BlueSkyClouds

To support floating Tracealyzer licenses, where a group of developers share a number of licenses, Percepio offers the License Manager (Percepio LM). LM is a server application that customers install on a Windows or Linux machine in their own network. It is very light weight and does not require many resources, but configuration and maintenance are still a burden on customers. And in many organizations, IT departments erect all kinds of barriers around installing administrative services on machines.

With the sorts of problems that developers in larger organizations have with their IT department and all processes surrounding it, we got the question from a customer if we could host the license server for them. And we thought – why not? That sounds like a good idea.

Run it in the cloud

The initial approach was to consider running the license server on a virtual machine (EC2 instance) in the AWS cloud. We knew the server only needed to be able to accept a handful requests per second, and often with minutes between reoccurring requests, so it would not require a powerful machine. However, the license server is intended for running on internal LANs, and not to be accessed from anywhere on the planet, so it provides very little security on its own.

We could obviously rewrite the server application to add traffic encryption, authorization, and user authentication but we took another, quicker, route: building upon some of the other services that AWS provides. Once we had set up an AWS frontend to handle the security-related issues, we revisited the server application and ended up porting it to .NET Core (from our current .NET Framework implementation) to run as a Lambda script – the perfect choice, given the expected traffic pattern with only sporadic requests.

The result is the Percepio License Service, currently available with AWS as the service backend. We have pilot customers using the service now and going forward it will be available as an add-on for all customers buying floating Tracealyzer licenses.

User Handling

Since AWS supports reliable user authentication and very fine-grained user authorization, we could quickly set up the customer’s users in our AWS account and give them the precise, limited access they need to call the Percepio License Service gateway. Our set up ensures that different customers use completely different resources, so there is no way for customer A to accidentally get a license from customer B.

By Joel