[SEO Subhead]
This Guidance demonstrates how to programmatically deploy a resilient Network Device Interface (NDI) Discovery Server architecture within an Amazon Virtual Private Cloud (Amazon VPC). The included AWS CloudFormation template provisions a pair of Amazon Elastic Compute Cloud (Amazon EC2) instances across two Availability Zones, downloads the NDI software, and installs it following best practices. This foundational infrastructure allows you to seamlessly integrate NDI technology for live video transport within your AWS environment, supporting broadcast workflows such as live cloud production and content production.
Please note: [Disclaimer]
Architecture Diagram
[Architecture diagram description]
Step 1
The AWS CloudFormation template defines the AWS resources and their configurations. In this first step, the template is used to deploy a CloudFormation Stack.
Step 2
CloudFormation provisions or updates the resources specified in the template.
Step 3
CloudFormation creates an AWS Identity and Access Management (IAM) instance profile. An instance profile is a container that passes an IAM role to an Amazon Elastic Compute Cloud (Amazon EC2) instance.
It defines the permissions that the Amazon EC2 instance will have when interacting with other AWS services. The instance profile includes an IAM role and an IAM policy that specify the allowed actions and resources.
Step 4
CloudFormation creates a security group, which acts as a virtual firewall that controls inbound and outbound traffic to Amazon EC2 instances.
Step 5
CloudFormation creates two Amazon EC2 instances, one in the private subnet 1 within Availability Zone 1, and another in the private subnet 2 within Availability Zone 2. These Amazon EC2 instances use the instance profile from Step 3 and the security group from Step 4. They host the NDI Discovery Server application installed during the launch process.
Step 6
CloudFormation creates an Amazon Route 53 Private Hosted Zone with the Address records for the two Amazon EC2 instances, which manage DNS and route traffic.
Step 1
The AWS CloudFormation template defines the AWS resources and their configurations. In this first step, the template is used to deploy a CloudFormation Stack.
Step 2
CloudFormation provisions or updates the resources specified in the template.
Step 3
CloudFormation creates an AWS Identity and Access Management (IAM) instance profile. An instance profile is a container that passes an IAM role to an Amazon Elastic Compute Cloud (Amazon EC2) instance.
It defines the permissions that the Amazon EC2 instance will have when interacting with other AWS services. The instance profile includes an IAM role and an IAM policy that specify the allowed actions and resources.
Step 4
CloudFormation creates a security group, which acts as a virtual firewall that controls inbound and outbound traffic to Amazon EC2 instances.
Step 5
CloudFormation creates two Amazon EC2 instances, one in the private subnet 1 within Availability Zone 1, and another in the private subnet 2 within Availability Zone 2. These Amazon EC2 instances use the instance profile from Step 3 and the security group from Step 4. They host the NDI Discovery Server application installed during the launch process.
Step 6
CloudFormation creates an Amazon Route 53 Private Hosted Zone with the Address records for the two Amazon EC2 instances, which manage DNS and route traffic.
Well-Architected Pillars
The AWS Well-Architected Framework helps you understand the pros and cons of the decisions you make when building systems in the cloud. The six pillars of the Framework allow you to learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems. Using the AWS Well-Architected Tool, available at no charge in the AWS Management Console, you can review your workloads against these best practices by answering a set of questions for each pillar.
The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.
-
Operational ExcellenceRead the Operational Excellence whitepaper
This Guidance allows you to automate key administrative and maintenance processes for your NDI Discovery Servers. By using AWS Systems Manager, you can securely connect to your instances, perform automated patch management, and streamline permission management through IAM roles and policies. This improves security through least privilege access and reduces operational overhead.
-
SecurityRead the Security whitepaper
With CloudFormation, you can programmatically deploy resources with predefined security configurations and controls. We recommend you use IAM roles and policies to grant least privilege permissions, Amazon Virtual Private Cloud (Amazon VPC) security groups to control traffic, and Systems Manager to remove the need for SSH keys. This comprehensive approach minimizes the attack surface and automates the deployment of security best practices.
-
ReliabilityRead the Reliability whitepaper
Deploy your NDI Discovery Servers across multiple Amazon VPC subnets and Availability Zones (AZs). This redundancy protects against AZ-level failures, while CloudFormation and Route 53 automate deployments and manage DNS, respectively. Extend the Guidance to use an Auto Scaling group for self-healing capabilities.
-
Performance EfficiencyRead the Performance Efficiency whitepaper
Amazon EC2 provides the foundation to build high-performance, scalable architectures that meet your business requirements. This Guidance utilizes Amazon EC2 Linux instances to host the NDI Discovery Servers application. Amazon EC2 offers a selection of instance types and sizes, so you can match your instances with your performance needs.
-
Cost OptimizationRead the Cost Optimization whitepaper
Amazon EC2 instances can start and stop on demand, avoiding unnecessary costs, and Amazon EC2 Reserved Instances provide a significant discount compared to On-Demand pricing. Monitor performance and utilization with AWS Cost Explorer to identify opportunities, downsize instances, and minimize costs without compromising performance.
-
SustainabilityRead the Sustainability whitepaper
Using Amazon EC2 burstable instance types, like T3 instances, allows your instances to operate at a baseline CPU utilization and burst above that when needed, optimizing resource usage and reducing energy consumption. Continuously monitor performance and 'rightsize' your instances to align with your workload requirements to minimize over-provisioning your resources and further reduce the environmental impact of this Guidance.
Implementation Resources
The sample code is a starting point. It is industry validated, prescriptive but not definitive, and a peek under the hood to help you begin.
Related Content
[Title]
Disclaimer
The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.
References to third-party services or organizations in this Guidance do not imply an endorsement, sponsorship, or affiliation between Amazon or AWS and the third party. Guidance from AWS is a technical starting point, and you can customize your integration with third-party services when you deploy the architecture.