WWDC2000 Session 301

Transcript

Kind: captions
Language: en
please welcome Dennis sir any hi
everyone welcome to session 301
quicktime streaming server my name is
Dennis or any I'm a software engineer on
the QuickTime streaming server team at
apple and going to talk to you a lot
about quicktime streaming server for
those of you who have been at the
previous two sessions it's time to shift
gears a little bit we talked a lot about
authoring a lot about integrating
quicktime into your application now i'm
going to talk about a whole new class of
applications applications over on the
server side things like integrating
quicktime stringing server into a
database or doing custom user interfaces
or doing monitoring tools for your
streaming clients though a whole new set
of applications and i'm going to talk
for a while then at the end to all stick
around and we can do some Q&A if if you
guys have questions ok so the main gist
of the presentation I'm going to talk to
you a lot about to tss API which is a
server-side API we introduced with
quicktime streaming server too and it's
a fully it's a big c api that allows you
to do a lot of things and allows you to
extend quicktime streaming server in a
lot of ways and a lot of cool
applications I'll show some demos of
things that you can do with QT SS API
and I don't know many of you maybe you
don't think that servers are cool when I
get through these demos hopefully you'll
think that servers are pretty cool and
you can do a lot with GPSS so first
though I'm going to talk to you a little
bit about cute quicktime streaming
server to just the features and then
i'll also tell you a little bit about
things that we're working on for future
releases of the server to get a little
preview that
okay so quick time streaming server 2 is
of course we're talking only about rtsp
and RTP streaming here it handles real
time streaming protocol and real-time
transfer trip transport protocol and
those are two IETF standard protocols
one of the great things is that good
time streaming is just really the only
major completely standards-based
streaming solution out there and we're
really trying to make sure that quick
time streaming can interoperate with all
the tools that support these standards
so that's really great and the two major
features of quicktime streaming server
are that it supports reflecting of live
broadcasts in the previous session you
saw Kevin talking a little bit about
encoders and broadcasters and one slide
he showed qg SS sitting in between an
encoder and clients so you can use QT SS
to reflect a live broadcast out to a
whole slew of rtsp clients GPSS manages
the complexity of all the rtsp
transactions of lots of clients coming
in and going out and then it also
supports video on demand so that means
you can take hinted QuickTime movies
drop them in the media folder on the
server and the server allows clients to
connect over RTSP and view them in
streaming one of the things that we
added for quicktime streaming server 2
is that we also support rtsp tunneled
through HTTP that's different than HTTP
progressive downloads is true streaming
but it's using the HTTP protocol and why
is that important well after we did one
point 0 version of the server we found
that a lot of people who are behind
corporate firewalls or HTTP proxies or a
network address translator translators
couldn't get access to quicktime
streaming because they only on their
network topology they could only get
access to http stuff so because we
support tunnelling rtsp into HTTP it
means that if you deploy a quicktime
streaming server and if you deploy
quicktime street
you'll know that all clients will be
able to get access to quicktime string
no matter what kind of networks are on
so that's really important we also added
password security this is something that
I'll be demoing a little bit later on
it's something that you implemented
using Q gssapi completely and it's a
really important component for doing
pay-per-view so that's a really neat
thing and then also the unicast
multicast relay Kevin told you a little
bit about multicast in the previous
presentation one problem with multicast
that he touched on is just the fact that
it's not universally deployed on the
Internet so on a lot of networks they
they do have multicast but only on
pieces of the network or multicast is
only good in certain areas if you put a
cute ESS machine as a relay at the
border point between unicast and
multicast it can translate between
unicast and multicast and back again and
that allows you to utilize multicast
where it is available and multicast is
really good to take advantage of because
there's so much bandwidth savings
there's a lot of people that can only do
really high bitrate live presentations
using multicast because otherwise there
would be just not enough bandwidth okay
now of course we're working on lots of
stuff for the future there's a two
things that I want to tell you about one
big thing is web administration we want
to make sure that QT SS in addition to
being the most powerful stringing server
out there is the easiest streaming
server to set up and the easiest
streaming server to manage to monitor
all of your clients and that everyone
will be able to do that easily remotely
and also as part of implementing that
web administration interface we're using
Q gssapi and we're writing an
administration protocol module well what
does that mean this module that's on the
server will support an administration
