stunner

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 31, 2024 License: MIT Imports: 36 Imported by: 1

README

STUNner
Discord Go Reference

STUNner: A Kubernetes media gateway for WebRTC

Ever wondered how to deploy your WebRTC infrastructure into the cloud? Frightened away by the complexities of Kubernetes container networking, and the surprising ways in which it may interact with your UDP/RTP media? Read through the endless stream of Stack Overflow questions asking how to scale WebRTC services with Kubernetes, just to get (mostly) insufficient answers? Want to safely connect your users behind a NAT, without relying on expensive third-party TURN services?

Worry no more! STUNner allows you to deploy any WebRTC service into Kubernetes, smoothly integrating it into the cloud-native ecosystem. STUNner exposes a standards-compliant STUN/TURN gateway for clients to access your virtualized WebRTC infrastructure running in Kubernetes, maintaining full browser compatibility and requiring minimal or no modification to your existing WebRTC codebase. STUNner supports the Kubernetes Gateway API so you can configure it in the familiar YAML-engineering style via Kubernetes manifests.

Table of Contents

  1. Description
  2. Features
  3. Getting started
  4. Usage
  5. Documentation
  6. Milestones

Description

Currently WebRTC lacks a virtualization story: there is no easy way to deploy a WebRTC media service into Kubernetes to benefit from the resiliency, scalability, and high availability features we have come to expect from modern network services. Worse yet, the entire industry relies on a handful of public STUN servers and hosted TURN services to connect clients behind a NAT/firewall, which may create a useless dependency on externally operated services, introduce a performance bottleneck, raise security concerns, and come with a non-trivial price tag.

The main goal of STUNner is to allow anyone to deploy their own WebRTC infrastructure into Kubernetes, without relying on any external service other than the cloud-provider's standard hosted Kubernetes offering. STUNner can act as a standalone STUN/TURN server that WebRTC clients and media servers can use as a scalable NAT traversal facility (headless model), or it can act as a gateway for ingesting WebRTC media traffic into the Kubernetes cluster by exposing a public-facing STUN/TURN server that WebRTC clients can connect to (media-plane model). This makes it possible to deploy WebRTC application servers and media servers into ordinary Kubernetes pods, taking advantage of the full cloud native feature set to manage, scale, monitor and troubleshoot the WebRTC infrastructure like any other Kubernetes workload.

STUNner media-plane deployment architecture

Don't worry about the performance implications of processing all your media through a TURN server: STUNner is written in Go so it is extremely fast, it is co-located with your media server pool so you don't pay the round-trip time to a far-away public STUN/TURN server, and STUNner can be easily scaled up if needed just like any other "normal" Kubernetes service.

Features

Kubernetes has been designed and optimized for the typical HTTP/TCP Web workload, which makes streaming workloads, and especially UDP/RTP based WebRTC media, feel like a foreign citizen. STUNner aims to change this state-of-the-art, by exposing a single public STUN/TURN server port for ingesting all media traffic into a Kubernetes cluster in a controlled and standards-compliant way.

  • Seamless integration with Kubernetes. STUNner can be deployed into any Kubernetes cluster, even into restricted ones like GKE Autopilot, using a single command. Manage your HTTP/HTTPS application servers with your favorite service mesh, and STUNner takes care of all UDP/RTP media. STUNner implements the Kubernetes Gateway API so you configure it in exactly the same way as the rest of your workload through easy-to-use YAML manifests.

  • Expose a WebRTC media server on a single external UDP port. Get rid of the Kubernetes hacks, like privileged pods and hostNetwork/hostPort services, typically recommended as a prerequisite to containerizing your WebRTC media plane. Using STUNner a WebRTC deployment needs only two public-facing ports, one HTTPS port for signaling and a single UDP port for all your media.

  • No reliance on external services for NAT traversal. Can't afford a hosted TURN service for client-side NAT traversal? Can't get decent audio/video quality because the third-party TURN service poses a bottleneck? STUNner can be deployed into the same cluster as the rest of your WebRTC infrastructure, and any WebRTC client can connect to it directly without the use of any external STUN/TURN service whatsoever, apart from STUNner itself.

  • Scale your WebRTC infrastructure. Tired of manually provisioning your WebRTC media servers? STUNner lets you deploy the entire WebRTC infrastructure into ordinary Kubernetes pods, thus scaling the media plane is as easy as issuing a kubectl scale command. Or you can use the built in Kubernetes horizontal autoscaler to automatically resize your workload based on demand.

  • Minimal client-side configuration. STUNner comes with a built-in authentication service that can be used to generate time-windowed per-user TURN credentials through a standards compliant HTTP REST API. Just set the generated ICE configuration in the PeerConnection JavaScript API and your clients will readily start using your Kubernetes-based WebRTC service via STUNner.

  • Secure perimeter defense. No need to open thousands of UDP/TCP ports on your media server for potentially malicious access; with STUNner all media is received through a single ingress port that you can tightly monitor and control.

  • Simple code and extremely small size. Written in pure Go using the battle-tested pion/webrtc framework, STUNner is just a couple of hundred lines of fully open-source code. The server is extremely lightweight: the typical STUNner container image size is only 15 Mbytes.

The main uses of STUNner are hosting a scalable STUN server pool in Kubernetes, as a public Kubernetes-based TURN service, or as a fully-fledged gateway service for ingesting and load-balancing clients' media connections across a pool of WebRTC media servers hosted in ordinary Kubernetes pods.

Getting Started

With a minimal understanding of WebRTC and Kubernetes, deploying STUNner should take less than 5 minutes, in five simple steps.

Note that the default installation does not contain an application server and a media server: STUNner is not a WebRTC service in itself, it is merely an enabler for you to deploy your own WebRTC infrastructure into Kubernetes.

The simplest way to deploy STUNner is through Helm. STUNner configuration parameters are available for customization as Helm Values.

helm repo add stunner https://l7mp.io/stunner
helm repo update
helm install stunner-gateway-operator stunner/stunner-gateway-operator --create-namespace \
    --namespace=stunner-system

Find out more about the charts in the STUNner-helm repository.

Usage

STUNner comes with a wide selection of tutorials and demos that teach you how to deploy all kinds of WebRTC services into Kubernetes. The first couple of tutorials present the basic concepts, especially the use of the Kubernetes Gateway API to configure STUNner and the turncat utility to test it. Each subsequent demo showcases a specific WebRTC application, from desktop streaming and video-conferencing to cloud-gaming, and goes from a clean Kubernetes cluster to a working and usable publicly available WebRTC service in 5-10 minutes using a purely declarative configuration.

  • Deploying a UDP echo service behind STUNner: This introductory tutorial shows how to deploy a simple UDP echo service into Kubernetes and expose it via STUNner. If you read just one STUNner tutorial, this should be it.
  • Opening a UDP tunnel via STUNner: This tutorial shows how to tunnel an external UDP client via STUNner to a standard iperf server deployed into Kubernetes. The demo can be used to benchmark your STUNner installation.
  • Direct one to one video call via STUNner: This tutorial showcases STUNner acting as a TURN server for two WebRTC clients to establish connections between themselves, without the mediation of a media server.
  • Video-conferencing with LiveKit: This tutorial helps you deploy the LiveKit WebRTC media server behind STUNner. The docs also show how to obtain a valid TLS certificate to secure your signaling connections, courtesy of the cert-manager project, nip.io and Let's Encrypt.
  • Video-conferencing with Janus: This tutorial helps you deploy a fully fledged Janus video-conferencing service into Kubernetes behind STUNner. The docs also show how to obtain a valid TLS certificate to secure your signaling connections, using cert-manager, nip.io and Let's Encrypt.
  • Video-conferencing with Elixir WebRTC: This tutorial helps you deploy a fully fledged Elixir WebRTC video-conferencing room called Nexus into Kubernetes behind STUNner. The docs also show how to obtain a valid TLS certificate to secure your signaling connections, using cert-manager, nip.io and Let's Encrypt.
  • Video-conferencing with Jitsi: This tutorial helps you deploy a fully fledged Jitsi video-conferencing service into Kubernetes behind STUNner. The docs also show how to obtain a valid TLS certificate to secure your signaling connections, using cert-manager, nip.io and Let's Encrypt.
  • Video-conferencing with mediasoup: This tutorial helps you deploy the mediasoup WebRTC media server behind STUNner. The docs also show how to obtain a valid TLS certificate to secure your signaling connections, courtesy of the cert-manager project, nip.io and Let's Encrypt.
  • Cloud-gaming with Cloudretro: This tutorial lets you play Super Mario or Street Fighter in your browser, courtesy of the amazing CloudRetro project and, of course, STUNner. The demo also presents a simple multi-cluster setup, where clients can reach the game-servers in their geographical locality to minimize latency.
  • Remote desktop access with Neko: This demo showcases STUNner providing an ingress gateway service to a remote desktop application. We use neko.io to run a browser in a secure container inside the Kubernetes cluster, and stream the desktop to clients via STUNner.
  • One to one video call with Kurento: This tutorial shows how to use STUNner to connect WebRTC clients to a media server deployed into Kubernetes behind STUNner in the media-plane deployment model. All this happens without modifying the media server code in any way, just by adding 5-10 lines of straightforward JavaScript to configure clients to use STUNner as the TURN server.
  • Magic mirror with Kurento: This tutorial has been adopted from the Kurento magic mirror demo, deploying a basic WebRTC loopback server behind STUNner with some media processing added. In particular, the application uses computer vision and augmented reality techniques to add a funny hat on top of faces.

Documentation

The documentation of the stable release can be found here. The documentation for the latest development release can be found here.

Milestones

  • v0.9: Demo release: STUNner basic UDP/TURN connectivity + helm chart + tutorials.
  • v0.10: Dataplane: Long-term STUN/TURN credentials and STUN/TURN over TCP/TLS/DTLS in standalone mode.
  • v0.11: Control plane: Kubernetes gateway operator and dataplane reconciliation.
  • v0.12: Security: Expose TLS/DTLS settings via the Gateway API.
  • v0.13: Observability: Prometheus + Grafana dashboard.
  • v0.15: Performance: Per-allocation CPU load-balancing for UDP
  • v0.16: Management: Managed STUNner dataplane.
  • v0.17: First release candidate: All Gateway and STUNner APIs move to v1.
  • v0.18: Stabilization: Second release candidate.
  • v0.19: The missing pieces: Third release candidate.
  • v0.20: Final stabilization: Fourth stable release candidate
  • v0.21: Towards v1: Fifth stable release candidate
  • v1.0: STUNner goes GA!

Help

STUNner development is coordinated in Discord, feel free to join.

License

Copyright 2021-2023 by its authors. Some rights reserved. See AUTHORS.

MIT License - see LICENSE for full text.

Acknowledgments

Initial code adopted from pion/stun and pion/turn.

Documentation

Overview

Package stunner contains the public API for l7mp/stunner, a Kubernetes ingress gateway for WebRTC

Index

Constants

View Source 
const ClusterCacheSize = 512
View Source 
const DefaultLogLevel = "all:WARN"
View Source 
const UDP_PACKET_SIZE = 1500

Variables

View Source 
var (
	ErrPortProhibited      = errors.New("Peer port administratively prohibited")
	ErrInvalidPeerProtocol = errors.New("Unknown peer transport protocol")
)
View Source 
var DefaultInstanceId = fmt.Sprintf("default/stunnerd-%s", uuid.New().String())
View Source 
var LogBurst = 3

Burst size for rate-limited logging at ERROR, WARN and INFO loglevel (logging at DEBUG and TRACE levels is not rate-limited).

View Source 
var LogRateLimit rate.Limit = 1.0

Number of log events per second reported at ERROR, WARN and INFO loglevel (logging at DEBUG and TRACE levels is not rate-limited).

Functions

func GenerateSelfSignedKey added in v0.14.3 

func GenerateSelfSignedKey() ([]byte, []byte, error)

GenerateSelfSignedKey is a rudimentary hack to generate self-signed certificates used to bootstrap the default config for TLS/DTLS listeners and for testing. Use for testing purposes only!

func GetStandardURLFromListener added in v0.15.3 

func GetStandardURLFromListener(req *stnrv1.ListenerConfig) (string, error)

GetStandardURLFromListener returns a standard URL (that can be parsed using net/url) from a listener config.

func GetTurnUris added in v0.14.3 

func GetTurnUris(req *stnrv1.StunnerConfig) ([]string, error)

GetUriFromListener returns a standard TURN URI from a listener config

func GetUriFromListener added in v0.14.3 

func GetUriFromListener(req *stnrv1.ListenerConfig) (string, error)

GetUriFromListener returns a standard TURN URI as per RFC7065from a listener config.

func NewDefaultConfig added in v0.10.0 

func NewDefaultConfig(uri string) (*stnrv1.StunnerConfig, error)

NewDefaultConfig builds a default configuration from a TURN server URI. Example: the URI `turn://user:pass@127.0.0.1:3478?transport=udp` will be parsed into a STUNner configuration with a server running on the localhost at UDP port 3478, with plain-text authentication using the username/password pair `user:pass`. Health-checks and metric scarping are disabled.

func NewPortRangePacketConn added in v0.16.2 

func NewPortRangePacketConn(c net.PacketConn, checker PortRangeChecker, log logging.LeveledLogger) net.PacketConn

NewPortRangePacketConn decorates a PacketConn with filtering on a target port range. Errors are reported per listener name.

Types

type AuthGen 

type AuthGen func() (string, string, error)

AuthGen is a function called by turncat to generate authentication tokens.

type Options added in v0.10.5 

type Options struct {
	// Name is the identifier of this stunnerd daemon instance. Defaults to hostname.
	Name string
	// DryRun suppresses sideeffects: STUNner will not initialize listener sockets and bring up
	// the TURN server, and it will not fire up the health-check and the metrics
	// servers. Intended for testing, default is false.
	DryRun bool
	// SuppressRollback controls whether to rollback to the last working configuration after a
	// failed reconciliation request. Default is false, which means to always do a rollback.
	SuppressRollback bool
	// LogLevel specifies the required loglevel for STUNner and each of its sub-objects, e.g.,
	// "all:TRACE" will force maximal loglevel throughout, "all:ERROR,auth:TRACE,turn:DEBUG"
	// will suppress all logs except in the authentication subsystem and the TURN protocol
	// logic.
	LogLevel string
	// Resolver swaps the internal DNS resolver with a custom implementation. Intended for
	// testing.
	Resolver resolver.DnsResolver
	// UDPListenerThreadNum determines the number of readloop threads spawned per UDP listener
	// (default is 4, must be >0 integer). TURN allocations will be automatically load-balanced
	// by the kernel UDP stack based on the client 5-tuple. This setting controls the maximum
	// number of CPU cores UDP listeners can scale to. Note that all other listener protocol
	// types (TCP, TLS and DTLS) use per-client threads, so this setting affects only UDP
	// listeners. For more info see https://github.com/pion/turn/pull/295.
	UDPListenerThreadNum int
	// VNet will switch on testing mode, using a vnet.Net instance to run STUNner over an
	// emulated data-plane.
	Net transport.Net
}

Options defines various options for the STUNner server.

type PortRangeChecker added in v0.16.2 

type PortRangeChecker = func(addr net.Addr) (*object.Cluster, bool)

type PortRangePacketConn added in v0.16.2 

type PortRangePacketConn struct {
	net.PacketConn
	// contains filtered or unexported fields
}

PortRangePacketConn is a net.PacketConn that filters on the target port range and also handles telemetry.

func (*PortRangePacketConn) Close added in v0.16.2 

func (c *PortRangePacketConn) Close() error

func (*PortRangePacketConn) ReadFrom added in v0.16.2 

func (c *PortRangePacketConn) ReadFrom(p []byte) (int, net.Addr, error)

ReadFrom reads from the PortRangePacketConn. Blocks until a packet from the speciifed port range is received and drops all other packets.

func (*PortRangePacketConn) SetReadDeadline added in v0.16.2 

func (c *PortRangePacketConn) SetReadDeadline(t time.Time) error

func (*PortRangePacketConn) WriteTo added in v0.16.2 

func (c *PortRangePacketConn) WriteTo(p []byte, peerAddr net.Addr) (int, error)

WriteTo writes to the PacketConn.

type RelayGen added in v0.16.2 

type RelayGen struct {
	// Listener is the listener on behalf of which the relay address generator is created.
	Listener *object.Listener

	// RelayAddress is the IP returned to the user when the relay is created.
	RelayAddress net.IP

	// Address is passed to Listen/ListenPacket when creating the Relay.
	Address string

	// ClusterCache is a cache that is used to couple relayed packets to clusters.
	ClusterCache *lru.Cache

	// PortRangeChecker is a callback to check whether a peer address is allowed by any of the
	// clusters of the listener.
	PortRangeChecker PortRangeChecker

	// Net is a pion/transport VNet, used for testing.
	Net transport.Net

	// Logger is a logger factory we can use to generate per-listener relay loggers.
	Logger *logger.LeveledLoggerFactory
}

RelayGen can be used to only allocate connections inside a defined target port range. A static ip address can be set.

func NewRelayGen added in v0.16.2 

func NewRelayGen(l *object.Listener, logger *logger.LeveledLoggerFactory) *RelayGen

func (*RelayGen) AllocateConn added in v0.16.2 

func (g *RelayGen) AllocateConn(network string, requestedPort int) (net.Conn, net.Addr, error)

AllocateConn generates a new Conn to receive traffic on and the IP/Port to populate the allocation response with

func (*RelayGen) AllocatePacketConn added in v0.16.2 

func (r *RelayGen) AllocatePacketConn(network string, requestedPort int) (net.PacketConn, net.Addr, error)

AllocatePacketConn generates a new transport relay connection and returns the IP/Port to be returned to the client in the allocation response.

func (*RelayGen) Validate added in v0.16.2 

func (r *RelayGen) Validate() error

Validate is called on server startup and confirms the RelayAddressGenerator is properly configured.

type Stunner 

type Stunner struct {
	// contains filtered or unexported fields
}

Stunner is an instance of the STUNner deamon.

func NewStunner 

func NewStunner(options Options) *Stunner

NewStunner creates a new STUNner deamon for the specified Options. Call Reconcile to reconcile the daemon for a new configuration. Object lifecycle is as follows: the daemon is "alive" (answers liveness probes if healthchecking is enabled) once the main object is successfully initialized, and "ready" after the first successful reconciliation (answers readiness probes if healthchecking is enabled). Calling program should catch SIGTERM signals and call Shutdown(), which will keep on serving connections but will fail readiness probes.

func (*Stunner) AllocationCount added in v0.14.4 

func (s *Stunner) AllocationCount() int

GetAllocations returns the number of active allocations summed over all listeners. It can be used to drain the server before closing.

func (*Stunner) Close 

func (s *Stunner) Close()

Close stops the STUNner daemon, cleans up any internal state, and closes all connections including the health-check and the metrics server listeners.

func (*Stunner) GenPortRangeChecker added in v0.16.2 

func (s *Stunner) GenPortRangeChecker(g *RelayGen) PortRangeChecker

GenPortRangeChecker finds the cluster that is responsible for routing the packet and checks whether the peer address is in the port range specified for the cluster. The RelayGen caches recent hits for simplicity.

func (*Stunner) GetActiveConnections added in v0.14.1 

func (s *Stunner) GetActiveConnections() float64

GetActiveConnections returns the number of active downstream (listener-side) TURN allocations.

func (*Stunner) GetAdmin added in v0.10.0 

func (s *Stunner) GetAdmin() *object.Admin

GetAdmin returns the admin object underlying STUNner.

func (*Stunner) GetAuth added in v0.10.0 

func (s *Stunner) GetAuth() *object.Auth

GetAuth returns the authenitation object underlying STUNner.

func (*Stunner) GetCluster added in v0.10.0 

func (s *Stunner) GetCluster(name string) *object.Cluster

GetCluster returns a STUNner cluster or nil if no cluster with the given name was found.

func (*Stunner) GetConfig 

func (s *Stunner) GetConfig() *stnrv1.StunnerConfig

GetConfig returns the configuration of the running STUNner daemon.

func (*Stunner) GetId added in v0.15.1 

func (s *Stunner) GetId() string

GetId returns the id of the current stunnerd instance.

func (*Stunner) GetListener added in v0.10.0 

func (s *Stunner) GetListener(name string) *object.Listener

GetListener returns a STUNner listener or nil of no listener with the given name was found.

func (*Stunner) GetLogger added in v0.10.5 

func (s *Stunner) GetLogger() logging.LoggerFactory

GetLogger returns the logger factory of the running daemon. Useful for creating a sub-logger.

func (*Stunner) GetRealm added in v0.11.3 

func (s *Stunner) GetRealm() string

GetRealm returns the current STUN/TURN authentication realm.

func (*Stunner) GetVersion added in v0.10.0 

func (s *Stunner) GetVersion() string

GetVersion returns the STUNner API version.

func (*Stunner) IsReady added in v0.11.2 

func (s *Stunner) IsReady() bool

IsReady returns true if the STUNner instance is ready to serve allocation requests.

func (*Stunner) LoadConfig added in v0.15.1 

func (s *Stunner) LoadConfig(origin string) (*stnrv1.StunnerConfig, error)

LoadConfig loads a configuration from an origin. This is a shim wrapper around ConfigOrigin.Load.

func (*Stunner) NewAuthHandler added in v0.10.0 

func (s *Stunner) NewAuthHandler() a12n.AuthHandler

NewAuthHandler returns an authentication handler callback to be used with a TURN server for authenticating clients.

func (*Stunner) NewPermissionHandler added in v0.10.0 

func (s *Stunner) NewPermissionHandler(l *object.Listener) a12n.PermissionHandler

NewPermissionHandler returns a callback to handle client permission requests to access peers.

func (*Stunner) NewReadinessHandler added in v0.11.3 

func (s *Stunner) NewReadinessHandler() object.ReadinessHandler

NewReadinessHandler creates a helper function for checking the readiness of STUNner.

func (*Stunner) NewRealmHandler added in v0.11.3 

func (s *Stunner) NewRealmHandler() object.RealmHandler

NewRealmHandler creates a helper function for listeners to find out the authentication realm.

func (*Stunner) NewStatusHandler added in v0.17.12 

func (s *Stunner) NewStatusHandler() object.StatusHandler

NewStatusHandler creates a helper function for printing the status of STUNner.

func (*Stunner) Reconcile 

func (s *Stunner) Reconcile(req *stnrv1.StunnerConfig) error

Reconcile handles updates to the STUNner configuration. Some updates are destructive: in this case the returned error contains the names of the objects (usually, listeners) that were restarted during reconciliation (see the documentation of the corresponding STUNner objects for when STUNner may restart after a reconciliation). Reconcile returns nil no objects were restarted, v1.ErrRestarted to indicate that a shutdown-restart cycle was performed for at least one internal object (usually, a listener) for the new config (unless DryRun is enabled), and an error if an error has occurred during reconciliation, in which case it will rollback the last working configuration (unless SuppressRollback is on).

