livekit-helm icon indicating copy to clipboard operation
livekit-helm copied to clipboard
verified publisher icon livekit

Infinite loop in Ingress

Open josedpiambav opened this issue 1 year ago • 4 comments

This is my first time configuring the various components of Livekit on a Kubernetes cluster in GCP (GKE)

Attached are screenshots of my PODs logs

Server: image

Ingress: image

Egress: image

I have several doubts, I will order them by relevance:

  • What is the reason for the infinite loop in ingress?
  • The recommended configuration uses use_external_ip in RTC for both server and ingress. In both cases the logs show failed to get external ip {“nodeID”: “NE_5vZqJMs5a8T8”, “local”: “10.48.2.28”, “err”: “could not validate external IP: 34.31.70.111”}, what is the reason?

Here are the details of my GKE configuration: regional cluster with a single zone, public nodes, n2d-highcpu-8 machines. Currently I have only one node on which I host server, ingress and egress because I am in the configuration phase (later I will increase the number of nodes and configure autoscaling).

I also attach the .yaml that I am applying (I generated them from the Helm Charts)

livekit-egress-test.txt livekit-ingress-test.txt livekit-server-test.txt

josedpiambav avatar Sep 21 '24 19:09 josedpiambav

@josedpiambav Were you able to resolve the issue?

bkbasavaraju avatar Oct 29 '24 17:10 bkbasavaraju

@bkbasavaraju empirically, I adjusted a few settings until the components worked.

For the server, in RTC configure use_external_ip: false and in deployment I made sure that the following attributes were configured dnsPolicy: ClusterFirstWithHostNet and hostNetwork: true.

For the ingress, in RTC configure use_external_ip: false, in the values.yaml configure podHostNetwork: false and in service set it as ClusterIP. and in service they set it as ClusterIP since for my use case I don't need to expose this component to external (if the other components of my cluster can access it, it is enough).

I think it is an issue regarding network management in Kubernetes, I have a single machine running the server, ingress and egress components.

I still need to configure different machines for each component and verify if there is connectivity between them.

josedpiambav avatar Oct 30 '24 15:10 josedpiambav

@bkbasavaraju

For the TURN server I had to manage my certificate (TLS termination) outside of Kubernetes and load the certificate files in a secret. In the values.yaml that you apply for the Ingress you can specify the service type

image

josedpiambav avatar Nov 04 '24 12:11 josedpiambav

@josedpiambav Thanks a lot for your suggestions. We have now LikeKit server and Ingress Pods are running in our AKS Cluster. Egress pods are not coming up, its crashing with error panic: runtime error: invalid memory address or nil pointer dereference Did you do anything specific for Egress? Also we see that LiveKit server is giving error when we are trying to connect and make a call, the connection works without any error but making the call gives error. Any help would be greatly appreciated.

Attached are the LiveKit server and LiveKit Ingress Values yaml files.

livekit-ingress-values.txt livekit-server-values.txt

bkbasavaraju avatar Nov 04 '24 12:11 bkbasavaraju