protocol that you as developers or
anyone as a developer can utilize
writing a custom administration tool
there are so many things out there that
site administered streaming site
administrators you need to monitor and
they need to do it in so many different
ways that although we're going to try
and cover as many bases as we can we
recognize that with streaming moving as
fast as it does we just can't cover
everything so we want to make it as easy
as possible for third parties to tie
into the server and we think that if we
provide a protocol like this then
they'll be able to write custom tools
and so that's a really great opportunity
to even to sell those tools so they're
really great money-making opportunity
and in fact there's tons of great
money-making opportunities with QT SS
and I'll tell you a little bit about
some more later on okay now one of the
really the most awesome thing about this
project and working on this project is
that it's totally open source from day
one when we shift qts s 1 point 0 we put
all of the source out there and that was
a little bit more than a year ago since
then the entire streaming server team
has really invested a lot in working
with the open source community and
making sure that we're not just taking
the open source name that we're really
doing everything out in the open and
just investing in making this open
source project work and it's work really
well actually and we've done a lot
better actually since starting out we've
started to add a lot more platforms so
and we've also tried to make sure that
all of the platforms that we can compile
on we support really well until we've
actually done internal testing of darwin
streaming server on different platforms
and we've also released binaries of the
server running on different platforms so
right now we support mac OS 10 server of
course and we've added since one point 0
we added linux freebsd solaris we
recently released a solaris binary and
we just announced support for windows NT
server and windows 2000 server
those binaries are not available yet but
we're still doing internal testing on
them but because we're open source you
can actually get access to that code and
if you have visual c++ you have a
Windows machine you can check out the
open-source CVS and and get the entire
source repository and compile that using
visual c++ so that's really neat we're
doing a lot of our development right now
using that open source CVS repository so
if you're daring you can check out our
latest development versions that we're
checking code into all the time and of
course you shouldn't really do that and
expect to actually deploy it because it
may not work but it's it's just neat
that we're doing all this development
out in the open so because of this open
source thing I really haven't heard of
another streaming server that is open
source so I can really say that we are
just the most extensible streaming
server out there we give it away we give
all the source code away it's just a
huge fire sale I'd it's it's really
great to work on this project because of
that and so developers can just go in
there modify the code and do whatever
they want with it so and now we've added
this cutie ssap I when we first started
out with the open source project we took
a good look at other successful open
source projects because we wanted to
emulate as much as possible what they've
done in order to make their project
successful and of course really the most
successful server open source project is
the Apache project the Apache group
apache is the most popular web server
out there and it's really one of the
best known open source projects and so
we took a look at the Apache server and
yeah it's open source and that's really
great but in addition to being open
source they also provide one of the most
popular web server ap is available the
Apache API and that really helps their
development process
because open source developers because
they have this API which is documented
and which is relatively static
developers can go in and modify Apache
using the API and were and not really
have to worry about the server as a
whole all the things that Apache is
doing they just have to worry about
their particular little feature and so
it makes the open source project much
more organized and much more focused and
so that's one thing that I'm really
going to drive home as far as G gssapi
it makes developing in the open source
framework much easier because there is
this organization okay so I've talked a
lot about cutie FS API let me go into it
in more detail now and it's a see
language programming interface you can
also we use a lot of C++ in our own
modules so you can use C++ as well and
it allows developers to add custom
modules to the server now these modules
can much like Apache modules can either
be compiled directly into the server so
you can write a module modify the end
server internal slightly in order to get
it to build inside the server and
release a monolithic server with your
module added to it and as an alternative
something that we're really encouraging
module developers to take advantage of
as much as possible is you can package
up modules as a separate shared library
or say on Windows a DLL and in order to
do that and when that happens you have a
separate piece of code your module and
you can drop that into a cute ESS module
folder the server doesn't have to be
recompiled at all it just when it's
starting up it checks the cute ESS
