high availability asterisk and freepbx on microsoft azure
TRANSCRIPT
HA Asterisk on AzureMagic Azure!
Sanjay|Anthony @astiostech.com
Copyright 2014 © Astiostech Sdn Bhd. For informational purposes only. No warranties of any kind are made and you have to verify all information before relying on it. You can re-use this presentation as long as you read, agree, and follow the guidelines described in the “Comments” field in File/Properties.
Readme
• Microsoft MVP in Enterprise Security
• Over 10 years of experience with Open Source, Microsoft Technology and Security related speaking engagements
• Very focused with over 8 years experience with Asterisk and Nagios
• Built one of the first VaaS in Malaysia using cloud tech
• Built various products and solutions on private labels and OSS
Introduction To Asterisk
• Enterprise PBX functionalities
• Integration with computers
• Relatively large scalability
• Connects to lots and lots of other communication devices
• Human interaction (interactive)
• Customizable for most needs
Introduction To Asterisk
• Become a call center
• Enable IP features (e.g. SIP to cost saving gateways)
• Bridge using IP between remote offices (free calls)
• Voicemail/VMtoEmail services
• Integrate to CRM/Database/Software
Introduction To Asterisk
• Multiparty voice and video conferencing
• Bridge to Skype/Gtalk
• Enable a digital receptionist / directory
• Have a remote office / DR office setup
• Call accounting/auditing/management
• Text to speech
• Connect anywhere, anytime
• Call recording, and many more..
Introduction to Asterisk
Caller ID on Call WaitingCalling CardsConference BridgingDatabase Store / RetrieveDatabase IntegrationDial by NameDirect Inward System AccessDistinctive RingDistributed Universal Number DiscoveryDo Not DisturbE911ENUM
Google TalkH.323IAX™ (Inter-Asterisk eXchange)Jingle/XMPPMGCP (Media Gateway Control ProtocolSCCP (Cisco® Skinny®)SIP (Session Initiation Protocol)SkypeUNIStim
AGI (Asterisk Gateway Interface)RESTFUL APIGraphical Call ManagerOutbound Call SpoolingPredictive DialerTCP/IP Management Interface
TDMoE (Time Division Multiplex over Ethernet)Allows direct connection of Asterisk PBXZero latencyUses commodity Ethernet hardwareVoice-over IPAllows for integration of physically separate installationsUses commonly deployed data connectionsAllows a unified dialplan across multiple offices
AT&T 4ESSEuroISDN PRI and BRILucent 5ESSNational ISDN 1National ISDN 2NFASNortel DMS100Q.SIG
Key ConceptsSanjay W
Asterisk on cloud – Voice as a Service• Features
• Easy deployment• Scalability• Secure by implementation• No voice distortion / quality issues• Can be deployed across multi geo locations• Plug and play for customers/users• Number follows you anywhere you go
• Enablers• Current telcos providing VoIP PSTN in and out• Many hundreds of international bulk voice providers to choose from• Multi route for resilience • Location independent• Low cost of ownership• Extremely high broadband penetration rate • Negligible latency
Asterisk on Azure – Why Azure?
• Designed for Noobs (like me)• Not a MVP for Azure
• Customer satisfaction• No complaints
• Supported with multiple Open Source OS flavors• We personally prefer Debian and Ubuntu
• Has its own HA/LB method (explained later)
• Extremely Fast, Extremely Scalable
• Geographically suitable for Malaysia• Singapore, Hong Kong
Asterisk on Azure – Why Azure?
• Assume from here on, we are on the farther POP, Hong Kong• We deliberately did that for worst-case-scenarios
• Latency is negligible (using SIP with uLaw, no compression, no encapsulation, no encryption)• Singapore was around 40ms-60ms
• Hong Kong was around 70ms-80ms
• ITU-T recommendation latency is 150ms for voice traffic (and 250ms roundtrip)
• Low packet loss rate• Approximately 0.1%
Asterisk on Azure – Why Azure?
• Easy management UX• Adding ports was slow, otherwise, everything else is fast
• Build mobile solutions out from Azure
• Connect to an AD ready Azure• For Authentication, Authorization on Asterisk
• Unification of credentials, integration
• Shared resources like disks can be helpful to share commonly used resources such as static configurations, etc..
• Easy Backup / Restore operations
Our Demo Azure Asterisk HA
• Distributed computing within Azure• Two SIP servers
• One DB server (could also be 2 if we had more time)
• Can also add proxies – But we didn’t have time
• Can also add firewalls – But we didn’t have time• We use pfSense firewall in XML cluster mode for hacker bashing
• Comes with firewalls, IPS/IDS and lots of other networking goodies
• Uses Azure Cloud HA for targeting• Typically we use another method (explained later)
• Uses common and easy HA methods on Linux
Our Demo Azure Asterisk HAAsterisk Master Asterisk Slave
Asterisk Configurator DB
Azure Cloud HA
Public Network
Telco A
Telco B
Alternative Design Azure Asterisk HA
Asterisk Master Asterisk Slave
DB Slave
Azure Cloud HA
Public Network
Telco A
Telco B
DB Master
pfSense 1
pfSense 1
Virtual DMZ
Proxy Kamailio Proxy Kamailio
Our Demo Azure Asterisk HA
Logical Illustration
AZURE CLOUD LAYER TCP PROBE
WHICH ACTIVE SERVER RUNNING TCP 5060
ACTIIVE SERVER CONNECTS TO CONFIG DB
PUBLIC LAYER
WHICH ACTIVE SERVER RUNNING TCP 5060
SIP USER
Components in Demo Azure Asterisk
• Asterisk 1.8 or higher
• FreePBX 2.11 or higher
• MySQL 5
• PHP
• Heartbeat
• DRBD
• Tiny script to monitor safe_asterisk• Azure depends on port TCP5060• Asterisk opens port TCP5060• So, its really good to monitor Asterisk
Setup DetailsAnthony Ho
Steps to build Asterisk HA on Azure
Checklist
• Setup 3 Virtual Machines (VM) in Azure.
• Assigning the VMs with the same cloud service.
• Creating the necessary End points.
• Attaching an Empty Disk on each VM.
• Installation of Astiostech’s Asterisk Business Telephony
• Installation of Astiostech’s High Availability Package.
Steps to build Asterisk HA on Azure
• Setup 3 Azure Ubuntu VM
Steps to build Asterisk HA on Azure
• Use the same Cloud Service on the Second and third VM
Steps to build Asterisk HA on Azure
• Create end points and check “CREATE A LOAD-BALANCED SET” to failover the necessary ports else leave it to run normally.
10 Steps to build Asterisk HA on Azure
• Create an empty disk on two of the Asterisk VMs and attach it once done.
Steps to build Asterisk HA on Azure
• Installation of Astiostech’s Asterisk Business Telephony package.
• MySQL database will be installed into the dedicated MySQL database server.
LINUX OS
* ASTERISKAPACHE MYSQL
FreePBXFOP2 MonAST
ASTIOSTECH BTEL PBX
Steps to build Asterisk HA on Azure
Steps to build Asterisk HA on Azure
Steps to build Asterisk HA on Azure
There are 2 major components in our HA package
1. Heartbeat • Heartbeat is a daemon that
provides cluster infrastructure (communication and membership) services to its clients.
2. DRBD
Steps to build Asterisk HA on Azure
DRBD refers to block devices designed as a building block to form high availability (HA) clusters. This is done by mirroring a whole block device via an assigned network.
DRBD can be understood as network based raid-1.
Demo Overview
SLAVE
heartbeat
Replication
Ext: 1000 Ext: 1001 Anthony s Cell Phone
TM
MASTER(ACTIVE)
astiosmaster.cloudapp.net
Demo calling from Master server
• Ext.1000 Calling Ext.1001
• Outbound Calls –Ext.1000 calling an external number.
• Inbound Calls - An external caller calling in to the Extension 1001.
SLAVE
heartbeat
Replication
Ext: 1000 Ext: 1001 Anthony s Cell Phone
TM
MASTER(ACTIVE)
astiosmaster.cloudapp.net
Demo Failover (Master -> Slave)
Demo calling from Slave server
• Asterisk PBX Fails over to the SLAVE server.
• PBX Phone function will just work like normal.
SLAVE(ACTIVE)
heartbeat
Replication
Ext: 1000 Ext: 1001 Anthony s Cell Phone
TM
MASTER
astiosmaster.cloudapp.net
Failback and quick test
Azure Setup Screens
Field tips and tricks
• Enable Asterisk’s TCP 5060 Ports for Azure Cloud monitoring.• Since Azure monitors HTTP or TCP ports only
• Enable a daemon service [demo] to monitor Asterisk• In case Asterisk goes down, initiate failover/failback
• All other ports should then be “instructed” by the TCP 5060 via Azure, • You might want to enable individual ports for SSH
• But you cannot use the same public facing port twice
Q&A & Thank YouCopyright 2014 © Astiostech Sdn Bhd. For informational purposes only. No warranties of any kind are made and you have to verify all information before relying on it. You can re-use this presentation as long as you read, agree, and follow the guidelines described in the “Comments” field in File/Properties.
Openness is the future of computing..