tags:

views:

200

answers:

4
+3  Q: 

business model: selling virtual machine image

I have a software that is pretty complex in the sense that it uses a lot of interacting processes, os daemons, services, etc.

So I think the most sensible way of distributing it would be as a virtual machine image, otherwise the installation in an arbitrary machine would be too complex.

What are the pros and cons of such a model?

What is the security of distributing a virtual machine image? Say that I don't give root access and there is no ssh or any kind of login and the only interface is the one provided by my software. To what extent is it possible to hack and reverse engineer a vm image?

What would the licensing fees be vis a vis vmware, xen or alternatives (are there any?).

+1  A: 

At least the support costs will be (hopefully) minimized.

swegi  2009-07-07 15:30:37
+3  A: 

Sounds like a classical VM appliance. I have one I did for exactly the same reasons you did. If there are any platforms where the VM vendor charges to distribute appliances, I've never heard of them.

Reverse engineering is simple, and it's a variation of the same process used for offline repair and maintenance. In Xen, I can mount the virtual disk and access it as a subtree of the host machine's filesystem, so each and every file in the VM is visible. In VMWare, I'd probably boot a DR OS against the virtual disk.

Tim H  2009-07-07 15:39:02
thanks Tim. another question: can the disk be easily inspected while running? or only in its initial state?
flybywire  2009-07-07 15:56:01
Well, in the sense that you can inspect the tires on a car while it's running down the Interstate, you can. However, it's a lot easier when your target isn't moving.For the most part, any disk inspections I do while a VM is actually operating I do by looging into the VM's OS as a remote user. Or in Xen, via xm console attach. That is, I look at the disk from the inside using the guest OS's own filesystem facilities.
Tim H  2009-07-08 17:16:28
+4  A: 

Reverse Engineering: Anything you distribute can be reverse engineered. Anything. A friend of mine refuses to use Java or Perl because they're "interpreted" and hence insecure. Whatever. The reality is, people will be able to take that VM image, and dissect it, and even modify it. You, however, have to make it wasteful to do so - to make their continuing to come to you valuable. Provide fixes, updates, proactive security monitoring.

Success stories: I've had many success stories deploying complex software on VM appliances. I've used many such appliances in my day. At home, I keep one for my source code repositories, and one I built is a nearly exact replica of my webhosting setup at my hosting provider. It let's me build a staging environment that almost perfectly mimics my fairly restricted hosting environment. I do this for all my clients, and know that if they choose to stop using my services, I can support them by giving them a complete copy of all their work.

Worry less about the "theivery," worry more about solving your clients problems. Simply bundle the price of a few extra licenses into your support costs. Give them a progressive plan, for base cost of $xxxx, and a support cost of 35% of $xxxx they get unlimited licensing.

Make sure you have BRAINDEAD ways of updating and patching the appliance to keep your costs low.

Chris Kaminski  2009-07-07 15:52:14
You don't need to worry about license costs anymore. Linux has a hypervisor build in as of Linux 2.6.0 called kvm (Kernel Based Virtual Machine)
Evan Plaice  2010-06-23 03:20:05
+1  A: 

A major con for me, today, would be having to own the VM hypervisor software. But if you're selling to people who can trivially obtain the hypervisor, I don't see that there would be any difficulty.

Paul Nathan  2009-07-07 15:57:04
Every x86 virtualization vendor currently out there ships a free version of their Hypervisor in some fashion (except Microsoft, and VMware for the Mac). This is really a non-concern today.
Chris Kaminski  2009-07-07 17:00:39

related questions

VMWare Server: Best way to backup images
Get two linux boxes talking over a serial port
How do you convert a physical machine into a virtual machine image for use in MS Virtual Server or Hyper-V?
Convert Parallels VM to Virtual PC 2007 VM
Replacing Virtual PC/Server with VMWare Fusion/Server for Development Environments
Technical issues when switching to an unmanaged Virtual Private Server (VPS) hosting provider?
C#: Create a virtual drive in Computer
.NET Development on a Mac Tips
Enabled Brigded Network in Vmware Server
How to identify that you're running under a VM?
Is it possible to run OSX in a virtual machine?
VMware or Hyper-V for Developers
VMWare Tools for Ubuntu Hardy
Software Deployment in a Virtual Environment
Mac Virtualization: VM Ware Fusion or Parallels
Expanding Virtual Disk
VirtualBox from an existing partition
Virtual Mac?
Determine if my PC supports HW Virtualization
Do you use virtualized desktops for legacy/seldom used applications?
Pay for vmware or use Open Source?
How can I create virtual machines as part of a build process using MSBuild and MS Virtual Server and/or Hyper-V Server Virtualization?
What kind of servers did you virtualize lately?
Automating VMWare or VirtualPC
Xen - Can't get a Console to VMs