1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. If you had a PIAF Forum account in the vBulletin days, log in with your old credentials. Otherwise, sign up again and we'll get you back in business as soon as we can.
  3. A serious FreePBX vulnerability has been reported. Update your Framework Module immediately. Click here for details.
  4. Critical FreePBX vulnerability! Update your server immediately. Details here.

PIAF2 OpenVZ Template Ready

Discussion in 'Add-On Install Instructions' started by wardmundy, Feb 6, 2012.

  1. wardmundy Nerd Uno

    I am delighted to report that, thanks to the Incredible Efforts™ of Darrell Dillman, we now have a shiny, new 1.21GB OpenVZ template for PBX in a Flash 2.0.6.2. It's a 64-bit implementation with Asterisk 1.8.8, FreePBX 2.9, and Google Voice.

    Installers for Incredible PBX 3, Incredible Fax 2, and Cepstral TTS with Allison are available as well. Just type help-pbx for the commands. The OpenVZ template is available for download from SourceForge now!

    WE NEED SOME PIONEERS TO GIVE THIS A GOOD WORKOUT with the usual caveats pertaining to new, untested software. Please report your results in this thread.

    [IMG]


    Installation of the PIAF2 OpenVZ Template

    1. Download the tarball from SourceForge.

    2. Copy it into /var/lib/vz/template/cache on your Proxmox 1.8 server.


    Creating and Running a PIAF2 OpenVZ Virtual Machine

    1. From the Proxmox Web GUI, choose Virtual Machines, Create

    2. Choose the new 2.0.6.2.5 template and fill in the blanks using your server's setup. Here's a sample template from ours. Be sure to use Bridged Ethernet for the Network Type! We recommend 1024 for the RAM entries. Click Create when you are finished.

    [IMG]


    3. It takes about a minute or two for your server to build the virtual machine image. This is a one-time event.

    4. Once the virtual machine has been created, click Start and then wait a full minute before accessing your virtual machine.

    5. Click Open VNC console to access your new machine. After the Status screen appears, write down the IP address of your server and save it in the Notes field for your VM.

    Before you do anything else, run passwd-master and set a default password for FreePBX and the other web utilities.

    NOTE: We recommend you use SSH for future access to your VM since VNC does not support scrolling.

    6. Using a web browser, access your new server at the IP address you wrote down above. Click Users to toggle to Admin mode and run FreePBX by clicking on its icon.

    7. For a quick and dirty test, in FreePBX do the following:

    a. Enter your Email Address in General Settings.
    b. Enter your passwd-master Password in CID Superfecta, Default.
    c. Set up a Google Voice account in Google Voice.
    d. Create an extension with a secure password in Extensions.
    f. Create an incoming route for your Google Voice calls in Inbound Routes. Enter your 10-digit Google Voice number as the DID Number. Enter your Extension in Set Destination to route incoming calls to your new extension.
    g. Click Apply Configuration Changes and Continue with Reload.

    8. VERY IMPORTANT! Restart Asterisk from the Linux CLI by typing: amportal restart. If you skip this step, Google Voice will not work!

    9. Install a softphone using the credentials for the extension you created above.

    10. Make an outbound call. Make a call from another phone to the Google Voice number used in your setup above.

    ALWAYS RUN PROXMOX BEHIND A SECURE HARDWARE-BASED FIREWALL WITH NO PROXMOX OR VM EXPOSURE TO THE INTERNET. PORT MAPPINGS ARE NOT REQUIRED TO MAKE OR RECEIVE CALLS!
  2. The Deacon Guru

    Quick & dirty test works on both Proxmox 1.8 and Proxmox 2.0 beta.

    Will continue to test doing an Incredible PBX 3.0 install and Incredible Fax 2.0 install again, on both platforms.

    -Rick
  3. w1ve Guru

    Up and running at ChicagoVPS...

    Thanks to the gang at ChicagoVPS,they already have the new version up and available... testing as I write this.

    [IMG]
  4. The Deacon Guru

    iPBX 3 works great on Proxmox 1.8 and Proxmox 2.0 beta.

