Question about Janus & Kubernetes & nat-1-1

[Rani Yaroshinski]

We are trying to do large installation of   Janus-Gateway over k8s. We have a problem in understanding the deployment from point of view of :

[a] k8s doesn't support port-range mapping through LB solutions, and even if such large list can be generated by script for deployment configuration, it would not be able to cope with a large list, through k8s networking. Is there any suggested solution for this ?

The are a lot of other questions, like mapping port-ranges of UDP for different source IP-s to different pods.

[b] One troubling thing is the nat-1-1 parameter. I couldn't find the meaning of it anywhere in the documentation. From what I saw it seems like for k8s the public IP of the ingress LB should be set there, but for docker the internal DOCKER_IP is supposed to be set, and that is quite weird. BTW, it seems to work in both cases, but the results are different in any case.

I guess that nat-1-1 is supposed to be telling janus that the NAT it "leaves" in has 1-1 port mapping for the STUN binding request.

Maybe the correct implementation would be to enforce Janus to assume that the ports are 1:1 mapped in its surrounding, meaning that when receiving the global IP from STUN call, it would ignore the port coming from the STUN binding, and would use only the IP for producing candidate.