AWS deployment guide

Full installation guide for MikoPBX using AWS

To follow the instructions, install the Amazon Command Line Utility by opening Terminal and entering the following command

curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "AWSCLIV2.pkg" 
sudo installer -pkg AWSCLIV2.pkg -target /

Let's get started with the setup

For quick and convenient navigation within the Amazon service, use the search panel

Copying access keys

Go to your account
From the dropdown menu, select Security credentials

If you don't have an access key, do the following

Under the Access keys table, select Create access key
Copy the Access key and Secret access key

If you already have an access key, simply copy the Access key and Secret access key

Creating a bucket

Open Services / Storage / S3
On the tab select Create bucket
Enter a unique bucket name

Use default values for other fields
After entering the values, click Create bucket

Open the created bucket and select Upload
On the opened tab select Add files
Upload the file from the MikoPBX distribution with the .raw extension
Click Upload
Wait for the file to finish uploading

Adding permissions and attaching policies

If not done previously for this cloud

Create a separate folder for files on your computer
Create a file named trust-policy.json in the folder
1. Open Terminal and navigate to the created folder
2. Run the command vi trust-policy.json
3. Enter editing mode by pressing i and paste the text
4. Press ESC and type :wq to save the file

vi trust-policy.json

{
"Version": "2012-10-17",
    "Statement":
    [
        {
            "Effect": "Allow",
            "Principal": { "Service": "vmie.amazonaws.com" },
            "Action": "sts:AssumeRole",
            "Condition": {
                "StringEquals":{"sts:Externalid": "vmimport"}
            }
        }
    ]
}

Similarly, create a file named role-policy.json and change the bucket name value in the text to the name of your created bucket

{
    "Version":"2012-10-17",
    "Statement":
    [
        {
        "Effect": "Allow",
        "Action": [
            "s3:GetBucketLocation",
            "s3:GetObject",
            "s3:ListBucket"
            ],
        "Resource": [
            "arn:aws:s3:::",
            "arn:aws:s3:::/*"
            ]
        },
        {
        "Effect": "Allow",
        "Action": [
            "ec2:ModifySnapshotAttribute",
            "ec2:CopySnapshot",
            "ec2:RegisterImage",
            "ec2:Describe*"
        ],
        "Resource": "*"
        }
    ]
}

Similarly, create a file named import-image.sh, change the DEFAULT_BUCKET parameter value to the name of your created bucket and the DEFAULT_IMAGE parameter value to the name of the image uploaded to the bucket

#!/bin/bash

# Default variable definition
DEFAULT_IMAGE=""
DEFAULT_BUCKET=""
DEFAULT_DESCRIPTION="MikoPBX the best open source PBX on asterisk"
DEFAULT_NAME="MikoPBX 2024.1.40-dev"

# Overriding variables with environment variable values, if set
IMAGE="${IMAGE:-$DEFAULT_IMAGE}"
BUCKET="${BUCKET:-$DEFAULT_BUCKET}"
DESCRIPTION="${DESCRIPTION:-$DEFAULT_DESCRIPTION}"
NAME="${NAME:-$DEFAULT_NAME}"

# JSON file for import-snapshot command
JSON_FILE="disk_container.json"

# Creating JSON file
cat <<EOF> ${JSON_FILE}
{
  "Description": "${DESCRIPTION} image",
  "Format": "raw",
  "UserBucket": {
	"S3Bucket": "${BUCKET}",
	"S3Key": "${IMAGE}"
  }
}
EOF

# Importing the snapshot
IMPORT_TASK_ID=$(aws ec2 import-snapshot --description "${DESCRIPTION} image" --disk-container "file://${JSON_FILE}" --query 'ImportTaskId' --output text)

echo "Import task started with ID: $IMPORT_TASK_ID"

# Waiting for snapshot import to complete
while true; do
	STATUS=$(aws ec2 describe-import-snapshot-tasks --import-task-ids $IMPORT_TASK_ID --query 'ImportSnapshotTasks[0].SnapshotTaskDetail.Status' --output text)
	echo "Current status: $STATUS"
	if [ "$STATUS" == "completed" ]; then
		break
	fi
	sleep 30
done

# Getting SnapshotId
SNAPSHOT_ID=$(aws ec2 describe-import-snapshot-tasks --import-task-ids $IMPORT_TASK_ID --query 'ImportSnapshotTasks[0].SnapshotTaskDetail.SnapshotId' --output text)

# Registering AMI
AMI_ID=$(aws ec2 register-image \
	  --name "$NAME" \
	  --description "$DESCRIPTION" \
	  --architecture x86_64 \
	  --sriov-net-support simple \
	  --virtualization-type paravirtual \
	  --ena-support \
	  --boot-mode legacy-bios \
	  --root-device-name "/dev/sda1" \
	  --block-device-mappings "[{\"DeviceName\": \"/dev/sda1\", \"Ebs\":{\"DeleteOnTermination\":true, \"VolumeSize\":1, \"SnapshotId\":\"$SNAPSHOT_ID\"}}, {\"DeviceName\": \"/dev/sdb\", \"Ebs\":{\"VolumeSize\":50}}]" \
	  --query 'ImageId' \
	  --output text)

echo "AMI created with ID: $AMI_ID"

Run the command aws configure, specify the region and copied Access key and Secret access key

aws configure

Run the command

aws iam create-role --role-name vmimport --assume-role-policy-document "file://trust-policy.json"

Run the command

aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document "file://role-policy.json"

Run the command

sh import-image.sh

If the command executes successfully, a unique AMI identifier will be generated

Creating a virtual machine

Open Services / Compute / EC2 and navigate to Images / AMIs
Select the created image and click Launch an instance from AMI to create a virtual machine

Enter the virtual machine name, for example mikopbx-vm

Specify the instance type - t3.micro

If you have an SSH key

Specify the SSH key in the Key pair field

If you don't have an SSH key

Select Create new key pair and specify the key pair name, for example mikopbx_key

Follow the instructions further

In the Network settings section, check Allow SSH traffic and Allow HTTPS traffic

To deploy the PBX use two disks:

A 1 Gb disk for the main system
A 50+ Gb disk for storing call recordings

If necessary, change the size of the storage disk in Configure storage, default size is 50Gb

For other fields use default values
Click Launch instance

Starting MikoPBX

Go to the created virtual machine mikopbx-vm
On the opened tab, select Connect / EC2 serial console, wait for the system to fully load until the authentication parameters are displayed

Copy the external address of the created virtual machine and enter it in the browser's address bar
Use the login and password provided in EC2 serial console for login