Bought something at the Apple Store on West 14th Street yesterday and tried the new Apple Store app for self checkout. Launch the app and it recognizes you’re in a store (GPS? SSID? Geo-fencing?). A special interface appears within the app, you click the EasyPay button and take a pic of the barcode on whatever you’re purchasing. Pay with your Apple ID (same as iTunes account) by typing your password. Your receipt appears on screen so a sales rep can give you a “paid” sticker.

Pretty slick. Apple’s got something incredibly powerful with their Apple ID system tied to customer credit card info, and they’re one of the only big players in the space that has both physical and online stores. Amazon’s got this down (duh) but not so much for offline purchasing. Facebook and Google are trying to figure out how to monetize offline purchases too, but seems like they’re playing catch up here.

Share this:

I’m really excited about several new iOS development and deployment projects that we’ve been working on at CG. We’re working closely with Apple on a bunch of solutions: at the most basic level, we’re building solutions for security and management of employee iPad and iPhone use; at the other end of the spectrum, we’re helping to realize visions such as a kiosk-like platform of thousands of iPads deployed in retail environments around the country.

We’ve learned a ton about what is and isn’t possible as we strategize ways to scale to thousands of units. Here are some of the challenges we’ve come across:

• How do we deploy and support iPads – whether ten or ten thousand – in a secure, efficient, and centralized way?
• How can we architect kiosk-like application experiences on the iPad, enabling us to design and curate the customer experience, while also allowing a true iPad experience complete with app-switching, web browsing, Facebook-checking, game-playing, and movie-watching?
• What kind of network and server architecture is needed to support a platform of iOS devices across the globe? How do we enable caching and pushing of dynamic data to the devices – particularly large amounts of media content?

Centralized deployment and support of iOS devices

How do we deploy and support thousands of iPads or iPhones in a secure, efficient, and centralized way? Mobile Device Management (MDM) platforms like AirWatch, Casper, MobileIron – and soon, OS X Lion Server – allow us to push XML configuration profiles to iOS devices. This enables centralized inventory and basic management of the devices: from what version of iOS they have installed, to some security control over how/if users can install and delete apps. For many enterprise customers, these tools are useful for administering security policies on employee-owned iOS devices. But for custom platforms like kiosks and retail experiences, MDM is not ideal due to the need for end-user interaction. What we need is a way to easily restore iOS devices back to their “golden” state in a centrally managed way.

We’re excited about the potential of over-the-air restores and software updates coming in iOS 5, but as of today, iTunes is the only game in town for this. Working within this limitation, we’ve architected some innovative solutions that enable iOS devices to connect to iTunes virtually over USB to IP converters and a content distribution infrastructure. Until iOS 5, this is a good option to have, and I haven’t heard of anyone else embracing this approach.

Rearchitecting Apple’s iOS user experience

Put an iPad in front of someone and they’re going to tap, scroll, pinch, and squeeze the user interface. The user experience is still the leader in the tablet space – though we’ve been recently impressed by the BlackBerry PlayBook. For a project we’re working on now, we want to encourage this user experimentation and interaction, while locking down some important components of the UX. Things like App Store purchases, iTunes downloads, deleting apps, rearranging icons, and changing the home screen wallpaper will quickly affect the kiosk experience. MDM solutions can help disable some of these features, but the aforementioned need for user interaction just doesn’t work for specialized user environments.

One solution we’ve had success with is a combination of custom code to disable user customization of the Springboard, plus a WebKit-based Safari replacement for browsing that enables us to prevent user download of unauthorized content. Combine these with some configuration profile-based customization of iOS and we have a good solution for locking a customer experience down and reducing the frequency of unit restores or reimaging.

The CG approach to iOS projects

Part of what makes CG stand out as a solution provider is our deeply embedded collaboration between our application development team and our infrastructure team. As the Enterprise’s appetite for customized mobile platforms and experiences grows, we’re uniquely suited as a technology partner to build and innovate on our customers’ vision. iOS is at the core of this vision and I couldn’t be more excited to be working with these technologies today. Plus, iOS 5 is on its way and it’s shaping up to be a giant leap forward!

Share this:

One distinction between our startup and enterprise clients is that enterprise typically brings the baggage of legacy systems. While a startup is designing for a cloud architecture, a company that has a technology history sometimes needs to integrate new systems with existing services.

In a recent engagement Control Group needed to work with a client to have application instances on EC2 communicate with a secured web service in a traditional data center. Typically we would work with a client to move this service to EC2. In this case, because the service is considered to be shared infrastructure that is used and funded by existing applications we needed to design the infrastructure and application to make a call back to a traditional data center.

On a side note, mixed infrastructure approaches are not ideal, but common when migrating complex organizations to IAAS solutions. Most mature IT organizations will shy away from forklifting a company’s technology platforms wholesale into the cloud. The larger the migration, the bigger the bang when something is overlooked. Change too much in an environment and you won’t know where the problems are coming from, so a major part of moving an enterprise customer to the cloud is planning the roadmap of the migration carefully and not being greedy.

One of the technical challenges in this particular project was that the service that we were integrating with requires that traffic originate from a known and registered IP address. Although EC2 will provide an instance with a public IP address, there is no way to know what that address will be ahead of time. We decided to use Elastic IP (EIP) addresses to solve this problem. An EIP functions like a NAT on a traditional firewall. You can allocate the EIP and then associate it with an instance as needed.

EIP’s worked well until we implemented auto-scaling. Auto-scaling groups have no support for associating a pre-allocated EIP to an instance. To implement this we created some scripts that would make the API calls to determine a free EIP and associate it to the instance. (This means that the instance will have temporary access to execute API commands. We’ve designed a fairly secure take on temporarily providing AWS API tools to an instance, but that is a different blog post. Coming soon.)

Here is the real problem with the approach. The script to associate the EIP worked perfectly, so long as multiple machines weren’t executing it at once. The problem is that the Elastic IP API commands do not support a transactional assignment. Worse yet, at least in our use case, it is the last instance requesting the EIP and not the first that gets associated to the IP. This is a major problem if you want to associate EIP’s with members of an auto-scaling group that need to scale up by more than one instance at a time. It will leave you with members of the group that could possibly not have an Elastic IP.

There are a myriad of ways to tackle this issue. We considered options for programatically brokering the IP’s by building an application that would manage the EIP resources. The application would provide an IP on request and then return IP’s that were no longer in use back into the system through a background recovery process. Such a service is pretty easy to write, but it wasn’t in scope for the current project. Also, there are longer-term solutions that we can consider with the launch of the new and improved VPC with NATing.

Interim Solutions

The current favored approach is to use a proxy server like Squid to limit the number of servers that require IP addresses. Two or more instances with Squid configured as a forward proxy distributed across multiple availability zones and traffic managed by an Elastic Load Balancer to provide HA would provide a redundant and fairly high performance solution. For now, as a work around we have implemented some staggering of the auto-scaling policies as a way to mitigate against multiple instances spinning up at the same time. Staggering is a serviceable solution for testing, but not for production where auto scaling multiple farms of servers that will need access to the client’s data center tier is a requirement. Eventually, we will move forward with the proxy or VPC solution.

In summary, enterprises with complex interdependent applications can lead to interesting challenges when migrating to the cloud. Resources, as simple as IP addresses, can function in a fundamentally different way than a typical IT organization is used to. Oftentimes this can lead to fear, uncertainty, and doubt, but the benefits of Infrastructure as a Service are clear: Ease of provisioning, demand-based resource allocation rather than over provisioning, etc.  As long as proper planning, system architecture, implementation, and testing are performed, a complex enterprise can begin making its way to the cloud and begin to eliminate the FUD on the ground.

Share this:

Google App Engine is Google’s platform-as-a-service for developing web applications. There’s been some people saying goodbye to GAE, and perhaps in response Google has announced several enhancements to the service.

In the midst of all of this, a few of us at Control Group have been developing Tagatag: an Android and iPhone application for commenting on barcodes that uses web services running on Google App Engine.

Scan this QR code with Tagatag to join the conversation!

Barcodes are everywhere around us. You can find them on advertising, products, places and even people. Tagatag provides you with a virtual paint marker to let you make your mark on all of these codes anonymously. Download the Tagatag app and give it a try. Scan a barcode to see comments people have left for you and then leave some for them.

We chose Google App Engine for the back end of Tagatag for a few reasons:

• It’s quick – You sign up for an account, download the SDK and you’re developing. The development server in the SDK lets me run the application on my desktop and interact with the code as I’m writing it.  Uploading new versions, rolling back old ones, or performing maintenance is a snap with the GAE dashboard.
• It’s simple – There’s not much to the web service. It’s small and simple. We used the webapp framework because we didn’t feel we needed anything else. It makes for a very concise application. Believe it or not, there are about 300 lines of code for the GAE part of Tagatag.
• It’s scalable – We don’t have to worry about what we do when Tagatag becomes popular. We’ll just raise our billing quotas in GAE and let them handle spinning up new instances or expanding the datastore. Knowing that you don’t have to be concerned about scaling makes things a lot more fun.

I’m happy that GAE let us bring Tagatag to you so quickly. So, when it’s available at the end of the week, be sure to download the app, tag a tag and make your mark!

Share this:

Digital studios and post houses need to incorporate new storage technologies now more than ever. It’s not as simple as storing data anymore — they need a strategy for centralized storage, transcoding, rendering, backup, and archiving, not to mention a workflow that incorporates all these solutions.

One company where we helped incorporate this type of strategy is media arts firm thelab. Our latest case study on this deployment is now live on our website.

In addition to a high-performance media SAN, StorNext and StorageManager, Control Group installed a centralized rendering solution for Maya in the form of a powerful render farm. This helped thelab complete a 30-second spot for the world’s fastest production sedan, the 2010 Cadillac 2010 CTS-V, in just 25 days.

Check out the finished product, and read more about CG’s solution!

Share this:

To celebrate autumn, we’ve put together a great event with some help from Apple. We’re partnering with StudioSysAdmins, the fantastic social networking community for engineers and techs from the entertainment industry, to bring Drew Tucker down to CG to talk about Final Cut Server. Drew is the author of the just-released Apple book on Final Cut Server. Come down and join us – please email to RSVP or for more info. Check it out:

Advanced Asset Management Integration with Final Cut Server
Wednesday, September 22, 2010, 6:30–8:00pm
Control Group, 233 Broadway, 21st Floor (corner of Park Place)

Join Control Group and StudioSysAdmins as we present Drew Tucker, author of the latest title in the Apple Pro Training Series: Final Cut Server 1.5.

We will be discussing the catalyst events and changes to production workflow that can create a need for asset management, archiving, and centralized transcoding. We’ll also talk about Final Cut Server integrations like publishing video to online distribution platforms, passing assets to third party transcoding engines, and dealing with advanced review and approval workflow.

The event will take place in Control Group’s newly expanded offices in the historic Woolworth Building. Drew will remain on hand afterward to answer all of your Final Cut Server questions, and we’ll have plenty of local, seasonal beers to celebrate the autumn solstice!!!

For more information or to RSVP, please email rsvp@controlgroup.com.

Control Group: Technology for Big Ideas.

Control Group is a technology services firm that provides insightful business analysis and integrated technology solutions including infrastructure, architecture, software, engineering and support for some of the most innovative companies in media and entertainment, like The Daily Show with Jon Stewart, The Colbert Report, IMG/Mercedes-Benz Fashion Week, World Wrestling Entertainment, Walker Digital Gaming and Studio Daniel Libeskind. Our whole-business perspective results in solutions that not only make our clients more efficient, but also creates true competitive advantage, while increasing bottom line and improving shareholder value.

About StudioSysAdmins

StudioSysAdmins is a social networking community dedicated to improving infrastructure, workflows and support across the Entertainment Industry. It’s an expanding community with one common site that joins Systems Administrators, Technical Directors, Pipeline Developers, Consultants, Hardware/Software Support Engineers and Hardware/Software Vendors and Resellers (VARs) that currently work in and/or support production studios in the areas of animation, visualization, visual-fx, film, and games.

