Deploy a Low-Latency Watch Party Video Streaming Platform on Oracle Cloud
Demand for live streaming watch parties has boomed in recent years, creating a growing market for streaming platforms like Red5 Pro.
Despite intense competition among streaming providers, not all platforms are created equal. In fact, many streaming services come with latency of 30-120s or more. Such lag can ruin a watch party, as some members get to experience the excitement of a home run, slam dunk, or knockout as it happens, while others suffer through the cheers of their co-watchers seconds before seeing the action themselves. But Red5 Pro has developed a media server system based on Web Real-Time Communication (WebRTC) that delivers live stream video with a latency of less than 500ms, or about .5 seconds, allowing everyone in the watch party to see the action simultaneously.
Red5 Pro runs its platform on Oracle Cloud Infrastructure (OCI) and supports watch parties on KeepBoxingFree.com. Each Red5 Pro deployment supports 50,000 users, 6,250 watch parties, and eight users per watch party. Red5 Pro is capable of scaling in small increments: a single node (the smallest you can scale by) adds a capacity of 300-1000 users. Scaling in small increments allows Red5 Pro to scale on demand without idle instances. Depending on how many people are watching and how long they watch, it is estimated that the egress traffic will generate:
- Bitrates of 4.5 Mbps for up to 50,000 users
- Latency of less than 500ms, even during peak capacity
Red5 Pro chose to run its platform on Oracle Cloud Infrastructure so it could take advantage of:
- Flexibility to scale out quickly during bursts using the AMD E4 Flex compute shape
- Lower costs of data transfers
There are no charges for inbound data transfers. For outbound data transfers, the first 10 TB per month are free.
- Consistent times in launching Red5 Pro nodes (instances)
With other hyperscalers, launch times previously took eight to ten hours. With OCI, launch times are reduced to two hours. This allows Red5 Pro to scale for capacity when it quickly needs hundreds of nodes/instances.
Architecture
A Red5 Pro watch party can be accessed by the general public, celebrities, and the broadcasters who are responsible for providing the live video feed for an event.
The architecture consists of clusters of Red5 Pro servers in different regions of Oracle Cloud Infrastructure (OCI), which are managed by stream managers. These stream managers are the main entry points into the Red5 Pro ecosystem, and are responsible for assigning a suitable server instance to publish or subscribe to a stream. Stream managers are also load balanced, and are responsible for monitoring and managing node life cycles.
Users register for an account by accessing the watch party web server. User account information and event details are stored in a fully managed Oracle MySQL Database Service cluster that hosts a conference database. Account holders can then register for an event and invite their friends to join them in a watch party. After authentication, user traffic passes through a set of load balancers and then to watch party web servers that are scaled by using OCI Autoscaling to handle any surges in user traffic.
All virtual instances in the architecture run on AMD E4 Flex virtual machines (VMs). On the day of an event, broadcasters send their event feed to a transcoder, which transforms the feed into different variants (Adaptive Bit Rate streams of various resolutions) or directly to the origin servers if transcoding is not needed. Red5 Pro supports two types of streams: a live stream, which is generated by a broadcaster, and web stream, which is generated by watch party subscribers who are involved in the video chat through their web cameras.
Stream managers direct broadcaster traffic to origin servers and subscriber traffic to edge servers. Stream managers also act as signaling servers to proxy web sockets between peers in a WebRTC connection. Streaming information is maintained by the stream manager and then stored in the Oracle MySQL Database Service cluster that represents the conference database. To assure low latency, Red5 Pro doesn't have any load balancers for the origin and edge servers, minimizing the hops between publishers and subscribers. Network security groups (NSGs) control network traffic between resources.
The following diagram illustrates the web party and broadcast connection process.
High availability of the web interface is maintained by load balancing servers in an availability domain across three fault domains. Both the Oracle MySQL Database Service databases are in a highly available cluster. Data that is written to a primary database is also replicated to the standby database. The stream managers autoscale origin servers and edge servers to support the changes in load. Stream managers use terraform code to dynamically provision and deprovision nodes for autoscaling. Scaling is configured and triggered through Red5 Pro policies, which are based on the number of connections to the origin and edge nodes. For example, by default, a 60% alarm is triggered for each component. If a policy of 400 connections is set for an edge server, when there are 241 connections, a new edge server is deployed to accommodate additional users. Policies can be set to prestage a server instead of scaling as needed. Oracle Cloud Infrastructure Domain Name Service is used to manage DNS zones for the supporting event. OCI Email Delivery services are used for sending emails from the Red5 Pro system to registered users.
The following diagram illustrates this reference architecture.
red5-oci-architecture-oracle.zip
Red5 Pro's vision for a future state architecture includes:
- Deploying the Red5 Pro platform in multiple OCI regions across the globe
- Creating a multitenant architecture to support many broadcast channels per server
- Integrating Oracle artificial intelligence speech and language services for speech to text transcription and language translations which enable multilingual options for both broadcasters and users
The architecture has the following components:
- Tenancy
A tenancy is a secure and isolated partition that Oracle sets up within Oracle Cloud when you sign up for Oracle Cloud Infrastructure. You can create, organize, and administer your resources in Oracle Cloud within your tenancy. A tenancy is synonymous with a company or organization. Usually, a company will have a single tenancy and reflect its organizational structure within that tenancy. A single tenancy is usually associated with a single subscription, and a single subscription usually only has one tenancy.
- Region
An Oracle Cloud Infrastructure region is a localized geographic area that contains one or more data centers, called availability domains. Regions are independent of other regions, and vast distances can separate them (across countries or even continents).
- Compartment
Compartments are cross-region logical partitions within an Oracle Cloud Infrastructure tenancy. Use compartments to organize your resources in Oracle Cloud, control access to the resources, and set usage quotas. To control access to the resources in a given compartment, you define policies that specify who can access the resources and what actions they can perform.
- Availability domain
Availability domains are standalone, independent data centers within a region. The physical resources in each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don’t share infrastructure such as power or cooling, or the internal availability domain network. So, a failure at one availability domain is unlikely to affect the other availability domains in the region.
- Bastion service
Oracle Cloud Infrastructure Bastion provides restricted and time-limited secure access to resources that don't have public endpoints and that require strict resource access controls, such as bare metal and virtual machines, Oracle MySQL Database Service, Autonomous Transaction Processing (ATP), Oracle Container Engine for Kubernetes (OKE), and any other resource that allows Secure Shell Protocol (SSH) access. With Oracle Cloud Infrastructure Bastion service, you can enable access to private hosts without deploying and maintaining a jump host. In addition, you gain improved security posture with identity-based permissions and a centralized, audited, and time-bound SSH session. Oracle Cloud Infrastructure Bastion removes the need for a public IP for bastion access, eliminating the hassle and potential attack surface when providing remote access.
- DNS
Oracle Cloud Infrastructure Domain Name System (DNS) service is a highly scalable, global anycast domain name system (DNS) network that offers enhanced DNS performance, resiliency, and scalability, so that end users connect to customers’ application as quickly as possible, from wherever they are.
- Policy
An Oracle Cloud Infrastructure Identity and Access Management policy specifies who can access which resources, and how. Access is granted at the group and compartment level, which means you can write a policy that gives a group a specific type of access within a specific compartment, or to the tenancy.
- Email Delivery
Oracle Cloud Infrastructure Email Delivery is a highly scalable, cost effective, and reliable email delivery service for sending high-volume, application-generated emails for mission-critical marketing, notification, and transactional communications such as receipts, fraud detection alerts, multifactor identity verification, and password resets.
- Terraform
Oracle Cloud Infrastructure Resource Manager allows you to automate the process of provisioning Terraform resources. It helps you install, configure, and manage resources using the infrastructure-as-code model.
- Virtual cloud network (VCN) and subnets
A VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Like traditional data center networks, VCNs give you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks that you can change after you create the VCN. You can segment a VCN into subnets, which can be scoped to a region or to an availability domain. Each subnet consists of a contiguous range of addresses that don't overlap with the other subnets in the VCN. You can change the size of a subnet after creation. A subnet can be public or private.
- Security list
For each subnet, you can create security rules that specify the source, destination, and type of traffic that must be allowed in and out of the subnet.
- Route table
Virtual route tables contain rules to route traffic from subnets to destinations outside a VCN, typically through gateways.
- Internet gateway
The internet gateway allows traffic between the public subnets in a VCN and the public internet.
- Service gateway
The service gateway provides access from a VCN to other services, such as Oracle Cloud Infrastructure Object Storage. The traffic from the VCN to the Oracle service travels over the Oracle network fabric and never traverses the internet.
- Network security group (NSG)
Network security group (NSG) acts as a virtual firewall for your cloud resources. With the zero-trust security model of Oracle Cloud Infrastructure, all traffic is denied, and you can control the network traffic inside a VCN. An NSG consists of a set of ingress and egress security rules that apply to only a specified set of VNICs in a single VCN.
- Load balancer
The Oracle Cloud Infrastructure Load Balancing service provides automated traffic distribution from a single entry point to multiple servers in the back end.
- Compute
The Oracle Cloud Infrastructure Compute service enables you to provision and manage compute hosts in the cloud. You can launch compute instances with shapes that meet your resource requirements for CPU, memory, network bandwidth, and storage. After creating a compute instance, you can access it securely, restart it, attach and detach volumes, and terminate it when you no longer need it.
- Oracle MySQL Database Service
Oracle MySQL Database Service is a fully managed Oracle Cloud Infrastructure (OCI) database service that lets developers quickly develop and deploy secure, cloud native applications. Optimized for and exclusively available in OCI, Oracle MySQL Database Service is 100% built, managed, and supported by the OCI and MySQL engineering teams.
Oracle MySQL Database Service has an integrated, high-performance analytics engine (HeatWave) to run sophisticated real-time analytics directly against an operational MySQL database.
Get Featured in Built and Deployed
Want to show off what you built on Oracle Cloud Infrastructure? Care to share your lessons learned, best practices, and reference architectures with our global community of cloud architects? Let us help you get started.
- Download the template (PPTX)
Illustrate your own reference architecture by dragging and dropping the icons into the sample wireframe.
- Watch the architecture tutorial
Get step by step instructions on how to create a reference architecture.
- Submit your diagram
Send us an email with your diagram. Our cloud architects will review your diagram and contact you to discuss your architecture.