...
Installation Steps
Warning |
---|
Internet should be available |
...
on the machine where the application is being installed and connections |
...
on port 9242 should be allowed in the network firewall |
...
to carry out the installation steps. |
...
Note |
---|
All the commands start with a # indicating that root user privileges are required to execute these commands. Trailing # is not a part of the command. |
There are two types of installation 1. EFCX and 2. Cisco (UCCX & UCCE). As for EFCX most of the steps are not required as Keycloak, JtapiConnector, Active Mq, Mixer are not required for EFCX.
Allow ports in the firewall
To start the firewall (if it isn't started already), execute the following commands:
Code Block |
---|
# systemctl enable firewalld
# systemctl start firewalld |
To allow the ports on firewall, you can execute the following commands. (Run on both machines in case of HA).
Code Block |
---|
# firewall-cmd --add-port=443/tcp --permanent
# firewall-cmd --add-port=8088/tcp --permanent
# firewall-cmd --add-port=5060/tcp --permanent
# firewall-cmd --add-port=16386-32768/udp --permanent
# firewall-cmd --reload |
Installation Steps
...
If there is an active firewall, allow the following ports.
Code Block |
---|
443/tcp
444/tcp
8088/tcp
5060/tcp (only for Cisco)
16386-32768/udp (only for Cisco)
# Additional port to open in case of High Avaliability (HA)
8500
8300
8301
8302
8303
8600/udp
1433 |
Installation Steps
Please make sure that Solution Prerequisites are met for the desired deployment type.
Download the deployment
...
script
and place it in theView file name deployment.sh
...
user’s home or any desired directory. This script will:
delete the recording-solution directory if it exists.
clone the required files for deployment
...
To execute the script, give it the execute permissions and execute it. This command will clone the skeleton project for the recording solution. the recording-solution directory contains all the required files for deployment.
Code Block language bash $ chmod 755 deployment.sh $ ./deployment.sh
Refer to Section 2 at the end of the guide to proceed with the HA deployment.
Follow step 5 to 8 for deployment with Cisco UCCX or UCCE in non-HA (non- High Availability) mode.
Follow
to install and configure Freeswitch. The recording path should bethis guide /usr/share/freeswitch/cucmRecording
Follow this guide to create an application user on CUCM for jtapi-connector.
Open recording-solution/docker/config.env and update the
...
environment
...
variables given below.
Name | Description | |
---|---|---|
1 |
...
...
VRS_URL | URL of a local machine. example, https: //192.168.1.101 |
...
Replace the IP with local machine in non-HA deployment, replace it with Virtual IP in case of HA
...
* | ||
2 | LOCAL_MACHINE_IP | Local machine IP since it is a non-HA deployment. example 192.168.1.101 * |
3 | KC_HOSTNAME | Keycloak hostname where keycloak is hosted. e.g 192.168.1.101 |
local machine IP in no-HA deployment, replace it with Virtual IP in case of HA
...
4 | TZ | Time Zone. e.g Asia/Karachi |
...
/app/ssl/truststore.jks
keep it same
...
5 | FINESSE_URL | https: //uccx12-5p.ucce.ipcc:8445 |
...
6 | DIRECTORY_PATH_TO_MONITOR | The path for archival process to monitor, it should be the same path where sessions are kept |
...
. e.g /usr/share/freeswitch/cucmRecording/sessions/ |
...
7 | ARCHIVED_MEDIA_FILES_EXTENSION | mp4 |
...
[keep it same] |
...
8 | FILE_EXTENSION | wav |
...
[keep it same] |
...
9 | NO_OF_DAYS |
...
No of days before which all the files will be archived. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be archived. | ||
10 | SFTP_HOST | SFTP host IP for archival |
...
e.g 192.168.1.106 | ||
11 | SFTP_PORT | 22 |
...
12 | SFTP_USERNAME |
...
Username of the SFTP server e.g expertflow | |
13 | SFTP_PASSWORD |
...
SFTP password e.g Expertflow464 | |
14 | ARCHIVAL_JOB_INTERVAL |
...
It is a duration that tells the service to trigger again. This value is in hours. For example, if set 24 the service would be triggered after 24 hrs to get the desired job done. | ||
15 | STEAM_DELETION_JOB_INTERVAL_HRS | Time in hours before which all the stream is to be deleted. e.g 24 |
...
16 | RETRY_LIMIT | limit to retry in case the connection fails. e.g 2 |
...
17 | ARCHIVAL_PROCESS_NODE | active |
...
Execute the following commands inside current directory.
Code Block |
---|
# chmod 755 install.sh
# ./install.sh |
...
