Context
I'm working on a bunch of python scripts that spin up a FastAPI server for my startup, as a requirement for our services. This server initialises a Supabase SDK client to do some very specific operations.
This server needs to be distributed to all our clients only when they have purchased a subscription for our service. Not only that, we also need to be able to terminate the server in some way when the client's payment has not gone through.
Just a note that this server will either be run on an existing machine on our client's property, or we would ship a device to plug into the wall to run this server.
Another problem we're going through is that these servers use Computer Vision models for a specific reason, and to reduce costs on our side (and reduce the price of our service) we were thinking that, instead of creating inference endpoints somewhere in the cloud, there could be a way to have the models themselves stay within the server code, but have a way to isolate them or encrypt them so the clients (or external entities) could not take advantage of them.
Main Questions
- In what ways could we distribute this server, and all the code associated with it, to all our clients, achieving the following:
- Server only distributed after purchasing a subscription, and server terminated or deleted completely after a subscription payment has not gone through;
- Able to update the server's code whenever we release an update;
- How could we have our Computer Vision models on premise in these servers, without compromising or exposing our models to external entities or our clients?
Solutions tried
Main Question 1
I've tried creating a Docker container with all the code to later distribute with Docker Swarm and such, but this server needs to have access to the machine's network and do some other things within it, and although I've managed to get it somewhat working, some features just don't seem to be supported, so i'm looking for other ways.
Thought of maybe packaging it in PyPi, or simply sending a .zip, with a license key that we would later map to each client in order to remove access to the Supabase as needed, but the client would still have the code, and would still be able to access the models within it.
Main Question 2
I've tried Google AI Vertex and Beam to deploy our models and expose inference endpoints, but we'll probably need some models to be running 24/7, and the costs for that are really high.
Context
I'm working on a bunch of python scripts that spin up a FastAPI server for my startup, as a requirement for our services. This server initialises a Supabase SDK client to do some very specific operations.
This server needs to be distributed to all our clients only when they have purchased a subscription for our service. Not only that, we also need to be able to terminate the server in some way when the client's payment has not gone through.
Just a note that this server will either be run on an existing machine on our client's property, or we would ship a device to plug into the wall to run this server.
Another problem we're going through is that these servers use Computer Vision models for a specific reason, and to reduce costs on our side (and reduce the price of our service) we were thinking that, instead of creating inference endpoints somewhere in the cloud, there could be a way to have the models themselves stay within the server code, but have a way to isolate them or encrypt them so the clients (or external entities) could not take advantage of them.
Main Questions
- In what ways could we distribute this server, and all the code associated with it, to all our clients, achieving the following:
- Server only distributed after purchasing a subscription, and server terminated or deleted completely after a subscription payment has not gone through;
- Able to update the server's code whenever we release an update;
- How could we have our Computer Vision models on premise in these servers, without compromising or exposing our models to external entities or our clients?
Solutions tried
Main Question 1
I've tried creating a Docker container with all the code to later distribute with Docker Swarm and such, but this server needs to have access to the machine's network and do some other things within it, and although I've managed to get it somewhat working, some features just don't seem to be supported, so i'm looking for other ways.
Thought of maybe packaging it in PyPi, or simply sending a .zip, with a license key that we would later map to each client in order to remove access to the Supabase as needed, but the client would still have the code, and would still be able to access the models within it.
Main Question 2
I've tried Google AI Vertex and Beam to deploy our models and expose inference endpoints, but we'll probably need some models to be running 24/7, and the costs for that are really high.
Share Improve this question asked Nov 18, 2024 at 18:52 MaoaiiMaoaii 296 bronze badges 1- RE "without compromising or exposing our models" How robust does the protection need to be? The moment you give someone your software to run on infrastructure they have access to, you're limited in what protections you can implement. – Adrian K Commented Nov 22, 2024 at 0:28
1 Answer
Reset to default 0In what ways could we distribute this server, and all the code associated with it, to all our clients, achieving the following:
Server only distributed after purchasing a subscription, and server terminated or deleted completely after a subscription payment has not gone through;
You can control when and how subscribers get access to your application e.g. download after purchase, etc - and you can offer more than one packaging and deployment option - but you won't have the same level of control for revoking - once it's on someone else's network you have limited control.
You could add a "Phone Home" API call back to an API you host, that disables the application if PhoneHome: SubscriberStatus = UnPaid
You could add further and more drastic functionality - like deleting internal system data if that happens in 3 consecutive payment cycles or whatever.
You could also have your application take actions to protect itself if it is unable to make the API calls successfully.
All of this assumes the client cannot access your application's code to re-write it, or fake API responses so that your app thinks it's phoning home successfully.
Able to update the server's code whenever we release an update;
I have no idea how to do that in practice, never done it. I would imagine there's good information online about strategies for doing that, even if they aren't Python specific.