Reference9:Concept Linux Application Platform

From innovaphone-wiki

Jump to: navigation, search
There are other versions of this article: Reference9 (this version) | Reference10

Contents

Introduction

The innovaphone Linux Application Platform permits to install innovaphone or custom applications for certain purposes, like Reporting or a Fax Server.
It also allows to backup/restore configuration files, uninstall applications or see and backup logs.

The Linux distribution Debian 6 (Squeeze) is used and linux kernel is 2.6.35.4.

The architecture of the platform is armel.

Requirements

There are two ways to use the innovaphone Linux Application Platform:

On an IPxx10 Gateway

  • An IP810, IP0010, IP3010 or IP6010 Gateway
  • Firmware Version 9
  • A compact flash card with UDMA support (minimum 4 GB)
    • We recommend SanDisk Extreme with UDMA and 90 MB/s or above

As a Virtual Machine

  • VMWare Player
  • VMWare Workstation
  • VMWare Server
  • VMWare vSphere

Installation

Download the latest Linux Application Platform from download.innovaphone.com .
You can download and install two different packages:

Default Credentials

  • Web/Webdav: admin/linux
  • Root-Login (e.g. with Putty): root/iplinux

Disk space usage after first time installation

IPxx10 Gateways

  • /dev/sda1: 32 MB (fat32 partition with kernel, which is started by the IPxx10)
  • /dev/sda2: 450 MB (ext2 initial installation partition)
  • /dev/sda3: 120 MB (swap partition)
  • /dev/sda4: 600 MB / xx GB depending of the size of the used CF card (ext4 partition, which is actually booted)
All in all about 1.2 GB are already in use after the initial installation.

VMWare

  • /dev/sda1: 665 MB (ext2 initial installation partition)
  • /dev/sda2: 120 MB (swap partition)
  • /dev/sda3: 680 MB / xx GB depending of your pre installation configuration (ext3 partition, which is actually booted)
All in all about 1.5 GB are already in use after the initial installation.

Linux Application Platform (IPxx10 Gateways)

It is recommended to use CF-Cards with sizes of 8GB or more and the card must support UDMA!

  • Enable Linux under Linux General.
 image:IPxx10_Linux_-_enable.png
  • Enable Proxy-ARP on ETH0 or ETH1 here
  • Decompress the downloaded package. You should have an image file like linux_ipxx10_armel.img now.
  • Upload the decompressed file over the gateways web interface under Reference9:General/Compact-Flash/Image . Unmount the CF card if necessary. Select "Part 1" before starting the upload!
 image:IPxx10_Linux_-_upload_image.png‎

Image:device_conf.jpg

  • Open the Linux Web Server to see the installation progress (which might take several minutes too). The default credentials are admin/linux for both platforms.

Image:installation.jpg

  • Enter the innovaphone device admin credentials when the installation has finished. Now wait until the page refrehses. The web server credentials are now the innovaphone device admin credentials, e.g. admin/ip6010.
    • If the device couldn't be reconfigured, you will get an error message Command line at the PBX could not be changed... In this case, you have to open Reference9:Linux/General on your device, click stop and enter root=/dev/sda4 under Kernel command line. Then start again. Your Linux webserver credentials will be admin/linux in this case.
  • Linux install has finished.
  • You will see now root=/dev/sda4 under Reference9:Linux/General since Linux is running in on the fourth partition. You shouldn't change that unless you want to install Linux again.

Linux Application Platform (VMWare)

  • Decompress the downloaded archive. You should have two files: IP-Debian.vmx and IP-Debian.vmdk.
  • We can open using Vmware Player/Workstation, if you wish to run on Vsphere 4.x or later please convert it by the same method it's done with the IPVA (see Using VMware vSphere)
  • Now you have two possibilities (example for VMWare Player, VMWare Workstation should be similar):
    • If you want to assign more than 4 GB disk space (8 GB since Hotfix 7):
      • Do not directly start/doubleclick the vmx file!
      • Start the VMware Player and Open the vmx file with Open a Virtual Machine.
      • Open Edit virtual machine settings.
      • Select the hard disk and Expand it under Utilities to the wished size.
      • Apply the change and klick Play virtual machine.
    • If 4 GB (8 GB since Hotfix 7) are enough, simply double click the vmx file and Linux will start.
  • The first time, a script will automatically configure a new partition, the web server etc., which will take some time. The waiting time depends on the CPU of the computer running the vmware player. In some cases the waiting time can be up to 30 minutes, in most cases the installation finishes in about 2-5 minutes.
  • In the meantime, fetch your IP from the VMWare Player screen or login as root and get your IP address with the command ifconfig.
  • Login to the web server to see the installation progress (it may take some minutes until the web server is up).
  • Linux will restart automatically after the first time installation has finished.
  • Linux install has finished.

