Telium Support Group

We include the installation manual in the download package. Untar the HAast package you just downloaded and look in the /docs folder. You will see a file called detailed_installation_guide.pdf

The installation guide is over 100 pages in length, and takes you through all of the steps required to get HAast up and running.

Yes. HAast fully supports containers. Normally HAast will run inside the container with Asterisk; however, we have seen deployments where HAast runs on the host and starts a container (containing Asterisk) on demand.

If this is you first exposure to HAast we recommend installing HAast inside the container with Asterisk (and optionally a GUI).

Note: Due to excessive support incidents helping customers understand and setup containers, Telium has removed support for this topic.  Customers are welcome to use containers, but the technical support team cannot answer questions about their setup, configuration, or use.

I completely understand your frustration. However, even though you have been in discussions with your CUSTOMER for 6 months you have not included Telium in your plans (you did not give TELIUM 6 months lead time, you gave us 2 weeks). The equipment you ordered today must be shipped to us internationally, setup and tested, and then shipped to you. Our professional services staff (project engineers) staff are usually booked weeks ahead.

In the future you may wish to involve Telium in the process earlier, order equipment further in advance, and book Telium engineering time further in advance. We also recommend a 60 day burn-in period for all hardware before deployment (particularly for emergency services or mission critical systems). We are happy to do this for you, but this adds even more lead time to the project. Our VARs and integrators typically schedule projects to go live at least 90 days out to account for all of the lead times and uncertainties involved in a project. Giving Telium 2 weeks notice is just too short for what you are asking. In fairness the frustration you are experiencing is not because of Telium; it’s because something has gone wrong in the project plan well before you placed the order with Telium.

You are always welcome to contact your account manager, or escalate to our VP Engineering or VP Sales for help. We try very hard to exceed the expectations of our customers (and we have a stellar reputation to prove it). We will always do whatever we can to help.

The standard in Linux is to leave credentials in plain text config files, and then protect the files using file permissions (owner/group/world).

However, we realize there are some cases where even the administrator should not be aware of certain credentials so HAast includes a “key chain” feature where HAast can store certain configuration values in an encrypted file (called a keychain). Once a key (comprised of a name and value) has been added to the keychain its value cannot be viewed by the user; it can only be referenced by its name.

To use a keychain entry in the config file replace the value with the key name prefixed with @. For example, if the config file contains:

[peerlink]
secret=”MySecretPassword”

It could be replaced with

[peerlink]
secret=@PeerLinkSecret

Next you should add the key to the keychain, holding the value you wish to keep hidden:

[root@qa121]# telnet localhost 3001
Connected to localhost.
Escape character is ‘^]’.
HAast telnet interface on ‘QA121’
HAast>keychain add PeerLinkSecret
Enter the key value exactly as you want it to be stored.
key value>MySecretPassword
The value associated with key name [PeerLinkSecret] has been set
HAast>

Then just restart the HAast service and your credentials will be protected by the keychain.

No! Unlike most of the other configuration generators, FreePBX does something a little unusual. Every time you add a module (or even upgrade a module) to your system FreePBX might change the structure of the database / add tables to hold the additional data.

So if you now sync from your primary node to your secondary node, settings would be lost because the associated tables/fields are missing on the secondary node. Conversely, if you now sync from your secondary node to your primary node, settings would be missing because the necessary source settings are absent. (See image below). This is why the HAAst installation guide and maintenance manual provide specific installation/upgrade instructions relating to FreePBX. Every year we have at least one customer that damages their FreePBX cluster because they did not follow the installation/maintenance guides.

Similarly, updating a module might change table structure, and that’s why we say to disable any automatic updates in FreePBX. Most other configuration generators are smart enough to detect a configuration mismatch between versions/modules, but FreePBX does not and will probably break (dialplan failure) unless the two nodes are kept identical (in terms of modules enabled/installed/versions).

Even if HAAst were to copy the metadata (table structure) as well, you would still have problems since the PHP code which makes up FreePBX will not understand the settings (if the code version doesn’t match the settings version). This may result in the PBX failing to process calls as the dialplan crashes, and/or failure to configure, and/or failing to complete an APPLY button push.

To read more about how to properly setup your nodes with FreePBX see sections 3.6 and 10.1.5 of the Detailed Installation Guide, and sections 7 and 8 of the Maintenance and Operations Guide.

If you have already corrupted your FreePBX setup and your cluster won’t process calls (due to dialplan fialure) see this forum post

Since Red Hat 8 uses SystemD, the best way to delay HAAst start is with a service timer. Create the file haast.timer in the /etc/systemd/system directory with the following contents

[Unit]
Description=Delay HAAst start by 1 minute on bootup

[Timer]
OnBootSec=1min
Unit=haast.service

[Install]
WantedBy=basic.target

Then, enable the HAAst timer and disable the service:

systemctl enable haast.timer
systemctl disable haast.service

And finally, in your haast.service file change the WantedBy line to read:

[Install]
WantedBy=haast.timer

Next inform systemd of your changes:

systemctl daemon-reload

And your HAAst start will delay by 1 minute on bootup. You can adjust the delay as you need.

This error is the result of incompatibilities between the Qt library expected by SecAst, and the Qt library installed on your system (or possibly because you are missing the Qt library altogether). SecAst version 1.7.0 is built against Qt version 5.9.8, so that is the library version you should install (at this date).

There is often a gap between the Qt version we use for a software release, and what is available across all Linux distributions / repos. (Each distribution / repo makes a slightly different version available). This problem should resolve itself once the repos catch caught up. Note that even version 5.9.8 is many releases behind the most current Qt version, so we are staying well away from leading edge.

As of July 13 2020 the Qt library available from Ubuntu 18’s official repos is 5.9.5. If you are a customer with a SecAst maintenance agreement we can build a release for you using Qt library 5.9.5 (or whatever version you need) at no charge. If you are using the free edition you can either wait (for your repo to catch up), or install the Qt open source libraries from: http://www.qt.io/download-open-source as those will always offer the very latest libraries

Many configuration generators are trying to compete with one another on secondary features – covering everything from security, faxing, messaging, email, router, SBC, security, high availability, and more. Most users disable/ignore these add-ons as they can be poorly designed or integrated (the real strength of configuration generators is in managing the Asterisk configuration files). If you are planning to use their add-ons compare each carefully to stand alone products so you know what you are getting. (You may even find that a commercial module that you are buying is just a collection of open source packages).

Next there are more sophisticated PBX’s which use Asterisk as the media engine/call processing engine but extend the functionality using a variety of other programs. PBX’s like Amtelco’s Genesis / ISS fall into this category. Telium is also pleased to work directly with manufacturers of more sophisticated PBX’s suchs as Amtelco Genesis / ISS to ensure full compatibility and deep product integration.

And finally there are some ‘closed’ PBX’s which are Asterisk based, but according to their vendors they are not compatible with ANY add-ons (unless sold from that same manufacturer). In reality we have helped customers install HAAst/SecAst/and many other 3rd party products onto these systems. However, we don’t want to upset these vendors so we leave it up to the customer to determine if they can/want to reset the root password and install other products. (It’s your product, so you probably have a right to modify it as you see fit). But we don’t offer any assistance that might violate the DMCA in the USA, or similar laws in other countries. (e.g. you can find instructions on how to unlock/remove vendor protections on the internet, but we can’t give those instructions to you). Also if you are an authorized vendor of such closed systems read your reseller agreement carefully; your customer can do what he wants with the PBX but you might violate your reseller agreement if you unlock the box for them.

HAAst tries to work well with every configuration generator. We are pleased to add support for new products/databases, but we also deprecate support for little used configuration generators / databases / features. If you are a large corporation or critical call center using Asterisk directly (no configuration generator) then HAAst can fully support you as well. You don’t need a configuration generator or add-on to use HAAst, SecAst, etc.

So if you are designing a telephony solution we recommend:

1. Pure asterisk (no configuration generator) if you are ok doing some basic diaplan coding
2. If you need a configuration generator pick one that is fully open source (avoid anything with ‘distro’ in the name)
3. Use flat-files to hold config information
4. If you need a database (or your config generator needs a database) insist on MariaDB/MySQL

If you need to stray from this advice be sure to understand the compromises you are making