Licensing of software in containerized environments

Protecting containerized applications (e.g. in docker) is similar in many ways to non-containarized applications. The major difference is that, in most cases, there is no reliable way to uniquely identify an instance. And even if it would be possible to identify them, it might not be desirable since oftentimes containers spin up and down very frequently.

More specifically, the challenge from a software licensing perspective is to prevent end users from exceeding the maximum number of concurrent instances.

Solution

The general solution to restrict the number of concurrent users is to use a floating license model (allows to restrict how many instances can run concurrently) and generate a random identifier upon application start (i.e. not relying on any OS information).

If your clients will have an internet connection, your application can call the Cryptolens API directly as described here. In this case, Cryptolens will be responsible for keeping track of all active instances.

If your clients will be offline, they can install a local license server that will keep track of all instances. A tutorial on how it can be setup can be found here.

If you would have any questions or need advice on how to protect containerized applications, please reach out to us at [email protected].

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.