Home

Awesome

Helm Chart for Jitsi Meet

Artifact Hub GitHub Release GitHub Release Date

jitsi-meet Secure, Simple and Scalable Video Conferences that you use as a standalone app or embed in your web application.

TL;DR;

helm repo add jitsi https://jitsi-contrib.github.io/jitsi-helm/
helm install myjitsi jitsi/jitsi-meet

Introduction

This chart bootstraps a jitsi-meet deployment, like the official one.

Exposing your Jitsi Meet installation

To be able to do video conferencing with other people, the JVB component should be reachable by all participants (e.g. on a public IP). Thus the default behaviour of advertised the internal IP of JVB, is not really suitable in many cases. Kubernetes offers multiple possibilities to work around the problem. Not all options are available depending on the Kubernetes cluster setup. The chart tries to make all options available without enforcing one.

Option 1: service of type LoadBalancer

This requires a cloud setup that enables a Loadbalancer attachement. This could be enabled via values:

jvb:
  service:
    type: LoadBalancer

  # Depending on the cloud, LB's public IP cannot be known in advance, so deploy first, without the next option.
  # Next: redeploy with the following option set to the public IP you retrieved from the API.
  # Additionally, you can add your cluster's public IPs if you want to use direct connection as a fallback.
  publicIPs:
    - 1.2.3.4
    # - 30.10.10.1
    # - 30.10.10.2

In this case you're not allowed to change the jvb.replicaCount to more than 1, UDP packets will be routed to random jvb, which would not allow for a working video setup.

Option 2: NodePort and node with Public IP or external loadbalancer

jvb:
  service:
    type: NodePort
  # Set the following variable if you want to use a specific external port for the service.
  # The default is to select a random port from Kubelet's allowed NodePort range (30000-32767).

  # nodePort: 10000

  # Use public IP of one (or more) of your nodes,
  # or the public IP of an external LB:
  publicIPs:
    - 30.10.10.1

In this case you're not allowed to change the jvb.replicaCount to more than 1, UDP packets will be routed to random jvb, which would not allow for a working video setup.

Option 3: hostPort and node with Public IP

jvb:
  useHostPort: true
  # Use public IP of one (or more) of your nodes,
  # or the public IP of an external LB:
  publicIPs:
    - 30.10.10.1

In this case you can have more the one jvb but you're putting you cluster at risk by having the nodes IPs and JVB ports directly exposed on the Internet.

Option 3.1: hostPort and auto-detected Node IP

jvb:
  useHostPort: true
  useNodeIP: true

This is similar to option 3, but every JVB pod will auto-detect it's own external IP address based on the node it's running on. This option might be better suited for installations that use OCTO.

Option 4: hostNetwork

jvb:
  useHostNetwork: true

Similar to Option 3, this way you expose JVB "as is" on the node, without any additional protection. This is not recommended, but might be useful in some rare cases.

Option 4: Use ingress TCP/UDP forward capabilities

In case of an ingress capable of doing tcp/udp forwarding (like nginx-ingress), it can be setup to forward the video streams.

# Don't forget to configure the ingress properly (separate configuration)
jvb:
  # 1.2.3.4 being one of the IP of the ingress controller
  publicIPs:
    - 1.2.3.4

Again in this case, only one jvb will work in this case.

Option 5: Bring your own setup

There are multiple other possibilities combining the available parameters, depending of your cluster/network setup.

Recording and streaming support

This chart includes support for Jibri, which allows Jitsi Meet users to record and stream their meetings. To enable Jibri support, add this section to your values.yaml:

jibri:
  ## Enabling Jibri will allow users to record
  ## and/or stream their meetings (e.g. to YouTube).
  enabled: true

  ## Enable single-use mode for Jibri (recommended).
  singleUseMode: false

  ## Enable multiple Jibri instances.
  ## Secommended for single-use mode.
  replicaCount: 1

  ## Enable recording service.
  ## Set this to true/false to enable/disable local recordings.
  ## Defaults to enabled (allow local recordings).
  recording: true

  ## Enable livestreaming service.
  ## Set this to true/false to enable/disable live streams.
  ## Defaults to disabled (livestreaming is forbidden).
  livestreaming: true

  ## Enable persistent storage for local recordings.
  ## If disabled, jibri pod will use a transient
  ## emptyDir-backed storage instead.
  persistence:
    enabled: true
    size: 32Gi

  shm:
    ## Set to true to enable "/dev/shm" mount.
    ## May be required by built-in Chromium.
    enabled: true

The above example will allow your Jitsi users to make local recordings, as well as live streams of their meetings.

