The problems you're having with any node-locked licensing on VMs, and the solution to said problem is described here: https://wyday.com/limelm/help/vm-hypervisor-licensing/
>> "Now, I enforce checking the License every 0 (for VMs, 30 for real PC *) days on the Internet. I am trying to foresee what "loopholes" this may cause for those who want to cheat: (* 0 grace period)"
Well that doesn't really solve any problems. Cloned VMs will still validate. And VMs that are the same, but their fingerprint has changed (e.g. Amazon VMs) will still be seen as different devices.
The solution is to use TurboFloat.
In the near future we're adding a hosted TurboFloat Server version where you can give customers permission to spin-up instances of the TurboFloat Server on our infrastructure. I think that would be the best solution for you.