Our goal is to enable the sharing of all non-proprietary information among all of our Members and to maintain open discussions between Studios, Vendors and VARs to determine standards in order to help improve support for the installation, implementation, monitoring and maintenance of hardware, software and operating systems.

Share this:

Being told that you’re going to assist in upgrading two of your favorite TV shows to HD brings a level of excitement that’s matched by an equal amount of fear. George Hoover, CTO of the production company NEP Studios, described the pressure aptly in the recent CIO Magazine article, Moving the Daily Show and Colbert to HD: 5 Change Management Lessons: “The world expects that TV shows will start when you expect them to start.” Couple a short window of downtime with the uncertainty of new equipment and unproven workflows, and one begins to wonder if a fluid upgrade is even possible.

Fortunately Control Group’s approach to formidable projects allowed us to complete the project smoothly and on schedule. As noted in the aforementioned article, the trick is to break everything down into manageable tasks, and identify which of those tasks are best addressed with technology, rather than manpower. The workstation setup for the two shows illustrates the benefits of this approach nicely.

The Colbert Report and The Daily Show needed nine new workstations set up for the artists, including installing several 2D design suites, 3D design applications, and a host of supporting plugins. Several render farm servers had to match these workstations setups so that the creation of HD elements could be distributed. Since this is a fair amount of equipment to arrange, we wanted to first be sure that the artists would be comfortable in their new environment. We created a “perfect” workstation for each show, and invited the end users to try them out at our office.

After making a few adjustments based on user feedback, we duplicated these master machines to their brethren using OS X’s excellent Apple System Restore utility. Used in concert with a networking technique known as multicast, we were able to get all of the workstations set up simultaneously, saving countless hours of manpower.

The time savings allowed us to get a jump on the real time sink of setting up design workstations – installing plugins. Due to the way many plugins are licensed, the installations had to be performed individually as each user. A team of Control Group employees attacked the 225 some-odd separate installs, completing them over the course of a day or two. Afterwards, specially crafted project files allowed us to test all the workstations and render nodes in a single shot, ensuring that the artists wouldn’t be confronted by a licensing dialog at show time.

As demonstrated at The Colbert Report and The Daily Show, a carefully planned approach allowed Control Group to assist NEP in completing their HD rollout on time and within the budget allotted. The satisfaction of watching both shows in full frame 1080p HD has been well worth the effort. (Getting to hear Stephen Colbert riff on an auto-tuner backstage wasn’t half bad either.)

Here’s a clip of Stephen Colbert enjoying the new HD setup.

Share this:

Here is a series of recommendations, rants, and observations about why MSOs (the cable companies) will be sad in 2011, unless they innovate and invest.

Entertainment = Consumption + Interaction:

Internet-enabled TV will bring about some radical changes.  Nielsen’s Three Screen Report indicates that consumption of the moving image is increasing across all three screens: traditional TV, internet, and mobile. The interactivity of this “data” will surely change. Entertainment now equals both watching and interaction: checking out additional content online, playing games, or participating in ads as entertainment. 3D and gesture-based interactions will also redefine this blurring of the line between passive and active viewing over the next few years.

Ditch the “dumb” set-top:

Content models that rely on “captive audience” set-top box capture of viewing habits are outmoded as delivery systems, and deliver poor analytics and reporting compared with the information we can glean from a data-only model. If content owners rely on this information, why does the old model remain unchecked? The set-top box is largely a passive unit that doesn’t include an interface, platform, or APIs for allowing advertisers to interact directly with their target audience in real-time like the Web does. We have seen some recent (and awesome) successes with new methods of delivery: Hulu, Netflix, MLB, and on-demand efforts. However we are in an infancy of thinking about the possibilities of satellite, cable, and their antiquated set-tops, and how broadcast can recapture some of the money that migrated to online advertising.

This is an opportunity for direct access to consumers in their living rooms. The delivery method is there, there is already a large internet-enabled box in many living rooms: tuner, DVR, AppleTV, Slingbox, etc. MSOs already have the access to provide value-add applications to the experience, but what is preventing them from radically changing the intersection of TV, Internet, and advertising? They actually have had a better chance than anyone.