Scaling your installation

At the moment you can freely scale Jitsi Web and Jibri pods, as they're stateless and require zero special configuration to work in multi-instance setup:

web:
  replicaCount: 3

jibri:
  replicaCount: 3

Also, this chart supports JVB scaling based on OCTO Relay feature, which allows different users to connect to different bridges and still see and hear each other. This feature requires some additional configuration. Here's an example based on the Option 3.1 mentioned above:

jvb:
  ## Set JVB instance count:
  replicaCount: 3
  ## Expose JVB interface port to the outside world
  #  only on nodes that actually have it:
  useHostPort: true
  ## Make every JVB pod announce its Node's external
  #  IP address and nothing more:
  useNodeIP: true


octo:
  ## Enable OCTO support for both JVB and Jicofo:
  enabled: true

Please note that the JVB scaling feature is currently under-tested and thus considered experimental. Also note that this chart doesn't allow to scale JVB into multiple zones/regions yet: all JVB pods will be part of the single OCTO region named all.

Adding custom Prosody plugins

In case you want to extend your Jitsi Meet installation with additional Prosody features, you can add custom plugins using additional ConfigMap mounts like this:

prosody:
  extraVolumes:
    - name: prosody-modules
      configMap:
        name: prosody-modules
  extraVolumeMounts:
    - name: prosody-modules
      subPath: mod_measure_client_presence.lua
      mountPath: /prosody-plugins-custom/mod_measure_client_presence.lua

Configuration

The following table lists the configurable parameters of the jisti-meet chart and their default values.

