Elastix On Bhyve

freebsd elastix bhyve voip

Bhyve Preparation and Elastix Installation

Elastix requirements:
Minimum required RAM is 2 GB.
The minimum recommended virtual disk size of 30GB.

  1. Install FreeBSD 11.0
    You can also install FreeBSD 11.0 or any latest builds.
  2. Install Grub-emu loader for Bhyve
    We must install the “grub2-bhyve” port. This process is very time-consuming and needs user-interaction. But with some tricks, we can do it very easily:
    # cd /usr/ports/sysutils/grub2-bhyve
    # make install clean -DBATCH
    -DBATCH force port building process to not prompt you for confirmation and do it automatically.
  3. Hypervisor, Network and Storage Preparation
    # kldload vmm
    this command will load Bhyve kernel module or driver.
    # ifconfig tap0 create up
    this command creates a new interface and brings it up. # ifconfig bridge0 create up
    this command also creates a bridge and makes it up and ready.
    # ifconfig bridge0 addm em0
    this command adds em0(network interface) to bridge0
    # ifconfig bridge0 addm tap0
    this command adds tap0 to bridge0.
    # truncate -s 30G elastix.img
    this command creates a file with 30GB size.
  4. Prepare Elastix ISO
    # fetch https://excellmedia.dl.sourceforge.net/project/elastix/Elastix%20PBX%20Appliance%20Software/2.5.0/latest/Elastix-2.5.0-STABLE-x86_64-bin-08may2015.iso
    # mv Elastix-2.5.0-STABLE-x86_64-bin-08may2015.iso elastix.iso
    Create a elastix.map that grub will use to map the virtual devices to the files on the host system:
    # touch elastix.map
    # echo “(hd0) /root/elastix.img” » elastix.map
    # echo “(cd0) /root/elastix.iso” » elastix.map
  5. Boot Elastix Virtual Machine
    # grub-bhyve -m elastix.map -r cd0 -M 2048 elastix
    grub> linux (cd0)/isolinux/vmlinuz
    grub> initrd (cd0)/isolinux/initrd.img
    grub> boot
    # bhyve -A -H -P -s 0:0,hostbridge -s 1:0,lpc -s 2:0,virtio-net,tap0 -s 3:0,virtio-blk,elastix.img -s 4:0,ahci-cd,elastix.iso
    -l com1,stdio -c 2 -m 2048M elastix
    this command makes a virtual machine(elastix) with 2 cores CPU and 2G of ram.
    -H Yield the virtual CPU thread when an HLT instruction is detected. If this option is not specified, virtual CPUs will use
    100% of a host CPU.
    -A Generate ACPI tables that required foramd64 guests.
    -P Force the guest virtual CPU to exit when a PAUSE instruction is detected.
    other parameters define CDROM and HDD.
  6. Elastix installation
    You can install Elastix with the GUI wizard.

Elastix First Boot

After the installation of Elastix, the system will request a reboot. This reboot causes Bhyve to exit.
Issue these commands to boot Elastix again:
# bhyvectl –destroy –vm=elastix
# grub-bhyve -m elastix.map -r hd0,msdos1 -M 2048M elastix
linux (hd0,msdos1)/vmlinuz-2.6.18-371.1.2.el5 root=/dev/mapper/VolGroup00-LogVol00
initrd (hd0,msdos1)/initrd-2.6.18-371.1.2.el5.img
boot
# bhyve -A -H -P -s 0:0,hostbridge -s 1:0,lpc -s 2:0,virtio-net,tap0 -s 3:0,virtio-blk,elastix.img -l com1,stdio -c 2 -m 2048M elastix

Secret Sauce

As you can see, Elastix will boot and welcome will show us the IP address of Elastix web gui .However, this address doesn’t work (I gave elastix 192.168.1.20). Why?
IPTables (the Linux firewall) is running and you must stop it to communicate with Apache. So, issue the following command:
# service iptables stop
You can also create an iptables rule to bypass any port but in the virtual infrastructure, it’s better to use host firewalling and disable any guest firewall.
Now you can see the Elastix web GUI but something’s still wrong. Elastix doesn’t allow changing of the configuration.this is because of SELinux.
Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including the United States Department of Defense–style mandatory access controls (MAC).
SELinux is a set of kernel modifications and user-space tools that have been added to various Linux distributions. Its architecture strives to separate enforcement of security decisions from the security policy itself and streamlines the volume of software charged with security policy enforcement.
We have two solutions to this:

  1. Completely turning off SELinux
    at /etc/selinux/config. You need to change the SELINUX option to disabled like so:
    SELINUX=disabled
  2. Configuring SELinux to log warnings instead of block
    at /etc/selinux/config. You need to change the SELINUX option to permissive like so:
    SELINUX=permissive
    and then issue this:
    # setenforce 0
    And it’s done, Elastix is now up and running.

Make Config Persistence

  1. Create a file and name it vml:
    # touch vml

  2. Open vml with ee and Paste these commands to vml:

    #!/bin/sh
    . /etc/rc.subr
    name=vml
    rcvar=vml_enable
    start_cmd="${name}_start"
    stop_cmd=":"
    load_rc_config $name
    : ${vml_enable:=no}
    : ${vml_msg=“Nothing started.”}
    vml_start()
    {
    kldload vmm
    ifconfig tap0 create up
    ifconfig bridge0 create up
    ifconfig bridge0 addm em0
    ifconfig bridge0 addm tap0
    } run_rc_command “$1”

  3. Copy vm to /etc/rc.d
    # cp vml /etc/rc.d/

  4. Make it executable
    # chmod +x /etc/rc.d/vml

  5. Add vml script to /etc/rc.conf
    # echo ‘vml_enable=”YES”’ » /etc/rc.conf
    So after rebooting the host machine,vml script will initiate Bhyve config.
    You can get full edition at:
    https://bsdmag.org/download/bsd-magazine-building-pci-compliant-infrastructure-aws/
    Or:
    https://contents.meetbsd.ir/ebook/elastix_bhyve_bsdmag.pdf

enter image description here