Begun the Source Wars Have

Last week on January 9th, AWS launched DocumentDB, a managed Database as a Service that uses the MongoDB API while competing directly with MongoDB’s own similar paid offering, MongoDB Atlas on the AWS Marketplace. This is only the latest development in a battle that’s been brewing for half a year between cloud providers and open source creators.

On August 22, 2018, the CTO of Redis Labs wrote:
“Cloud providers have been taking advantage of the open source community for years by selling (for hundreds of millions of dollars) cloud services based on open source code they didn’t develop (e.g. Docker, Spark, Hadoop, Redis, Elasticsearch and others). This discourages the community from investing in developing open source code, because any potential benefit goes to cloud providers rather than the code developer or their sponsor.”

Just a month ago, on December 14, 2018, the CEO of Confluent, makers of Apache Kafka, wrote:
“We’re changing the license for some of the components of Confluent Platform from Apache 2.0 to the Confluent Community License. This new license allows you to freely download, modify, and redistribute the code (very much like Apache 2.0 does), but it does not allow you to provide the software as a SaaS offering (e.g. KSQL-as-a-service).”

In both cases, Redis and Confluent are keeping their primary underlying open-source technologies (Redis and Kafka) licensed the same as they ever were. However, additional open-source tools they’ve built on and around those technologies are being moved to a more restrictive open-source license. Really only one thing has become more restrictive. They are specifically stating that cloud providers may not offer SaaS knockoffs of these add-ons.

It is fair to pause for a moment and wonder why? Isn’t the point of open-source software that anyone can use it freely? Yes and no, the nature of the word “free” is oft’ discussed in open source circles (more on this in a few paragraphs). Even beyond that, the intention here was that developers building their own tools and products could use these open-source technologies underneath them. For example, I could build a Twitter competitor and use MongoDB as the database. The intention was not that I could put a wrapper around MongoDB Community Edition and offer a competitor to MongoDB Enterprise.

Many commercial companies that develop open-source software offered at no cost also offer paid editions. For example, WordPress is built by Automattic, and while WordPress can be used without charge at WordPress.org, you can also pay Automattic for a hosted version at WordPress.com. Similarly, Docker offers Docker Enterprise Edition. MongoDB, Confluent, and Redis have their own paid versions of their products. Those three companies are all upset because cloud providers are not just using their technologies as part of a product, but offering them directly as managed services that compete with the company’s own paid product.

The problem and solution here are reminiscent of the copyleft movement and GNU license (GPL). Before GPL there was BSD, which is both a Unix-based operating system and an open-source license. As an open-source license it is permissive by today’s standards. That’s what allowed Apple to create macOS (previously OSX) and iOS, proprietary and closed software, as derivatives of an open-source OS.

Companies may not do the same to Linux, thanks to the GPL (GNU Public License), which allows derivative works to be created and sold, but they may not be closed-source. As with all copyleft licenses, derivative works from GNU software must carry the same license as the original work. If Apple had based macOS on Linux, they would have had to make macOS open-source. But since the BSD license was more permissive, they were able to get away with it.

By comparison, RHEL (Red Hat Enterprise Linux) is a paid version of Linux, which carries the GPL. It is open-source, yet costs money. They comply with the GPL by making the source-code for RHEL available to their customers, and by providing Fedora, a free alternative with source code open to all. You can read more about the relationship between RHEL and Fedora here.

It’s a bit of a tricky thing to sell something that is free. Mostly it’s is simply a confusion of language, in that “free” has at least two meanings. The distinction that is usually drawn here is that open-source software is not necessarily “free,” as in “free beer,” but rather is “free” as in “free speech.” It means there is an openness about it, an ability for it to be used as part of other products, and of course that one may inspect the source code directly (and extend it). While this started extremely permissive with BSD, as companies abused that openness restrictions had to be put in place with licenses like the GPL. And now we’re seeing a new restriction emerge that specifically targets cloud providers creating managed versions of open-source software to compete with the creators.

Open-source software has taken center stage over the past decade, and it’s good to see it evolving to keep up with the times. There are a lot of constructive debates that occur around how that evolution should progress, but the goal I think most of us in the open-source community can agree upon. We think open-source software is great, they are works of love, users can contribute, and the source code is peer-reviewed by the community. We want to keep open-source software open, while also protecting it, and making sure that open-source companies like MongoDB are able to maintain their business model, so they continue to be motivated to develop and support their platforms. This can be a tricky balance, but one well worth striking.