AWS Instances

We provide a fully installed USP AMI in the AWS Marketplace.


After each new GA release of the Unified Streaming Platform, the AWS marketplace instance of the former release remains valid for a certain period of time. For each new release, AWS sends an update email about the new marketplace instance that accompanies a GA release and a 'sunset' email for the marketplace instance that is to be replaced.

Choosing an AWS instance

There are many AWS Instance Types, choosing one depends the following:

  • is the content SD or HD?
  • what is the expected dominant output (HLS, Smooth, etc)?
  • is DRM needed?
  • is the output Live or VOD?
  • if Live, what are the bitrates ingested?
  • if Live what is the DVR window size (and would you plan a RAM disk for that)?

In short, ingest is IO bound, and egress first IO bound, then network and lastly CPU.

With AWS you have the option to use a few high performance instances or many small instances and scale vertically or horizontally. AWS suggests the latter.

The Cloud Storage Reducing Latency setup uses (local) caching of files. There should be enough RAM for the webserver to start processes/threads to handle cache requests.

In most cases 'c' instances are best but 'r' (memory optimised) or 'i' (storage optimised) instances can be chosen as well, for instance if the use cases warrants it (e.g. large DVR window using 'i' instances with NVMe disks).


Please also take a look at our AWS setup and performance testing blog posts: it outlines how to create a VOD setup including an installation script and a script that creates a virtual host with S3 access.


When you start the AMI you need to use a security group where port 80 and port 22 are enabled. The image user name is 'ubuntu' and has sudo access.

To login you need to use ssh (or similar like putty on Windows):

ssh -i your-ssh-key ubuntu@your-ec2-instance


A VOD License Key is provided with the AMI.


Once the AMI has launched and became an 'instance' you should be able to direct your browser to the instance's public DNS name; such a name looks like this:

The website presented should look exactly the same as Features overview (and similarly stream video when clicked). The layout of the test website is described in Verify Your Setup.

On startup the AMI tries to set it's external hostname as ServerName for Apache and set the same hostname in the 'index.html' file to address all files and links (the 'index.html' file you can find in /var/www/usp-evaluation).

For this to happen your VPC needs to be setup to add DNS hostnames. In the VPC dash board select 'Edit DNS Hostnames' for the VPC you are creating the instance in:


and set 'DNS Hostnames' to 'yes'. This has to be done before you start the instance.

If you want to use an 'elastic ip address' then you should edit these files to reflect that and disable the init script in /etc/init/usp-setup-hn.conf.

Using S3 storage

First setup the AWS cli interface.

The cli interface allows to list available buckets:


aws s3api list-buckets --region eu-central-1

as well as create buckets


aws s3 mb s3://your-bucket --region eu-central-1

copy content to the bucket:


aws s3 cp tears-of-steel s3://your-bucket/tears-of-steel --recursive --region eu-central-1

or delete content from the bucket:


aws s3 rm s3://your-bucket/tears-of-steel --recursive --region eu-central-1

The endpoint then is the following:

Please note that permissons should be set on content before it can be accessed.

One way is setting an ACL on the bucket, the following makes the bucket world readable:

  "Version": "2012-10-17",
  "Statement": [
      "Sid": "MakeItPublic",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::your-bucket/*"

But AWS S3 with Authentication can be followed as well.

For further options and possibilities please refer to the AWS documentation.

Following the storage proxy Installation documentation, the just created bucket and uploaded content can be streamed by adding the UspEnableSubreq directive and defining <Proxy> sections for each remote storage server used.

<Location "/">
  UspHandleIsm on
  UspEnableSubreq on

SSLProxyEngine on

<Proxy "">
  ProxySet connectiontimeout=5 enablereuse=on keepalive=on retry=0 timeout=30 ttl=300


Regions can also be appended explicitly, e.g. adding -eu-central-1 after s3 so the URL becomes

The URL to the content then becomes the following, for instance for MPEG-DASH:

where is the webserver running USP and has the previous vhost snippet (and the tears-of-steel content in 'your-bucket' used with both IsmProxPass and Proxy directives.

For guidelines on howto use Unified Packager with Amazon S3 see How to write directly to Amazon S3.