    The only issue I was able to replicate on both systems was that when I did an install-cepstral, and configured extensions_custom.conf to use Swift (instead of Flite), Allison's voice doesn't play for the prompts, but she will read the weather back to me if I wait long enough. I did see this message a couple of times (when I expected Allison to speak the prompts):

    Code:
    Failed to load library libceplang_en.so due to: libceplang_en.so: cannot open shared object file: No such file or directory
    Failed to load library libceplex_us.so due to: libceplex_us.so: cannot open shared object file: No such file or directory
    Failed to load language / lexical libraries for Allison-8kHz
    Failed to load library libceplang_en.so due to: libceplang_en.so: cannot open shared object file: No such file or directory
    Failed to load library libceplex_us.so due to: libceplex_us.so: cannot open shared object file: No such file or directory
    Failed to load language / lexical libraries for Allison-8kHz
    Failed to load library libceplang_en.so due to: libceplang_en.so: cannot open shared object file: No such file or directory
    Failed to load library libceplex_us.so due to: libceplex_us.so: cannot open shared object file: No such file or directory
    Failed to load language / lexical libraries for Allison-8kHz
    Now on to Incredible Fax 2.0...

    -Rick
  5. The Deacon Guru

    OK - Looks like Incredible PBX 3.0 and Incredible Fax 2.0 work swimmingly on both Proxmox 1.8 and Proxmox 2.0 beta, but I did see the following error when installing Incredible Fax 2.0 during the iptables lock down of my subnet:


    Code:
    Now detecting ip addresses and adapters...
    Do you want to allow access from the 192.168.1. network?
    Press Y for yes or any other key to continue
    FATAL: Could not load /lib/modules/2.6.32-6-pve/modules.dep: No such file or directory
    iptables: Saving firewall rules to /etc/sysconfig/iptables:[  OK  ]
    iptables: Flushing firewall rules:                         [  OK  ]
    iptables: Setting chains to policy ACCEPT: mangle filter   [  OK  ]
    iptables: Unloading modules:                               [  OK  ]
    iptables: Applying firewall rules: FATAL: Could not load /lib/modules/2.6.32-6-pve/modules.dep: No such file or directory
  6. wardmundy Nerd Uno

  7. After reading Tom jump all over a noob for using openVZ (http://pbxinaflash.com/forum/showpost.php?p=78833&postcount=5) instead of KVM, I am wondering what the advantage is to using openVZ? I'm actually leaning towards that, and have been running it on Proxmox 2.0rc1 for a few days. Before I migrate my existing system to it, I'm wondering exactly what I'll be missing without dahdi? Exactly what components of Asterisk need the timing modules?

    Since, as Tom suggests in the other thread, I can't answer why I need openVZ, the I guess I should be using KVM.
  8. rossiv Guru

    Correct - If you *can* run KVM, by all means use it. KVM makes it worlds easier to manage the VMs. Instead of only having SSH access, you have access to the console of the server as if you were sitting at it which enables the installation of Skype and other graphics-based programs. It just in general is the better way to go if your hardware supports it. A lot of people use openVZ because their hardware won't support KVM (processor) so they are forced to use VZ.
  9. darmock PIAF Developer

    Hey so I get grumpy grrrrrrrr

    Actually it was more of understand why you do things prior to doing them and actually read the instructions. Obviously he did not read the instructions carefully as both of his issues were mentioned in Wards article. grrrr

    Never underestimate the attention span of humans.....

    So I get peeved when people dont actually read the directions one of my major flaws that I am working on.....


    On other subjects

    There is a place for it. Ward and couple of the other devs use it for very rapid development and you can spin a new machine up in under a minute. Dahdi! Who can say why you need it! Unless you need a timing source then it becomes very handy. Iptables in the host well .... I do run it on my prox (1.8) in on the host side but I only run KVM containers. Course my Prox is not exposed to the outside world at all.

    also openvz containers are thrifty on the use of memory much more so than the KVM containers. Course I run my prox on a quad core xeon with 32g ram so I dont suffer too much although I do run my fax server with 4 gb ram....... in a kvm container.


    Now that I tamed the centos 6.2 kernel for the most part and it works for the most part I like to use it. On the systems I have switched over the Centos 6.2 nary a one has gone down since the switch....

    That is not to denigrate the prox OS it chugs along with no problems and has a uptime of over a year.....

    So I hope I have confused you!

