WWDC2000 Session 301

Transcript

Kind: captions Language: en please welcome Dennis sir any hi everyone welcome to session 301 quicktime streaming server my name is Dennis or any I'm a software engineer on the QuickTime streaming server team at apple and going to talk to you a lot about quicktime streaming server for those of you who have been at the previous two sessions it's time to shift gears a little bit we talked a lot about authoring a lot about integrating quicktime into your application now i'm going to talk about a whole new class of applications applications over on the server side things like integrating quicktime stringing server into a database or doing custom user interfaces or doing monitoring tools for your streaming clients though a whole new set of applications and i'm going to talk for a while then at the end to all stick around and we can do some Q&A if if you guys have questions ok so the main gist of the presentation I'm going to talk to you a lot about to tss API which is a server-side API we introduced with quicktime streaming server too and it's a fully it's a big c api that allows you to do a lot of things and allows you to extend quicktime streaming server in a lot of ways and a lot of cool applications I'll show some demos of things that you can do with QT SS API and I don't know many of you maybe you don't think that servers are cool when I get through these demos hopefully you'll think that servers are pretty cool and you can do a lot with GPSS so first though I'm going to talk to you a little bit about cute quicktime streaming server to just the features and then i'll also tell you a little bit about things that we're working on for future releases of the server to get a little preview that okay so quick time streaming server 2 is of course we're talking only about rtsp and RTP streaming here it handles real time streaming protocol and real-time transfer trip transport protocol and those are two IETF standard protocols one of the great things is that good time streaming is just really the only major completely standards-based streaming solution out there and we're really trying to make sure that quick time streaming can interoperate with all the tools that support these standards so that's really great and the two major features of quicktime streaming server are that it supports reflecting of live broadcasts in the previous session you saw Kevin talking a little bit about encoders and broadcasters and one slide he showed qg SS sitting in between an encoder and clients so you can use QT SS to reflect a live broadcast out to a whole slew of rtsp clients GPSS manages the complexity of all the rtsp transactions of lots of clients coming in and going out and then it also supports video on demand so that means you can take hinted QuickTime movies drop them in the media folder on the server and the server allows clients to connect over RTSP and view them in streaming one of the things that we added for quicktime streaming server 2 is that we also support rtsp tunneled through HTTP that's different than HTTP progressive downloads is true streaming but it's using the HTTP protocol and why is that important well after we did one point 0 version of the server we found that a lot of people who are behind corporate firewalls or HTTP proxies or a network address translator translators couldn't get access to quicktime streaming because they only on their network topology they could only get access to http stuff so because we support tunnelling rtsp into HTTP it means that if you deploy a quicktime streaming server and if you deploy quicktime street you'll know that all clients will be able to get access to quicktime string no matter what kind of networks are on so that's really important we also added password security this is something that I'll be demoing a little bit later on it's something that you implemented using Q gssapi completely and it's a really important component for doing pay-per-view so that's a really neat thing and then also the unicast multicast relay Kevin told you a little bit about multicast in the previous presentation one problem with multicast that he touched on is just the fact that it's not universally deployed on the Internet so on a lot of networks they they do have multicast but only on pieces of the network or multicast is only good in certain areas if you put a cute ESS machine as a relay at the border point between unicast and multicast it can translate between unicast and multicast and back again and that allows you to utilize multicast where it is available and multicast is really good to take advantage of because there's so much bandwidth savings there's a lot of people that can only do really high bitrate live presentations using multicast because otherwise there would be just not enough bandwidth okay now of course we're working on lots of stuff for the future there's a two things that I want to tell you about one big thing is web administration we want to make sure that QT SS in addition to being the most powerful stringing server out there is the easiest streaming server to set up and the easiest streaming server to manage to monitor all of your clients and that everyone will be able to do that easily remotely and also as part of implementing that web administration interface we're using Q gssapi and we're writing an administration protocol module well what does that mean this module that's on the server will support an administration protocol that you as developers or anyone as a developer can utilize writing a custom administration tool there are so many things out there that site administered streaming site administrators you need to monitor and they need to do it in so many different ways that although we're going to try and cover as many bases as we can we recognize that with streaming moving as fast as it does we just can't cover everything so we want to make it as easy as possible for third parties to tie into the server and we think that if we provide a protocol like this then they'll be able to write custom tools and so that's a really great opportunity to even to sell those tools so they're really great money-making opportunity and in fact there's tons of great money-making opportunities with QT SS and I'll tell you a little bit about some more later on okay now one of the really the most awesome thing about this project and working on this project is that it's totally open source from day one when we shift qts s 1 point 0 we put all of the source out there and that was a little bit more than a year ago since then the entire streaming server team has really invested a lot in working with the open source community and making sure that we're not just taking the open source name that we're really doing everything out in the open and just investing in making this open source project work and it's work really well actually and we've done a lot better actually since starting out we've started to add a lot more platforms so and we've also tried to make sure that all of the platforms that we can compile on we support really well until we've actually done internal testing of darwin streaming server on different platforms and we've also released binaries of the server running on different platforms so right now we support mac OS 10 server of course and we've added since one point 0 we added linux freebsd solaris we recently released a solaris binary and we just announced support for windows NT server and windows 2000 server those binaries are not available yet but we're still doing internal testing on them but because we're open source you can actually get access to that code and if you have visual c++ you have a Windows machine you can check out the open-source CVS and and get the entire source repository and compile that using visual c++ so that's really neat we're doing a lot of our development right now using that open source CVS repository so if you're daring you can check out our latest development versions that we're checking code into all the time and of course you shouldn't really do that and expect to actually deploy it because it may not work but it's it's just neat that we're doing all this development out in the open so because of this open source thing I really haven't heard of another streaming server that is open source so I can really say that we are just the most extensible streaming server out there we give it away we give all the source code away it's just a huge fire sale I'd it's it's really great to work on this project because of that and so developers can just go in there modify the code and do whatever they want with it so and now we've added this cutie ssap I when we first started out with the open source project we took a good look at other successful open source projects because we wanted to emulate as much as possible what they've done in order to make their project successful and of course really the most successful server open source project is the Apache project the Apache group apache is the most popular web server out there and it's really one of the best known open source projects and so we took a look at the Apache server and yeah it's open source and that's really great but in addition to being open source they also provide one of the most popular web server ap is available the Apache API and that really helps their development process because open source developers because they have this API which is documented and which is relatively static developers can go in and modify Apache using the API and were and not really have to worry about the server as a whole all the things that Apache is doing they just have to worry about their particular little feature and so it makes the open source project much more organized and much more focused and so that's one thing that I'm really going to drive home as far as G gssapi it makes developing in the open source framework much easier because there is this organization okay so I've talked a lot about cutie FS API let me go into it in more detail now and it's a see language programming interface you can also we use a lot of C++ in our own modules so you can use C++ as well and it allows developers to add custom modules to the server now these modules can much like Apache modules can either be compiled directly into the server so you can write a module modify the end server internal slightly in order to get it to build inside the server and release a monolithic server with your module added to it and as an alternative something that we're really encouraging module developers to take advantage of as much as possible is you can package up modules as a separate shared library or say on Windows a DLL and in order to do that and when that happens you have a separate piece of code your module and you can drop that into a cute ESS module folder the server doesn't have to be recompiled at all it just when it's starting up it checks the cute ESS module folder and loads whatever modules happen to be there so that's a really easy way to make a module and make it easily deployable so provide separation simplification durability again touching on the whole the benefits that were that were realized by the Apache project when you want to add a feature say time quicktime streaming server into a proprietary database back-end or something you don't have to worry about the fact that GT SS has all these threads running and there's all this network traffic going on and there's like 100 classes or something in the serving you and we're modifying them all the time because we're adding these features you don't have to worry about that because we have this API which is well documented and it's durable so moving forward for Cutie SS three point 0 or four point 0 or 5 you won't have to modify your module because it's an API that's backwards compatible as well so that's a really big benefit how is the API useful what can you do with it well there are just tons of applications we provided so many hooks in the server that are exposed through this module API things like logging so if you have a custom log format in the custom tool that takes advantage of it you can use Q gssapi to have it log in a custom way different file formats so of course cutie SS out of the box supports hinted QuickTime movies now you can provide a plug-in that supports whatever file format you want status reporting real-time statistics is something that you know again and again it's something that's so important to administrators you can run a module in the server that uses some back-end protocol and reports to a viewer a real time viewer of some kind accounting for pay-per-view you can track the users on a site track what they're watching proxy serving so if you want to morph the server and have it be a proxy server that connects to another quick time streaming server upstream you can have it do that through q TFS api virtual hosting is something that's really popular in the web world you can host you we'll domain names in multiple different folders or multiple languages in separate in separate media folders so you can do that with virtual hosting security again that's something that we provided with QT SS 2 point 0 but you might have a custom authentication authorization database that you want to tie the server into you can do that through key gssapi in fact there are two modules that we ship with QT SS 2 point 0 that you can choose from and if you want to do authentication and authorization one of them uses built in UNIX file system privileges in order to do authorization the other one uses something similar to Apaches HT access files we call them QT access files but they're basically the same thing and then finally server administration if again you know getting back to our administration protocol module you can control the server in however in however you want and provide a custom interface for controlling Q GS s so there's tons of things and I mean this is really just a great opportunity because the server is free the server is open source and we're making all these efforts to allow people to write modules very easily and those modules can be sold for over for money so I mean it's just it's just a great opportunity so how do we know that Q gssapi is really useful and how do we know that it really works well the great thing is that when we develop GT ssj2 point oh we integrated this API we decided to take all of the features that we had in QT SS 10 and put them in QT SS API modules and all of the features that we added to queue TSS two point oh we also put in Q gssapi modules and so when we were done with the server we had I think something like 15 modules that we ship along with the server and some of those we provide and compiled in so that people can't like accidentally turn off hinted QuickTime file serving if they mess around with their module folder but some of them we provided as separate binaries for instance the password security stuff we recognize that probably you know some that doesn't concern everyone so we provided those as separate binaries so we really ate our own dog food on this API and so we really know that for all of these applications that I'm talking about it can really be used and it's a really powerful tool in fact really if you take all of the modules out of the server that we should really the server doesn't do anything it's basically just a framework that provides this API to these modules so another thing that we know is that modules perform very well cutie SS there's these numbers that we talk these performance numbers that we talked about we support 2000s low bitrate modem stream clients simultaneously and those numbers were generated not through some optimized code path through the server that's tailored around the benchmark it's those numbers were generated by using the reflector module that I was talking about or using the hinted QuickTime movie file so we know that if you choose to implement a feature for Cutie SS using the module API that you won't be sacrificing anything with performance because we know that the API performs really well ok so told you a lot about the API from a high level let me just go over and show you a little bit about what it can do I've got oh I've got the server up over here on this monitor but I need a client machine over here so that I can show the server talking to the client and that should be demo machine number oh wait oh it fell asleep that's all there we go ok so I've got a Mac os10 server machine over here we aren't authorized yet but at least okay so we've got the server running over here and just as streaming server done starting up and over on this machine over here I've got a client that's ready to connect and watch a movie coming off the server so let me just do that and it's asleep so it's still waking up here we go connecting negotiating and that was coming off this server here now let me just bring down the server can just go control see over there we go so and I've got this folder here it's in on this Drive and user s been and it's in this cute ESS module folder so that's the that's the folder that the server looks for Cutie SS API modules in and I've got this demo authorization module and let me just drag that into the module folder and this demo authorization module works really similar to the access module that I was telling you about that uses QT access files in order to do password security so now when I go back and try and watch that movie again I've got to go to a different port because i was using that port before and now I've got to enter a password and if I enter something that's garbage it says no way you can't do that so I've got a user setup Dennis and Kendall my password is and so by dragging that module into the modules folder I added a new feature to the server i added password security so the server read that when the server was starting up and the module handled denying access to that client okay so that's modules as a separate binary now if I didn't want to provide that module as a separate binary there we go as I was telling you you can package modules both as separate binaries and compile them directly into the server so I've got a different version of the server that I compiled with the demo authorization module inside of it so let me start that server up and there's nothing in the module folder and when I start up the client again Oh uh well I guess you're just gonna have to trust me on it so if the server was up for some reason it's not up let me just try one for well I don't know person if the server was up and running then you'd see the same behaviors that it was showing when I had the demo authorization module in the module folder and that was it would be denying access to users unless they had name and password and that's because I compile that module directly into the server back to slides you know what I think I know why this is happening anyone from the audience I think it's because that machine has got the same IP address oh well I'll keep on going and if I've got problems with later demos then I don't know what I'll do off to reboot the machine so okay so how was that demo authorization module built well as we saw it was built in two different ways using the Qt SS API SDK is what you need to do if you want to build a module as a separate binary so and so and what that SDK includes is a dot H file with just the cute ESS API headers in it and a stub library that you need to link your q gssapi module as a shared library or whatever you link it against that stub library and the SDK includes full documentation on the API now if you want to do is compiled into the server then you need to have a copy of a server source