Sunday, December 21, 2014

Getting ready for the cloud: Preparation for autoscaling

Advent of cloud services has disrupted the way online services are managed. What used to be a gargantuan task of renting, deploying and managing remote servers has been replaced by single click creation and deployment. The process of creating a virtual machine is much easier and programmable than renting servers or working on shared hosting spaces. Cloud service providers create an illusion of infinite space over their own finite resources with managed services like S3 or Dropbox. This takes away any worries about resource limits. The user pays for what he uses and does not have to worry about changing servers in the future when requirement is bound to increase.

Consistency problem with auto-scaling

Considering how easy it is to create and terminate servers on cloud, the application developer tries to minimize its resource consumption. That is where comes auto-scaling. Auto-scaling is a set-up of operating at a minimum resource consumption with provision for automatically increasing resources as soon as the demand comes. Suddenly, there are 10000 users using on an application, the server has created 20 different mirror of the original server to cater to all of them.

The consistency problem

This brings us to the problem of data integrity and consistency. If user A adds a new content, this content should be available to user B accessing the website from different mirror of your server. Your dynamic cloud servers(instances) can not host any dynamic data. Any dynamic data must be consistent across the servers while keeping the resource usage minimum. You need a shared place to manage all your dynamic data.


Solutions for the consistency

Database consistency

Database being the most dynamic is fortunately a different software. You can host it on a different server and make the application servers query this single database server. Database scaling is somewhat limited with most engines not allowing a seamless scaling. e.g. MySQL for example need to stop "write" while changing servers. (You can create multiple read-replicas but there can be a single master server.) A solution is to use managed db services like dynamodb which are virtually scalable. However, the choice of database engine is dictated more by the application requirements than just scalability.

File uploads

The files which are uploaded to the application (e.g. a new user profile picture) needs to be accessible to all logged in user. You can not save this in the application uploads directory. It needs a place which is accessible from different instances behind a load balancer. One easy way out is to create another file hosting server and mount this server in other instance. Every mirror will mount this space on the uploads directory(NFS / Network File System) during boot. This way every time a file is saved in the uploads directory, it will actually be saved on the file hosting server. Alternatively, you can use a managed hosting space such as s3 and place all dynamic files there.

NFS vs managed space : When setting up NFS, you need to check the fraction of write requests that you need to process. Does the NFS server has to bear the burden of load. If every request has to use a file present on the shared space, every request is transferred to the NFS server which defies the primary objective. A managed hosting space like S3 is much better since it is completely scalable. Unless you need to host executables or program code on the shared space, a managed storage works generally. If you are using a reliable service provider, they should have scalable mechanisms for handling usage spikes with low latency. The choice of NFS vs managed space depends on what the application want to do with the content of this shared space.

Application flexibility: The application needs to modify itself to make auto-scaling work. You need to edit database paths, the place to read and write files or even the place to put temporary files. (How temporary are these files?) All these changes are going to be as complicated as the application itself. If the application is based on some preset framework, you might need to wait for a version upgrade or a mod to make your system cloud-compatible.

Monday, November 24, 2014

ffmpeg: error while loading shared libraries: libass.so.4 after upgrading system

Case

Ubuntu 14.04 running compiled ffmpeg using the directions specified on their website. Upgraded the system to 14.10. This brought a number of updates and also upgraded older libraries to newer versions. After the upgrade, running `ffmpeg` on the terminal gave the following error.

Investigation:




The solution:

Found on #ffmpeg @ freenode IRC :
abi changed. recompile

Sunday, June 29, 2014

How to stop visitors from downloading online videos?

I don't want users to download my online videos to their computer?

Videos on internet can be effortlessly downloaded to your local drive using readily available tools. Several people however want to upload a protected video, something that they would like to sell to internet. Instances of such queries can be found on the first page of Google such as this and this and this . As several video hosting companies point out, videos hosted anywhere on internet can be downloaded. A suggested rule of thumb is that if you plan to protect a video of monetary value, the best you can do is keep it away from internet. But what good is a monetary value if the commodity itself is taken away from its market. Businesses and film makers urgently need a channel that protects their content from the time of uploading to the time when the video is streamed on viewer's device.

Stop video download to prevent piracy

The web is brimming with websites offering free download of any movie or TV series. The most video creators can do is take recourse to legal action, which is in itself ineffective when there are so many website mushrooming. You can not go on tracking and suing each one of them. Movie "Pirate bay Away from keyboard" laments this affairs of copyrights versus content-sharing. It points to the need for a technology of content broadcast which is secure in itself and does not need to fall back on any legal backing.

Some solutions for stopping video download

1. RTMP 

This is one solution that some video creators go for. Basic difference is RTMP protocol which is a different method of data transfer than conventional HTTP/HTTPS methods on regular web. Acronym for Real-time media playback, this requires a real-time streaming of media data. With a little obfuscation, you can even hide RTMP server and path so as to further prevent video leeches.
Pros: One-up security over regular HTTP methods
Cons 1: Real-time playback does not provide any buffer and slightly slower internet can give broken playback resulting in poor user experience.
Cons 2 : "RTMP Explorer", a simple, small software which you can simply download, run and play RTMP video, this software will download the video straightaway.
Cons 3: Incompatible with mobiles. This protocol can not be played on mobile browsers because of lack of flash player. Best you can do is create an app for mobile platforms or fallback to HTML5 which makes your video quite vulnerable.


2. HTTP Live/Dynamic Streaming(HLS/HDS)

Apple and Adobe have both their own versions of this protocol. Set up requires a dedicated media server and also some technical know how so that you can configure adaptive bit rates. It gives some option to include elements of encryption keys to protect media headers. 
However, even this is not so difficult to download. Somebody who can see what is happening can grab the video easily. Download-helper somehow failed to download as it is just an add-on with no file system access. There is also a PHP script to download and combine fragments of a HLS/HDS into a complete offline video file. Apart from this, there are some device compatibility issues with video playback. It is not able to run without a flash player or a dedicated app.


How VdoCipher tries to provide an easy to use DRM on videos?

Considering such need of premium video creators, we have built VdoCipher as a solution to streaming protected content on internet. An online video hosting service where premium videos can be streamed while keeping video immune to downloaders. The system ensures that every single video playback requires an authentication from back-end. There are libraries to be used with different languages such as PHP or ASP or you can always use API directly. For providing mobile compatibility, there is an easy to use interface where one can create custom apps with minimal knowledge of HTML. App can be compiled and exported for both Android and iOS stores.

Website is in early beta stage and there are some features such as App-Maker which are still not online. If anybody wants to try out, I suggest check out website www.vdocipher.com and contact via contact page. If you have any queries, please ask them in comments below.

I shall cover more on features of VdoCipher and its usage in a subsequent blog post.

Monday, February 10, 2014

Original Flappy bird apk download

Flappy Bird is a 2013 mobile game developed in Hanoi by Vietnam-based developer Nguyễn Hà Đông and published by .GEARS Studios, a small, independent game developer also based in Vietnam. The game, which was released on May 24, 2013, was removed from both Apple's App Store and Google Play on February 9, 2014 by the game's author.

"insanely irritating, difficult and frustrating game which combines a super-steep difficulty curve with bad, boring graphics and jerky movement" : Huffington Post
 
Download the apk here.

Warning: It's too hard to play.

Sunday, November 3, 2013

Apache errors after upgrade from 2.2 to 2.4, or upgrading ubuntu 13.04 to ubuntu 13.10

Today I upgraded my laptop ubuntu from raring ringtail to saucy salamander. After setting the desktop to the salamander wallpaper, I moved to my http://localhost, but alas! the apache configuration was not working. I was getting the default "It works" page from /var/www/index.html . During the upload process, I was asked whether I want to update the configurations in /etc/apache2/envvars and /etc/php5/apache2/php.ini. I had selected to upgrade both of them while noting down the previous customizations that will be lost. So, I set out to correct this new after upgrade error :

1. Bring back the customization removed during the upgrade process. I usually run the apache2 process by the normal user instead of www-data. Edited the /etc/apache2/envvars file to bring back old users.
Then changed the error reporting on php.ini files. Apache restart with sudo service apache2 restart. Check http://localhost/ , still getting  the default "It works" page. Moving on..

2. The vhosts not working :
The first obvious error was that none of the virtual hosts were working. After looking through the apache.conf file in /etc/apache2 I found the line :
Include sites-enabled/*.conf
This made it mandatory for virtual hosts files to have *.conf ending to be read as legit files. To correct this error, it is better to delete all links in sites-enabled/ folder. Then append .conf to the vhosts file inside sites-available/. Then enable each site one by one. Apache reload with sudo service apache2 reload Check http://localhost/ . New error : 403 permission denied. But I corrected the run user to the file owner, let's check the logs

3. The authz issue :
Going through the logs, error coming up was
[Sun Nov 03 18:02:27.790498 2013] [authz_core:error] [pid 5530] [client 127.0.0.1:50046] AH01630: client denied by server configuration: /home/vibhav/public_html/
So apparently, the line "allow from all" in vhosts was not working as it was working before. I went to the upgrading document of apache and found that some things have changed her. Instead of
order allow, deny
allow from all
The new configuration needed
Require all granted
 Do a sudo service apache2 reload again and head to http://localhost/ . It's all working.

This worked for me. If this is not all, please check out http://httpd.apache.org/docs/2.4/upgrading.html for the official upgrade documentation. If you are still having problems, please mention it in comments below.