[Galene] Re: Galene in Docker [was: ANNOUNCE: galene-0.6.2]

Galène videoconferencing server discussion list archives
 help / color / mirror / Atom feed

From: Werner Fleck <galene.org@flexoft.net>
To: Juliusz Chroboczek <jch@irif.fr>
Cc: galene@lists.galene.org
Subject: [Galene] Re: Galene in Docker [was: ANNOUNCE: galene-0.6.2]
Date: Thu, 12 Jan 2023 16:01:23 +0100	[thread overview]
Message-ID: <fed7e9cb-711d-cd33-2390-a42d68462da9@gmail.com> (raw)
In-Reply-To: <875ydb6c8c.wl-jch@irif.fr>

Outgoing traffic is not restricted and I have not noticed a significant 
connection establishment delay.

And yes, running the Galene container (or any other container) in host 
networking mode would be easier to setup. But since I have many services 
on my server and only a single IPv4 address, this is not possible if all 
services should be reachable at its own hostname on port 443. And 
running some ports in host mode and others in bridged mode is not 
possible afaik.


Am 12.01.2023 um 15:47 schrieb Juliusz Chroboczek:
>> I`m running Coturn, also in a docker container.
>> The Coturn container runs in host network mode, i.e. with direct network
>> access. I found this necessary because it uses UDP ports 49152 to 65535
>> which was a performance killer using bridged networking.
> Yes, there's no way around it: if you run Galene behind a NAT, you need
> something outside of the NAT to establish communication.
>
>> The Galène container runs in standard bridged mode but has no ports
>> exposed. It only gets docker internal traffic.
> Are you allowing unrestricted outgoing UDP traffic from the Galene
> container?  If you don't, then all of the traffic will be routed through
> the TURN server, which will cause load on the TURN server and increase
> connection establishment delay by two seconds.
>
> If you do allow unrestricted traffic from Galene the Galene, then your
> solution is pretty good.  However, it requires setting up an external TURN
> server, which I feel is more hassle than just running Galene directly
> exposed to the Internet.
>
>> The system runs very stable, but I only used it with less than
>> 8 participants. So I don´t know how it would behave with much more
>> clients.
> You should have no problems (as long as you're allowing unrestricted
> outgoing UDP).  There's a slight increase in connection establishment time
> due to the STUN exchange with the TURN server, but it should be
> negligible.
>
> -- Juliusz

next prev parent reply	other threads:[~2023-01-12 15:01 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-01-11 18:57 [Galene] ANNOUNCE: galene-0.6.2 Juliusz Chroboczek
2023-01-11 19:20 ` [Galene] " Juliusz Chroboczek
2023-01-12  7:07   ` Fabrice Rouillier
2023-01-12 12:13     ` Juliusz Chroboczek
2023-01-12 12:18       ` Werner Fleck
2023-01-12 12:42         ` Juliusz Chroboczek
2023-01-12 13:55           ` Werner Fleck
2023-01-12 14:47             ` [Galene] Galene in Docker [was: ANNOUNCE: galene-0.6.2] Juliusz Chroboczek
2023-01-12 15:01               ` Werner Fleck [this message]
2023-01-12 15:29                 ` [Galene] " Juliusz Chroboczek
2023-01-12 15:32                   ` Fabrice Rouillier
2023-01-12 15:34                   ` Dianne Skoll
2023-01-12 18:08                     ` Rémy Dernat
2023-01-12 18:16                       ` Dianne Skoll
2023-01-12 21:30                         ` Juliusz Chroboczek
2023-01-15 21:16                           ` Fabrice Rouillier
2023-01-27  9:11                             ` Fabrice Rouillier
2023-01-27 11:50                               ` Juliusz Chroboczek
2023-01-27 11:56                                 ` Fabrice Rouillier
2023-01-12 20:50                     ` Fabrice Rouillier
2023-01-12 21:37                       ` Juliusz Chroboczek
2023-01-12 15:18             ` [Galene] Re: ANNOUNCE: galene-0.6.2 Fabrice Rouillier
2023-01-12 17:00               ` Werner Fleck
2023-01-17 13:55                 ` Werner Fleck

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://lists.galene.org/postorius/lists/galene.lists.galene.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=fed7e9cb-711d-cd33-2390-a42d68462da9@gmail.com \
    --to=galene.org@flexoft.net \
    --cc=galene@lists.galene.org \
    --cc=jch@irif.fr \
    --subject='[Galene] Re: Galene in Docker [was: ANNOUNCE: galene-0.6.2]' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox