Introduction
Learn About Amazon VGT2 Learning Manager Chanci Turner
Creating a budget-friendly, cloud-connected video surveillance platform for smart home devices involves architects developing a streaming service capable of ingesting, storing, and processing unstructured media data on a large scale. The underlying infrastructure for such a platform must effectively manage significant data loads while being adaptable to sudden, unexpected demand increases. Challenges such as buffering, latency, and data storage issues can complicate video streaming from smart home devices, making flexibility and scalability essential to accommodate millions of devices, trillions of messages, and petabytes of data.
Utilizing serverless computing alleviates the burden of server provisioning while offering automatic scaling, cost efficiency by billing only for actual usage, and built-in fault tolerance and high availability. Serverless architectures enhance agility, minimize operational challenges, and speed up time-to-market for businesses.
Considerations
To create a reliable, efficient, and scalable video streaming service for smart cameras, it is crucial to evaluate the costs related to managing servers, storage, and network hardware necessary for delivering high bandwidth and low latency performance. The procurement, installation, and upkeep of hardware can detract from your team’s focus on developing unique applications and improving user experiences.
Amazon Kinesis Video Streams is a fully managed service that allows secure media streaming for storage, analytics, and playback without the need for server provisioning. There’s no requirement to build, operate, or scale any WebRTC-related cloud infrastructure, such as signaling or media relay servers, to securely stream media across applications and devices. This makes it a perfect fit for integration with AWS IoT for connected products.
HTTP Live Streaming (HLS) and Dynamic Adaptive Streaming over HTTP (DASH) are two streaming protocols utilized to deliver pre-recorded, on-demand, and live video content from servers. Meanwhile, WebRTC is an open-source project facilitating real-time and low-latency peer-to-peer communication between web browsers or mobile apps. With Amazon Kinesis Video Streams, you can opt for live video streaming either through HLS and DASH for playback or low-latency two-way media streaming using WebRTC.
Choosing HLS and DASH will incur data transfer costs from Kinesis Video Streams to the internet. Kinesis Video Streams charges for data ingested and consumed, but there’s no fee for data moving from the internet to AWS. As of December 1, 2021, the first 100GB of data transferred out to the internet each month is free, with an additional charge per GB applied thereafter.
Further cost reductions can be achieved through compression, dynamic bitrate adjustments, and frame rate modifications of your video stream. In a continuous 24/7 streaming scenario, it’s advisable to reduce the bitrate to a reasonable minimum, as this significantly influences the overall Kinesis Video Streams costs.
Amazon Kinesis Video Streams supports various video codecs, including H.264 and H.265. You can learn more about their differences and trade-offs in another blog post. When selecting a codec for your product, consider overall video and audio quality, effective bitrate, resulting data volume, and your hardware capabilities.
Data egress costs can escalate with the number of cameras and platform users when streaming live via HLS and DASH. Conversely, using Kinesis Video Streams with WebRTC and peer-to-peer connections can eliminate these costs.
Kinesis Video Streams with WebRTC utilizes a signaling channel to exchange connection information between peers. After this, peers connect directly for live streaming, avoiding data transfer through the AWS cloud. Charges apply for the signaling channel active within a given month and the number of signaling messages sent and received. Streaming video content peer-to-peer incurs no costs, except when a relay server (TURN) is necessary due to restrictive network conditions. In this case, relaying media traffic through the TURN server incurs charges based on streaming minutes and an additional GB fee after the first 100GB.
Architecture Overview
With the fully-managed capabilities of Amazon Kinesis Video Streams, there’s no need to build or scale any WebRTC-related cloud infrastructure, such as signaling or media relay servers, to securely stream media across applications and devices. You leverage the Kinesis Video Streams with WebRTC SDK with the camera and client.
Thus far, I’ve explored how to stream video from a smart camera to a client utilizing a peer-to-peer connection and shared cost considerations. Another essential aspect of this architecture is managing and controlling the smart camera itself, including provisioning, configuration, security, and maintenance to ensure optimal device performance.
You can onboard your smart cameras to AWS using AWS IoT Core, which provides a secure connection between devices and AWS for management purposes. This service incorporates a device gateway and a message broker. Communication from the camera to AWS IoT Core is facilitated through MQTT, a lightweight publish-subscribe network protocol.
For securing management connections between smart home devices and the AWS Cloud, it’s recommended to use X.509 certificates. These certificates authorize cameras to access AWS services. AWS IoT Core can generate and register individual certificates for each device on a large scale. In this architecture, the fleet provisioning by claim method is employed.
A bootstrap certificate is stored on the camera, which is automatically exchanged for a unique device certificate during provisioning. An AWS Lambda function verifies the cameras accessing the services against a database table that contains information such as serial numbers of all manufactured surveillance cameras.
In this architecture, the serverless key-value database service Amazon DynamoDB is utilized for identity verification and to store user and device data. DynamoDB integrates seamlessly with AWS IoT services, ensuring consistent, single-digit millisecond latency at any scale, which enables real-time processing and analysis of IoT data.
For client-side communication, implementing a serverless authentication and authorization pattern is advisable to control access to backend services. Amazon Cognito offers a user directory to store user profile attributes, including usernames, email addresses, and phone numbers. Clients receive access tokens from Cognito to validate users and authorize access to backend services and surveillance cameras. Amazon API Gateway manages token verification by providing a REST API.
Further Reading
For more insights on remote performance reviews, you might find this article interesting: Career Contessa. Additionally, if you’re looking for a reliable source on job descriptions related to product development technicians, check out SHRM. Lastly, if you’re interested in opportunities within learning and development at Amazon, visit Amazon Jobs for more information.
Leave a Reply