Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Installation Steps

Warning

Internet should be available

...

 on the machine where the application is being installed and connections

...

on port 9242 should be allowed in the network firewall

...

 to carry out the installation steps.

...


Note

All the commands start with a # indicating that root user privileges are required to execute these commands. Trailing # is not a part of the command.

There are two types of installation 1. EFCX and 2. Cisco (UCCX & UCCE). As for EFCX most of the steps are not required as Keycloak, JtapiConnector, Active Mq, Mixer are not required for EFCX.

Allow ports in the firewall

To start the firewall (if it isn't started already), execute the following commands:  

Code Block
# systemctl enable firewalld
# systemctl start firewalld

To allow the ports on firewall, you can execute the following commands. (Run on both machines in case of HA). 

Code Block
# firewall-cmd --add-port=443/tcp --permanent
# firewall-cmd --add-port=8088/tcp --permanent
# firewall-cmd --add-port=5060/tcp --permanent 
# firewall-cmd --add-port=16386-32768/udp --permanent 
# firewall-cmd --reload

Installation Steps

...

If there is an active firewall, allow the following ports.

Code Block
443/tcp
444/tcp
8088/tcp
5060/tcp (only for Cisco)
16386-32768/udp (only for Cisco)

# Additional port to open in case of High Avaliability (HA)
8500
8300
8301
8302
8303
8600/udp
1433

Installation Steps

  1. Please make sure that Solution Prerequisites are met for the desired deployment type. 

  2. Download the deployment

...

  1. script

    View file
    namedeployment.sh
     and place it in the

...

  1. user’s home or any desired directory. This script will:

    1. delete the recording-solution directory if it exists.

    2. clone the required files for deployment

...

  1. To execute the script, give it the execute permissions and execute it. This command will clone the skeleton project for the recording solution. the recording-solution directory contains all the required files for deployment.

    Code Block
    languagebash
    $ chmod 755 deployment.sh
    $ ./deployment.sh
  2. Refer to Section 2 at the end of the guide to proceed with the HA deployment.

  3. Follow step 5 to 8 for deployment with Cisco UCCX or UCCE in non-HA (non- High Availability) mode.

  4. Follow this guide to install and configure Freeswitch. The recording path should be /usr/share/freeswitch/cucmRecording

  5. Follow this guide to create an application user on CUCM for jtapi-connector.

  6. Open recording-solution/docker/config.env and update the

...

  1. environment

...

  1. variables given below.

Name

Description

1

...

...

VRS_URL

URL of a local machine. example, https: //192.168.1.101

...

Replace the IP with local machine in non-HA deployment, replace it with Virtual IP in case of HA

...

*

2

LOCAL_MACHINE_IP

Local machine IP since it is a non-HA deployment. example 192.168.1.101 *

3

KC_HOSTNAME

Keycloak hostname where keycloak is hosted. e.g 192.168.1.101

local machine IP in no-HA deployment, replace it with Virtual IP in case of HA

...

4

TZ

Time Zone. e.g Asia/Karachi

...

/app/ssl/truststore.jks

keep it same

...

5

FINESSE_URL

https: //uccx12-5p.ucce.ipcc:8445

...

6

DIRECTORY_PATH_TO_MONITOR

The path for archival process to monitor, it should be the same path where sessions are kept

...

. e.g /usr/share/freeswitch/cucmRecording/sessions/

...

7

ARCHIVED_MEDIA_FILES_EXTENSION

mp4

...

[keep it same]

...

8

FILE_EXTENSION

wav

...

[keep it same]

...

9

NO_OF_DAYS

...

No of days before which all the files will be archived. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be archived. 

10

SFTP_HOST

SFTP host IP for archival

...

e.g 192.168.1.106

11

SFTP_PORT

22

...

12

SFTP_USERNAME

...

Username of the SFTP server e.g expertflow

13

SFTP_PASSWORD

...

SFTP password e.g Expertflow464

14

ARCHIVAL_JOB_INTERVAL

...

It is a duration that tells the service to trigger again. This value is in hours. For example, if set 24 the service would be triggered after 24 hrs to get the desired job done.

15

STEAM_DELETION_JOB_INTERVAL_HRS

Time in hours before which all the stream is to be deleted. e.g 24

...

16

RETRY_LIMIT

limit to retry in case the connection fails. e.g 2

...

17

ARCHIVAL_PROCESS_NODE

active

...

Execute the following commands inside current directory. 

Code Block
# chmod 755 install.sh
# ./install.sh

...

