Forum Replies Created

Viewing 15 posts - 211 through 225 (of 254 total)
  • Author
    Posts
  • Avatar photoTelium Support Group
    Member
    Post count: 258

    Yes – we have created tools which use the REST API/web interface of phones (and base stations) to force immediate re-registration following a failover of the cluster. This solution is implementation specific however (make and model of phone, where phone IP data is stored, etc), so please contact Telium professional services who can design a solution for your specific needs.

    This tool should be placed into Asterisk post-start event handler (in HAAst), which will cause the nurse phones to immediately reconnect to the active peer following cluster failover.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    I have included a sample sensor below using ping, which will test if your NIC is down or the cable is unplugged. The basic idea is to test reachability for the item after the item you want tested; so to test your cable ping the firewall.

    Instead of creating 3 sensors (cable, firewall, ITSP) you can actually combine them into a single sensor which I’ll call ‘route-to-itsp’. By checking the entire path in one sensor you test all of the items along the way:

    ; Ensure connection to ITSP is ok including NIC, cables, router, gateway, and ITSP
    route-to-itsp/description=Connection to ITSP
    route-to-itsp/type=ping
    route-to-itsp/input=received
    route-to-itsp/parameters=Count: 5 | interface:eth1 | host: 173.239.164.41
    route-to-itsp/scoring=

    Avatar photoTelium Support Group
    Member
    Post count: 258

    You don’t mention if you are using a configuration generator (eg: xCally Motion, FreePBX, Elastix, etc), so I’ll provide two answers:

    Using A Configuration Generator
    If you are using a configuration generator, then the easiest way to setup synchronization is to copy the appropriate sample sync config files into your HAAst configuration directory. For example, if you are using xCALLY Motion then you will need both the basic Asterisk configuration synchronization, as well as the xCALLY Motion configuration synchronization. So copy the following files:

    • asteriskconfig.sync.conf
    • xcally_motion.sync.conf

    from the sample_files/synchronizations directory to the /etc/xdg/telium/haast.conf.d directory and then restart HAAst. (Do so on both peers). Your files and databases will start to synchronize now. (If you are using some other configuration generator, just replace the xCALLY Motion file with the most appropriate sample for your configuration generator).

    Using Only Asterisk
    If you are not using a configuration generator (as is often the case with large Asterisk installations of 1000 or more phone sets), then the easiest way to setup synchronization is to use one or more sample synchronization files as a starting point. To being with, copy the following file:

    • asteriskconfig.sync.conf

    from the sample_files/synchronizations directory to the /etc/xdg/telium/haast.conf.d directory (on both peers) for basic synchronization of the /etc/asterisk folder contents, ASTdb, and voicemail. After that, have a look at the sample *.sync.conf files for ideas of what else you can sync.

    Customizing The Data Sent To The Standby Peer
    If you need to customize content that is synchronized in (eg: to modify the dialplan/trunks/tftp files/etc for the local machine) then have a look at the sample_files/events directory for sample sync.stop.post* files which demonstrate how to perform post-sync customization. You can copy any of these sample files to your /usr/local/haast/events directory to enable them, but be sure to edit each event handler to match your unique system and needs. Note that the name of the event handler file must match the name of the sync job in order to be associated as a related event handler. (e.g. sync job ‘mysql’ would look for a file called ‘sync.stop.post.mysql’ to be linked as the post-sync event handler).

    Avatar photoTelium Support Group
    Member
    Post count: 258

    I don’t see any product registration matching your email address, which means you are most likely running the Free Edition of SecAst. Only the Commercial Unlimited edition of SecAst includes access to the hacker database (IP addresses) and fraud database (phone numbers).

    So the warning you see on screen is correct – you only get access to those databases if you purchase the Commercial Unlimited edition, or purchase a SecData subscription separately.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    HAAst is load tested to approximately 50 call setups per second (3000 call setups per minute) – so that should not be a problem. The constraint will most likely be the hardware upon which you run Asterisk. HAAst is written entirely in C++ and CPU requirements are generally very low. If in doubt conduct a HAAst trial and monitor CPU load and memory utilization to determine how many setups per minute your hardware can handle.

    If you need assistance determining the call volume capacity of your hardware please contact Telium support for assistance.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    You are welcome to download the latest software from the Telium website, and overwrite your installation. Please be sure to carefully compare the included config file to check for changes in stanzas, key names, new keys, etc.

    If you are running the Free Edition the new software will work immediately. If you have an active maintenance agreement then the upgrade will work as well.

    However, if your maintenance agreement has expired then the upgrade will revert to the Free Edition. Since you cannot extend a maintenance agreement that has expired you would have to purchase a new license.

    If your maintenance agreement is still active then you can extend it for as long as you like (purchased in 1 year increments from the BUY tab on the Telium web site).

    Avatar photoTelium Support Group
    Member
    Post count: 258

    You are welcome to download the latest software from the Telium website, and overwrite your installation. Please be sure to carefully compare the included config file to check for changes in stanzas, key names, new keys, etc.

