Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs(website): blog post about deploying to customer env #1452

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

docs(website): blog post about deploying to customer env #1452

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
da581e2
docs(website): add initial commit, still need to add images
jakepage91 Dec 11, 2024
5093696
docs(website): added images and made changes for first draft
jakepage91 Dec 11, 2024
54f5362
docs(website): updated the blog description
jakepage91 Dec 11, 2024
95d7fb5
docs(website): reworded a sentence
jakepage91 Dec 11, 2024
44f0bb3
docs(website): addressed Philips comments
jakepage91 Dec 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
183 changes: 183 additions & 0 deletions website/blog/2024-12-11-5-ways-vendors-can-succeed/index.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,183 @@
---
slug: 5-ways-to-succeed-without-access-to-customer-environments
title: "5 Ways Vendors Can Succeed Without Access to Customer Environments"
description: Software vendors don't have it easy, especially when trying to serve their on-prem customers, here are 5 tips that are sure to help.
authors: [ jpage, pmig ]
tags: [ On-Premises, ISV, Software Distribution Platform ]
image: https://github.com/user-attachments/assets/789b7bc4-b507-4c38-8e11-27d4dc61b8ef
---
import DefaultCTA from '@site/src/components/cta/DefaultCTA/defaultCTA';

![5-ways thumbnail](https://github.com/user-attachments/assets/789b7bc4-b507-4c38-8e11-27d4dc61b8ef)

In recent years, companies of all sizes have faced a wave of new regulations and compliance demands, reshaping the landscape of software procurement. Enterprises customers now face heightened scrutiny over the tools they integrate, with each new application needing to meet strict security, regulatory, and data protection standards. It’s no longer just about onboarding any awl technology in-house, it’s about ensuring that every new piece of software can withstand regulatory scrutiny.

<!-- truncate -->

<DefaultCTA />

For [Independent Software Vendors (ISVs)](/glossary/isv-meaning/), this shift means the days of simply convincing a single decision-maker with a product demo and only needing a credit card number are gone. Today’s enterprise customers have to deal with internal controls, legal reviews, and compliance checks before they can approve any new software. As a vendor, understanding exactly in which ways their end-customers hands are tied and preparing for their specific constraints is crucial if you want to sell software they can actually adopt.

In industries like healthcare, banking, and government, customers can’t just [hand over a credit card](/glossary/saas-definition/) and grant access to their infrastructure. Vednor have to offer a more thoughtful approach to software delivery.

So, what’s the takeaway? You don’t need to obsess over your customers—you just need to understand them. Recognizing their restrictions, the environments they host software in, and how you can make self-hosting easier is key.

Let’s explore five ways software vendors can succeed without direct access to their end-customers’ environments.

## 1\. Build Software that is “On-Prem Ready”

![On-prem ready software](https://github.com/user-attachments/assets/43c37646-9c33-4591-9cb9-5d100429ffe7)

The first key consideration to keep in mind is that you have to build software that, for lack of a better way of putting it, is “[on-prem ready](/glossary/on-premises-definition/)". End-customer’s should not be expected to have more than the minimal knowledge of how your software works, they should be given a set of installation steps to get up and running that simply work. Beyond installation, your software must be architected for easy updates, seamless rollbacks, and compliance with modern safety, performance, and reliability standards. Let’s break down what “on-prem ready” entails and the components that make it possible.

So how can this be achieved:

### Consistent versioning

A consistent, and what many consider to be a software versioning best practice is to use a method like Semantic Versioning (SemVer), which has intuitive and inherently encoded information that helps customers understand what to expect with each release. Use the MAJOR.MINOR.PATCH format to communicate changes clearly:

- **Major** for breaking changes.
- **Minor** for new features.
- **Patch** for bug fixes.


### Well-Packaged Solutions

Examples across varied environments of optimized packaging prepared for each potential target:

- Use **multi-architecture Docker images** to support diverse systems.
- Provide **metadata-rich Helm charts** with versioning and repository links for transparency.
jakepage91 marked this conversation as resolved.
Show resolved Hide resolved
- Create clear templates for common deployment scenarios to minimize setup time.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would rather call them examples in a documentation?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You would call what exactly "examples"? I didn't fully get it


### Cloud-Native Portability

Portability as mentioned before is hugely beneficial as application might be dynamic and change environmnets over time, consider adopting the principles of the 12-Factor App to enhance adaptability across environments, some useful tips are to:

- Externalize configurations using environment variables.
- Treat backing services like databases as replaceable resources.
- Offer deployment methods compatible with VMs, bare-metal, and Kubernetes.


### SBOM (Software Bill of Materials)

Security is paramount in on-prem environments and any environment for that matter. So, generate an SBOM during building your application in your CI/CD pipeline to:

- Document dependencies and licensing for compliance.
- Identify vulnerabilities through automated CVE scans.
- Build trust by providing customers with transparent software component details.