func (*Stunner) SetLogLevel added in v0.14.3 

func (s *Stunner) SetLogLevel(levelSpec string)

SetLogLevel sets the loglevel.

func (*Stunner) Shutdown added in v0.11.3 

func (s *Stunner) Shutdown()

Shutdown causes STUNner to fail the readiness check. Manwhile, it will keep on serving connections. This function should be called after the main program catches a SIGTERM.

func (*Stunner) StartServer added in v0.11.3 

func (s *Stunner) StartServer(l *object.Listener) error

Start will start the TURN server that belongs to a listener.

func (*Stunner) Status added in v0.11.2 

func (s *Stunner) Status() stnrv1.Status

Status returns the status for the running STUNner instance.

func (*Stunner) WatchConfig added in v0.14.1 

func (s *Stunner) WatchConfig(ctx context.Context, origin string, ch chan<- *stnrv1.StunnerConfig) error

WatchConfig watches a configuration from an origin. This is a shim wrapper around ConfigOrigin.Watch.

type StunnerUri 

type StunnerUri struct {
	Protocol, Address, Username, Password string
	Port                                  int
	Addr                                  net.Addr
}

StunnerUri is the specification of a STUNner listener URI

func ParseUri 

func ParseUri(uri string) (*StunnerUri, error)

ParseUri parses a STUN/TURN server URI, e.g., "turn://user1:passwd1@127.0.0.1:3478?transport=udp"

func (*StunnerUri) String added in v0.15.3 

func (u *StunnerUri) String() string

type Turncat 

type Turncat struct {
	// contains filtered or unexported fields
}

Turncat is the internal structure for representing a turncat relay.

func NewTurncat 

func NewTurncat(config *TurncatConfig) (*Turncat, error)

NewTurncat creates a new turncat relay from the specified config, creating a listener socket for clients to connect to and relaying client connections through the speficied STUN/TURN server to the peer.

func (*Turncat) Close 

func (t *Turncat) Close()

Close terminates all relay connections created via turncat and deletes the relay. Errors in this phase are not critical and not propagated back to the caller.

type TurncatConfig 

type TurncatConfig struct {
	// ListenAddr is the listeninging socket address (local tunnel endpoint).
	ListenerAddr string
	// ServerAddr is the TURN server addrees (e.g. "turn://turn.abc.com:3478").
	ServerAddr string
	// PeerAddr specifies the remote peer to connect to.
	PeerAddr string
	// Realm is the STUN/TURN realm.
	Realm string
	// AuthGet specifies the function to generate auth tokens.
	AuthGen AuthGen
	// ServerName is the SNI used for virtual hosting (unless it is an IP address).
	ServerName string
	// InsecureMode controls whether self-signed TLS certificates are accepted by the TURN
	// client.
	InsecureMode bool
	// LoggerFactory is an optional external logger.
	LoggerFactory logging.LoggerFactory
}

TurncatConfig is the main configuration for the turncat relay.

Source Files

View all Source files

Directories

Path Synopsis
cmd
stunnerctl
stunnerd
turncat
internal
manager
object
resolver
telemetry
util
pkg
apis/v1
Package v1 is the v1 version of the STUNner API.
 Package v1 is the v1 version of the STUNner API.
apis/v1alpha1
authentication
Package auth contains variuos routines to generate and check STUNner authentication credentials.
 Package auth contains variuos routines to generate and check STUNner authentication credentials.
buildinfo
config/client
config/client/api
Package api provides primitives to interact with the openapi HTTP API.
 Package api provides primitives to interact with the openapi HTTP API.
config/server
config/server/api
Package api provides primitives to interact with the openapi HTTP API.
 Package api provides primitives to interact with the openapi HTTP API.
config/util
logger

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.