Develop a platform:

Imagine tying content delivery to analytics and advertising – a platform that delivers both choice and guidance to direct viewers to shows they like, and then targets accompanying ads based on more granular information and feedback. Visible World does last-mile ad insertion for parent company, Comcast, who acquired one of the big three: NBC.  A small wrinkle in this still-disputed merger is Sen. Kohl, who is asking for a divestiture of NBC’s holdings in Hulu, arguing that it potentially violates anti-trust.

But this is an amazing opportunity for MSOs to radically change the model for consumers and advertisers by providing a platform for interaction. MSOs have a chance to drive people back to their subscriptions — otherwise we will see a switch to online viewing, where advertisers can get a lot more feedback for their digital dimes, and consumers can have more choice, and augment their experiences.

The TV could supersede the MSO-provided set-top box as a platform:

Internet-enabled TVs or TVs with companion internet-enabled boxes will supersede the current MSO interface and platform. Federated search across Internet/DVR/broadcast is far more useful and less clunky than a remote-driven interface.  In addition, the ability to bring in dynamic web content — ads, additional content, or related information — should quickly reduce the three screens to just two.

[youtube=http://www.youtube.com/watch?v=diTpeYoqAhc&hl=en_US&fs=1&]

When MSOs realize they are missing out on key advertising opportunities, we will see a rush to market with subscription- and licensed-content across the three screens. You would have thought that Hulu would have put the fear in them, but wait until Google TV takes their bite.  Their recent partnerships with TV manufacturer, Sony, ensures that this will be widely distributed to Best Buy, Walmart, etc. beyond the market reach of Roku, Slingboxes, of the world.

Prepare to lose ad revenue:

NBC Universal’s (current) CEO Jeff Zucker and his oft-quoted ‘trading analog dollars for digital pennies’ was revised last year to ‘digital dimes’ from the man himself. That is good news, especially for the multitudes of investors that entered into internet video ventures last year. Out of that gold-rush of investment though, there hasn’t been significant pay-dirt for many. Clearly the answer lies in uniting broadcast to the Internet, bringing the interactivity the web provides, in addition to the type of analytics that are possible. I predict Google TV will make more of an impact than Apple TV did to unite those advertising schemes, although watch out, Apple’s clearly got some plans a brewin‘.

Google TV offers the opportunity to sell ad’s within the interface, and provide targeted advertising, on the TV. Show me what you got MSO’s.

In Conclusion:

It is a rapidly changing world, and people have clearly shown that the TV, cable-tuner, and DVR do not have all the features people want. The cable companies who own the infrastructure and delivery method of video and data are being left out of this equation. Google has side-stepped around cable companies and the licensing issues — wisely I might add — and added a layer with enhancements that will allow them get deep into people’s living rooms, to collect data and provide a smarter ad platform. Things are going to get really interesting….

Share this:

Whew! As always, NAB was quick, productive, and overwhelming – only this time it was in 3D!

Everyone, everywhere, was talking about 3D: cameras, displays, production software, trucks, expertise, etc. The race for preparedness is on, and people will spend as pushy studios and producers want to be the first to do this or that with 3D. First sitcom, first sporting event, first documentary, first newscast, etc. The reality is that we are a ways off from wide-scale adoption, and showrooms and special screenings will be the place for 3D for the foreseeable future. We are in a similar catch-22 phase as a few years ago during the early days of HD production – 3D TVs are just coming onto the market and will drop down to reasonable consumer level prices within the next 2-3 yrs. Consumers are asking “do I buy a 3D TV when there is little to no programming?” while content creators are wondering “do I produce in 3D when there is little to no audience?”

Being an industry event though, it’s about more than bragging rights or audience – it’s about technical feasibility, practice, and logistics – all things which will change when 3D comes to our living room. DirecTV has announced that they will carry four 3D channels starting in June, including ESPN 3D and a dedicated 3D pay-per-view channel. And Cablevision dipped its toes into the 3D pool a few weeks ago with an MSG Network broadcast of a Rangers and Islanders hockey game live from Madison Square Garden.

