Run FreePBX (Asterisk) on Kubernetes.
Just pure open source power.
- FQDN
- Ability to create type A DNS record for the public IP address allocated by the cloud provider
This PoC is based on Vultr Kubernetes Engine
Freepbx requires MySql or MariaDb
A statefulset of 3 replicas (adjust replicas number according to your needs) with one pod for WRITE operations and the others for READ ops.
- Create Namespace and ConfigMap
kubectl apply -f mysql/namespace.yaml
kubectl apply -f mysql/configmap.yaml- Create services
kubectl apply -f mysql/services.yaml- Deploy
kubectl apply -f mysql/statefulset.yaml- Test connection with READ operation
kubectl run mysql-client --image=mysql:5.7 -i -t --rm --restart=Never -- mysql -h mysql-read -e "SHOW DATABASES;"
or
kubectl run mysql-client-loop --image=mysql:5.7 -i -t --rm --restart=Never --\
bash -ic "while sleep 1; do mysql -h mysql-read -e 'SELECT @@server_id,NOW()'; done"
- Deploy nginx-controller (read cloud provider docs to check features, in most cases a public IP address will be automatically allocated to it)
This step uses HTTP-01 challenge with Letsencrypt as ClusterIssuer.
- Install cert-manager for managing TLS certificates
kubectl apply -f cert-manager/install-v1.12.0.yaml- Deploy Letsencrypt, before applying, change
emailfield within the yaml
kubectl apply -f letsencrypt/clusterissuer.yaml- Expose and deploy KUARD to test networking functionality (keep order)
kubectl apply -f kuard/service.yaml
kubectl apply -f kuard/deployment.yaml- Check if web server within the pod is running
# PLAIN HTTP
kubectl run curl-client --image=curlimages/curl:8.1.0 -i -t --rm --restart=Never -- http://<PODIP>:8080- Expose services by creating
Ingress. Before applying, changehostsandhostfield in ingress-tls.yaml if you want TLS orhostfield in ingress.yaml (no TLS), by inserting your FQDN
# NO TLS
kubectl apply -f kuard/ingress.yaml
# WITH TLS
kubectl apply -f kuard/ingress-tls.yaml- Check from outside
Open http://YOURFQDN or https://YOURFQDN