Technical White Paper Adobe® Flash® Media Server 3 The next generation of Adobe’s award winning software for streaming video and real-time communication Table of contents 1 Introduction 2 What is Flash Media Server 3? 3 The new Adobe Flash Media Server 3 family 5 Flash Media Server quick comparison 6 Flash Media Server system requirements 7 Flash Media Server upgrades 7 Flash platform for video delivery 8 How Flash Media Server 3 works 10 Extending Flash Media Server 11 Benefits of stre
Security • More secure content delivery with encryption and access control features and no client cache • SWF verification to ensure applications are authorized Support for your business • Better use of bandwidth • Optimized deployment profiles to significantly reduce deployment costs • Large and active Flash/Flex® developer community • Ability to measure streaming delivery with customized logging • Playback experience controlled by the content owner/distributor • Customer’s brand a priority These benefits
Flash Media Server 3 has many improvements and new features, including: • New real-time encrypted communication channel RTMPE, an enhanced version of Adobe’s Real Time Messaging Protocol (RTMP) • New enhancements in content caching • New connection throttling • New authorization plug-in API for stream security • Better quality of service for live streaming with data keyframes • Better digital rights management (DRM) framework of encryption and access control • New file adaptor API, allowing for remote conte
Adobe Flash Media Streaming Server 3 Flash Media Streaming Server 3 is an economical solution that allows you to quickly start streaming high-quality, more secure video. It provides all the features you need to stream video and audio, and works in unison with Adobe Media Player and Adobe Flash Media Encoder. Core features include: • Low-cost streaming to Flash, Adobe AIR, Adobe Media Player, and Flash Lite • Easy to install and get started • HD quality (with industry-standard H.
• Custom video services • Server-side video recording • Multiway communication • Social media solutions • Distributed core processing • Multipoint publishing • Live-stream metadata injection Flash Media Interactive Server also lets you include value-added multiway solutions to help you socialize your streaming media with advanced real-time communication and collaboration services.
Features Bandwidth limitations Flash Media Interactive Server 3 Flash Media Streaming Server 3 Flash Media Development Server 3 Unlimited Unlimited Unlimited 8-way SMP (cores) 4-way SMP (cores) 4-way SMP (cores) Flash Media Server services (live and VOD) • (Not customizable) • • Process scopes and distributed cores • Archive (record) video on server • • Custom server-side applications (server-side ActionScript) • • Edge server configuration • • C++ plug-in support • • Server-si
Flash Media Server upgrades Upgrading from Macromedia Flash Media Server 2 The guidelines for upgrading from Flash Media Server 2 vary depending on your current license and when it was purchased: • If you own any version of Flash Media Server 2 including Professional, Origin, or Edge, you can purchase an upgrade to Flash Media Interactive Server 3. • Education licenses are not upgradable.
Adobe AIR (version 1.0 or later) Adobe AIR is a cross-operating system runtime that enables you to use your existing HTML, Ajax, Flex, or Flash web development skills and tools to build and deploy rich Internet applications to the desktop. Adobe AIR applications support native desktop integration, including clipboard and drag-anddrop support, local file input/output, system notification, and more.
• RTMPS—This protocol is RTMP sent over an SSL. SSL is a protocol that enables secure TCP/IP connections. (Flash Media Server natively supports both incoming and outgoing SSL connections.) The default port is 443. • RTMPE—A new feature, this protocol is an enhanced and encrypted version of RTMP. RTMPE is faster than SSL, and does not require certificate management as SSL does.
The file formats supported by Flash Media Server are listed in the following table. All formats are supported by Adobe AIR. File format Type Container Flash Player version Usual pairing Sorenson Spark Video FLV 6, 7, 8, 9 or later Nellymoser/MP3 On2 VP6 Video FLV Flash Lite 3: 8, 9 or later Nellymoser / MP4 H.
Benefits of streaming versus HTTP delivery There are three methods for delivering video over the Internet using Adobe Flash Player: • Embedded video • Progressive download • Streaming Embedded video is rarely used except in very specialized applications with low-quality, short video clips, so our discussion will focus on progressive download and streaming. In both progressive and streaming delivery, the video content is external to the SWF file.
When the video is played, the video file first begins to download to the user’s hard drive, then playback starts. The video will begin to play when enough of it has downloaded to the user’s hard drive. The file is served from a standard web server through an HTTP request, just like a normal web page or any other downloadable document. In comparison to streaming video, there’s really only one consistent benefit to progressive download—you don’t need a streaming server to deliver the video.
Why streaming is better Progressive download is a simple method of video delivery with very little control—it’s basically a simple HTTP download call. Streaming is a method that allows the publisher to control every aspect of the video experience. The advantages of streaming video from Flash Media Server are numerous: • Fast start—Streaming video is the fastest way to start playing any video on the web.
Customers with high-volume streaming needs, popular content, or critical uptime requirements who don’t want to build their own infrastructure can get the benefits of streaming video in the Adobe Flash Player by utilizing a Flash Video Streaming Service. These Adobe partners offer load-balanced, redundant deployment of Flash Media Server over a reliable content delivery network. For more information about Flash Video Streaming Service (FVSS) partners, visit www.adobe.com/go/fvss.
Progressive download Streaming delivery Frame rate Video frame rate and SWF movie frame rate must be the same. Embedded video The video file can have a different frame rate than the SWF file. Same as progressive delivery. Live video capture has programmable control over frame rate. ActionScript access Video playback and control is achieved by manipulating the movie’s playback on the Timeline. The NetStream class can be used to load, play, and pause external FLV files.
Flash Media Server 3 performance Flash Media Server has significantly increased how many streams can be delivered concurrently with a single server license. Delivering more streams requires fewer servers and lowers the cost of deployment when compared with Flash Media Server 2. Linux deployments have been improved by over 300% over version 2. There are numerous features that contribute to increased performance.
Capacity numbers were calculated using the following hardware platforms. The numbers in this study were achieved with 2 X 1 Gbps network adaptors, but the results published are limited to 1Gbps throughput. Server hardware HP ProLiant DL360 G4p servers, with dual-core 3.6GHz, Xeon processors with hyperthreading Server configuration: 3.
The impact of RTMPE reduced the capacity by only 25% to 30% on average, given similar percent CPU usage. If you are deploying RTMPE, you can expect increased CPU usage, but you will still be able to saturate a 1Gbps network with less then 70% CPU. Live video Live video streaming from Flash Media Server is impacted by the same properties as prerecorded video streamed on demand. The following graphs show the total capacity achieved with live video.
Connection throttling New feature in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 6 or later. Flash Media Server 3 features new connection-handling management that ensures high-quality service for users who are already connected to the server. In the past, if there were a large number of new users trying to connect to a popular application, the current users could experience a disruption of playback.
In previous versions of Flash Media Server, utilizing an SSL was the only option to encrypt your stream data. However, this resulted in a noticeably slower connection. The new RTMPE in Flash Media Server 3 secures the channel with 128-bit encryption between the client and the server without the performance degradation of SSL, and without the need for a certificate. Similar to the implementation of SSL (RTMPS), you’ll only need to specify RTMPE in your client’s connection string to utilize the protocol.
Illustration of process scopes Distributed cores New feature in Flash Media Interactive Server; requires Flash Player 6 or later. To further increase the capacity and reliability of your server, you can distribute connections across multiple processes for a specific scope. For example, if your scope was set to “adaptor,” you could have connections spread across any number of core processes for each virtual host.
Standardized server redirection handling New feature in Flash Media Interactive Server; requires Flash Player 6 or later. Flash Media Server 3 now supports stream redirection in RTMP, which behaves much like HTTP 302 redirection. This feature can be enabled by using an access adaptor server-side plug-in, or in server-side ActionScript.
For example, an application with different membership levels could use the Authorization plug-in to deliver a high-definition stream to a paid member, and a standard definition stream to a guest. You would intercept the client before they connect, determine their membership level, then filter the connection to point to the correct stream file. This plug-in could also be used for access monitoring, logging, or implementing other custom rights management schemes.
Each profile is further organized into three levels, as shown in the following table. Level Codec Target resolution/data rate LT level 1 VP6 Mobile GSM LT level 2 VP6 Mobile 3G LT level 3 VP6 Mobile 3G-high SD level 1 On2 VP6 and H.264 160x112 SD level 2 On2 VP6 and H.264 320x240 SD level 3 On2 VP6 and H.264 640x480 HD level 1 On2 VP6 and H.264 640x480 HD level 2 On2 VP6 and H.264 1,280x720 HD level 3 On2 VP6 and H.264 1,920x1,080 (Source: www.adobe.
• AAC Low Complexity (LC)—Slightly less efficient than AAC Main and requires less CPU power to encode and decode. AAC LC is optimized for low-bitrate applications such as streaming. • High Efficiency AAC v2 (also known as HE-AAC+, eAAC, and aacPlus v2)—A superset of the AAC core codec that combines spectral band replication (SBR) and parametric stereo (PS) techniques to enhance coding , especially for low-bitrate stereo signals. HE-AAC v2 supports up to 48 audio channels and enables 5.1 and 7.
Multipoint publishing architecture Flash Media Streaming Server 1 (FVSS) Los Angeles Client Client Publishing Point Philadelphia Client Flash Media Streaming Server New York City Client Client Flash Media Streaming Server 2 (FVSS) London Client Client Client Client Client Stream data access New feature in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 9,0,115,0 or later.
A user agent string might look something like this: FlashLite/3.0.1 Device/RAZRV3x Profile/razrv3x Network/2.5G Device information can be found in the RDF reference. A sample URL for the Motorola Razor is: http://motorola.handango.com/phoneconfig/razrv3x/Profile/razrv3x.rdf. Flash Media Server can use this Flash Lite 3 information in numerous ways. • Virtual keys—Virtual keys let you configure Flash Media Server (without any programming) to automatically access video from an alternative folder.
• If the AMF3 client decides to send a ByteArray, for example, then the AMF0 client will be disconnected, since AMF0 clients don’t understand ByteArrays. (When an AMF0 client is disconnected because of incompatible encoding, this event will be logged in the server’s log files.) Wherever the server needs to serialize data for clients, it will generally attempt to serialize data first in AMF0. If that is not possible, the server will automatically serialize the data in AMF3.
Configuration files from Flash Media Server 2 are not compatible and you should be sure to back up all your configuration files before upgrading. You will need to transfer your configuration manually to the new server. Server-side ActionScript and client-side ActionScript are fully compatible with Flash Media Server 3. Flash Media Server 2 components for Flash will continue to be supported with the next version, but the components have been discontinued and will not be updated in future versions.
Configuring adaptors and virtual hosts Enhancement in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 6 or later. The server is divided into hierarchical levels: server, adaptor, virtual host, and application. The server is at the top level and contains one or more adaptors. Each adaptor contains one or more virtual hosts, and in turn, each adaptor contains one or more applications, or services.
For example, the default adaptor included with the server at installation is named _defaultRoot_, and its directory is conf/_defaultRoot_. To change an adaptor’s settings, edit the elements in its Adaptor.xml file. Virtual host settings Enhancement in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 6 or later. Setting up your server with virtual hosts allows you to maintain distinct separation between hosting accounts on the server for Flash Media Server.
Also located at the root level of the configuration directory, the Logger.xml file controls settings for Flash Media Server log files. You can edit this file to specify the data that is logged, where the log files are saved, and how often they are rotated. The default location for the log files is in the logs directory in your server installation directory (RootInstall/logs). The Logging section in Server.xml enables or disables the log files; Logger.xml contains the actual log file settings.
You can configure Flash Media Server to spawn FMSCore processes by configuring the scope node in the global Application.xml file. Valid scopes include adaptor, vhost, app, inst. The adaptor scope is a new feature in Flash Media Server 3. Depending on the scope you choose, you can configure each core process separately. For example, if you configure the system to scope adaptors to different core processes, each setting in the specific adaptor.
vhost app Process scope “vhost.” Useful for applying unique settings for users in different subdomains. Process scope “app.” Each application running can be run within its own process. This would be useful if you have lots of memory, and heavy connection requests from different applications. inst Process scope “inst.” Depends on your customer provision.
Like process scopes, the distributed core feature lets you increase the capacity of your server. Distributed cores will let you engage more RAM for the cache and more threading for the process-intensive connection routine. Distributed cores are best used for VOD applications (commercial or social). They cannot be used when deploying a multiway hybrid or live solution because connections need to be on the same core process to share communication. Inside the Application.
Distributed process scope options The maximum connection time using the above configuration is 4 hours. After 4 hours the core process will be closed and all connections will be dropped. At this stage, the client SWF should initiate a reconnect routine that will reestablish the stream playback. Changing the number of processes (numprocs) configures the number of processes in which connections are distributed.
Example of distributed process configuration The maximum lifetime for connections in this configuration is 2 hours because the MaxCore limit is set to 4 and the numProcs is set to 2.
Send aggregate messages New feature in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 9,0,115,0 or later. By default, applications break up aggregate messages into individual messages before delivering them to clients. By default, aggregate messages are enabled. Applications can be configured not to deliver aggregate messages by setting the AggregateMessages parameter to false in the Application.xml file.
1440 5 Allow domains to connect to a virtual host New feature in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 6 or later. You can specify a list of domains that are allowed to connect to a particular virtual host.
Secure Sockets Layer (SSL) Feature available in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 6 or later. Like RTMPE, SSL is a protocol that enables more secure communication. Unlike RTMPE, SSL requires a certificate signed by an intermediate Certificate Authority, and requires configuration to enable. SSL must first be configured in the Server.xml file; certificates can also be set up to secure independent adaptors or independent virtual hosts.
Activity logs Feature available in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 6 or later. Flash Media Server 3 offers real-time server monitoring and extensive logging capabilities to help you with server management and troubleshooting. The log files track activity such as general traffic and server load, who is accessing the server, client behavior and interaction, and general diagnostics.
A wide variety of useful data such as information about stream events, application instances, virtual hosts, and Edge/Origin issues, and more, can be obtained through close examination of the diagnostic log files. Using server tools Administration API New feature in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 6 or later.
Cluster deployment New feature in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 6 or later. You can deploy multiple servers behind a load balancer to distribute the application load evenly. Flash Media Server clustering enables you to scale an application to accommodate more clients reliably, and creates redundancy, which eliminates single points of failure.
Typically Edge/Origin deployments are best used with one-way streaming services. When using custom server-side applications to enable real-time communication, the Edge server strictly handles the requests on behalf of the Origin server. Client connections then make round-trips to the Origin server to run the application. In Flash Media Interactive Server 3, Edge-level support for bandwidth detection and stream length detection has been integrated.
Typically, implicit URI is the recommended setting because it is the most secure and requires the least amount of communication. It can hide the Origin server URI and it is the easiest to set up. Therefore, we will explore the implicit URI configuration. All of these methods are described in the Using Flash Media Server Edge Servers manual. Configuring proxy (Edge) servers using implicit URI In typical large-scale deployments, your business could deploy the implicit URI method.
The RouteEntry for the main Proxy (Edge server) in the cluster would point back to the Origin server. edge0.fms.com:*;origin.fms.com:*; Edge server cluster using a master Edge and a single Origin Using live video Flash Media Server allows you to broadcast live streams with a wealth of interactive features. Connected clients only need Flash Player or an Adobe AIR application to view the live broadcast.
Flash Media Encoder interface Flash Media Encoder live broadcast log 47
Flash Media Encoder 2 can also be tightly integrated into your current streaming workflow with command-line control both locally and through a remote connection via Microsoft Remote Desktop Connection or Virtual Networking Computing (VNC). Among other powerful features, auto-restart after power failures or other system restarts also helps ensure that your live streams are reliably available. When using a device that can generate timecodes, you can also embed an SMPTE timecode into the video stream.
Multipoint publishing provides a much-needed degree of flexibility, customization, and scalability to large-scale live video applications. For more details, consult the Flash Media Server Developer Guide. Securing content with Flash Media Server 3 Whenever content is distributed electronically, there is some risk of it being copied, misappropriated, or redistributed.
Locking down your content Regardless of the sensitivity or ownership of your content, you’ll want to implement some level of security when deploying to the web. It’s best to begin by securing your server, then securing your content. Let’s examine each of the security measures you can take in more detail. Restrict access from domains By default, a client can connect to Flash Media Server from any domain or IP address, which can be a security risk.
Authorization adaptor plug-in New feature in Flash Media Interactive Server; requires Flash Player 6 or later. The next line of defense is the authorization adaptor. A server plug-in written in C++, the authorization adaptor authorizes client access to server events. Once the connection has been established, but before it is accepted, the authorization adaptor comes into play.
RTMPE New feature in Flash Media Streaming Server and Flash Media Interactive Server; requires Flash Player 9,0,115,0 or later. Encrypted RTMP (RTMPE) is enabled on Flash Media Server by default, and allows you to send streams over an encrypted connection without requiring certificate management. Offering secure 128-bit encryption, RTMPE is only supported in Flash Player 9 or later, with the updated FLVPlayback component and NetConnection classes.
Content protection from CDNs An easy way to add content protection to your streaming content is to use FVSS through Adobe’s CDN partners. Many of Adobe’s FVSS partners offer plug-and-play restricted access and secure video streaming solutions. To learn more about how a CDN can help protect your content, visit the Adobe FVSS website: www.adobe.com/go/fvss.
Live: Live Flash streaming using Flash Media Encoder or Flash Player. Publishing Point: A directory on Flash Media Server where customers can place video/audio content and publish live video. On2 VP6: A video codec that offers high quality, lightweight full-screen playback (available since Flash Player 8). VP6-S is a simplified version that is ideal for delivery of high-quality video to older computers (available in Flash Player 9 or later).
Adobe FVSS partners www.adobe.com/go/fvss Flash Media Solution Provider program www.adobe.com/go/fmsp Flash Player 9 Update FAQ http://labs.adobe.com/wiki/index.php/Flash_Player:9:Update:H.264 Flash Media Server community FMSGuru.com www.fmsguru.com FlashComGuru www.flashcomguru.com FlashConnections www.flashconnections.com Flash Video | Optimizations and Tools http://flashvideo.progettosinergia.com/ References A Streaming Media Primer www.adobe.com/products/aftereffects/pdfs/AdobeStr.
