task: jibri faster autoscaler stats

nomad/jibri.hcl

@@ -3,6 +3,11 @@ variable "pool_type" {
   default = "jibri"
 }
 
+variable jibri_recorder_user {
+    type = string
+    default = "recorder"
+}
+
 variable jibri_recorder_password {
     type = string
     default = "replaceme_recorder"
@@ -13,6 +18,11 @@ variable jibri_xmpp_password {
     default = "replaceme_jibri"
 }
 
+variable jibri_xmpp_user {
+    type = string
+    default = "jibri"
+}
+
 variable "jibri_tag" {
   type = string
 }
@@ -144,6 +154,7 @@ job "[JOB_NAME]" {
           "local/jibri-status.sh:/opt/jitsi/scripts/jibri-status.sh",
           "local/cron-service-run:/etc/services.d/60-cron/run",
           "local/config:/config"
+          "local/etc:/etc/jitsi/jibri"
     	  ]
       }
       volume_mount {
@@ -158,8 +169,9 @@ job "[JOB_NAME]" {
         PUBLIC_URL="https://${var.domain}/"
         JIBRI_RECORDER_USER = "recorder"
         JIBRI_RECORDER_PASSWORD = "${var.jibri_recorder_password}"
-        JIBRI_XMPP_USER = "jibri"
+        JIBRI_XMPP_USER = "${var.jibri_xmpp_user}"
         JIBRI_XMPP_PASSWORD = "${var.jibri_xmpp_password}"
+        JIBRI_BREWERY_MUC = "JibriBrewery"
         # Internal XMPP domain for authenticated services
         XMPP_AUTH_DOMAIN = "auth.${var.domain}"
         # XMPP domain for the MUC
@@ -172,6 +184,7 @@ job "[JOB_NAME]" {
         XMPP_RECORDER_DOMAIN = "recorder.${var.domain}"
         DISPLAY=":0"
         JIBRI_INSTANCE_ID = "${NOMAD_SHORT_ALLOC_ID}"
+        JIBRI_MUC_NICKNAME = "jibri-${NOMAD_ALLOC_ID}"
         JIBRI_FINALIZE_RECORDING_SCRIPT_PATH = "/usr/bin/jitsi_uploader.sh"
         JIBRI_RECORDING_DIR = "/mnt/recordings"
         // JIBRI_STATSD_HOST = "${attr.unique.network.ip-address}"
@@ -186,6 +199,8 @@ job "[JOB_NAME]" {
         AUTOSCALER_SIDECAR_REGION = "${meta.cloud_region}"
         AUTOSCALER_SIDECAR_GROUP_NAME = "${NOMAD_META_group}"
         AUTOSCALER_SIDECAR_INSTANCE_ID = "${NOMAD_JOB_ID}"
+        AUTOSCALER_SIDECAR_SHUTDOWN_POLLING_INTERVAL = 10
+        AUTOSCALER_SIDECAR_STATS_POLLING_INTERVAL = 5
 #        CHROMIUM_FLAGS="--start-maximized,--kiosk,--enabled,--autoplay-policy=no-user-gesture-required,--use-fake-ui-for-media-stream,--enable-logging,--v=1"
       }
 
@@ -225,10 +240,38 @@ EOF
 {{ range $index, $item := service "all" -}}
     {{ scratch.MapSetX "shards" .ServiceMeta.domain $item  -}}
 {{ end -}}
-{{ range $sindex, $item := scratch.MapValues "shards" -}}{{ if gt $sindex 0 -}},{{end}}{{ .Address }}:{{ with .ServiceMeta.prosody_client_port}}{{.}}{{ else }}5222{{ end }}{{ end -}}
+jibri.api.xmpp.environments = [
+{{ range $sindex, $item := scratch.MapValues "shards" -}}
+    {
+        name = "{{ .ServiceMeta.environment }}"
+        xmpp-server-hosts = ["{{ .Address }}:{{ with .ServiceMeta.prosody_client_port}}{{.}}{{ else }}5222{{ end }}"]
+        xmpp-domain = "{{ .ServiceMeta.domain }}"
+        control-login {
+            domain = "auth.{{ .ServiceMeta.domain }}"
+            username = "{{ env "JIBRI_XMPP_USER" }}"
+            password = "{{ env "JIBRI_XMPP_PASSWORD" }}"
+            port = {{ with .ServiceMeta.prosody_client_port}}{{.}}{{ else }}5222{{ end }}
+        }
+        control-muc {
+            domain = "internal.auth.{{ .ServiceMeta.domain }}"
+            room-name = "{{ env "JIBRI_BREWERY_MUC" }}"
+            nickname = "{{ env "JIBRI_MUC_NICKNAME" }}"
+        }
+        call-login {
+            domain = "recorder.{{ .ServiceMeta.domain }}"
+            username = "{{ env "JIBRI_RECORDER_USER" }}"
+            password = "{{ env "JIBRI_RECORDER_PASSWORD" }}"
+        }
+        strip-from-room-domain = "conference."
+        usage-timeout = "{{ env "JIBRI_USAGE_TIMEOUT" }}"
+        trust-all-xmpp-certs = true
+        randomize-control-muc-nickname = true
+    },
+{{ end -}}
+]
 EOF
 
