FishVue Interpret (by Archipelago) is a precision aquaculture analytics platform that ingests underwater video, sonar, environmental sensors, and farm telemetry to deliver insights for feeding, health, and stock monitoring. This guide explains how to deploy and scale FishVue Interpret behind RELIANOID to ensure low-latency control, resilient ingestion, and secure multi-site operations.

1. Target Architecture #

FishVue deployments commonly include: submerged cameras and sonars, farm-edge gateways, cloud or on-prem analytics, and operator dashboards. RELIANOID provides edge and core ADC capabilities to route and secure traffic across these components.

[Underwater Cameras / Sonars]   [Feed/Control Consoles]      [Cloud Analytics]
            |                          |                             |
       ┌────▼────┐               ┌─────▼─────┐                 ┌─────▼──┐
       | Edge GW |--(MQTT/RTSP)--| RELIANOID |---(HTTPS/gRPC)--| API/UI |
       └────┬────┘               └──────────┬┘                 └────────┘
            |                               \/
           [Sensors: DO, Temp, Salinity, AIS]

Primary traffic types: Video/sonar streams (RTSP/SRT/WebRTC), telemetry (MQTT/HTTPS), control (gRPC/REST), and UI (HTTPS + WebSocket).

Load balancing services will look like the following:

2. Ports & Protocols Quick Reference #

UI & API #

• HTTPS UI: 443
• API (gRPC/HTTP2): 8443
• WebSocket: over 443

Ingestion & Streams #

• RTSP (TCP): 554
• SRT: RTP encapsulated TCP/UDP (custom ports)
• MQTT/TLS: 8883

Control & Telemetry #

• gRPC (control plane): 9443
• Telemetry REST: 8443

3. L7 HTTPS for Operator Dashboards & APIs #

Terminate TLS on RELIANOID to centralize certificate management, enable WAF rules, and to handle HTTP/2 and WebSocket upgrades efficiently.

Default Service for the User Interface:

Specific Service for the API:

4. Real‑Time Streams: RTSP/SRT/WebRTC #

RTSP over TCP is preferred over highly variable satcom links; use health checks that probe RTSP OPTIONS. For browser-based low-latency streams, use WebRTC with TURN/TLS allocation.

Service:

If UDP is reliable between sites, consider SRT for higher resilience and retransmission over lossy links; place an SRT gateway behind RELIANOID if direct UDP LB isn’t available.

5. WebRTC & TURN/TLS Allocation #

Service configuration:

6. MQTT Telemetry & Device Affinity #

Devices (feed sensors, oxygen probes) should use mTLS and be pinned to brokers to maintain session continuity and reduce reconnections over high-latency links.

Service configuration:

7. gRPC Control Plane #

Use HTTP/2 with keep-alives and low server timeouts to ensure responsive control actions (feeding commands, cage positioning).

Service configuration:

8. Security: mTLS, WAF & OIDC #

• mTLS: issue device certs for farm gateways and cameras; enforce with CA pinning and OCSP.
• WAF: protect dashboards & APIs; JSON schema validation and rate limits for ingestion endpoints.
• OIDC/SSO: centralize auth at RELIANOID edge; apply conditional MFA for high-risk actions (manual feed override).
• Least privilege: role-based routing & header injection to backends for audit context.

9. Observability & SLOs #

• Prometheus: expose RELIANOID metrics — request latency, stream counts, error rates.
• Per-stream metrics: bitrate, packet loss, jitter, stall events.
• Tracing: propagate X-Request-ID and W3C trace headers into analytics pipelines.
• Dashboards: operators view real‑time stream health, sensor ingestion rate, and control latency.
• SLO examples: Control p95 < 150 ms, Stream uptime > 99.9% per day, Telemetry delivery > 99.99%.

10. High Availability & DR #

• Active‑active RELIANOID pairs with VRRP/anycast VIPs at farms and core locations.
• GSLB for global failover across regions; health-aware DNS failover for operator consoles.
• Hot restarts and rolling restarts to avoid interrupting live dives or feeding events.
• Brownout strategies: lower video resolution and prefer keyframe-only jitter suppression when bandwidth constrained.

11. Edge Patterns & Connectivity #

• Dual uplinks: satellite + cellular (where available); policy-based routing per traffic class.
• DSCP marking: control EF, telemetry AF21, video AF41.
• Local buffering: store-and-forward on gateway for telemetry and batch uploads for large video segments.

12. Release Strategies (Canary & Blue/Green) #

Set a canary server with a small portion of the traffic for testing purposes by adding a lower weight.

13. Hardening Checklist #

• TLS 1.2/1.3 only; disable legacy ciphers; enable OCSP stapling.
• WAF tuned for JSON APIs and media ingest patterns; limit body size and enforce schemas.
• Segment management & data networks; lock admin consoles to a bastion + MFA.
• Encrypt backups and configs; store offsite; test restores quarterly.
• Define RTO/RPO and test failovers (including satcom link failover) in regular drills.

14. Bill of Materials (Typical) #

• RELIANOID Core ADC (L7 + WAF + mTLS) — 2 nodes active‑active.
• RELIANOID Edge ADC (on‑farm) — 1–2 nodes with automatic failover.
• Media gateway (RTSP/SRT/WebRTC TURN) — pool behind RELIANOID.
• MQTT cluster + time‑series DB (Influx/Timescale) + analytics cluster.
• Observability stack — Prometheus, Grafana, ELK/Loki; GitOps for config management.