18 | NO_OF_DEL_DAYS |
To execute the script, give it the execute permissions and execute it. This command will clone the skeleton project for recording solution. the recording-solution directory contains all the required files for deployment.
Code Block | ||
---|---|---|
| ||
$ chmod 755 deployment.sh
$ ./deployment.sh |
No of days before which all the streams will be deleted. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be deleted. | ||
19 | CISCO_TYPE | Either UCCE or UCCX |
20 | CUCM_APPLICATION_USER_NAME | CUCM User's username that has been created in step 3. |
21 | CUCM_APPLICATION_USER_PASSWORD | Password for the CUCM Application User. |
22 | CUCM_IP | IP address where CUCM has been Deployed |
23 | DEPLOYMENT_PROFILE | Profile that we want to use for backend “CISCO” or “EFCX“ |
Below Env variables are only for UCCX.
Name | Description | |
---|---|---|
1 | CCX_PRIMARY_IP | Primary UCCX IP address. e.g 192.168.1.33 |
2 | CCX_SECONDARY_IP | Secondary UCCX IP e.g 192.168.1.33 |
3 | CCX_ADMIN_USERNAME | CCX Admin username |
4 | CCX_ADMIN_PASSWORD | CCX Admin password |
Below Env variables are only for UCCE.
Name | Description | |
---|---|---|
1 | UCCE_IP | UCCE IP |
2 | UCCE_DATABASE | UCCE awdb database name |
3 | UCCE_USERNAME | UCCE awdb database user’s username |
4 | UCCE_PASSWORD | UCCE awdb database user’s password |
Navigate to the recording solution directory and execute the following commands:
Code Block chmod 755 install-cisco.sh #for UCCX and UCCE run ./install-cisco.sh
Verify all the containers are up and healthy
Verify if the keycloak container is healthy (docker ps), if it is on restarting, kill (docker
...
kill keycloak) and remove (docker rm keycloak) the keycloak container then run ./install.sh. Wait for keycloak container to become healthy.
...
Once
...
keycloak is set up
...
for Cisco and for EFCX it is already setup, add the below environment variables accordingly in the
recording-solution/docker/config.env
...
file.
...
Names |
---|
...
For EFCX |
---|
...
For Cisco | |||
---|---|---|---|
1 | KEYCLOAK_REALM_NAME | Realm name from EFCX keycloak | Realm name created in step 4 of keycloak setup |
2 | KEYCLOAK_CLIENT_ID | KeyCloak client id from EFCX keycloak | Keycloak client id from step 6 of keycloak setup |
3 | KEYCLOAK_CLIENT_SECRET |
...
Add the client secret from EFCX keycloak | keycloak client secret from step 8 of keycloak setup | ||
4 | KEYCLOAK_PERMISSION_GROUP | AGENT_GROUP | AGENT_GROUP |
5 | KEYCLOAK_URL |
...
FQDN of CX | - | ||
6 | EFCX_FQDN (Only for EFCX) | FQDN of CX | - |
7 | DEPLOYMENT_PROFILE | “EFCX“ | “CISCO” |
8 | VRS_URL | Url of VRS machine with port 444. IP/Url:444 | Url of VRS machine with port 443 |
9 | LOCAL_MACHINE_IP | IP of the local machine with port 444 | IP of the local machine with port 444 |
Update the Database environment variables in config.env (Only for EFCX) .These variables are builtin in case of UCCE or UCCX
Name | Description | |
---|---|---|
1 | DB_DRIVER | Driver on which database is running i.e postgres or mysql drive |
2 | DB_ENGINE | Engine on which database is running i.e postgres or mysql |
3 | DB_HOST | Name or ip of the host on which database is active |
4 | DB_NAME | Name of the database (fetch from config.conf on this path /etc/fusionpbx/) |
5 | DB_USER | Username for database (fetch from config.conf on this path /etc/fusionpbx/) |
6 | DB_PASSWORD | Password for the database (fetch from config.conf on this path /etc/fusionpbx/) |
To update the self-signed certificates for VRS, get the public authority or domain signed certificate .crt and .key files, name them server.crt and server.key, and replace the files in /recording-solution/config/certificates with these two new files. Names should be
...
the same.
Run ./install-efcx.sh
...
for EFCX Or run ./install-cisco.sh for Cisco UCCX and UCCE.
Run the following command to ensure
...
all the components are
...
running.
Code Block # docker ps
...
In case of Cisco go to https : //VRS-IP/#/login to access the application, whereas for EFCX go to https://VRS-IP:444/#/login.
Configure the SIP trunk to enable CUCM to send SIP events to VRS for call recordings. Two sip trunks should be configured in case of HA. (Not for EFCX)
Section 2
Deployment for HA:
Requirements
NFS Server
Database with SqlServer
Two SIP Trunk (HA
...
Install Rsync using the below command
...
#
sudo apt-get install rsync
...
Configure passwordless login to the other machine by running the below command. Press [Enter] When prompted for a passphrase to leave the field blank.
...
#
sudo ssh-keygen -t rsa -b 2048
Copy the generated keys to the other machine
...
#
sudo ssh-copy-id -i /root/.ssh/id_rsa.pub efadmin@other-machine-IP
...
#
sudo crontab -e
...
*/1 * * * * sudo rsync -avzhe ssh efadmin@other-machine-ip:/home/efadmin/cucmRecording/ /home/efadmin/cucmRecording/
This will run the Rsync command every minute which will sync the local /home/efadmin/cucmRecording/ directory with other-machine /home/efadmin/cucmRecording/ directory. Any files added there will show up here and vice versa.
...
(HA Only) Repeat the following steps on both machines.
...
Give execute permission and execute the script. This will create a keep-alived directory.
...
# chmod +x keepalived.sh
# ./keepalived.sh
Update the following three variables in keep.env file inside HA directory.
...
Name
...
Description
...
IPs of the machines in the cluster. On each machine, this variable should have a list of IPs of all the other machines in the cluster. The format of the list is as below:
192.168.1.80
...
Give the execute permission and execute the script: VRS should be now accessible via virtual IP
...
Mode)
Two VRS on separate VMs
EFCX Server
Docker and Docker compose
Git
Follow these steps:
Ask IPCC team for the creation of NFS server.
Mounting point of NFS on both VRS VMs is /var/vrs/recordings.
Grant full permission to this directory and any files or subdirectories created within it.
Ask the IPCC team for the configuration of HA Sip trunk and set priorities to both VRS.
Ask the IPCC team for the creation of Database (sqlserver). And add sqlcmd to the path.
Navigate to data/scripts/ inside recording-solution directory.
Run pwd command and copy the path of sqlserver.sql script
Run the following command with correct credentials. It will initialize the database.
sqlcmd -S localhost -U sa -P <your_password> -d <database_name> -i /path/to/sqlserver.sql
Follow this guide to create an application user on CUCM for jtapi-connector.
Open
recoding-solution/docker/config.env
and set the environment variables.
Name | Description | |
---|---|---|
1 | VRS_URL | IP Address of Server at which solution is being deployed, https: //192.168.1.101 * |
2 | LOCAL_MACHINE_IP | Same IP Address as given in VRS_URL. example 192.168.1.101 * |
3 | KC_HOSTNAME | Keycloak hostname where keycloak is hosted. e.g 192.168.1.101, give FQDN in case of EFCX Keycloak |
4 | TZ | Time Zone. e.g Asia/Karachi |
5 | DEPLOYMENT_PROFILE | “CISCO“ as HA is only available for Cisco CC |
6 | PEER_ADDRESS | Address of the second VM wehre VRS is deployed |
7 | HA_MODE | Keep it true. As we are deploying high avaliability |
8 | SCREEN_RECORDING | Keep it true if you want to enable screen recording, otherwise false it |
9 | KEYCLOAK_URL | FQDN of EFCX Server |
10 | CISCO_TYPE | Either UCCE or UCCX |
11 | FINESSE_URL | https: //uccx12-5p.ucce.ipcc:8445 |
12 | DIRECTORY_PATH_TO_MONITOR | The path for archival process to monitor, it should be the same path where sessions are kept. e.g /var/vrs/recodings/cucmRecording/sessions/ |
13 | ARCHIVED_MEDIA_FILES_EXTENSION | mp4 [keep it same] |
14 | FILE_EXTENSION | wav [keep it same] |
15 | NO_OF_DAYS | No of days before which all the files will be archived. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be archived. |
16 | SFTP_HOST | SFTP host IP for archival e.g 192.168.1.106 |
17 | SFTP_PORT | 22 |
18 | SFTP_USERNAME | Username of the SFTP server e.g expertflow |
19 | SFTP_PASSWORD | SFTP password e.g Expertflow464 |
20 | ARCHIVAL_JOB_INTERVAL | It is a duration that tells the service to trigger again. This value is in hours. For example, if set 24 the service would be triggered after 24 hrs to get the desired job done. |
21 | STEAM_DELETION_JOB_INTERVAL_HRS | Time in hours before which all the stream is to be deleted. e.g 24 |
22 | RETRY_LIMIT | limit to retry in case the connection fails. e.g 2 |
23 | ARCHIVAL_PROCESS_NODE | active |
24 | NO_OF_DEL_DAYS | No of days before which all the streams will be deleted. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be deleted. |
25 | CUCM_APPLICATION_USER_NAME | CUCM User's username that has been created in step 3. |
26 | CUCM_APPLICATION_USER_PASSWORD | Password for the CUCM Application User. |
27 | CUCM_IP | IP address where CUCM has been Deployed |
Below are the Env variables for UCCX. If CISCO_TYPE = UCCX
Name | Description | |
---|---|---|
1 | CCX_PRIMARY_IP | Primary UCCX IP address. e.g 192.168.1.33 |
2 | CCX_SECONDARY_IP | Secondary UCCX IP e.g 192.168.1.33 |
3 | CCX_ADMIN_USERNAME | CCX Admin username |
4 | CCX_ADMIN_PASSWORD | CCX Admin password |
Below are the ENV varialbles for UCCE. If CISCO_TYPE is UCCE
Name | Description | |
---|---|---|
1 | UCCE_IP | UCCE IP |
2 | UCCE_DATABASE | UCCE awdb database name |
3 | UCCE_USERNAME | UCCE awdb database user’s username |
4 | UCCE_PASSWORD | UCCE awdb database user’s password |
Continue Updating the config.env for the Database environment variables
Name | Description | |
---|---|---|
1 | DB_DRIVER | Driver on which database is running i.e postgres or mysql drive |
2 | DB_ENGINE | Engine on which database is running i.e postgres or mysql |
3 | DB_HOST | Name or ip of the host on which database is active |
4 | DB_NAME | Name of the database |
5 | DB_USER | Username for database |
6 | DB_PASSWORD | Password for the database |
7 | DB_PORT | Port of the Database |
Update the keycloak variables
Names | ||
---|---|---|
1 | KEYCLOAK_REALM_NAME | Realm name from keycloak |
2 | KEYCLOAK_CLIENT_ID | KeyCloak client id from keycloak |
3 | KEYCLOAK_CLIENT_SECRET | Add the client secret from keycloak |
4 | KEYCLOAK_PERMISSION_GROUP | AGENT_GROUP |
5 | KEYCLOAK_URL | FQDN of CX |
6 | EFCX_FQDN | FQDN of CX |
8 | VRS_URL | Url of VRS machine |
9 | LOCAL_MACHINE_IP | IP of the local machine |
Navigate to HA directory inside recording-solution directory.
Open keep.env file and set values to environment variables
Code Block KEEPALIVED_UNICAST_PEERS=192.168.1.126 (IP address of the Second VRS) KEEPALIVED_VIRTUAL_IPS=192.168.1.245 (Assign any IP-Address which not in use) KEEPALIVED_PRIORITY=100 (Assign 100 for priority 1 and 90 for priority 2)
On the terminal run command ip addr
and find your network interface card and assign the value. Add the network interface card value keep.env.
Code Block KEEPALIVED_INTERFACE=ens160 (Find you interface card. ens160 or ens 192 or anyother)
Now run this script type ./keep-alive.sh
Change the recording path and other variables as per your configuration.
Open docker-compose-cisco in docker/docker-compose-cisco
Open
recoding-solution/docker/docker-compose-cisco
Uncomment the Consul Container and save the changes
Archival Container add the volumes
Code Block |
---|
volumes:
- /var/vrs/recordings/cucmRecording/streams/:/var/vrs/recordings/cucmRecording/streams/
- /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/ |
In Apis/Backend Container add the volumes and database configuration
Code Block |
---|
volumes:
- /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/ |
In Mixer Container add the volumes and database configuration
Code Block |
---|
volumes:
- /var/vrs/recordings/cucmRecording/streams/:/var/vrs/recordings/cucmRecording/streams/
- /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/ |
Open the freeswitch script record.lua located in the
/usr/share/freeswitch/scripts
and add the following recording path:
Code Block |
---|
recording_dir = "/var/vrs/recordings/cucmRecording/streams/"
mixedRecordingDir = "/var/vrs/recordings/cucmRecording/sessions/" |
Also change the IP address. Assign you local machine ip address
url = "http://<IP-Address>:9900/mixapi",
Give required permission to the nfs directory
Since our VRS interacts with local storage, it reads and writes files on the local storage. Pemission to read and write is thus necessary for the VRS to work.
Assign full permission to the mounted directory for all group, users and others to read, write and execute the mounted directory. It can be done with umask.
Now, run the install script. ./install-cisco.sh
Do the same for the other VRS