Preparing the network

This section provides information on the network considerations needed to install Kubernetes.

Before you begin

The following software must be installed before you install Sametime Meetings:

  • Kubernetes v1.16.0 or later with an ingress controller (see Kubernets QuickStart for a basic single node deployment)
  • Helm v3.1.2
  • Sametime Proxy v11.6
  • Sametime Chat v11.6
  • MongoDB

About this task

Network considerations

Sametime Meetings uses UDP on port 30000 by default for media streams. Ensure that the clients you will service have UDP inbound access to this port and that outbound UDP traffic from the deployment is unrestricted.

The Sametime Meeting server must be able to connect to MongoDB with a user account which has the authority to create databases. The database will be created during the installation.

The Sametime Meeting server must be able to reach the Sametime Proxy server on the port used to service users (typically port 443). The meeting server requires the Sametime Proxy server to use a third-party certificate.

For more details on connectivity, see the topics: Topology and Connectivity and Ports used by Sametime.

STUN Service

Sametime Meetings use internet accessible STUN servers to help clients and the server negotiate media paths for the exchange of audio/video/appshare data. Public Google STUN servers are configured by default.

These addresses must be reachable by the container. If they are not, there may be issues joining meetings.

stun.l.google.com:19302
stun1.l.google.com:19302
stun2.l.google.com:19302

To change the defult STUN server see, Configuring alternate STUN servers. For further information on STUN, see the topic Session Traversal Utilities for NAT (STUN).

Ingress Controller

Docker/Kubernetes uses internal private network addresses for the deployed services. Applications may also expose network ports directly on the node as well. Sametime Meetings defines a LoadBalancer service for the HTTP/HTTPS traffic and a NodePort service for the media traffic. To expose these services to the outside world, an ingress controller is required for the HTTP/HTTPS traffic and the IP address of the node must be accessible for the media traffic.

DNS Considerations

Your Kubernetes cluster must be able to resolve the supporting servers: MongoDB, Sametime Proxy and STUN. If DNS is unreliable or not able to resolve these hostnames to their IP addresses, complete the topic "Configuring Host Aliases for Kubernetes deployments."