Orchestrator Discovery Changes

[angyangie]

O Discovery Changes

CLI Flags

Broadcaster needs to be started with an -orchAddr address:port option in order to specify the orchestrator to use. This is an interim solution while the full negotiation piece is being developed.

If using a standalone transcoder, needs to be started with -standaloneTranscoder, along with the existing -orchAddr and -orchSecret options. This was needed to disambiguate broadcaster mode from standalone transcoder mode, since we opted to not require any more flags for the broadcaster with its use of -orchAddr. Discuss this here: #605

Segment Signing

Segment signature needs to be updated to incorporate the desired profiles from the orchestrator.

Old signature:

sig = broadcaster.Sign(streamId | seqNo | segment.dataHash)

This data was taken from the ethTypes.Segment struct which reflects how the information is processed on-chain during verification. Since we're not updating the on-chain processing right now, there is a new struct core.SegmentMetadata from which the signature is constructed. The old eth/types.Segment struct is left unmodified.

New signature:

type SegmentMetadata struct {
	ManifestID ManifestID
	Seq        int64
	Hash       ethcommon.Hash
	Profiles   []ffmpeg.VideoProfile
	OS         *net.OSInfo
}

sig = broadcaster.sign(manifestId | seqNo | profiles | segment.dataHash)

The ManifestID is used here rather than the StreamID since it is a little bit shorter, and the additional (often incorrect) information carried by the appended rendition string is not needed.

The composition of the signature and the representation of the profile is subject to change once we have flexible transcoding options via non-deterministic verification and price menus, but for now we continue to use the existing []ffmpeg.VideoProfile bytes-representation created by concatenating strings from a lookup table.

Networking

• Renamed GetTranscoder : TranscoderRequest -> TranscoderInfo to GetOrchestrator : OrchestratorRequest -> OrchestratorInfo

The GetOrchestrator request is the discovery mechanism.

// This request is sent by the broadcaster in `GetOrchestrator` to request
// information on which transcoder to use.
message OrchestratorRequest {

  // Ethereum address of the broadcaster
  bytes address = 1;

  // Broadcaster's signature over its address
  bytes sig   = 2;
}

// The orchestrator sends this in response to `GetTranscoder`, containing the
// transcoder URI, associated credentials authorizing the broadcaster to
// use the transcoder, and miscellaneous data related to the job.
message OrchestratorInfo {

  // URI of the transcoder to use for submitting segments.
  string transcoder  = 1;

  // Signals the authentication method to expect within `credentials`. This
  // field is opaque to the broadcaster, and should be passed to the transcoder.
  string authType    = 2;

  // Credentials to verify the request has been authorized by an orchestrator.
  // This field is opaque to the broadcaster.
  string credentials = 3;

  // Orchestrator returns info about own input object storage, if it wants it to be used.
  repeated OSInfo storage = 32;
}

Note it is likely GetOrchestrator will need to be invoked twice: once during the periodic O discovery, and again before a broadcast starts for more up-to-information such as storage credentials and PM parameters.

In that respect, the OrchestratorInfo.Storage field may seem redundant for O Discovery alone, but otherwise the differences are not enough to warrant a separate RPC type for the two GetOrchestrator invocations.

Broadcaster interface session split

Separate out transient per-session data from the more permanent interface exposing the broadcaster's address and its signing capability. Previously, they were mixed, which led to unclear semantics around the data required for O Discovery.

O Discovery and segment submission only requires the address and its signature as give by GetOrchestrator.

type Broadcaster interface {
	Address() ethcommon.Address
	Sign([]byte) ([]byte, error)
}

// Session-specific state for broadcasters
type BroadcastSession struct {
	Broadcaster      Broadcaster
	ManifestID       core.ManifestID
	Profiles         []ffmpeg.VideoProfile
	OrchestratorInfo *net.OrchestratorInfo
	OrchestratorOS   drivers.OSSession
	BroadcasterOS    drivers.OSSession
}

Orchestrator S3 Path Layout

The locations of the source and transcoded results may differ in their path prefixes. See this writeup for more details on the issue. We generate different prefixes each time the session is initialized (corresponding to the first solution listed).

[angyangie]

With the way things are now, we'd have to use offchainOrch as an input to StartMediaServer, then gotRTMPStreamHandler, and startBroadcast ... unless we added an address field to NewLivepeerNode in livepeernode.go. What do you think @j0sh ?

[ericxtang]

Can we leave a comment here explaining why we are tracking ManifestID instead of StreamID? (Already explained in the PR notes, but want to make sure it stays with the code)

[j0sh]

How should we explain it? The PR notes work for reviewers who understand the previous state of the codebase and need to relate to how it's changed, but it seems a little strange to refer to "previous state" for comments in an updated codebase.

Presumably the PR note is this one:

The ManifestID is used here rather than the StreamID since it is a little bit shorter, and the additional (often incorrect) information carried by the appended rendition string is not needed.

[ericxtang]

I think we want to explain the semantics of what it means to have a ManifestID and multiple VideoProfile in SegmentMetadata. Theoretically, a video segment can ONLY have 1 VideoProfile. It looks like we are only use SegmentMetadata to signal transcoding preference. I don't want someone to misuse this for another purpose (for example, representing metadata for a specific segment)

[j0sh]

The SegmentMetadata does represent metadata for a specific segment, since it also holds the segment Hash and Seq.

In theory the Profiles and OS could also change per-segment as well.

The (only?) reason ManifestID is here is to act as an index to look up the transcoding loop. We could mitigate the need for a ManifestID in the metadata if we had kept the AuthToken.

[j0sh]

(The ManifestID is also part of the segment signature, but I don't think it's strictly necessary for Streamflow.)

[ericxtang]

@j0sh and I talked about renaming SegmentMetadata to SegTranscodingMetadata. Can we do that?

[j0sh]

Done

[ericxtang]

Looks like secret can be any arbitrary string? If so, let's put it in the comment.

[ericxtang]

Can we exit here for now? In the next iteration when we implement O discovery via onchain info, we can take it out.

[j0sh]

We can do that, but it'd mean stopping support for view-only source streams.

Although I suppose we might also want to figure out how to support view-only mode once we use onchain info.

[ericxtang]

Ahh I see. Ok I'm on board for keeping things this way then. view-only feels useful.

[ericxtang]

BytesToVideoProfile and VideoProfileToBytes have different expectation of what "Bytes" should be. For symmetry sake, can we make them the same?

[j0sh]

Can you elaborate on this? There isn't a VideoProfileToBytes anywhere. However, there is a TxDataToVideoProfile which takes a hex-encoded string.

We can express TxDataToVideoProfile in terms of BytesToVideoProfile by decoding the hex input into bytes, but I think we'll be removing TxDataToVideoProfile entirely once we do a second pass of cleanups -- there's code in the ethclient and DB that still depends on it.

[ericxtang]

VideoProfileToBytes is in common/videoprofile_ids.go. Just realized they have different semantics (this is just an unfortunate coincidence of private function naming)

[j0sh]

Oh, videoProfileToBytes -- caps.

I can rename the videoProfileToBytes function to makeVideoProfileByteMap if that's clearer.

[eladmallel]

rename ti to oi?

more generally, can you share the ideas behind using very short variable names? (for example in this case I'm inclined to name this variable at least oInfo if not orchInfo or even longer :) )

[j0sh]

more generally, can you share the ideas behind using very short variable names?

Just a particular style for short-lived local variables. The meaning can be clearly seen from the variable declaration, although you are correct here it would've been better with oi.

This is mostly my particular style of programming, but it seems to be shared by the golang community. See https://talks.golang.org/2014/names.slide

[eladmallel]

thanks for sharing your general school of thought! I like the content in the link you shared :)

[eladmallel]

why not follow the pattern of returning two return values (o, err) like we do in other places, e.g. NewLivepeerNode?

[j0sh]

We can do that in the next round of updates.

[eladmallel]

Making sure I fully understand this - why do we need B to share their address and signature in OrchestratorRequest?

[angyangie]

@eladmallel we use both in verifyOrchestratorReq to verify the Orchestrator request! But I think you might be alluding to the fact that we can make the Sig from the address, so why store both?

[j0sh]

why do we need B to share their address and signature in OrchestratorRequest?

The idea is to give O an opportunity to distinguish who's sending the request and authenticate the sender; that can't (currently) be inferred from the TLS connection alone.

[angyangie]

@j0sh now that Elad brought it up .. why can't we just store the address and just generate the Sig when we need it?

[j0sh]

why can't we just store the address and just generate the Sig when we need it?

Perhaps I'm missing something, but that's pretty much what we do now.

[angyangie]

@j0sh I mean, instead of storing both in the protobuf, we could just do sig, err := b.Sign([]byte(fmt.Sprintf("%v", b.Address().Hex()))) in verifyOrchestratorReq and only have to store address in the protobuf. Not a big deal at all, but was just wondering if there was a reason we were storing the sig and the address in the protobuf! I haven't worked with protobufs for a long time, but it seems to me thus far that we use the protobuf to store variables that will be used all over the codebase (and save ourselves the trouble of having to pass these variables through tons of functions before they're actually used anywhere, etc.)

[j0sh]

we could just do sig, err := b.Sign([]byte(fmt.Sprintf("%v", b.Address().Hex()))) in verifyOrchestratorReq

The orchestrator can't generate a signature on behalf of B; it can only check a sig given an address, so we need to supply both here.

we use the protobuf to store variables that will be used all over the codebase

The only one I can think of is OrchestratorInfo. Are there others?

It's debatable whether we should continue using the net.OrchestratorInfo struct to propagate orchestrator state throughout the broadcast flow, because what we need to transmit on-the-wire (via protobufs) may not necessarily correspond directly to the state that we need to track internally on the node. But for now, there isn't much of a discrepancy, so it's OK until things change.

having to pass these variables through tons of functions before they're actually used anywhere, etc

Can you elaborate on where this is an issue?

[eladmallel]

My question is specifically around what does O gain from being able to authenticate the sender of the initial OrchestratorRequest?

Authentication is obviously key when receiving a request to do work. However, in this simple request for information, I'm not sure I understand the importance of authentication.

Does this clarify the question better? @j0sh @angyangie

[j0sh]

@eladmallel O can customize the response based on the sender. Preferential pricing or parameterization, etc.