This article is to introduce Janus based SFU media architecture for WebRTC systems. It also aims at evaluating the performance of the VP9 simulcast p2p model with Janus based SFU system.
- Janus
- Centralised media conferencing / mixing service using Janus
- Streaming Video via CDN
- Server Selection and Setup from source
- Issues with installation of janus
- Self Signed SSL certs
- Check Janus Running
- ECHO Test
- Run
- WebRTC Client for Janus System
- Security consideration before taking janus live
Janus
We know Janus is a popular small footprint gateway/media Server with support for WebRTC features like JSEP/SDP, ICE, DTLS-SRTP, DataChannels. Its plugins expose Janus API over different transports – HTTP, WS, rabbitMQ, Unix sockets, MQTT so on. Other plugins provide deeper modifications such as Video SFU, Audio MCU, SIP/RTSP gateways, broadcasting etc.
Centralised media conferencing / mixing service using Janus
Streaming Video via CDN
Tip : use mixing for Audio and Relay for video in large participant sessions.
Server Selection and Setup from source
Janus Setup on public ec2 isntance. Since the a media server can clog the server space make sure to choose alarge instance like c5.large. Sample log file size
Install prerequisite libraries
sudo apt-get install libmicrohttpd-dev libjansson-dev libnice-dev libssl-dev libsrtp-dev libsofia-sip-ua-dev libglib2.0-dev libopus-dev libogg-dev libini-config-dev libcollection-dev libwebsockets-dev pkg-config gengetopt automake libtool doxygen graphviz git libconfig-dev cmake
Make Sure libsrtp v2.x is installed instead of existing 1.4 in debain /ubuntu default such as
libsrtp0-dev is already the newest version (1.4.5~20130609~dfsg-2ubuntu1).
Manually installing libsrtp2 from https://github.com/cisco/libsrtp
wget https://github.com/cisco/libsrtp/archive/v2.2.0.tar.gz tar xfv v2.2.0.tar.gz cd libsrtp-2.2.0 ./configure --prefix=/usr --enable-openssl make shared_library && sudo make install
Since we are going to use websocket as signalling, ensure lws (libwebsocket) >= 2.0.0 is installed
git clone https://libwebsockets.org/repo/libwebsockets cd libwebsockets mkdir build cd build cmake -DLWS_MAX_SMP=1 -DLWS_WITHOUT_EXTENSIONS=0 -DCMAKE_INSTALL_PREFIX:PATH=/usr -DCMAKE_C_FLAGS="-fpic" make && sudo make install
Also libnice (at least v0.1.16) need to be installed
Get Janus source code and configure
git clone git://github.com/meetecho/janus-gateway.git cd janus-gateway sh autogen.sh ./configure --disable-data-channels --disable-docs --prefix=/opt/janus LDFLAGS="-L/usr/local/lib -Wl,-rpath=/usr/local/lib" CFLAGS="-I/usr/local/include"
At this point Janus prinst a config detail such as below and asks if its ok . Ensure Websocket is yes. One can start the make process if it is
Compiler: gcc
libsrtp version: 2.x
SSL/crypto library: OpenSSL
DTLS set-timeout: not available
Mutex implementation: GMutex (native futex on Linux)
DataChannels support: no
Recordings post-processor: no
TURN REST API client: no
Doxygen documentation: no
Transports:
REST (HTTP/HTTPS): yes
WebSockets: yes
RabbitMQ: no
MQTT: no
Unix Sockets: yes
Nanomsg: no
Plugins:
Echo Test: yes
Streaming: yes
Video Call: yes
SIP Gateway: yes
NoSIP (RTP Bridge): yes
Audio Bridge: yes
Video Room: yes
Voice Mail: yes
Record&Play: yes
Text Room: yes
Lua Interpreter: no
Duktape Interpreter: no
Event handlers:
Sample event handler: no
WebSocket ev. handler: yes
RabbitMQ event handler:no
MQTT event handler: no
Nanomsg event handler: no
GELF event handler: yes
External loggers:
JSON file logger: no
JavaScript modules: no
Make and install
make && sudo make install
Making configs
sudo make configs
For details refer to actual README on Janus git repo https://github.com/meetecho/janus-gateway
Start
By default, Janus starts in foreground, as a console application that stop with Ctrl + c command
./janus
Starting janus as backvroudn or daemon service
sudo ./janus -N -d 0 --daemon --log-file /var/log/janus
tailing the log file
> tail -f /var/log/janus
--------------------------------------------------- Starting Meetecho Janus (WebRTC Server) v0.11.1 --------------------------------------------------- Checking command line arguments... Debug/log level is 0 Debug/log timestamps are disabled Debug/log colors are enabled
references : https://janus.conf.meetecho.com/docs/service.html
Issues with installation of janus
Before resolving any issue, it is important to verify whether you are runing multiple versions of janus on your system
altanai@xx:~/janus-gateway$ janus --version Janus commit: bed081c03ad4854f3956898646198100a8ed82cf Compiled on: Fri Apr 2 07:28:14 UTC 2021 janus 0.11.1 altanai@xx:~/janus-gateway$ ./janus --version Janus commit: c970528037d46d52a4bc1fd7db2a44c900c2baf2 Compiled on: Thu Apr 8 18:01:36 UTC 2021 janus 0.10.8
If this is so, delete the one you dont require. I’d go with rmeoove the one installed globally.
Cmake version error
If you see an error in rabbitmq instalation , which is part of janus installation
CMake 3.12...3.18 or higher is required. You are running version 3.10.2
then proceed to remove existing version and install updates ne by first removing tghe existing cmake version
sudo apt remove cmake wget https://github.com/Kitware/CMake/releases/download/v3.20.1/cmake-3.20.1-linux-x86_64.sh sh cmake-3.20.1-linux-x86_64.sh
check version
>> cmake-3.20.1-linux-x86_64/bin/cmake --version cmake version 3.20.1
lib websocket error in libjanus_websockets.so
Couldn't load transport plugin 'libjanus_websockets.so': /opt/janus/lib/janus/transports/libjanus_websockets.so: undefined symbol: lws_hdr_custom_length
Libwebsockets (LWS) is a flexible, lightweight pure C library for implementing modern network protocols easily with a tiny footprint, using a nonblocking event loop.
Fisrt check the version of libwebsockets u have on ur machine . If it is lesse that 2.0.0 version
>> apt show libwebsockets-dev Package: libwebsockets-dev Version: 2.0.3-3build1 Priority: optional Section: universe/libdevel Source: libwebsockets Origin: Ubuntu Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org> Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 502 kB Depends: libwebsockets8 (= 2.0.3-3build1), libev-dev, libssl-dev, libuv1-dev, zlib1g-dev Homepage: https://libwebsockets.org/ Download-Size: 133 kB APT-Manual-Installed: yes APT-Sources: http://us-west-1.ec2.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages Description: lightweight C websockets library - development files Libwebsockets is a lightweight pure C library for both websockets clients and servers built to use minimal CPU and memory resources and provide fast throughput in both directions. . This package contains the header files needed for developing programs using libwebsockets and a static library.
Follow the steps to install libwebsocket , libwebsockets >= 2.0.0, the current v3.2-stable is good http://libwebsockets.org/
Failures due to ICE
ICE failed for component 1 in stream 1… No WebRTC media anymore WebRTC resources freed;
Self Signed SSL certs
Make a new directory for SSL certs
mkdir /home/ubuntu/ssl generate certs openssl req -new -newkey rsa:4096 -nodes -keyout key.pem -out cert.csr openssl x509 -req -sha256 -days 365 -in cert.csr -signkey key.pem -out cert.pem chmod 600 cert.csr chmod 600 cert.pem chmod 600 key.pem
Remember to allow advanced access if the ssl are self signed and not from a varified CA
Update janus config
Path for Janus configuration is usually /opt/janus/etc/janus/janus.jcfg as given by the prefix during instalation. some of the types of config are
>> vi /opt/janus/etc/janus/janus.jcfg
general: {
configs_folder = "/opt/janus/etc/janus" # Configuration files folder
plugins_folder = "/opt/janus/lib/janus/plugins" # Plugins folder
transports_folder = "/opt/janus/lib/janus/transports" # Transports folder
events_folder = "/opt/janus/lib/janus/events" # Event handlers folder
loggers_folder = "/opt/janus/lib/janus/loggers" # External loggers folder
....
}
- SSL certs for DTLS can also be specified under certificates
- Restricting media ports between a range . Comes in handy when u have to selectively open ports ona cloud instance such as AWS instance
media: {
ipv6 = false
#min_nack_queue = 500
rtp_port_range = "20000-40000"
#dtls_mtu = 1200
#no_media_timer = 1
#slowlink_threshold = 4
#twcc_period = 100
#dtls_timeout = 500
....
}
- changing NAT for STUN/TURN servers to gather ICE
using 1:1 NAT( suited to Amzon EC2) requires specifying public address
nat_1_1_mapping = "1.1.1.1"
- To change transport http , set http to true from false
goto installation location for janus config
cd /opt/janus/etc/janus/
> vi /opt/janus/etc/janus/janus.transport.http.jcfg
general: {
#events = true # Whether to notify event handlers about transport events (default=true)
json = "indented" # Whether the JSON messages should be indented (default),
# plain (no indentation) or compact (no indentation and no spaces)
base_path = "/janus" # Base path to bind to in the web server (plain HTTP only)
http = true # Whether to enable the plain HTTP interface
port = 8088 # Web server HTTP port
#interface = "eth0" # Whether we should bind this server to a specific interface onlya
#ip = "x.x.x.x" # Whether we should bind this server to a specific IP address (v4 or v6) only
https = true # Whether to enable HTTPS (default=false)
secure_port = 8089 # Web server HTTPS port, if enabled
#secure_interface = "eth0" # Whether we should bind this server to a specific interface only
#secure_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address (v4 or v6) only
#acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
Change path for certs and key pem files
> vi janus.jcfg
certificates: {
cert_pem = "/home/ubuntu/ssl/cert.pem"
cert_key = "/home/ubutu/ssl/key.pem"
#cert_pwd = "secretpassphrase"
#dtls_accept_selfsigned = false
#dtls_ciphers = "your-desired-openssl-ciphers"
#rsa_private_key = false
#ciphers = "PFS:-VERS-TLS1.0:-VERS-TLS1.1:-3DES-CBC:-ARCFOUR-128"
}
There are options for other ciphers and passphrass , leave them for now.
- To change transport ws for websocket
general: {
#events = true # Whether to notify event handlers about transport events (default=true)
json = "indented" # Whether the JSON messages should be indented (default),
# plain (no indentation) or compact (no indentation and no spaces)
#pingpong_trigger = 30 # After how many seconds of idle, a PING should be sent
#pingpong_timeout = 10 # After how many seconds of not getting a PONG, a timeout should be detected
ws = true # Whether to enable the WebSockets API
ws_port = 8188 # WebSockets server port
#ws_interface = "eth0" # Whether we should bind this server to a specific interface only
#ws_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
wss = true # Whether to enable secure WebSockets
wss_port = 8989 # WebSockets server secure port, if enabled
#wss_interface = "eth0" # Whether we should bind this server to a specific interface only
#wss_ip = "192.168.0.1" # Whether we should bind this server to a specific IP address only
#ws_logging = "err,warn" # libwebsockets debugging level as a comma separated list of things
# to debug, supported values: err, warn, notice, info, debug, parser,
# header, ext, client, latency, user, count (plus 'none' and 'all')
#ws_acl = "127.,192.168.0." # Only allow requests coming from this comma separated list of addresses
}
Simillar to http transport conf above , also update the certs section with valid path for ssl certs
Check Janus Running
Running ports check ( http )
> sudo lsof -i | grep janus janus 26450 ubuntu 7u IPv6 418550 0t0 UDP *:rfe janus 26450 ubuntu 8u IPv6 418551 0t0 UDP *:5004 janus 26450 ubuntu 17u IPv6 418557 0t0 TCP *:omniorb (LISTEN) janus 26450 ubuntu 20u IPv6 672518 0t0 TCP *:8089 (LISTEN) janus 26450 ubuntu 24u IPv4 672519 0t0 TCP *:8188 (LISTEN) janus 26450 ubuntu 25u IPv4 672520 0t0 TCP *:8989 (LISTEN)
Janus INFO
Going to deployed janus URL like http://x.x.x.x:8088/janus/info
"janus": "server_info",
"transaction": "rGuo8HNI4wu",
"name": "Janus WebRTC Gateway",
"version": 26,
"version_string": "0.2.6",
"author": "Meetecho s.r.l.",
"commit-hash": "not-a-git-repo",
"compile-time": "Wed Feb 28 07:02:15 UTC 2018",
"log-to-stdout": true,
"log-to-file": false,
"data_channels": false,
"session-timeout": 60,
"server-name": "MyJanusInstance",
"local-ip": "x.x.x.x",
"ipv6": false,
"ice-lite": false,
"ice-tcp": false,
"api_secret": false,
"auth_token": false,
"event_handlers": false,
"transports": {
"janus.transport.http": {
"name": "JANUS REST (HTTP/HTTPS) transport plugin",
"author": "Meetecho s.r.l.",
"description": "This transport plugin adds REST (HTTP/HTTPS) support to the Janus API via libmicrohttpd.",
"version_string": "0.0.2",
"version": 2
},
"janus.transport.websockets": {
"name": "JANUS WebSockets transport plugin",
"author": "Meetecho s.r.l.",
"description": "This transport plugin adds WebSockets support to the Janus API via libwebsockets.",
"version_string": "0.0.1",
"version": 1
}
},
"events": {},
"plugins": {
"janus.plugin.voicemail": {
"name": "JANUS VoiceMail plugin",
"author": "Meetecho s.r.l.",
"description": "This is a plugin implementing a very simple VoiceMail service for Janus, recording Opus streams.",
"version_string": "0.0.6",
"version": 6
},
"janus.plugin.audiobridge": {
"name": "JANUS AudioBridge plugin",
"author": "Meetecho s.r.l.",
"description": "This is a plugin implementing an audio conference bridge for Janus, mixing Opus streams.",
"version_string": "0.0.10",
"version": 10
},
"janus.plugin.echotest": {
"name": "JANUS EchoTest plugin",
"author": "Meetecho s.r.l.",
"description": "This is a trivial EchoTest plugin for Janus, just used to showcase the plugin interface.",
"version_string": "0.0.7",
"version": 7
},
"janus.plugin.recordplay": {
"name": "JANUS Record&Play plugin",
"author": "Meetecho s.r.l.",
"description": "This is a trivial Record&Play plugin for Janus, to record WebRTC sessions and replay them.",
"version_string": "0.0.4",
"version": 4
},
"janus.plugin.textroom": {
"name": "JANUS TextRoom plugin",
"author": "Meetecho s.r.l.",
"description": "This is a plugin implementing a text-only room for Janus, using DataChannels.",
"version_string": "0.0.2",
"version": 2
},
"janus.plugin.videoroom": {
"name": "JANUS VideoRoom plugin",
"author": "Meetecho s.r.l.",
"description": "This is a plugin implementing a videoconferencing SFU (Selective Forwarding Unit) for Janus, that is an audio/video router.",
"version_string": "0.0.9",
"version": 9
},
"janus.plugin.sipre": {
"name": "JANUS SIPre plugin",
"author": "Meetecho s.r.l.",
"description": "This is a simple SIP plugin for Janus (based on libre instead of Sofia), allowing WebRTC peers to register at a SIP server and call SIP user agents through the gateway.",
"version_string": "0.0.1",
"version": 1
},
"janus.plugin.videocall": {
"name": "JANUS VideoCall plugin",
"author": "Meetecho s.r.l.",
"description": "This is a simple video call plugin for Janus, allowing two WebRTC peers to call each other through the gateway.",
"version_string": "0.0.6",
"version": 6
},
"janus.plugin.streaming": {
"name": "JANUS Streaming plugin",
"author": "Meetecho s.r.l.",
"description": "This is a streaming plugin for Janus, allowing WebRTC peers to watch/listen to pre-recorded files or media generated by gstreamer.",
"version_string": "0.0.8",
"version": 8
},
"janus.plugin.nosip": {
"name": "JANUS NoSIP plugin",
"author": "Meetecho s.r.l.",
"description": "This is a simple RTP bridging plugin that leaves signalling details (e.g., SIP) up to the application.",
"version_string": "0.0.1",
"version": 1
},
"janus.plugin.sip": {
"name": "JANUS SIP plugin",
"author": "Meetecho s.r.l.",
"description": "This is a simple SIP plugin for Janus, allowing WebRTC peers to register at a SIP server and call SIP user agents through the gateway.",
"version_string": "0.0.7",
"version": 7
}
}
}
ECHO Test
An Echo test is part of Janus and can be done via reached via deployed server url https://x.x.x.x:8084/echotest.html
For a valid SDP message notice the contact headers in chrome://webrtc-internals
Local Description (mungled)
O line represents origin type: offer, sdp: v=0 o=- 1331622865522329207 2 IN IP4 127.0.0.1 Audio Media stream in m line m=audio 9 UDP/TLS/RTP/SAVPF 111 103 104 9 0 8 106 105 13 110 112 113 126 c=IN IP4 0.0.0.0 Video media stream in m line m=video 9 UDP/TLS/RTP/SAVPF 96 97 98 99 100 101 102 122 127 121 125 107 108 109 124 120 123 c=IN IP4 0.0.0.0 Data m=application 9 UDP/DTLS/SCTP webrtc-datachannel c=IN IP4 0.0.0.0
Remote Description
Origin Line type: answer, sdp: v=0 o=- 6397148042001786590 2 IN IP4 54.193.51.199 Audio Stream m=audio 9 UDP/TLS/RTP/SAVPF 111 9 0 8 106 105 13 110 112 113 c=IN IP4 54.193.51.199 Video Stream m=video 9 UDP/TLS/RTP/SAVPF 96 98 100 102 127 125 108 97 99 101 122 121 107 109 c=IN IP4 54.193.51.199 Data m=application 0 UDP/DTLS/SCTP 0 c=IN IP4 54.193.51.199
VideoCall – https://x.x.x.x:8084/videocalltest.html
Run
./opt/janus/bin/janus
Plugin (above ) and then procceeds to join the room ( screenshot below)
After this Janus procced to do JSEP offer / answer signalling with ICE checks and then does keepalive checks for the duraion of the session .
