From 4ec2959950c586cfe8a1dfd58af3df0d93008acf Mon Sep 17 00:00:00 2001 From: David Zhao Date: Tue, 6 Jul 2021 15:08:46 -0700 Subject: [PATCH] Use discreet ports by default due to write bottleneck (#40) --- README.md | 2 +- config-sample.yaml | 46 +++++++++++++++++++++++++------------------- pkg/config/config.go | 6 +++--- pkg/rtc/config.go | 10 +++++----- 4 files changed, 35 insertions(+), 29 deletions(-) diff --git a/README.md b/README.md index 02fcce08a..10031c5ee 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ LiveKit is an open source project that provides scalable, multi-user conferencin - Modern, full-featured [client SDKs](https://docs.livekit.io/references/client-sdks/) for JS, iOS, Android - Built for production - JWT authentication and [server APIs](https://docs.livekit.io/guides/server-api) - Robust networking & connectivity, over UDP & TCP -- Easy to deploy, a single binary and only three ports to forward. +- Easy to deploy - pure Go & single binary - Advanced features - speaker detection, simulcasting, selective subscription, moderation APIs. ## Documentation & Guides diff --git a/config-sample.yaml b/config-sample.yaml index 1538f240c..ab97753a4 100644 --- a/config-sample.yaml +++ b/config-sample.yaml @@ -12,21 +12,25 @@ redis: # username: myuser # password: mypassword -# when enabled, LiveKit will expose prometheus metrics on :6789/metrics -#prometheus_port: 6789 - # WebRTC configuration rtc: - # the main UDP port to transport WebRTC data - udp_port: 9000 + # UDP ports to use for client traffic. + # this port range should be open for inbound traffic on the firewall + port_range_start: 50000 + port_range_end: 60000 # when set, LiveKit enable WebRTC ICE over TCP when UDP isn't available # this port *cannot* be behind load balancer or TLS, and must be exposed on the node # WebRTC transports are encrypted and do not require additional encryption tcp_port: 7881 # when set to true, attempts to discover the host's public IP via STUN - # this is useful for cloud environments such as AWS, where hosts have an internal IP + # this is useful for cloud environments such as AWS & Google where hosts have an internal IP # that maps to an external one use_external_ip: true + # when set, LiveKit will attempt to use a UDP mux so all UDP traffic goes through + # a single port. This simplifies deployment, but mux will become an overhead for + # highly trafficked deployments. + # port_range_start & end must not be set for this config to take effect + # udp_port: 7882 # optional settings # # when using REMB, the max bitrate that the SFU would accept, defaults to 3Mbps # max_bitrate: 3145728 @@ -44,6 +48,8 @@ rtc: # mid_quality: 1s # high_quality: 1s +# when enabled, LiveKit will expose prometheus metrics on :6789/metrics +#prometheus_port: 6789 # API key / secret pairs. # Keys are used for JWT authentication, server APIs would require a keypair in order to generate access tokens @@ -82,17 +88,17 @@ keys: # smooth_samples: 8 # turn server -turn: - # Uses TLS. Requires cert and key pem files by either: - # - using turn.secretName if deploying with our helm chart, or - # - setting LIVEKIT_TURN_CERT and LIVEKIT_TURN_KEY env vars with file locations, or - # - using cert_file and key_file below - # defaults to false - enabled: false - # needs to match tls cert domain - domain: turn.myhost.com - # defaults to 3478 - if not using a load balancer, this must be set to 443 - tls_port: 3478 - # optional - # cert_file: /path/to/cert.pem - # key_file: /path/to/key.pem +#turn: +# # Uses TLS. Requires cert and key pem files by either: +# # - using turn.secretName if deploying with our helm chart, or +# # - setting LIVEKIT_TURN_CERT and LIVEKIT_TURN_KEY env vars with file locations, or +# # - using cert_file and key_file below +# # defaults to false +# enabled: false +# # needs to match tls cert domain +# domain: turn.myhost.com +# # defaults to 3478 - if not using a load balancer, this must be set to 443 +# tls_port: 3478 +# # optional +# # cert_file: /path/to/cert.pem +# # key_file: /path/to/key.pem diff --git a/pkg/config/config.go b/pkg/config/config.go index db1a066ca..5904022da 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -97,9 +97,9 @@ func NewConfig(confString string) (*Config, error) { RTC: RTCConfig{ UseExternalIP: false, TCPPort: 7881, - UDPPort: 7882, - ICEPortRangeStart: 0, - ICEPortRangeEnd: 0, + UDPPort: 0, + ICEPortRangeStart: 50000, + ICEPortRangeEnd: 60000, StunServers: []string{ "stun.l.google.com:19302", "stun1.l.google.com:19302", diff --git a/pkg/rtc/config.go b/pkg/rtc/config.go index dd52c0209..41d31eac3 100644 --- a/pkg/rtc/config.go +++ b/pkg/rtc/config.go @@ -65,7 +65,11 @@ func NewWebRTCConfig(conf *config.Config, externalIP string) (*WebRTCConfig, err var udpMuxConn *net.UDPConn var err error - if rtcConf.UDPPort != 0 { + if rtcConf.ICEPortRangeStart != 0 && rtcConf.ICEPortRangeEnd != 0 { + if err := s.SetEphemeralUDPPortRange(uint16(rtcConf.ICEPortRangeStart), uint16(rtcConf.ICEPortRangeEnd)); err != nil { + return nil, err + } + } else if rtcConf.UDPPort != 0 { udpMuxConn, err = net.ListenUDP("udp4", &net.UDPAddr{ Port: int(rtcConf.UDPPort), }) @@ -92,10 +96,6 @@ func NewWebRTCConfig(conf *config.Config, externalIP string) (*WebRTCConfig, err } } } - } else if rtcConf.ICEPortRangeStart != 0 && rtcConf.ICEPortRangeEnd != 0 { - if err := s.SetEphemeralUDPPortRange(uint16(rtcConf.ICEPortRangeStart), uint16(rtcConf.ICEPortRangeEnd)); err != nil { - return nil, err - } } // use TCP mux when it's set