Guided Tour of CNM Jitsi 2023-3-29
Guided Tour of CNM Jitsi 2023-3-29 - is the CNMCyber Guided Tours event on 29 March.
Guided Tour of CNM WordPress 2023-3-22 is the predecessor event.
Meeting subject
- We talked about the difference between Jitsi and CNM Jitsi, described Jitsi structure, and our CNM Jitsi instance installed on CNM Bureau Farm that features high availability powered by CNM Proxmox. So we touched on the topic of what high availability is and the difference between IP4 and IP6. And, of course, showed you how it works.
Video
Script
- I will begin, this is the CNMCyber Guided Tours event series, we'll meet every Wednesday and discuss one of CNMCyber products earned through Commercial off-the-shelf. Today we will look at the CNM Jitsi, its difference from Jitsi, touch on the technical details, let's see, let's break down what CNM Jitsi is in general. I'm going to start a little bit by saying that Jitsi is a video conferencing platform open source, which we're currently is being used successfully as our conference comes into CNM Jitsi. We have the record function here, the screen demonstration function and other classic features for the video calling platform. And so I'd like to ask Natalia what the basic difference is between the regular Jitsi and ours, the CNM Jitsi.
- Thank you very much for giving me the floor, I will now show our Jitsi You can see the screen, right? Okay, in order to explain why we use Jitsi...
- Not visible yet
- Yeah, that's good.
- Okay, for starters, in order to understand why we use Jitsi, we'll run back a little bit and remember, there was a conference like Zoom. But due to quarantine, coronavirus, that is, a lot of people have switched to Zoom, but it has a lot of drawbacks, i.e. due to heavy workloads, e.g, there were problems with the quality of the displayed video, there were also claims of privacy violations against the creators. For example, it is noted that the recording ... In addition, it has become known, that the company collects information about the user without proper notification at the time of installation or when opening the Zoom application, and transmits data to third parties, including Facebook, so Jitsi, this is, once again, a free app, whose privacy and encryption can be verified. It has a lot of advantages: the first is that Jitsi doesn't limit the number of users, there is no artificial limitation on the number of conference participants, that is, server capacity, bandwidth is the only limiting factor; then there may be locked rooms, that is, access to the rooms with a password; Jitsi our high quality audio and video and, naturally, as a virtue, it is, one hundred percent, open source code supported by the best communities. Also wanted to say what I personally like about Jitsi is the invitation to nice addresses, which you can't do in, say, Zoom, we can call some nice names and invite our... of course, all Jitsi have some kind of features and so does our Jitsi, the fact that we installed, downloaded it.
- Yes, Igor, we're listening to you.
- Well yes, I wanted to put in my two cents. Well, here I remember when we tried it, it was Zoom that I was comparing, I remember we went out with Michael, with Misha and we used Zoom and Jitsi. And anyway, when we tried it, the Jitsi worked better, the quality was better than Zoom. Not to mention that Zoom isn't open source. We only use CNMCyber in our project, like, open access codes, so Zoom wasn't our option, but then again even that's exactly what we checked, we specifically sat two, we tried this way and that way, and we had a couple of times where the Jitsi worked better than the Zoom. That's it, I said what I wanted to say.
- I'd also like to say that Jitsi is backing approx up to 75 competitors, for more results, you can, of course, limit it to a smaller number, say 50, 40, and so on. Here, then, what do we have? So it's a product that's entirely ours, which means that we somehow customized it, for example, downloaded it, made our CNM Jitsi logo, then we can control the quality of the connection, by default it's high, you can try to lower it, let's say there's an icon here, that's where you can lower the link quality make, let's say, not quality, but fast, then...
- Maybe you can show us right away how we, let's say, change the icon, do some customization. I was just talking to Igor about it today
- Okay, so in order to change the picture, we only needed to change the original file, we'll show, for example, let's say we're on a Jitsi server, where everything is set, we're going to try to find that picture now and show you where we changed it. To do this, we enter a special command that will search for and then it's right away we have a list of what we have. And we can see that in this directory /usr/share/jitsi-meet/images we have jitsi_logo.png, again we go there, in this directory and here we have jitsi_logo.png. Actually, here's the variant. So, we have changed the icon and there is a description of this icon in a special file
- So, Natalia, you're uploading a picture here in the images directory?
- Can you hear me all right?
- Yes, but I'm not sure if you can hear me, can you hear me okay?