18

NO_OF_DEL_DAYS

To execute the script, give it the execute permissions and execute it. This command will clone the skeleton project for recording solution. the recording-solution directory contains all the required files for deployment.

Code Block
languagebash
$ chmod 755 deployment.sh
$ ./deployment.sh

No of days before which all the streams will be deleted. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be deleted. 

19

CISCO_TYPE

Either UCCE or UCCX

20

CUCM_APPLICATION_USER_NAME

CUCM User's username that has been created in step 3.

21

CUCM_APPLICATION_USER_PASSWORD

Password for the CUCM Application User.

22

CUCM_IP

IP address where CUCM has been Deployed

23

DEPLOYMENT_PROFILE

Profile that we want to use for backend “CISCO” or “EFCX“

Below Env variables are only for UCCX.

Name

Description

1

CCX_PRIMARY_IP

Primary UCCX IP address. e.g 192.168.1.33

2

CCX_SECONDARY_IP

Secondary UCCX IP e.g 192.168.1.33

3

CCX_ADMIN_USERNAME

CCX Admin username

4

CCX_ADMIN_PASSWORD

CCX Admin password

Below Env variables are only for UCCE.

Name

Description

1

UCCE_IP

UCCE IP

2

UCCE_DATABASE

UCCE awdb database name

3

UCCE_USERNAME

UCCE awdb database user’s username

4

UCCE_PASSWORD

UCCE awdb database user’s password

  1. Navigate to the recording solution directory and execute the following commands:

    Code Block
    chmod 755 install-cisco.sh
    
    #for UCCX and UCCE run
    ./install-cisco.sh 
    

    Verify all the containers are up and healthy 

  2. Verify if the keycloak container is healthy (docker ps), if it is on restarting, kill  (docker

...

  1. kill keycloak) and remove (docker rm keycloak) the keycloak container then run ./install.sh. Wait for keycloak container to become healthy.

  2. Set

...

  1. up keycloak

  2. Once

...

  1. keycloak is set up

...

  1. for Cisco and for EFCX it is already setup, add the below environment variables accordingly in the recording-solution/docker/config.env

...

  1.  file.

...

Names

...

For EFCX

...

For Cisco

1

KEYCLOAK_REALM_NAME

Realm name from EFCX keycloak

Realm name created in step 4 of keycloak setup

2

KEYCLOAK_CLIENT_ID

KeyCloak client id from EFCX keycloak

Keycloak client id from step 6 of keycloak setup

3

KEYCLOAK_CLIENT_SECRET

...

Add the client secret from EFCX keycloak

keycloak client secret from step 8 of keycloak setup

4

KEYCLOAK_PERMISSION_GROUP

AGENT_GROUP

AGENT_GROUP

5

KEYCLOAK_URL

...

FQDN of CX

-

6

EFCX_FQDN (Only for EFCX)

FQDN of CX

-

7

DEPLOYMENT_PROFILE

“EFCX“

“CISCO”

8

VRS_URL

Url of VRS machine with port 444. IP/Url:444

Url of VRS machine with port 443

9

LOCAL_MACHINE_IP

IP of the local machine with port 444

IP of the local machine with port 444

  1. Update the Database environment variables in config.env (Only for EFCX) .These variables are builtin in case of UCCE or UCCX

Name

Description

1

DB_DRIVER

Driver on which database is running i.e postgres or mysql drive

2

DB_ENGINE

Engine on which database is running i.e postgres or mysql

3

DB_HOST

Name or ip of the host on which database is active

4

DB_NAME

Name of the database (fetch from config.conf on this path /etc/fusionpbx/)

5

DB_USER

Username for database (fetch from config.conf on this path /etc/fusionpbx/)

6

DB_PASSWORD

Password for the database (fetch from config.conf on this path /etc/fusionpbx/)

  1. To update the self-signed certificates for VRS, get the public authority or domain signed certificate .crt and .key files, name them server.crt and server.key, and replace the files in /recording-solution/config/certificates with these two new files. Names should be

...

  1. the same.

  2.  Run ./install-efcx.sh 

...

  1. for EFCX Or run ./install-cisco.sh for Cisco UCCX and UCCE.

  2. Run the following command to ensure

...

  1. all the components are

...

  1. running. 

    Code Block
    # docker ps

...

  1. In case of Cisco go to https : //VRS-IP/#/login to access the application, whereas for EFCX go to https://VRS-IP:444/#/login.

