I do not get why people are coming down on AWS here. Elastic made the software available under the Apache License. That gives AWS the right to offer this service. Maybe they did not have right to trademarks, there are courts to settle that.
AWS contributes improvements to the project. This is just about Elastic and their business model. They could have not made it open source and it probably just would not have been widely used and successful. It is up to Elastic to come up with a business model that works, not blame others if it is not.
ES and other companies have a business that sells a managed version of their product. This is how they sustain developers to continue working on Elastic Search. This model has worked for companies long before cloud providers were a thing. What AWS and others basically did is create identical services, keep all the profits, and exploit gaps in Open Source licensing to this end. From the ES perspective, their FOSS contributions were done in good faith which basically boil down to, "If you can run our product on your own, you get it for free".
AWS knows that if they take too much of ES' market that they won't survive. If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported.
You can frame this question in terms of ethics, you can frame it in terms of licensing naivety, you can frame it in whatever way you want but Amazon is doing what it always has done: exploiting smaller businesses in its goal to become a conglomerate.
Edit: a lot of people talking about the license forget that there's an entire spirit to open source. The permissiveness of open source was one thought to be "we can all succeed together" and what people get upset about is the fact that this obviously violates that spirit. The businesses set up to back companies like Elastic Search were setup to sustain the project while continuing to empower it's creators to take their vision further. If Amazon takes the pie, that doesn't happen. At best, the creators are now Amazon employees and have to follow their desires. Just because you can exploit a license, doesn't mean you should.
>What AWS and others basically did is create identical services, keep all the profits, and exploit gaps in Open Source licensing to this end.
Gaps in open source licensing? The license Elastic chose explicitly allows anyone to take the code, run it as they wish, and not contribute anything back. There are other FOSS licenses that are slightly more strict about this; they could have chosen AGPL if they wanted someone hosting a service to publish their changes, for example. And then they could have used a proprietary license from the start if they didn't want others competing with them at all using their code.
Launching a competing offering using FOSS that someone else wrote is nothing new at all though. Red Hat built their business around subscriptions for and support of free software, much of which they wrote, but they hardly had exclusivity over the distribution (see CentOS and all the providers offering it) or the software they wrote. (It's all free software after all!)
> they could have chosen AGPL if they wanted someone hosting a service to publish their changes, for example.
So... you admit that the people who created the GPL decided their license wasn't sufficient to cover a certain usecase and revised it to cover it. But you think it's unfair to call this a "gap" that ES is now trying to close?
EDIT: I do think it's fair to point out ways in which the new license for ES is worse than the AGPL, but I do think it's important to point out that it's possible to believe in open source licenses and to think that the way AWS uses software violates the spirit of open source. The people who work on GNU seem to think that!
>So... you admit that the people who created the GPL decided their license wasn't sufficient to cover a certain usecase and revised it to cover it. But you think it's unfair to call this a "gap" that ES is now trying to close?
The gap in that case was that the GPL was not sufficient to ensure that software remain free software when companies started using SaaS for software that previously would have been run locally. SaaS was in effect a workaround for the GPL's distribution requirement (enabling companies to avoid giving the software's users the freedoms associated with free software), so the AGPL was created for software that was meant to run on a server.
This is different: the point of contention here is not that Elastic's software was being made proprietary (they could have easily used the AGPL if that was their concern, the AGPLv3 predates the first Elasticsearch release by three years) but that Amazon is using their software to compete with them. That's something that's pretty fundamental to both free software:
>The freedom to run the program as you wish, for any purpose (freedom 0).
...and open source:
>The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
Freedom 0 is a feature, not a bug! It may be a "gap" in Elastic's business model, but it's certainly not a gap in FOSS licenses - the freedom to use the software as you wish is a pretty core value of free software.
Now that said, I do think that taking FOSS and making it proprietary certainly does violate the spirit of free software. Amazon doesn't seem to have done that here, though - their fork is under the Apache 2 license.
Amazon doesn't need to use a proprietary license, the product they have built around Elasticsearch is itself proprietary. They have produced and are selling Elasticsearch-as-a-service for their AWS environment.
I see it as “there are a variety of licenses from which to choose, depending on your goals”. BSD, Apache, and MIT all represent different points in space, as do GPL and AGPL.
When I choose Apache or MIT, I do so for a reason and if you or Amazon use code in compliance with that license, I’m happy and you’re not “exploiting a gap” but rather “complying with the terms I offered”.
Fully agree with this. Free is free, you could always argue that there is "a spirit to open source"; but as with everything there's always going to be people exploiting and using it, that comes with the free.
To me it boils down to if you think that it's worth it: whenever I put MIT or Apache 2.0 on my public Github projects, I don't mind anyone going out making millions on them. Other side of the coin; if I make millions on some obscure library I found on Github with an MIT license, I do not expect them to be outraged about it.
If you do not think it's worth it, as you said there are a range of other licenses out there. I love the notion of human knowledge being free and available to all to the fullest extent, I think it will drive (and has driven) immense value for humankind.
People also seem to miss a point when trying to invoke the "Spirit of the Open Source License": The only reason why Elastic is changing their license is because they want to profit from it. So, isn't that exactly against the "Spirit of Open Source License"? If they truly cared about that, they should be angry about it at all.
Choosing sides here seems to be choosing between two profit seeking companies. Why, as a developer, you should take a side?
I as a developer take the side that allows me to use the open source code as I see fit based on the license terms provided. Elastic initially chose a license which would allow them to capture more of the market/mind space of developers and now that they've accomplished that they want to fully monetize those developers.
It's worth keeping in mind that we don't always know which projects will truly become successful. The precursor to Elasticsearch, Compass, wasn't hugely popular. When I started looking hard at Elasticsearch, with plans to actually use it, I had to spend a lot of time explaining why I didn't want to use Solr, which was much more popular at the time.
In my opinion, the bottom line is this: if Amazon's exploitative behavior is continues then we're going to see more and more open source products shift towards janky-kind-of-open-source or entirely closed licenses. Small or experimental projects will have open and permissive licenses, their authors will have plans for shifting licenses should the product become really successful.
I think it marks the end of this idea that you could have an open source project and then build a commercial offering around it. No matter who you are, odds are good Amazon will get such an offering off the ground faster and they have a built-in market of AWS customers.
Elasticsearch has made their motives clear: they have real concerns that Amazon is diluting their brand and they feel that Amazon is costing them too many customers with their proprietary AWS product. We can quibble about the morals of Amazon's move (they have none, corporations have no morals) but let's not lose sight of the outcome: Amazon has forced another OSS project to switch to a closed license[0].
Amazon's behavior may feel exploitative, but it isn't. That would be like saying Red Hat is exploitative.
Part of the whole concept of free software is that you have freedom of choice with vendors (this is derived from "freedom 0"). Amazon is providing the software and its support as part of the Elasticsearch offering as a managed service. Elastic is a competing vendor, both as a managed service and in a traditional sense too.
Elastic made this decision because they wanted to be the exclusive vendor for Elasticsearch. That's fine, but it's not in the spirit of free software.
If anything, Elastic has exploited the third-party contributors who contributed to Elasticsearch under a CLA by promising to not do what they did and then blaming AWS for doing it anyway.
I don't think it's fair to say that Elastic wants to be the exclusive vendor of Elasticsearch. They have registered and own the trademark, I believe it is fair to say that they want to be the only vendor who can use that trademark. I don't think this is uncommon or unreasonable.
Other companies have built products on Elasticsearch (I worked one one myself at one time) and they haven't been sued by Elastic. In my experience, Elastic has behaved in the spirit of free software. Now that their license has changed I would expect they will receive fewer submissions of code from outside companies. In my opinion, the difference here is both scale and misrepresentation of the offering by Amazon through unauthorized use of Elastic's trademarks.
This is not the first company to change their license in order to avoid providing free improvements to Amazon's proprietary services, I believe that this is unique to Amazon, perhaps because of the size of their AWS customer base. I can't find any similar stories of companies changing their licenses because their code was being used by RedHat.
