Edge-to-Cloud Video Streaming

Overview

Important

Configuring Edge setup is fully optional, it is required only if we are trying to connect the Edge Camera Streams for analytics and inferencing using Metropolis apps running in cloud setup.

Edge-to-cloud video streaming using the WebRTC protocol is a real-time, low-latency method for sharing video streams from edge devices to cloud servers. WebRTC’s peer-to-peer architecture, web-based access, encryption, and support for data channels make it ideal for applications like remote sensing, live streaming. It ensures secure data transmission, handles NAT traversal, and adapts to varying network conditions and signaling servers facilitate connection setup.

Features

Edge VST auto-discovers ONVIF-S compliant IP cameras or can be configured to use predefined RTSP streams or allows use of custom IP stream as video source.

1. Auto discover cameras at edge VST side

2. Authenticate cameras from either edge side or cloud side

3. Option to manage camera settings from either edge side or cloud side with the help of web sockets

4. Supports media streaming pass through mode from edge device to cloud

5. Edge side streams listed in cloud side web UI

6. Check sensor status in Dashboard Tab

7. Check RTSP URLs in Dashboard Tab

8. Check recording status in Dashboard Tab

9. Live playback of edge side streams on cloud VST

10. Start/Stop recording of edge side streams

11. Replay of edge side streams on cloud VST

12. Remove edge side sensors from cloud side web UI from Camera Management Tab

Architecture

Typical Edge-to-Cloud architecture setup is illustrated below:

Edge-to-Cloud Deployment Using Scripts

Edge can be configured to connect with cloud in 2 modes:

1. Edge-to-Cloud via WebRTC

2. Edge-to-Cloud via OpenVPN

Important

• Options to pick between WebRTC vs OpenVPN can be based on Secure Connection between cloud & edge, Performance related and Ease of Installment for connecting edge to cloud setups.

• WebRTC is not secure setup as OpenVPN mode. But it is easy to setup for testing edge sensors connecting back to cloud environment for analytics streaming. Also performance wise this could also see drop in performance if edge and cloud not in same local region.

• OpenVPN Mode is definitely more secure way for edge to cloud connectivity. But it requires additional steps to manage openvpn setups for setting up OpenVPN tunnels.

Download & Extract Edge Install Deployment Artifact

• Setting up NGC CLI

  • Setup NGC CLI tool on Ubuntu 20.04 machine by following instructions from this page.

  • Select ‘AMD64 Linux Install’ tab for Ubuntu installation.

  • During NGC config set command, select ‘nfgnkvuikvjm’ as Org and ‘mdx-v2-0’ as team.

• Download Edge Install Setup Scripts Artifact

  • Using below commands, download and extract the contents of artifact:

    # download the artifact
    $ ngc registry resource download-version "nfgnkvuikvjm/mdx-v2-0/mtmc-app-edge-scripts:0.0.7"
    
    $ cd mtmc-app-edge-scripts_v0.0.7/
    
    ## Un-tar script folder
    $ tar -xvf mtmc-app-edge-to-cloud.tar.gz
    
    
    # verify necessary files required for Installing Edge VST
    $ ls
    edgeinstall-openvpn.sh  mtmc-app-edge-to-cloud.tar.gz  README-OPENVPN.md  vst_config
    edgeinstall-webrtc.sh   nvstreamer_config              README-WEBRTC.md
    

Edge-to-Cloud via WebRTC

These instructions together with the included edgeinstall-webrtc.sh script will start containers that will stream a video from the Edge over WebRTC to a hosted MTMC install in the cloud.

Prerequisites

• Installed Docker on edge system. Docker Installation steps can be followed using this doc.

• Installed container runtime.

• NGC account credentials.

• If Using Edge to cloud setup with hosted tenant app, then “Nvidia NGC Org ID” is also required to be able to securely Authenticate Edge VST with Cloud VST.

• Cloud Hosted MTMC environment with VST which has remote adapter option enabled, use at least VST Helm Chart version 1.0.23 with vst-app-edge-with-ingress-values.yaml as vst_app_override_values_file value in the one-click deploy-template.yml.

• The Edge machine’s externally visible IP address should be whitelisted for both the application (TCP) and the coturn server (TCP & UDP), in the Cloud Hosted MTMC environment. This should be have been done automatically if this is known at provisioning time and used as parameters to the One-Click script, otherwise you will have to do it manually through your cloud portal or console.

  Note

  To find out the externally visable current IP address, that needs to be whitelisted you can run the following command on your edge machine: $ curl ifconfig.me.

Connect edge client to hosted environment

Note

Update remote_vst_address with URL based on yur setup. Authentication Headers in VST URL is only required if App is hosted and managed by NVIDIA.

1. Create a directory called videos in your current working directory, where you put files that are to be streamed to the hosted MTMC application. The videos can be the 7 Building-K videos that are in the metropolis-apps-data tar file. Please make sure “videos” directory has correct permission else file upload to NVStreamer UI will see issue(logs of nvstreamer container should throw errors of perms issue).

2. Edit the vst_config.json in the vst_config directory and change the value of "remote_vst_address": "" to "remote_vst_address": 'https://URL.of.the.app/vms/' OR Edit the vst_config.json in the vst_config directory and change the value of "remote_vst_address": "" to "remote_vst_address": 'https://URL.of.the.hosted.app/vms/ -H "Authorization: Bearer $NV_NGC_KEY" -H "NV-Org-Id: $NV_ORG_ID"' (Please Note Headers are must if remote edge VST is trying to connect to remote Cloud VST which requires authentication for connectivity to be successful).

3. Edit the rtsp_streams.json file in the vst_config directory and replace of all the <Edge_IP> with the local IP address of the edge machine you are on.

4. Run script:

   $ bash ./edgeinstall-webrtc.sh
   

   • Above script should log you into NGC and then start NVStreamer & VST Proxy containers.

5. Confirm they have started and are running:

   $ docker ps
   

   • This will output status and container names of the running containers

Shutdown edge client

1. Stop NVStreamer and VST Proxy by using the container names, that can be found from the output of docker ps:

   $ docker stop <container name> && docker rm <container name>
   

Troubleshoot

1. Examine the logs of NVStreamer to check it has started and is streaming:

   $ docker logs <NvStreamer container name>
   

2. If NVStreamer is streaming then Check RTSP URLs in the NVStreamer GUI, by pointing your browser to http://Your.Edge.IP:31000 and check that the RTSP URL’s displayed are the same as in the rtsp_streams.json file.

3. Examine the logs of VST Proxy to check it has started and is executing:

   $ docker logs <VST Proxy container name>
   

4. Make sure that the externally visible edge IP is whitelisted in both the cloud hosted coturn and MTMC application, see prerequisites above.

5. Browse to the URL you entered in step 2 above and check the cloud VST dashboard for errors.

Edge-to-Cloud via OpenVPN

These instructions together with the included edgeinstall-openvpn.sh script will start containers that will stream a video from the Edge over an OpenVPN tunnel to a hosted MTMC installation in the cloud.

Prerequisites

• Installed Docker on edge system. Docker Installation steps can be followed using this doc.

• Install openvpn client. If your Edge system is running Ubuntu version 20.04 use wget to retrieve the client like this: wget https://launchpad.net/ubuntu/+archive/primary/+files/openvpn_2.4.12-0ubuntu0.20.04.1_amd64.deb For Ubuntu 22.04 the client can be downloaded using https://launchpad.net/ubuntu/+archive/primary/+files/openvpn_2.6.7-1ubuntu1_amd64.deb. Install the downloaded package with sudo dpkg -i openvpn-deb-file-location.

• Installed container runtime.

• NGC account credentials.

• Hosted MTMC environment with OpenVPN access server with downloaded profile.ovpn file.

Important

Before you can connect from edge to cloud via OpenVPN as outlined below you have to setup the OpenVPN server and download the profile as described in the section Configure OpenVPN access server section in Configure OpenVPN access server.

Connect edge client to hosted environment

1. Make sure you have the profile.ovpn file that you downloaded from the the user portal of OpenVPN Access Server in the current directory.

2. Create a directory called videos in your current working directory, where you put files that are to be streamed to the hosted MTMC application. The videos can be the 7 Building-K videos that are in the metropolis-apps-data tar file. Please make sure “videos” directory has correct permission else file upload to NVStreamer UI will see issue (logs of nvstreamer container should throw errors of perms issue).

3. Run script:

   $ sudo bash ./edgeinstall-openvpn.sh
   

   Note

   Note down output of Tunnel VPN IP.

4. Access the locally running NVStreamer GUI at http://Your.Edge.IP:31000 & note down the “RTSP URL of the streams”.

5. Access the remote cloud-hosted VST GUI at https://Your.cloud.MTMC.URL/vms/ and add the edge streams as a new cameras under Camera Management->Add device manually using the RTSP URLs from step 4 above. Make sure to use Tunnel VPM IP you obtained from Step 3 above, when inputting RTSP URL to VST Cloud. For example RTSP URL to input in Cloud VST rtsp://<OpenVPN-Tunnel-IP-from-step-3>:31554/<rest-of-rtsp-url-from-step-4>.

Shutdown edge client

1. Stop NVStreamer by using the container name, which can be found from the output of docker ps:

   $ docker stop <container name> && docker rm <container name>
   

2. Close VPN tunnel by first finding out the Process Id of the openvpn process ps -ef | grep openvpn, and then kill it by running:

   $ sudo kill <Process_id>
   

Appendix: Manual Setup of Edge Components

Note

These manual steps are not required if we setup Edge using Edge-to-Cloud Deployment Using Scripts.

To manually install some of the edge components like edge-side VST, edge-side NVStreamer, & OpenVPN, refer here.