...
If there is an active firewall, allow the following ports.
Code Block |
---|
443/tcp 444/tcp 8088/tcp 5060/tcp (only for Cisco) 16386-32768/udp (only for Cisco) # Additional port to open in case of High Avaliability (HA) 8500 8300 8301 8302 8303 8600/udp 1433 |
Installation Steps
Please make sure that Solution Prerequisites are met for the desired deployment type.
Download the deployment script
and place it in the user’s home or any desired directory. This script will:View file name deployment.sh delete the recording-solution directory if it exists.
clone the required files for deployment
To execute the script, give it the execute permissions and execute it. This command will clone the skeleton project for the recording solution. the recording-solution directory contains all the required files for deployment.
Code Block language bash $ chmod 755 deployment.sh $ ./deployment.sh
Refer to Section 2 at the end of the guide to proceed with the HA deployment.
Follow step 5 to 8 for deployment with Cisco UCCX or UCCE in non-HA (non- High Availability) mode.
Follow
to install and configure Freeswitch. The recording path should bethis guide /usr/share/freeswitch/cucmRecording
Follow this guide to create an application user on CUCM for jtapi-connector.
Open recording-solution/docker/config.env and update the environment variables given below.
Name | Description | ||
---|---|---|---|
1 | VRS_URL | URL of a local machine. example, https: //192.168.1.101 * | |
2 | LOCAL_MACHINE_IP | Local machine IP since it is a non-HA deployment. example 192.168.1.101 * | |
3 | KC_HOSTNAME | Keycloak hostname where keycloak is hosted. e.g 192.168.1.101* | |
4 | TZ | Time Zone. e.g Asia/Karachi | |
5 | TRUST_STORE_PATH | /app/ssl/truststore.jks. [keep it same] | |
6 | TRUST_STORE_PASSWORD | Password for the trust store. [Expertflow464] | |
7 | FINESSE_URL | https: //uccx12-5p.ucce.ipcc:8445 | |
86 | DIRECTORY_PATH_TO_MONITOR | The path for archival process to monitor, it should be the same path where sessions are kept. e.g /usr/share/freeswitch/cucmRecording/sessions/ | |
97 | ARCHIVED_MEDIA_FILES_EXTENSION | mp4 [keep it same] | |
108 | FILE_EXTENSION | wav [keep it same] | |
119 | NO_OF_DAYS | No of days before which all the files will be archived. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be archived. | |
1210 | SFTP_HOST | SFTP host IP for archival e.g 192.168.1.106 | |
1311 | SFTP_PORT | 22 | |
1412 | SFTP_USERNAME | Username of the SFTP server e.g expertflow | |
1513 | SFTP_PASSWORD | SFTP password e.g Expertflow464 | |
1614 | ARCHIVAL_JOB_INTERVAL | It is a duration that tells the service to trigger again. This value is in hours. For example, if set 24 the service would be triggered after 24 hrs to get the desired job done. | |
1715 | STEAM_DELETION_JOB_INTERVAL_HRS | Time in hours before which all the stream is to be deleted. e.g 24 | |
1816 | RETRY_LIMIT | limit to retry in case the connection fails. e.g 2 | |
1917 | ARCHIVAL_PROCESS_NODE | active | |
2018 | NO_OF_DEL_DAYS | No of days before which all the streams will be deleted. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be deleted. | |
2119 | CISCO_TYPE | Either UCCE or UCCX | |
22 | ACTIVEMQ_BROKER_URL | Connection URL to Consumer as a Broker e.g | |
23 | ACTIVEMQ_URL | Connection URL for ActiveMQ | |
24 | ACTIVEMQ_USER | UserName for the ActiveMQ service i.e admin | |
25 | ACTIVEMQ_PASSWORD | Password for the ActiveMQ service i.e admin | |
26 | 20 | CUCM_APPLICATION_USER_NAME | CUCM User's username that has been created in step 3. |
2721 | CUCM_APPLICATION_USER_PASSWORD | Password for the CUCM Application User. | |
2822 | CUCM_IP | IP address where CUCM has been Deployed | |
2923 | DEPLOYMENT_PROFILE | Profile that we want to use for backend “CISCO” or “EFCX“ |
Below Env variables are only for UCCX.
