jambonz / jambonz-infrastructure Goto Github PK

I have followed the Video to deploy the cluster on AWS. After updating variables.tf with GCP and AWS credentials.

My terraform version:

> terraform --version
Terraform v0.13.5
+ provider registry.terraform.io/hashicorp/aws v3.14.1

 terraform apply

Following Error Appears:

Error: error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.

Please see https://registry.terraform.io/providers/hashicorp/aws
for more information about providing credentials.

Error: NoCredentialProviders: no valid providers in chain. Deprecated.
	For verbose messaging see aws.Config.CredentialsChainVerboseErrors

Am I missing something ?

Thanks!

Hello Dave,

packer/jambonz-mini/scripts/install_nodejs.sh at a certain point does:

sudo chmod -R a+wx /root

This make the machine unreachable if login as root via ssh is the only way to reach the machine. /var/log/auth.log says:

Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys

rtp ami issue for linux header.txt

for last these it was working:Linux ip-172-31-29-233 5.10.0-23-cloud-amd64 #1 SMP Debian 5.10.179-1 (2023-05-12) x86_64 GNU/Linux
and current one is which is not working:
Linux ip-172-23-11-181 5.10.0-23-cloud-amd64 #1 SMP Debian 5.10.179-3 (2023-07-27) x86_64 GNU/Linux

@davehorton pls check these one its happening now..i have attached the log for reference.
I have also verified old ami from source list still facing same.

@davehorton Free switch getting Crashed sometime while doing Load Test for 500 Concurrent Calls on ASR Simulator & Google TTS shared the log with you of freeswitch as it was load test therefore not enabled debug login freeswitch

webrtc client is connected to SBC1 Using websocket and if an incoming call comes on SBC2 , this call need to be send to WebRTC registered user then call from SBC2 try to get diverted to SBC1 and on SBC1 give error Unauthorized and call does not connect to webrtc User.

JAMBONZ Authenticated Vulnerability Scan_15Aug23_8pm.zip

@davehorton kindly find the attached VA SCAN Report ,password share in personal.
Also i have done some research and found that nessus is not getting full version of debian which is 1.1.1n-0+deb11u5 therefore giving more vulnerability, i am checking that internally.
But we have two CVE-2023-3446 & CVE-2023-3817 which are related to medium bug and i have found its there in bookworm also when debian team will solve it no idea.
https://security-tracker.debian.org/tracker/CVE-2023-3446 & https://security-tracker.debian.org/tracker/CVE-2023-3817

You can refer below for more reference :
https://tracker.debian.org/pkg/openssl
https://security-tracker.debian.org/tracker/source-package/openssl
So please help closing these.

Hi,

Looks like a really interesting project, I'm trying to spin up a dev test deployment but it looks like the AMI's are only available in 'us-west-1' at the moment?

Not a problem for testing but I could not see anything in the docs.

Thanks

The latest builds for jbz are referencing the rc4 version while v0.8.3 is out.
packers should be updated to reflect this.

Hello Dave,

when install_freeswitch.sh tries to compile freeswitch at https://github.com/jambonz/jambonz-infrastructure/blob/main/packer/jambonz-mini/scripts/install_freeswitch.sh#L125 I get

making all mod_signalwire
make[4]: Entering directory '/usr/local/src/freeswitch/src/mod/applications/mod_signalwire'
Makefile:967: *** You must install libks to build mod_signalwire.  Stop.
make[4]: Leaving directory '/usr/local/src/freeswitch/src/mod/applications/mod_signalwire'
make[3]: *** [Makefile:712: mod_signalwire-all] Error 1

But apparently there is no trace of libks in the install_freeswitch.sh, what to do?

How it works for you/others?

Thanks

After rebuilding a new jambonz web+monitoring server instance, and updating the Cloudformation stack, all the data in the RDS database is reset to default when the new instance is launched.

This is very annoying on a production cluster since it wipes all the cpaas configuration.

In the jambonz-scalable-medium.yaml template, there should be a condition before running the "seeding database.." code block.

Hello Dave,

for install_freeswitch.sh and install_drachtio.sh there is an hardcoded -j4 for make commands.

