Amethyst 2 Disaster Recover (DR) config and license

The Amethyst 2 DR facility allows the Primary Amethyst server to replicate recordings to the redundant Amethyst 2 Server. It will also be able to replicate Supervisor and group changes. And finally AQM changes as well.

The following facilities are currently disabled on the Redundant server:

  • Creating or changing Supervisors
  • Creating or changing Groups
  • Changing Permissions.
  • Completing AQM

The following needs to be in place for this facility to function properly:

  • IrcExporter 1.0.7.2 needs to be running on the Source Amethyst server.
  • AmtImport 1.0.3.1 service needs to be running on the destination Amethyst servers.
  • AmtSorter 2.0.12.2
  • AmtSweeper 2.0.7.3
  • AmtWebadmin2 2.0.1.54

Amtimporter
This service will accept the uploads from the IRCExporter service.

  • Run the install script in MyUpdates and then run it again to upgrade.
    The first run should extract all the required files and the second run of the install.sh files should just upgrade the service, if it is not already on the latest version.
mkdir -p /root/MyUpdates/amtimporter
cd /root/MyUpdates
./getupdates.sh
cd amtimporter
bash ./install.sh
bash ./install.sh
bash ./restoredb.sh
  • Check that the default ports for SSL connection and HTTP connection is set to 5334 and 5081.

vi /opt/datatex/amtimpoter/amtimporter.ini

[WEBSERVER]
SSLPORT=5334
HTTPPORT=5081

make sure this value is not set:
CERTIFICATECAFILE=

  • Connect to the DB and Set the AI_STATUS = 1 for the GUID of the correct IRCExporter.

Check that the check_running_apps.sh -d -t if the amtimporter will start it. If it not listed as a service, add it to the check_running_apps.local file:

#amtimporter:
APP=amtimporter
APPLOC=/opt/datatex/amtimporter/
APPSTART=$APPLOC/startamtimporter
CheckAndStart $APP $APPLOC $APPSTART

IrcExporter
This service will upload the files to an AmtImporter
Supported file types:
.zlb, .zls, .bz2, .gz, .tes, .png, .txt, .shn, .ref, .tag, .tagext

mkdir -p /root/MyUpdates/irecall
cd /root/MyUpdates
./getupdates.sh
cd irecall
bash ./install.sh
bash ./install.sh
  • Change the Upload URL to the AmtImporter location.

vi /opt/datatex/ircexporter/ircexporter.ini

  • Change the UPLOAD URL to the IP and default port the Amtimporter is running on.
[UPLOAD]
UPLOADURL=https://10.20.15.140:5334/
  • Run the UploadNow script to check that it connects to the remote side.
    If this script is not in place. copy it over from the install folder.

/opt/datatex/ircexporter/uploadnow.sh

AmtSorter
Make sure you are running version 2.0.12.2 before hand and it works.
There should be a location set already to the upload location:

DUPLICATEPATH=/opt/datatex/ircexporter/upload/

  • Stop Sorter
    /opt/datatex/amtsorter/stopamtsorter

  • Backup Database on Main
    /opt/firebird/bin/gbak -b -v amt2.fdb amt2-redundant.fbk
    Copy this file to the DR server.

  • DR Server:
    Stop all the DB software:
    amtexporter = /opt/datatex/amtexporter2/stopamtexporter2
    amt2 = /opt/datatex/amtserver2/stopamtserver2
    amtsorter = /opt/datatex/amtsorter/stopamtsorter
    amtsweeper2 = /opt/datatex/amtsweeper2/stopamtsweeper2
    amtwebadmin2 = /opt/datatex/amtwebadmin2/stopamtwebadmin2
    supervisor2 = /opt/datatex/supervisor2/stopsupervisor

  • Move away old DB.

cd /opt/amethyst/data
mv amt2.fdb amt2.fdb-before-dr -i
  • Restore Database on Redundant
/opt/firebird/bin/gbak -REP -v -P 16384 amt2-redundant.fbk amt2.fdb
chown firebird:firebird amt2.fdb

/opt/firebird/bin/isql /opt/amethyst/data/amt2.fdb
UPDATE AMTSYSTEM SET SYS_VALUE = '' WHERE SYS_KEY = 'INSTALLATION_KEY' ;
commit;
  • Start AmtWebadmin2 on Redundant Amethyst 2

AmtWebadmin2

  • Load the Amethyst 2 DR Primary license on the Amethyst Source server.

  • Load the Amethyst 2 DR Destination license on the Amethyst Destination server.

  • Restart the AmtSorter on both servers to allow it to detect the appropriate license
    The MAIN sorter should print this:

2022-12-08 12:58:55.579 [2.0.12.2] Licensed - Disaster Recovery Main Amethyst module

And then that it is duplicating each recording like this:

Duplicating /opt/datatex/amtsorter/incoming/A221208-00007B.zlb to /opt/datatex/ircexporter/upload/

Check the DR server Amtimport folder for the files that are uploaded.
ls /opt/datatex/amtimporter/output

FINAL STEPS:

  • Rename the AmtImporter Output folder
  • Make Symlink from /opt/datatex/amtsorter/incoming → /opt/datatex/amtimporter/output
mv /opt/datatex/amtimporter/output /opt/datatex/amtimporter/output-orig
ln -s /opt/datatex/amtsorter/incoming /opt/datatex/amtimporter/output

If the new server needs to have the historic calls as well, then the /mnt/drive* folders needs to be copied over to the new server . Skip all files that already exist.

TEST:
Test Command:
openssl s_client -connect 127.0.0.1:5334

You should be able to see the cert in the result:

CONNECTED(00000005)
depth=0 C = ZA, ST = Western Cape, L = Cape Town, O = Datatex Dynamics, CN = 10.20.15.140\0A
verify error:num=18:self signed certificate
verify return:1
depth=0 C = ZA, ST = Western Cape, L = Cape Town, O = Datatex Dynamics, CN = 10.20.15.140\0A
verify return:1
---
Certificate chain
 0 s:C = ZA, ST = Western Cape, L = Cape Town, O = Datatex Dynamics, CN = 10.20.15.140\0A
   i:C = ZA, ST = Western Cape, L = Cape Town, O = Datatex Dynamics, CN = 10.20.15.140\0A
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIFtzCCA5+gAwIBAgIUbvqj2cFsPAIAI8W7Zhxdhs/fLy4wDQYJKoZIhvcNAQEL
BQAwazELMAkGA1UEBhMCWkExFTATBgNVBAgMDFdlc3Rlcm4gQ2FwZTESMBAGA1UE
BwwJQ2FwZSBUb3duMRkwFwYDVQQKDBBEYXRhdGV4IER5bmFtaWNzMRYwFAYDVQQD

If the TEST script doesn’t show the Certificate, check if the following line is int he INI file and remove it:

CERTIFICATECAFILE=/opt/datatex/amtimporter/amtimporterca.crt

CERTIFICATECAFILE=

AmtImporter not allowing uploads:
2022-11-07 10:30:23.532 [1.0.3.1] HTTP received from 10.20.15.40:60760 GET /
2022-11-07 10:31:01.203 [1.0.3.1] HTTP received from 10.20.15.40:60778 GET /device?id=0EA1275E-B85A-ED11-9B8B-0050569BF8B4&tenantid=DATATEX&softwareid=DATATEX&pabxid=&source=ircexporter
2022-11-07 10:31:01.225 [1.0.3.1] Upload response: {“responsestatus” : “ok”, “errormessage” : “”, “uploadstatus”:“trylater”}

Check the data base for untrusted UUIDs and disable them and only mark trusted UUIDs.