HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021

ALEŠ LICHTENBERG
twitter: @a_lichtenberg
blog: www.alichtenberg.cz
HCL Sametime Meetings 11.5
install on Docker

Agenda
▪ What's new
▪ What we need for installation
▪ Installing Docker
▪ Installing Sametime Meetings 11.5
▪ Proxy and Mongo configuration for Meetings
▪ Additional HCL Sametime Meetings configuration options
▪ Problem solving
1

What's new
HCL Proxy 11.5 IF1
• In addition to repairs. Fix Listhttps://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0087439
• New functionality: if you have persistent chat enabled, a new Sametime client will open in
iNotes or Verse
2

What's new
HCL Sametime Meetings Desktop Client (Tech Preview)
• Desktop client for HCL Sametime Meetings: Technote
3

System requirements
Hardware:
✓ 8 core, 32 GB RAM, 80 GB Hard disk
Operation system:
✓ Centos 7.4.
Pre-Requisites
• Docker for HCL Sametime Meetings 11.5
• HCL Sametime Meetings 11.5
4

Topology Sametime 11.5 with Meetings
5

Topology Sametime 11.5 with Meetings
6

Step 1
Installation and configuration
Linux Centos 7.4
7

Preparing Centos 7.4
HCL Sametime Meetings 11.5 is only supported for Docker running on Linux
• Installation of the environment is manageable even for non-Linux admins
Clear instructions from HCL https://tinyurl.com/ya8hlun7
• Use the instructions in the Domino installation section
• You can also use it to install Domino on Linux
8

Docker or Kubernetes?
• Docker is about containerization
• Kubernetes is about orchestrating containers.
Docker containers are the building blocks. A small deployment has a minimum
number of containers to create a solution that allows users to collaborate, but
without scalability, load balancing, etc. If you are deploying for a small group
and do not require scalability.
Kubernetes builds on base containers and allows them to scale automatically;
load balancing between multiple physical or virtual hosts.
• The dock can support up to 200 concurrent users. Meeting records are CPU
intensive. A Docker instance can record a maximum of 2 appointments at a
time!
9

Installation Docker for HCL Sametime Meetings 11.5
What is Docker?
Docker is an open-source lightweight containerization technology. It allows you to
automate the deployment of applications in lightweight and portable containers and
ship it all out as one package. It also allows you to run multiple Operating systems on
the same host.
How to install Docker Engine: https://docs.docker.com/engine/install/centos
How to install Docker Compose: https://docs.docker.com/compose/install
11

We will need:
• Docker Engine - software for launching containers
• Docker Compose - a tool for running Docker applications with multiple containers.
With a single command, you create and run all services from your configuration, in
our case Sametime Mettings
12

• You install everything as a "root" user!
• First, install the yum-utils package provided by yum-config-manager.
yum install -y yum-utils
• Then install the Docker Engine packages with the command to add the Docker repository
to download the installation packages:
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
13

• Install the latest version of Docker Engine and containerd:
yum install -y docker-ce docker-ce-cli containerd.io
14

• Use the command for start the Docker Service
systemctl start docker
• Use the command for enable Docker auto start
systemctl enable docker
15

• Verify that Docker Engine is installed correctly by running the hello-world image.
docker run hello-world
16

• Now install Docker Compose on Linux systems
curl -L "https://github.com/docker/compose/releases/download/1.26.2/docker-compose-$(uname -s)-
$(uname -m)" -o /usr/local/bin/docker-compose
17

• Apply executable permissions to the binary:
chmod +x /usr/local/bin/docker-compose
18

• You can check the installed Docker component
docker info
docker-compose --version
19

DONE!
20

Step 3
Installation
To Docker
21

• We will now install HCL Sametime Meeting V11.5. into to Docker.
• You will need to edit the configuration files, and because it works well with Midnight
Commander, I installed it with Centos:
yum install mc
• After installation start Midnight Commander
mc
22
Installation HCL Sametime Meetings 11.5 Docker

• Download HCL Sametime Meetings 11.5 file from Flexnet and copy this file for my
example to directory /opt/ ST-115-Meet
• Extract the zip file Sametime_11.5_MeetingServer.zip:
unzip Sametime_11.5_MeetingServer.zip
• If you do not have unzip available, install using:
yum install unzip
23
Installation HCL Sametime Meetings 11.5

• After extract Sametime_11.5_MeetingServer.zip file add permissions to run the
"install.sh" file
chmod 777 install.sh
• Now run the below command to load and initialize the docker images in the directory
where you have extracted the zip file and
./install.sh
24
Installation HCL Sametime Meetings 11.5 to Docker