This causes machines with a single core processor to go into an overhead and machines with more than 4 cores to go slowly than they can go.

The best solution is define a variable called NPROC into common (proposed into #27) in this way:

NPROC="$( nproc )"

and make arguments will be:

make -j"${NPROC}"

Thanks

HINT: if not broken, make install can also be parallelized as make install -j"${NPROC}"

AWS is phasing out support for Aurora MySQL Serverless version 5.6.10a (February 2023). The current upgrade path is version 5.7.mysql_aurora.2.08.3. This specific version still supports Aurora Serverless V1. MySQL version 5.7 gives us a community EOL of October 2023. Currently it's not supported to create a Autora MySQL Serverless V2 database with Cloudformation, so this is for now the best way to stay somewhat up to date.

The changes are going from engine "aurora" to "aurora-mysql" and the version goes from "5.6.10.a" to "5.7.mysql_aurora.2.08.3".

letsencrypt is a commonly-used cert provider and requires snapd for certbot.

We should have a packer script and whatever the GCP equivalent is of cloudformation so that we can build and launch a jambonz-mini on google cloud platform

expiry : 30 sec

first registered request with authentication successful make entry in radis with expiry time based on register expiry , after 30 sec in this case radis entry gets deleted. even the sip client send register ping it does not create new entry in radis , it creates entry after 180 sec. after 180 sec client has been challenged to registered , Any call comming before 180 sec are not connected to agent due 401 not found error. since no entry of user exist in radis

As recommended by AWS, Launch Templates are the preferred way when using EC2 Auto Scaling Groups. Instead of referencing the "AWS::AutoScaling::LaunchConfiguration" use the "AWS::EC2::LaunchTemplate". The code currently used for the Launch Configuration pretty much goes directy into the Launch Configuration "LaunchTemplateData" property.

The launch templates also support versioning which makes it easier updating the AMI or UserData without redeploying everything. Another benefit of versioning is that you can easily revert to a previous Launch Template.

As an examply the current CFN on the right and my take on the left.

This is to suggest a third AWS deployment configuration called jambonz-medium .
The goal is to limit the number of instances involved while making the version upgrades easier by sharing the database.
It is derived from jambonz-mini with the following changes:

• use autoscaling group
• use a shared RDS instance in place of the local mysql server
• use a shared Elasticache instance in place of the local redis server
• add an HTTPS Load Balancer in front of the WebServer, Homer and Grafana (which uses a SSL certificate managed by ACM)
• temporary disable fail2ban to avoid Load Balancer's failing healthcheks (should be improved)
• jambonz-monitoring server runs in its own instance (built from jambonz-scalabale-production)

This is the related PR: #58

jambonz-feature-server Version 0.8.4
v0.8.22

sbc-inbound version 0.8.3
v0.8.22

in out non prod we are facing one issue so
drachtio log.txt
sometime [4-5 days]call not connecting to one feature server and after restarting drachtio service its working fine.

i am only getting drachtio log on fs server and no log for pm2 and freeswitch...

Pls check once i have attached log of drachtio .

Status: Downloaded newer image for node:alpine
 ---> bb1fcdaff936
Step 2/14 : RUN apk update && apk add --no-cache python make g++
 ---> Running in 958ba0f95899
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
v3.14.3-43-gd011d60ecc [https://dl-cdn.alpinelinux.org/alpine/v3.14/main]
v3.14.3-41-g6391631eb3 [https://dl-cdn.alpinelinux.org/alpine/v3.14/community]
OK: 14942 distinct packages available
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
ERROR: unable to select packages:
  python (no such package):
    required by: world[python]
The command '/bin/sh -c apk update && apk add --no-cache python make g++' returned a non-zero code: 1
ERROR: Service 'webapp' failed to build : Build failed

I got pass that changing the python to python2 on webapp's Dockerfile

jambonz-infrastructure/docker/webapp/Dockerfile

RUN apk update && apk add --no-cache python2 make g++

should show Azure and AWS as well

To recreate: enable call recording on your account, make a call to 'hello-world' and wait to let jambonz hangup the call after saying the message.

