amazon-web-serviceswebsocketaws-application-load-balancerjitsijitsi-meet

Jitsi behind ALB connection to websocket


I am struggling with Jitsi behind AWS ALB.

I have configured load balancer, opened TCP: 443, 80, 4443, UDP: 10000.

Created target group etc. frontend works but the video doesn't start:

You've been disconnected

Error in the console is:

WebSocket connection to wss://jitsi.<censored>.org/xmpp-websocket?room=test' failed: _connect @ strophe.umd.js:5463

I will really appreciate the advice.

UPD: I can disable websocket by adding these variables to .env

ENABLE_SCTP=1
ENABLE_COLIBRI_WEBSOCKET=0
ENABLE_XMPP_WEBSOCKET=0

But this isn't secure and therefore the desired result.


Solution

  • The ALB does support websockets. But you can't configure the setup like this. One thing you can do is switch over to NLB, but this would require some reconfiguring of the security groups, Listeners, target groups, etc. Why don't you want to use WebRTC?

    UPDATE

    Come to think of it, Amazon ALB Listeners offers HTTP and HTTPS and WebSockets initially contact the app with HTTP (ws) or HTTPS (wss)

    So the ALB shouldn't care about the stream switch/upgrade. The only thing is that the websocket is designed to stay open, and the ALB kills a connection after x seconds (60s i think). But Jitsi doesn't go Idle, so maybe this isn't a problem. I'll try it out and get back to you :)

    UPDATE It took a while, but it works. You need to set a couple of things:

    JVB_TCP_HARVESTER_DISABLED=true
    JVB_TCP_PORT=4443
    JVB_TCP_MAPPED_PORT=4443
    

    Set the following back to the default values (leave blank)

    ENABLE_SCTP
    ENABLE_COLIBRI_WEBSOCKET
    ENABLE_XMPP_WEBSOCKET 
    

    Make sure you set the PUBLIC_URL variable for all containers (except Prosody) This should be it. Got it working here.