module folder and loads whatever modules
happen to be there so that's a really
easy way to make a module and make it
easily deployable so provide separation
simplification durability again touching
on the whole the
benefits that were that were realized by
the Apache project when you want to add
a feature say time quicktime streaming
server into a proprietary database
back-end or something you don't have to
worry about the fact that GT SS has all
these threads running and there's all
this network traffic going on and
there's like 100 classes or something in
the serving you and we're modifying them
all the time because we're adding these
features you don't have to worry about
that because we have this API which is
well documented and it's durable so
moving forward for Cutie SS three point
0 or four point 0 or 5 you won't have to
modify your module because it's an API
that's backwards compatible as well so
that's a really big benefit how is the
API useful what can you do with it well
there are just tons of applications we
provided so many hooks in the server
that are exposed through this module API
things like logging so if you have a
custom log format in the custom tool
that takes advantage of it you can use Q
gssapi to have it log in a custom way
different file formats so of course
cutie SS out of the box supports hinted
QuickTime movies now you can provide a
plug-in that supports whatever file
format you want status reporting
real-time statistics is something that
you know again and again it's something
that's so important to administrators
you can run a module in the server that
uses some back-end protocol and reports
to a viewer a real time viewer of some
kind accounting for pay-per-view you can
track the users on a site track what
they're watching proxy serving so if you
want to morph the server and have it be
a proxy server that connects to another
quick time streaming server upstream you
can have it do that through q TFS api
virtual hosting is something that's
really popular in the web world you can
host you
we'll domain names in multiple different
folders or multiple languages in
separate in separate media folders so
you can do that with virtual hosting
security again that's something that we
provided with QT SS 2 point 0 but you
might have a custom authentication
authorization database that you want to
tie the server into you can do that
through key gssapi in fact there are two
modules that we ship with QT SS 2 point
0 that you can choose from and if you
want to do authentication and
authorization one of them uses built in
UNIX file system privileges in order to
do authorization the other one uses
something similar to Apaches HT access
files we call them QT access files but
they're basically the same thing and
then finally server administration if
again you know getting back to our
administration protocol module you can
control the server in however in however
you want and provide a custom interface
for controlling Q GS s so there's tons
of things and I mean this is really just
a great opportunity because the server
is free the server is open source and
we're making all these efforts to allow
people to write modules very easily and
those modules can be sold for over for
money so I mean it's just it's just a
great opportunity so how do we know that
Q gssapi is really useful and how do we
know that it really works well the great
thing is that when we develop GT ssj2
point oh we integrated this API we
decided to take all of the features that
we had in QT SS 10 and put them in QT SS
API modules and all of the features that
we added to queue TSS two point oh we
also put in Q gssapi modules and so when
we were done with the server we had I
think something like 15 modules that we
ship along with the server and some of
those we provide and compiled in so that
people can't like accidentally turn off
hinted QuickTime file
serving if they mess around with their
module folder but some of them we
provided as separate binaries for
instance the password security stuff we
recognize that probably you know some
that doesn't concern everyone so we
provided those as separate binaries so
we really ate our own dog food on this
API and so we really know that for all
of these applications that I'm talking
about it can really be used and it's a
really powerful tool in fact really if
you take all of the modules out of the
server that we should really the server
doesn't do anything it's basically just
a framework that provides this API to
these modules so another thing that we
know is that modules perform very well
cutie SS there's these numbers that we
talk these performance numbers that we
talked about we support 2000s low
bitrate modem stream clients
simultaneously and those numbers were
generated not through some optimized
code path through the server that's
tailored around the benchmark it's those
numbers were generated by using the
reflector module that I was talking
about or using the hinted QuickTime
movie file so we know that if you choose
to implement a feature for Cutie SS
using the module API that you won't be
sacrificing anything with performance
because we know that the API performs
really well ok so told you a lot about
the API from a high level let me just go
over and show you a little bit about
what it can do I've got oh I've got the
server up over here on this monitor but
I need a client machine over here so
that I can show the server talking to
the client and that should be demo
machine number oh wait oh it fell asleep