3|jambonz-feature-server  | {"level":30,"time":1690993228390,"pid":153102,"hostname":"ip-172-20-10-69","callId":"4c7e596b-abf3-123c-9193-0e9252b57157","callSid":"82cc2aad-62b1-48e6-987c-f8fe909bf03d","accountSid":"55c0b573-da3e-4977-b568-fb546270f500","callingNumber":"+15083084809","calledNumber":"+17742529066","traceId":"e5aac5230bf7853752f80b793084acd3","msg":"CallSession:exec completed task #0:2: say"}
3|jambonz-feature-server  | {"level":30,"time":1690993228390,"pid":153102,"hostname":"ip-172-20-10-69","callId":"4c7e596b-abf3-123c-9193-0e9252b57157","callSid":"82cc2aad-62b1-48e6-987c-f8fe909bf03d","accountSid":"55c0b573-da3e-4977-b568-fb546270f500","callingNumber":"+15083084809","calledNumber":"+17742529066","traceId":"e5aac5230bf7853752f80b793084acd3","msg":"CallSession:exec all tasks complete"}
3|jambonz-feature-server  | {"level":30,"time":1690993228392,"pid":153102,"hostname":"ip-172-20-10-69","msg":"SessionTracker:remove callSid 82cc2aad-62b1-48e6-987c-f8fe909bf03d, we have 0 being tracked"}
3|jambonz-feature-server  | {"level":50,"time":1690993228393,"pid":153102,"hostname":"ip-172-20-10-69","callId":"4c7e596b-abf3-123c-9193-0e9252b57157","callSid":"82cc2aad-62b1-48e6-987c-f8fe909bf03d","accountSid":"55c0b573-da3e-4977-b568-fb546270f500","callingNumber":"+15083084809","calledNumber":"+17742529066","traceId":"e5aac5230bf7853752f80b793084acd3","err":{"type":"ClientClosedError","message":"The client is closed","stack":"ClientClosedError: The client is closed\n    at Client.dispatch (/home/admin/apps/jambonz-feature-server/node_modules/undici/lib/dispatcher-base.js:176:15)\n    at Client.request (/home/admin/apps/jambonz-feature-server/node_modules/undici/lib/api/api-request.js:170:10)\n    at /home/admin/apps/jambonz-feature-server/node_modules/undici/lib/api/api-request.js:163:15\n    at new Promise (<anonymous>)\n    at Client.request (/home/admin/apps/jambonz-feature-server/node_modules/undici/lib/api/api-request.js:162:12)\n    at HttpRequestor.request (/home/admin/apps/jambonz-feature-server/lib/utils/http-requestor.js:142:57)\n    at InboundCallSession.executeStatusCallback (/home/admin/apps/jambonz-feature-server/lib/session/call-session.js:1804:27)\n    at InboundCallSession._notifyCallStatusChange (/home/admin/apps/jambonz-feature-server/lib/session/call-session.js:1790:10)\n    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)","name":"ClientClosedError","code":"UND_ERR_CLOSED"},"baseUrl":"https://public-apps.jambonz.cloud","url":"https://public-apps.jambonz.cloud/call-status","msg":"web callback returned unexpected error"}
3|jambonz-feature-server  | {"level":30,"time":1690993228394,"pid":153102,"hostname":"ip-172-20-10-69","callId":"4c7e596b-abf3-123c-9193-0e9252b57157","callSid":"82cc2aad-62b1-48e6-987c-f8fe909bf03d","accountSid":"55c0b573-da3e-4977-b568-fb546270f500","callingNumber":"+15083084809","calledNumber":"+17742529066","traceId":"e5aac5230bf7853752f80b793084acd3","err":{"type":"ClientClosedError","message":"The client is closed","stack":"ClientClosedError: The client is closed\n    at Client.dispatch (/home/admin/apps/jambonz-feature-server/node_modules/undici/lib/dispatcher-base.js:176:15)\n    at Client.request (/home/admin/apps/jambonz-feature-server/node_modules/undici/lib/api/api-request.js:170:10)\n    at /home/admin/apps/jambonz-feature-server/node_modules/undici/lib/api/api-request.js:163:15\n    at new Promise (<anonymous>)\n    at Client.request (/home/admin/apps/jambonz-feature-server/node_modules/undici/lib/api/api-request.js:162:12)\n    at HttpRequestor.request (/home/admin/apps/jambonz-feature-server/lib/utils/http-requestor.js:142:57)\n    at InboundCallSession.executeStatusCallback (/home/admin/apps/jambonz-feature-server/lib/session/call-session.js:1804:27)\n    at InboundCallSession._notifyCallStatusChange (/home/admin/apps/jambonz-feature-server/lib/session/call-session.js:1790:10)\n    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)","name":"ClientClosedError","code":"UND_ERR_CLOSED"},"msg":"CallSession:_notifyCallStatusChange error sending completed undefined"}
3|jambonz-feature-server  | {"level":30,"time":1690993228433,"pid":153102,"hostname":"ip-172-20-10-69","callId":"4c7e596b-abf3-123c-9193-0e9252b57157","callSid":"82cc2aad-62b1-48e6-987c-f8fe909bf03d","accountSid":"55c0b573-da3e-4977-b568-fb546270f500","callingNumber":"+15083084809","calledNumber":"+17742529066","traceId":"e5aac5230bf7853752f80b793084acd3","msg":"CallSession:startBackgroundListen: listen completed"}

