Deploying a Conferencing Node in Google Cloud Platform

After deploying the Management Node and completing the initial platform configuration you can deploy one or more Conferencing Nodes in GCP to provide conferencing capacity.

Creating a new Conferencing Node is a two-step process:

  1. Deploying a new VM instance in GCP.
  2. Configuring the VM with the details of the specific Conferencing Node being deployed, using a file generated from the Pexip Infinity Management Node.

Deploying the VM instance in GCP

To deploy a Conferencing Node on a Google Compute Engine VM:

  1. If you have not already done so, prepare a Conferencing Node disk image. For more information on this, see Obtaining and preparing disk images for GCE Virtual Machines.

    Note that if you have upgraded your Pexip Infinity software, you need a Conferencing Node disk image for the software version you are currently running.

  2. From the GCP project console, go to Compute engine > VM instances.
  3. Select Create Instance.

  4. Complete the following fields (leave all other settings as default):

    Name Enter a unique name for the instance, for example "pexipnode-europe-1".
    Zone Select an appropriate Zone. Typically you should choose a zone that is geographically close to the location from where users will connect to it.
    Machine type

    Select 8 vCPUs (n2-highcpu-8).

    We recommend selecting a minimum CPU platform. Select Customize and then select the most modern platform available that does not incur a surcharge, typically Intel Broadwell or later.

    For more information see Recommended instance types and call capacity guidelines.
    Boot disk

    Select the Conferencing Node custom disk image:

    1. Select Change.
    2. Select Custom images.
    3. Select the Conferencing Node custom disk image, e.g. "pexip-node-v37-1".
    4. Select Select.

    We strongly recommend SSDs for Conferencing Nodes. General VM processes (such as snapshots and backups) and platform upgrades will be faster with SSDs.
    Identity and API access For Service account, select No service account.

    Networking:

    Network tags

    Expand the Advanced options section and open the Networking section.

    Assign Network tags to the instance, for example "pexip-provisioning pexip-conferencing".

    These are the tags that should be applied to your Conferencing Node firewall rules (see Controlling access to Conferencing Nodes for installation/provisioning and Controlling access to Conferencing Nodes for conference participants).

    Networking:

    External IP

    You must decide whether or not to assign an external IP address to the instance.

    You must assign a static public/external IP address to the Conferencing Node if you want that node to be able to host conferences that are accessible from devices in the public internet.

    1. Expand the Advanced options section and open the Networking section.
    2. In the Network interfaces field, select the default interface to open the Network interface dialog.
    3. Select a Subnetwork if appropriate (e.g. if it is a private/hybrid deployment and you have created new subnets to avoid overlapping addresses in your corporate network).

    4. Select an appropriate External IP:

      • None: no external IP address will be assigned. Use this where the instance does not need to have a publicly-accessible IP address.
      • Create IP address: select this option to create a static external address. You can enter a Name for the address and GCP will allocate a static IP address.
      • <external address>: you can select a specific static external address if you have already created one in advance.

    Do not select Ephemeral — if you stop and restart the instance a new address will be assigned.
    SSH keys

    We recommend applying an SSH key to the Conferencing Node instance if you are not already using a project-wide key for all of the instances in your project.

    The username element of the SSH key must be "admin" or "admin@<domain>". To apply an instance-level key:

    1. Open the Security section and then open the Manage Access section.
    2. Select Add item to add your own, existing SSH key. This produces a text box. Copy the contents of your public SSH key file and paste them into the text box. Modify the username element at the end of the key to "admin" or "admin@<domain>" if necessary.


    See Security and SSH keys for more information.

  5. Select Create to create the instance.
  6. On the VM Instances page, make a note of the "Internal IP" address, and the "External IP" address (if appropriate) that have been assigned to the new instance / Conferencing Node.
  7. After the instance has booted, perform a configuration-only deployment on the Management Node to inform it of the new Conferencing Node as described below.

Generating, downloading and deploying the configuration file

  1. From the Pexip Infinity Administrator interface, go to Platform > Conferencing Nodes and select Add Conferencing Node.

  2. You are now asked to provide the network configuration to be applied to the Conferencing Node, by completing the following fields:

    Option Description
    Name Enter the name to use when referring to this Conferencing Node in the Pexip Infinity Administrator interface.
    Description An optional field where you can provide more information about the Conferencing Node.
    Role

    This determines the Conferencing Node's role:

    • Proxying Edge Node: a Proxying Edge Node handles all media and signaling connections with an endpoint or external device, but does not host any conferences — instead it forwards the media on to a Transcoding Conferencing Node for processing.
    • Transcoding Conferencing Node: a Transcoding Conferencing Node handles all the media processing, protocol interworking, mixing and so on that is required in hosting Pexip Infinity calls and conferences. When combined with Proxying Edge Nodes, a transcoding node typically only processes the media forwarded on to it by those proxying nodes and has no direct connection with endpoints or external devices. However, a transcoding node can still receive and process the signaling and media directly from an endpoint or external device if required.

    See Distributed Proxying Edge Nodes for more information.

    Hostname

    Domain

    Enter the hostname and domain to assign to this Conferencing Node. Each Conferencing Node and Management Node must have a unique hostname.

    The Hostname and Domain together make up the Conferencing Node's DNS name or FQDN. We recommend that you assign valid DNS names to all your Conferencing Nodes. For more information, see Assigning hostnames and FQDNs.
    IPv4 address

    Enter the IP address to assign to this Conferencing Node when it is created.

    This should be the GCE Internal IP address of the new VM instance.
    Network mask

    Enter the IP network mask to assign to this Conferencing Node.