ParameterDescriptionDefault
imagePullSecretsList of names of secrets resources containing private registry credentials[]
enableAuthEnable authenticationfalse
enableGuestsEnable guest accesstrue
websockets.colibri.enabledEnable WebSocket support for JVB/Colibrifalse
websockets.xmpp.enabledEnable WebSocket support for Prosody/XMPPfalse
jibri.enabledEnable Jibri servicefalse
jibri.useExternalJibriUse external Jibri service, instead of chart-provided onefalse
jibri.singleUseModeEnable Jibri single-use modefalse
jibri.recordingEnable local recording servicetrue
jibri.livestreamingEnable livestreaming servicefalse
jibri.persistence.enabledEnable persistent storage for Jibri recordingsfalse
jibri.persistence.sizeJibri persistent storage size4Gi
jibri.persistence.existingClaimUse pre-created PVC for Jibri(unset)
jibri.persistence.storageClassNameStorageClass to use with Jibri(unset)
jibri.shm.enabledAllocate shared memory to Jibri podfalse
jibri.shm.useHostPass /dev/shm from host to Jibrifalse
jibri.shm.sizeJibri shared memory size2Gi
jibri.replicaCountNumber of replica of the jibri pods1
jibri.image.repositoryName of the image to use for the jibri podsjitsi/jibri
jibri.extraEnvsMap containing additional environment variables for jibri{}
jibri.livenessProbeMap that holds the liveness probe, you can add parameters such as timeout or retries following the Kubernetes specA livenessProbe map
jibri.readinessProbeMap that holds the readiness probe, you can add parameters such as timeout or retries following the Kubernetes specA readinessProbe map
jibri.breweryMucName of the XMPP MUC used by jibrijibribrewery
jibri.xmpp.userName of the XMPP user used by jibri to authenticatejibri
jibri.xmpp.passwordPassword used by jibri to authenticate on the XMPP service10 random chars
jibri.recorder.userName of the XMPP user used by jibri to recordrecorder
jibri.recorder.passwordPassword used by jibri to record on the XMPP service10 random chars
jibri.strategyDepolyment update strategy and parameters(unset)
jigasi.enabledEnable Jigasi servicefalse
jigasi.useExternalJigasiUse external Jigasi service, instead of chart-provided onefalse
jigasi.replicaCountNumber of replica of the Jigasi pods1
jigasi.image.repositoryName of the image to use for the Jigasi podsjitsi/jigasi
jigasi.breweryMucName of the XMPP MUC used by Jigasijigasibrewery
jigasi.xmpp.userName of the XMPP user used by Jigasi to authenticatejigasi
jigasi.xmpp.passwordPassword used by Jigasi to authenticate on the XMPP service10 random chars
jigasi.livenessProbeMap that holds the liveness probe, you can add parameters such as timeout or retries following the Kubernetes specA livenessProbe map
jigasi.readinessProbeMap that holds the readiness probe, you can add parameters such as timeout or retries following the Kubernetes specA readinessProbe map
jigasi.extraEnvsMap containing additional environment variables for Jigasi{}
jicofo.replicaCountNumber of replica of the jicofo pods1
jicofo.image.repositoryName of the image to use for the jicofo podsjitsi/jicofo
jicofo.extraEnvsMap containing additional environment variables for jicofo{}
jicofo.livenessProbeMap that holds the liveness probe, you can add parameters such as timeout or retries following the Kubernetes specA livenessProbe map
jicofo.readinessProbeMap that holds the readiness probe, you can add parameters such as timeout or retries following the Kubernetes specA readinessProbe map
jicofo.xmpp.passwordPassword used by jicofo to authenticate on the XMPP service10 random chars
jicofo.xmpp.componentSecretValues of the secret used by jicofo for the xmpp-component10 random chars
jvb.publicIPsList of IP addresses for JVB to announce to clients(unset)
jvb.useNodeIPAuto-detect external IP address based on the Node IPfalse
jvb.stunServersList of STUN/TURN servers to announce to the usersmeet-jit-si-turnrelay.jitsi.net:443
jvb.service.enabledBoolean to enable os disable the jvb service creationfalse if jvb.useHostPort is true otherwise true
jvb.service.typeType of the jvb serviceClusterIP
jvb.service.ipFamilyPolicyipFamilyPolicy for the service (docs)(unset)
jvb.service.annotationsAdditional annotations for JVB service (might be useful for managed k8s){}
jvb.service.extraPortsAdditional ports to expose from your JVB pod(s)[]
jvb.UDPPortUDP port used by jvb, also affects port of service, and hostPort10000
jvb.nodePortUDP port used by NodePort service(unset)
jvb.useHostPortEnable HostPort feature (may not work on some CNI plugins)false
jvb.useHostNetworkConnect JVB pod to host network namespacefalse
jvb.extraEnvsMap containing additional environment variables to jvb{}
jvb.xmpp.userName of the XMPP user used by jvb to authenticatejvb
jvb.xmpp.passwordPassword used by jvb to authenticate on the XMPP service10 random chars
jvb.livenessProbeMap that holds the liveness probe, you can add parameters such as timeout or retries following the Kubernetes specA livenessProbe map
jvb.readinessProbeMap that holds the readiness probe, you can add parameters such as timeout or retries following the Kubernetes specA readinessProbe map
jvb.metrics.enabledBoolean that control the metrics exporter for jvb. If true the ServiceMonitor will also createdfalse
jvb.metrics.prometheusAnnotationsBoolean that controls the generation of prometheus annotations, to expose metrics for HPAfalse
jvb.metrics.image.repositoryDefault image repository for metrics exporterdocker.io/systemli/prometheus-jitsi-meet-exporter
jvb.metrics.image.tagDefault tag for metrics exporter1.1.5
jvb.metrics.image.pullPolicyImagePullPolicy for metrics exporterIfNotPresent
jvb.metrics.serviceMonitor.enabledServiceMonitor for Prometheustrue
jvb.metrics.serviceMonitor.selectorSelector for ServiceMonitor{ release: prometheus-operator }
jvb.metrics.serviceMonitor.intervalInterval for ServiceMonitor10s
jvb.metrics.serviceMonitor.honorLabelsMake ServiceMonitor honor labelsfalse
jvb.metrics.resourcesResources for the metrics container{ requests: { cpu: 10m, memory: 16Mi }, limits: { cpu: 20m, memory: 32Mi } }
octo.enabledBoolean to enable or disable the OCTO mode, for a single regionfalse
web.httpsEnabledBoolean that enabled tls-termination on the web pods. Useful if you expose the UI via a Loadbalancer IP instead of an ingressfalse
web.httpRedirectBoolean that enabled http-to-https redirection. Useful for ingress that don't support this feature (ex: GKE ingress)false
web.resolverIPOverride nameserver IP for Web container(unset, use auto-detected nameserver IP)
web.extraEnvsMap containing additional environment variable to web pods{}
web.livenessProbeMap that holds the liveness probe, you can add parameters such as timeout or retries following the Kubernetes specA livenessProbe map
web.readinessProbeMap that holds the readiness probe, you can add parameters such as timeout or retries following the Kubernetes specA readinessProbe map
tzSystem Time ZoneEurope/Amsterdam

Package

helm package . -d docs
helm repo index docs --url https://jitsi-contrib.github.io/jitsi-helm/