    If you are running the Free Edition the new software will work immediately. If you have an active maintenance agreement then the upgrade will work as well.

    However, if your maintenance agreement has expired then the upgrade will revert to the Free Edition. Since you cannot extend a maintenance agreement that has expired you would have to purchase a new license.

    If your maintenance agreement is still active then you can extend it for as long as you like (purchased in 1 year increments from the BUY tab on the Telium web site).

    Avatar photoTelium Support Group
    Member
    Post count: 258

    You are welcome to download the latest software from the Telium website, and overwrite your installation. Please be sure to carefully compare the included config file to check for changes in stanzas, key names, new keys, etc.

    If you are running the Free Edition the new software will work immediately. If you have an active maintenance agreement then the upgrade will work as well.

    However, if your maintenance agreement has expired then the upgrade will revert to the Free Edition. Since you cannot extend a maintenance agreement that has expired you would have to purchase a new license.

    If your maintenance agreement is still active then you can extend it for as long as you like (purchased in 1 year increments from the BUY tab on the Telium web site).

    Avatar photoTelium Support Group
    Member
    Post count: 258

    First of all make sure you know which system is generating the error (the host running HAAst, or the host which the post-sync script is connecting to). That may change the answer, and/or where you need to apply changes.

    One of these solutions should help:

    1. Try adding the “-t” parameter to the ssh command to create a pseudo terminal for the command to run in.
    2. Instead of “-t” try “-tt” to force a tty (even if ssh has no local tty).
    3. Remove sudo completely from the command in your bash script. Since the HAAst (service) runs as root the processes it forks also run as root (unless the system is further locked down). Assuming error is locally generated.
    4. Comment out the line “Defaults requiretty” in the /etc/sudoers file. Then sudo won’t require a TTY anymore for sudo commands. (But undstand security implications).
    5. Use the “su –c” command instead of sudo
    Avatar photoTelium Support Group
    Member
    Post count: 258

    Instead of relying on FreePBX to recreate the AstDB, you should let HAAst synchronize it. (This is the standard HAAst configuration as of Jan 2016). To have HAAst synchronize the AstDB add an entry like this to the haast configuration:


    asteriskdb/description=Asterisk internal database
    asteriskdb/type=astdb
    asteriskdb/interval=300
    asteriskdb/debug=off
    asteriskdb/postsynccondition=never
    asteriskdb/postsyncruntime=60

    If you use the sample Asterisk sync file (sample_files/synchronizations/asteriskconfig.sync.conf) then this will be setup for you automatically.

    Warning: Do not try to synchronize this file using ‘file’ type. HAAst must read and write this file using SQL commands or you risk corrupting the file. As well, do not put this file on a DRBD partition, nor put it on a network share if there is any chance of the peer reading/writing this file at the same time.

    HAAst also has the ability replicated all keys from the AstDB, or generate new values for keys which must be unique, or leave each node with original values. Please contact Telium support for details on how to configure HAAst to control these keys during replication.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    The best way to communicate programmatically with HAAst is through the socket interface. When haast is running it creates a socket in the directory /var/run. This socket looks and acts just like a regular file; you can write to the file and read from the file to command HAAst and gather status information.

    To retrieve the status of the cluster via the socket interface, use the ‘getstatus’ command. The pseudocode to do so is as follows:


    Open file /var/run/haast.sock as read+write
    Read ‘ready>’ prompt from file
    Optionally write command ID and newline to file, e.g. ‘id: 123n’
    Write get status command and newline to file, e.g. ‘command:getstatus\n\n’
    Read response from file
    Close file
    Parse response

    The ID sent can be any string (to uniquely identify the response) but is optional. In general we recommend sending an auto-incremented counter. Once all required parameters (of this command) have been sent, send a second newline (i.e. 2 sequential newline characters) to tell HAAst the command is complete and ready for processing.

    The following is the actual output (read) in red color, and input (written) in blue color, from the above pseudo code:

    haast socket interface v1.1
    ready>id: 123
    command:getstatus
    
    id: 123
    result: ok
    cluster name: Telium
    cluster start time: 1459816998033
    cluster start time formatted: Mon Apr 4 20:43:18 2016
    cluster run duration: 12404571
    cluster run duration formatted: 71 days, 13 hours, 42 minutes, 51 seconds
    cluster fail over count: 79
    local peer name: PBX1 in Waterloo data center wall
    local haast state: 4
    local haast state formatted: Active
    local peer health state: 1
    local peer health state formatted: Normal
    local asterisk state: 2
    local asterisk state formatted: Started
    local asterisk connection state: 7
    local asterisk connection state formatted: Logged in
    local start time: 1464643147663
    local start time formatted: Mon May 30 17:19:07 2016
    local haast run duration: 2740022
    local haast run duration formatted: 15 days, 17 hours, 7 minutes, 2 seconds
    local fail over count: 11
    local previous fail over timestamp: 1465102805740
    local previous fail over timestamp formatted: Sun Jun 5 01:00:05 2016
    local previous fail over cause: 2
    local previous fail over cause formatted: Dual standby peer contention detected
    local previous haast state: 3
    local previous haast state formatted: Standby
    local to remote peerlink connection state: 7
    local to remote peerlink connection state formatted: Up
    remote data available: 1
    remote peer name: PBX2 VM in Mississauga data center
    remote haast state: 3
    remote haast state formatted: Standby
    remote peer health state: 1
    remote peer health state formatted: Normal
    remote asterisk state: 4
    remote asterisk state formatted: Stopped
    remote asterisk connection state: 4
    remote asterisk connection state formatted: Connect failed
    remote start time: 1464643407951
    remote start time formatted: Mon May 30 17:23:27 2016
    remote haast run duration: 2739761
    remote haast run duration formatted: 15 days, 17 hours, 2 minutes, 41 seconds
    remote fail over count: 8
    remote previous fail over timestamp: 1465102804675
    remote previous fail over timestamp formatted: Sun Jun 5 01:00:04 2016
    remote previous fail over cause: 23
    remote previous fail over cause formatted: Local peer automatic demotion request
    remote previous haast state: 4
    remote previous haast state formatted: Active
    remote to local peerlink connection state: 7
    remote to local peerlink connection state formatted: Up
    ready>

    To learn how to use the HAAst socket interface you can use the ‘socat’ command to interact with the HAAst socket from a Bash command line. (You may need to add the socat command / package to your particular Linux installation). The exact syntax for the socat command is as follows:


    socat – UNIX-CONNECT:/var/run/haast.sock

    You can then send any invalid command (eg: XXXX) and HAAst will respond with a list of valid commands.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    If you are using the Commercial Unlimited edition of SecAst, then you can check how an IP address scores on the SecData service using the telnet interface to SecAst. Connect to your local SecAst server by telnet and issue the ‘hackerdb check’ command. For example:

    $ telnet 172.1.1.1 3000
    Trying 172.1.1.1…
    Connected to 172.1.1.1.
    Escape character is ‘^]’.
    SecAst telnet interface on ‘PBX1 on Waterloo data center wall’
    SecAst>hackerdb check 1.2.3.4
    Action: checking Telium hacker database
    Database match: exact IP
    IP address: 1.2.3.4
    Score: 25
    SecAst>[/color]

    Alternatively, if you subscribe to the SecData service directly then you can check how an IP address scores from a browser by entering the query into the address bar; for example:
    https://XXX.autocommander.aws2.ocg.ca/check-ipaddress?key=YYY&ip=1.2.3.4&format=p
    (you will need to substitute the hostname and key with those assigned to your account.)

    Please note that manual queries of the SecData service through SecAst are throttled, so if you issue too many queries too quickly you will receive a warning to try again later.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    SecData is a cloud based service, with load spread over multiple different cloud providers (including Amazon and GoDaddy). We have tested many times the load you require and SecData has no difficulty keeping up.

    If you are using SecAst to access the SecData, then by design your calls will never be delayed/dropped. SecAst allows calls to proceed in parallel to checking the SecData service for fraudulent phone numbers and IP addresses. If a match is found (and the score exceeds the threshold you define) then the call is disconnected and the caller’s IP is blocked.

    Avatar photoTelium Support Group
    Member
    Post count: 258

    The sensor/health graphs show current and historical health scores, as generated by non-core sensors. Core sensor are the ones built into HAAst (non-configurable) and trigger an immediate failover upon detection of a critical issue.

    User defined sensors generate scores that show up in the graphs and reporting. So if you have not defined any sensors then you will not see any graphs.

    Note that some installations are satisfied with the core sensors only. But as you become more familiar with HAAst you will likely want to add some sensors (e.g. monitor the network/cable carrying SIP/RTP traffic from the PBX to the ITSP).

    Avatar photoTelium Support Group
    Member
    Post count: 258

    The most likely cause is that one or more shared libraries are not installed. Ensure that all prerequisite libraries are installed. First, use the “ldd” command to show what libraries HAAst needs, and are available:

    root@pbx~$ldd haast
    linux-vdso.so.1 => (0x00007ffffbded000)
    libQt5Sql.so.5 => not found
    libQt5Xml.so.5 => not found
    libQt5Network.so.5 => not found
    libQt5Core.so.5 => not found
    libpthread.so.0 => /lib/x86_64-linuxgnu/
    libpthread.so.0 (0x00007ff6b71c4000)
    libstdc++.so.6 => /usr/lib/x86_64-linuxgnu/
    libstdc++.so.6 (0x00007ff6b6ec3000)
    libgcc_s.so.1 => /lib/x86_64-linuxgnu/
    libgcc_s.so.1 (0x00007ff6b6cad000)
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ff6b68ed000)
    /lib64/ld-linux-x86-64.so.2 (0x00007ff6b73ef000)
    libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007ff6b65f0000)

    You would then have to add the missing libraries (normally through your package manager like apt-get or yum). In the above example case, the Qt libraries are missing; see section 7 of the instructions for details on how to add the Qt libraries to your Linux distribution.

Viewing 15 posts - 211 through 225 (of 254 total)