• Note: The Sametime Meetings 11.5 requires access to a MongoDB server. You can re-use
the existing MongoDB server that is being used by the Community and Proxy servers or
you can deploy one specifically for Meetings.
There are no special configuration steps required for the Meeting database. It
automatically creates when the Sametime Meeting Server connects to MongoDB.
• specify the appropriate values for the deployment. For example:
25

• Confirm with the „Enter“ key („Enter the Base64 Encoded JWT_SECRET…..)
26

• Installation progress
27

• The install.sh script will load and run the following list of docker images.
- meetings-auth.node
- meetings-recordings.node
- meetings-web
- meetings-prosody
- meetings-jicofo
- meetings-jvb
- meetings-jigasi
- meetings-jibri
28

• After installation run the below command for check if meetings server is running.
Show all the loaded docker images
docker images
29

• After installation run the below command for list all running containers in docker engine
docker ps
30

DONE!
31

Step 4
Enable
DB Mongo
for
32

Enable Mongo for Meetings
! Change from Pre-Release
• Meetings server needs Mongo DB to create individual meetings
• You can install a separate Mongo server
• Or use the existing:
start mongo:
> mongo
add permissions to the existing DB :
> use admin
> db.grantRolesToUser( "sametimeUser", [ {role:"readWrite", db:"meeting"}])
33

DONE!
Mongo DB enabled for
34

Step 5
Enable Sametime Community
for
35

Enable HCL Sametime Community for Meetings
• HCL Sametime Community 11.5 requires the following changes to support Sametime
Meetings:
- Enable Sametime Meeting Policy
- Enable Windows Sametime Community server to support Meetings
- Create JWT Configuration
36

• Open your HCL Sametime Community server
• Edit the polices.user.xml found in the Sametime Community server install directory.
37

• Locate the im.meetingsEnabled parameter under im and set this to a values of 1.
This policy can be enabled for anonymous and any additional policies that may exist.
• Save this file
38

• Open your Centos server
• Create JWT Configuration:
• Copy the value of JWT_APP_SECRET from the .env file.
• Run the following command from the Linux shell with this JWT_APP_SECRET value:
echo -n <JWT_APP_SECRET> | base64 -w 0
• The value (output) from this command becomes the "GENERATED_SECRET" for the
sametime.ini and stproxyconfig.xml in the following steps.
39

40

41

• Open your HCL Sametime Community server
• Edit the sametime.ini found in the Sametime Community server install directory.
42

• Add the following under [config]:
JWT_SECRET=GENERATED_SECRET
• Change the following under [st-bb-names]:
ST_AUTH_TOKEN=notes To: ST_AUTH_TOKEN=Fork:Jwt,notes
43

• Open your HCL Sametime Proxy server
• On the Sametime Proxy server in the conf folder, edit the stproxyconfig.xml file
44

• adding <jwtSecret> and <refreshJwt> settings within <configuration> like so:
45
<configuration>
...
<jwtSecret>
GENERATED_SECRET
</jwtSecret>
<refreshJwt>
<enabled>true</enabled>
<path>/meeting-auth/api/v1/refresh</path>
</refreshJwt>
</configuration>

• Note:
• Set up time synchronization (NTP) on your Sametime servers (Community and
Meetings)
• Important for JSON Web Token (JWT)
• Even a few seconds can cause authentication problems
• For example, chat in Meetings will not work properly
46

DONE!
47

Step 6
Enable Sametime Proxy
for
48

• Open your HCL Sametime Proxy server
• On the Sametime Proxy server in the conf folder, edit the stproxyconfig.xml file
49

Enable HCL Sametime Proxy for Meetings
• Edit stproxyconfig.xml in the Proxy server's conf directory, add the following
50
<meeting>
<host>HOST</host>
<port>PORT</port>
<isSecure>true</isSecure>
</meeting>
...
</configuration>

• Now restart HCL Community server or all HCL Domino server and HCL Sametime
Proxy server
51

HCL Sametime Proxy pro Meetings
• Finally, restart everything:
- HCL Sametime Community server
- HCL Sametime Proxy server
52

DONE!
53

Step 7
Updating the Sametime Meeting Server TLS
Certificates
54

• The Sametime Meeting Server is pre-configured with a self-signed certificate. Use these
instructions to replace the self-signed certificate with a third party certificate.
• Docker compose down by command: docker-compose down
• Replace the cert and key files in <install dir>./jitsi-config/web/keys/cert.crt and cert.key
with the correct key and crt file.
• Docker compose up –d by command: docker-compose up –d
• Caution: if you delete the "jitsi-config" directory, you must replace the files again.
•
55
Updating the Sametime Meeting Server TLS Certificates