Hello Dave,

I noticed that there are a lot of git clone into install_freeswitch.sh but may apply to other scripts as well.

So, when you need to switch at specific commit with git checkout $HASH you need the whole history, but when you need the project at the latest commit you can use the option --depth 1 that avoids to fetch the entire history; here is an example:

ago@spectre /tmp/fs $ time git clone https://github.com/signalwire/freeswitch.git test1
Cloning into 'test1'...
remote: Enumerating objects: 318443, done.
remote: Counting objects: 100% (3/3), done.
remote: Compressing objects: 100% (3/3), done.
remote: Total 318443 (delta 0), reused 0 (delta 0), pack-reused 318440
Receiving objects: 100% (318443/318443), 129.80 MiB | 10.63 MiB/s, done.
Resolving deltas: 100% (248878/248878), done.

real    0m22,127s
user    0m30,149s
sys     0m2,748s



ago@spectre /tmp/fs $ time git clone --depth 1 https://github.com/signalwire/freeswitch.git test2
Cloning into 'test2'...
remote: Enumerating objects: 6978, done.
remote: Counting objects: 100% (6978/6978), done.
remote: Compressing objects: 100% (5477/5477), done.
remote: Total 6978 (delta 1628), reused 4199 (delta 1100), pack-reused 0
Receiving objects: 100% (6978/6978), 28.77 MiB | 6.36 MiB/s, done.
Resolving deltas: 100% (1628/1628), done.

real    0m7,583s
user    0m2,725s
sys     0m0,699s

I saved 15 seconds because of my great connection, but I guess I make people with bad connection more happy than ever.

Thanks

Get error on starting pm2 public-apps

3|public-a | Error: Cannot find module './dial-ivr'
3|public-a | Require stack:
3|public-a | - /home/admin/apps/public-apps/lib/routes/endpoints/index.js
3|public-a | - /home/admin/apps/public-apps/lib/routes/index.js
3|public-a | - /home/admin/apps/public-apps/app.js
3|public-a | at Module._resolveFilename (node:internal/modules/cjs/loader:1077:15)
3|public-a | at Hook._require.Module.require (/usr/lib/node_modules/pm2/node_modules/require-in-the-middle/index.js:81:25)
3|public-a | at require (node:internal/modules/cjs/helpers:110:18)
3|public-a | at Object. (/home/admin/apps/public-apps/lib/routes/endpoints/index.js:6:25)
3|public-a | at Module._compile (node:internal/modules/cjs/loader:1256:14)
3|public-a | at Module._extensions..js (node:internal/modules/cjs/loader:1310:10)
3|public-a | at Module.load (node:internal/modules/cjs/loader:1119:32)
3|public-a | at Module._load (node:internal/modules/cjs/loader:960:12)
3|public-a | at Module.require (node:internal/modules/cjs/loader:1143:19)
3|public-a | at Hook._require.Module.require (/usr/lib/node_modules/pm2/node_modules/require-in-the-middle/index.js:101:39) {
3|public-a | code: 'MODULE_NOT_FOUND',
3|public-a | requireStack: [
3|public-a | '/home/admin/apps/public-apps/lib/routes/endpoints/index.js',
3|public-a | '/home/admin/apps/public-apps/lib/routes/index.js',
3|public-a | '/home/admin/apps/public-apps/app.js'

Hello Dave,

I noticed that https://github.com/jambonz/jambonz-infrastructure/blob/main/packer/jambonz-mini/scripts/install_freeswitch.sh#L30 does:

git config --global pull.rebase true

In general, builds are not supposed to touch/edit user's preference or config, would be better find the git option to do the same thing without touching the .gitconfig file

Thanks

I'm currently trying to get the local docker setup for jambonz working, and running into a login error on the web app. Upon further inspection, it seems like nothing is running on port 3000, whereas the web app is trying to make a call to 127.0.0.1:3000/v1/login

Attaching a screenshot of the instantiation, any help would be much appreciated!

P.S. Thanks for putting this together! Undoubtedly one of the most well documented setup I've come along as it relates to calling / communications infrastructure.

Hello Dave,

when install_freeswitch.sh tries to compile freeswitch at https://github.com/jambonz/jambonz-infrastructure/blob/main/packer/jambonz-mini/scripts/install_freeswitch.sh#L125 I get:

making all mod_lua
make[4]: Entering directory '/usr/local/src/freeswitch/src/mod/languages/mod_lua'
  CXX      libluamod_la-mod_lua.lo
  CC       ../../../../libs/esl/src/mod_hash_la-esl.lo
  CCLD     mod_logfile.la
mod_lua.cpp:37:10: fatal error: lua.h: No such file or directory
 #include "lua.h"
          ^~~~~~~
compilation terminated.

I have bypassed this issue by passing LUA_CFLAGS to make in a way like:

LUA_CFLAGS="-I/usr/include/lua5.3"

but I'm wondering how it is working for you/others...

deleted

Hello Dave,

in the issue #26 I talked about die

If you think is a good idea, I think that it make no sense define die() for each script, instead let's put the die function into a file called common as packer/jambonz-mini/scripts/common and each script will source the common file at the beginning as:

source common

So this file will be a collection of functions that all scripts can share.

For example, if all scripts work with the /usr/local/src directory you can put into common something like

mkdir -p /usr/local/src
chmod 777 /usr/local/src

If only few scripts use /usr/local/src you can do:

assert_usr_local_src() {
    mkdir -p /usr/local/src
    chmod 777 /usr/local/src
}

and call in each script you need:

source common
assert_usr_local_src

Thanks

Hello there,

im trying to install the jambonz docker version. I have cloned "jambonz-infrastructure" and the "webapp" into /webapp folder. The docker starts without problems and the webapp is also accessible over IP:3001.

The Webpage only show: "Index of build/"

Does somebody know how to fix this?

The recent updates weren't quite enough, the docker-compose file is still using some deprecated applications

When standing up a new cluster you have to login to grafana & homer with their default passwords, if you forget, there is a security issue as anyone can login using default passwords.

Suggest using userscript to change passwords based on template,json variable

Hello Dave,

packer/jambonz-mini/scripts/install_drachtio.sh uses -DNDEBUG see

sip-transports.cpp:#ifdef DEBUG 

So to trigger the DEBUG in sip-transports.cpp the macro should be -DDEBUG

So since -DNDEBUG has it own scope, see https://en.cppreference.com/w/c/error/assert I'm wondering if it was just misconfused or the correct configuration is -DNDEBUG -DDEBUG

Followed the steps as mentioned in README

Using:
IaC Tool: Terraform
Region: us-east-2
Deployment: jambonz-devtest
Terraform Version and Provider Details:

Terraform v0.13.3
+ provider registry.terraform.io/hashicorp/aws v3.7.0
+ provider registry.terraform.io/hashicorp/null v2.1.2

Expected: Jambonz Infrastructure setup on AWS
Output on executing: terraform apply

data.aws_ami.jambonz-sbc-sip-rtp: Refreshing state...
data.aws_ami.jambonz-feature-server: Refreshing state...

