https://help.4psa.com/index.php?

_m=knowledgebase&_a=viewarticle&kbarticleid=1146
VoipNow Professional 2 Amazon EC2 Deployment Guide
Created: 28 Jan 2011 9:56 AM

Overview

This knowledge base article provides all the information required to easily understand the Amazon
EC2 deployment process.
How to Create an EC2 Account

You have to define an account ONLY if you do not already have one!
To create an account, you have to go to Amazon and click the Sign Up For Amazon EC2 button. If
you do not have an AWS account already, then you are prompted to create one as part of the sign
up process. After registering to Amazon EC2, you will be granted your Access Key identifiers:

Click the Your Web Services Account button and select the View Access Key Identifiers link
from the displayed menu.
Click the Create New button available in the X.509 Certificate section to create a new X.509
certificate.
Save the certificate and the private key. You will need them when setting up thecommand line
tools (as described below).
Create an .ec2 directory in your home directory to save these files. You should end up with a
PEM-encoded X.509 certificate and a private key file named as shown in the following examples:

cert-HKZYKTAIG2ECMXYIBH3HXV4ZBZQ55CLO.pem - This is an example of a PEM
encoded signed X.509 certificate.
pk-HKZYKTAIG2ECMXYIBH3HXV4ZBZQ55CLO.pem - This is an example of an
unencrypted PEM-encoded RSA private key that corresponds to the X.509 certificate. This
X.509 certificate is associated with your account until you generate or upload a new certificate. If
you already have a certificate that you would rather use instead, then you can return to the
Access Key Identifier section and upload it later.

In the end, you need to look up your AWS account ID. You should use this value whenever you
need to provide an Amazon EC2 user ID. From the AWS portal page, point to Your Web Services
Account and click the Account Activity link in the menu displayed. At the top of this page, locate
your account number, which is a hyphenated number similar to '4952-1993-3132'. Your AWS
account ID is in fact your account number, without the hyphens. In this example, it is
495219933132.
How to Download the Command Line Tools from Amazon

You can set up this environment variable as follows:

On Linux and UNIX: $ export EC2_HOME="path_to_ec2_tools"
On Windows, the syntax is slightly different: C:> set EC2_HOME="path_to_ec2_tools"

Page 1/4
4PSA Support Zone
https://help.4psa.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1146
In addition, you should probably add the bin tools directory to your system PATH. From now on, in
this guide, we will assume that you have done this.

On Linux and UNIX, you can update your PATH as follows: $ export
PATH=$PATH:$EC2_HOME/bin
And for Windows: C:> set PATH=%PATH%;%EC2_HOME%bin

How to Locate the VoipNow Professional AMI on Amazon
Infrastructure


On Linux execute: $ ec2-describe-images -a| grep 4psa
On Windows run: C:> ec2-describe-images -a|findstr -i 4psa

The output should look like this:

IMAGE ami-fd1afb94 4psa/voipnow-2.02.manifest.xml 834521411561 available public
i386 machine


The issue that you should be interested in is the AMI ID which in this case is ami-fd1afb94.
How to Create Your First Server

Run: ec2-run-instances ami-fd1afb94
Next, run the following command to find out the machine IP: ec2-describe-instances
Note that it may take a few minutes until the machine is started. You should see an output like
this:

RESERVATION r-878dddee 834521411561 default INSTANCE i-13111d7a ami-fd1afb94
ec2-174-129-155-204.compute-1.amazonaws.com
domU-12-31-39-03-74-36.compute-1.internal
running 0 m1.small 2009-07-28T09:27:26+0000 us-east-1a


In this case, the server hostname is: ec2-174-129-155-204.compute-1.amazonaws.com and the
public IP is 174.129.155.204.
How to Open Ports to Access the Machine

Set up the firewall for your EC2 VoipNow Professional server as follows:
ec2-authorize default -P udp
ec2-authorize default -p 21
ec2-authorize default -p 22
ec2-authorize default -p 25
ec2-authorize default -p 80
ec2-authorize default -p 443
ec2-authorize default -p 1234
By doing so, all the UDP ports needed for SIP and TCP (21, 22, 25, 80, 443, 1234) will be opened. If
necessary, you may open other ports as well.
On the EC2 machines, you have to set up VoipNow Professional 2 to run behind NAT. To do so,
follow the next steps:
Log in to your VoipNow Professional server as root via SSH using your favorite console
Page 2/4
4PSA Support Zone
https://help.4psa.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1146
(e.g.: Putty).
You need to open a SSH session on your machine. For example: ssh
ec2-174-129-155-204.compute-1.amazonaws.com
Then run ifconfig eth0 to see your local IP address: eth0 Link encap:Ethernet HWaddr
12:31:39:03:74:36
inet addr:10.249.119.196 Bcast:10.249.119.255 Mask:255.255.254.0
UP BROADCAST RUNNING MULTI CAST MTU:1500 Metric:1
RX packets:53883 errors:0 dropped:0 overruns:0 frame:0
TX packets:54403 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13256211 (12.6 MiB) TX bytes:16489062 (15.7 MiB)
In this case, the local IP is 10.249.119.196. This is the IP used for NAT private network IP
address and for the rest of the services (see next section).
How to Access the VoipNow Professional 2 Interface on Your New
Server

Now you can access the VoipNow Professional 2 interface by running https://[serverhostname] and
using admin for username and welcome for password.
To log in to SSH, use root as username and voipnow1WELCOME as password.
How to Configure VoipNow Professional 2 to Work on EC2

The steps that you have to follow are:
Go to the Unified Communication >> System Preferences >> SIP tab and set up the following
options available in the Advanced SIP Server Preferences section:
Deployment Infrastructure: NAT (Network Address Translation)
NAT router public IP address: 174.129.155.204 port 5060
NAT private network IP address: 10.249.119.196 port 5060
NAT private network netmask: 255.255.254.0
Add accepted domain for SIP: ec2-174-129-155-204.compute-1.amazonaws.com port 5060
Here you can also add any other hostname pointing to the server IP.
Next, go to the Unified Communication >> System Preferences >> Servers tab and set up:

In the Server Listen Addresses section:
Asterisk SIP listens to IP:port: 10.249.119.196:5050
Kamailio server IP:port: 10.249.119.196:5060
Ejabberd server IP: 10.249.119.196:5222
Caching server IP:port: 127.0.0.1:11211
CallAPI server IP:port: 10.249.119.196:1234
In the Server Logical Addresses section:
Kamailio server logical address: 10.249.119.196:5060
Asterisk server logical address: 10.249.119.196:5050

Notes About the VoipNow Professional EC2 Image

Since 2Gb (the default VoipNow Professional 2 image size) is not enough to run the system and as
each EC2 machine contains an additional partition which is mounted at boot, the VoipNow
Professional image is bundled with the /etc/init.d/voipnowbind script that moves newly created
VoipNow Professional files from their standard location to /mnt/voipnow/, the location where the
partition is mounted. Taking into consideration all these facts, if you want to use the backup
Page 3/4
4PSA Support Zone
https://help.4psa.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=1146
functions, you need to set the backup location to /home/voipnow/backup. VoipNow Professional
bind script mounts directories from that partition to their correct location. More to this, if you add
additional partitions to your AMI, you can use the VoipNow Professional bind script to move the
application. In order to do so, you need to follow the steps below:
Open /etc/sysconfig/voipnowbind
Set:
BINDPART='/new_partition_mount_point'
ROOTPART='/home/voipnow'
COPYFILES=1
Before running the script, make sure the new partition is added to fstab in order be mounted.

In the end, reboot the system.

You can find more information on EC2 machines in this knowledge base article.
Page 4/4
4PSA Support Zone