Reaching for the sky with Asterisk and Amazon

Reaching for the sky with Asterisk and Amazon EC 2

Administrative • This is an advanced class • Pre-requirements for this class are: • Basic knowledge of Asterisk (d. CAP preferred) • Sys. Admin level Linux skills (RHCE, LPIC, equivalent) • Your own notebook computer (not a must) • Willingness to think differently about IT and economics • A good sense of humor…

About your instructor • Name: Nir Simionovich • Job Title: Who needs titles anyway… • Asterisk Experience: 7 years • Amazon EC 2 Experience: 18 months • Largest EC 2 Installation: 3500 concurrent channels • Publications: • Asterisk. NOW – Published 2008, Packt Publishing • Asterisk AGI – Published 2009, Packt Publishing

Class Policies • Questions: Just raise your hand, don’t wait… • Private Questions: Wait for the end of the module… • Specific Implementation: Catch me in the eveninig • Just have fun …

Module 1 An introduction to Amazon EC 2

What it Amazon EC 2 • Per Amazon’s website: “Amazon Elastic Compute Cloud (Amazon EC 2) is a web service that provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers. ” • Without the buzz words: “Amazon Elastic Compute Cloud (Amazon EC 2) is a virtualization environment, allowing you to initialize virtual servers, without the regular BS related to hosting companies. ”

Amazon EC 2 is not ! • Amazon EC 2 is not to be mistaken with: • Co-Located servers hosting • Dedicated servers hosting • Web V-Hosting • EC 2 provides virtual servers, similar to VPS hosting • EC 2 doesn’t provide common control panels • EC 2 doesn’t provide customized network setup

EC 2 Service Components • The EC 2 service is built of 3 distinct components: • The Amazon Machine Image (AMI) – A raw image of your virtualized host • Amazon S 3 – A storage service where you can store your AMI hosts for future usage • Amazon AWS Admin – An administration service, available as a web service, a web panel or a Firefox plug-in (Elastic. Fox). • Other Amazon AWS services can be leveraged, such as: Cloud. Front, SQS, Simple. DB and others

Step 1: Registration • Registration is performed via the aws. amazon. com website: We won’t explore the entire registration wizard Pay Attention to this radio button

Step 2: Pricing and CC info • EC 2 uses your credit card information in order to perform billing • Pay attention to the pricing information provided during the registration wizard – it’s very important • For now, just fill in your credit card information and let’s continue…

Step 3: X. 509 Certificate and Keys • Once registration is complete, an email will be sent to you for final confirmation • EC 2 requires the installation of X. 509 certificate • You can supply your own or create a new one using the EC 2 service • To create a new certificate, simply log-on to your account and create the certificate from their • You will also be required to create your Access Key IDs for the service

Step 3: X. 509 Certificate and Keys • Once your X. 509 keys had been created, download these and store in a safe place on your computer • Your certificate is used for accessing your servers via SSH – without the usage of a root password • Your Access ID’s are used to allow access from your Elastic. Fox plug-in and web management to your account

Step 3: X. 509 Certificate and Keys

Step 4: Logon to the console http: //aws. amazon. com/console/

Step 5: Create a Key-Pair • Your key pairs are later on used for SSH access

Step 6: Create a Security Group Remember: All Amazon EC 2 instances are NATTED!

Step 7: Install Elastic. Fox • Elastic. Fox is the official production level management console for Amazon EC 2 • We now switch to using Elastic. Fox, as it provides greater flexibility than the web console • Elastic. Fox can be found under the “Developer Tools” section of the AWS website • Once Elastic. Fox is installed, you need to create your online credentials for it – using the keys presented at step 3

Step 7: Install Elastic. Fox

Step 7: Launch an Asterisk AMI

Step 8: Create an SSH private key Save your private key file, to be used with Pu. TTy

Step 9: Connect to your instance Click this button • You will be asked for your generated private key file, so just select it • If all goes well, an SSH client to your instance should be made available to you

Module Recap • You should now be able to: • Initiate new EC 2 instances • Logon as ‘root’ to your initiated instances • You should now be able to create your own EC 2 based Asterisk server

Module 1: Recap Lab • Lab Duration: 30 minutes • Tasks: • Register with Amazon AWS services • Create your keys and certificate • Activate an Asterisk AMI instance • Logon to your Asterisk server via SSH

Module 2 Amazonomics – The Economics Behind using Amazon EC 2

What are Amazonomics • Amazonomics is the combination between the words “Amazon” and “Economics” • The term dictates that due to Amazon AWS services, a new economy math is required • Traditional “IT Economy” is based upon monthly and yearly calculations, Amazonomics calculations are based upon hours • While traditional math calculate costs top-down, Amazonomics calculate costs bottom-up Confused? Can be at start… Hang in there…