Error: Your query returned no results. Please change your search criteria and try again.



Error: Your query returned no results. Please change your search criteria and try again.

Hello Dave,

when install_freeswitch.sh tries to compile freeswitch at https://github.com/jambonz/jambonz-infrastructure/blob/main/packer/jambonz-mini/scripts/install_freeswitch.sh#L125 I get (like #17)

  CCLD     test/test_image
/usr/bin/ld: cannot find -llua
collect2: error: ld returned 1 exit status
make[4]: *** [Makefile:945: test/test_mod_lua] Error 1
make[4]: *** Waiting for unfinished jobs....

I have bypassed this issue by passing LUA_LIBS to make in a way like:

LUA_LIBS="/usr/lib/x86_64-linux-gnu/liblua5.3.so"

but I'm wondering how it is working for you/others...

On AWS, at least in region eu-west-3 the packer images do not seem to have the default locale set to en_US.UTF-8
Resulting in this error message when one SSH into the instances:

-bash: warning: setlocale: LC_ALL: cannot change locale (en_US.UTF-8)

Hello Dave,

for now I'm looking at install_freeswitch.sh but the concept in the same for the other scripts.

The script basically executes a series of commands, but if one of them fails, the script goes ahead 'blindly'. A workaround for this issue can be define a function called die that looks at the exit code, see the following POC:

#!/bin/bash

die() {
        if [ "${?}" != "0" ]
        then
                test -n "${1}" && echo -ne "\n\n"${1}"\n\n"
                exit 1
        fi
}

echo "ciao" || die "failed to echo ciao"

run_non_existing_command || die "failed to run the run_non_existing_command"

So, while the code is simply, in short, the || die ensures that the exit code was 0, if not, it hangs immediately. If the die has an argument, then the message is printed, so you know at which command there was the failure.

What means in the practice?

For example, install_freeswitch.sh al line 31 (https://github.com/jambonz/jambonz-infrastructure/blob/main/packer/jambonz-mini/scripts/install_freeswitch.sh#L31), tries to cd into /usr/local/src but in the practice the wasn't an mkdir fo that directory, so it will become:

cd /usr/local/src || die "failed to cd into /usr/local/src"

Another example:

git clone https://github.com/signalwire/freeswitch.git -b ${FREESWITCH_VERSION}

will become:

git clone https://github.com/signalwire/freeswitch.git -b ${FREESWITCH_VERSION} || die "failed to clone freeswitch"

So, if when you are cloning freeswitch.git, you can't reach internet or github, you catch the issue.

The idea comes from here:
https://devmanual.gentoo.org/ebuild-writing/error-handling/index.html

Following https://blog.jambonz.org/deploying-jambonz-on-google-cloud, the jambonz-mini disk image gets produced, but on running it, Jambonz fails opaquely because there is no freeswitch binary in the disk image.

I think this is because configure.ac in /usr/src/freeswitch/libs/spandsp sets a PREREQ of autoconf2.71, but the requested GCP image is running Debian 5.10.179-1 which has autoconf2.69.

Will confirm and try to find a fix.

By default all traffic of SIP for port 5060/5061 to be blocked and allow only traffic which are part of Carrier ,

There can be two sets , one is ips from carriers and other list as global which has nothing to do with carrier , these ips can added to have registration users

Hello Dave,

from https://github.com/jambonz/jambonz-infrastructure/blob/main/packer/jambonz-mini/scripts/install_freeswitch.sh#L21 it looks like the SpeechSDK-Linux-1.23.0.tar.gz archive is expected to be in /tmp while there is no trace about the copy of that archive into /tmp so I get error, maybe:

cp ../files/SpeechSDK-Linux-1.23.0.tar.gz /tmp/

will fix the issue

Thanks

In the cloudformation script for scalable production the JAEGER_BASE_URL is invalid due to a typo.

JAEGER_BASE_URL: 'http://${MONITORING_SERVER_IP}::16686',

should be
JAEGER_BASE_URL: 'http://${MONITORING_SERVER_IP}:16686',

In addition to the existing support on AWS, it would be nice if out-of-the-box deployments were available for Google Cloud and Microsoft Azure.

