Introduction: In the new era, the development of open source is more and more vigorous, the relationship between open source and cloud is more and more complex, and the coupling degree is more and more high. Cloud is one of the best environments allowed by open source software, and it is also a safe and efficient take-off engine for open source software. This paper attempts to introduce the evolution process of software development and delivery mode from the history of enterprise software and the development law of open source software, analyze common misunderstandings of open source software development and use, discuss the business model and ecology of open source software, and the combination and mutual promotion of open source software and cloud in the era of cloud.
The author | | ali Han Hongyuan source technology public number
In the new era, the development of open source is more and more vigorous, the relationship between open source and cloud is more and more complex, and the degree of coupling is more and more high. Cloud is one of the best environments allowed by open source software, and it is also a safe and efficient take-off engine for open source software.
The open source movement got its own declaration of independence in May 1997, when Eric S. Raymond published The “Open Source Bible,” The Cathedral and the Bazaar. From the emergence of individual heroes like Linus Torvalds, Kenneth Lane Thompson, Richard Matthew Stallman and Eric Steven Raymond, to the realization of the value of open source by more and more organizations, The open source mode of openness, equality, collaboration and sharing has gradually become a new generation of software development mode. Open source has become one of the leading forces of global software technology and industrial innovation, especially in the cloud era, open source covers the whole domain of software development scene.
This paper attempts to introduce the evolution process of software development and delivery mode from the history of enterprise software and the development law of open source software, analyze common misunderstandings of open source software development and use, discuss the business model and ecology of open source software, and the combination and mutual promotion of open source software and cloud in the era of cloud.
Why is open source hard to avoid
Feature 1: The application breadth and depth of open source basic software are improved
Basic software is the “soul” of the computing industry. In the past few decades, with the vigorous development of open source, the early open source software concentrated on the application side, but the important basic software, such as operating system, database, still adopts the closed and proprietary development model and business model.
Today, basic software is gradually evolving into open source and open methods. 97% of software developers and 99% of enterprises use open source software. The adoption of open source software for basic software, industrial software and emerging platform software has become an important driving force for overtaking cars in curves. According to the “White Paper on Open Source Ecology (2020)” issued by THE Information and Communication Institute, in recent years, Domestic enterprises have gradually focused on the layout of open source projects in the field of basic software, and many open source projects have emerged in the fields of operating system, database, middleware, etc., among which there are some top open source projects of international foundations.
Feature two: The value created by open source software is prominent
Open source has become the driving force of global digital technology innovation, growing into a powerful technology innovation mode, and from the initial software industry to hardware, chips, video, IoT, AI and other fields, the open source business model is also gradually mature. Today, new products are open source, new architectures are open source, new platforms are open source, and even the best research is being released in open source. Open source has gradually become a crucial innovation direction for global scientific and technological progress.
Feature 3: Unprecedented national emphasis on open source software
In 2021, the 14th Five-Year Plan for National Economic and Social Development of the People’s Republic of China and the Outline of the Vision and Goals for 2035 clearly stated that it is necessary to “support the development of digital technology open source communities and other innovative associations, improve open source intellectual property rights and legal systems, and encourage enterprises to open software source code, hardware design and application services”. Without doubt, open source is mentioned national strategic level to support, will embark on the fast track of leapfrog development.
The General Office of the People’s Bank of China, the Secretariat of the Cyberspace Administration of the CPC Central Committee, the General Office of the Ministry of Industry and Information Technology, the General Office of the China Banking and Insurance Regulatory Commission and the General Office of the China Securities Regulatory Commission jointly issued the Opinions on Regulating the Application and Development of Open Source Technologies in the Financial Industry (hereinafter referred to as the Opinions). In recent years, open source technology has been widely applied in various fields of financial industry, playing a positive role in promoting technological innovation and digital transformation of financial institutions, but it also faces many challenges such as security and control. The issuance of the Opinions will help standardize the rational application of open source technology by financial institutions, improve the application level and independent and controllable ability, and promote the healthy and sustainable development of open source technology.
The development of software and the history of open source
In the early days of the computer industry, software played an auxiliary role in helping hardware function. Until the advent of Unix in the 1970s, there was no precedent for developing operating systems using high-level languages. Since software is not universal, and the software itself does not exist as a separate sales entity, but as a software development project, it is common practice to deliver the source code along with the project. The customer needs to maintain the system continuously, and the developer is not willing to assume the responsibility of maintaining the software throughout its life cycle.
With the birth of Unix and mainly implemented in C language, the open general operating system became possible, and the development and licensing of software became possible with the pursuit of compatibility and universality of hardware and software. In the early days of Unix, because its owner, AT&T, avoided entering the software industry (because the main telecommunications business was under severe antitrust pressure and did not want to add additional trouble), it licensed it to users in source code without providing subsequent technical support. Allow users to fix problems in their own environment and migrate to new hardware platforms. The authorized universities, governments, and commercial institutions of this phase laid the groundwork for Unix’s subsequent development, and the seeds for Unix’s subsequent strife and fragmentation.
In the 1980s, with the enhancement and popularization of the universality of computers, the universal software that can run on a large number of computers gradually gave birth to the commercial software industry and continued to flourish. A large number of software companies emerged and many are still industry giants today, such as Microsoft, SAP, Oracle, Adobe, etc. A characteristic of this era is along with the computer users from professionals and expand to the average user, software delivery form and gradually became the only provide operation mode no longer provide the source code, is a definition of sales to the user the use of authorization, manufacturers in addition to selling software, also provides technical support service fee: upgrade software, fixed the problem for the client, Provide an operating environment for new devices. As users, consumers no longer have the permission to modify the running software. The authorized use of software and technical support service form an important business model in the commercial software industry.
In the PC world, the way customers use software has not changed substantially to this day. Since the vast majority of users are not software development professionals, there is no need to modify the system or application software on their own, and this model is well adapted and sustained.
In the server world, the Unix camp originated from the early code distributed by AT&T. SUN, HP, DEC, IBM and others developed their Unix systems based on different hardware architectures, forming the so-called open system ecosystem. However, the ambiguity of Unix authorization and legal provisions, as well as the attitude and ambition of subsequent owners have led to a large number of problems. Various systems derived from Unix have been developed under their own brands and lack of unified coordination with the Unix backbone. This split gave Windows NT a huge commercial opportunity to evolve into today’s Windows Server family of operating systems, which still provide run-time licenses to end users and commercial technical support services.
In the 1980s, another important event in the Software industry was the establishment of the Free Software Foundation (FSF). In academic and scientific institutions, “hacker spirit” has always been the pursuit of many people, and the ultimate freedom of Software is based on the right to modify the source code. It has to be said here that the GNU(GNU is Not Unix) initiative started by Richard Stallman (to his various defamations does Not detract from the meaning and value of GNU and THE FSF) redeveloped and implemented most of Unix’s tool systems and distributed the software under the GPL license, GNU implemented most of the common Unix tools. But it was still dependent on the Unix operating system’s core until Linus Torvalds began developing the Linux core in 1991 to fill the gap. The gPL-licensed Linux core and peripheral tools together form the Linux ecosystem, and the active participation of a large number of universities, scientific research institutions and commercial institutions that have accumulated rich experience in the use and development of Unix contributes to the rapid growth and maturity of Linux.
After the mid-1990s, the Internet boomed, supported by Unix derivatives and Windows NT in its infancy.
As the number of users explodes, cost is a significant factor, especially since many Internet start-ups are reluctant to spend precious capital on expensive hardware and rigid software licenses. At this stage, Intel also gradually moved from the CPU provider of PC to the CPU provider of server. Its size advantage also made its CPU power gradually equal to RISC CPU of server. These cpus provide core capabilities for various Unix servers running open systems. Linux has been chosen as the background service running platform by many emerging Internet enterprises because of its advantages of no compulsory charge and open subsequent source code modification. Widely used and large-scale deployment also help Linux sustained and rapid development, evolution becomes a server operating systems that support the critical business, at the same time, the top of various open source operating system also has been widely used and continues to develop, gradually formed a Internet giants today based on open source software and the research status of common business software.