that's all there we go ok so I've got a
Mac os10 server machine over here we
aren't authorized yet but at least
okay so we've got the server running
over here and just as streaming server
done starting up and over on this
machine over here I've got a client
that's ready to connect and watch a
movie coming off the server so let me
just do that and it's asleep so it's
still waking up here we go connecting
negotiating and that was coming off this
server here now let me just bring down
the server can just go control see over
there we go so and I've got this folder
here it's in on this Drive and user s
been and it's in this cute ESS module
folder so that's the that's the folder
that the server looks for Cutie SS API
modules in and I've got this demo
authorization module and let me just
drag that into the module folder and
this demo authorization module works
really similar to the access module that
I was telling you about that uses QT
access files in order to do password
security so now when I go back and try
and watch that movie again I've got to
go to a different port because i was
using that port before and now I've got
to enter a password and if I enter
something that's garbage it says no way
you can't do that so I've got a user
setup Dennis and Kendall my password is
and so by dragging that module into the
modules folder I added a new feature to
the server i added password security so
the server read that when the server was
starting up and the module handled
denying access to that client okay so
that's modules as a separate binary now
if I didn't want to provide that module
as a separate binary
there we go as I was telling you you can
package modules both as separate
binaries and compile them directly into
the server so I've got a different
version of the server that I compiled
with the demo authorization module
inside of it so let me start that server
up and there's nothing in the module
folder and when I start up the client
again Oh
uh
well I guess you're just gonna have to
trust me on it so if the server was up
for some reason it's not up let me just
try one for
well I don't know person if the server
was up and running then you'd see the
same behaviors that it was showing when
I had the demo authorization module in
the module folder and that was it would
be denying access to users unless they
had name and password and that's because
I compile that module directly into the
server back to slides you know what I
think I know why this is happening
anyone from the audience I think it's
because that machine has got the same IP
address oh well I'll keep on going and
if I've got problems with later demos
then I don't know what I'll do off to
reboot the machine so okay so how was
that demo authorization module built
well as we saw it was built in two
different ways using the Qt SS API SDK
is what you need to do if you want to
build a module as a separate binary so
and so and what that SDK includes is a
dot H file with just the cute ESS API
headers in it and a stub library that
you need to link your q gssapi module as
a shared library or whatever you link it
against that stub library and the SDK
includes full documentation on the API
now if you want to do is compiled into
the server then you need to have a copy
of a server source code and then you
just take the server and to make changes
internally in the server in order to
compile directly in and those changes
that you need to make in the server are
documented in the Qt SS API
documentation so you can find out what
you need to do if you want to compile it
directly into the server but one neat
thing about these product this process
is that the module code doesn't have to
be changed if you want to build it as a
shared library
or compile it directly into the server
so when you're building when you're
developing your module when you're
developing your feature you don't have
to really decide how it's going to be
packaged that's one thing that's
important for us when we're developing
our modules internally we don't really
want to have to decide until the last
minute whether we package them up as a
separate binary or not so because we
don't have to change the code we don't
really have to make that decision until
the last minute okay so now that I've
shown you a little bit about the API
let's dive into some of the API concepts
there are really four major concepts
that were introducing with QT SS API and
they are roles which are just the
framework that allow modules to get
invoked the server has a list of
well-known roles that they that the
server invokes modules in and modules
play these roles callbacks are just the
function calls in the server that
modules make and then there are cute ESS
API objects which is the generic data
passing mechanism in Q gssapi and
streams are the way that modules
communicate directly to the client and
the demo authorization module used all
four of these concepts so as I go
through each one I'll show you some
source code for what was in the demo
authorization module and I'll show you
how the demo authorization module it
utilizes these concepts so the first one
is roles now roles are really similar to
if you've dealt with other server api's
or other api's in general apache calls
them handlers modules play a role
there's a list of well-known roles in
the API things like initialization and
the demo authorization module uses the
authorization role in order to in order
to authorize clients and modules provide
a role handler which is just a function
basically and that function gets called
when that situation comes up and then
the module code
execute and from that code then modules
can make callbacks and control the
server that way so here is just the
source code in the demo authorization
module talking about roles this is a
function called register which is the
role handler for the register role it's
the first role that gets called by the
server when the server is starting up
and every QT SF API module must handle
this role and the really though only one
of the only things that modules need to
do from inside this role is just tell
the server what other roles it wants to
play and it does that by making this ad
roll call back and so the demo
authorization module here is telling it
that it wants to play the initialize
role and that is just a role that gets
called immediately after the register
role and modules can do one time
initialization tasks that way it also
wants to be called in the reread
preferences role and that's a role that
gets invoked whenever the server is told
to reread its preferences and then
finally the rtsp authorized role that
gets invoked on every single RTSP
request to the server and at from inside
that role a module can say whether the
client should be allowed or denied and
so that's how the demo authorization
module told the server to deny access to
clients sometimes
and then finally the Cutie SS rtsp
session object contains information
related specifically to the rtsp control
connection so things like that pcp IP
address and what port that is happening
on something like that and then finally
the one that was utilized by the demo
authorization module before the cutie SS
rtsp request object which contains
things that are particular to a given
rtsp request like what rtsp method was
being used as a describe or set up or
tear down is it what URL is it accessing
what headers that request had things
like that
okay so finally the last concept qts s
API streams streams are our kind of the
most powerful way that that modules can
manipulate the client because they allow
the module to send raw data directly
back to the client so if you want to
send say a custom response to to a quick
time client then you can just do that by
writing to a stream and there's a call
back in the server called GTS s right
that allows you to communicate directly
with the client just by sending it data
now the interesting thing is that the
first demo that I showed you the the the
demo authorization module in that demo
didn't actually use RTSP streams in
order to allow or deny client all it
really needs to do is use objects and
call set value in order to say that our
request is allowed or denied but I've
got a modified version of the demo
authorization module and let me just
bring down the server a keyboard so let
me get this the roles version of the
demo authorization module out of here
and I'll get this new version with
streams and put it into the module
folder
restart the server ok so now
now the experience is going to be a
little bit different when when users are
denied so if I were to put in some kind
of bad password here instead of just
getting reap romped 'add I get
redirected your password or username was
incorrect access denied okay so what
happened there what the demo
authorization module did instead of just
returning allowed or denied back to the
client it issued an rtsp redirect back
to the client which told the client to
go and fetch this other movie an error
movie and play that instead of just
showing the prompt and RTSP redirects in
case you're not familiar kind of similar
to in the first session we're talking a
little bit about HTTP redirects rtsp
redirects work exactly the same way it's
just a way for the server to tell the
client not to go to the URL that it's so
if the client sends a request to the
server with a certain URL the server can
respond with a redirect telling the
client to just go somewhere else so the
demo authorization module sent one of
these redirects to the client telling it
to go and fetch that error movie ok back
to your slides ok so and the thing is is
that the source in order to do that
really isn't that much there's just
these two calls that I had to add this
is really the entire bit of code that I
had to add to the demo authorization
module in order to get that extra
functionality in there so what did I do
I used g tss API streams to send that
rtsp redirect back to the client because
i needed to formulate an entire request
because a redirect is kind of a custom
request and send that back with the
client with the module communicating
sending raw data back to the client so
in order to do that I got a true
rest out of the request object streams
are attributes in object so you first
have to get the stream out of the object
and different streams and different
object types do different things the
stream that's contained in the rtsp
request object can be used to send data
back to the client as an rtsp response
so that's the first call there that get
value pointer which returns a stream ref
that can be used and passed into the
bottom call there the Q GS s right call
and that's just a call which it's just
like any other stream interface really
that you've seen it just you just write
raw data to the stream and it sends it
back to the client so what the module is
doing is that sending that redirect
buffer back to the client and that's
just a buffer in memory that contains
the the redirect response so that's
really all the code then I need to add
in order to do that so as I was saying
before there are a couple of different
kinds of streams in the server there's
one contained in the Qt SF session
object and again that's a way to
communicate directly to the rtsp client
sending RTSP responses and then there's
one also in the queue gfs request object
now these do basically exactly the same
thing they're both ways to communicate
back to the rtsp client send RTSP
responses and the demo authorization
module used the bottom one the only
difference is that the top one the rtsp
session stream doesn't buffer any data
internally and so you have to worry
about flow control because the server
all of these streams are async because
the server has to do everything async
we're managing lots and lots of client
connections so if you blog then you
would be blocking lots of clients not
just one so if you use the session
object stream you have to worry about
flow control and that can be useful to
use that stream even though you need to
worry about it because the bottom one
buffer is all data internally in order
to protect
the module from flow control so it's
kind of simpler but you wouldn't want to
send like a 30 megabyte file back using
the rtsp request object because you'd be
buffering that 30 mega bytes in memory
which would not be good okay so there's
two others in the API there's a there's
a stream contained in the queue TSS RTP
stream object a lot of streams in one
sentence but what that can do is if you
write to that stream your writing media
data back to the client over RTT so for
instance the reflector module that we
have for reflecting live broadcasts and
the hinted quicktime module that uses
RTP streams in the RTP stream object to
send video and audio data back to the
client so we have a very kind of
universal interface for sending all
kinds of different data back to the
client and then finally the server also
provides a stream graph for writing
messages out to the error log which is
good for having modules give feedback
back to administrators ok so that's
really coverage of all four concepts in
Q gssapi now of course like we're moving
the server forward we're also going to
be moving the API Ford we're going to be
continually adding features to it and
we're encouraging you as developers if
you do use the API to give us feedback
and tell us what you'd like us to do and
you know because it's open source you
can also go in there and become a
contributor yourself so here are just a
couple of things that we are thinking
about and working on we're moving our
configuration file to XML and that one
of the main reasons for that is just so
that we can compart the compartment
mentalize better preferences that have
to do with specific modules and as part
of that effort we're going to be
providing individual cutie SS API
objects that represent individual
modules and so those module preferences
will be stored in those module objects
and then finally one of the big requests
that we've had from the outside is to
provide an API for the file system so
that people can write modules to
plugin custom file systems this is
really important for instance if you
want to have GPSS plug into a database
or plug qts s into a network file system
some kind of custom file system now you
can write a module or at least whenever
we finish this up then you'll be able to
write a module that can implement that
file system and have QT SS generically
start using your file system so those
are just a couple of things that we're
working on and again feedback is a big
part of this process so here is three
key places to look for more information
on a cutie SS and Q gssapi and a really
nice thing about the API is that it's
really well documented we have a lot of
documentation on it so hopefully that'll
also help ease the learning curve and
all of the stuff that I talk about in
this presentation is also available in
that documentation so in order to get
that and to get the QT ssap I ftk you go
to public source apple com because it's
an open source project and then projects
streaming now if you're just interested
in checking out quicktime streaming
server running on mac OS 10 server you
can go to apple com quicktime servers
HTML you can download it it's free if
you've already got a copy of mac OS 10
server so it's really easy to get set up
and if you go to the first link actually
then we also have on that site binaries
for all of our different platforms
except again windows and that's coming
soon so you can download their linux
binaries you can download freebsd
stellaris and we also have an open
source version of mac OS 10 server i
think and then finally a really great
resource for talking to the quicktime
streaming server engineering team
directly and giving feedback and asking
questions is by using the darwin
streaming server development list and
the way that you get on that is lists
apple com streaming server search for
streaming server and it's really easy to
sign on and that's a really active list
everyone's asking questions about their
having problems compiling on certain
platforms or they have certain
suggestions for the code people give us
people submit code that way so it's a
really it's a really good way of getting
in touch with us directly so I encourage
you to do that and then finally we've
got QA now we've got plenty of time
actually so if you guys want to stick
around and go to the microphones here I
don't know
[Applause]