code and then you just take the server and to make changes internally in the server in order to compile directly in and those changes that you need to make in the server are documented in the Qt SS API documentation so you can find out what you need to do if you want to compile it directly into the server but one neat thing about these product this process is that the module code doesn't have to be changed if you want to build it as a shared library or compile it directly into the server so when you're building when you're developing your module when you're developing your feature you don't have to really decide how it's going to be packaged that's one thing that's important for us when we're developing our modules internally we don't really want to have to decide until the last minute whether we package them up as a separate binary or not so because we don't have to change the code we don't really have to make that decision until the last minute okay so now that I've shown you a little bit about the API let's dive into some of the API concepts there are really four major concepts that were introducing with QT SS API and they are roles which are just the framework that allow modules to get invoked the server has a list of well-known roles that they that the server invokes modules in and modules play these roles callbacks are just the function calls in the server that modules make and then there are cute ESS API objects which is the generic data passing mechanism in Q gssapi and streams are the way that modules communicate directly to the client and the demo authorization module used all four of these concepts so as I go through each one I'll show you some source code for what was in the demo authorization module and I'll show you how the demo authorization module it utilizes these concepts so the first one is roles now roles are really similar to if you've dealt with other server api's or other api's in general apache calls them handlers modules play a role there's a list of well-known roles in the API things like initialization and the demo authorization module uses the authorization role in order to in order to authorize clients and modules provide a role handler which is just a function basically and that function gets called when that situation comes up and then the module code execute and from that code then modules can make callbacks and control the server that way so here is just the source code in the demo authorization module talking about roles this is a function called register which is the role handler for the register role it's the first role that gets called by the server when the server is starting up and every QT SF API module must handle this role and the really though only one of the only things that modules need to do from inside this role is just tell the server what other roles it wants to play and it does that by making this ad roll call back and so the demo authorization module here is telling it that it wants to play the initialize role and that is just a role that gets called immediately after the register role and modules can do one time initialization tasks that way it also wants to be called in the reread preferences role and that's a role that gets invoked whenever the server is told to reread its preferences and then finally the rtsp authorized role that gets invoked on every single RTSP request to the server and at from inside that role a module can say whether the client should be allowed or denied and so that's how the demo authorization module told the server to deny access to clients sometimes and then finally the Cutie SS rtsp session object contains information related specifically to the rtsp control connection so things like that pcp IP address and what port that is happening on something like that and then finally the one that was utilized by the demo authorization module before the cutie SS rtsp request object which contains things that are particular to a given rtsp request like what rtsp method was being used as a describe or set up or tear down is it what URL is it accessing what headers that request had things like that okay so finally the last concept qts s API streams streams are our kind of the most powerful way that that modules can manipulate the client because they allow the module to send raw data directly back to the client so if you want to send say a custom response to to a quick time client then you can just do that by writing to a stream and there's a call back in the server called GTS s right that allows you to communicate directly with the client just by sending it data now the interesting thing is that the first demo that I showed you the the the demo authorization module in that demo didn't actually use RTSP streams in order to allow or deny client all it really needs to do is use objects and call set value in order to say that our request is allowed or denied but I've got a modified version of the demo authorization module and let me just bring down the server a keyboard so let me get this the roles version of the demo authorization module out of here and I'll get this new version with streams and put it into the module folder restart the server ok so now now the experience is going to be a little bit different when when users are denied so if I were to put in some kind of bad password here instead of just getting reap romped 'add I get redirected your password or username was incorrect access denied okay so what happened there what the demo authorization module did instead of just returning allowed or denied back to the client it issued an rtsp redirect back to the client which told the client to go and fetch this other movie an error movie and play that instead of just showing the prompt and RTSP redirects in case you're not familiar kind of similar to in the first session we're talking a little bit about HTTP redirects rtsp redirects work exactly the same way it's just a way for the server to tell the client not to go to the URL that it's so if the client sends a request to the server with a certain URL the server can respond with a redirect telling the client to just go somewhere else so the demo authorization module sent one of these redirects to the client telling it to go and fetch that error movie ok back to your slides ok so and the thing is is that the source in order to do that really isn't that much there's just these two calls that I had to add this is really the entire bit of code that I had to add to the demo authorization module in order to get that extra functionality in there so what did I do I used g tss API streams to send that rtsp redirect back to the client because i needed to formulate an entire request because a redirect is kind of a custom request and send that back with the client with the module communicating sending raw data back to the client so in order to do that I got a true rest out of the request object streams are attributes in object so you first have to get the stream out of the object and different streams and different object types do different things the stream that's contained in the rtsp request object can be used to send data back to the client as an rtsp response so that's the first call there that get value pointer which returns a stream ref that can be used and passed into the bottom call there the Q GS s right call and that's just a call which it's just like any other stream interface really that you've seen it just you just write raw data to the stream and it sends it back to the client so what the module is doing is that sending that redirect buffer back to the client and that's just a buffer in memory that contains the the redirect response so that's really all the code then I need to add in order to do that so as I was saying before there are a couple of different kinds of streams in the server there's one contained in the Qt SF session object and again that's a way to communicate directly to the rtsp client sending RTSP responses and then there's one also in the queue gfs request object now these do basically exactly the same thing they're both ways to communicate back to the rtsp client send RTSP responses and the demo authorization module used the bottom one the only difference is that the top one the rtsp session stream doesn't buffer any data internally and so you have to worry about flow control because the server all of these streams are async because the server has to do everything async we're managing lots and lots of client connections so if you blog then you would be blocking lots of clients not just one so if you use the session object stream you have to worry about flow control and that can be useful to use that stream even though you need to worry about it because the bottom one buffer is all data internally in order to protect the module from flow control so it's kind of simpler but you wouldn't want to send like a 30 megabyte file back using the rtsp request object because you'd be buffering that 30 mega bytes in memory which would not be good okay so there's two others in the API there's a there's a stream contained in the queue TSS RTP stream object a lot of streams in one sentence but what that can do is if you write to that stream your writing media data back to the client over RTT so for instance the reflector module that we have for reflecting live broadcasts and the hinted quicktime module that uses RTP streams in the RTP stream object to send video and audio data back to the client so we have a very kind of universal interface for sending all kinds of different data back to the client and then finally the server also provides a stream graph for writing messages out to the error log which is good for having modules give feedback back to administrators ok so that's really coverage of all four concepts in Q gssapi now of course like we're moving the server forward we're also going to be moving the API Ford we're going to be continually adding features to it and we're encouraging you as developers if you do use the API to give us feedback and tell us what you'd like us to do and you know because it's open source you can also go in there and become a contributor yourself so here are just a couple of things that we are thinking about and working on we're moving our configuration file to XML and that one of the main reasons for that is just so that we can compart the compartment mentalize better preferences that have to do with specific modules and as part of that effort we're going to be providing individual cutie SS API objects that represent individual modules and so those module preferences will be stored in those module objects and then finally one of the big requests that we've had from the outside is to provide an API for the file system so that people can write modules to plugin custom file systems this is really important for instance if you want to have GPSS plug into a database or plug qts s into a network file system some kind of custom file system now you can write a module or at least whenever we finish this up then you'll be able to write a module that can implement that file system and have QT SS generically start using your file system so those are just a couple of things that we're working on and again feedback is a big part of this process so here is three key places to look for more information on a cutie SS and Q gssapi and a really nice thing about the API is that it's really well documented we have a lot of documentation on it so hopefully that'll also help ease the learning curve and all of the stuff that I talk about in this presentation is also available in that documentation so in order to get that and to get the QT ssap I ftk you go to public source apple com because it's an open source project and then projects streaming now if you're just interested in checking out quicktime streaming server running on mac OS 10 server you can go to apple com quicktime servers HTML you can download it it's free if you've already got a copy of mac OS 10 server so it's really easy to get set up and if you go to the first link actually then we also have on that site binaries for all of our different platforms except again windows and that's coming soon so you can download their linux binaries you can download freebsd stellaris and we also have an open source version of mac OS 10 server i think and then finally a really great resource for talking to the quicktime streaming server engineering team directly and giving feedback and asking questions is by using the darwin streaming server development list and the way that you get on that is lists apple com streaming server search for streaming server and it's really easy to sign on and that's a really active list everyone's asking questions about their having problems compiling on certain platforms or they have certain suggestions for the code people give us people submit code that way so it's a really it's a really good way of getting in touch with us directly so I encourage you to do that and then finally we've got QA now we've got plenty of time actually so if you guys want to stick around and go to the microphones here I don't know [Applause]