After talking to a few industry experts who participated in the recent Masters in 3D, the challenges with 3D production are less technical than logistical: camera placement for example. While HD favors wide top-down shots for seeing all the action, 3D is most effective with close, ground-level cameras – imagine Phil Mickelson’s birdie putt as viewed from grass-level, just across the green, the ball rolling right toward you as he sinks it…

There were also lots of other things of interest: Falconstor’s HyperFS, CatDV asset management, Avid’s Java app for editing over the web, 3ality cameras, Adobe CS5, among many more. We were particularly excited by the potential of Active Storage’s Innerpool appliance for metadata. This PCI Express card contains on-board redundant solid-state drives, specifically engineered for storing metadata in an Xsan environment. This has the potential of being something of a game changer, allowing us to more efficiently configure the storage in our Xsan integrations, and giving our clients more bang for their buck when deploying new SAN solutions.

We had some great meetings with prospective clients, old and new friends, fellow consultants and vendors, and we’re excited about some emerging strategic opportunities. Our work in online video technology and web delivery combined with our broadcast infrastructure and workflow experience means we are ideally positioned to help organizations streamline and bring these workstreams closer together.

Share this:

Control Group has rolled out a number of Call Manager Express systems for our clients, and one issue that frequently comes up is what to do with callers on hold. While most companies – ours included – work to avoid putting people on hold, it does happen. The easy options offered by the Call Manager Express are a double beep at regular intervals or a ‘Music on Hold’ file that you can store in the host router’s flash memory. I have received many complaints about the beeps and even a single repeating music file can be insufficient for some users.

When I started searching for a way to connect an audio feed to a gateway router, I found that there were no great turnkey solutions. What I did find is that there is a way to make use of an available FXO port to bring a live feed into the system with some inexpensive parts. The solution I have deployed requires a surface mount RJ 45, a chassis mount RCA jack, and a stereo 1/8″ mini to RCA adaptor. All of these pieces can be found at a nearby electronics parts store and purchased for under $20. The FXO port and an iPod will set you back some but if you want easy control of your hold music it may be worth it.

Build the Adaptor

To make the adaptor, open up the surface mount box and figure out how you will attach the RCA jack. In one case I used a drill bit to make a hole for it, in another case I found a form factor where the notch for a cat 5 cable fit the connector perfectly. You may also find a general purpose surface mount with modular fittings where an RCA “snap in” would snap right in.

Once you’ve sorted that you will need a pair of wires from either a solid or stranded piece of cat 5. Punch these down to pins 4 and 5 of the RJ45 and solder the other side to the RCA jack.

When you are done it should look like this.

Adaptor wiring detail. Though the jack in this configuration is an RJ 45 you can use a standard RJ11 phone cord to connect between the adaptor and the FXO port.

Configuring the Voice Gateway

Configuring the voice gateway is pretty straightforward:

1. Create a DN for the MOH call out with an unused multicast address

ephone-dn 274
number 1 no-reg primary
moh ip 239.12.13.1 port 2000 out-call 899

2. Configure the available FXO port remain open to the iPod

voice-port 0/3/3
signal loopStart live-feed
input gain 2
description To MoH Live Feed

3. Create a dial peer to connect to the FXO port

dial-peer voice 55 pots
destination-pattern 899
port 0/3/3

4. Configure CME to use the multicast for MOH

telephony-service
multicast moh 239.12.13.1 port 2000

Then Shut/No shut the voice port to invoke the change.

I have been using one of the built in USB ports on our gateway here at Control Group to power the iPod which turns out to be very convenient.

Safety and Other Considerations

There are some very important caveats.

1. The adaptor I describe is potentially dangerous. If you were to connect an iPod to a POTS line or an FXS port feeding a battery signal you could damage the iPod or the device connected to it. You could also receive a serious electrical shock.
2. The use of copyrighted material for Music on Hold can be a violation of the rights of the copyright owner.
3. The adaptor will only work with one channel of audio from the iPod. If you use a mono 1/8″ to RCA cable it will short out the other channel.

These issues need to be minded if you would consider this solution. Also, keep in mind that people’s taste in music varies widely. Implement Music on Hold and you will find out just how much!

Miles Green is a Senior Network Engineer at Control Group and worked as a Musician and Recording Engineer in a previous life.

Share this: