Click to learn more about author Nati Shalom.
From its origin in the free software movement, open-source software has grown in popularity and adoption across industries worldwide. Open-source Linux now runs the majority of the world’s server workloads, Kubernetes (and Docker) adoption is growing exponentially and pushing the container and cloud-native revolutions, and on the storage front, much of the innovation in big/fast data was delivered by open-source projects such as Hadoop and Cassandra. In the world of delivery automation (DevOps), open source has led the way, from Git to Jenkins and Ansible. Closed-source alternatives have sprung up as well, in an attempt to capture market share from those attracted to all-in-one pre-integrated convenience. This article looks at why the virtues of open source are just as important as ever when it comes to DevOps.
The Virtues of Openness
“Given enough eyeballs, all bugs are shallow.” –Linus’s Law
Active open-source projects benefit users in many ways. All flow from the transparency inherent in their community project nature and the tendency towards developer meritocracy. Starting from hobbyist beginnings, a recent Red Hat survey found 95% of almost 1,000 enterprise IT leaders thought open source was “strategically important” to their organization’s overall enterprise infrastructure software strategy. Not long ago, the common belief was only proprietary software could be trusted to run infrastructure-level software services. Now, led by Linux, this is changing. As open source has matured, its openness and mass participation have persuaded many that only open source is suitable for system software, from operating systems to databases.
Rejecting Vendor Lock-In
Closed-source alternatives to open-source projects typically favor the vendor’s environment over others. Once adopted by an organization, closed products – especially those that don’t work with open standards – create long-term lock-in for their users. In the world of DevOps, cloud providers like AWS typically provide integrated tools for their platform. These tools then become a differentiator that mitigates (along with SaaS offerings) the tendency of cloud infrastructure toward commoditization.
Open-source technologies, on the other hand, tend toward platform neutrality. They typically have extensible or “pluggable” southbound interfaces that expand over time from community contributions. Sophisticated organizations can contribute extensions of their own to satisfy their needs, as opposed to hoping their vendors will make timely improvements and extensions. Significantly, open-source projects are frequently driven towards openness and interoperability, because their business models are based on mass adoption first and monetization second. Vertically integrated closed-source vendor technology stacks have the opposite incentive, which is to create competitive barriers.
Besides lock-in avoidance, open source has much to offer in terms of innovation and collaboration. The rate of change of technological development has never been higher, and an active open-source community has the scale to keep up. Organizations that contribute to open-source projects essentially pool their resources (at times with competitors ), in order to solve problems that they share, while providing differentiation at higher layers. This coopetition maximizes overall benefit on otherwise intractable projects.
Of course, “open-source” projects are fully transparent and, assuming robust participation, highly scrutinized. With open source, organizations can examine and understand the product they are using, warts and all. The ability to proactively detect security vulnerabilities or performance bottlenecks for specific use cases provides a higher level of confidence in deployed systems. It also opens the door to self-patching platforms in emergency situations, in order to maintain availability.
The visibility of contributors, and the lack of a direct profit motive, make well-run open-source projects tend towards meritocracy. The contributors strive to build the best product possible, undistracted by short-term financial demands. In addition, open-source projects’ lifespans are connected to their usefulness, not the fortunes of a single vendor.
Open-Source Cloud Ops in A Multi-Cloud World
“In real open source, you have the right to control your own destiny. –Linus Torvalds
The benefits already described for open-source technologies can be applied naturally to the cloud. Forbes has projected that by the end of 2021, 32% of IT budgets will be spent on public cloud platforms. They also point out that cloud spending has grown 59% on average since 2018. Meanwhile, Flexera notes in their 2020 State of the Cloud report that 87% of responding enterprises were pursuing a hybrid cloud strategy.
Delivering on multiple clouds is a challenge in the best of circumstances, and open source is well-suited to meet the challenge. Simultaneously, public clouds are creating and promoting their own vertically integrated development and delivery stacks in order to differentiate their offerings. In the past, this DevOps tooling has been confined to the cloud platforms themselves, although relatively recently forays into hybrid cloud functionality has become a trend (e.g., Amazon Outposts and Azure Stack). These are, however, a limited form of hybrid cloud, as it still only exploits a single cloud provider.
Opening the Hybrid/Multi-Cloud Future
“Open-source technologies enable a common environment across different cloud environments because they are cloud agnostic, and easy to run.” –Vincent Lam, CCO, Talend
Open-source tools and platforms are a natural fit for the rapidly evolving ecosystem of cloud providers for both infrastructure and services. By definition, a hybrid cloud is heterogeneous, and can benefit from a consistent continuous delivery approach. Open-source tools open the door to deploying a platform that is tailored to business needs, not vendor needs. It means choosing the best of breed services, not settling for the least common denominator dictated by a vendor’s backlog. Another benefit is a degree of future proofing and, of course, a means of escaping the slow obsolescence of vendor lock-in as mentioned earlier. Large vertically integrated frameworks tend to ossify because of competing priorities and backward compatibility requirements.
The delivery of value across multiple cloud platforms is a challenge, and can be addressed by existing cloud agnostic open-source tools. Whether your application layer is hosted on VMs or containers, the provider can be abstracted by a multi-cloud layer in your CI/CD toolchain. For example, connecting Gitlab to Jenkins (or using native Gitlab CI), triggering infrastructure provisioning with Terraform and Ansible or Cloudify and Ansible, and then running end-to-end and/or integration tests, allows for cloud platform independence. It also can support continuous delivery on a wide variety of cloud/container platforms, including complex scenarios that connect workloads on different clouds.
In the previously mentioned Red Hat survey, 77% plan to ramp up their use of open source over the next 12 months. One might ask why.
Certainly, cost is a major factor, given the generally lower total cost of ownership. Open-source products tend to have low or no license fees, and recurring support costs that are relatively inexpensive. Besides direct cost factors, indirect cost reductions are key as well, including those resulting from easier integration and the ability to mix and match technologies to meet cost (and operational) goals.
Perhaps, counterintuitively, security is a major factor. The “many eyeballs” effect mentioned earlier applies to security as well as bugs. A broad, diverse user base will discover vulnerabilities far more quickly and thoroughly than a single vendor’s security team. Visibility plays here too, as open-source products can be examined in depth before they are selected, and modifications can be directly evaluated for security risks. And of course, contributors can steer developments themselves by supplying bug fixes and enhancements.
Having access to the latest bleeding-edge technology is also an important factor for many. Open-source products innovate at a far higher rate than vendors, giving users a competitive advantage versus moribund closed-source alternatives. This unique combination of bleeding-edge technology along with high quality makes open source a fast-growing component of enterprise technology portfolios.
The future of cloud technology is hybrid and very dynamic. Exploiting the diverse technologies, both existing and emerging, is best served by open source. The open-source business model is based on mass adoption, and therefore incentivized to be cloud agnostic and built for extension to new platforms. The closed-source model has the opposite incentive, which is to capture market share for the underlying cloud platform. DevOps tooling must be cloud agnostic to avoid vendor lock-in, and to permit the rapid adoption of new technologies as they arise. Adopting an open-source strategy, for DevOps and beyond, is critical to ensure a thriving business that can innovate and maintain a technical edge.