Edge-to-Cloud Video Streaming
Overview
Important
Configuring Edge setup is fully optional, it is required only if we are trying to connect the Edge Camera Streams for analytics and inferencing using Metropolis apps running in cloud setup.
Edge-to-cloud video streaming using the WebRTC protocol is a real-time, low-latency method for sharing video streams from edge devices to cloud servers. WebRTC’s peer-to-peer architecture, web-based access, encryption, and support for data channels make it ideal for applications like remote sensing, live streaming. It ensures secure data transmission, handles NAT traversal, and adapts to varying network conditions and signaling servers facilitate connection setup.
Features
Edge VST auto-discovers ONVIF-S compliant IP cameras or can be configured to use predefined RTSP streams or allows use of custom IP stream as video source.
Auto discover cameras at edge VST side
Authenticate cameras from either edge side or cloud side
Option to manage camera settings from either edge side or cloud side with the help of web sockets
Supports media streaming pass through mode from edge device to cloud
Edge side streams listed in cloud side web UI
Check sensor status in Dashboard Tab
Check RTSP URLs in Dashboard Tab
Check recording status in Dashboard Tab
Live playback of edge side streams on cloud VST
Start/Stop recording of edge side streams
Replay of edge side streams on cloud VST
Remove edge side sensors from cloud side web UI from Camera Management Tab
Architecture
Typical Edge-to-Cloud architecture setup is illustrated below:
Edge-to-Cloud Deployment Using Scripts
Edge can be configured to connect with cloud in 2 modes:
Important
Options to pick between WebRTC vs OpenVPN can be based on Secure Connection between cloud & edge, Performance related and Ease of Installment for connecting edge to cloud setups.
WebRTC is not secure setup as OpenVPN mode. But it is easy to setup for testing edge sensors connecting back to cloud environment for analytics streaming. Also performance wise this could also see drop in performance if edge and cloud not in same local region.
OpenVPN Mode is definitely more secure way for edge to cloud connectivity. But it requires additional steps to manage openvpn setups for setting up OpenVPN tunnels.
Download & Extract Edge Install Deployment Artifact
Setting up NGC CLI
Setup NGC CLI tool on Ubuntu 20.04 machine by following instructions from this page.
Select ‘AMD64 Linux Install’ tab for Ubuntu installation.
During NGC config set command, select ‘nfgnkvuikvjm’ as Org and ‘mdx-v2-0’ as team.
Download Edge Install Setup Scripts Artifact
Using below commands, download and extract the contents of artifact:
# download the artifact $ ngc registry resource download-version "nfgnkvuikvjm/mdx-v2-0/mtmc-app-edge-scripts:0.0.7" $ cd mtmc-app-edge-scripts_v0.0.7/ ## Un-tar script folder $ tar -xvf mtmc-app-edge-to-cloud.tar.gz # verify necessary files required for Installing Edge VST $ ls edgeinstall-openvpn.sh mtmc-app-edge-to-cloud.tar.gz README-OPENVPN.md vst_config edgeinstall-webrtc.sh nvstreamer_config README-WEBRTC.md
Edge-to-Cloud via WebRTC
These instructions together with the included edgeinstall-webrtc.sh
script will start containers that will stream a video from the Edge over WebRTC to a hosted MTMC install in the cloud.
Prerequisites
Installed Docker on edge system. Docker Installation steps can be followed using this doc.
Installed container runtime.
NGC account credentials.
If Using Edge to cloud setup with hosted tenant app, then “Nvidia NGC Org ID” is also required to be able to securely Authenticate Edge VST with Cloud VST.
Cloud Hosted MTMC environment with VST which has remote adapter option enabled, use at least VST Helm Chart version 1.0.23 with
vst-app-edge-with-ingress-values.yaml
asvst_app_override_values_file
value in the one-clickdeploy-template.yml
.The Edge machine’s externally visible IP address should be whitelisted for both the application (TCP) and the coturn server (TCP & UDP), in the Cloud Hosted MTMC environment. This should be have been done automatically if this is known at provisioning time and used as parameters to the One-Click script, otherwise you will have to do it manually through your cloud portal or console.
Note
To find out the externally visable current IP address, that needs to be whitelisted you can run the following command on your edge machine:
$ curl ifconfig.me
.
Connect edge client to hosted environment
Note
Update remote_vst_address with URL based on yur setup. Authentication Headers in VST URL is only required if App is hosted and managed by NVIDIA.
Create a directory called videos in your current working directory, where you put files that are to be streamed to the hosted MTMC application. The videos can be the 7 Building-K videos that are in the
metropolis-apps-data
tar file. Please make sure “videos” directory has correct permission else file upload to NVStreamer UI will see issue(logs of nvstreamer container should throw errors of perms issue).Edit the
vst_config.json
in thevst_config
directory and change the value of"remote_vst_address": ""
to"remote_vst_address": 'https://URL.of.the.app/vms/'
OR Edit thevst_config.json
in thevst_config
directory and change the value of"remote_vst_address": ""
to"remote_vst_address": 'https://URL.of.the.hosted.app/vms/ -H "Authorization: Bearer $NV_NGC_KEY" -H "NV-Org-Id: $NV_ORG_ID"'
(Please Note Headers are must if remote edge VST is trying to connect to remote Cloud VST which requires authentication for connectivity to be successful).Edit the
rtsp_streams.json
file in thevst_config
directory and replace of all the <Edge_IP> with the local IP address of the edge machine you are on.Run script:
$ bash ./edgeinstall-webrtc.sh
Above script should log you into NGC and then start NVStreamer & VST Proxy containers.
Confirm they have started and are running:
$ docker ps
This will output status and container names of the running containers
Shutdown edge client
Stop NVStreamer and VST Proxy by using the container names, that can be found from the output of
docker ps
:$ docker stop <container name> && docker rm <container name>
Troubleshoot
Examine the logs of NVStreamer to check it has started and is streaming:
$ docker logs <NvStreamer container name>
If NVStreamer is streaming then Check RTSP URLs in the NVStreamer GUI, by pointing your browser to http://Your.Edge.IP:31000 and check that the RTSP URL’s displayed are the same as in the
rtsp_streams.json
file.Examine the logs of VST Proxy to check it has started and is executing:
$ docker logs <VST Proxy container name>
Make sure that the externally visible edge IP is whitelisted in both the cloud hosted coturn and MTMC application, see prerequisites above.
Browse to the URL you entered in step 2 above and check the cloud VST dashboard for errors.
Edge-to-Cloud via OpenVPN
These instructions together with the included edgeinstall-openvpn.sh
script will start containers that will stream a video from the Edge over an OpenVPN tunnel to a hosted MTMC installation in the cloud.
Prerequisites
Installed Docker on edge system. Docker Installation steps can be followed using this doc.
Install openvpn client. If your Edge system is running Ubuntu version 20.04 use wget to retrieve the client like this:
wget https://launchpad.net/ubuntu/+archive/primary/+files/openvpn_2.4.12-0ubuntu0.20.04.1_amd64.deb
For Ubuntu 22.04 the client can be downloaded usinghttps://launchpad.net/ubuntu/+archive/primary/+files/openvpn_2.6.7-1ubuntu1_amd64.deb
. Install the downloaded package withsudo dpkg -i openvpn-deb-file-location
.Installed container runtime.
NGC account credentials.
Hosted MTMC environment with OpenVPN access server with downloaded
profile.ovpn
file.
Important
Before you can connect from edge to cloud via OpenVPN as outlined below you have to setup the OpenVPN server and download the profile as described in the section Configure OpenVPN access server section in Configure OpenVPN access server.
Connect edge client to hosted environment
Make sure you have the
profile.ovpn
file that you downloaded from the the user portal of OpenVPN Access Server in the current directory.Create a directory called videos in your current working directory, where you put files that are to be streamed to the hosted MTMC application. The videos can be the 7 Building-K videos that are in the
metropolis-apps-data
tar file. Please make sure “videos” directory has correct permission else file upload to NVStreamer UI will see issue (logs of nvstreamer container should throw errors of perms issue).Run script:
$ sudo bash ./edgeinstall-openvpn.sh
Note
Note down output of Tunnel VPN IP.
Access the locally running NVStreamer GUI at http://Your.Edge.IP:31000 & note down the “RTSP URL of the streams”.
Access the remote cloud-hosted VST GUI at https://Your.cloud.MTMC.URL/vms/ and add the edge streams as a new cameras under Camera Management->Add device manually using the RTSP URLs from step 4 above. Make sure to use Tunnel VPM IP you obtained from Step 3 above, when inputting RTSP URL to VST Cloud. For example RTSP URL to input in Cloud VST
rtsp://<OpenVPN-Tunnel-IP-from-step-3>:31554/<rest-of-rtsp-url-from-step-4>
.
Shutdown edge client
Stop NVStreamer by using the container name, which can be found from the output of
docker ps
:$ docker stop <container name> && docker rm <container name>
Close VPN tunnel by first finding out the Process Id of the openvpn process
ps -ef | grep openvpn
, and then kill it by running:$ sudo kill <Process_id>
Appendix: Manual Setup of Edge Components
Note
These manual steps are not required if we setup Edge using Edge-to-Cloud Deployment Using Scripts.
To manually install some of the edge components like edge-side VST, edge-side NVStreamer, & OpenVPN, refer here.