### Secure Base Images

Have security in mind a the deepest base level of your software. Start with secure, minimal base images:

- Use **distroless images** to reduce attack surfaces.
- Apply **cryptographic signatures** to ensure image integrity.
- Regularly scan images for vulnerabilities and host them in trusted registries.


## 2\. Perform Deployment Target Validations

![Deployment target validations](https://github.com/user-attachments/assets/cdaab8a5-37c9-40e2-a29e-7149766db6b8)

What makes a sommelier such a valuable resource at a restaurant? When they stand at your table, describing the rolling hills of Tuscany or the ancient open-air vats of Georgian natural wine producers, they’re speaking from experience. That’s why you’re willing to pay for their expertise: they’ve tested what they’re recommending so you don’t have to.

This is exactly the role software vendors must play when it comes to deployment targets. As an Independent Software Vendor (ISV), you need to know, from hands-on experience, how your software behaves in a variety of environments and platforms. If an end user asks, “Can I run your software on this version of Kubernetes, these operating systems, or my niche regional cloud provider?” you must be able to confidently say, “Yes,” because you’ve already done the groundwork.

### How to Ensure Deployment Readiness

To provide this level of assurance, ISVs need to rigorously test their software across diverse deployment targets. Here’s how to approach it:

- **Build Sophisticated Pre-Flight Checks**
Pre-flight checks validate whether the target environment meets the necessary requirements for your software to run. These automated checks can verify resource availability, version compatibility, and other critical dependencies before deployment begins, reducing the likelihood of failures.
- **Simulate Real Target Environments with IaC tools**
Tools like Pulumi or Terraform can be used to create infrastructure simulations that mimic customer environments. These Infrastructure as Code (IaC) templates allow you to test your software in controlled replicas of varied environments, ensuring compatibility across different configurations.


## 3\. Simplify Licensing

![Licensing](https://github.com/user-attachments/assets/325b4937-fc0d-45f5-b065-8470365a1b08)

Licensing is the mechanism through which vendors control the access and define the feature set of the software that is sold to end-customers. A well-designed licensing system codifies software contracts and integrates seamlessly with the application, often via a license server during startup or runtime. For on-premises deployments, this system has to account for the fact that vendors won’t have direct access to the end customer’s environment. This makes it essential for licensing to be built-in, unobtrusive, and highly targeted.

### Two Primary Approaches to Licensing

1. **Simple On/Off Licensing**:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Often by giving access to the container registry

This straightforward approach uses a license key to activate or deactivate an entire deployment or by simply giving access to a private container registry. While it’s easy to implement and manage, it offers limited flexibility. Essentially, the license acts as a switch, either granting or denying access to the entire application.

2. **Feature-Flag Licensing**:
This approach uses a more granular licensing system, where individual features within an application deployment can be unlocked or restricted via feature flags, this method also allows for dynamic pricing based on users, data usage or storage. While this method provides greater flexibility to tailor features to customer needs, it requires more effort to implement and maintain due to the complexity of managing feature states and dependencies. 


### Licensing as a Tool for Insights

The right licensing mechanism can go beyond access control, offering valuable insights into software usage. By incorporating usage tracking and reporting into the licensing process, vendors can monitor adoption patterns, identify opportunities for contract expansion, and address overages during renewal cycles.

- **For vendors:**
While licensing dashboards may seem unnecessary for vendors with only a few on-prem customers, they become incredibly valuable as the customer base grows. These dashboards can track contract expirations, monitor enabled features, and help identify potential infractions.
- **For end customers:**
Detailed usage reports allow customers to visualize their software utilization, helping them avoid contract violations and better plan for future needs. This transparency fosters trust and encourages smoother renewals or expansions.


## 4\. Provide Unified Installers and Self-Service Updates

Just as a parent might lay out their child’s clothes and pack their backpack the night before to simplify the morning routine, software vendors have to offer the same level of simplification to their end-customers by eliminating unnecessary decisions. This principle lies at the heart of serving on-prem customers: simplifying critical processes like installation and updates.

These are processes that can be completely bespoke and will always be dictated by how you have previously architected your software, having said that, there is a lot vendors can do to guarantee that these two crucial steps are reliable, predictable and not prone to error. Unified installers and lightweight agent-based components play a crucial role in this, forming the foundation for a seamless software lifecycle.

### Installers and Lightweight Agents

Unified installers, or installer components, are vendor-provided tools installed in the end customer’s environment to assist with deploying and managing the vendor’s software. Think of them like a trusted chaperone on a school trip: someone who ensures the kid gets on the bus (handles installation errors), looks after them if they’re feeling sick (manages drift detection), and keeps track of updates (this is where the metaphor starts to wobble—but you get the idea). Unified installers act as reliable intermediaries, ensuring the smooth operation and lifecycle management of the vendor’s software in the customer’s environment.

Incorporating lightweight agent-based components into these installers can further enhance functionality without overburdening customer systems. These agents can:

- Monitor performance and resource usage.
- Facilitate automated updates or patches.
- Provide feedback about the environment, enabling proactive issue detection and resolution.


These components can help be a proxy for vendor processes that ensure the smooth and successful lifecycle, starting with installation, of the vendor’s software in the end-customers environment.

### Self-Service updates

Once the software is installed, the inevitable need for routine updates will arise at some point. It’s on the vendor to ensure that end-customers are properly notified when updates are available and that these updates are delivered in a safe and reliable way. Since vendors lack direct access to customer environments, their role is limited to providing updates that are easy to apply and designed with safety in mind. Ultimately, it’s the end-customers who decide when and how updates will occur.

Initially, customers may be reluctant to update their software too often. They know all too well that changes to a stable system are when outages are most likely to happen. However, vendors can overcome this reluctance over time by building trust. Delivering a consistently smooth and reliable self-update process reassures customers, demonstrating that updates won’t compromise their systems but instead enhance their stability and performance.

## 5\. Focus on High-Quality Communication

![Communication](https://github.com/user-attachments/assets/b952526a-fe7b-4256-858b-8f2f3b666d82)

When vendors are dealing with end-customers who are not at liberty to grant access to their infrastructure. You must be able to build out or leverage software delivery platforms that bridge the gap between you and them. “Bridging the gap“ is a saying at times admitadely overused, but really what are we referring to? We are talking about processes and platforms that are conducive to one thing, **clear communication**.
Communication, just to clarify isn’t only jumping on a call and chatting directly to each other. If it were that simple, exchanging phone numbers would solve all your problems. Here are the elements I believe lead to truly effective communication with end-customers:

- **Establish clear collaboration channels:** Define how you and your customers will work together, ensuring everyone knows where and how to share feedback or report issues.
- **Expose health endpoints:** Provide software with health endpoints that both the vendor and customer can monitor, ensuring everyone operates with the same base data.
- **Share key metrics and logs:** If possible and always with the consent of the end customer, implement processes to expose or share non-sensitive but essential metrics or logs, enabling more effective troubleshooting when errors occur.
- **Deliver thorough documentation:** Offer well-organized, easily accessible, and comprehensive documentation to reduce ambiguity and save time.
- **Check in routinely:** Schedule regular usage, performance, and satisfaction check-ins to identify what can be improved to enhance customer success and satisfaction.

Of course, there are many other ways to improve communication with end-customers. Remember that one of the very first things we mentioned in this piece is the unescapable base requirement of understanding your customer. As time goes by, customer needs change and previously reached understanding might need updating. The only way to achieve it is by being commited to high-quality communication and treat it as if it was a feature of your product.

## Common Pitfalls: Things to Avoid When Applying These Methods

1. **Neglecting Thorough Deployment Testing**
Insufficient validation of deployment targets can lead to compatibility issues, unexpected failures, and frustrated customers. Not testing enough or not testing the right way can hugely impact your customer trust
2. **Failing to Address Security and Compliance**
Overlooking essential components like SBOMs, secure base images, or compliance with industry standards can lead to vulnerabilities, compliance issues. If your software ever becomes a vulnerability source in a customer controlled environment, a churn is surely on the horizon.
3. **Lack of Visibility into Software Health**
Without exposing health endpoints or sharing relevant logs, troubleshooting becomes exponentially more challenging for both vendors and customers, nobody want to be on an on-call bridge for longer than strictly needed.
4. **Ignoring Customer Feedback and Evolving Needs**
Customer requirements and environments change over time. Failing to adapt to these shifts by not engaging in regular feedback loops risks misalignment with customer priorities.
5. **Overloading Software with Dependencies**
Relying on too many external components or locking into opinionated third-party services can make deployments brittle and harder to support, especially in diverse environments.


## Conclusion

As you can probably tell from everything covered above, there’s no silver bullet or golden framework that fits every on-premises customer. Getting the delicate and synchronized dance between an ISV and their end-customers right, requires a process that’s carefully tailored to the specifics of your software and the unique needs of the customers you serve.

It all starts with building software designed with [on-prem readiness](/glossary/self-managed-software/) in mind. Simply lifting and shifting a SaaS offering to an on-premises customer isn’t a viable option in almost any case. Instead, by starting with a solid foundation of portable software, tested to run in diverse environments, and built with security, compliance, installation infrastructure, and updates as core considerations, you set yourself and your customers up for success.

When you get it right be it by building the internal processes individually or by leveraging a software delivery management software like [Glasskube cloud](/), serving your on-prem customers doesn’t just become manageable, it might even open doors to new deployment methods and help you grow your business. And really, who wouldn’t want that?

<DefaultCTA />
Loading