When Your Open Source Turns to the Dark Side
Not that long ago, in a galaxy that isn’t remotely far away, a disturbance in the open source world was felt with wide-ranging reverberations.
Imagine waking up one morning to find out that your beloved open source tool, which lies at the heart of your system, is being relicensed. What does it mean? Can you still use it as before? Could the new license be infectious and require you to open source your own business logic?
This doom’s day nightmare scenario isn’t hypothetical. It is, in fact, very real, for databases, for Infrastructure-as-Code tooling, and for other OSS (open source software), with several examples over the past year alone.
At SRECon24 Americas, I had the opportunity to speak about When Your Open Source Turns to the Dark Side. Watch the video below.
How Changes to OSS Can Impact Your Organization
At Logz.io, we’ve experienced this sort of a cycle a few times in the past couple of years alone. These have been insightful—and at times painful—experiences. In this talk, I share some of these insights from these experiences, and look into these cases of when your open source turns to the dark side.
In January 2021, Elastic NV announced it was re-licensing Elasticsearch and Kibana from Apache2.0 open source license to the non-open source dual-license SSPL, and their proprietary Elastic License. That was due to take place starting the upcoming minor version, less than a month out from the announcement.
It caused great disturbance in the force and in the community, and our co-founder and CEO Tomer Levy announced support for the OpenSearch project, which is a fork of the Elasticsearch and Kibana code bases.
We saw this in another area of technology recently, when HashiCorp announced changing the license of Terraform from open source to a non-open source, Business Source License. Here as well, the response was to fork these projects to keep them open, which resulted in the formation of the OpenTofu project. We discussed this and the formation of OpenTofu on a recent episode of OpenObservability Talks.
In the SREcon24 talk, I review some of the less known risks of open source, and share lessons learned facing such relicensing moves, as well as other case studies from the past few years.
If you use OSS, you’ll learn how to safeguard yourself. If you’re in the process of evaluating a new OSS, you’ll learn to look beyond the license and consider additional criteria. If you’re debating open-sourcing a project, you’ll gain important perspectives to consider.
If you’d like to see how a cloud native observability platform can work alongside your favorite open source tools, sign up today for a free trial of Logz.io Open 360™.
May the open source be with you!
Get started for free
Completely free for 14 days, no strings attached.