Commentary: Though some seem nervous about money flowing into open source, the reality is money has long driven innovation and sustainability for open source.
Shouldn't we want more money in open source? Almost certainly, yes.
Many (many) years ago, open source represented the resistance: From Linux to the Apache HTTP Server, open source software offered a countercultural way to build great software. In the process, it created incredibly popular software, and money started to pour in to build companies and products around that software. Today, some seem to disparage or distrust that corporate imprint on open source, perhaps correctly stressing about how money will (mis)shape the communities that make open source projects thrive.
But while some caution is warranted, I'd argue that the benefits dramatically outweigh the negatives. If we're concerned about open source sustainability, as many are, then we should look for more and better ways to encourage the funding of that software.
SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)
Open source doesn't grow on trees
Open source is "a f—-ing lot of work," Matt Klein, the founder of the popular Envoy open source project, once told me. No one can afford to sit around, writing open source code all day–not without some sort of income. Talk to the maintainers of these open source projects and they'll tell you that funding a project is complicated and likely differs based on the innate characteristics of a given project, as well as its goals.
What's also clear from these conversations is just how grueling it can be to maintain a project. As enterprises consume more open source, they're also demanding more of those who write the code. Altruistic development often runs into the brick wall of finite resources and patience.
This is where companies can become useful.
In an interview, Hortonworks co-founder and Apache Software Foundation member Alan Gates put it this way:
"The reality in many open-source ecosystems already is that vendors offering commercial products based on open-source software tend to provide what are often referred to as downstream builds, which essentially roll together open-source releases along with any applicable bug fixes or security patches.
And that, in a way, relieves the open-source projects themselves from having to shoulder the full support burden. Should a security loophole be found in a piece of open-source software, customers who have a relationship with a vendor involved with that project are likely to turn to that vendor for a patched version of the software, primarily because they know they'll probably get patched software a lot quicker that way. In fact, that's the reason many organizations entered into contracts with these vendors in the first place."
Some like to criticize "VC-driven open source" as somehow killing the spirit of open source. As one who has spent much of my career working for such open source startups, I'm not sure I could disagree more with this sentiment. The vast majority of code that so-called "open source companies" create is open source. Everyone benefits from this. Yes, many of these companies will hold back some code (e.g., improved management or advanced security) to encourage users to become customers, but if the price for gargantuan quantities of open source code is a relatively tiny fraction of proprietary code, isn't that a very good thing?
SEE: Linux 101: What tech pros need to know (TechRepublic Premium)
This isn't to suggest every open source project must give birth to one or more companies vying to fund its development. For example, as Klein told me, "A bunch of people [told me] the only way to have the open source project become successful is if [I] started a company. Like, if [I] didn't start a company around it, no one would care." He refused to go that direction but, tellingly, did find a "corporate" home for Envoy within the Cloud Native Computing Foundation. In case you're wondering, the CNCF is funded by lots of big companies with lots of big wallets. Klein may not have built a company to fund Envoy development, but he did need companies to support it.
No, corporate influence on open source isn't perfect. But if we must choose between too much or too little money in open source, that feels like an easy choice to make.
Disclosure: I work for MongoDB, but the views expressed herein are mine alone.
- Here's a fix for open source supply chain attacks (TechRepublic)
- What Knative can tell you about the importance of marketing in open source (TechRepublic)
- Why cloud governance needs to be an open source affair (TechRepublic)
- Multicloud: A cheat sheet (TechRepublic)
- Linux, Android, and more open source tech coverage (TechRepublic on Flipboard)