VizSeek: AI-Based Visual Search Platform Deployment on Oracle Cloud
To help VizSeek meet exploding demand for visual search services, the company moved its AI-based platform to Oracle Cloud Infrastructure (OCI).
Now, VizSeek can help consumers index their own content and search for products or files using an image or 3D model, and get similar images or 3D models back as results in seconds. The company can also give manufacturers a tool that helps engineers, sales, and customer support upload photos, 2D or 3D CAD models, or text to instantly locate products and their documentation.
Unlike most search engines that are publicly available on the web, VizSeek's visual search platform offers retailers, manufacturers, and engineers a confined, secure, yet highly available searchable database of their proprietary digital assets.
Founded in 2002 in West Lafayette, Indiana, VizSeek has recently experienced surging demand for its brand of visual search software. This surge comes at a time when the market for visual search is expected to reach nearly $15 billion within the next 12 months, according to data from IndustryARC. VizSeek's move to OCI has not only helped the company prepare for this surge, it has also allowed it to scale its platform easily, and rapidly, while also increasing security and availability for its customers.
After migrating its AI-based visual search platform to Oracle Cloud Infrastructure, VizSeek's customers can now access the company's virtual cloud network (VCN) by using an internet connection to Oracle Cloud Infrastructure Web Application Firewall (WAF). Developers access the network by using a VPN.
Users are then passed through VizSeek's firewall, which is secured by Oracle security lists and Cloud Guard, to their frontend load balanced Windows web servers. These servers are set up on two virtual machines (VMs), each located in its own availability domain (AD) for high availability.
Once authenticated, the frontend servers send user search requests to VizSeek's database systems. In addition to using Oracle MySQL Database Service with the High Availability option, VizSeek uses three clustered Redis databases each of which is paired with a GlusterFS system in its own availability domain. Each availability domain also includes a VM. The search criteria is then indexed on two backend load balanced Linux servers that run their proprietary indexing software.
The frontend also communicates with two Linux searching servers through the backend load balancer. These searching servers communicate with the database systems, but also communicate with VizSeek's GPU servers. VizSeek runs its AI visual search models on two Nvidia V100 GPU load balanced servers, each sitting on a VM in a separate AD. These AI models use TensorFlow and PyTorch to help extract product metadata from any PDF, presentation, raster image, or 3D model, and then classify those files into searchable digital assets.
VizSeek also has two FTP file exchange servers to allow their customers to securely transfer data into the system.
VizSeek has set up strict IAM policies in Oracle Cloud Infrastructure, and use OCI's health checks, monitoring, logging, and auditing to monitor and track their environment.
The following diagram illustrates this reference architecture.
The architecture has the following components:
An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Web Application Firewall (WAF)
Oracle Cloud Infrastructure Web Application Firewall (WAF) is a payment card industry (PCI) compliant, regional-based and edge enforcement service that is attached to an enforcement point, such as a load balancer or a web application domain name. WAF protects applications from malicious and unwanted internet traffic. WAF can protect any internet facing endpoint, providing consistent rule enforcement across a customer's applications.
- Identity and access management (IAM)
Oracle Cloud Infrastructure Identity and Access Management (IAM) enables you to control who can access your resources in Oracle Cloud Infrastructure and the operations that they can perform on those resources.
- Cloud Guard
You can use Oracle Cloud Guard to monitor and maintain the security of your resources in Oracle Cloud Infrastructure. Cloud Guard uses detector recipes that you can define to examine your resources for security weaknesses and to monitor operators and users for risky activities. When any misconfiguration or insecure activity is detected, Cloud Guard recommends corrective actions and assists with taking those actions, based on responder recipes that you can define.
An Oracle Cloud Infrastructure Identity and Access Management policy specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy.
The Oracle Cloud Infrastructure Audit service automatically records calls to all supported Oracle Cloud Infrastructure public application programming interface (API) endpoints as log events. Currently, all services support logging by Oracle Cloud Infrastructure Audit.
- LoggingLogging is a highly scalable and fully managed service that provides access to the following types of logs from your resources in the cloud:
- Audit logs: Logs related to events emitted by the Audit service.
- Service logs: Logs emitted by individual services such as API Gateway, Events, Functions, Load Balancing, Object Storage, and VCN flow logs.
- Custom logs: Logs that contain diagnostic information from custom applications, other cloud providers, or an on-premises environment.
- Availability domain
Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.
- Virtual cloud network (VCN) and subnets
A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
- Security list
For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
- Route table
Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.
- Site-to-Site VPN
Site-to-Site VPN provides IPSec VPN connectivity between your on-premises network and VCNs in Oracle Cloud Infrastructure. The IPSec protocol suite encrypts IP traffic before the packets are transferred from the source to the destination and decrypts the traffic when it arrives.
- Internet gateway
The internet gateway allows traffic between the public subnets in a VCN and the public internet.
- Dynamic routing gateway (DRG)
The DRG is a virtual router that provides a path for private network traffic between a VCN and a network outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or a network in another cloud provider.
- Load balancer
The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.
The Oracle Cloud Infrastructure Compute service enables you to provision and manage compute hosts in the cloud. You can launch compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage. After creating a compute instance, you can access it securely, restart it, attach and detach volumes, and terminate it when you no longer need it.
- Instance configuration
An instance configuration is a template that defines the settings to use when creating compute instances, including details such as the base image, shape, and metadata. You can also specify the associated resources for the instance, such as block volume attachments and the network configuration.
- High-performance computing
Designed for high-performance computing workloads that require high frequency processor cores and cluster networking for massively parallel HPC workloads.
- VM DB System
Oracle VM Database System is an Oracle Cloud Infrastructure (OCI) database service that enables you to build, scale, and manage full-featured Oracle databases on virtual machines. A VM database system uses OCI Block Volumes storage instead of local storage and can run Oracle Real Application Clusters (Oracle RAC) to improve availability.
- Oracle MySQL Database Service
Oracle MySQL Database Service is a fully managed Oracle Cloud Infrastructure (OCI) database service that lets developers quickly develop and deploy secure, cloud native applications. Optimized for and exclusively available in OCI, Oracle MySQL Database Service is 100% built, managed, and supported by the OCI and MySQL engineering teams.
Oracle MySQL Database Service has an integrated, high-performance analytics engine (HeatWave) to run sophisticated real-time analytics directly against an operational MySQL database.
Get Featured in Built and Deployed
Want to show off what you built on Oracle Cloud Infrastructure? Care to share your lessons learned, best practices, and reference architectures with our global community of cloud architects? Let us help you get started.
- Download the template (PPTX)
Illustrate your own reference architecture by dragging and dropping the icons into the sample wireframe.
- Watch the architecture tutorial
Get step by step instructions on how to create a reference architecture.
- Submit your diagram
Send us an email with your diagram. Our cloud architects will review your diagram and contact you to discuss your architecture.
Learn more about the features of this architecture.