Name | Description | |
---|---|---|
1 | CCX_PRIMARY_IP | Primary UCCX IP address. e.g 192.168.1.33 |
2 | CCX_SECONDARY_IP | Secondary UCCX IP e.g 192.168.1.33 |
3 | CCX_ADMIN_USERNAME | CCX Admin username |
4 | CCX_ADMIN_PASSWORD | CCX Admin password |
Below Env variables are only for UCCE.
Name | Description | |
---|---|---|
1 | UCCE_IP | UCCE IP |
2 | UCCE_DATABASE | UCCE awdb database name |
3 | UCCE_USERNAME | UCCE awdb database user’s username |
4 | UCCE_PASSWORD | UCCE awdb database user’s password |
Navigate to the recording solution directory and execute the following commands:
Code Block chmod 755 install-cisco.sh chmod 755 install-efcx.sh #for UCCX and UCCE run ./install-cisco.sh
Verify all the containers are up and healthy
Verify if the keycloak container is healthy (docker ps), if it is on restarting, kill (docker kill keycloak) and remove (docker rm keycloak) the keycloak container then run ./install.sh. Wait for keycloak container to become healthy.
Set upu p keycloakOnce keycloak is set up for Cisco and for EFCX it is already setup, add the below environment variables accordingly in the
recording-solution/docker/config.env
file.
Names | For EFCX | For Cisco | |
---|---|---|---|
1 | KEYCLOAK_REALM_NAME | Realm name from EFCX keycloak | Realm name created in step 4 of keycloak setup |
2 | KEYCLOAK_CLIENT_ID | KeyCloak client id from EFCX keycloak | Keycloak client id from step 6 of keycloak setup |
3 | KEYCLOAK_CLIENT_SECRET | Add the client secret from EFCX keycloak | keycloak client secret from step 8 of keycloak setup |
4 | KEYCLOAK_PERMISSION_GROUP | AGENT_GROUP | AGENT_GROUP |
5 | KEYCLOAK_URL | Url FQDN of Keycloak for EFCXCX | - |
6 | EFCX_FQDN (Only for EFCX) | URL FQDN of the EFCXCX | - |
7 | DEPLOYMENT_PROFILE | “EFCX“ | “CISCO” |
...
8 | VRS_URL | Url of VRS machine with port 444. IP/Url:444 | Url of VRS machine with port 443 |
9 | LOCAL_MACHINE_IP | IP of the local machine with port 444 | IP of the local machine with port 444 |
Update the Database environment variables in config.env (Only for EFCX) these .These variables are builtin in case of UCCE or UCCX
Name | Description | |
---|---|---|
1 | DB_DRIVER | Driver on which database is running i.e postgres or mysql drive |
2 | DB_ENGINE | Engine on which database is running i.e postgres or mysql |
3 | DB_HOST | Name or ip of the host on which database is active |
4 | DB_NAME | Name of the database (fetch from config.conf on this path /etc/fusionpbx/) |
5 | DB_USER | Username for database (fetch from config.conf on this path /etc/fusionpbx/) |
6 | DB_PASSWORD | Password for the database (fetch from config.conf on this path /etc/fusionpbx/) |
To update the self-signed certificates for VRS, get the public authority or domain signed certificate .crt and .key files, name them server.crt and server.key, and replace the files in /recording-solution/config/certificates with these two new files. Names should be the same.
Run ./install-efcx.sh for EFCX Or run ./install-cisco.sh for Cisco UCCX and UCCE.
Run the following command to ensure all the components are running.
Code Block # docker ps
Go to https In case of Cisco go to https : //VRS-IP/#/login to access the application, whereas for EFCX go to https://VRS-IP:444/#/login.