    Prox and openvz containers are an aberration to me although not all of the other devs feel that way. I come from vmware workstation and the KVM containers are not at all different. I also have a Xen server running in the lab thanks to Rent PBX which I use in development. I suppose if this was a commercial project and there were $$$ we could devote more time to it (and interest at least mine)


    Tom

    (I will try not to snarl as much when people dont read the directions) :reddevil:
  10. I too don't like when people neglect to read...as soon as I read the OP my reaction was "It said right in Ward's article that you can't do that".

    Anyway, I'm thinking of openvz precisely because of the thriftiness. I had the opvenvz piaf up in no time flat with incrediblepbx and incrediblefax. The KVM version of piaf was still compiling and using 102% of my cpu resources when I left work.

    My current piaf system is running on an old PII system with 512K. It is purple, so yes, I have memory issues with it and have to restart every night. I'm looking to move it to VM to finally get rid of that server. I also have other infrastructure PCs I want to move to Proxmox.

    I guess I'll run the openvz system for a while to see if there are any problems with the way I use it and only switch to KVM if I have to. I'm VoIP only (no PSTN sync issues), and don't think I use any functionality needing dahdi (what's the old adage...if you don't know what it is, you don't use it?)
  11. tbrummell Guru

    Paging and, I believe, conferencing use the dummy timing source. Someone please correct me if I'm wrong, but this is the reason I left Chicago VPS.
  12. Hyksos Guru

    Ever since I first saw openVZ discussed in posts and compared to KVM I'm having this internal positionning dilema.

    How I see it is that it depends on what you do and where you what to put your energy. Of course openVZ are used and some people make it fly with near perfection. My angle is standardization...

    Who uses it, doing what, is it fully documented, is it use by other non-experts who will likely discuss their issues, what's the size of the userbase?

    It's one of those "issues" (in quotes because it's a non-issue) with projects like piaf. The dev team is so knowledgeable that even if the advertised goal is to make it work for non-expert to spread open telephony, they produce an unsurmountable amount of diversity and choice in implementations! This is the "non-issue".

    It's a double edge sword, non-expert read Ward article and they see openVZ as an "official" way to implement piaf and see it on par with hardware and KVM (if they know the difference).

    While we know if you try those things for real in a diverse ecosystem of needs OR if you read the forums a lot that openVZ is a marginal implementation scenario. NOT a mainstream one.

    A big problem or bug with your hardware or KVM install? Almost the entire active userbase, noobs or experts will be potential partners since they share your install.

    With openVZ, you'll search harder for people sharing your scenario and you'll receive answers like "use KVM", "I can't help I don't run openVZ" "why do you openVZ" "our installs are so customized we can't easily help"(like rentpbx with xen), etc.

    There is NO problem with those answers, it's just that most though openVZ was on a leveled ground with hardware and KVM and though they would be running mainstream stuff where knowledge from the forum and others experiences could apply to them... Nah!

    you say openVZ is fast to install, yeah but you're faced with an issue down the road, remember that you'll be in the corner with less people sharing your setup, you will have a lot of help like the above quotes. A small subset of users share their notes, experience and are willing to help. If you paint yourself in the corner with 2% of the userbase the subset of those participating will be critically low.

    If you face a bug with the openVZ install the solution might turn out to be that you had to track it down entirely on your own, it will be patched and on you will go to find the next one. Even if it's not a bug, googling for people who faced your issue before you will return far less results.

    I started and will finish by saying I think it depends on what you want to do, what you need to do and where you want to put your energy.
  13. wardmundy Nerd Uno

    Great points. I will try to be more clear in the future.

    OpenVZ is an incredible platform for testing and for training deployments. Might also have a place for small, autonomous groups like bank branches or airline ticket counters in remote cities. Other than that, it wouldn't be my choice for systems.

    The real advantage of the virtualization platform is the incredible ease with which you can make perfect backups. That alone should persuade folks to take Proxmox for a spin... behind a very secure, hardware-based firewall with no Internet exposure.
  14. It definitely does depend on what your goal and expertise level is. Just last night I finished duplicating my PIAF hardware based system in the openVZ container and swapped IP addresses so that my phones would register with it instead of the hardware based solution. So far I haven't seen any issues, I haven't had to restart Asterisk every night to fix memory problems, and overall it seems faster. Granted, the original hardware was a lowly PII with 512MB memory, and my pbx system only has 10 extensions. With the exception of the kernel modules for Dahdi, I haven't seen any way that performs in configuration and issue resolution to a standard KVM/HW solution.