Entering the 21st century, with the wide use of open source software in the field of the Internet, at the same time combined with CPU Intel’s dominance in the field of open system gradually established, and a variety of enclosed continues to decline, many commercial enterprises also begin to accept open source operating system platform software and open source technology, application scenarios of rich to further promote the development of a variety of open source software, Formed a pattern that is still fiercely competitive today.
Definition of open source software and development of licensing system
Literally, open source is to point to open software source code to the user, but simply provide the source code is not the standard definition of “open source software”, “open source software” means the software to the users to provide the source code and granted the freedom to continued evolution and change, so for the modified software to distribute the differences in rules, formed the different system of open source software licensing.
At present, the license system of open source software is mainly divided into two categories: one is mandatory to open source, the representative is GPL license system; The other type does not require the derivation of open source, which is the loose open source license, and the representative licensing systems are BSD, MIT, Apache and so on. The GPL licensing system enforces the provision of source code when it is “distributed” downstream, does not alter GPL compatibility, and restricts the conversion from open source to non-open source software (although the definition of “distributed” has room for exploitation). Forced continued open source has led to different variations of licenses for service providers, especially cloud service providers, such as AGPL. The acceptance of AGPL is limited because it is too restrictive and complex. A loose open source license requires that the source be declared and the license portion of the original software be retained, but does not require that the derivative portion be forced to open source.
The specific criteria for judging open source software can be found in the ten principles [1] : 1. 2. Provide source code for continuous development; 3. Allow modification and development on a source code basis; 4. To ensure the integrity of the original source code, the change can be in the form of patches, or can change the name or version number to distinguish; V. There is no differential restriction clause for specific people or groups; 6. There is no restriction on the field of software use; 7. No more stringent licensing restrictions are imposed upon the issuance of derivative products; 8. The software license applies at each component level, not only to the whole; The software license shall not be extended to other software distributed in the same medium; The software license does not carry provisions affecting technology neutrality.
The influence of open source software on the business model of software industry
Open source does not change the basic mode of software operation
In a mature software market, the technical support services of the software itself are as important as the development and distribution itself, and so far no one has been able to prove the correctness of a complex software. Software quality depends on the design, implementation, testing and operation exposed problems continue to repair, in the process of open source software change is the development phase and distribution form, other periodic law of software is still the same, especially for large amounts of developers to use software platform, the basis of fully give technical support to users is not feasible, Technical support ability also directly affects the services that software can support. It is still an important part of software services to support customers’ business operation and ensure service quality in a way that conforms to the development of software itself.
Open source has become the model and promoter of distributed collaborative development
Today’s open source software, more important is a kind of collaborative development model, the significance of open source software projects governance also has the difference between closed and open, open source project there are two common ways of ownership and management, is a project belongs to a certain foundation, such as Apache, additionally one kind is dominated by the originator or founder of the management pattern, Such as MySQL and Linux cores. There is no easy way to determine which approach is best, but being run by a credible nonprofit with a mature institutional model is more likely to be trusted and attract a wider range of participants. Collaboration across organizations and geographies is effectively supporting the continuous development of various software capabilities, and software like Linux core, which continues to iterate rapidly with tens of millions of lines of code, is also driving the rapid development of the entire IT industry.
Open source is not free
Open source Software originated from the Free Software movement. The name of Free Software chosen by Free Software is often misunderstood as “Free”. In fact, Free means “Free” here, and open source embodies the spirit of Software freedom. Today, even for software that promises to be fully open source, such as Linux, the main form of commercialization is still to provide quality distribution and support services, and licensing fees are not an accepted form of business. MySQL is a special case in that it offers different software licenses at the same time. The commercial and community versions are essentially two products that share most of the community code under centralized control. The fundamental reason is that all intellectual property related to MySQL is completely owned by a single commercial entity.
Providing software as a distribution and providing services in the cloud remains the dominant business model
The vast majority of software users are not the developers of the software itself. It is neither necessary nor practical to rely on users to solve problems and evolve continuously because of the complexity and scale of system and platform software. Software distributions and cloud services provide overall validation testing and optimization in addition to individual software offerings. The compatibility and ensure the quality of work and don’t open source and proprietary software release there is no essential difference, the work is indispensable to software and operation environment with runtime, continuous technical support is the necessary guarantee of the software running means, recognized the value of the work is also promote efficiency and guarantee the choice of system operation.
