Below, you find the instructions on how to add the Voice Gateway (VGW) node to the Kubernetes cluster.
All operations will be executed on VM1, unless an alternative is explicitly designated.
To install the Voice Gateway node, follow these steps:
-
On VM3, clone the repository:
-
Replace
{TAG_NAME}with one of available tags (to list all available tags, usegit tag):
git clone https://github.com/aipix-dev/aipix-deploy.git
cd ./aipix-deploy
git checkout {TAG_NAME}
cd kubernetes/k8s-onprem/
-
Install the Kubernetes base components:
./install_kube_base.sh
-
On VM1, get a registration token and URL:
kubeadm token create --print-join-command
###Examle token:
kubeadm join 192.168.205.164:6443 --token 3yeqrm.abnp3yof8vivcbge --discovery-token-ca-cert-hash sha256:b58cfd679a3bb49f444dfe4869fad5e19f4fba87f1d6ae5f20da06c60f51684e
-
Copy your token and apply it with
sudoon VM3:
###Example:
sudo kubeadm join 192.168.205.164:6443 --token 3yeqrm.abnp3yof8vivcbge --discovery-token-ca-cert-hash sha256:b58cfd679a3bb49f444dfe4869fad5e19f4fba87f1d6ae5f20da06c60f51684e
-
On VM1, check if the added node is with the Ready status:
kubectl get nodes
###Example output:
NAME STATUS ROLES AGE VERSION
k8s-single Ready control-plane 9d v1.28.2
k8s-single-analytics Ready <none> 3m28s v1.28.2
k8s-single-vgw Ready <none> 1m14s v1.28.2
-
Labelandtaintthe new node to be used only by Voice Gateway (replace the nodek8s-single-vgwname with your node name):
##Example:
kubectl taint nodes k8s-single-vgw vgw=true:NoSchedule
kubectl label nodes k8s-single-vgw vgw=true
Install an additional component on the Voice Gateway node
The Voice Gateway node necessitates an RTP proxy to proxy RTP traffic from the internet to the internal network with intercoms.
-
On VM3, install a specific kernel module to improve RTP processing:
sudo wget --user aipix --password aipix -q -O /usr/share/keyrings/vsaas-aipix.gpg https://download.aipix.ai/repository/gpg/vsaas-aipix.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/vsaas-aipix.gpg] https://download.aipix.ai/repository/deb-24.04 noble main" | sudo tee /etc/apt/sources.list.d/vsaas-aipix.list
echo "machine download.aipix.ai/repository login aipix password aipix" | sudo tee /etc/apt/auth.conf.d/download.aipix.ai.conf
Install ngcp-rtpengine:
sudo apt update
sudo apt install -y ngcp-rtpengine
-
Adjust
RTPENGINEparameters.
sed -i "s/\(port-min = \)\(.*\)/\120000/g" /etc/rtpengine/rtpengine.conf
sed -i "s/\(port-max = \)\(.*\)/\125000/g" /etc/rtpengine/rtpengine.conf
sed -i "s/^\(\[interface-default\]\)\(.*\)/#\1/g" /etc/rtpengine/rtpengine.conf
sed -i "s/^\(address = any\)\(.*\)/#\1/g" /etc/rtpengine/rtpengine.conf
OWN_EXT_IP=$(curl -s ifconfig.me)
OWN_IP=$(ip -4 addr show eth0 | grep "inet" | awk '{print $2}' | cut -d'/' -f1)
cat << EOF | sudo tee -a /etc/rtpengine/rtpengine.conf
[interface-internal]
address = ${OWN_IP}
port-min = 20000
port-max = 20999
[interface-external]
address = ${OWN_IP}
advertised = ${OWN_EXT_IP}
port-min = 21000
port-max = 21999
EOF
Check the configured interfaces:
vim /etc/rtpengine/rtpengine.conf
Pay attention to the address field in the sections [interface-internal] and [interface-external]. It should be equal to the local IP address.
Theadvertised value should be equal to the external IP at which the server is accessible from the Internet.
-
Allow nonlocal_bind:
cat <<EOF | sudo tee /etc/sysctl.d/99-rtpengine.conf
## allow RTPEngine to start and bind to non local IPv4 and IPv6 ##
net.ipv4.ip_nonlocal_bind=1
net.ipv6.ip_nonlocal_bind=1
EOF
sudo sysctl -f /etc/sysctl.d/99-rtpengine.conf
-
Reload service:
sudo systemctl restart ngcp-rtpengine-daemon.service
-
Check binding interfaces:
rtpengine-ctl get interfaces