- I can hear you, but Natalia can't hear me.
- Yes, Sonya can hear me and Natalia can't hear me. My question was that this picture loads and then... it writes in config.js and changed here
- Here's the file, the Jitsi configuration file, we found it and there's a direct link to the logo and you can see that it's a relative images directory and there's jitsi_logo.png, here we could have changed any other file name and put that file there. So this task can be done even by a schoolboy, I think it would be interesting for him to do it again.
- in principle, yes.
- Can you hear me now?
- Yes, I can hear you, I pressed it by accident, I turned off the sound in Chrome, it's not a problem with the connection.
- But you answered basically what I asked, you load the file into the images directory and you specify in config.js, that take this file, and they still give, like, a default, if this file is not ours, they will by default load watermark.
- Yeah, there's a file with a name by default and it's usually and that's usually what they take, this is the Jitsi icon, which is so famous, you can see it on the internet. Well yes, we can rewrite the file type as well, in this case, we were rewriting png too, yes we could svg.
- Well us if... OK, OK, let's keep going,
- Yes, you can see here even that I usually when I edit these things, I usually don't overwrite, but here you can see
- I also wanted to ask, it turns out that, in principle, these are all the settings here when we change the picture or whatever, it all happens for one installation of some particular Jitsi? So there's a separate customization thing for each installation?
- Yeah, I mean, something comes in a box, out of the box, that is, when we download from jitsi.org or whatever Natalya downloaded, I don't know, we download, it comes in, with default, there you saw this watermark if we don't change it, then it will show the watermark. But of course, yes, you can change this one separately for each setting, because they, each installation, each instance or every instance, I looked up some other word in the dictionary, well also the word instance, every instance of our this one, you can change it specifically and need to change and we'll change it, we just haven't gotten around to it.
- I don't quite understand the question, maybe the question, well look, we have one installation of Jitsi, and when the client comes in, here you are when you go into the computer, it's all the same, So you don't have to change something there for every client, there's the logo and so on, so that's what's common.
- Nah, Sonya asked if we have, we only have one rig so far, she asked what, when we'll have, let's say, we'll have a standing VM, let's say we put something in for a practice, for somebody, then there we can put already a separate logo to load, etc. That was her question.
- Well yes, I also had a question about the number of instances, it turns out that one.
- I hear echoes of our conversations. And I see she's standing on Hetzner, I pinged, I see she's standing,
- Yes, it's a unique setting in that it's we had our first experience with an application that can migrate from one machine to another, which is, let's say, we have 3 machines installed there in the cluster and Jitsi is free to migrate without losing communication quality from one machine to the other.
- And access now to this CNM Jitsi that's on the screen, access via ip6 it turns out that we...
- No, through ip4.
- let's say I'm pinging, it gives me ip6
- Let's see now, my ip6 is not working
- I typed ping jitsi.bskol.com, it gives me ip6
- Now let's see, I literally pinged before the conference got 107 ip, let's check now. I see 107 for some reason, see?
- I got ip6.
- Amazing, of course, can you show me?
- Yes, now, I don't know. I'll try and find out. I have to reboot Jitsi from my normal machine
- Uh-huh, and jitsi1?
- jitsi1 was directly hooked, and no, the same thing it's already different, yes. Amazing near
- So okay, Sonya, tell me, what else would you be interested in knowing?
- If it doesn't take long, maybe, you can tell me quickly what's been going on now ip4,6... what is it?
- The ping command we used, it's for finding out which machine this Jitsi server or any other site is on. We know that every site has a specific address, this address can be found out with a ping command. That's what we were looking at, yes, that is, by address, by IP you can see, let's say, what country is there or something, some interesting data there, in general who it is
- IP is, like, short for Internet Protocol, is the internet protocol, the first one was, like, the most popular ip4, but when ip4 began to wane, ip6 was developed, but ip4 it's kind of more expensive than ip6. We tried to run everything on ip6 first, then they kind of switched to ip4, but either they didn't switch all the way to ip6 or they didn't switch all the way to ip4, or we have, judging by the different addresses popping up, that tells me we have a mess of DNS records, as I think, because in principle it shouldn't be. Or maybe it's okay, maybe we have two entries, that is, under ip4 entry A and under ip6 entry AAAA, four times A. Maybe we have two entries, but we have to again. We haven't checked the DNS entries and we don't have them described on the wiki. They for each installation should specifically design these entries and they should be there. In addition, there may be something else going on on the web server, that is, IP - it tells you what IP address this application is hovering on, but for it to be resolved, it turns out that the request by the browser goes to this IP, but there's also a web server, in this case, nginx, which... when Natalya came to the machine at the beginning, she just got to nginx and it's already running inside the server on which particular virtual machine our application is running, that is, the IP doesn't know where, and the machine already handles it, redirects the request. But I don't know, like this one, it's a complicated subject in general and, I think, when we have it separately, let's say it's not called CNM Jitsi, it's called CNM Talk. This is in the Russian version we called Jitsi, because the Bulgarian Jitsi. When we're going to talk specifically about this CNM Talk installation, then it makes sense to go into more detail about DNS, where it stands, how it stands, that is, each installation will stand on its own machine or on its own server. Let's say there's no reason to run the experimental versions on the main ones, these are our, I don't know how to say it better, there's sort of a prioritization, that is, more expensive resources should be given to those applications, which are more used, and the ones that are already experimental, it doesn't matter as much there anymore, because quality is related to price, the higher the quality we want, the higher the price we have to pay, but if we want to save money, naturally, on the experimental version we'll already be doing simpler things there with these farms and simpler resources.
- It turns out that every installation has to be placed somewhere, but now Jitsi can be placed on three different...
- No, that's already this, already a function of the farm, again, when we're talking about the Farm, in this case, it's our farm called the Bureau, I can't remember what it's called in English, in the Russian version it was called the Business Farm, that is, the very nature of the farm is that it's on three iron servers and they have kind of a function that we added there which is called high availability, it's kind of like, in fact, if one server goes down, and that's what Natalya really liked, she was like riding in an elevator when one server goes down, it's an app called Proxmox HA, it moves this application itself to another machine, it's interestingly done when we're going to cover CNM Proxmox, we'll already talk specifically about it, in this case, it's not a property of our Jitsi, it's a property of the farm itself.
- Let's talk about something that's more about Jitsi because we're going into both machines and databases, although you could also ask about Jitsi, which database we use, that's short enough because last time we talked a little bit longer about databases, now we're a little bit past that point, so we can just talk about which
- Is there a database at all?
- I don't think there is. I'll show you now. Okay, this is a very, very interesting part of what Jitsi is made of, that is, Jitsi consists of several projects, these projects are installed together with Jitsi Meet, some of these projects are mandatory and some are optional, on the picture we can see that this nginx that Igor was talking about, Jitsi meet. What is Jitsi meet? That is, it's a JavaScript application that's built based on a protocol in WebRTC and that connects to our Jitsi Videobridge. Jitsi Videobridge is a key component of the system, when transmitting video and audio between participants, he acts as a kind of mediator and it transmits video and audio and then we have the jicofo is just a component, such a server-side trick that, in general, acts in some way as a load balancer between the conference participants and the video bridge. That is, if, for example, I was showing the screen, then Igor shows the screens, he redoes the focus, and then there's another thing we have in the picture Prosody is XMPP, which is a cross-platform server that's written in Lua. The structure of Jitsi is quite complex, you can show these all services
- may I have a question? Go back to this picture
- Okay, that's it, going back, yes, here's how I understand nginx is a web server, that is when the request goes, it goes by IP and nginx, it handles it, it sends something to the Jitsi meet, as I see it, and something goes Prosody, that is, Jitsi meet is, in fact, as I understand it, correct me, it's like an engine, generally the engine of this whole thing, I mean, yes, that's a good word "engine", moves and on it hangs there what to run, what not to run, the box is like this, the engine is like this meeting Prosody, as you say it's made in Lua, which is, well, a good language, and so the participants are already linking to each other through Videobridge, which is what you get, the first thing that goes over the IP protocol, to support this meeting, it's supported through these Videobridges. So it's mandatory that both Jitsi meet and Videobridge the connection between the participants in the conference was, Jitsi meet is the base that drives this whole application, nginx is the web server that handles requests from the web. Did I get it right?
- Okay, that's it, let's move on. And jicofo is for recording applications, I'll show you now, will be seen there, it might be interesting to see how it works for us, a little billet prepared and watch.
- Are we now in the Videobridge folder?
- This is the structure I was telling you about, Videobridge service, it works, yes jicofo service.
- Before you disappeared, the story was.
- Yes, there was, this is the story.
- Okay, yeah.
- Guided Tour of CNM Jitsi 2023-4-5 is the successor event.