Challenges for enterprises as open source users
According to the analysis of the elements of open source ecology by the Ministry of Industry and Information Technology, open source ecology is composed of five elements and three links. Among them, open source projects are the center, and software, hardware and other open source projects are formed by relying on open source community cooperation. It involves open source contributors, users, operators and service providers, including open source governance, open source operation, open source commercial layout and other links. It relies on infrastructure such as code hosting platform to meet the requirements of open source rules.
Most enterprises exist as industry open source and industry users, and the challenges they face are not the same.
IT Architecture governance challenges — CIO perspective
Different enterprises use open source software in different ways at different stages of their IT construction. But either way, ultimately you need to think about unified governance of THE IT architecture.
The first is that the entire business of the new enterprise is built from the beginning using open source software. Common in Internet companies and open source to reach a more mature stage after the establishment of enterprises, generally do not form the habit of paying for software and software services. Moreover, these companies regard IT capabilities as their core competence and build their core business systems based on open source technology platforms. The platform technology team is fully capable of adopting open source and custom modified open source derivative products, and customization and adaptation are often undertaken by their own development team. But with the development of customization system and improve the importance of business code changes and software upgrade is a big challenge, forced to choose to continue to increase investment in technology, or changes to avoid conservative state, in the long run, it is backward and ossified situation, technology upgrade when faced with high complexity and affect the business operation.
Second, traditional enterprises partially replace commercial software with open source software. It is common in large and medium-sized enterprises that have been established for a long time. The long-term use of commercial software to enjoy software technology services, and the pursuit of cost reduction, efficiency increase and technical control have spawned the appeal of open source software. New technologies and new development methods have also made it impossible for new business development to reject open source software, which has become the mainstream of platform-level technology.
Third, go through the process of choosing and switching between open source and commercial software. Specific industries choose commercial software at a certain stage of development, and then embrace open source software and increase their own research and development investment after crossing the development stage. For example, Alibaba, e-commerce business has high requirements on transaction consistency and mainly relies on relational databases to provide support. Taobao started MySQL can help run through, after rapid expansion rely on commercial database software through the rapid growth, the development of the subsequent more rely on the support ability of the distributed architecture, as the technology and architecture of accumulation, eventually with distributed architecture eliminates the dependence on the business database products, the overall technology stack also USES the open source system and sustainable development.
In view of the characteristics of open source software, different version paths, and the complexity of different application open source combinations, different enterprises have the right to choose different enterprise-level technology architecture paths, but all need to consider to avoid repeating the wheel on the use of open source.
2. Autonomous and controllable challenges
The meaning of “autonomy” can be roughly understood in two ways. One is to use software with complete intellectual property control by the manufacturer within the scope of sovereignty, which is not restricted by the supply of foreign products and service system. Therefore, the “master” here refers to the main body of the country. The other “master” refers to the enterprise itself, which can modify and use software freely according to its own needs and ideas without violating the authorization.
“Controllable” is the equivalent of “stuck”, whether in the open source community or commercially licensed software. Some companies want to stop sourcing commercial distributions and commercial services of open source software from now on. Of course, there are some successful examples that focus on their own research and development and control. In certain scenarios, they give up external commercial dependence and start all over again to make a set of completely independent products. Some enterprises have really done this, but these are very few. Objectively, this approach also requires a large number of excellent software engineers who have accumulated a lot of experience in open source software to achieve, if software business is not the main business, there will be great challenges in the long run.
For most companies to do independently controllable, avoiding risk, need to run and rely on modest mastery of the software, it is best to carefully study of open source software code, structure, test, and if not, to a certain extent also hold the key ability of verification and debug, combined with the software upgrade and deployment capabilities, to ensure that can deal with emergency problems. The trick here is to work with the mainstream community of software products and quickly build capabilities through learning and imitation. Therefore, not only should enterprises not sever their ties with open source vendors, but the more likely they are to be at risk, the more they should establish extensive ties with the open source business ecosystem, unless these ties are truly severed by external objective and irresistible reasons.