Basic Terms – On Demand Instances • An On-Demand Instance • An On-Demand instance can be described as a virtualized host – in it’s most basic form, that once shut down disappears • On-Demand Instances are billed in accordance to their size, time utilized and operating system • Instances vary from single virtual core units, up to 20 virtual cores per instance

Basic Terms – Reserved Instances • A Reserved Instance • Similar to an On-Demand instance in functionality • Paid in advance for the entire year (or 3 years) • Provides better utilization for your funds (cost wise) • Once purchased, will remain in your inventory as “reserved” computation power

Basic Terms – Data Transfer • Data Transfer costs • Amazon instances consume “inbound” and “outbound” bandwidth • Amazon calculates the cost of this bandwidth on each of the streams • Inbound stream is flat-rated at a per GB cost • Outbound stream is step charged at per GB cost, with TB steps

Basic Terms – Elastic IPs • Elastic IP Addresses • By default – all instances carry a dynamic IP address • Elastic IP addresses allows for the assignment of static IP address to your instances • All instances are NATted, thus, Elastic IP addresses are statically NATted to your EC 2 instances

Amazon EC 2 – Power ala-cart • The basic concept behind EC 2 economics is: You pay for what you use! • If you want reserved power or resources, you pay for that as-well • When you are done consuming resources, simply discard them and don’t pay additional charges

Amazon EC 2 – Power ala-cart (cont. ) • Theoretical example: • Imagine that we would like to “crack” an SSH 2, IDEA based, 1024 bit key • In theory, in order to “crack” the key, we’ll either need a few thousand years or a few thousand computers • Installing and managing a few thousand computers is not feasible, nor is waiting a few thousand years • Using EC 2 instances, we can initiate thousands of hosts at the same time, do the job, then discard them • Think of it as an on-demand SETI group that is made available to you

A CFOs view of Amazon EC 2 Power Instance Size Instance Cost Work hours Number of Cost per Work days Cost per per day hosts required day per month year Medium $0. 20 10 4 $8. 00 22 $176. 00 $2, 112. 00 Extra Large 0. 8 10 2 $16. 00 23 $368. 00 $4, 416. 00 • Purchasing the above hardware can easily cost around 12, 000$ in the first fiscal year • Hosting your development system with Amazon EC 2 simply makes sense • Just turn off your hosts at night, and save the money

Production on EC 2? Instance Size Instance Cost Number of Work hours hosts Work days Cost per day per month per day required Cost per year Medium $0. 20 24 3 $14. 40 22 $316. 80 $3, 801. 60 Extra Large 0. 8 24 2 $38. 40 23 $883. 20 $10, 598. 40 High-Powered, Short burst • Depending on your application, applications, suchgoing as production dialerson EC 2 isn’t always economical – especially if your application requires love full power 24 x 7 EC 2! • The best track to take is to de-couple your application layer and initiate instant power on EC 2 at peak time • Get the best of both worlds – instant power with 24 x 7 co-location costs

Module Recap • Amazonomics change the way we look at costs, relating to IT infrastructure • Companies at their start-up stage can easily utilize Amazon EC 2 instances to lower their initial OPEX, turning it into CAPEX • The price of development hardware purchase can easily translate to 3 years worth of EC 2 instances – letting you focus on your product and development

Module 2: Recap Lab • Lab Duration: 30 minutes • Tasks (Theoretical Exercise only): • Design a high-powered Asterisk based dialer platform, utilizing Amazon EC 2 components only – based upon economic considerations only • Design constraints are: • Dialer must be able to sustain a total of 1000 concurrent channels • Each EC 2 instance can carry up to 120 concurrent channels (medium instance) • Control over the Dialer must be centralized

Module 3 Network Considerations, Elastic IP addresses and de-coupled architecture

Network Considerations • Amazon EC 2 is a fully NATted network • The EC 2 cloud environment is fully NATted, which means that all hosts utilize a private IP address space • NATted environments pose an interesting issue what utilized with Vo. IP in general – and SIP in particular In other words: A shift in platform design • Amazon EC 2 is geographically de-coupled • and When andevelopment instance is initiated, the physicalparadigms location of that instance on the network is somewhat unknown is onrequired utilize EC 2 (block • Relying the network layerto for real time data traversal connections, database DSN’s, etc) is no longer available

EC 2 Network – A Bird’s Eye View • Amazon operates 2 AWS global datacenters: • US East – USA East Coast • EU West – Western Europe • While the information seems redundant to most developers, Vo. IP usage requires a bit more finesse • Imagine that you are located in the UK, it would make more sense for you to host your Asterisk servers at EU-West and not US-East • When initiating instances, make sure these are initiated in the most suitable location

EC 2 Network – Vo. IP Considerations • Not all Vo. IP carriers are capable of servicing NATted hosts • Make sure you test your carriers with a simple Asterisk instance on EC 2, prior to migrating your system to it • While SIP doesn’t really like NAT, IAX 2 loves it – USE IT! Remember: If using SIP, media will pass through your Asterisk AMI – on EC 2 that means traffic payment!