For the single-instance deployment, @davehorton has identified that the following minimalistic procedural requirements would have to be met:

• Create a cloud machine image sufficient for supporting the demands of the Jambonz system (modify existing Packer scripts)?
• Modify – or create new – CloudFormation scripts to do the following:
  1. Maintain relevant config in realtime as needed for machine image deployment; and
  2. Create necessary network artifacts to guide security features.
  • For the latter, we could possibly use teraform.

As for the scalable cluster deployment, I am not so sure about this and may or may not be able to implement it, certainly not withut a relative if not significant amount of guidance. But this remains to be seen.

I am leaving this issue here hoping to give the developer community an idea of what is going on and would be very happy and greatful for any assistance in this regard.

Not sure if I'm doing something wrong but when I try to make a call the resulting webhook seems to be going to the registration URL.

I have tried adding a new application and assigning it to the account and even deleting all applications. I still see the INVITE payload hitting the register endpoint.

Thanks

currently the config for /etc/telegraf/telegraf.conf on the monitoring server is referencing https://influxdb:8086 as the endpoint for influx data.

this is incorrect and should be changed to either localhost /127.0.0.1 or the appropriate hostname of the machine.
the current cloud formations do not have this information.

[[outputs.influxdb]]
  urls = ["http://influxdb:8086/"] # required
  database = "telegraf" # required
  retention_policy = "autogen"
  write_consistency = "any"
  timeout = "5s"
  namedrop = ["hep*"]

[[outputs.influxdb]]
  urls = ["http://influxdb:8086/"] # required
  database = "homer" # required
  retention_policy = ""
  write_consistency = "any"
  timeout = "5s"
  namepass = ["hep*"]

Many enterprise customers prefer deploying products on the Enterprise version of OS.
hence its essential that Red Hat Enterprise 9.2 is support for Jambonz

Red Hat enterprise 9.2 - AMI ID : ami-026ebd4cfe2c043b2

https://aws.amazon.com/marketplace/pp/prodview-b5psjqk4f5f3k?sr=0-1&ref_=beagle&applicationId=AWSMPContessa#pdp-support

The jambonz-mini version 0.8.5-2 through AWS marketplace is failing to start up successfully.

Reproduction Steps
Follow steps in guide: https://blog.jambonz.org/installing-jambonz-using-aws-marketplace

• Selected 0.8.5-2 as the software version.
• Launched cloudformation template with all default parameters (see screenshot below)
• Waited 30 minutes (just to ensure all setup scripts run)
• Attempted to go to http://<myElasticIP> and got a 504 Gateway Timeout

Note: I ran through the exact same procedure for version 0.8.4-3 and was successfully able to get it running.

Cloudwatch Logs

I checked the Cloudwatch logs to compare between deployments. Both the successful 0.8.5-2 and 0.8.4-3 had these error logs but since both had them, it seems likely to simply be initial timeouts that were eventually retried (i.e. red herring)

From jambonz-api-server cloudwatch logs:

    at PoolConnection._handleTimeoutError (/home/admin/apps/jambonz-api-server/node_modules/mysql2/lib/connection.js:189:17)
    at listOnTimeout (node:internal/timers:569:17)
    at process.processTimers (node:internal/timers:512:7) {
  errorno: 'ETIMEDOUT',
  code: 'ETIMEDOUT',
  syscall: 'connect',
  fatal: true

From jambonz-feature_server cloudwatch logs:

Error: connect ETIMEDOUT
    at PoolConnection._handleTimeoutError (/home/admin/apps/jambonz-feature-server/node_modules/mysql2/lib/connection.js:189:17)
    at listOnTimeout (node:internal/timers:569:17)
    at process.processTimers (node:internal/timers:512:7) {
  errorno: 'ETIMEDOUT',
  code: 'ETIMEDOUT',
  syscall: 'connect',
  fatal: true

@davehorton as check with hoan unable to find JAMBONES_SBCS parameter in file jambonz-scalable-production.yaml
ecosystem sed script for feature server.. As these was not there in redis fs ently was not getting added after upgrade.