-
-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question: How to tell clients to connect to a different STUNner IP with the stunner-gateway-operator
?
#23
Comments
Hi, |
I could, but I'm trying to make this work on the existing examples such as CloudRetro and Kurento... I tried to change the ConfigMap manually, but it gets reconciled after some time... |
You are supposed to change the stunner config via Kubernetes objects. These are then inspected by the operator and rendered into stunner, and in our example we use the same config for the I assume you do not want to change the stunner config itself, but only to be able to specify the IP address that the clients can reach regardless the stunner config. And you would like to do it without touching the On the other hand, there seems to be a future track in the operator that allows users to define LB service that is then exposed for a gateway (i.e. not automatically filled) (see the comments of https://github.com/l7mp/stunner-gateway-operator/blob/main/internal/renderer/service_util.go). This does not work right now for sure, and I have to discuss the plans with this in the team. |
Will this work on the CloudRetro examples aswell? Namely, on the |
Hi, Namely the cloudretro-config-c, under the CLOUD_GAME_WEBRTC_ICESERVERS_0_URL env. variable. This will overwrite the default coordinator config upon launch, and this is the address the coordinator will share with the clients as the TURN server. You can edit this value to whatever You would like, so when clients connect to the coordinator, they will receive your address. If You can't reach the coordinator through TCP, now that will be one pleasant ride. |
Thank you @bbalint105! Assuming it is possible,, in order for clients to connect to STUNner via TCP I will need the following:
The TCP apiVersion: gateway.networking.k8s.io/v1alpha2
kind: Gateway
metadata:
name: tcp-gateway
namespace: stunner
spec:
gatewayClassName: stunner-gatewayclass
listeners:
- name: tcp-listener
port: 3478
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: UDPRoute
metadata:
name: worker-udp-route
namespace: stunner
spec:
parentRefs:
- name: tcp-gateway
rules:
- backendRefs:
- name: worker-ci-udp-svc
namespace: cloudretro Am I going the right direction? |
Yes, You quite got everything (as well the Adding it to your list should make it work; apiVersion: v1
kind: Service
metadata:
name: worker-ci-tcp-svc
namespace: cloudretro
spec:
selector:
app: worker
ports:
- protocol: TCP
port: 8443
targetPort: 8443
type: ClusterIP
---
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: Gateway
metadata:
name: tcp-gateway
namespace: stunner
spec:
gatewayClassName: stunner-gatewayclass
listeners:
- name: tcp-listener
port: 3478
protocol: TCP
---
apiVersion: gateway.networking.k8s.io/v1alpha2
kind: UDPRoute
metadata:
name: worker-tcp-route
namespace: stunner
spec:
parentRefs:
- name: tcp-gateway
rules:
- backendRefs:
- name: worker-ci-tcp-svc
namespace: cloudretro I've tested it on my cluster, and double-checked with wireshark, it was indeed running on TCP. |
Quick clarification to the above:
|
I confirm the above setup works and was able to expose STUNner with TCP. On the other side, the Kurento examples don't have any issues and are streaming just fine, so I really don't know how to debug this... |
My problems have been fixed. I was able to make this solution work inside a corporate network! |
I have a scenario where we have an internal network where our Kubernetes exposed services are behind 1:1 NAT IPs...
This means that the LoadBalancer's IP addresses that Kubernetes knows are not the same that the clients use to connect to them.
For example:
10.0.0.1:3478/udp
but our clients will reach it on10.0.20.1:3478/udp
as configured on our internal firewall.On the Kurento One2one Call example I need to be able to configure the
webrtc-server
frontend to expose theTURN URI
to something liketurn:10.0.20.1:3478?transport=UDP
, which is the IP address that the client will be able to reach.Using STUNner in
standalone
mode I believe I can tweak the configSTUNNER_PUBLIC_ADDR
to point to the correct IPAddress that the client can reach; but I was not able to figure it out with thestunner-gateway-operator
.Maybe you can shed some light?
The text was updated successfully, but these errors were encountered: