IraLicense Specification

    Introduction

    Software licensing plays a major role in how products and services are secured and monetized. In case of SaaS, which is essentially cloud hosted, licensing is rather simple. However, licensing products that need to reside in customer premises or private cloud is more complicated. The license issuer often has no access to the network where the software will be deployed.

    In order to handle these scenarios, Epicode provides two different kinds of floating licensing schemes, namely node-locked licensing and cloud licensing. AWS License Manager route was considered, however it does not meet the licensing needs of Epicode. AWS LM only supports vCPU, Instance, Core, and Socket type. Epicode needs to license multiple 100s of simultaneous sessions within an instance, which AWS LM doesn't support. AWS LM doesn't even support session based licensing.

    In addition, Epicode products run a HA framework called Hive, which refers to a collection of processes that are connected to each other over a secure socket all the time. These processes can be running across multiple servers. It provides redundancy and load balancing to the applications on the Hive framework. Licenses should have the ability to float across servers seamlessly when servers are added and removed from the Hive.

    Node-locked Licensing

    This scheme is used when a customer simply doesn't want to give Internet access to connect to Epicode cloud licensing server. That means the license has to be issued in the form of a license file and that will be placed within the server where the product is deployed. And the license can be generated only after the server is launched, since the unique signature (fingerprint) of the server instance is required to generate the license. If the server instance is cloned and launched elsewhere, the license becomes invalid. This is the exact scenario node-locked licenses are supposed to achieve. If the licenses are not node-locked, the customer can simply clone and launch the installation image any number of times in violation of the licensing terms.

    Steps to create a node-locked license

    1. The customer launches a new server (or a HA pair) with Epicode products. By default, only 20 licenses are available for the whole cluster of servers within the hive. 

    2. Epicode should be given ssh access to login to get the fingerprint of the server and generate the license for a duration required.

    3. Deploy the newly generated license.

    These licenses will remain valid if the server (or the HA pair) is stopped and started. However, if a new server is launched using the image of this licensed server, the new server won't have a valid license. If the customer is planning to build a new AMI every month, the license period should be limited to one month. If new servers are added to an existing Hive, the license can float into the new servers.

    All the licenses with valid duration will count against the total licenses owned by the customer. All issued licences will be maintained in a spreadsheet shared with the customer, along with their validity.

    Pros

    1. No Internet access required.

    Cons

    1. Requires access to the new EC2 instances every time to generate and install licenses.

    2. If servers are terminated, new servers will require license generation again.

    3. If a server with valid licenses is lost/terminated, the customer has to give an undertaking that the license was genuinely lost, so that it can be re-issued. Epicode will keep track of the servers with valid licenses, and will verify it during any support incident.

    4. Hard to keep track of licenses issued and used. Requires manual ledger to track licenses.

    5. Licensing issues cannot be centrally tracked. Such issues have to be raised as a ticket manually and the support team will need access to the server to resolve the issue.

    Cloud Licensing

    The iraLicense web is a portal to manage licenses for Epicode products. For this licensing scheme to work, the Epicode software must be able to access Iralicense web site either directly or through a proxy maintained by the reseller.

    This has a great advantage over node-locked licensing. The customer can launch any number of instances, any time, without ever having to give access to Epicode to those servers. The server can request the number of licenses required by the hive and it will be issued for a period of 20 days. The licensing agent within the server will request for renewal every 10 days. Therefore, there will always be 10 days to clear up any licensing issues that may crop up.

    Steps to create a cloud license

    1. Register a new hive for the customer who has purchased the licenses. Epicode can even pre-register a bunch of hives with unique names in advance, and hand it over to the customer.

     

    1. Allocate one hive name for each setup, either standalone or HA cluster. Multiple servers in a single cluster or hive, require only one hive name. Two hives with the same name cannot run simultaneously. Only one of them will be able to run. Always use different names for each setup. The unique name is specified through the startup file provided by the customer while starting EC2 server.

     

    1. Specify the licenses required by each setup using the following json element. Those numbers of licenses will be issued to the setup, and will be deducted from the total purchased list in the cloud licensing server. This element is extracted from the startup file provided by the customer while starting EC2 server.

     

    {
        "licenses_assigned":
        [
            {   "product": "iracpa", "item": "amd", "count": "5", "tenant": "acme"},
            {   "product": "txhive", "item": "instance", "count": "10", "tenant": "all"}   
        ]
    }

    As the server starts, it will register the hive with the cloud licensing server, and acquire the licenses requested in the above json element. It can result in many of the following scenarios:

     

    1. The request is successful and licenses are issued for 20 days. The applications in every server in the hive will be ready to service API requests.

    2. The request is denied because the hive name is not valid. An alert email will be sent to both Epicode support team and the customer team. Solution: Customer should obtain a new hive name from the support team.

    3. The request is denied because the hive name has been reassigned to a failover hive. An alert email will be sent to both Epicode support team and the customer team. When the entire cluster goes down, it can be resurrected elsewhere using the same image, using the same hive name. However, if the earlier setup comes up again, it no longer owns the hive name. It belongs to the failover server. Solution: If the customer wants to reuse the old setup, a new hive name will be required.

    4. The request is denied because the number of licenses requested is not available. An alert email will be sent to both Epicode support team and the customer team.  Solution: Purchase more licenses, or reduce the number of licenses requested.

    Pros

    1. License management is automated. Once the purchased licenses are allocated in the cloud, the licenses can be provisioned without any intervention by Epicode support team.

    2. Licenses are centrally tracked, and usage can be monitored. A customer portal to add/remove hive names, and view usage will be provided soon.

    3. Epicode support team doesn't need access to any customer server for license generation.

    4. Licenses can be controlled from the license portal, like renewing/stopping, etc.

    5. Email alerts can be sent to multiple support teams, when licensing issues arise. 

    Cons

    The production servers will require access to https://www.iraware.com/ website. This can be re-directed through the reseller's proxy, if direct access is not possible.


    Published