Press "Enter" to skip to content

Deploying Pexip Infinity in Google Cloud Platform – GCP

GrahamWalsh 0

So since version 16 of Pexip Infinity, it has supported deployments in GCP.  The one nice thing about GCP is that the data centres are connected to each other, so you can do a global deployment without having to spin up your own VPNs and pay extra for them.

Anyway, onto the deployment. The official docs are here from Pexip https://docs.pexip.com/admin/gcp_guidelines.htm.

With GCP, you can get $200 of free credit to test it out, so you can sign up with say your Google account that you may already have.

Step 1 – Sign in/register for GCP

Navigate to https://console.cloud.google.com

Step 2 – Create a new project

Step 3 – Name your project

And select Create.  You will then see it create your new project in the top right hand side

And you can click on that to see the status

Step 4 – Create Firewall Rules

Navigate on the left hand side menu and VPC Network and then Firewall Rules

Click on default-allow-internal to edit this and then click Edit.

In the editing page, add esp to the allow protocols and click Save.  So it should look like this:

tcp:0-65535; udp:0-65535; icmp” to “tcp:0-65535; udp:0-65535; icmp; esp

Then create three new rules, pexip manager, pexip provisioning and pexip conferencing.  Crete a new rule and enter the details as highlighted below and click create.

Pexip Management

In the source IP range, you can limit this to your network, or leave it open so you can access it from anywhere.

Pexip Provisioning

As above, decide on the Source IP if you want to limit access.

Finally, add another rule for the Pexip conferencing node

For this rule, the Source IP will need to be open, 0.0.0.0/0 so that the conferencing node is available to everyone when doing video calls.  The ports are required are:

tcp:80; tcp:443; tcp:1720; tcp:5060; tcp:5061; tcp:33000-39999; tcp:40000-49999; udp:1719; udp:33000-39999; udp:40000-49999

Final overview of the new rules

Step 5 – Download the Pexip Management Node & Conference Node Images

You can download the latest release from here. Make sure you use the latest version that is available on the Pexip download site.

Step 6 – Upload the Images to your GCP Platform

Navigate to Storage > Browser on the left hand side to upload the files

Then Create Bucket and give it a name and select Create

Next click on Upload Files

Select your file that was downloaded

The file will start uploading.  You can then upload the conferencing node at the same time as you are allowed to upload multiple items.

Once the files are uploaded, you will see your images uploaded and ready.

Step 7 – Creating the Virtual Machines

Now we need to navigate to Compute > Compute Engine > Images

Now click on Create Image

Then enter a name for the VM and set the source as cloud storage file and choose browse.

Now browse for the appropriate file relating to the VM you want to create, it is always good do the management node first.

Once selected, then select Create.

Now do the same for the conferencing node image.

Now you will have your two images ready to build the actual Virtual Machines.

Step 8 – Creating the Virtual Machines

Now navigate Compute > Compute Engine and select VM instances and select + Create Instance from the top.

Click Create on the pop up.

Now give the VM a name, select your region and zone.  For the management node, 2 vCPUs is fine.  Then select Change under Boot Disk.

Now select Custom Images and select the Pexip management node that was uploaded to your bucket. For a lab/POC, you can use the standard persistent disk.  if going into a production environment, I would recommend SSD disk, so the logs etc can be accessed quicker.

Next select Management, disks, networking, SSH Keys to expand that section.

Insert the network tag that matches what you created earlier and then click on network interface to expand that section.

Select Ephemeral under the External IP section to expand the selection.

And select Create IP Address

Just type in a name for your IP address and select Reserve.

Finally, click Done.

We now need to create SSH keys to access the platform securely once it has booted up

Click on project wide SSH Keys and you can use this guide to create a SSH key for your deployment, depending on what OS you are using

Then create the key as per the guide.

Once you’ve created your key, you need to find it and paste the contents of the .pub file into the box (just open it in a text editor).

Then click Create once you’ve pasted it in.

Step 9 – Initial Pexip Infinity Configuration

Once the VM has started up, you can now SSH into it to carry out the basic config. To do this, you will need your private key to authenticate it.  For me, on a Mac, I use ssh -i (drag in the private key) admin@IP.  You will then be asked for your private key password.

On your first time that you login to Pexip Infinity, you will be asked to create a password and confirm it again

Once logged in, you can now provide the basic networking details.  Most of the defaults will be populated in [brackets] so you can just press enter to accept the default detected.  If you want to check the Default Gateway, you can do that here.

ItemValue
IP AddressIPv4 Address (use default value)
Subnet MaskUse default value
GatewayUse default value
HostnameHostname of the management node
Domain suffixDomain name
DNS ServersUse default value unless you have a private network with DNS
NTP ServersUse default value unless you have a private network with NTP servers
Web UsernameDefault username of the local user account
Web PasswordEnter a password that will be used for this web account
Confirm passwordEnter the password again
Incident ReportingThis is optional. If enabled, it will send a crash alert to Pexip and they will then request a snapshot of the platform to see what might have gone wrong.
Deployment & Usage StatsThese are anonymous stats sent to Pexip on what protocols are in use etc.
Details needed to initialise a Pexip deployment

Once you have completed the wizard, the management node will then reboot. You can test out connectivity within five minutes by browsing to the public IP address of the management node and using your new credentials.

Step 10 – Creating the Conference Node VM Instance

Next up we need to create the conferencing node VM, this is the guy that does all the transcoding of media. Same as previously, give it a name, select the region and zone.

This time we need a more powerful server, so the minimum recommended is 8 vCPUs

Add in the tag of pexip-provisioning too so you can upload the config to this VM over port 8443.  Also create a public IP too.

Then you can add in the same SSH key and then click Create

Once the VM has been created, you should see both VMs running now with their Public IP Addresses.

You can now log into the management node again.

Step 11 – Creating the conference node

Once logged into the management node, navigate to Platform Configuration > Conferencing Nodes and then click on Add Conferencing Node.

In the Deployment Type, select Generic as we will apply the configuration to the vanilla conference node we have spun up.

Now fill in the areas highlighted, using the details from the VM in GCP for the IP addressing details.

Next we need to add a System Location. Click on the + and then fill in the details as shown below.

For the SIP TLS FQDN, this is the FQDN of this conference node.  Also add in the Public IP address of the Conferencing Node in the Static NAT address box. Also enter a password, so that you can SSH into the conference node if directed by Pexip support.  Then click Finish.

On the next page, Download the config to your local machine.  This is just a XML config file.

Now browse to the IP address of your conference node on port 8443 and you will be presented with a very simple page.  Click on Choose file and select you downloaded XML file and then choose Upload.  The server will take the config and reboot.

Step 12 – Checking the Conferencing Node Status

The way Pexip works, is that the management node and conference node check in with each other.  If they are not able to speak, then it’s usually a firewall issue blocking the following:

Any internal firewalls must be configured to allow UDP port 500 and traffic using IP protocol 50 (ESP) in both directions between all Pexip nodes.

If everything is ok, then the conference node will book and check in.  You can see this in the Administrator log.

If you browse to Administrator log, you will see Started performance sampling.  This means two things.  You have configured the firewall correctly and that the conference node is now doing a sample to see what capabilities it has in terms of the number of HD calls available based on the underlying CPU architecture.

Once this is finished, you will see the output if you refresh the screen.

Now if you head back to home screen, Live View, you will see a happy conference node.

Step 13 – Making a test call

Pexip Infinity has a built in Test call service.  You can see the settings under Service Configuration > Test Call Service

You can then add other alias such as testcall, or just test etc.  I have added in the full SIP URI so that it can be called from any SIP device.

Then click save and wait one minute for it to apply the changes.  Any changes you make in Pexip, you must allow one minute.

Now you can navigate to the IP address of the conference node and you will be presented with a first time welcome screen asking for your name and access to your camera and microphone.

 

 

 

You will know of that has worked as you will see your local preview.

 

Now press the Call button and type in testcall (one of the alias’s created earlier).

As you will see below, I have a successful call as I can hear the audio error and I can see the invalid license image.  If the platform was licensed, I would get a three step process of checking my audio and video.

Step 14 – Setting the SIP TLS FQDN

This is required when using the Pexip platform and integrating with say Skype for Business.  Navigate to Platform Configuration > Global Settings and then in Pexip Infinity domain (for Lync/Skype for Business integration) enter your SIP domain you are using for your Pexip deployment such as vc.company.com.

 

There you have it, you have a completed Pexip Infinity deployment in the Google Cloud.  In the next blog post, I will detail how to get a public SSL certificate for 90 days for free from ssl.com so that you can fully test the platform.

 


Also published on Medium.

2783total visits,7visits today

Show Buttons
Hide Buttons