-        destination = "local/xmpp-servers/servers"
+        destination = "local/etc/xmpp.conf"
         # instead of restarting, jibri will graceful shutdown when shard list changes
         change_mode = "script"
         change_script {
@@ -237,14 +280,12 @@ EOF
           fail_on_error = true
         }
       }
+
       template {
         data = <<EOF
 #!/usr/bin/with-contenv bash
 
-. /etc/cont-init.d/01-xmpp-servers
-/etc/cont-init.d/10-config
 /opt/jitsi/jibri/reload.sh
-cp /etc/jitsi/jibri/* /config
 EOF
         destination = "local/reload-config.sh"
         perms = "755"
@@ -253,7 +294,19 @@ EOF
       template {
         data = <<EOF
 #!/usr/bin/with-contenv bash
-cp /etc/jitsi/jibri/* /config
+
+apt-get update && apt-get -y install cron netcat-openbsd
+
+echo '* * * * * /opt/jitsi/scripts/jibri-status.sh' | crontab 
+
+EOF
+        destination = "local/01-status-cron"
+        perms = "755"
+      }
+
+      template {
+        data = <<EOF
+#!/usr/bin/with-contenv bash
 
 apt-get update && apt-get -y install cron netcat-openbsd
 

nomad/jitsi_packs/packs/jitsi_autoscaler/templates/jitsi_autoscaler.nomad.tpl

@@ -99,6 +99,9 @@ job [[ template "job_name" . ]] {
         ASAP_JWT_AUD = "[[ var "asap_jwt_aud" . ]]"
         ASAP_JWT_ACCEPTED_HOOK_ISS = "[[ var "asap_accepted_hook_iss" . ]]"
         GROUP_CONFIG_FILE = "/config/groups.json"
+# faster group job processing
+        GROUP_JOBS_CREATION_INTERVAL_SEC = 10
+        GROUP_JOBS_CREATION_GRACE_PERIOD_SEC = 20
 [[ if var "enable_oci" . ]]
         OCI_CONFIGURATION_FILE_PATH =  "/secrets/oci.config"
         OCI_CONFIGURATION_PROFILE = "DEFAULT"

scripts/deploy-nomad-jibri.sh

@@ -50,8 +50,12 @@ NOMAD_DC="$ENVIRONMENT-$ORACLE_REGION"
 
 ASAP_KEY_VARIABLE="asap_key_$ENVIRONMENT_TYPE"
 
-JIBRI_XMPP_PASSWORD_VARIABLE="jibri_auth_password"
-JIBRI_RECORDER_PASSWORD_VARIABLE="jibri_selenium_auth_password"
+
+JIBRI_AUTH_TYPE="$(yq eval ".jibri_auth_type" < "$ENVIRONMENT_CONFIGURATION_FILE")"
+[[ "$JIBRI_AUTH_TYPE" == "null" ]] && JIBRI_AUTH_TYPE="A"
+
+JIBRI_XMPP_PASSWORD_VARIABLE="secrets_jibri_brewery_by_environment_${JIBRI_AUTH_TYPE}.${ENVIRONMENT}"
+JIBRI_RECORDER_PASSWORD_VARIABLE="secrets_jibri_selenium_by_environment_${JIBRI_AUTH_TYPE}.${ENVIRONMENT}"
 
 # ensure no output for ansible vault contents and fail if ansible-vault fails
 set +x
@@ -61,6 +65,8 @@ export NOMAD_VAR_jibri_xmpp_password="$(ansible-vault view $ENCRYPTED_JIBRI_CRED
 export NOMAD_VAR_jibri_recorder_password="$(ansible-vault view $ENCRYPTED_JIBRI_CREDENTIALS_FILE --vault-password $VAULT_PASSWORD_FILE | yq eval ".${JIBRI_RECORDER_PASSWORD_VARIABLE}" -)"
 export NOMAD_VAR_asap_jwt_kid="$(ansible-vault view $ENCRYPTED_ASAP_KEYS_FILE --vault-password $VAULT_PASSWORD_FILE | yq eval ".${ASAP_KEY_VARIABLE}.id" -)"
 
+export NOMAD_VAR_jibri_xmpp_user="jibri$(echo $JIBRI_AUTH_TYPE | tr '[:upper:]' '[:lower:]')"
+export NOMAD_VAR_jibri_recorder_user="jibri$(echo $JIBRI_AUTH_TYPE | tr '[:upper:]' '[:lower:]')"
 set -x
 
 JIBRI_USAGE_TIMEOUT="$(yq eval ".jibri_max_usage" < "$ENVIRONMENT_CONFIGURATION_FILE")"