.. _architecture:
*************************************
Architecture
*************************************
Though you mostly interact with FindFace CIBR through its web interface, be sure to take a minute to learn the FindFace CIBR architecture. This knowledge is essential for the FindFace CIBR deployment, integration, maintenance, and troubleshooting.
.. rubric:: In this chapter:
.. contents::
:local:
Recognition Process
==================================================
FindFace CIBR detects a human face in the photo or video and prepares its image through normalization. The normalized image is then used for extracting the face's feature vector (an n-dimensional vector of numerical features that represent the face). Face feature vectors are stored in the database and further used for verification and identification purposes.
.. _docker-platform:
Docker Platform
======================
FindFace CIBR is deployed in Docker, a set of platform as a service (PaaS) products that use OS-level virtualization to deliver software in packages called containers. Each FindFace CIBR service runs in a Docker container.
Architectural Elements
===============================
FindFace CIBR consists of the following fundamental architectural elements:
* FindFace core, a cutting-edge AI-based recognition technology that can be used as a separate product `FindFace Enterprise Server `_.
* Application Module (FindFace CIBR), implementing a set of tools for criminal investigations based on video footage and photo files.
Architecture scheme
------------------------
|architecture_en|
.. |architecture_en| image:: /_static/architecture_en.png
.. |architecture_ru| image:: /_static/architecture_ru.png
FindFace core
-------------------------
There is a separate product `FindFace Enterprise Server `_ inside the FindFace core. It includes the following components:
+---------------------------+--------------+--------------------------------------------------------------------------------------+--------------------------------------------+
| Component | Ports in use | Description | Vendor |
+===========================+==============+======================================================================================+============================================+
| findface-extraction-api | 18666 | Service that uses neural networks to detect a face in an image and extract its | NtechLab own deployment |
| | | feature vector. It also recognizes face attributes, for example, gender, age, | |
| | | emotions, beard, glasses, etc. CPU- or GPU-acceleration. | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+ |
| findface-sf-api | 18411 | Service that implements the internal HTTP API for face detection and recognition. | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+ |
| findface-tarantool-server | 32001, | Service that provides interaction between the ``findface-sf-api`` service and the | |
| | shard ports | feature vector database (the Tarantool-powered database that stores face | |
| | (default | feature vectors). | |
| | 330xx, 81xx) | | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+ |
| findface-upload | 3333 | NginX-based web server used as a storage for original images, thumbnails, and | |
| | | normalized face images. | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+ |
| findface-facerouter | 18820 | Service used to define processing directives for detected faces. In FindFace CIBR, | |
| | | its functions are performed by ``findface-multi-legacy`` | |
| | | (see :ref:`application-module`). | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+ |
| findface-video-manager | 18810, | Service, part of the video face detection module, that is used for managing the | |
| | 18811 | video face detection functionality, configuring the video face detector | |
| | | settings and specifying the list of to-be-processed video files. | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+ |
| findface-video-worker | 18999 | Service, part of the video face detection module, that recognizes a face in | |
| | | the video and posts its normalized image, full frame and metadata (such as | |
| | | detection time) to the ``findface-facerouter`` service for further processing | |
| | | according to given directives. | |
| | | CPU- or GPU-acceleration. | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+ |
| findface-ntls | 443 | License server that interfaces with the NtechLab Global License Server, a USB | |
| | (TCP), | dongle, or hardware fingerprint to verify the :ref:`license ` | |
| | 3133, | of your FindFace CIBR instance. | |
| | 3185 | | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+ |
| findface-counter | 18300 | Service used for event deduplication. | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+--------------------------------------------+
| Tarantool | Shard ports | Third-party software that implements the feature vector database that stores | `Tarantool `_ |
| | (default | extracted face feature vectors and identification events. The system data, | |
| | 330xx, 81xx) | records, user accounts are stored in PostgreSQL | |
| | | (part of the FindFace CIBR application module). | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+--------------------------------------------+
| etcd | 2379 | Third-party software that implements a distributed key-value store for | `etcd `_ |
| | | ``findface-video-manager``. Used as a coordination service in the distributed | |
| | | system, providing the video face detector with fault tolerance. | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+--------------------------------------------+
| NginX | 80; | Third-party software that implements the system web interfaces. | `nginx `_ |
| | SSL: 8002, | | |
| | 8003, 443, | | |
| | 80 | | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+--------------------------------------------+
| memcached | 11211 | Third-party software that implements a distributed memory caching system. | `memcached `_ |
| | | Used by ``findface-sf-api`` as a temporary storage for extracted face | |
| | | feature vectors before they are written to the feature vector database powered by | |
| | | Tarantool. | |
+---------------------------+--------------+--------------------------------------------------------------------------------------+--------------------------------------------+
.. _application-module:
Application Module (FindFace CIBR)
---------------------------------------------
The FindFace CIBR application module includes the following components:
+----------------------------------+--------------+---------------------------------------------------------------------------------------+--------------------------------------------+
| Component | Ports in use | Description | Vendor |
+==================================+==============+=======================================================================================+============================================+
| findface-multi-legacy | Configurable | Service that serves as a gateway to the FindFace core. | NtechLab own deployment |
| | | Provides interaction between the FindFace core and the web interface, the system | |
| | | functioning as a whole, HTTP and web socket, face monitoring, event | |
| | | notifications, etc. | |
+----------------------------------+--------------+---------------------------------------------------------------------------------------+ |
| findface-multi-pause | n/a | Internal services that assist ``findface-multi-legacy``. The ``findface-multi-audit`` | |
+----------------------------------+--------------+ service is created for the future. It will become full-fledged in the upcoming | |
| findface-multi-audit | 8012, 8013, | versions. As for now, it partly duplicates the ``findface-multi-legacy`` | |
| | 8014 | functionality. Use ``findface-multi-legacy`` to work with it. The | |
+----------------------------------+--------------+ ``findface-multi-identity-provider`` is the service for authentication, user | |
| findface-multi-identity-provider | 8022, 8023, | management, and management of role-based model of accesses. | |
| | 8024 | | |
+----------------------------------+--------------+---------------------------------------------------------------------------------------+ |
| cleaner | n/a | The service is responsible for the data cleanup. | |
+----------------------------------+--------------+---------------------------------------------------------------------------------------+ |
| findface-multi-ui | Configurable | Main web interface used to interact with FindFace CIBR. | |
| | | Based on the `Django framework `_. | |
| | | Allows you to work with face recognition events, search for | |
| | | faces, manage cases, users, record index, watch lists, and many more. | |
+----------------------------------+--------------+---------------------------------------------------------------------------------------+--------------------------------------------+
| NATS | 4222 | Third-party software that implements a message broker in ``findface-multi-legacy``. | `NATS `_ |
+----------------------------------+--------------+---------------------------------------------------------------------------------------+--------------------------------------------+
| etcd | 2379 | Third-party software that implements locks in the ``findface-multi-legacy`` service, | `etcd `_ |
| | | such as locks in NTLS checker, reports, video processing, etc. | |
+----------------------------------+--------------+---------------------------------------------------------------------------------------+--------------------------------------------+
| Pgbouncer | 5439 | Third-party software, a lightweight connection pooler for PostgreSQL. Optional, | `PgBouncer `_ |
| | | used to increase the database performance under high load. | |
+----------------------------------+--------------+---------------------------------------------------------------------------------------+--------------------------------------------+
| PostgreSQL | 5432 | Third-party software that implements the main system database. This database stores | `PostgreSQL `_ |
| | | records of individuals and data for internal use. | |
| | | The face feature vectors and face identification events are stored in Tarantool | |
| | | (part of the FindFace core). | |
+----------------------------------+--------------+---------------------------------------------------------------------------------------+--------------------------------------------+
.. seealso::
* :ref:`storages`
CPU- and GPU-acceleration
==========================================
The ``findface-extraction-api`` and ``findface-video-worker`` services can be either CPU- or GPU-based. You will have an opportunity to choose the acceleration type you need during the :ref:`installation `.
.. important::
Refer to :ref:`requirements` when choosing hardware configuration.
.. important::
If video resolution is more than 1280x720px, it is strongly recommended to use the GPU-accelerated package ``findface-video-worker``.