Update to FindFace Multi 1.1

Tip

If you use our product FindFace Security deployed on Ubuntu 18.04, you can upgrade it to FindFace Multi 1.0 and then update it to FindFace Multi 1.1.

To update FindFace Multi 1.0 to 1.1, do the following:

  1. Open the /etc/findface-security/config.py (/etc/ffsecurity/config.py) configuration file. Save the values of the following parameters for later use: EXTERNAL_ADDRESS, SECRET_KEY, VIDEO_DETECTOR_TOKEN, ROUTER_URL.

    sudo vi /etc/findface-security/config.py
    
    EXTERNAL_ADDRESS = "http://172.20.77.58"
    
    ...
    # use pwgen -sncy 50 1|tr "'" "." to generate your own unique key
    SECRET_KEY = 'c8b533847bbf7142102de1349d33a1f6'
    
    FFSECURITY = {
       'VIDEO_DETECTOR_TOKEN': '381b0f4a20495227d04185ab02f5085f',
       ...
       'ROUTER_URL': 'http://172.20.77.58',
       ...
    }
    
  2. Stop the findface-security service.

    sudo systemctl stop findface-security*.service
    
  3. Create a backup of the Tarantool-based feature vector database in any directory of your choice, for example, /etc/findface_dump.

    Tip

    See Back Up and Recover Data Storages for details.

    sudo mkdir -p /etc/findface_dump
    cd /etc/findface_dump
    sudo findface-storage-api-dump -config /etc/findface-sf-api.ini
    
  4. Install the apt repository with FindFace Multi, using the console installer as described in this section.

  5. Install NATS, enable its autostart, and launch the service.

    sudo apt install -y nats-server
    sudo systemctl enable nats-server
    sudo systemctl restart nats-server
    
  6. Install the FindFace Multi services from the repository, following your architecture outline.

    CPU-version:

    sudo apt update
    sudo apt install findface-security findface-security-ui findface-extraction-api findface-ntls findface-sf-api findface-tarantool-server findface-upload findface-video-manager findface-video-worker-cpu findface-counter findface-liveness-api
    

    GPU-version:

    sudo apt update
    sudo apt install findface-security findface-security-ui findface-extraction-api-gpu findface-ntls findface-sf-api findface-tarantool-server findface-upload findface-video-manager findface-video-worker-gpu findface-counter findface-liveness-api
    

    Important

    FindFace Multi on GPU requires the prior installation of NVIDIA drivers.

    Important

    At some moment, you will be prompted to choose which version of the findface-security configuration file to keep. Opt for Install the packages maintainer’s version.

  7. Open the /etc/findface-security/config.py configuration file and paste the saved EXTERNAL_ADDRESS, SECRET_KEY, VIDEO_DETECTOR_TOKEN, and ROUTER_URL into it. Fill in the DATABASES section by analogy: 'PORT': 5439, 'USER': 'ntech', 'PASSWORD': '9T3g1nXy9yx3y8MIGm9fbef3dia8UTc3' (password from /etc/pgbouncer/userlist.txt).

    sudo vi /etc/findface-security/config.py
    ...
    # Database is used by FindFace Security to store cameras,
    # camera groups, watchlists and so on. Only PostgreSQL is supported.
    DATABASES = {
        'default': {
            'ENGINE': 'django.db.backends.postgresql',
            'DISABLE_SERVER_SIDE_CURSORS': True,
            'NAME': 'ffsecurity',
            'PORT': 5439, 'USER': 'ntech', 'PASSWORD': '9T3g1nXy9yx3y8MIGm9fbef3dia8UTc3',
        }
    }
    ...
    # Use pwgen -sncy 50 1|tr "'" "." to generate your own unique key
    SECRET_KEY = '002231ccb690586f4d33e98322c591bb'
    ...
    SERVICE_EXTERNAL_ADDRESS = 'http://172.20.77.58'
    # EXTERNAL_ADDRESS is used to access objects created inside FFSecurity via external links.
    EXTERNAL_ADDRESS = 'http://172.20.77.58'
    ...
        # findface-video-worker authorization token
        'VIDEO_DETECTOR_TOKEN': '8977e1b0067d43f6c908d0bf60363255',
    ...
        # findface-video-worker face posting address,
        # it must be set to either FFSecurity EXTERNAL_ADDRESS (by default)
        # or findface-facerouter url (in some specific cases)
        'ROUTER_URL': 'http://127.0.0.1:80',
    
  8. Open the old version of the findface-ntls configuration file available at /etc/findface-ntls.cfg.dpkg-old and check it against the new version /etc/findface-ntls.cfg. Make sure that all the custom parameters from the old version are present in the new one. Do the same for other components, e.g. for findface-extraction-api, check /etc/findface-extraction-api.ini.ucf-old against /etc/findface-extraction-api.ini, etc.

    sudo vi /etc/findface-ntls.cfg.dpkg-old
    sudo vi /etc/findface-ntls.cfg
    sudo vi /etc/findface-extraction-api.ini.ucf-old
    sudo vi /etc/findface-extraction-api.ini
    
    ...
    
  9. Open the new version of the /etc/findface-video-worker-cpu.ini (/etc/findface-video-worker-gpu.ini) configuration file. In the streamer section, set tracks = true to ensure bboxes on the Video Wall are appropriately displayed.

    sudo vi /etc/findface-video-worker-cpu.ini
    sudo vi /etc/findface-video-worker-gpu.ini
    
    [streamer]
    #------------------------------
    ...
    ## use tracks instead detects for streamer
    ## type:bool env:CFG_STREAMER_TRACKS longopt:--streamer-tracks
    tracks = true
    
  10. Restart the services.

    sudo systemctl restart findface-ntls findface-extraction-api findface-video-worker* findface-video-manager findface-sf-api findface-counter findface-liveness-api
    
  11. Modify the Tarantool database structure by applying the tnt_schema.lua file from FindFace Multi.

    sudo findface-security make_tnt_schema | sudo tee /etc/findface-security/tnt_schema.lua
    
  12. Stop the findface-tarantool-server shards. Purge data from all the directories relevant to active shards.

    sudo systemctl stop 'tarantool@*'
    
    sudo rm /opt/ntech/var/lib/tarantool/shard-*/{index,snapshots,xlogs}/*
    
  13. Navigate to the directory with Tarantool configuration file(s) /etc/tarantool/instances.available/. Check whether each configuration file shard-*.lua contains the dofile command, meta_indexes and meta_scheme definitions, as in the example below.

    sudo vi /etc/tarantool/instances.available/shard-*.lua
    
    ...
    dofile("/etc/findface-security/tnt_schema.lua")
    ...
    FindFace.start("127.0.0.1", 8101, {
        license_ntls_server="127.0.0.1:3133",
        meta_indexes=meta_indexes,
        meta_scheme = meta_scheme
    })
    
  14. Restart the findface-tarantool-server shards.

    TNT=$(ls /etc/tarantool/instances.enabled/ | cut -c 7,8,9)
    for i in $TNT; do sudo systemctl restart tarantool@shard-$i.service ; done
    
  15. Restore the Tarantool database from the backup.

    cd /etc/findface_dump
    
    for x in *.json; do sudo findface-storage-api-restore -config /etc/findface-sf-api.ini < "$x"; done
    
  16. Migrate the main database architecture from FindFace Multi to PostgreSQL, re-create user groups with predefined rights, and the first user with administrator rights.

    sudo findface-security migrate
    sudo findface-security create_groups
    sudo findface-security create_default_user
    
  17. Restart the findface-security service.

    sudo systemctl restart findface-security.service
    

Important

To preserve the FindFace Multi compatibility with the installation environment, we highly recommend you to disable the Ubuntu automatic update. In this case, you will be able to update your OS manually, fully controlling which packages to update.

To disable the Ubuntu automatic update, execute the following commands:

sudo apt-get remove unattended-upgrades
sudo systemctl stop apt-daily.timer
sudo systemctl disable apt-daily.timer
sudo systemctl disable apt-daily.service
sudo systemctl daemon-reload