Wow thanks. will give this a try.
Did you consider making a AWS CloudFormation
<https://aws.amazon.com/cloudformation/> template ?
Thanks,
Dan
On 01/04/2020 10:20, Denis Noctor wrote:
Hi there everyone,
I thought this email might be of some interest to those setting up OM
on an AWS EC2 instance using Ubuntu 18.04.4 LTS (GNU/Linux
4.15.0-1063-aws x86_64). There are lots of tutorials online regarding
how to setup an AWS EC2 instance, so there is no need for me to talk
about that. I am assuming you have this up and running.
However there are lots of _free_ AMIs (Amazon Machine Images) in AWS
that can be automatically installed which will install a LAMP image
(Linux, Apache, MySQL, and PHP setup) and the one I used was:
“ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20190212.1
(ami-0a313d6098716f372)”
I will have to update my PHP version at some stage though.
My AWS Setup is as follows:
Instance type: t3a.large (8 gigs Ram , 2 vCPUS), I was previously
using a t3a.medium (4 gigs Ram , 2 vCPUS)… which seemed to run okay…
but needed to elimate any doubts I had by cranking up the RAM. Some of
you may decide to go for lower or higher instances depending on your
budget and desired performance levels etc.
It is also important to note that I am using an Elastic IP address,
which basically means the IP address of my domain will never change
and as a result my registered domain name, for example “ABC.COM
<http://ABC.COM>” will be directed to this IP address…. Even if I
“stop” my server to save money.
I am also using a “AWS load balancer” which also entitles me to a free
certificate which automatically renews every 12 months when set up
(again lots of info on the internet about this) - which is an
IMPORTANT POINT as I am not using LetsEncrypt… AND AS A RESULT DEVIATE
FROM ALVARO’S WONDERFUL INSTRUCTIONS.
Let’s begin…
If you are setting up a clean install… simply follow Alvaro’s
instructions via this link:
https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/140774282/Installation%20OpenMeetings%205.0.0-M3%20on%20Ubuntu%2018.04%20LTS.pdf
Again, this is for OM 5.0.0-M3. If you wish to update to further
snapshots please refer to the official website, forums and links.
Please note the current version of Alvaro’s PDF… at the time of
writing it was v6.
(Assuming you have already got an AWS certificate: you can setup your
domain as https… redirecting all http to https…. I recommend you do
this before).
NEXT STAGE – SETTING UP THE TURN SERVER.
I had originally used a free TURN server service… using
https://numb.viagenie.ca/ whereby you can setup an account… and had
tested it… and it seemed to be okay…. But I don’t like to be dependent
on a 3^rd party… especially when it comes to testing… I decided to set
up my own… on the same AWS EC2 instance.
Please refer to Alvaro’s additional setup regarding “Installation SSL
certificates and Coturn for OpenMeetings 5.0.0-M3”… via the following
link --- BUT PLEASE NOTE WE ARE NOT GOING TO FOLLOW ALL THE
INSTRUCTIONS TO THE LETTER:
https://cwiki.apache.org/confluence/display/OPENMEETINGS/Tutorials+for+installing+OpenMeetings+and+Tools?preview=/27838216/148644256/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
As I am using an AWS certificate, I am going to bypass / ignore all
references to “letsencrypt”… and here is the why… with AWS
certificates you have no control over them… you cannot download the
certificate and store it on your server… you cannot download files,
like in “letsencrypt” in Alvaro’s example … you have no access to
“fullchain.pem”, “privkey.pem”. These files are stored elsewhere in
AWS... but are automatically detected and enforced by AWS… (you could
use Letsencrypt as an alternative certificate source but this is not
what this email is all about… and I haven’t had the need to test it.)
SKIP PARTS 1,2,3 AND 4 of Alvaro’s tutorial in “Installation SSL
certificates and Coturn for OpenMeetings 5.0.0-M3”… and go straight to
part (5)… do as instructed.
In part (6) of the tutorial I decided not to change the user name in
the following as I had already set up the user name in the original OM
5.0.0 M3 instructions (“nobody”):
so instead of making the change:
*user=kurento:a_new_password*
I changed it to user=nobody:a_new_password
making all the other changes in part (6) as stated.
