Results 1 to 8 of 8

Thread: Trial installation (not EC2 AMI), MediaCache and S3 Authentication - does it work?

  1. #1
    Join Date
    Mar 2012
    Posts
    6

    Default Trial installation (not EC2 AMI), MediaCache and S3 Authentication - does it work?

    I'm having trouble getting MediaCache to authenticate against our private S3 buckets on a standalone installation (not using the ec2 AMIs). If I make the content public on S3 and comment out the AWS credentials it all works as expected, but when I add the access and secret key the content does not play and the following is printed to the logs:

    WARN server comment - MediaCacheItemHTTPImpl.getItemInfo[s3-us-west-1.amazonaws.com/ourbucket/foo.mp4]: HTTP response: 403
    WARN server comment - MediaCacheItemBase.init: Item does not exist: amazons3/foo.mp4
    WARN server comment amazons3/foo.mp4 MediaReaderH264.open[1]: java.io.IOException: MediaCacheRandomAccessReader.open: Item not in cache: amazons3/foo.mp4
    <MediaCacheSource>
    	<Name>http</Name>
    	<BasePath>https://s3-us-west-1.amazonaws.com/</BasePath>
              <Prefix>amazons3/</Prefix>
    	<BaseClass>com.wowza.wms.plugin.mediacache.impl.MediaCacheItemHTTPImpl</BaseClass>
    	<ReaderClass></ReaderClass>
    	<DefaultBlockSize>256K</DefaultBlockSize>
    	<MaxTimeToLive>1200000</MaxTimeToLive>
    	<MinTimeToLive>600000</MinTimeToLive>
    	<ReadAhead>true</ReadAhead>
    	<ReadAheadThreshold>50</ReadAheadThreshold>
    	<IsPassThru>false</IsPassThru>
    	<Properties>
    	  	<!-- maximum number of concurrent connections this source will make back to the web server -->
    		<Property>
    			<Name>maxPoolSize</Name>
    			<Value>25</Value>
    			<Type>Integer</Type>
    		</Property>
    	 	<!-- HTTP request timeout -->
    		<Property>
    			<Name>httpReadTimeout</Name>
    			<Value>6000</Value>
    			<Type>Integer</Type>
    		</Property>
    	  	<!-- HTTP connection timeout -->
    		<Property>
    			<Name>httpConnectionTimeout</Name>
    			<Value>6000</Value>
    			<Type>Integer</Type>
    		</Property>
    	  	<!-- HTTP read request retry count -->
    		<Property>
    			<Name>httpReadRetries</Name>
    			<Value>3</Value>
    			<Type>Integer</Type>
    		</Property>
    	  	<!-- HTTP send buffer size -->
    		<Property>
    			<Name>httpSendBufferSize</Name>
    			<Value>8000</Value>
    			<Type>Integer</Type>
    		</Property>
    	  	<!-- HTTP receive buffer size -->
    		<Property>
    			<Name>httpReceiveBufferSize</Name>
    			<Value>65000</Value>
    			<Type>Integer</Type>
    		</Property>
    		<!-- Set to true if streaming from S3 so that bucket name is properly handled in URL structure -->
    		<Property>
    			<Name>isAmazonS3</Name>
    			<Value>true</Value>
    			<Type>Boolean</Type>
    		</Property>
    		<Property>
    			<Name>s3BucketNameInDomain</Name>
    			<Value>false</Value>
    			<Type>Boolean</Type>
    		</Property>
    		<!-- Uncomment and set properties if streaming from S3 authenticated -->
    		<Property>
    			<Name>awsSecretAccessKey</Name>
    			<Value>MY_SECRET_KEY</Value>
    		</Property>
    		<Property>
    			<Name>awsAccessKeyId</Name>
    			<Value>MY_ACCESS_KEY</Value>
    		</Property>
    	</Properties>
    </MediaCacheSource>
    Anyone have any ideas?

    p.s. I may have raised a support ticket with this info but so far no response so I'm raising it here as well...

  2. #2
    Join Date
    Dec 2007
    Posts
    21,962

    Default

    Is the bucket outside the US? If so, re-download the package, get the new lib folder and /conf/MediaCache.xml from the download.

    Otherwise, and also, make sure the AWS keys are in the right place and not commented out

    Richard

  3. #3
    Join Date
    Mar 2012
    Posts
    6

    Default

    Quote Originally Posted by rrlanham View Post
    Is the bucket outside the US? If so, re-download the package, get the new lib folder and /conf/MediaCache.xml from the download.

    Otherwise, and also, make sure the AWS keys are in the right place and not commented out

    Richard
    Did my above post not show up correctly? I include all the information you asked about...

    Also, which package an I re-downloading? MediaCache?

  4. #4
    Join Date
    Dec 2007
    Posts
    21,962

    Default

    Use this http/ prefix instead of the amazons3/ prefix that was built-in to the vods3 app:

    mp4:http/s3.amazonaws.com/[bucket]/[file].mp4
    Richard

  5. #5
    Join Date
    Mar 2012
    Posts
    6

    Default

    Quote Originally Posted by rrlanham View Post
    Use this http/ prefix instead of the amazons3/ prefix that was built-in to the vods3 app:

    mp4:http/s3.amazonaws.com/[bucket]/[file].mp4
    Richard
    First off, thanks for the response...but...it's not making much sense...

    So far i've;
    * Downloaded and installed using the DEB package from http://wowza.com/pricing/installer on a local Ubuntu VM
    * Entered my trial license key
    * Downloaded and installed the MediaCache AddOn (linked in the email from sales) using the instructions defined in WowzaServerMediaCache_UsersGuide.pdf
    * Verified that my setup works for public S3 content
    * Setup S3 authentication using as defined in WowzaServerMediaCache_UsersGuide.pdf

    The last step does not work. I get the errors shown in my first post. There's no mention ANYWHERE of a vods3 app...?

  6. #6
    Join Date
    Mar 2012
    Posts
    6

    Default

    Some further info;

    The MediaCacheSource posted above contains several tweaks that I made while trying to solve the original issue I encountered. If I follow the instructions in WowzaServerMediaCache_UsersGuide.pdf I can get it working when the MP4 is publicly available, but when I turn on authentication the logs show a 301 error:

    WARN server comment - MediaCacheItemHTTPImpl.getItemInfo[our_bucket.s3.amazonaws.com/foo.mp4]: HTTP response: 301
    WARN server comment - MediaCacheItemBase.init: Item does not exist: amazons3/our_bucket/foo.mp4
    WARN server comment amazons3/our_bucket/foo.mp4 MediaReaderH264.open[1]: java.io.IOException: MediaCacheRandomAccessReader.open: Item not in cache: amazons3/our_bucket/foo.mp4
    INFO stream destroy amazons3/our_bucket/foo.mp4 -
    I then made the changes shown in my original post, changing <BasePath>http://s3.amazonaws.com/</BasePath> to <BasePath>https://s3-us-west-1.amazonaws.com/</BasePath> which changes the error from a 301 to a 403...

  7. #7
    Join Date
    Mar 2012
    Posts
    6

    Default

    Using tcpflow to diagnose the HTTP requests going to S3 I notice that the s3BucketNameInDomain doesn't seem to work... the Host header is sent as s3.amazonaws.com no matter what s3BucketNameInDomain is set to:

    -- s3BucketNameInDomain=true --
    172.016.107.130.44818-207.171.189.080.00080: HEAD /our_bucket/foo.mp4 HTTP/1.1
    Date: Mon, 19 Mar 2012 13:19:43 GMT
    Host: s3.amazonaws.com
    Content-Type: 
    Connection: keep-alive
    Proxy-Connection: keep-alive
    Authorization: AWS FOO:BAR
    
    
    207.171.189.080.00080-172.016.107.130.44818: HTTP/1.1 403 Forbidden
    x-amz-request-id: 456814E46413910C
    x-amz-id-2: ayw/H/DF22HpyZlCzBHHMhdZROOFri5r53aWY0bXoOSh+nYyKt+9+dDurQ1AmpTb
    Content-Type: application/xml
    Transfer-Encoding: chunked
    Date: Fri, 23 Mar 2012 03:48:03 GMT
    Server: AmazonS3
    -- s3BucketNameInDomain=false --
    172.016.107.130.44820-207.171.189.080.00080: HEAD /our_bucket/foo.mp4 HTTP/1.1
    Date: Mon, 19 Mar 2012 13:40:06 GMT
    Host: s3.amazonaws.com
    Content-Type: 
    Connection: keep-alive
    Proxy-Connection: keep-alive
    Authorization: AWS FOO:BAR
    
    
    207.171.189.080.00080-172.016.107.130.44820: HTTP/1.1 403 Forbidden
    x-amz-request-id: 4C105F176ED3723E
    x-amz-id-2: korOeJcQFupmYF43bLdld26CfQiAyReT8/OUv+2ksAoiOmGMzX0iqobKtUpe9vXb
    Content-Type: application/xml
    Transfer-Encoding: chunked
    Date: Fri, 23 Mar 2012 04:08:25 GMT
    Server: AmazonS3
    If s3BucketNameInDomain is true shouldn't it be sending Host: our_bucket.s3.amazonaws.com?

  8. #8
    Join Date
    Mar 2012
    Posts
    6

    Default

    E%^#%^&#%$^$$#@#$%

    The issue was that the clock on my VM was WAY out. As a result the auth token generated was instantly invalid...

    I only realized this while installing s3fs which helpfully reported:
    s3fs: CURLE_HTTP_RETURNED_ERROR
    s3fs: HTTP Error Code: 403
    s3fs: AWS Error Code: RequestTimeTooSkewed
    s3fs: AWS Message: The difference between the request time and the current time is too large.
    Last edited by danwas; 03-22-2012 at 09:52 PM.

Similar Threads

  1. AWS AMI Transcoder License Free Trial ?
    By satappinc in forum Wowza Transcoder
    Replies: 2
    Last Post: 10-08-2014, 08:40 AM
  2. How to undo a wowza 3 trial installation
    By Arian Amiri in forum General Forum
    Replies: 3
    Last Post: 11-15-2012, 07:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •