demo: add enterprise license that automatically applies to cockroach demo #40222
Comments
jordanlewis
added
the
C-enhancement
|
We have to make sure that users can't apply this license to other clusters -- its easy to see the current cluster license using |
Fixes cockroachdb#40222. Release note (cli change): cockroach demo tries to get a temporary enterprise license upon startup.
Fixes cockroachdb#40222. Release note (cli change): cockroach demo tries to get a temporary enterprise license upon startup.
Fixes cockroachdb#40222. Release note (cli change): cockroach demo tries to get a temporary enterprise license upon startup.
This is security by obfuscation. It's trivial to modify the cockroach program to print out the license anyway. |
|
@jordanlewis thank you for having a separate conversation, given that I am also having a separate conversation of my own about this with @dt . It would help all the parties involved to ensure their separate conversations are put in writing and recorded for review in the issue description. (I will do my own part of this homework shortly). |
|
Here's my separate conversation:
|
|
I do think we want telemetry from Cockroach Demo--I think it will be invaluable information |
We can do so by enabling telemetry the regular way (and this does not require an enterprise license, so it's a separate conversation). We can easily recognize telemetry from a |
|
My preference is for approach 4, as implemented in this patch, but I think the concerns @knz raises about respecting users' wishes w.r.t. their software talking to things are important to address if we do go with this approach. As for why I like the approach: I like it being a real license that is installed and acts just like any other. Now it seems like what is left to decide is where it comes from: a constant, local generation or requested from cockroach labs. I have a slight preference to the latter: I see a license as something one gets from Cockroach Labs, either in the case of enterprise by signing a contract or in the case of trails and evaluation by just asking for one (via the website, API, email, etc). By asking via a network request each time, we can a) change our mind later about if/what we return there (changing the type/term/etc) and b) maintain the property that licenses are things that Cockroach Labs makes and distributes, which means we know how many licenses we've given out / how many licensed clusters there are. So yes, there is sort of a telemetry component to doing it this way, but of all the telemetry things, this seems pretty reasonable to me: A license is an relationship with Cockroach Labs, so having it come from Cockroach Labs, and having Cockroach Labs know about it, doesn't seem all that unreasonable. HOWEVER, that said, like any "phone home" thing, it is critical that we a) document when/what we do and then b) give users control over what we do. In 20.1 the plan is to have license acquisition wrapped in some form of interactive flow that can be explicit about what it is doing. For now though, the more limited goal is just to make Wha I think is is needed to make the approach in this change work is a) documenting that it will do this and b) how to disable it. We already have precedent for this: our normal anonymous telemetry collection works this way. IMO, checking the same env var that disables that telemetry collection to skip this process would address most of this concern, as it'd mean that this new feature does not materially change the existing behavior w.r.t when we make network requests. |
|
I'm sensitive to the "a license is a contract so it's important CRL remains actual party to contracts established in its name by a tool automatically" so I don't have fundamental objections to the idea to use a lic server. However the opt-out and clear documentation about data retention is still a pre. |
|
There's an alternative as well: a license is a contract but the license key is not the only way to establish such a contract. CRL could establish this contract upfront (eg via the web site) with a special-purpoose license saying "enterprise features are also granted implicitly to every user of the (and then automatically enable enterprise features, under the terms of that blanket license, via a boolean triggered by If we operate this way:
|
|
@knz Telemetry reporting is already on-by-default and disabled, if desired, via an env var. As long as the approach taken in this patch is extended to respect that same env var, I don't see this as significantly changing the expectations and behavior w.r.t. if we make network requests to Cockroach Labs. |
Are you sure? IIRC |
|
If that is the case, that sounds like an oversight, not feature? |
|
I agree that'd be an oversight. Let me check quickly. |
|
Ok so I was right (and you're right it's an oversight), the update and reg loop is enabled in // Start up the update check loop.
// We don't do this in (*server.Server).Start() because we don't want it
// in tests.
if !envutil.EnvOrDefaultBool("COCKROACH_SKIP_UPDATE_CHECK", false) {
s.PeriodicallyCheckForUpdates(ctx)
}I gladly propose including this code in |
|
👍 thanks for confirming. We can follow up on that separately, but I think what is important is that assuming that demo has the standard telemetry behavior w.r.t when it is enabled and how to disable it, if the automatic license acquisition code respects the same knob, then I don't think it materially changes the "phone-home" situation: we document what it does by default and we point to how to change it. |
|
I agree that, assuming we choose a license server, the right thing to do will be to place that activation behind the same logic as the telemetry. I'm still a bit annoyed at the idea to make |
Eh, I think that is a bit of an exaggeration: it is just as effective as it is today. And indeed, the |
|
I think we want cockroach demo to be usable offline with enterprise license--the whole point is to make this easy for developers to see and try features out? What is easy about these proposed solutions? |
oh I had not envisioned this alternative. That's actually pretty clever. Maybe it could be possible to include this idea into the warning messaage printed out if the HTTP conn to the lic server fails? |
|
(I would even suggest printing this message even when the check succeeds, to inform the user "they can make their enterprise feature also available offline by requesting a trial key") |
|
Responding to @awoods187
As suggested by David this is possible by requesting a trial license separately and installing it manually in the demo cluster using the
The proposed design (license server) would make enterprise features available automatically for users who use the command online, and available manually for offline users by requesting a trial license separately. I think it may be worth prototyping this design and then evaluating its UX with some users (and some PM acceptance testing) to verify that it "works" and is easy enough. p.s. Of course the acceptance testing would also verify that we provide the opt-out flag, links to data policy etc. |
|
I feel like we're a bit in the weeds here. We plan to do something more ambitious in 20.1 -- current ideas include an interactive flow, and are not limited to This change as-is now, with the addition of a check to obey the stated preferences w.r.t. phoning home, gets us basically there. There are edge cases, like offline users, that it doesn't apply to, but I think it is important to note that they are no worse off than today. If you don't get an automatic license, you have have the same options you have today: you'll get an error about needing a license, the error already points you to the website, and you can install a license by hand just the same. IMO that is fine -- adding more messages / warning / etc should all be pushed to the 20.1 scoped project. EDIT: I missed that this moved off the PR, so to clarify, here/above, when I mentioned "this patch" or "this change" I meant #40273. |
|
No more comment on rationale from me. Just a request that the more salient arguments here (and the things deliberately left out of scope) be mentioned on the eventual commit message. |
There is a wider discussion/design going on to serve licenses in a more general way in the future, so this commit is not aiming for a future-proof design, but instead an MVP to allow users to demo enterprise features within `cockroach demo`. We are not concerned about offline usage of enterprise features as users can obtain a license and enable features manually using SET. Fixes cockroachdb#40222. Release note (cli change): cockroach demo attempts to contact a license server to obtain a temporary license. cockroach demo now enables telemetry for the demo cluster. This feature can be opted out of by setting the `COCKROACH_SKIP_UPDATE_CHECK` environment variable (https://www.cockroachlabs.com/docs/stable/diagnostics-reporting.html).
There is a wider discussion/design going on to serve licenses in a more general way in the future, so this commit is not aiming for a future-proof design, but instead an MVP to allow users to demo enterprise features within `cockroach demo`. We are not concerned about offline usage of enterprise features as users can obtain a license and enable features manually using SET. Fixes cockroachdb#40222. Release note (cli change): cockroach demo attempts to contact a license server to obtain a temporary license. cockroach demo now enables telemetry for the demo cluster. This feature can be opted out of by setting the `COCKROACH_SKIP_ENABLING_DIAGNOSTIC_REPORTING` environment variable (https://www.cockroachlabs.com/docs/stable/diagnostics-reporting.html).
There is a wider discussion/design going on to serve licenses in a more general way in the future, so this commit is not aiming for a future-proof design, but instead an MVP to allow users to demo enterprise features within `cockroach demo`. We are not concerned about offline usage of enterprise features as users can obtain a license and enable features manually using SET. Fixes cockroachdb#40222. Release note (cli change): cockroach demo attempts to contact a license server to obtain a temporary license. cockroach demo now enables telemetry for the demo cluster. This feature can be opted out of by setting the `COCKROACH_SKIP_ENABLING_DIAGNOSTIC_REPORTING` environment variable (https://www.cockroachlabs.com/docs/stable/diagnostics-reporting.html).
40273: demo: cockroach demo attempts to obtain a temporary license upon startup and enables telemetry r=rohany a=rohany There is a wider discussion/design going on to serve licenses in a more general way in the future, so this commit is not aiming for a future-proof design, but instead an MVP to allow users to demo enterprise features within `cockroach demo`. We are not concerned about offline usage of enterprise features as users can obtain a license and enable features manually using SET. Fixes #40222. Release note (cli change): cockroach demo attempts to contact a license server to obtain a temporary license. cockroach demo now enables telemetry for the demo cluster. This feature can be opted out of by setting the `COCKROACH_SKIP_ENABLING_DIAGNOSTIC_REPORTING` environment variable (https://www.cockroachlabs.com/docs/stable/diagnostics-reporting.html). Co-authored-by: Rohan Yadav <rohany@alumni.cmu.edu>
There is a wider discussion/design going on to serve licenses in a more general way in the future, so this commit is not aiming for a future-proof design, but instead an MVP to allow users to demo enterprise features within `cockroach demo`. We are not concerned about offline usage of enterprise features as users can obtain a license and enable features manually using SET. Fixes cockroachdb#40222. Release note (cli change): cockroach demo attempts to contact a license server to obtain a temporary license. cockroach demo now enables telemetry for the demo cluster. This feature can be opted out of by setting the `COCKROACH_SKIP_ENABLING_DIAGNOSTIC_REPORTING` environment variable (https://www.cockroachlabs.com/docs/stable/diagnostics-reporting.html).
There is a wider discussion/design going on to serve licenses in a more general way in the future, so this commit is not aiming for a future-proof design, but instead an MVP to allow users to demo enterprise features within `cockroach demo`. We are not concerned about offline usage of enterprise features as users can obtain a license and enable features manually using SET. Fixes cockroachdb#40222. Release note (cli change): cockroach demo attempts to contact a license server to obtain a temporary license. cockroach demo now enables telemetry for the demo cluster. This feature can be opted out of by setting the `COCKROACH_SKIP_ENABLING_DIAGNOSTIC_REPORTING` environment variable (https://www.cockroachlabs.com/docs/stable/diagnostics-reporting.html).
There is a wider discussion/design going on to serve licenses in a more general way in the future, so this commit is not aiming for a future-proof design, but instead an MVP to allow users to demo enterprise features within `cockroach demo`. We are not concerned about offline usage of enterprise features as users can obtain a license and enable features manually using SET. Fixes cockroachdb#40222. Release note (cli change): cockroach demo attempts to contact a license server to obtain a temporary license. cockroach demo now enables telemetry for the demo cluster. This feature can be opted out of by setting the `COCKROACH_SKIP_ENABLING_DIAGNOSTIC_REPORTING` environment variable (https://www.cockroachlabs.com/docs/stable/diagnostics-reporting.html).
Users shouldn't have to actually have a license to be able to use the enterprise features in
cockroach demo.The text was updated successfully, but these errors were encountered: