Deploying AIMS in VMware

This topic explains how to deploy the AI Media Server (AIMS) software in VMware ESXi using an OVA template.

• Prerequisites
• Installing AIMS in VMware

For information regarding manual customization or maintenance tasks such as re-running the installation wizard or replacing the AIMS's default certificate, see Configuration and maintenance of the AI Media Server.

Prerequisites

Pexip Infinity

AIMS v1 requires Pexip Infinity v36 or later.

If you are running Pexip Infinity versions 32 to 35, please contact your Pexip authorized support representative.

NVIDIA GPU

The AIMS VM requires complete control of all GPUs assigned to it — the GPUs cannot be shared with any other VM.

The following NVIDIA GPU models are supported:

• NVIDIA L4
• NVIDIA A100 40GB SXM4
• NVIDIA H100 80GB HBM3

If you are unsure about compatibility with a given GPU, please contact your Pexip authorized support representative.

Host hardware requirements

VMware versions

AIMS requires the following VMware versions:

• VMware ESXi 7.0 or later

Firewall and DNS requirements

You must configure DNS for your deployment as follows:

• There must be a DNS A record for the AIMS server.
• The AIMS server must have a DNS name that is resolvable by Conferencing Nodes.
• On Pexip Infinity, you must enter the AIMS server's host address (as per the DNS record) as the Live captions service API gateway (under Platform > Global settings > Live captions).

When requesting/generating certificates for your AIMS server:

• The AIMS server requires TLS certificates with SHA256 or later signature algorithms. Certificates using legacy algorithms such as SHA1 and MD5 are not supported.
• The AIMS server must have a certificate with either a CN or SAN that matches the AIMS server's host address (as per the DNS record), and this certificate must be trusted by Pexip Infinity.
• We recommend using a 4096 bit public key (2048 bit minimum).

The following table lists the ports/protocols used to carry traffic between the AIMS server and Conferencing Nodes, DNS servers and NTP servers:

Source address	Source port	Destination address	Destination port	Protocol	Notes
AIMS	123, 55000–65535	NTP server	123	UDP	Required for correct log timestamps.
AIMS	55000–65535	DNS server	53	TCP/UDP	Required to resolve NTP and other addresses.
Conferencing Node	<any>	AIMS	443	TCP (HTTPS)	Access live captions service. Web proxies are not supported for this traffic flow.

Installing AIMS in VMware

Installing the AIMS Virtual Machine (VM) on the host hardware involves the following steps:

• Downloading the OVA template
• Deploying the OVA template
• Setting the password for SSH/console access
• Completing the installation wizard
• Adding the GPU to the AIMS appliance

Downloading the OVA template

Download the latest version of the AIMS OVA template from https://dl.pexip.com/aims/index.html to the PC running the vSphere web client.

We recommend that you verify the OVA file integrity after downloading the OVA file by calculating the SHA256 sum of the downloaded file and comparing that with the respective SHA256 sum found in the SHA256SUMS file (located in the same download location as the OVA images).

Deploying the OVA template

To deploy the OVA template:

1. Using the vSphere web client, go to Hosts and clusters, click File and Deploy OVF Template (this option accepts OVA files).
2. During the OVA deployment, we recommend that you use the default options. Also make sure to assign the correct VMware network/port group for the network interface of the virtual machine.
3. After the OVA template has been deployed, power on the newly-created virtual machine.

Setting the password for SSH/console access

After the virtual machine has powered on, open a console for the AIMS VM.

Before you can start the install wizard, you must change the password. To do this:

1. At the prompt, enter the username admin.

   The display reads:

   You are required to change your password immediately (root enforced)
Enter new UNIX password:

2. Create a password for the AIMS operating system. To do this you must enter the new password twice. The password should:

   • have a minimum of 8 characters

   • satisfy at least 3 out of the following 4 conditions:

     • one lower case character
     • one upper case character
     • one special character
     • one digit.

3. Ensure you record the password in a secure location. After you have finished running the installation wizard you will not need the password again unless you need to access AIMS using SSH.

   You are presented with another login prompt:

   [sudo] password for admin:

4. Log in again with the password you just created.

The AIMS installation wizard starts.

Completing the installation wizard

Follow the prompts to set the following configuration for the AIMS VM.

If you subsequently rerun the installation wizard, the default values for the questions use the answers from the previous run (if they are still valid).

If you select Enter, the default value is applied:

Setting	Default value	Multiple entries allowed?
IP address	As assigned by DHCP, otherwise 192.168.0.100 * The addresses entered here are assigned as static IP addresses. When deploying in a cloud service, these values are replaced with the IP address and network settings for your instance.	No
Network mask	As assigned by DHCP, otherwise 255.255.255.0 * The addresses entered here are assigned as static IP addresses. When deploying in a cloud service, these values are replaced with the IP address and network settings for your instance.	No
Gateway	As assigned by DHCP, otherwise 192.168.0.1 * The addresses entered here are assigned as static IP addresses. When deploying in a cloud service, these values are replaced with the IP address and network settings for your instance.	No
Hostname	As assigned by DHCP, otherwise pexaims	No
Domain suffix	As assigned by DHCP, otherwise <no default>	No
DNS servers	As assigned by DHCP, otherwise 8.8.8.8	Yes, if separated by a space or comma
NTP servers† The NTP server must be accessible by the AIMS server at the time the startup wizard is run. Installation will fail if the AIMS server is unable to synchronize its time with an NTP server.	As assigned by DHCP, otherwise: 0.pexip.pool.ntp.org 1.pexip.pool.ntp.org	Yes, if separated by a space or comma
Enable incident reporting (yes/no)	<no default>
Contact email address ** Shown and required if incident reporting is enabled.	<no default>	No
Send deployment and usage statistics to Pexip (yes/no)	<no default>
* The addresses entered here are assigned as static IP addresses. When deploying in a cloud service, these values are replaced with the IP address and network settings for your instance. ** Shown and required if incident reporting is enabled. † The NTP server must be accessible by the AIMS server at the time the startup wizard is run. Installation will fail if the AIMS server is unable to synchronize its time with an NTP server.

When all of the installation wizard steps have been completed, the AIMS VM will automatically reboot.

Adding the GPU to the AIMS appliance

After the AIMS VM has been deployed, you must add the GPU to the appliance before powering it on. To do this:

1. Log in to VMware vCenter and navigate to the AIMS appliance.

2. From either the side menu or right-click menu, select Actions > Edit Setting….

3. Select Add New Device > PCI Device:

   

4. Select the PCI device:

   

5. Select Save.

Next steps

• Configuration and maintenance of the AI Media Server
• Enabling live captions