Kurento Media Server (KMS) can be installed in multiple ways
- Using an EC2 instance in the Amazon Web Services (AWS) cloud service. Using AWS is suggested to users who don’t want to worry about properly configuring a server and all software packages, because the provided setup does all this automatically.
- Using the Docker images provided by the Kurento team. Docker images allow to run Kurento in any host machine, so for example it’s possible to run KMS on top of a Fedora or CentOS system. In theory it could even be possible to run under Windows, but so far that possibility hasn’t been explored, so you would be at your own risk.
- A local installation with
apt-get install, in any Ubuntu machine. This method allows to have total control of the installation process. Besides installing KMS, a common need is to also install a STUN or TURN server, especially if KMS or any of its clients are located behind a NAT firewall.
If you want to try pre-release builds of KMS, then head to the section Installing Pre-Release Builds.
Amazon Web Services¶
The Kurento project provides an AWS CloudFormation template file. It can be used to create an EC2 instance that comes with everything needed and totally pre-configured to run KMS, including a Coturn server.
Note that this template is specifically tailored to be deployed on the default Amazon Virtual Private Cloud (Amazon VPC) network. You need an Amazon VPC to deploy this template.
Follow these steps to use it:
Access the AWS CloudFormation Console.
Click on Create Stack.
Look for the section Choose a template, and choose the option Specify an Amazon S3 template URL. Then, in the text field that gets enabled, paste this URL:
Follow through the steps of the configuration wizard:
4.1. Stack name: A descriptive name for your Stack.
4.2. InstanceType: Choose an appropriate size for your instance. Check the different ones.
4.3. KeyName: You need to create an RSA key beforehand in order to access the instance. Check AWS documentation on how to create one.
4.4. SSHLocation: For security reasons you may need to restrict SSH traffic to allow connections only from specific locations. For example, from your home or office.
4.5. TurnUser: User name for the TURN server.
4.6. TurnPassword: Password required to use the TURN server.
The template file includes Coturn as a TURN server. The default user/password for this server is
kurento. You can optionally change the username, but make sure to change the default password.
Finish the Stack creation process. Wait until the status of the newly created Stack reads CREATE_COMPLETE.
Select the Stack and then open the Outputs tab, where you’ll find the instance’s public IP address, and the Kurento Media Server endpoint URL that must be used by Application Servers.
Kurento’s Docker Hub contains images built from each KMS Release. Just head to the kurento-media-server image page, and follow the instructions you’ll find there.
With this method, you will install KMS from the native Ubuntu package repositories made available by the Kurento project.
KMS has explicit support for two Long-Term Support (LTS) distributions of Ubuntu: Ubuntu 14.04 (Trusty) and Ubuntu 16.04 (Xenial). Only the 64-bits editions are supported.
Currently, the main development environment for KMS is Ubuntu 16.04 (Xenial), so if you are in doubt, this is the preferred Ubuntu distribution to choose. However, all features and bug fixes are still being backported and tested on Ubuntu 14.04 (Trusty), so you can continue running this version if strictly required.
Ubuntu 14.04 (Trusty) is in the path of deprecation and will stop receiving updates in the end of 2018.
Define what version of Ubuntu is in use. Open a terminal and copy only one of these commands:
# KMS for Ubuntu 14.04 (Trusty) DISTRO="trusty"
# KMS for Ubuntu 16.04 (Xenial) DISTRO="xenial"
Add the Kurento repository to your system configuration. Run these two commands in the same terminal you used in the previous step:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5AFA7A83
sudo tee "/etc/apt/sources.list.d/kurento.list" >/dev/null <<EOF # Kurento Media Server - Release packages deb [arch=amd64] http://ubuntu.openvidu.io/6.8.1 $DISTRO kms6 EOF
sudo apt-get update sudo apt-get install kurento-media-server
This will install the KMS release version that was specified in the previous commands.
The server includes service files which integrate with the Ubuntu init system, so you can use the following commands to start and stop it:
sudo service kurento-media-server start sudo service kurento-media-server stop
Log messages from KMS will be available in
/var/log/kurento-media-server/. For more details about KMS logs, check Debug Logging.
STUN and TURN servers¶
If Kurento Media Server, its Application Server, or any of the clients are located behind a NAT, you need to use a STUN or a TURN server in order to achieve NAT traversal. In most cases, STUN is effective in addressing the NAT issue with most consumer network devices (routers). However, it doesn’t work for many corporate networks, so a TURN server becomes necessary.
Apart from that, you need to open all UDP ports in your system configuration, as STUN will use any random port from the whole [0-65535] range.
The features provided by TURN are a superset of those provided by STUN. This means that you don’t need to configure a STUN server if you are already using a TURN server.
For more information about why and when STUN/TURN is needed, check out the FAQ: When is STUN needed?
To configure a STUN server in KMS, uncomment the following lines in the WebRtcEndpoint configuration file, located at
Be careful since comments inline (with
;) are not allowed for parameters in the configuration files. Thus, the following line is not correct:
stunServerAddress=<serverIp> ; Only IP addresses are supported
… and must be changed to something like this:
; Only IP addresses are supported stunServerAddress=<serverIp>
serverIp should be the public IP address of the STUN server. It must be an IP address, not a domain name.
It should be easy to find some public STUN servers that are made available for free. For example:
220.127.116.11:19302 18.104.22.168:19302 22.214.171.124:19302 126.96.36.199:19302 188.8.131.52:19302 184.108.40.206:3478 220.127.116.11:3478 18.104.22.168:3478 22.214.171.124:3478 126.96.36.199:3478 188.8.131.52:3478 184.108.40.206:3478 220.127.116.11:3478 18.104.22.168:3478 22.214.171.124:3478 126.96.36.199:3478 188.8.131.52:3478 184.108.40.206:3478 220.127.116.11:3478 18.104.22.168:3478 22.214.171.124:3478 126.96.36.199:3478 188.8.131.52:3478 184.108.40.206:3478
To configure a TURN server in KMS, uncomment the following lines in the WebRtcEndpoint configuration file, located at
serverIp should be the public IP address of the TURN server. It must be an IP address, not a domain name.
See some examples of TURN configuration below:
… or using a free access Numb TURN/STUN server:
Note that it is somewhat easy to find free STUN servers available on the net, because their functionality is pretty limited and it is not costly to keep them working for free. However, this doesn’t happen with TURN servers, which act as a media proxy between peers and thus the cost of maintaining one is much higher.
It is rare to find a TURN server which works for free while offering good performance. Usually, each user opts to maintain their own private TURN server instances.
Check your installation¶
To verify that KMS is up and running, use this command and look for the
ps -ef | grep kurento-media-server > nobody 1270 1 0 08:52 ? 00:01:00 /usr/bin/kurento-media-server
Unless configured otherwise, KMS will open the port
8888 to receive requests and send responses by means of the Kurento Protocol. Use this command to verify that this port is listening for incoming packets:
sudo netstat -tupan | grep kurento > tcp6 0 0 :::8888 :::* LISTEN 1270/kurento-media-server