    And yes, the backup issue that Ward mentions is a great advantage when I want to swap out server hardware, or the host OS, or any other component. I find boot times to be well under the one minute mentioned in the article.

    Oh, and as far as the performance, I'm also testing an install of a Kolab email system (http://www.kolab.org), a Ubuntu 11.10 server, and a Turnkey Gallery appliance, all in OpenVZ on the same server and the PIAF container is still faster than the original PII hardware-based system.

    Understand that I read a lot about openVZ and how it works. I've learned even more about how it works after playing with a few containers of the past few weeks. In fact, knowing what I know, it seems like the openVZ concept is much like a fancy-packaged chroot setup.

    So, would I run a large organization on a PIAF openVZ? Definitely not. As a hobby machine for home use? Yes. Where is the line between size of organization and openVZ use, I don't know. But obviously, if one goes with an openVZ solution, one would need to have the experience to know when something is going wrong because of the openVZ environment, or because of a bug or configuration problem that would be common in any environment. I would hate for everyone's first "support script" question be to ask if this is on openVZ and simply refuse to impart knowledge because of that.
  15. darmock PIAF Developer

    No one has said that because it is openvz that knowledge would not be imparted. However if you ignore written documents and advice then why should people who donate their time provide you with endless explanations?

    In actual fact "are you running in a vm" IS a very valid question especially if you are running in openvz where things are different!

    Recently I had someone who could not get dahdi to compile and was getting particularly nasty about it. Usual conspiracy theorist that because we control stuff it is our fault yadda yadda. Turns out he was running in an openvz container. Thus now all programs are container aware be it real hardware or others. not perfect but if you try to install something on a vm that does not support a particular feature it wont allow you to install it. I believe this is a much saner way to do things and helps prevent excessive signal to noise ratio. :crazy: Just look at the lengths in incredible backup 2.0!

    There are enough openvz types out there who just love it and can pipe up with support. I try to ignore openvz questions unless they involve someone not reading simple explanations.


    Tom
  16. Ok, so yes, in the example you gave with dahdi, it would be very valid to ask the openvz question. I personally have only played around with openvz for about a week, and apart from dahdi explicitly mentioned in Ward's article, I don't understand how anyone using it would expect kernel modules to work in any container. And I'm not familiar enough with incredible backup to know what changes had to be made for it or why it needs to know it's in a VM environment.

    Again, based on my limited experience of creating, modifying, and deleting containers, as long as one stays away from kernel modifications, the application software doesn't seem to know there is a difference. I've taken various OS templates and installed (and tested) DHCP/DNS/web/ and other components just the same as I have done in a KVM or bare-metal install (Ok, besides kernel mods, physical hardware like serial and USB ports are problematic, but just like other VM solutions, require some tweaking).

    Maybe the crux of the problem is that the openVZ method, as present in Ward's article, makes it seem so easy that every non-experienced person may try to use it to set up a system. Before Ward's article, I had never really heard of openVZ...never needed it, never bothered to research it. In any case, a person should really understand what the limitations are and be able to recognize whether a problem is happening because of whatever the VM environment is, or is it truly a configuration problem or even maybe a bug. This problem isn't unique to VM environments...I see it all the time in the forums for just about all the products I follow.

    So in my case specifically, I don't really know how far reaching dahdi is into the asterisk ecosystem, which is why I asked my original question about what I would lose without it (and no, I have no plans to jump through hoops to get it to work in the host's proxmox kernel...I will go KVM before I go through that). And yes,I suppose I could find some website that describes exactly what dahdi supplies and what depends on it...shame on me for being lazy in that regard.

    In part, it also seems like this is subtly starting to slide into a religious discussion on VM technology. Personally, if I had a big honkin' server with 8 cores and 32GB of memory, then I would go KVM as my VM technology of choice...The nice thing about Proxmox is that it gives you the option to do both KVM and openvz.
  17. And thinking about people who don't read instructions, it reminded me of a conversation with another engineer at my company. We basically provide documentation for deploying our product to our customers. It turns out they don't read it, so we have another document that summarizes the first document. Of course, thy don't read the summary either, then blame us when things go wrong. You can never win the "make it idiot proof" game. They keep making more idiots.

Share This Page