Configure the SIP trunk to enable CUCM to send SIP events to VRS for call recordings. Two sip trunks should be configured in case of HA. (Not for EFCX)
Section 2
*Nginx service is running on port 443 in case of UCCX or UCCE, and for EFCX it is running on port 444.Deployment for HA:
Requirements
NFS Server
Database with SqlServer
Two SIP Trunk (HA Mode)
Two VRS on separate VMs
EFCX Server
Docker and Docker compose
Git
Follow these steps:
Ask IPCC team for the creation of NFS server.
Mounting point of NFS on both VRS VMs is /var/vrs/recordings.
Grant full permission to this directory and any files or subdirectories created within it.
Ask the IPCC team for the configuration of HA Sip trunk and set priorities to both VRS.
Ask the IPCC team for the creation of Database (sqlserver). And add sqlcmd to the path.
Navigate to data/scripts/ inside recording-solution directory.
Run pwd command and copy the path of sqlserver.sql script
Run the following command with correct credentials. It will initialize the database.
sqlcmd -S localhost -U sa -P <your_password> -d <database_name> -i /path/to/sqlserver.sql
Follow this guide to create an application user on CUCM for jtapi-connector.
Open
recoding-solution/docker/config.env
and set the environment variables.
Name | Description | |
---|---|---|
1 | VRS_URL | IP Address of Server at which solution is being deployed, https: //192.168.1.101 * |
2 | LOCAL_MACHINE_IP | Same IP Address as given in VRS_URL. example 192.168.1.101 * |
3 | KC_HOSTNAME | Keycloak hostname where keycloak is hosted. e.g 192.168.1.101, give FQDN in case of EFCX Keycloak |
4 | TZ | Time Zone. e.g Asia/Karachi |
5 | DEPLOYMENT_PROFILE | “CISCO“ as HA is only available for Cisco CC |
6 | PEER_ADDRESS | Address of the second VM wehre VRS is deployed |
7 | HA_MODE | Keep it true. As we are deploying high avaliability |
8 | SCREEN_RECORDING | Keep it true if you want to enable screen recording, otherwise false it |
9 | KEYCLOAK_URL | FQDN of EFCX Server |
10 | CISCO_TYPE | Either UCCE or UCCX |
11 | FINESSE_URL | https: //uccx12-5p.ucce.ipcc:8445 |
12 | DIRECTORY_PATH_TO_MONITOR | The path for archival process to monitor, it should be the same path where sessions are kept. e.g /var/vrs/recodings/cucmRecording/sessions/ |
13 | ARCHIVED_MEDIA_FILES_EXTENSION | mp4 [keep it same] |
14 | FILE_EXTENSION | wav [keep it same] |
15 | NO_OF_DAYS | No of days before which all the files will be archived. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be archived. |
16 | SFTP_HOST | SFTP host IP for archival e.g 192.168.1.106 |
17 | SFTP_PORT | 22 |
18 | SFTP_USERNAME | Username of the SFTP server e.g expertflow |
19 | SFTP_PASSWORD | SFTP password e.g Expertflow464 |
20 | ARCHIVAL_JOB_INTERVAL | It is a duration that tells the service to trigger again. This value is in hours. For example, if set 24 the service would be triggered after 24 hrs to get the desired job done. |
21 | STEAM_DELETION_JOB_INTERVAL_HRS | Time in hours before which all the stream is to be deleted. e.g 24 |
22 | RETRY_LIMIT | limit to retry in case the connection fails. e.g 2 |
23 | ARCHIVAL_PROCESS_NODE | active |
24 | NO_OF_DEL_DAYS | No of days before which all the streams will be deleted. If set 2, then except for last 2 days from the date and time of service started or triggered all the files will be deleted. |
25 | CUCM_APPLICATION_USER_NAME | CUCM User's username that has been created in step 3. |
26 | CUCM_APPLICATION_USER_PASSWORD | Password for the CUCM Application User. |
27 | CUCM_IP | IP address where CUCM has been Deployed |
Below are the Env variables for UCCX. If CISCO_TYPE = UCCX
Name | Description | |
---|---|---|
1 | CCX_PRIMARY_IP | Primary UCCX IP address. e.g 192.168.1.33 |
2 | CCX_SECONDARY_IP | Secondary UCCX IP e.g 192.168.1.33 |
3 | CCX_ADMIN_USERNAME | CCX Admin username |
4 | CCX_ADMIN_PASSWORD | CCX Admin password |
Below are the ENV varialbles for UCCE. If CISCO_TYPE is UCCE
Name | Description | |
---|---|---|
1 | UCCE_IP | UCCE IP |
2 | UCCE_DATABASE | UCCE awdb database name |
3 | UCCE_USERNAME | UCCE awdb database user’s username |
4 | UCCE_PASSWORD | UCCE awdb database user’s password |
Continue Updating the config.env for the Database environment variables
Name | Description | |
---|---|---|
1 | DB_DRIVER | Driver on which database is running i.e postgres or mysql drive |
2 | DB_ENGINE | Engine on which database is running i.e postgres or mysql |
3 | DB_HOST | Name or ip of the host on which database is active |
4 | DB_NAME | Name of the database |
5 | DB_USER | Username for database |
6 | DB_PASSWORD | Password for the database |
7 | DB_PORT | Port of the Database |
Update the keycloak variables
Names | ||
---|---|---|
1 | KEYCLOAK_REALM_NAME | Realm name from keycloak |
2 | KEYCLOAK_CLIENT_ID | KeyCloak client id from keycloak |
3 | KEYCLOAK_CLIENT_SECRET | Add the client secret from keycloak |
4 | KEYCLOAK_PERMISSION_GROUP | AGENT_GROUP |
5 | KEYCLOAK_URL | FQDN of CX |
6 | EFCX_FQDN | FQDN of CX |
8 | VRS_URL | Url of VRS machine |
9 | LOCAL_MACHINE_IP | IP of the local machine |
Navigate to HA directory inside recording-solution directory.
Open keep.env file and set values to environment variables
Code Block KEEPALIVED_UNICAST_PEERS=192.168.1.126 (IP address of the Second VRS) KEEPALIVED_VIRTUAL_IPS=192.168.1.245 (Assign any IP-Address which not in use) KEEPALIVED_PRIORITY=100 (Assign 100 for priority 1 and 90 for priority 2)
On the terminal run command ip addr
and find your network interface card and assign the value. Add the network interface card value keep.env.
Code Block KEEPALIVED_INTERFACE=ens160 (Find you interface card. ens160 or ens 192 or anyother)
Now run this script type ./keep-alive.sh
Change the recording path and other variables as per your configuration.
Open docker-compose-cisco in docker/docker-compose-cisco
Open
recoding-solution/docker/docker-compose-cisco
Uncomment the Consul Container and save the changes
Archival Container add the volumes
Code Block |
---|
volumes:
- /var/vrs/recordings/cucmRecording/streams/:/var/vrs/recordings/cucmRecording/streams/
- /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/ |
In Apis/Backend Container add the volumes and database configuration
Code Block |
---|
volumes:
- /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/ |
In Mixer Container add the volumes and database configuration
Code Block |
---|
volumes:
- /var/vrs/recordings/cucmRecording/streams/:/var/vrs/recordings/cucmRecording/streams/
- /var/vrs/recordings/cucmRecording/sessions/:/var/vrs/recordings/cucmRecording/sessions/ |
Open the freeswitch script record.lua located in the
/usr/share/freeswitch/scripts
and add the following recording path:
Code Block |
---|
recording_dir = "/var/vrs/recordings/cucmRecording/streams/"
mixedRecordingDir = "/var/vrs/recordings/cucmRecording/sessions/" |
Also change the IP address. Assign you local machine ip address
url = "http://<IP-Address>:9900/mixapi",
Give required permission to the nfs directory
Since our VRS interacts with local storage, it reads and writes files on the local storage. Pemission to read and write is thus necessary for the VRS to work.
Assign full permission to the mounted directory for all group, users and others to read, write and execute the mounted directory. It can be done with umask.
Now, run the install script. ./install-cisco.sh
Do the same for the other VRS