VyOS cloud support platform strategy
Posted 22 Nov, 2017 by Daniil Baturin
Recently we have merged the old VyOS product on Amazon (which was free as in price) with the new one listed by Sentrium (reminder: the company setup by VyOS maintainers to provide commercial services for VyOS) that is available at ~$60/year as a means to support the project. It’s probably a good time to talk about our cloud platform support strategy.
It’s quite obvious that cloud platforms are popular, and that VyOS is often used as an alternative to their own VPN and routing facilities or proprietary products, because of both functionality and price. So far we’ve been providing our official EC2 AMI for free. This approach is not exactly sustainable since we ourselves do not benefit from it in any way, but the support level required of an AMI listed on the marketplace creates work that has to be done, and so far (past the initial contribution of the person who wrote the first AMI build scripts) it has been done solely by the maintainers.
And, let’s face it, VyOS needs funding sources. There are many activities that get virtually no community participation, including documentation writing, code refactoring, developing automated tests and so on. We are grateful to everyone who contributes, but that’s not enough to keep VyOS as a service provider and enterprise quality router. Migration to Jessie was the point when making an enterprise quality router OS by few people in spare time stopped scaling, and now, at least until we refactor the whole system to be easy to maintain and extend, either it's going to take a very long time to get done or we need a way to free the time of the maintainers and hire some community members (or someone else) to get it done at reasonable pace.
Some companies mentioned a possibility of corporate sponsorships but those offers failed to materialize, donations likewise have been enough only to pay for domains and some hosting. Switching to a RedHat-like model with paid access to LTS releases is something that we are considering, but not until a stable 1.2.0 release is made. As for now, an alternative revenue stream is needed to break the cycle, and making the official cloud images paid looks like the most viable option. This wasn't an easy decision, but it had to be made.
We've been keeping both the old (free as in price) 1.1.0 listing and new paid listing updated to 1.1.8 active for a while and so far the new one has been positively received and is already bringing us a small profit. We hope most of the old AMI users will choose to support the project as well, but if not, you have time until February 2018 to migrate your setup to self-built or community AMIs.
VyOS will remain free as in freedom forever — the goal of the project was and is to make a free and open source router that people can study and modify. It will always be possible to build a cloud image yourself and use it for free. While we hope most cloud users who run unmodified images will choose to support the project, trying to prevent people from building their own image would be against the free software ideals. We are also not going to hide the build scripts we use for building the official images, so self-built images will be identical to the official ones — without the convenience of deploying them in one click from the marketplace.
The AMI build scripts for 1.1.x can be found at https://github.com/vyos/build-ami
The build process is fairly straightforward and boils down to "./build-ami $isoURL". Right now it only takes signed releases and ourselves we test new images by upgrading already deployed instances to them, but we may add an option to allow building AMIs from unsigned images in the future.
Free access for contributors
The point of the whole deal is not just to make money for the maintainers, it's to make VyOS a better system and people who support VyOS by contributing to it are equally valuable as people who support it financially by using the paid images.
Everyone who had merged pull requests before this time or made substantial contribution to the documentation, automatically qualifies. New contributors who contribute to high priority areas (particularly, fix bugs in 1.2.0 and/or document the yet undocumented features) will also get free access. Active evangelists may also quality.
Currently on the AWS, the base price is set to the minimum possible value of $0.01/hour (or ~$60/year). We expect to follow the same pattern on other cloud platforms, as we'd rather have more people support the project than make it affordable only for bigger companies.
We've compiled a comparison of prices and features of different virtual routers available on the AWS marketplace now to show where VyOS stands in the price/features ratio landscape. It includes products that are exactly routers (rather than SD-WAN or application security solutions) to make them directly comparable, and since the typical role of VyOS in the cloud is a VPN gateway, the focus is on VPN and routing features. Features are considered supported if they can be configured through the default configuration interface, whether out of the box or after installing a plugin in an officially supported way (i.e. without installing packages and editing daemon configs by hand). If we've got anything wrong about the features of other products, please correct us.
|Amazon gateway||From $400/year per instance if I got that right
|Cisco CSR 1000v||From $2300/year per instance|
|Juniper vMX||From $400/year per instance|
|pfSense||From $75/year per instance|
|Mikrotik RouterOS||From $45 per instance, perpetual|
|VyOS||From $64/year per instance|
|Product||IPsec site-to-site||VTI||DMVPN||OpenVPN client-server||OpenVPN site-to-site||VXLAN||L2TPv3||L2TP/IPsec||Dynamic routing|
|Amazon gateway||Yes||Yes||No||No||No||No||No||No||Yes (BGP)|
|Cisco CSR 1000v||Yes||Yes||Yes||No||No||No||Yes||Yes||Yes|
Future cloud platform support
We are planning to expand out presence to other major platforms, including Microsoft Azure, Google Cloud Platform, and Alibaba Cloud. Whereever cloud images can be built without human interaction, we are going to make image build scripts free and open source just like for EC2 and keeps the pricing similarly low to our AWS offer.
Also, we forgot to hide a t-shirts discount in the release post, so we are going to fix it here: https://teespring.com/stores/vyos?pr=GOAWS