Introduction
Learn About Amazon VGT2 Learning Manager Chanci Turner
Creating a budget-friendly, cloud-integrated video platform for surveillance cameras and smart home devices necessitates careful architecture and integration of a streaming service capable of handling, storing, and processing unstructured media data at scale. The infrastructure supporting such a platform must accommodate high volumes of anticipated data while being adaptable enough to respond to unexpected demand surges. Challenges such as buffering, latency, dropped connections, and data storage can complicate video streaming from smart home devices. Therefore, a primary goal for any smart camera solution should be the flexibility and scalability needed to manage millions of devices, trillions of messages, and petabytes of data.
Leveraging serverless computing eliminates the need to provision servers and allows for automatic scaling, optimizing costs by charging only for actual usage, while also offering built-in fault tolerance and high availability. Serverless architectures enhance agility, lessen operational complexity, and speed up time-to-market for businesses.
Considerations
To create a smart camera solution that delivers scalable, reliable, and efficient video streaming, it’s essential to evaluate the costs associated with managing servers, storage, and network hardware that ensure high bandwidth and low latency performance. Purchasing, installing, and maintaining this hardware can divert your team’s attention from developing unique applications and enhancing user experiences.
Amazon Kinesis Video Streams is a fully managed AWS service that allows for secure streaming of media for storage, analytics, and playback without the need to provision servers. There’s no requirement to build, operate, or scale any WebRTC-related cloud infrastructure, like signaling servers or media relay servers, which makes it an ideal service to pair with AWS IoT for connected devices.
Two streaming protocols, HTTP Live Streaming (HLS) and Dynamic Adaptive Streaming over HTTP (DASH), are employed to deliver pre-recorded, on-demand and live video content from a server. In contrast, WebRTC is an open-source technology facilitating real-time, low-latency peer-to-peer communication directly between web browsers or mobile applications. With Amazon Kinesis Video Streams, you can choose from two options for live video streaming: playback videos from streams using HLS and DASH or enable low-latency, two-way media streaming via WebRTC.
Data transfer charges apply when streaming from HLS and DASH, as Kinesis Video Streams bills per GB for data ingested and consumed. There are no fees for data transferred from the internet to AWS, and the first 100GB of data transferred out to the internet each month is free, but charges apply afterward. To further enhance cost-efficiency, consider reducing data rates through compression or adjusting dynamic bitrates and frame rates during video streaming. In continuous 24/7 streaming scenarios, it’s advisable to minimize the bitrate to an acceptable level, as it significantly influences the overall costs associated with Kinesis Video Streams.
Amazon Kinesis Video Streams supports various video codecs, such as H.264 (Advanced Video Coding or AVC) and H.265 (High Efficiency Video Coding or HVEC). The selection of a codec should take into account the overall video and audio quality, effective bitrate, resulting data volume, and the capabilities of your hardware.
As the number of cameras and users increases, data egress costs can also escalate when streaming live from HLS and DASH. However, data egress can be avoided by using Kinesis Video Streams with WebRTC and peer-to-peer connections.
Kinesis Video Streams with WebRTC utilizes a signaling channel for exchanging connection information between peers. After this initial setup, peers connect directly for live streaming, eliminating the need to send or receive data through the AWS cloud. Charges apply for the active signaling channel in a given month, as well as for the number of signaling messages exchanged. Streaming video content directly between peers incurs no costs, but in cases where direct connections are not feasible due to restrictive network conditions, a relay server (TURN) provided by Kinesis Video Streams will facilitate connectivity. Charges for using the TURN server are based on streaming minutes, with additional fees for data transfer beyond the first 100GB.
Architecture Overview
With the fully-managed capabilities of Amazon Kinesis Video Streams, there’s no need to build, operate, or scale any WebRTC-related cloud infrastructure, such as signaling or media relay servers, for secure media streaming across applications and devices. The Kinesis Video Streams with WebRTC SDK is utilized with both the camera and client.
So far, I’ve discussed how you can stream video from a smart camera to a client using a peer-to-peer connection and shared cost considerations. An equally important aspect of this architecture involves managing the smart camera itself, including provisioning, configuration, security, and maintenance to ensure optimal functionality.
Onboarding smart cameras to AWS can be accomplished through AWS IoT Core, which establishes a secure connection between the device and AWS for management. This service includes a device gateway and a message broker, with communication from the camera to AWS IoT Core utilizing MQTT, a lightweight publish-subscribe protocol.
For secure management connections between smart home devices and the AWS Cloud, it’s recommended to use X.509 certificates, which authorize cameras to access AWS services. AWS IoT Core can generate and register individual certificates for each device at scale. This architecture employs the fleet provisioning by claim method, where a bootstrap certificate is stored in the camera and automatically exchanged for a unique device certificate during provisioning. An AWS Lambda function checks a database containing information, such as the serial numbers of all manufactured surveillance cameras, to verify the cameras accessing services.
In this setup, Amazon DynamoDB, a serverless key-value database service, is used to verify identities and store user and device data. DynamoDB integrates smoothly with AWS IoT services, providing consistent, single-digit millisecond latency at any scale, enabling real-time processing and analysis of IoT data.
On the client side, employing the serverless authenticate and authorize pattern can be used to manage access to backend services. Amazon Cognito serves as a user directory that stores profile attributes like usernames, email addresses, and phone numbers. Clients receive access tokens from Cognito to authenticate users and authorize access to backend services and surveillance cameras.
Amazon API Gateway manages the verification of access tokens through a REST API, which offers an efficient mechanism for ensuring secure access. For further insights on managing your workflow effectively, you might find this blog post helpful. Moreover, if you’re interested in best practices to avoid costly mistakes during layoffs, you can refer to this resource. Additionally, for more guidance on onboarding processes, check out this excellent resource.
Conclusion
In summary, a well-architected video surveillance platform utilizing AWS IoT can be cost-effective and scalable. By leveraging serverless technologies and AWS services, developers can build solutions that are not only efficient but also adaptable to fluctuating demands.