  2. Configure the SIP trunk to enable CUCM to send SIP events to VRS for call recordings. Two sip trunks should be configured in case of HA. (Not for EFCX)

Section 2

Deployment for HA:

Requirements

  • NFS Server

  • Database with SqlServer

  • Two SIP Trunk (HA

...

Install Rsync using the below command

...

sudo apt-get install rsync

...

Configure passwordless login to the other machine by running the below command. Press [Enter] When prompted for a passphrase to leave the field blank.

...

sudo ssh-keygen -t rsa -b 2048

Copy the generated keys to the other machine

...

sudo ssh-copy-id -i /root/.ssh/id_rsa.pub efadmin@other-machine-IP

...

sudo crontab -e

...

*/1 * * * * sudo rsync -avzhe ssh efadmin@other-machine-ip:/home/efadmin/cucmRecording/ /home/efadmin/cucmRecording/

This will run the Rsync command every minute which will sync the local /home/efadmin/cucmRecording/ directory with other-machine /home/efadmin/cucmRecording/ directory. Any files added there will show up here and vice versa.

...

(HA Only) Repeat the following steps on both machines.

...

Give execute permission and execute the script. This will create a keep-alived directory.

...

# chmod +x keepalived.sh
# ./keepalived.sh

Update the following three variables in keep.env file inside HA directory.  

...

Name

...

Description

...

IPs of the machines in the cluster. On each machine, this variable should have a list of IPs of all the other machines in the cluster. The format of the list is as below: 

192.168.1.80

...

Give the execute permission and execute the script:  VRS should be now accessible via virtual IP

...

  • Mode)

  • Two VRS on separate VMs

  • EFCX Server

  • Docker and Docker compose

  • Git

Follow these steps:

  1. Ask IPCC team for the creation of NFS server.

  2. Mounting point of NFS on both VRS VMs is /var/vrs/recordings.

  3. Grant full permission to this directory and any files or subdirectories created within it.

  4. Ask the IPCC team for the configuration of HA Sip trunk and set priorities to both VRS.

  5. Ask the IPCC team for the creation of Database (sqlserver). And add sqlcmd to the path.

  6. Navigate to data/scripts/ inside recording-solution directory.

  7. Run pwd command and copy the path of sqlserver.sql script

  8. Run the following command with correct credentials. It will initialize the database.

sqlcmd -S localhost -U sa -P <your_password> -d <database_name> -i /path/to/sqlserver.sql

  1. Follow this guide to create an application user on CUCM for jtapi-connector.

  2. Open recoding-solution/docker/config.env and set the environment variables.

Name

Description

1

VRS_URL

IP Address of Server at which solution is being deployed, https: //192.168.1.101 *

2

LOCAL_MACHINE_IP

Same IP Address as given in VRS_URL. example 192.168.1.101 *

3

KC_HOSTNAME

Keycloak hostname where keycloak is hosted. e.g 192.168.1.101, give FQDN in case of EFCX Keycloak

4

TZ

Time Zone. e.g Asia/Karachi

5

DEPLOYMENT_PROFILE

“CISCO“ as HA is only available for Cisco CC

6

PEER_ADDRESS

Address of the second VM wehre VRS is deployed

7

HA_MODE

Keep it true. As we are deploying high avaliability

8

SCREEN_RECORDING

Keep it true if you want to enable screen recording, otherwise false it

9

KEYCLOAK_URL

FQDN of EFCX Server

10

CISCO_TYPE

Either UCCE or UCCX

11

FINESSE_URL

https: //uccx12-5p.ucce.ipcc:8445

12

DIRECTORY_PATH_TO_MONITOR

The path for archival process to monitor, it should be the same path where sessions are kept. e.g /var/vrs/recodings/cucmRecording/sessions/

13

ARCHIVED_MEDIA_FILES_EXTENSION

mp4 [keep it same]

14

FILE_EXTENSION

wav [keep it same]

15

NO_OF_DAYS

No of days before which all the files will be archived. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be archived. 

16

SFTP_HOST

SFTP host IP for archival e.g 192.168.1.106

17

SFTP_PORT

22

18

SFTP_USERNAME

Username of the SFTP server e.g expertflow

19

SFTP_PASSWORD

SFTP password e.g Expertflow464

20

ARCHIVAL_JOB_INTERVAL

It is a duration that tells the service to trigger again. This value is in hours. For example, if set 24 the service would be triggered after 24 hrs to get the desired job done.

