dd.RTP)
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Not adding duplicate remote candidate: 192.168.178.53:47757/udp
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Pair failed: 10.0.2.100:10000/udp/host -> 192.168.178.53:47757/udp/host (stream-3e8cbbe8.RTP)
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Update remote candidate for stream-96f981d6.RTP: 192.168.178.53:50678/udp
Jan 28, 2021 4:15:48 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: new Pair added: 10.0.2.100:10000/udp/host -> 192.168.178.53:50678/udp/host (stream-96f981d6.RTP).
Jan 28, 2021 4:15:49 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Pair failed: 10.0.2.100:10000/udp/host -> 192.168.178.53:50678/udp/host (stream-96f981d6.RTP)
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Expiring.
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Tearing down
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Stopping
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Stopping
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed from Running to Terminated.
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: ICE state changed old=Running new=Terminated
Jan 28, 2021 4:15:53 PM org.jitsi.utils.logging2.LoggerImpl log
INFO: Closing.

setRemoteDescription from chrome://webrtc-internals:

type: offer, sdp: v=0
o=- 1611848205216 2 IN IP4 127.0.0.1
s=-
t=0 0
a=msid-semantic: WMS be2c0ee6-7166-43ab-95b2-74c7685c8b12-1
a=group:BUNDLE audio video
m=audio 10000 RTP/SAVPF 111 103 104 126
c=IN IP4 46.38.237.194
a=rtpmap:111 opus/48000/2
a=rtpmap:103 ISAC/16000
a=rtpmap:104 ISAC/32000
a=rtpmap:126 telephone-event/8000
a=fmtp:111 minptime=10;useinbandfec=1
a=rtcp:9 IN IP4 0.0.0.0
a=rtcp-fb:111 transport-cc
a=extmap:1 urn:ietf:params:rtp-hdrext:ssrc-audio-level
a=extmap:5 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=setup:actpass
a=mid:audio
a=sendrecv
a=ice-ufrag:bf3ii1et4q7gqt
a=ice-pwd:60m6na9rd9g1sdjpvu5jmrviha
a=fingerprint:sha-256 40:5A:F7:CB:00:1C:AD:C7:88:37:98:43:85:AA:30:BF:70:BC:A4:9F:8C:87:3D:91:4E:8A:13:AC:FB:B6:F7:A0
a=candidate:1 1 udp 2130706431 10.0.2.100 10000 typ host generation 0
a=candidate:2 1 udp 1694498815 46.38.237.194 10000 typ srflx raddr 10.0.2.100 rport 10000 generation 0
a=ssrc:3569159251 cname:mixed
a=ssrc:3569159251 msid:mixedmslabel mixedlabelaudio0
a=ssrc:3569159251 mslabel:mixedmslabel
a=ssrc:3569159251 label:mixedlabelaudio0
a=ssrc:1649986342 cname:nLgvOciYfnaFdD3a-1
a=ssrc:1649986342 msid:cd92f1e3-42a4-40f7-984c-a5cc4ce35f9d-1 3acbae46-2a64-4933-a769-5a6ddd86eac3-1
a=ssrc:1649986342 mslabel:cd92f1e3-42a4-40f7-984c-a5cc4ce35f9d-1
a=ssrc:1649986342 label:3acbae46-2a64-4933-a769-5a6ddd86eac3-1
a=rtcp-mux
m=video 10000 RTP/SAVPF 100 107 101 96 97 99
c=IN IP4 46.38.237.194
a=rtpmap:100 VP8/90000
a=rtpmap:107 H264/90000
a=rtpmap:101 VP9/90000
a=rtpmap:96 rtx/90000
a=rtpmap:97 rtx/90000
a=rtpmap:99 rtx/90000
a=fmtp:100 x-google-start-bitrate=800
a=fmtp:107 ;level-asymmetry-allowed=1;packetization-mode=1;profile-level-id=42e01f;x-google-start-bitrate=800
a=fmtp:101 x-google-start-bitrate=800
a=fmtp:96 apt=100
a=fmtp:97 apt=101
a=fmtp:99 apt=107
a=rtcp:9 IN IP4 0.0.0.0
a=rtcp-fb:100 ccm fir
a=rtcp-fb:100 nack
a=rtcp-fb:100 nack pli
a=rtcp-fb:100 goog-remb
a=rtcp-fb:100 transport-cc
a=rtcp-fb:107 ccm fir
a=rtcp-fb:107 nack
a=rtcp-fb:107 nack pli
a=rtcp-fb:107 goog-remb
a=rtcp-fb:107 transport-cc
a=rtcp-fb:101 ccm fir
a=rtcp-fb:101 nack
a=rtcp-fb:101 nack pli
a=rtcp-fb:101 goog-remb
a=rtcp-fb:101 transport-cc
a=rtcp-fb:96 ccm fir
a=rtcp-fb:96 nack
a=rtcp-fb:96 nack pli
a=extmap:3 http://www.webrtc.org/experiments/rtp-hdrext/abs-send-time
a=extmap:5 http://www.ietf.org/id/draft-holmer-rmcat-transport-wide-cc-extensions-01
a=setup:actpass
a=mid:video
a=sendrecv
a=ice-ufrag:bf3ii1et4q7gqt
a=ice-pwd:60m6na9rd9g1sdjpvu5jmrviha
a=fingerprint:sha-256 40:5A:F7:CB:00:1C:AD:C7:88:37:98:43:85:AA:30:BF:70:BC:A4:9F:8C:87:3D:91:4E:8A:13:AC:FB:B6:F7:A0
a=candidate:1 1 udp 2130706431 10.0.2.100 10000 typ host generation 0
a=candidate:2 1 udp 1694498815 <public ip of my server> 10000 typ srflx raddr 10.0.2.100 rport 10000 generation 0
a=ssrc:3509506489 cname:nLgvOciYfnaFdD3a-1
a=ssrc:3509506489 msid:be2c0ee6-7166-43ab-95b2-74c7685c8b12-1 32a7622f-bd5d-49ab-a209-8530670b5f61-1
a=ssrc:3509506489 mslabel:be2c0ee6-7166-43ab-95b2-74c7685c8b12-1
a=ssrc:3509506489 label:32a7622f-bd5d-49ab-a209-8530670b5f61-1
a=ssrc:983169921 cname:nLgvOciYfnaFdD3a-1
a=ssrc:983169921 msid:be2c0ee6-7166-43ab-95b2-74c7685c8b12-1 32a7622f-bd5d-49ab-a209-8530670b5f61-1
a=ssrc:983169921 mslabel:be2c0ee6-7166-43ab-95b2-74c7685c8b12-1
a=ssrc:983169921 label:32a7622f-bd5d-49ab-a209-8530670b5f61-1
a=ssrc:1120573404 cname:mixed
a=ssrc:1120573404 msid:mixedmslabel mixedlabelvideo0
a=ssrc:1120573404 mslabel:mixedmslabel
a=ssrc:1120573404 label:mixedlabelvideo0
a=ssrc-group:FID 3509506489 983169921
a=rtcp-mux
a=x-google-flag:conference