EC 2 Network - Datacenters • Amazon operates 2 AWS global datacenters: • US East – USA East Coast • EU West – Western Europe Even these are spread across • While the other information seemscenters redundant to a few data – most in developers, Vo. IP usage requires a bit more finesse otherthat words, no commitment • Imagine you are located in the UK, it would make more sense for you to host your Asterisk for same location proximity servers at EU-West and not US-East • When initiating instances, make sure these are initiated in the most suitable location

EC 2 Network – Elastic IP Addresses • Elastic IP addresses are statically mapped IP addresses that can be assigned to your instances, once initiated • You can assign your Elastic IP either from the management console, or via the AWS EC 2 API • In any case, your internal host’s IP address always changes – if you turn your instance OFF • This can pose an interesting configuration issue when utilizing Asterisk and SIP (externip and externhost)

De-coupled N-Tier Architecture

Traditional Asterisk Implementation

Traditional Asterisk Implementation • The main issues with Asterisk N-Tier architecture are these: • The system has a distinct bottle neck with the database. • Storage resources are consumed across the entire network • A direct connection from the Asterisk application to the database servers is required, while utilizing normal database practices

Traditional Asterisk Implementation • The N-Tier approach doesn’t cut it with Cloud Computing structures: • No direct connection between the Asterisk servers and the database servers • No direct connection between the storage servers and the Asterisk/Database servers • No commitment to the geographical location of each server

Hmmmm…. . Now What? ?

New Paradigm Guidelines • It is clear we need a new methodology for developing application, one that takes into account the following: • We can’t rely on proximity between the database and the Asterisk servers • We can’t rely on proximity between the storage and the Asterisk servers • We can’t rely on high-powered servers

De-Coupled N-Tier Architecture

EC 2 Asterisk Implementation • Guidelines: • Each Asterisk server holds its own application logic, implemented via normal Asterisk development practices • Retrieval of information from the database servers is performed via XML-RPC methods, carried over an HTTPS secured transport • Storage of audio and content is managed via a Storage Manager and distributor • A web based application Logic implements the XML-RPC server side for the platform

Module Recap • We now understand that while EC 2 provides a highly cost effective solution, its constraints introduce new development and deployment issues • Traditional N-Tier design architectures and paradigms no longer cut-it with EC 2 • We need to practice a new methodology of designing platform, one that no longer relies on physical attributes and takes into account non-linear approaches

Module 3: Recap Lab • Lab Duration: 30 minutes • Tasks (Theoretical Exercise only): • Design a high-powered Asterisk based dialer platform, utilizing Amazon EC 2 components only – this time using De -Coupled N-Tier architecture • Design constraints are: • Dialer must be able to sustain a total of 1000 concurrent channels • Each EC 2 instance can carry up to 120 concurrent channels (medium instance) • Control over the Dialer must be centralized

Module 4 Running Asterisk compatible AMI – Introduction to the Voxilla AMI

Is EC 2 really suited for Asterisk? • EC 2 is focused on providing a scalable environment for rich web applications • As such, its AMI images aren’t optimized for usage with Asterisk • Mainly, operational kernel available with EC 2 Wethe just killed the entire point! images isn’t fully compatible with Asterisk’s If AMI images aren’t fully requirements STOP !!! compatible, what can we do?

Introducing: Voxilla Asterisk AMI • Over the past 12 months, much work had been done in the cloud-computing space • Specifically, work had been done to develop tools for deploying Asterisk in a more reliable manner • Notable work had been performed by Ronald Lewis and specifically by Eric Chamberlain of the Voxilla project • Eric’s work had been concentrating on creating a proper AMI image with a proper kernel, that will be able to utilize the DAHDI_DUMMY driver correctly

Available Voxilla AMI images • There are 2 distinct AMI images available: • ami-e 8 c 22581 – The full Asterisk+Free. PBX distribution • ami-0 bfa 1 d 62 – Vanilla Asterisk without web interfaces • If you are a PBX user, you would most probably prefer the first • I prefer using the latter for my application development and testing

Using Voxilla Asterisk AMI

Step 1: Activate the instance • When activating the new instance, pay attention to the following: • Data center location (availability zone) • Key. Pair (what SSH key to use) • Instance type (c 1. medium is preferred) • Security Group (a security group compatible with Asterisk)

Step 1: Activate the instance Instance Size SSH Key. Pair Data center location Security Group

Step 2: Recompile Asterisk (optional) You can’t use Asterisk RPM available from Digium. You can use SRPM to rebuild the package – BEWARE!