3. Cost control challenges
The cost of most open source software is hidden, coming from ongoing quality control, upgrades, and operations services. Open source software itself is also a software product, and it will follow the basic rules of software. Using a large number of open source software combinations has very high requirements for technical support capability. Although the widely used open source software has a high level of quality and reliability, IT is very difficult to support the continuous operation of massive source code products by the technical strength of a single enterprise, and only a few giants who take IT as their core competitiveness can provide very high stability for their business.
Although enterprises are increasingly investing in IT in the digital era, they still need to avoid the misconception that the cost of licensing a single piece of software is not the whole of the investment, but the subsequent support is the most important. Organizations must look beyond simple bottom-line cost models or ROI calculation logic to look at overall costs from a business perspective.
4 Security challenges
The rise in the number of open source vulnerabilities can be attributed to the widespread adoption of open source components. The massive growth of the open source community over the past few years and media coverage of recent data breaches have led to increased interest in open source security. According to statistics, 84% of open source libraries contain at least one vulnerability, and 60% of reviewed code libraries contain high-risk vulnerabilities. The latest log4j2 remote code execution vulnerability, released in December 2021, is a classic example of a vulnerability that could cause serious harm if exploited by an attacker. Security problems with open source software are often attributed to management lapses. Mainly reflected in: first, open source software users do not update in time; Second, open source projects lack process and management tools such as SDL; Third, the attacker’s attack on the open source ecosystem increases.
5 Compliance challenges
To the most strict compliance of the financial industry, for example, “on a standard finance open source technology application and development of opinions” clearly put forward that financial institution shall follow the open source technologies related to law and licensing requirements, compliance with open source technologies, clear the scope of use of open source technologies and use of the rights and obligations, safeguard the legitimate rights and interests of the author or the holder of the open source technology.
Considering open source compliance, the licensing model for source code becomes critical. In order to actively find problems, centralized scanning can be considered in the initial stage, and the source code compliance scanning can be carried out in batches within the enterprise before the release of the software version. But with the increasing use of open source software, scanning itself is a complex process and developers have too little time to fix problems once they are discovered. How to efficiently count the license and use of open source products in enterprises, quickly correct non-compliant use, and form a compliance list of enterprise open source software is one of the major challenges faced by enterprises in using open source software compliance.
Challenges of enterprises as industry open source
1. Challenges of ecological construction
The early open source community operation can not well reflect the practical application of open source technology in various industries and enterprises. At present, the operation of open source communities and foundations attaches more importance to industrial communication and user sharing, and cloud-based usage statistics of software products may form a new ecological operation mechanism.
2. Challenges of business model
The business model of Open source products basically integrates the following four models: open-core, providing differentiated commercial products; Professional Services; Hosting (Hosting); Market Place, which provides app stores, app markets and plug-ins.
The most common model for successful open source companies is to open up the core product, with hosting and services as the second and third revenue streams. These combinations may work for open source products or an industry at one time or another. However, as the market competition and customers continue to change, these models may not be applicable, may need to find a unique business model for their products. The traditional offline model of software sales, distribution and delivery is difficult to become an open source business model.
Change in enterprise use of open source software in the era of seven clouds
1 changes brought about by cloud computing
Customers move from buying the software and taking care of the whole process themselves to using the service directly, without having to pay attention to the supporting details outside of the service. Customers become less sensitive to the commercial terms associated with the software itself, and the opacity behind the packaging of the service also reduces user involvement in software development, especially as responsibility for ensuring operation and capability provision shifts to cloud computing providers.
Widely used open source software licenses were developed earlier, before cloud computing emerged or had a major impact, and the terms of the licenses were primarily for software that was distributed. Cloud services, especially the packaged software contained in PaaS services, evade the obligation of forced re-open source such as GPL, and the cloud services derived from open source to a certain extent connive at cloud manufacturers to reduce the contribution and sharing of open source software itself.
The successful use of open source software by Internet giants and the continued development of public clouds have proved that closed-source infrastructure and supporting platform software is no longer a common development prospect in most scenarios.