Stream Types
Unicast
a=sendonly
a=recvonly
a=sendrecv
a=inactive
Simulcast
https://x.x.x.x:8084/videocalltest.html?simulcast=true
LD Libbary Path Exception
If you see an missing encryption exception , start janus with LD_LIBRARY_PATH
export LD_LIBRARY_PATH=/usr/lib && /opt/janus/bin/janus --debug-level=7 --stun-server=stun.l.google.com:19302 --event-handlers --full-trickle
ICE resolution in Runtime
Trickle ICE Command Line params give console output as
[janus.cfg]
general: {
debug_level: 7
}
certificates: {
}
nat: {
stun_server: stun.l.google.com
stun_port: 19302
full_trickle: true
}
media: {
}
transports: {
}
plugins: {
}
events: {
broadcast: yes
}
loggers: {
}
With NAT 1:1 mapping
export LD_LIBRARY_PATH=/usr/lib && /opt/janus/bin/janus --debug-level=7 --nat-1-1=54.193.51.199 --stun-server=stun.l.google.com:19302 --rtp-port-range=20000-50000
1 to 1 NAT mpapping coordinates with amazon ec2
[janus.cfg]
general: {
debug_level: 7
}
certificates: {
}
nat: {
nat_1_1_mapping: 54.193.51.199
}
media: {
rtp_port_range: 20000-50000
}
transports: {
}
plugins: {
}
events: {
}
loggers: {
}
WebRTC Client for Janus System
Test client
Using the html sample clients
cd html
admin.html citeus.html e2etest.html index.html nosiptest.html siptest.html textroomtest.html voicemailtest.html audiobridgetest.html demos.html echotest.html multiopus.html recordplaytest.html streamingtest.html videocalltest.html vp9svctest.html canvas.html devicetest.html footer.html navbar.html screensharingtest.html support.html videoroomtest.html
check lsb release and then Install Nodejs to host client page
>> lsb_release -a
curl -sL https://deb.nodesource.com/setup_15.x | sudo -E bash - sudo apt-get install -y nodejs
Http WebServer
npm init npm install http-server node_modules/http-server/bin/http-server
To be able to compile native addons from npm you’ll need to install the development tools:
sudo apt install build-essential
open the client in webrtc supported browser at http://x.x.x.x:8080/videoroomtest.html
If you see a issues
No WebRTC media anymore; 0x7fbe20001a40 0x7fbe20002440 WebRTC resources freed; 0x7fbe20001a40 0x7fbe20001320 Handle and related resources freed; 0x7fbe20001a40 0x7fbe20001320
Then it is likley a NAT issues and you should look at jcfg config file to see whether the interface is specified corectly
# Generic settings interface = "x.x.x.x" # Interface to use (will be used in SDP) server_name = "WebrtcMCUJanus" # Public name of this Janus instance
Security consideration before taking janus live
Hide the dependencies
hide_dependencies = true
By default, a call to the “info” endpoint of either the Janus or Admin API now als returns the versions of the main dependencies (e.g., libnice, libsrtp, which crypto library is in use and so on). Should you want that info not to be disclose, set ‘hide_dependencies’ to true.
Common spam attack. source https://groups.google.com/g/meetecho-janus/c/IcJd3e4V1F8
Issues : Janus is throwing an error Invalid url /ws/v1/cluster/apps/new-application
Possible solution : changing port of http transport
References
- Meson quick start https://mesonbuild.com/Quick-guide.html
- Dockerfile for janus by atyenoria https://github.com/atyenoria/janus-webrtc-gateway-docker/blob/master/Dockerfile
- Janus as WebRTc “enabler” – Lorenzo Miniero at FOSDEM 2020 Real Time devroom 2nd February 2020, Brussels
To read more about Media Archietctures and topologies such as point-point , point-to-multipoint , multicast , translators, mixers and SFU goto :
Media Architecture, RTP topologies
With the sudden onset of Covid-19 and building trend of working-from-home , the demand for building scalable conferncing solution and virtual meeting room has skyrocketed . Here is my advice if you are building a auto- scalable conferencing solution
To read more on the topologies of conferencing systems ( Mesh vs Star , Unicast vs Multicast and SVC) read :
SIP conferencing and Media Bridges
SIP is the most popular signalling protocol in VOIP ecosystem. It is most suited to a caller-callee scenario , yet however supporting scalable conferences on VOIP is a market demand. It is desired that SIP must for multimedia stream but also provide conference control for building communication and collaboration apps for new and customisable solutions.
Telecom R & D 