Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.




Installation Steps

Warning

Internet should be available on the machine where the application is being installed and connections on port 9242 should be allowed in the network firewall to carry out the installation steps. 



Note

All the commands start with a # indicating that root user privileges are required to execute these commands. Trailing # is not a part of the command.


Allow ports in the firewall

If there is an active firewall, allow following ports.

Code Block
443/tcp
8088/tcp
5060/tcp
16386-32768/udp

Installation Steps

  1. Follow this guide to install and configure Freeswitch
  2. Please make sure that Solution Prerequisites are met for the desired deployment type. 
  3. Download the deployment script deployment.sh and place it in the user home or any desired directory. This script will:
    1. delete the recording-solution directory if it exists.
    2. clone the required files for deployment
  4. To execute the script, give it the execute permissions and execute it. This command will clone the skeleton project for recording solution. the recording-solution directory contains all the required files for deployment.

    Code Block
    languagebash
    $ chmod 755 deployment.sh
    $ ./deployment.sh


  5. Create MySQL database schema for vrs using the script located in recording-solution/data/init.sql. This is an sql script which creates a database with name vrs and the required tables. Run this as an sql script/query in MySQL (For non-HA deployment)
  6. Open recording-solution/docker/config.env and update the following environment variable 


    vrs database password7819272930

    NameDescription
    1DB_HOSTvrs database host machine IP
    2DB_NAMEvrs database name
    3DB_USERvrs database username
    4DB_PASSWORD
    5KEYCLOAK_PERMISSION_GROUPKeycloak Group from step 12 of keycloak setup
    6VRS_URLURL 

    https://192.168.1.101 

    Replace the IP with local machine in non-HA deployment, replace it with Virtual IP in case of HA

    [IP of a local machine]

    2LOCAL_MACHINE_IP

    192.168.1.101  [local machine IP in no-HA deployment, replace it with Virtual IP in case of HA

    since it is a non-HA deployment]

    3KC_HOSTNAMEKeycloak hostname e.g 192.168.1.101 
    4TZAsia/Karachi
    95TRUST_STORE_PATH

    /app/ssl/truststore.jks

    keep it same

    106TRUST_STORE_PASSWORDExpertflow464
    117KCCCX_DBPRIMARY_URLjdbc:mysql://IPPrimary UCCX IP e.g 192.168.1.106:3306/keycloak
    Replace the machine IP and database name for keycloak database
    12
    KC_DB_USERNAME
    Keycloak database username
    13
    KC_DB_PASSWORD
    Keycloak database password
    14
    KEYCLOAK_USER
    Keycloak admin username (A new user is created when keycloak runs for the first time)
    15
    KEYCLOAK_PASSWORD
    Keycloak admin password
    16
    KC_HOSTNAME
    Local machine IP or fqdn
    17CCX_PRIMARY_IPPrimary UCCX IP
    18CCX_33
    8CCX_SECONDARY_IPSecondary UCCX IP e.g 192.168.1.33
    9CCX_ADMIN_USERNAMECCX Admin username
    2010CCX_ADMIN_PASSWORDCCX Admin password
    2111FINESSE_URLhttps://uccx12-5p.ucce.ipcc:8445
    2212DIRECTORY_PATH_TO_MONITORThe path for archival process to monitor, it should be the same path where sessions are kept, mostly /home/efadmin/cucmRecording/sessions/ OR /usr/share/freeswitch/cucmRecording/sessions/
    2313ARCHIVED_MEDIA_FILES_EXTENSIONmp4 #keep it same
    2414FILE_EXTENSIONwav #keep it same
    2515NO_OF_DAYS1
    2616SFTP_HOSTSFTP host IP for archival e.g 192.168.1.106
    17SFTP_PORT22
    2818SFTP_USERNAMEUser name of the sftp server e.g expertflow
    19SFTP_PASSWORDSFTP password e.g Expertflow464
    20ARCHIVAL_JOB_INTERVAL15
    3121

