Running Asterisk in the cloud with Amazon EC2

I have been sitting on a half post for a while now on setting up Asterisk on EC2 and then this past week someone else came out with a post on how to install Asterisk from scratch on EC2. I figured I would wrap up what I have since I take the path of installing Asterisk on VirtualBox first then converting that disk image to an AMI as I outlined a few weeks ago when I got serious about testing out the Asterisk on EC2 concept.

Reading over the comments on the Voxilla post you will see some concern about how cost effective putting Asterisk on EC2 would be. Even if the cost is an issue for normal use I think Asterisk on EC2 could work for bursts of outgoing calls or even temporary conferencing systems. Part of what I wanted to do was find the least resistant path to getting started so I went with Trixbox since it has a lot of tools pre-installed and support for Gizmo5 that was very easy to set up. The key with Gizmo5 is that it is cheap, works with Asterisk via SIP and you can have incoming calls for free from a land line so it is easy to test cheaply.

To start with I'll point out that the Voxilla guys have done what I'm about to go over here in a different way. A portion of what I do matches up with the Voxilla post but I'm using the AWS console. There is now even a Voxilla public AMI available for people who don't want to do anything but fire up an Asterisk node.

The steps for this install break down as follows:

Install Trixbox under VirtualBox

Start by installing Trixbox CE under VirtualBox. I'm currently using VirtualBox 2.1.4 but older versions will probably work equally as well. Grab the Trixbox CE ISO and create a 2G partition to do the install. Here is the VirtualBox configuration I used:

TrixBox VirtualBox configuration
(Click the image to see a larger version)

The install only takes a few minutes:

Installing TrixBox
(Click the image to see a larger version)

Then when you are done you should let it boot:

TrixBox login
(Click the image to see a larger version)

After doing the Trixbox install you should follow instructions to extract the image from the VDI and create as an AMI. You should end with a bootable AMI that will start TrixBox once you are finished.

Create a security group to allow Asterisk traffic

The following closely matches what the Voxilla article has except for the use of AWS Management Console everywhere. I'm not really concerned with having a static IP assigned to the node so I've skipped that part. Depending on how you want to use the system you may not need one at all.

Start by going into the "security groups" option off the main console page:

AWS Management Console security groups
(Click the image to see a larger version)

Create a new group that will contain the security rules. I've named mine "Trixbox":

AWS Management Console create security group
AWS Management Console security group detail

There are 5 rules that are needed. They are ssh, http, udp ports 10000 to 20000, tcp 5060 to 5061, and udp 5060 to 5060. Here is what my security group looks like:

AWS Management Console security group VOIP
(Click the image to see a larger version)

Note that in the above I'm opening everything up to the world for each entry but you probably want to restrict things more based on where the traffic will be coming from. At the very least if you open the http port to the world make sure to change all the default passwords.

Now you are ready to launch the instance. Find the "Launch Instances" button on the main console page:

AWS Management Console start instances

Find the AMI that was created from the TrixBox install:

AWS Management Console EC2 AMI selection
(Click the image to see a larger version)

Configure the instance for launch:

AWS Management Console EC2 instance configuration
(Click the image to see a larger version)

Notice that the advanced area is open and there is a specialized kernel (aki-9b00e5f2) that was selected. This is from the Voxilla article and the kernel has a higher frequency clock that makes audio lag less.

Once you have hit launch and the instance has started you should be able to ssh into it and verify that Asterisk is running if you wish. You can actually do all the configuration through the web interface so you don't have to log in if you have faith that everything started as it should.

Configure Asterisk with the web console

You should now be able to put the running instance name into your browser and bring up the web user console.

TrixBox user main
(Click the image to see a larger version)

There are a few initial changes that need to be made to get the box running smoothly so switch to maintenance mode by clicking the "maint" link on the top right. You will need to use the default username and password (see the TrixBox documentation):

TrixBox maintenance main
(Click the image to see a larger version)

Because the external IP is nated you will need to edit one of the configuration files to contain the external IP. Grab the external IP of your instance by pinging the hostname. From the main maintenance screen pick PBX then "Config file editor". Find the filename in the list of configuration files named "sip_general_custom.conf" and click it.

TrixBox SIP customization file

Put the following information in the entry box, remember to use the instance IP:

externip=<your instance ip here>
localnet=10.0.0.0/255.0.0.0 
nat=yes

TrixBox SIP NAT setup
(Click the image to see a larger version)

If you want to find out more about SIP and NAT then check out Asterisk SIP and NAT as well as Asterisk SIP externip.

Now you should have the NAT configuration working. One thing to take note of is that any change you make will require a reload of the Asterisk system. Don't worry though you still need to add extensions before anything is useful and you can reload after that.

Follow the FreePBX adding extensions guide to set up a few extensions.

I also went ahead and made one of the extensions the default inbound for testing:

TrixBox Inbound configuration

At this point you should be able to use a VOIP phone to connect to your node and access voicemail or call from one extension to another.

Use the web console to configure Gizmo5 support

At this point you could just use the system for VOIP calls between extensions but that wouldn't be much fun. You really need a VOIP gateway to be able to call out and get calls in. This is where Gizmo5 comes in. You will need a Gizmo5 account before you proceed.

The setup with Trixbox is just a few clicks. Go to PBX, Gizmo5 and then enter your Gizmo5 login information:

TrixBox Gizmo5 configuration
(Click the image to see a larger version)

After this you probably want to set up the outbound route:

TrixBox Gizmo5 outbound
(Click the image to see a larger version)

You can test the Gizmo5 integration by calling one of their free access numbers. You will first need to log in and get your Gizmo5 SIP number:

Gizmo5 SIP number
(Click the image to see a larger version)

Leave a Reply

Your email address will not be published. Required fields are marked *