2. Collaborative development of cloud and open source
No customer wants to be tied to a particular vendor. The same is true of the public cloud. The basic platform that supports applications has evolved from operating systems and databases in the software era to container scheduling, and the hybrid cloud will continue to evolve as a long-term support mode. Based on these conditions, the cloud platform should provide a general open technology, which complies with the universality of the standard and does not limit the mobility of the application in terms of the functional interface used by the application. In the lower level of the operation engine, to provide differentiated non-functional support to help customers more effectively achieve business objectives; Combined with differentiated service capabilities in key fields with its own characteristics, such as database, it provides users with agile and flexible development capabilities and stable and efficient support capabilities.
Mainstream cloud computing vendors are playing an increasing role in the enterprise IT market, and the effective integration of mainstream open source software and cloud platform is an important embodiment of the capabilities of cloud platform. Open source technology is also the future development direction of cloud services. Active and effective participation in mainstream open source projects is an important opportunity for cloud vendors. Large cloud vendors invest in people and money to help open source projects continue to grow, and to help cloud technology capabilities become more effective.
For users, the mainstream cloud platforms in the market provide far more consistent functions than those independently built by customers in terms of the main technical capabilities of containers, middleware and databases. When designing their own business systems, users should also fully consider the abstraction and management of different levels of the technology platform and reduce the rigid binding of specific management capabilities. It is not realistic for an application to switch between different cloud platforms without changing a line of code, but it is realistic to pursue cloud-specific capabilities that do not invade the application code but only play a role in the management level, which is also the direction of platform-neutral cloud native pursuit.
Public clouds and hybrid clouds of various forms are the mainstream bearer of future IT capabilities. Open source software has proved itself to be an effective and mainstream development form of platform technology software, and the combination of cloud computing and open source will become an inevitable trend. Open source software, hosted to varying degrees and running on the cloud, provides technical capabilities that will be the primary choice facing enterprise IT in the future. Different degree of trust in management and gathered into a degree of difference, the runtime optimization ability, can be the difference of cloud services, more strong ability of management integration will often accompany deeper operation optimization and less management needs, the services provided will have stronger ability of independent operation, formation is the result of the PaaS class service, such as database, Customers also choose to deploy and manage their own cloud infrastructure. In this case, the cloud infrastructure needs to be open enough for customers to integrate.
Meanwhile, the service capability of the infrastructure is directly reflected in the overall cost performance of the final services and business applications. Software, especially technology platform software, needs a lot of testing and verification and optimization adjustment to achieve the optimal stability and cost performance. The operating environment of public cloud and the massive and differentiated customer scenarios it supports provide the best environment for the maturity of software. Large public cloud vendors are also the most important resource pool with the ability to invest in software development validation and ongoing support services in the future. In addition to optimization, maintaining the openness and compatibility of hosted software service itself is a very important direction of efforts. Attracting and retaining customers by operation effect rather than black box will become the core competitiveness of cloud platform.
The continuous development of cloud computing provides a new stage for open source software. The effective cooperation between cloud platform and open source community and the avoidance of locking to gain the trust of users is an important embodiment of the openness of cloud platform, and will also be the support force for the sustainable development of IT industry in the future.
Overall, the cloud’s inherent characteristics and evolving capabilities from its inception are naturally equipped to address the challenges posed by sustainable use of open source software in the enterprise.
Currently, the cloud is proving to be the best platform for enterprise IT architecture governance, including governance of open source technologies.
Cloud platforms can better centralize security and compliance issues, and target different open source software compliance scans, vulnerability scans, upgrades, and so on.
The development of cloud native makes various basic open source software and innovative open source software technology fusion, cloud era open source software observability, development efficiency and management efficiency greatly improved.
Cloud vendors themselves are the biggest users of open source and best practices that help enterprises manage and shield trial and error risk.
The cloud platform is naturally a collaborative platform that allows open source contributors and users to communicate their needs and drive development on the cloud.
In the new era, the development of open source is more and more vigorous, the relationship between open source and cloud is more and more complex, and the coupling degree is higher and higher. Cloud is one of the best environments allowed by open source software, and it is a safe and efficient take-off engine for open source software.
The original link
This article is the original content of Aliyun and shall not be reproduced without permission.