    For GCP you should always enter 255.255.255.255

    Note that IPv4 address and Network mask apply to the eth0 interface.
    Gateway IPv4 address

    Enter the IP address of the default gateway to assign to this Conferencing Node.

    This is the default gateway address for the region in which the node is deployed. See https://cloud.google.com/compute/docs/vpc/#subnet-ranges for a table of regions and default gateway addresses.

    Note that the Gateway IPv4 address is not directly associated with a network interface, except that the address entered here lies in the subnet in which either eth0 or eth1 is configured to use. Thus, if the gateway address lies in the subnet in which eth0 lives, then the gateway will be assigned to eth0, and likewise for eth1.
    Secondary interface IPv4 address

    Leave this option blank as dual network interfaces are not supported on Conferencing Nodes deployed in public cloud services.
    Secondary interface network mask

    Leave this option blank as dual network interfaces are not supported on Conferencing Nodes deployed in public cloud services.

    Note that Secondary interface IPv4 address and Secondary interface network mask apply to the eth1 interface.
    System location

    Select the physical location of this Conferencing Node. A system location should not contain a mixture of proxying nodes and transcoding nodes.

    If the system location does not already exist, you can create a new one here by clicking to the right of the field. This will open up a new window showing the Add system location page. For further information see About system locations.
    Configured FQDN A unique identity for this Conferencing Node, used in signaling SIP TLS Contact addresses. For more information, see Assigning a Configured FQDN.
    TLS certificate The TLS certificate to use on this node. This must be a certificate that contains the above Configured FQDN. Each certificate is shown in the format <subject name> (<issuer>).
    IPv6 address

    The IPv6 address for this Conferencing Node. Each Conferencing Node must have a unique IPv6 address.
    Gateway IPv6 address

    The IPv6 address of the default gateway.

    If this is left blank, the Conferencing Node listens for IPv6 Router Advertisements to obtain a gateway address.
    IPv4 static NAT address

    Configure the Conferencing Node's static NAT address, if you have a assigned a public/external IP address to the instance.

    Enter the External IP address allocated by GCE for the VM instance.

    For more information, see Configuring Pexip Infinity nodes to work behind a static NAT device.
    Static routes From the list of Available Static routes, select the routes to assign to the node, and then use the right arrow to move the selected routes into the Chosen Static routes list. For more information, see Managing static routes.
    Enable distributed database

    This should usually be enabled (checked) for all Conferencing Nodes that are expected to be "always on", and disabled (unchecked) for nodes that are expected to only be powered on some of the time (e.g. cloud bursting nodes that are likely to only be operational during peak times).
    Enable SSH

    Determines whether this node can be accessed over SSH.

    Use Global SSH setting: SSH access to this node is determined by the global Enable SSH setting (Platform > Global settings > Connectivity > Enable SSH).

    Off: this node cannot be accessed over SSH, regardless of the global Enable SSH setting.

    On: this node can be accessed over SSH, regardless of the global Enable SSH setting.

    Default: Use Global SSH setting.
    SSH authorized keys

    You can optionally assign one or more SSH authorized keys to use for SSH access.

    From the list of Available SSH authorized keys, select the keys to assign to the node, and then use the right arrow to move the selected keys into the Chosen SSH authorized keys list.

    Note that in cloud environments, this list does not include any of the SSH keys configured within that cloud service.

    For more information, see Configuring SSH authorized keys.

    Use SSH authorized keys from cloud service

    When a node is deployed in a cloud environment, you can continue to use the SSH keys configured within the cloud service where available, in addition to any of your own assigned keys (as configured in the field above). If you disable this option you can only use your own assigned keys.

    Default: enabled.
  3. Select Save.

  4. You are now asked to complete the following fields:

    Option Description
    Deployment type

    Select Generic (configuration-only).
    SSH password

    Enter the password to use when logging in to this Conferencing Node's Linux operating system over SSH. The username is always admin.

    Logging in to the operating system is required when changing passwords or for diagnostic purposes only, and should generally be done under the guidance of your Pexip authorized support representative. In particular, do not change any configuration using SSH — all changes should be made using the Pexip Infinity Administrator interface.

  5. Select Download.

    A message appears at the top of the page: "The Conferencing Node image will download shortly or click on the following link".

    After a short while, a file with the name pexip-<hostname>.<domain>.xml is generated and downloaded.

    Note that the generated file is only available for your current session so you should download it immediately.

  6. Browse to https://<conferencing-node-ip>:8443/ and use the form provided to upload the configuration file to the Conferencing Node VM.

    If you cannot access the Conferencing Node, check that you have allowed the appropriate source addresses in your ingress firewall rules for management traffic. In public deployments and where there is no virtual private network, you need to use the public address of the node.

    The Conferencing Node will apply the configuration and reboot. After rebooting, it will connect to the Management Node in the usual way.

    You can close the browser window used to upload the file.

After deploying a new Conferencing Node, it takes approximately 5 minutes before the node is available for conference hosting and for its status to be updated on the Management Node. Until it becomes available, the Management Node reports the status of the Conferencing Node as having a last contacted and last updated date of "Never". "Connectivity lost between nodes" alarms relating to that node may also appear temporarily.

When the node is up and running you can optionally remove the "pexip-provisioning" Network tag from the instance (or whichever tag you have associated with your provisioning firewall rule as described in Controlling access to Conferencing Nodes for installation/provisioning ) as it is no longer required. Note, do not delete the firewall rule or remove the "pexip-conferencing" tag.