Is it expected, that the “new Pair” lines in the log of jvb, like new Pair added: 10.0.2.100:10000/udp/host -> 192.168.178.53:50678/udp/host contain the address of the container and the local address of the client instead of public IPs on either side?

Are there any further sources of debug information I should look into?
Does anybody here have a working setup using podman and can share where their setup differs?
Thanks in advance

Hi there,

I’m not familiar with podman but we have deployed Jitsi several times on Kubernetes.

I’d suggest using host-networking for the videobridges, and ensure you’ve STUN_MAPPING_HARVESTER_ADDRESSES in your config:

org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302

Otherwise, it will go nuts trying to establish connections. In any case, it’s normal to see several “dumb” attempts for connections against your local IP addresses, simply ignore them, it works.

Best regards!

1 Like

I just tried that, but sadly it looks like that is still problematic with podman in rootless mode. But the bug I encountered seems to have been fixed just this week. Hopefully the release of podman 3.0 is coming soon :slight_smile:

How do you add that line when running the container? When I edit it, restarting jvb changes the file back to its previous state, and it doesn’t seem like any of the environment variables the container accepts corresponds to that option.

That’s one of the supported env variables.

org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES={{ .Env.JVB_STUN_SERVERS }}

Check /defaults/sip-communicator.properties which is the template file that generates /config/sip-communicator.properties

I had that variable set, but it doesn’t appear in the properties file. It looks like it was removed:

This can be fixed. As @kpeiruza mention, run jvb in host-network (still rootless).

podman pod create --name=jitsi-pod \
       -p 8000:80 \
       -p 8444:443 \
       -p 5347:5347 \
       -p 5280:5280 \
       -p 5222:5222 \
       --add-host xmpp.meet.jitsi:127.0.0.1

podman create --name=jvb \
       --network=host \
       --add-host xmpp.meet.jitsi:192.168.10.34 \
       -v $JITSI_DATA/jvb:/config:Z \
       --env-file .env \
       docker.io/jitsi/jvb:latest

The rest of the containers are unchanged.
This runs rootless in host network, not optimal from a security point of view but in my case it’s just a server at home (and this is a temporary solution).

If one could pass the settings to the websocket sever-id in jvb.conf and org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS in sip-communicator.properties this would have worked instead of the solution of host networking.
Both these values should take the value set by docker_host_ip (192.168.10.34 in my case).

1 Like

Thank you, moving the jvb container out of the pod worked!

Although I wasn’t sure, what you meant by “the value set by docker_host_ip”, as I haven’t found anything by that name related to podman. But as the pod publishes the ports to the host, I tried setting the IP to 127.0.0.1, which worked

I may have been unclear, it’s a variable set in the env-file used by Jitsi.

Great that it worked out for you!