I *_DID NOT _*implement changes in part (7) regarding
DAEMON_USER="kurento"… I left it as "nobody"
However, I did make changes to the
/opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
as follows:
<!-- Kurento -->
<bean id="kurentoHandler"
class="org.apache.openmeetings.core.remote.KurentoHandler"
init-method="init" destroy-method="destroy"
p:kurentoWsUrl="ws://127.0.0.1:8888/kurento
<http://127.0.0.1:8888/kurento>"
p:checkTimeout="10000"
p:watchThreadCount="10"
p:turnUrl="*PUBLIC IP ADDRESS OF AWS SERVER*:3478"
p:turnUser="*nobody*:*PASSWORD*"
p:turnSecret="*LONG GENERATED PASSWORD*"
p:turnMode="rest"
p:turnTtl="60"
p:objCheckTimeout="200"
/>
Remember we are still in part (7)… after saving the changes to the
above (applicationContext.xml), I *_DID NOT_* make changes to
sudo chown -R kurento /opt/open503
I decided to keep it the same as per the original 5.0.0 M3 setup…
(keeping it as “nobody”)
I *DID NOT* modify:
sudo nano /etc/init.d/tomcat3
(i.e. changing “nobody” to “kurento”)
*AND FINALLY I MADE THE FOLLOWING CHANGE* – NOT IN THE STEPS:
/etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini
turnURL=*nobody*:*PASSWORD* @*PUBLIC IP ADDRESS OF AWS SERVER*:3478
Reboot the AWS server… through SSH… SUDO REBOOT
Wait a few minutes and do the following:
sudo /etc/init.d/coturn start
sudo /etc/init.d/mysql start
sudo /etc/init.d/kurento-media-server start
sudo /etc/init.d/tomcat3 start
*RESULT:* Everything works fine… ish… please refer to my “*Notes and
Observations*” below.
Reboot the AWS server… through SSH… SUDO REBOOT
Wait a few minutes and do the following:
sudo /etc/init.d/coturn start
sudo /etc/init.d/mysql start
sudo /etc/init.d/kurento-media-server start
sudo /etc/init.d/tomcat3 start
*FINALLY – NOTES AND OBSERVATIONS*
… and you might get a laugh out of this…
I had been testing all of this with 3 laptops at home… when I was
using a free public TURN server (stated above) … and then setup my
own… just in case it was not reliable.
I rotated user accounts on all laptops… but on one particular laptop
(HP), the user’s cam and audio dropped (it could be after 3, 5 8, 15
mins… no pattern)… my main testing laptop!!!… the laptop uses a HP
TRUEVISION webcam… I had been testing everything on Google Chrome for
months thinking Chrome sets the standard…. But no, the camera and
audio continued to drop… the user remains in the room and can still
see and hear everybody else and can interact via the whiteboard… I
thought it was an OM problem… until I used the latest version of
Firefox on that computer… and the camera didn’t drop. I was so curious
that I logged in on an older HP laptop and the same thing happened on
Chrome… downloaded Firefox… and the camera/audio was not disconnected.
Now while you might say… you are all on the same home network… I
decided to test it with my sister in Canada and my brother in
Ireland…. and once I was logged on in Firefox on my HP laptop… we had
a perfect connection… no errors etc.
But I did notice the following: I can upload docs, videos etc on
Chrome without a problem and they are converted as expected… but when
I do the same thing on Firefox…. Sometimes it “hangs” and gives and
“internal error”. For now… on my HP laptop I upload my files on Chrome
and give my classes on Firefox.
Either way, I can give a class online. I do know that while Chrome’s
main update was in mid-February of this year…. Another update was
available today… which I have not tested. But my experience with the
HP TRUEVISION cam is a strange one… and as a result it might be a good
idea for users to state what they are testing OM on... rather than
just their server specs. Just a thought.
Thank you Maxim for all your support. Hopefully this will help some
AWS users. If anyone has questions I am happy to answer them… but for
now I am off to bed as it is 3.15am on my side and will check in in a
few hours.
All the best, stay safe and well.
Denis
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
Virus-free. www.avg.com
<http://www.avg.com/email-signature?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