21

STEAM_DELETION_JOB_INTERVAL_HRS

Time in hours before which all the stream is to be deleted. e.g 24

22

RETRY_LIMIT

limit to retry in case the connection fails. e.g 2

23

ARCHIVAL_PROCESS_NODE

active

24

NO_OF_DEL_DAYS

No of days before which all the streams will be deleted. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be deleted. 

25

CUCM_APPLICATION_USER_NAME

CUCM User's username that has been created in step 3.

26

CUCM_APPLICATION_USER_PASSWORD

Password for the CUCM Application User.

27

CUCM_IP

IP address where CUCM has been Deployed

Below are the Env variables for UCCX. If CISCO_TYPE = UCCX

Name

Description

1

CCX_PRIMARY_IP

Primary UCCX IP address. e.g 192.168.1.33

2

CCX_SECONDARY_IP

Secondary UCCX IP e.g 192.168.1.33

3

CCX_ADMIN_USERNAME

CCX Admin username

4

CCX_ADMIN_PASSWORD

CCX Admin password

Below are the ENV varialbles for UCCE. If CISCO_TYPE is UCCE

Name

Description

1

UCCE_IP

UCCE IP

2

UCCE_DATABASE

UCCE awdb database name

3

UCCE_USERNAME

UCCE awdb database user’s username

4

UCCE_PASSWORD

UCCE awdb database user’s password

  1. Continue Updating the config.env for the Database environment variables

Name

Description

1

DB_DRIVER

Driver on which database is running i.e postgres or mysql drive

2

DB_ENGINE

Engine on which database is running i.e postgres or mysql

3

DB_HOST

Name or ip of the host on which database is active

4

DB_NAME

Name of the database

5

DB_USER

Username for database

6

DB_PASSWORD

Password for the database

7

DB_PORT

Port of the Database

  1. Update the keycloak variables

Names

1

KEYCLOAK_REALM_NAME

Realm name from keycloak

2

KEYCLOAK_CLIENT_ID

KeyCloak client id from keycloak

3

KEYCLOAK_CLIENT_SECRET

Add the client secret from keycloak

4

KEYCLOAK_PERMISSION_GROUP

AGENT_GROUP

5

KEYCLOAK_URL

FQDN of CX

6

EFCX_FQDN

FQDN of CX

8

VRS_URL

Url of VRS machine

9

LOCAL_MACHINE_IP

IP of the local machine

  1. Navigate to HA directory inside recording-solution directory.

  2. Open keep.env file and set values to environment variables

  3. Code Block
    KEEPALIVED_UNICAST_PEERS=192.168.1.126  (IP address of the Second VRS)
    KEEPALIVED_VIRTUAL_IPS=192.168.1.245    (Assign any IP-Address which not in use)
    KEEPALIVED_PRIORITY=100                 (Assign 100 for priority 1 and 90 for priority 2)            

On the terminal run command ip addr and find your network interface card and assign the value. Add the network interface card value keep.env.

  1. Code Block
    KEEPALIVED_INTERFACE=ens160      (Find you interface card. ens160 or ens 192 or anyother)
  2. Now run this script type ./keep-alive.sh

  3. Change the recording path and other variables as per your configuration.

Open docker-compose-cisco in docker/docker-compose-cisco

  1. Open recoding-solution/docker/docker-compose-cisco

  2. Uncomment the Consul Container and save the changes

  • Archival Container add the volumes

Code Block
volumes:
      - /var/vrs/recordings/cucmRecording/streams/:/var/vrs/recordings/cucmRecording/streams/
      - /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/
  • In Apis/Backend Container add the volumes and database configuration

Code Block
volumes:
      - /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/
  • In Mixer Container add the volumes and database configuration

Code Block
volumes:
      - /var/vrs/recordings/cucmRecording/streams/:/var/vrs/recordings/cucmRecording/streams/
      - /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/
  1. Open the freeswitch script record.lua located in the /usr/share/freeswitch/scripts and add the following recording path:

Code Block
recording_dir = "/var/vrs/recordings/cucmRecording/streams/"
mixedRecordingDir = "/var/vrs/recordings/cucmRecording/sessions/"
  1. Also change the IP address. Assign you local machine ip address url = "http://<IP-Address>:9900/mixapi",

  2. Give required permission to the nfs directory

Since our VRS interacts with local storage, it reads and writes files on the local storage. Pemission to read and write is thus necessary for the VRS to work.

Assign full permission to the mounted directory for all group, users and others to read, write and execute the mounted directory. It can be done with umask.

  1. Now, run the install script. ./install-cisco.sh

  2. Do the same for the other VRS