DONE!
Updated the Sametime Meeting Server TLS Certificates
56

Step 8
Additional configuration options
57

HCL Sametime Meetings – Additional configuration options
Configuration files for Docker:
.env
• Guest access
• STUN server configuration
• SIP configuration settings for Dial out
• Single Sign On
• Meeting Server Timezone
custom.env
• Information about the Sametime Proxy server
• Docker Host Address
• MongoDB Connection
• IDP URL
• Days Recordings remain on server
• Meeting server Fully Qualified Hostname 58

• How to enable "host" access to the Meetings server (default enabled):
- in polices.user.xml enable in the „anonymous“ section im.meetingsEnabled=1
- in file .env enable ENABLE_GUESTS=1 (0 disable)
• How o change Time zone Meetings server
- on file .env change
# System time zone.
TZ=Europe/Prague (for example)
• How to enable meeting recording and meeting recording retention time
- in file .env for enable ENABLE_RECORDING=1
- in file custom.env set the number of days in the line EXPIRES_IN_DAYS=number of day (default 3)
• How to limit the maximum number of meeting participants:
- in the docker-compose.yml file : MAX_OCCUPANTS=počet
Currently, the maximum number of users supported per meeting is 50..
59

New: TCP instead of UDP for audio and video streams
By default, Sametime 11.5 Meetings only supports UDP for audio and video.
When streaming audio and video, UDP has a performance advantage over TCP because of the overhead
that is part of the TCP protocol than UDP. UDP transmits small bits of data transfer is relatively faster
than TCP. UDP is recommended for best performance.
There are situations where users cannot use UDP and therefore Meetings do not work properly for them.
The Sametime Meetings server can be configured to stream media over TCP.
60

HCL Sametime Meetings – TCP instead of UDP for A/V streams
Use these settings to enable both UDP and TCP
The client tries UDP first, and if it fails, TCP is used.
• Open .env file, find configuration „JVB_TCP_HARVESTER_DISABLED“and change the value to false :
JVB_TCP_HARVESTER_DISABLED = false
• In .env file find the item for the field JVB_TCP_PORT.
Remove # comments
JVB_TCP_PORT = 4443
• Open docker-compose.yaml file. Add the JVB_TCP_PORT section for the JVB component:
# Video most
jvb:
ports:
- '$ {JVB_PORT}: $ {JVB_PORT} / udp'
- '$ {JVB_TCP_PORT}: $ {JVB_TCP_PORT}'
61

HCL Sametime Meetings – TCP instead of UDP for A/V streams
Use these settings to enable only TCP
• Open .env file, find configuration „JVB_TCP_HARVESTER_DISABLED“and change the value to false :
JVB_TCP_HARVESTER_DISABLED = false
• In .env file find the item for the field JVB_TCP_PORT.
Remove # comments
JVB_TCP_PORT = 4443
• Open docker-compose.yaml file. Add the JVB_TCP_PORT section for the JVB component:
# Video bridge
jvb:
ports:
# - '$ {JVB_PORT}: $ {JVB_PORT} / udp'
- '$ {JVB_TCP_PORT}: $ {JVB_TCP_PORT}'
62

HCL Sametime Meetings – problem solving
• Audio and video do not work
- check your firewall to see if you have bidirectionally enabled UDP port 10000 for
Google STUN servers: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302
Why STUN: Simply put, STUN is a tool that helps to determine the public IP address of individual meeting
participants and to be able to connect to each other. However, not everyone has a public IP address.
When you try to join a meeting, you only see: "Loading meeting ..."
- check IP address DOCKER_HOST_ADDRESS - in .env file
• You need to reinstall the Meeting server or make a configuration change
- always remember to delete the directory ./jitsi-config
64

HCL Sametime V11.x – Resources
Current resources:
➢ Installation and Administration Guide
https://help.hcltechsw.com/sametime/11.5/admin/administrator_doc.html
➢ Installing & Configuring CentOS (for Domino)
https://www.slideshare.net/defaultxsp/installing-configuring-ibm-domino-9-on-centos
➢ HCL Customer Support
https://hclpnpsupport.hcltech.com/csm
➢ Knowledge DB
https://hclpnpsupport.hcltech.com/csm?id=search&spa=1&t=kb&q=sametime%20v11
➢ Discussion HCL Sametime
https://hclpnpsupport.hcltech.com/community?id=community_forum&sys_id=e3c946d01b80841077761fc58d4bcb04
65
ALEŠ LICHTENBERG
twitter: @a_lichtenberg
blog: www.alichtenberg.cz
ales.lichtenberg@whitesoft.eu

HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021

Ähnlich wie HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021 (20)

Mehr von Ales Lichtenberg

Mehr von Ales Lichtenberg (17)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

HCL Sametime Meetings on Docker - SUTOL Cafe 2/2021