    STEAM_DELETION_JOB_INTERVAL_HRS

    24
    3222RETRY_LIMIT2
    3323ARCHIVAL_PROCESS_NODEactive
    3424NO_OF_DEL_DAYS2
    25KEYCLOAK_CLIENT_IDName of the client e.g vrs
    26KEYCLOAK_CLIENT_SECRET
    27KEYCLOAK_REALM_NAMEName of the realm e.g vrs
    28KEYCLOAK_PERMISSION_GROUPPermission group e.g AGENT_GROUP



  7. Navigate to recording solution directory and execute the following commands:

    Code Block
    # chmod 755 install.sh
    # ./install.sh

    Verify all the containers are up and healthy 

  8. Verify if keycloak container is healthy (docker ps), if it is on restarting, kill  (docker kill keycloak) and remove (docker rm keycloak) the keycloak container then run ./install.sh. Wait for keycloak container to become healthy.
  9. Set up keycloak
  10. Once keycloak is set up, update below environment variables in recording-solution/docker/config.env file. 


    NameDescription
    1KEYCLOAK_REALM_NAMERealm name created in step 4 of keycloak setup
    2KEYCLOAK_CLIENT_IDKeycloak client id from step 6 of keycloak setup
    3KEYCLOAK_CLIENT_SECRETKeycloak client secret from step 8 of keycloak setup
    4KEYCLOAK_PERMISSION_GROUPKeep it same


  11. To update the self signed certificates for VRS, get the public authority or domain signed certificate .crt and .key files, name them server.crt and server.key and replace the files in /recording-solution/config/certificates with these two new files. Names should be exactly same.
  12.  Run ./install.sh again
  13. Run the following command to ensure that all the components are up and running. 

    Code Block
    # docker ps


  14. Go to https://VRS-IP/#/login to access the application.

  15. Configure SIP trunk to enable CUCM to send SIP events to VRS for call recordings. Two sip trunks should be configured in case of HA.
    (HA Only) Install and configure rsync to synchronize the recording folder on both machines in HA.

    Install Rsync using the below command

    sudo apt-get install rsync

  16. Note down the directory that is used for recordings, assume it is /home/efadmin/cucmRecording/
  17. Configure passwordless login to the other machine by running the below command. Press [Enter] When prompted for a passphrase to leave the field blank.

    sudo ssh-keygen -t rsa -b 2048

    Copy the generated keys to the other machine

    sudo ssh-copy-id -i /root/.ssh/id_rsa.pub efadmin@other-machine-IP

    Configure a cron job to automate Rsync. Enter the below command.

    sudo crontab -e

    The above command will open a file, edit it, and add the below line at the end of the file. Replace the other-machine-ip with the IP of the other machine in HA

    */1 * * * * sudo rsync -avzhe ssh efadmin@other-machine-ip:/home/efadmin/cucmRecording/ /home/efadmin/cucmRecording/

    This will run the Rsync command every minute which will sync the local /home/efadmin/cucmRecording/ directory with other-machine /home/efadmin/cucmRecording/ directory. Any files added there will show up here and vice versa.

    Follow these steps on the other machine as well

    (HA Only) Repeat the following steps on both machines.

  18. Go to recording-solution/HA
  19. Give execute permission and execute the script. This will create a keep-alived directory.

    # chmod +x keep-alive.sh
    # ./keep-alive.sh

    Update the following three variables in keep.env file inside HA directory.  

    Name

    Description

    KEEPALIVED_UNICAST_PEERS

    IPs of the machines in the cluster. On each machine, this variable should have a list of IPs of all the other machines in the cluster. The format of the list is as below: 

    192.168.1.80

    KEEPALIVED_VIRTUAL_IPSVirtual IP of the cluster. It should be available in the LAN. For example: 192.168.1.245KEEPALIVED_INTERFACEName of the network interface with which your machine is connected to the network. On CentOS/Debian, if config or ip addr will show all the network interfaces and assigned addresses. This is important. If wrong value is entered then it won't work and will cause every container restarts.

    Give the execute permission and execute the script:  VRS should be now accessible via virtual IP

    # chmod +x keep-command.sh
    # ./keep-alive.sh