Hotfix Installation

If you have already installed the latest version of the Linux Application Platform, simply download the Linux...HotfixIncremental for your platform (VM or IPxx10) or if you have missed some hotfixes, download the Linux...HotfixCumulative archive, which contains all hotfixes since hotfix1.

Upload this hotfix archive here.

Refreshing issue on installation

You might get a PHP error when the browser is refreshing during the installation. Just refresh (F5) the page and you'll get the installation progress again.

Static IP?

The Linux itself must be running in DHCP client mode to run properly. If you want to assign a static IP address, do it like this:

  • On an IPxx10: assign a static IP under Reference9:Linux/IP
  • On a VMWare: assign a static IP in your local DHCP server for your MAC address defined in the *.vmx file

Administration

General

Change the root credentials

Here you can change the credentials of the Linux root user.
Default password: iplinux

Configure Authenticated URLs

Configure credentials for authenticated URLs. These credentials will be used in automatic backups.
You can add/remove Urls with the + and - at the right side of the list.

Configure NTP server

Configures a NTP server.

  • NTP Server: the IP of the NTP Server

Change Timezone

Default is Europe/Berlin but you can change that to a valid timezone (an error is given if timezone not present).

Change postgresql admin password

If innovaphone Reporting is installed, you can configure another password for the postgres admin user.
Default password: postgres.

Web Server

We use lighttpd version 1.4.28. The linux web server user is www-data and group user also www-data. Root directory for the web-server is /var/www/innovaphone. This information is mainly relevant if you plan to develope custom applications and integrate them into linux application platform.

Default users and password for the different levels on the Linux application plattform (see figure below): image:Linux_Application_hierarki.PNG

Change web server properties and public access to the web/webdav

  • Force HTTPS: enables redirection for HTTP to HTTPS
  • Public Web Paths: these paths are not password protected, e.g. '/ap'
  • Public Webdav Paths: these webdav paths are not password protected, e.g. '/backup'
    • These paths are by default readonly. You can set the 'Write' flag to make the path also writable. This flag will be anyway ignored if credentials are provided.

Enter a single '/' for a public root directory. All sub directories and files will be also public then.
If you enter e.g. '/update/', the directory 'update' and all sub directories/files will be public.
If you enter e.g. '/update', only the directory 'update' and its files will be public.

Change the Linux web server credentials

Here you can change the credentials for Web Server access.

If running VMWare, default password is linux. If running IPXX10, password is the one entered at the end of first installation (admin password of the device where linux is running)

Change the Linux webdav access credentials

Here you can change the credentials for webdav access.

If running VMWare, default password is linux. If running IPXX10, password is the one entered at the end of first installation (admin password of the device where linux is running)

Change application access credentials

If you have installed an application, which has the lighttpd-auth property set in its configuration file, you can configure a separate user/password for the applications web site.
If you want to disable the separate authentication, leave the user field empty and enter the currently configured password. The authentication will be the same as the root web server authentication afterwards.
One can just login on the application web site with this access.

A configured access overrides a configured public web path to '/apps/application-name'!

Certificates

The current server certificate installed on the web server is shown here. A self signed certificate, innovaphone-linux, is installed by default. It is recommended to change it with your own certificate.

It is also possible to trust or reject other certificates.

Backup

The web server can be configured to poll a Command File URL (on a web server).
The backup process is similar to Reference9:Services/Update.

An alarm server can be also configured to receive alarms during an automatic backup: Alarm Server under Diagnostics .

At the bottom you will see a list of the current automatic backup serials from the Command File URL and the log of the last automatic backups.

Image:backup_restore.jpg

Command File

Example:

saveinnovaphonecfgs http://172.16.123.123/webdav/backup/cfgs-#i-#b10.tar.gz

The available default commands are:

saveinnovaphonecfgs

Saves all neccessary configuration files (no application specific files) as a tar gz archive (so you should use .tar.gz as ending).

saveinnovaphonelogs

Saves all available (also application related) log files as a tar gz archive (so you should use .tar.gz as ending).

times

Executes the following command(s) only, if the specified time matches and only once per hour (independent of poll timeout value).
Example:

# both commands always executed
saveinnovaphonelogs http://xxx.xxx.xxx.xxx.xxx/webdav/backup/linux-logs-#i-#m-#b10.tar.gz <br>
saveinnovaphonecfgs http://xxx.xxx.xxx.xxx.xxx/webdav/backup/linux-cfg-#i-#m-#b10.tar.gz <br>
# commands only from monday till saturday at 10am and 11am executed. 
times day:1,2,3,4,5 hour:10,11 
saveinnovaphone-reportingcfgs http://xxx.xxx.xxx.xxx.xxx/webdav/backup/linux-innovaphone-reporting-cfgs-#i-#d-#b10.tar.gz <br>
saveinnovaphone-reportinglogs http://xxx.xxx.xxx.xxx.xxx/webdav/backup/linux-innovaphone-reporting-logs-#i-#d-#b10.tar.gz <br>
# commands only Saturdays and Sundays at 00am executed. 
times day:6,7 hour:00 
saveinnovaphone-reportingcfgs http://xxx.xxx.xxx.xxx.xxx/webdav/backup/linux-innovaphone-reporting-cfgs-#i-#d-#b10.tar.gz <br>
saveinnovaphone-reportinglogs http://xxx.xxx.xxx.xxx.xxx/webdav/backup/linux-innovaphone-reporting-logs-#i-#d-#b10.tar.gz <br>
  • day goes from 1 (Monday) to 7 (Sunday).
  • hour goes from 00 to 23.

You can specify multiple times commands to override the last one.

Backup file name macros

You can use some macros for the backup filename:

  • #i - will be replaced with the current IP address
  • #m - will be replaced with the current MAC address
  • #d - will be replaced with date/time in format Ymd-His (20110231-111010)
  • #bxx - will be replaced with the current backup index, whilst xx is the maximum index

Save configuration files/data

Open this link to see all available files/data/logs to download them manually.

Password files for web server authentication won't be saved!

Restore configuration files/data

Open this link to restore all available files/data.

Password files for web server authentication won't be restored!

Mails

The Application Platform contains a mail client which speaks smtp (mutt+sendmail). This is used by default.
Mail could be also configured to send mails via an external server (smtp relay).

Image:smtp.png

Applications

List

A list of all currently installed applications.
If an application has an own web interface, you can reach it by using the application name link.

Uninstall

Use the uninstall link in the list to uninstall an application.

Upload/Update

Here all new applications, application updates and application platform updates are installed.
After uploading the file, the installation will start automatically and the installation process will be shown. The page refreshes until the installation has finished.

Diagnostics

Logs

Here you can view, download or clear the available log files from the application platform or from installed applications.
You can also download all log files at once (this archiv also contains older versions from the log files).

RPCAP

Enable/disable RPCAP for use with Wireshark.
A link will be displayed, which you can use within Wireshark.

Alarm Server

Configure an innovaphone device as alarm server:

  • ip: IP address of the innovaphone device
  • [port]
  • [user]: user for authentication to the alarm server
  • [password]
  • [https]: use https to send the alarm

Options in [] are optional.

Alarms from installed applications or the application platform itself will be sent to this configured server.

Status

View the disk usage.

Reset

IPxx10

Shutdown the application platform. You'll have to restart it over the IPxx10 gateway.

VMWare

Shutdown the application platform or reboot it.

Status PHP script

http://LinuxAP/status.php returns a xml file containing the output from the following linux commands:

  • df -H
  • free -h
  • uptime
  • ps -wwweo pid,lstart,time,etime,pcpu,pmem,rsz,vsz,args
  • ss -A inet -ap
  • top -b -n 1

Use as Log or Alarm Server

You can use the application platform as a server for innovaphone logs.
Configure Local-AP(-s)/Remote-AP(-s) on Reference9:Services/Logging.
The following scripts are used to retrieve the logs/alarms:

  • logs: /ap/log.fcgi
  • alarms: /ap/alarm.fcgi

So you can make the path /ap public on the Linux Web Server or you configure an authenticated URL for these files/this path on your innovaphone gateway.

If you configure an authenticated URL, don't forget to configure port 80 or port 443 for secure transport (Remote-AP-S) like
https://111.111.111.111:443/ap or http://111.111.111.111:80/ap

Use as File/VM-Server

You can use the application platform as file server, e.g. for udpate scripts, voicemail etc.
You can access the server with a webdav client via http(s)://Linux-IP/webdav

Public access to certain paths etc. can be configured under the web server configuration.

Keep in mind that the Linux Filesystem(ext3) is case sensetive. The PBX will always search for lowercase letters. If you name your file ‘greetings.G711A’ it won’t be found. You have to name the file ‘greetings.g711a’.

Enable further Tracing

There are different trace options, which can be enabled by calling a certain php script:

https://LINUX-IP/trace.php?level=63

The level is calculated by the addition of one or multiple of the following trace options:

Option To add
TRACE_STD 1
TRACE_DB 2
TRACE_TIME 4
TRACE_CALL_FLOW_TOTAL 8
TRACE_CALL_FLOW 16
TRACE_PARSE_CFG 32


So currently all trace options are enabled with the level 63.

Appendix

Creating own applications

See Reference9:Concept Linux Application

Tools

NetDrive

NetDrive is a usefull webdav client, which can be used to access webdav of the innovaphone application platform.

Putty

Putty is SSH client to connect to the linux application platform.

Manual Debian Upgrade

If you have installed one of our upgrade hotfixes and you had installed packages, which weren't included in innovaphone applications, the upgrade of some packages might have failed. You will see a warning message on your application platform. Something like:

The following packages couldn't be upgraded due to missing dependencies: php5-cgi php5-cli
Take a look at our wiki to see, what you have to do now!

Now you have to perfom some actions yourself:

  • make sure, your Linux Application Platform has internet access
  • login with a terminal client like Putty
  • start 'apt-get update'
  • start 'apt-get install php5-cgi php5-cli' (list the packages of the warning message)
  • delete the file /var/www/innovaphone/log/missing_packages.log to clear the warning message:
    • rm /var/www/innovaphone/log/missing_packages.log

Your installation should be now up to date again.

Configuring a new Kernel

If you have installed a hotfix with a new kernel, you will see a warning message on your application platform. Something like:

You're not running the latest kernel Image-6010-3.4.10!
Take a look at our wiki to see, what you have to do now!

To change to the new kernel, you have to reconfigure something on your device, where the CF card is plugged in.

Alarms of the Application Platform

If you have configured an Alarm Server, you will receive certain alarms.
Currently, the following alarms exist:

  • Disk Usage >= 90%
  • Alarms for the innovaphone Reporting Application, if installed
  • Alarms for the innovaphone Exchange Calendar Connector Application, if installed
  • Alarms for the innovaphone Faxserver Application, if installed

Configure apt-get update with proxy server

For setting the proxy server, declare the file : /etc/apt/apt.cond.d/01proxy

With this following line:

Acquire::http::Proxy "http://mylogin:mypass@ip-of-my-proxy:port";

Known Issues

Separate authentication for innovaphone applications

If you configured a separate authentication, it depends on the used browser, whether you have to re-authenticate on switching between the root web and the innovaphone application web access or not.

Refreshing issue on hotfix installation

See here.

Kernel Update in VM Platform

The installation of a new kernel fails and this process leaves the system unstable, not being able to install any more debian packages. Hotfix installations will probably fail.

IP810 with Linux Application Platform V1 hotfix 11 or previous

If a Linux Application Platform V1 hotfix 11 or previous is installed, an innovaphone firmware V9 hotfix 20 or later can not be used on the IP810. It is necessary to update the Linux Application Platform to V1 hotfix 12 or later first before updating the innovaphone firmware. The LAP V1 hotfix 12 installs a new Linux kernel which is necessary for the IP810 with the latest firmware.

Outdated packages? Debian Upgrade?

From time to time we will deliver upgraded debian packages with a new hotfix. As we have to insure compatibility with our applications, we won't perform an upgrade for each hotfix!

Don't use more than one blank in your update script

If your script looks like this you will get an error message

Backup saveinnovaphone-reportingdb failed: curl: (6) Couldn't resolve host 'innovaphone-reporting_xx.xx.xx.xx.gz'
saveinnovaphone-faxservercfgs http://xx.xx.xx.xx/webdav/backup/backup-app-fax-cfgs-#d-#b14.tar.gz <br>
saveinnovaphone-reportingcfgs http://xx.xx.xx.xx/webdav/backup/backup-app-reporting-cfgs-#d-#b14.tar.gz <br>
saveinnovaphone-reportingdb   http://xx.xx.xx.xx/webdav/backup/backup-app-reporting-database-#d-#b14.tar.gz <br>
saveinnovaphonecfgs           http://xx.xx.xx.xx/webdav/backup/backup-cfgs-#d-#b14.tar.gz <br>

it has to look like this script, without the blanks:

saveinnovaphone-faxservercfgs http://xx.xx.xx.xx/webdav/backup/backup-app-fax-cfgs-#d-#b14.tar.gz <br>
saveinnovaphone-reportingcfgs http://xx.xx.xx.xx/webdav/backup/backup-app-reporting-cfgs-#d-#b14.tar.gz <br>
saveinnovaphone-reportingdb http://xx.xx.xx.xx/webdav/backup/backup-app-reporting-database-#d-#b14.tar.gz <br>
saveinnovaphonecfgs http://xx.xx.xx.xx/webdav/backup/backup-cfgs-#d-#b14.tar.gz <br>
Personal tools