Versions Compared

Old Version 16

changes.mady.by.user Fran Vicente

Saved on

compared with

New Version Current

changes.mady.by.user Albert Boada

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of contents

Table of Contents

1. Introduction

The OpenGate Containers is the module responsible for managing module allows you to manage VoIP connections in an OpenGate environment, as well as the configuration of to configure extensions, trunks, etc. This guide explains how to perform a quick installation. Please refer to the Presence installation guide Installation Guides for more information about the different modules and architectures.

This documentation is updated for OpenGate Containers release-03.

2. Installation

2.1. Prerequisites

To complete a successful installation and ensure a proper operation as described in this guide, the following must be met:

  • Have a “host” machine with a recent version of Docker Engine and Docker Compose installed.

  • The “host” machine must have the network properly configured according to the network architecture.

    • In case of a Master node configured with a SIP Registrar, at least two IPs are required.

  • The “host” machine should not execute other services which may clash with the ports used in your services.

    • Exception: The Master node should have an MTA installed, such as “postfix” to send voicemail emails from mailboxes.

    • When a “SMTP relay" server is being usedrequired, it must be configured as detailed in this Configuring email relay for voicemails .

  • The “host” machine must not limit the connection to your services through a firewall.

For a Refer to the following quick guide see: Rocky Linux 9 (or Red Hat 9) quick installation with Docker

2.2. General installation process

There are different types of environments which require different services to be started (Master, Node, WebRTC, and combinations of these), and therefore a help script is provided that automates the following steps: Creating the docker-compose.yml and .env files, creating the secrets, connecting to the registry and pulling the images. This script can be launched directly using the following command:

...

If you run this command on a previous existing environment it will ask , you will be prompted to proceed before replacing the docker-compose.yml and .env files, and will create a backup . A backup copy of these files (ending in .bak) will be created, so you can review them if you choose to overwrite. This could be useful if you want to convert a previous installation (e.g. a master to masterwebrtc).

2.3. Additional technical information

See the Refer to this document: Additional technical OpenGate Containers information

3. Installing a sample Master + Node + WebRTC

3.1. Installing the OpenGate Master

...

Run the install command, specifying the master option.

Code Block
bash -c "$(curl -s ftps://OpenGate_Update:Op3nG3t3@ftp.emea.enghouseinteractive.com/install.sh )" master

After executing the this command, it will automatically connect connection to the registry will be automatically established and pull the images will be pulled.

...

When done, the following screen will prompt you to configure the environments in the.env file, and will also show the instructions to create secrets. Something like this:

Code Block
languagenone
Please edit .env file with the appropriate values. Current .env contents:
TZ=Europe/Madrid
SSH_USERNAME=opengate
DATA_BINDADDR=10.X.X.X
VOICE_BINDADDR=10.X.X.X
SIP_REGISTRAR_IP=10.X.X.X
# DB_NAME MUST be opengate (hardcoded at OpenGate Proxy)
DB_NAME=opengate
DB_USER=opengaterw
RECORDING_SHARE=//X.X.X.X/recording
RECORDING_SHARE_USER=Administrator
RECORDING_SHARE_PASSWORD=PASSWORD
RECORDING_MOUNT_POINT=/recordings
# set to true to restore from a backup
RESTORE_MODE=false

Generate the secrets using the following commands and instructions:
 - DB password: echo "MYPASSWORD" > secrets/db_password.txt
 - SSH Key: ssh-keygen -N "" -f secrets/ssh_key
 - TLS certificates (generate self-signed): openssl req -x509 -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650
    or copy your own to the apropriate files:
      cat key.pem cert.pem > secrets/asterisk.pem

When done, start the environment by executing:  docker compose up -d

Edit the .env file using your preferred editor, and configure at least the following lines:

  • DATA_BINDADDR: define Set the IP address of the data network.

  • VOICE_BINDADDR: define Set the IP address of the voice network. If you do not setup set up voice/data separation, use the same as before.

  • SIP_REGISTRAR_IP: define Set the IP address of the SIP Registrar. It This cannot be one of the previous onesIPs. Make sure to configure two IP addresses in the Host host operating system.

  • RECORDING_SHARE, RECORDING_SHARE_USER y RECORDING_SHARE_PASSWORD: define Set the parameters for the shared recordings folder.

Filenames starting with a dot (like such as .env) are hidden in Linux, if . If you connect using any a graphical interface, please make sure to enable the option to show those files.

image-20240927-130201.png

And Next, execute the steps to create the secrets:

  • Replace MYPASSWORD with the password you want:

    Code Block
    echo "MYPASSWORD" > secrets/db_password.txt

    (warning)This password and the value of the DB_USER variable (opengaterw, by default) must match what is configured the configuration set up in the Presence OpenGate Proxy Server configurationConfiguration program.

  • Generate the SSH keys:

    Code Block
    ssh-keygen  -N "" -f secrets/ssh_key
    image-20240926-101049.png

  • Generate self-signed certificates if you don't do not have your own (if you have one, place it in secrets/asterisk.pem):

    Code Block
    openssl req -x509 -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650
    image-20240926-101145.png

    • And Then, concatenate the two resulting files into a single one at the corresponding path:

      Code Block
      cat key.pem cert.pem > secrets/asterisk.pem

...

Info

If you want to migrate an environment from a previous OpenGate version, follow the restore process described downbelow.

...

3.2. Installing the OpenGate Node

...

Run the install command, specifying the node option.

Code Block
bash -c "$(curl -s ftps://OpenGate_Update:Op3nG3t3@ftp.emea.enghouseinteractive.com/install.sh )" node

After executing the this command, it will automatically connect connection to the registry will be automatically established and pull the images will be pulled.

When done, a screen will prompt you to configure the environments in the.env file, and will also show the instructions to create secrets.

Edit the .env file using your preferred editor, and configure at least the following lines:

  • DATA_BINDADDR: define Set the IP address of the data network.

  • VOICE_BINDADDR: define Set the IP address of the voice network. If you do not setup set up voice/data separation, use the same as before.

  • RECORDING_SHARE, RECORDING_SHARE_USER y RECORDING_SHARE_PASSWORD: define Set the parameters for the shared recordings folder.

And Next, execute the steps to create the secrets:

  • Copy the SSH public key you generated on the Master . Either manually with server. You can do this either by manually using a graphical SFTP/SCP client or by executing the following command on the node:

    Code Block
    scp opengate@MASTERIP:secrets/ssh_key.pub secrets/ssh_key.pub

    Where opengate is the user you configured on the operating system of the Master server, and MASTERIP is its IP address. You will need to correctly enter the password for the opengate user of the Master machine when prompted.

    image-20240926-100755.png

  • Generate self-signed certificates if you don't do not have your own (if you have one, place it in secrets/asterisk.pem):

    Code Block
    openssl req -x509 -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650

    • And Then, concatenate the two resulting files into a single one at the corresponding path:

      Code Block
      cat key.pem cert.pem > secrets/asterisk.pem

...

Finally, start with the command below:

Code Block
docker compose up -d

3.3. Installing the OpenGate WebRTC Gateway

...

Run the install command, specifying the webrtc option.

Code Block
bash -c "$(curl -s ftps://OpenGate_Update:Op3nG3t3@ftp.emea.enghouseinteractive.com/install.sh )" webrtc

After executing the this command, it will automatically connect connection to the registry will be automatically established and pull the images will be pulled.

When done, a screen will prompt you to configure the environments in the.env file, and will also show the instructions to create secrets.

Edit the .env file using your preferred editor, and configure at least the following lines:

  • WSS_BINDADDR: define Set the IP address of the DMZ network (if you don’t have DMZ/Private network separation, enter the Private network IP).

  • WSS_EXTERNAL_IP: define Set the public external IP address of the system.

And Next, execute the steps to create the secrets:

  • Copy the SSH public key you generated on the Master . Either manually with server. You can do this either by manually using a graphical SFTP/SCP client or by executing the following command on the node:

    Code Block
    scp opengate@MASTERIP:secrets/ssh_key.pub secrets/ssh_key.pub

    Where opengate is the user you configured on the operating system of the Master server, and MASTERIP is its IP address. You will need to correctly enter the password for the opengate user of the Master machine when prompted.

  • Generate self-signed certificates if you don't do not have your own (if you have one, place it in secrets/freeswitch.pem):

    Code Block
    openssl req -x509 -nodes -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650

    • And Then, concatenate the two resulting files into a single one at the corresponding path:

      Code Block
      cat key.pem cert.pem > secrets/freeswitch.pem

Finally, start with the command below:

Code Block
docker compose up -d

4. Update

  1. Edit the docker-compose.yml file and check tags from all images.

    1. Tags pointing to :latest will automatically download the latest version.

    2. Alternatively, indicate a specific release (example: release-01). Check Please, check https://enghouseglobal.atlassian.net/wiki/spaces/PSRN.

  2. Run the following commands to update and start the environment again:

    Code Block
    docker compose pull
docker compose up -d

  3. The above commands will cause that containers with changes (and also depending containers) to restart.

...

Once the environment is up and running, old images can be cleared using docker image prune.

5. Restoring from backup

Info

This restore process may be used for backup copies of versions 11.0 to 13.0 in order to migrate an environment previously installed from the old softappliance with CentOS 7.

Make sure you have deployed the same number of Nodes and WebRTC gateways as in the environment that you have generated the backup.

  1. Edit the .env file in the Master node to set the variable RESTORE_MODE=true.

  2. Stop Presence OpenGate Proxy Server and any other applications that may be using the database. Apply the changes using the following command: docker compose up -d.

  3. Wait for the environment to get started again. Then, access the Master node IP from a web browser.

    image-20240925-162600.png

    1. Load the backup copy and follow the steps.

    2. If the restore process is performed using a backup copy generated with another database user (e.g., for 12.3 or 13.0 updates), you may expect many changes related to permissions in the above first step.

      image-20240925-163326.png

  4. When all the steps are completed, edit the .env file in the Master node. Set the variable RESTORE_MODE=false and apply using the following command: docker compose up -d.

6. IMPORTANT

Certain technical details are important to keep in mind:

  • You MUST NOT change the database username once the environment has been started for the first time. The PostgreSQL official container creates the database for the user specified in the first boot. If you subsequently change that user, the database will not start successfully.

  • Docker compose does not update the configuration of CIFS volumes (such as the recordings volume of Presence Recording). If you wish to modify this configuration once the volume has been created, you must first stop the environment, then delete the volume using the following command: docker compose down; docker volume rm VOLUME_NAME, and start the environment with docker compose up -d.

  • If you make a change that results in the creation of a new container (e.g. a change to the image, one environment variable or volume), then the previous trace logs will be lost.

    • Make a backup if you deem it necessary. For example, a backup of the last 48 hours: docker compose logs -t --since 48h | gzip -c > 48hlogs.gz.

  • In case of a core dump in a service that is running in a container, the kernel configuration of the host machine is inherited, which means that this configuration will be saved in the host as specified. For Rocky Linux 9, these are stored in /var/lib/systemd/coredumps.

6.1. Directory of recordings

Because of the change made to set absolute paths, it is important to update the configuration of Presence Recording Server so that the new absolute paths will be used as shown below:

...

This Note that the /recordings part of the path must match the RECORDING_MOUNT_POINT=/recordings variable. If you change it this to other another value, then the path configured in the Recording Server must be alignedmodified accordingly.