Small Comparison – Codec Translation Amazing !!! Ver 1. 6 EC 2 Asterisk 1. 6 on EC 2 is a better g 729 transcoder Ver 1. 4 than 1. 4 on a dedicated Dual XEON Server! XEON

Module Recap • You are now familiar with Voxilla’s pre-made Asterisk EC 2 AMI image • You should now be able to initiate your own EC 2 based Asterisk server

Module 4: Recap Lab • Lab Duration: 30 minutes • Tasks: • Initiate the vanilla Amazon EC 2 Voxilla Asterisk AMI • Define 2 SIP phones • Make calls from one SIP phone to another • Repeat the same exercise with the Free. PBX AMI

Module 5 Beyond Voxilla – Creating your own EC 2 AMI

Congratulations… well, sort of… • Congratulations, you had successfully installed and executed your Clouded Asterisk Open Source PBX system • You had also installed and configured your customized software and application, to work with your Clouded Asterisk installation • Be warned! If you terminate your Asterisk host, all your work will go away and you will need to repeat it!

I win … All your hosts are belong to us YES ! I OWN AMAZON ! IN 5 DAYS I WILL HAVE A 5 TRILION DOLLARS – ALL FROM YOUR HOSTS

Ok. . Seriously now… • How can EC 2 be a useful tool, if you need to re-do all your work for each initiated instance? • Well, the answer is: YOU DON’T • EC 2 provides a set of tools for creating your own AMI image, storing it with Amazon S 3, and then activating as many instances of it as you need • If you’ve used any of the Voxilla images, the tools required are already available on your instance • If not http: //developer. amazonwebservices. com/connect/ent ry. jspa? external. ID=351

Step 1: upload keys to your instance • If you may recall, you’ve created a PK and CERT file, earlier this day – we’ll use these now • Copy your PK and CERT files to your instance • Example: scp pk-XXX. pem cert-xxx. pem root@ec 2 -75 -101 -215 -95. compute-1. amazonaws. com: /mnt/ pk-XXX. pem – The Private key file that was created earlier cert-XXX. pem – The Certificate file that was created earlier

Step 2: image your instance • Create an image of your running instance using the following command: Grab a coffee and cake at this point, better yet, go out and get some – this takes time… ec 2 -bundle-vol -k /mnt/pk-xxx. pem -c /mnt/cert-xxx. pem -u [user-id] -d /mnt pk-XXX. pem – The Private key file that was created earlier cert-XXX. pem – The Certificate file that was created earlier user-id – Your Amazon AWS user ID (numeric value)

Step 3 a: Create an S 3 Storage Bucket • We need to create a storage bucket, to hold our AMI image on the Amazon S 3 storage service • Creating a bucket can be performed using the s 3 fox tool or using the command line • The easiest is to use the s 3 fox – available at http: //www. s 3 fox. net

Step 3 b: Create an S 3 Storage Bucket

Step 4: upload your AMI to S 3 • Once you’ve imaged your instance, you will find multiple image. part. * files on your file system • These comprise your entire running instance • These now need to be uploaded into S 3 using the ec 2 upload-bundle tool Cross your fingers now, this procedure can fail a few times till you get it up there - and worst, it’s lengthy to re-start! ec 2 -upload-bundle -b [your-s 3 -bucket] -m /mnt/image. manifest. xml -a [aws-access-key-id] -s [aws-secret-access-key-id] Your-s 3 -bucket – the bucket created with s 3 fox Aws-access-key-id – your access key credential Aws-secret-access-key-id – your secret access key credential Image. manifest. xml – the image manifest file describing the image [rename this file to something meaningful]

Step 5: Register your AMI on EC 2 • AMI registration is performed using the elasticfox firefox plugin: • When prompted, enter your bucket name and image manifest filename to register your AMI image

Step 6: Instance Activation • Once your AMI is registered, your “Images” tab would look like this (after filtering): • Simply click the power button to start-up your AMI image and create a new instance

Module Recap • You are now familiarized with how to create your own AMI image on Amazon EC 2 • At this point, we suggest that you take a little break before the final lab – it’s a bit long

Module 5: Recap Lab • Lab Duration: 60 -90 minutes • Tasks: • Build a network of 5 Asterisk hosts • All hosts should have the latest Asterisk 1. 6 version • 4 hosts should be installed with Free. PBX and be utilized as PBX systems • 1 host should be installed as a vanilla Asterisk and be utilized as a routing system between the nodes • Routing plans and numbering plans are entirely up to you, simply go wild