I'm not sure what value the word "chosen" has in this context.
Amazon is one of the largest and wealthiest technology companies in the world with a large captive audience of customers locked into their AWS product. On what terms could Elasticsearch compete with Amazon, especially when any improvements to the product would effectively be improvements to Amazon's product as well?
While I may step out of the way of an oncoming train, is it really a choice? No, it's clear that an oncoming train forces people to step out of the way.
Elastic wants to get the benefits of permissive licenses without the drawbacks.
Having a permissive license is a massive asset for getting people to adopt your software, but it means you will have no control over what they do with it.
They want the goodwill and other benefits of a permissive license without loss of control that these licenses bring.
I have to disagree, I see no reason to think that Elasticsearch is seeking to avoid "the drawbacks" of a permissive license. I believe the project has been using a permissive license since it's first release in 2010.
What they are objecting to is having their project co-opted by Amazon, one of the largest and wealthiest technology companies in the world. Elasticsearch and Amazon have been battling this out for a couple of years now, this is the latest move in that battle.[0] They have been very clear that the reason they are changing the license is Amazon, not "the drawbacks" of an open source license.
They could also collaborate with Elastic as a customer. In fact, the model where a company develops a managed service and offers it on cloud providers infrastructure (i.e. "app store") would have everyone benefit:
* Amazon, from the wealth of innovative managed services they could offer without fully maintaining them themselves
* OSS companies, for the ability to financially sustain their projects and still offer it for free for those that want to self host without offering a managed version of the same software
* End users, who can both use the software however they wish and also choose to get a nice managed version of it.
Instead what will happen due to AWS behavior here is that there will be a lot less incentive to develop innovative new services, at least in a non-proprietary way => therefore there will be fewer services in general for AWS to offer without doing all the product work from scratch, fewer tools in general for engineers and fewer OSS tools in particular and more Firebase-like offerings. So everybody loses here in the long run.
I'm going to go on a limb and say that whichever of the cloud providers figures out the "app store" equivalent for managed services is going to be able to take over from AWS.
Commented on your earlier comment, but didn't see another user basically wrote the same thing, as I hadn't refreshed. Isn't Amazon just an "end user" in this case? End user doesn't have to mean someone who queries an ElasticSearch cluster, it could be someone who hosts one and charges for that.
Are Amazon writing the software that transforms and loads the data into ES, as well queries ES? If yes, they are an end-user. If not, they are a managed service provider.
There is no ambiguity in this case, they are offering the exact same elasticsearch API.
But this is not even the point. I'm not interested in the legal distinctions here at all, thats for the lawyers to delineate in more detail. The point is that Amazon are practically throwing away a huge business opportunity that would also encourage more FOSS to be built in a sustainable way ("app store" / "managed service store") for some short term gain, by throwing companies such as MongoDB and Elastic under the bus.
Totally agree. I think you could also say a similar thing about Amazon however: they are benefiting off of the permissive license Elastic chose to use, without the drawback of having to spend developer time improving the open source project they are profiting from.
I don't think this is a fair critique: they have a pragmatic goal of running a business while being as unrestrictive as possible.
With their Apache choice a pragmatic balance was met where developers could use/modify it as they please or use a managed solution from EC or even a managed solution from another company. The ecosystem thrives and their company can thrive.
But a managed solution from AWS ends being materially new and different: AWS is able to undercut them on every front, and people end up viewing AWS ElasticSearch as the canonical ElasticSearch.
Maybe trademark infringement aside, Amazon didn't break the law but they created an unprecedented situation that changed the effective balance of power which changed whether Apache was achieving their EC's goals or not.
The AGPL is nearly 2 decades old, and its tradeoffs are well known among people working in open source. If Elastic had wanted its protections (and restrictions) they easily could have chosen it.
AGPL also harms adoption at companies because of the "invasive" nature of the license. Google, for example, bans the use of any AGPL software. It's too vague for the legal team to confidently understand the "bounds" of the copyleft license.
Permissive licenses like MIT/Apache have historically been what companies prefer to have when evaluating free software. And, generally, it hasn't been a problem for companies like Elastic because companies like Amazon didn't "take" profits from Elastic (and others).
What has shifted is that, where before, there was a "code of honor" that companies could use FOSS software and Elastic would benefit from the uptick in adoption via support contracts, community building libs + writing docs, and encouraging "network effects" for them.
The "cost" of being a FOSS company was lower than the "reaped" benefits of the network effects.
That has shifted with "predatory" behavior from companies like Amazon. That abuse of the "vulnerability" in the FOSS ecosystem is a tragedy of the commons. It means that companies have to be more cautious about what they choose to open source.
This is just my opinion, of course. As a founder of a software company though, I see this as a real struggle. I would prefer have https://refinery.io be an entirely open source tool and we make money via supporting the ecosystem.
Unfortunately, it just isn't clear cut. The best option that I see today is a model like what MongoDB and CockroachDB have with licenses like BSL. But, they're not truly "open source". And that sucks.
We are living in a time where there are no good answers in the face of exploitative behavior by companies like Amazon. It means companies like mine have to maintain a proprietary platform in order to make money.
As a developer, it hurts my ideals. As a business owner, it's a risk I can't afford to take. That's why this behavior is a problem for FOSS.
> What has shifted is that, where before, there was a "code of honor" that companies could use FOSS software and Elastic would benefit from the uptick in adoption via support contracts, community building libs + writing docs, and encouraging "network effects" for them.
I've run a couple of COSS companies and have a few arrows in the back on this subject. The 'code of honor' is not enough to float even a small company. I don't think it ever was.
Most people simply won't pay if they don't have to. It's not just a matter of money. Buying software in established companies can be a head-exploding hassle--as in 6 months of fighting procurement. Plus those do-a-good-deed contracts have a habit of disappearing as soon as there's a budget crunch or the enlightened manager who pushed it through moves to something else.
I'm not knocking such contracts in any way. They are kind of like crowdfunding for OSS and can be lifesavers. But it's naive to build a company on them.
To have a profitable COSS business you need to sell something sticky that customers need and can't get elsewhere, so there's a real exchange of value.
In these specific contexts, it's important to stop using the term "FOSS." It just clouds the issue. FOSS is Free Software and software so permissively licensed that it could be relicensed and extended as Free Software. Open Source is simply giving up your ownership of the code one wrote, and this Spirit of Open Source is when one pretends that people won't actually take advantage of explicit grant of rights for reasons.
Open Source is for getting popular, and all of the arguments that Open Source people make against Free Software are about the ability to get popular (corporate usage and corporate contributors.) The reason companies use Open Source is because when you license something that way, it's theirs now. They're investing in their own property.
Free Software doesn't intend to have this problem, and if it sees a problem, it fixes the bug. You don't own Free Software, you own the devices that you install it on. You still might end up competing with someone, but you'll never fall behind.
No FOSS license would have protected ES from the problem they have with Amazon. Amazon is in full compliance with the AGPL for example, so if ES had changed the license from Apache to AGPL, nothing would have changed - that is why they had to move to a non-free license instead.
Basically, their problem is that it's impossible to compete with Amazon on delivering a managed SaaS, and most of their money was coming from that.
In terms of the software itself and user freedoms, the licenses used have achieved their goals - ES is free, people using it can control exactly what they are running, can patch it and redistribute etc. No one owns ES itself, so it is Free Software in your sense.
The people who are having a problem though are the project behind most of the work on this. Now, whether this is a real problem (the company is struggling to remain profitable because of Amazon) or just a fake problem (the company is profitable but it's not growing as expected in some 5 year plan) I don't know, but this is the reason for this type of change.
As someone who has used OSS Elasticsearch, the Amazon managed offering, and the licensed and supported product, I don’t think that’s true.
Amazon has a small team for developing their version and at the end of the day, it has to fit into the operating constraints that they have. There are plenty of huge gaps in managed ES that the vendor can (and does) exploit.
This comment is really insightful. Thank you for the perspective!
It's an interesting idea to think that "Free Software" creates a sort of "distributed code base". In the sense that "code will be eventually pushed to the main repo when the patch is created". That's an interesting perspective.
Not necessarily. "Just" making it free software (eg slapping a GPL v2 on Elasticsearch) doesn't require AWS to share any changes to the codebase, and wouldn't have prevented the current AWS/Elastic drama as it wouldn't have prevented AWS from monetizing Elasticsearch.
Now AGPL might have, if it was used from the start... not because it would prevent any monitization, but because it might bring enough legal uncertainty for AWS to even consider using it
None of this is new. GNU was founded and developed its licenses to address this issue. But there’s a tradeoff. One that GNU happily accepts. But there has never been a “code of honor” in this space. Give me a break. Companies have been offering Apache- and GPL- licensed software as a service for longer than Elastic has been a company. Elastic wanted to have its cake and eat it too. They overplayed their hand here and now they’re paying the price. They’ll likely soon lose control of the code base. But that’s the whole point of open source.
The whole point of open-source is to curate a useful software commons. Suppose Elastic does lose control of their codebase, and it winds up getting maintained entirely by AWS. Then what's to stop AWS from taking their forked Apache2 code closed-source? Bam, no more ElasticSearch. Without professional maintainers, CVEs will pile up and it will gradually become abandonware.
Suppose Elastic had used GPL instead. Then Amazon's hands are tied to a greater extent, but we still lose out. If AWS is the one maintaining ElasticSearch, then ES will steadily become more and more nichely-suited to being a part of the Amazon cloud and less suited to a self-hosted use case. Users can patch it for their own use-cases, but they'll never be able to make it as good as it would have been if there were full-time maintainers supporting them. The commons still become less rich.
The dream is that Elastic can keep maintaining ES but ES remains Apache2. Given AWS's presence in the market, it seems like that's not an especially viable option. For Elastic to keep maintaining ES while switching ES to a more restrictive license which doesn't prevent normal use cases but hamstrings AWS is less desirable, but still preferable to Elastic folding, because ES remains a tool which we can all use and patch as needed to power our own services.
> Suppose Elastic had used GPL instead. Then Amazon's hands are tied to a greater extent, but we still lose out. If AWS is the one maintaining ElasticSearch, then ES will steadily become more and more nichely-suited to being a part of the Amazon cloud and less suited to a self-hosted use case. Users can patch it for their own use-cases, but they'll never be able to make it as good as it would have been if there were full-time maintainers supporting them. The commons still become less rich.
On the contrary, the commons gets the version of ElasticSearch that is most useful to end users. If Elastic can offer better service to end-users, their deployment will be more popular and people will prefer their patches; if AWS can offer better service to end-users, their deployment will be more popular.
> If Elastic can offer better service to end-users, their deployment will be more popular and people will prefer their patches; if AWS can offer better service to end-users, their deployment will be more popular.
Not really, because Elastic doesn't get money from people using their free product. So, Elastic could theoretically go bankrupt even while providing an arbitrarily more popular ElasticSearch version.
AWS on the other hand is charging money for using their service, so they only need to compete with Elastic on the hosted version of ES. If their fork of ES is very hard to host on your own, that's a net benefit to AWS, regardless of how easy Elastic's fork is in the same scenarios - neither company is making money off the non-hosted version.
ES has to provide a much better service to win. Amazon can use their market power and vendor lock in to drive adoption of a worse service and squeeze out a better ES.
Network effects are great for behemoths but not so good for consumers.
Well, it's actually a job for Elastic, since their primary concern is ensuring that they continue to turn a profit. But I'm certainly not opposed to antitrust.
> The whole point of open-source is to curate a useful software commons.
If that were the point of the licensing, it'd be encoded in the license. This is the branding of the license, which is just innuendo. Amazon doesn't belong to any church that recognizes the spirit of Open Source, instead they just read the license and follow it.
Even if we take out the whole morals aspect of it all, because capitalism, I think this this is really right. Yes on: amazon is free to do whatever the license allows. But no on: if that wee the point of the licensing, it'd be encoded in the license.
I think the point of OSS - and there are various flavors so this isn't some unitary point, but more like a general direction - is the insight that copyright isn't actually a good model for software development. OSS licenses are a hack to sidestep fundementally misdesigned legal structures while staying within them. But because OSS uses licenses to create a more open development model, it's restricted in what it can do; it's "just" an EULA essentially.
Ideally, we'd fix this in the law, not via tricky licenses, but we don't live in a world where that ideal is anywhere even close to a serious enough problem to be addressed - at least, that's my take on "the point of the [OSS] licensing".
The various flavors of OSS try additionally to either use various other approaches to encourage a more open model in a closed world, or conversely don't bother since it's a hopeless endeavor, or vary exactly how open they want things to be; but the general gist is that the license is a hack; it's a design limitation, not by design.
They make perfectly legal use of that code. What they're doing seems to be in my interest because if they do it, it means I could also establish a business using permissive code to run it and hopefully make money off it. It's good news for many wannabe startup founders out there.
People getting mad about a code of honor in a decades old, brutal business environment is truly bizarre to me. This isn't a playground pickup game, it's business.
So, according to some in this thread, as a business owner you are "exploiting open source" by taking more permissively licensed code and making money off it. Shame on you! /s
The people expecting a “code of honor” in American capitalism are hopelessly naive. You may as well ask a lion to observe a code of honor and not target any sickly antelopes.
A strong lion may seemingly indulge such a code of honor for a while - not because of honor, but because healthy antelopes taste better and the lion is fast enough to catch them. But these conditions can change at any moment.
This mirrors how, in general, markets approach human values. They're a nice thing to have if you can afford them, perhaps you can mention them in your marketing - but the moment competition threatens your margins, you'll drop these values to stay competitive. Ethics is a market inefficiency, and expecting companies to behave ethically over time if not explicitly forced to is, indeed, naive.
RMS once said: the GPL doesn't restrict how you USE the software.
If it restricts who can use the software or what they can do with it I believe it isn't classified as free software.
The AGPL is slightly different than GPL. It confers more responsibilities on cloud providers, so that the users of the software (as a service) have the right to the source and any modifications.
I thought Stallman created GPL so software can be "free as in speech". It's another dimensional of ideology, and respectably so. It, however, has nothing do with whether it is moral for AWS to host an Apache-licensed open-source package.
The A in AGPL stands for Affero, which was a company that produced a version of the GPL (with FSF permission) -- that was AGPLv1, written by a commercial company in 2002 to fix the loophole in the GPL.
"When the service launched, imagine our surprise when the Amazon CTO tweeted that the service was released in collaboration with us. It was not. And over the years, we have heard repeatedly that this confusion persists. NOT OK."
https://www.elastic.co/blog/why-license-change-AWS
They are now. CentOS was originally created outside of Redhat to remove all of Redhat’s trademarks from RHEL, since that was the only part of RHEL that wasn’t freely redistributable. When CentOS originally came out, my impression was that Redhat was not very happy, similar to Elasticsearch here.
Sure, of course. They're still both free software, they're still both used by companies who aren't paying for Red Hat subscriptions, there's no shortage of consulting companies who will provide support for CentOS or Fedora like Red Hat would for RHEL, etc. That's the point: Red Hat has plenty of competition, including from others using their own software, and that's fine!
EDIT: And honestly the fact that Red Hat owns both makes it extra clear that they're fine with it, because again, they're a company built on free software.
Well, before the IBM acquisition anyway. We'll see where things go from here.
Yes, but, while RH is the 900lb gorilla in the "pure OSS" business (and yes, we should be thankful for their contributions all over the OSS ecosystem even if we aren't RH customers), from a business perspective they are not that spectacular. Looking at wikipedia, the company was formed in 1993, has a revenue of $3.4 billion, and 13400 employees. By IT sector standards, that's decent but far from spectacular.
Partly due to releasing all their code as OSS, they have poor pricing power over their primary product (support and services (RHEL)) as that's a commodified market with a bunch of competitors who are happy to take their business (offering support for CentOS or other RHEL rebuilds) if they charge too much, or customers might just decide they have the in-house knowledge to support themselves.
Revenue is meaningless, profitability is the important thing. Amazon was net income 0, but it was always enormously profitable, it immediately spent that money on growth.
RedHat wasn't really that profitable. Sure it also spent billions on growth, but Amazon spent hundreds of billions on growth. (Sure, Amazon is a conglomerate, from books to gadgets to groceries to basically everything and the biggest digital infrastructure platform on top.
(I'm simply using Amazon as illustration, it's really coincidence that this submission is about ES and AWS.)
I'm not quite sure I agree with your words here; generally speaking, net income is profit (accounting profit, to be precise -- there are other profits but we normally talk about accounting profit).
Secondly, revenue is super not meaningless! It's the capacity for you to be profitable! Amazon had 0 net income but were able to spend money on growth because they had revenue, and were able to classify their R&D as an expense, which pushed their profit/net income down. Without that, they would've been a positive net income/profit company who then reinvested net income/profits into R&D.
You can do all the expense classification shenanigans you want to to muck around with profit (ex. have profit & spend that on growth, or classify your growth as an expense and have no profit), but it's a lot harder to grow without having the money to put to growth. You'll get that of course in two ways -- increasing capital (equity/liabilities), or well, revenue!
I wrote profitability exactly for this reason. Revenue in itself is just as meaningless as profitability, I agree. (That's what aggregates like NPV [net present value] and other indicators are for.)
RedHat is big, it has a lot of revenue, but it also has a looot of expenses too. Hence it's profitability is low. Whereas Amazon is a lot more profitable (even if it had no accounting profit), and that's exactly how it grew this big.
If RH were this profitable it would have probably also grown bigger too.
Of course some business models, sectors are truly niches, and you can't grow arbitrarily big. RH probably suffered from this to a degree. Selling Linux support is a niche market compared to selling almost everything that can be shipped in boxes. Of course both Amazon and RH are survivors of the early 2000s big boom-bust cycle, so probably there's a big survival bias and chance/luck at play here, so it's probably not right to say that RH should have expanded to bigger markets. (How come "AWS" is not a RH thing? It's likely that Amazon's extreme "black friday" scaling challenge it not unique to them, yet they were the ones able to successfully capitalize on this.)
Perhaps this would inform the discussion better, but how do you define "profitability" if not by accounting profit? There has to be a strict measure in order to make sense of things. As. I said before, the convention is to use profitability = accounting profit.
I judge by your statements of RedHat's expenses/revenue/profitability that you're defining it as operating profit? That's not a great measure to look at things: certain sectors can expense things and make a mess of it - like depreciation & R&D.
That's also a measure of the core operating portion of the business alone, it. doesn't include non-core portions, nor spending on investments/divestitures (although the latter should show in pro formas or future reports. Also to be fair that would never be counted in a profit definition, but judging from what you find important, I suspect you would prefer to include it? ).
NPVs are calculated by Free Cash Flow streams discounted at whatever your discount rate.
RedHat is not a "product" company but a "service" company, so comparing it to other big tech companies is an apples to oranges comparison. The nature of big tech is scalability (product), whereas Redhat is more of a sustainable business focused on providing support around OSS software, it isn't aiming to do anything new and revolutionary. Not every company has to be gunning towards world domination..
RedHat was never worried about CentOS, the people/companies using CentOS never had the budgets for RedHat anyway and the companies using RedHat often need certification and support contracts (due to regulations). So CentOS never was seen as a competition I would argue.
I agree with the other comments here saying that this is not a gap in open-source licensing. If Elastic wanted to force Amazon to contribute modifications back, they could have switched to the AGPL to do that. But they didn't — because, as the AWS blog points out, AWS was already contributing their changes back.
The problem wasn't that the spirit of open-source was violated. The problem was that AWS is better at acquiring customers for their competing hosting service. So Elastic switched the license to the non-open-source SSPL, which makes offering a hosting service essentially impossible (to satisfy the terms, Amazon would need to open-source effectively all of AWS).
This license switch is more antithetical to the spirit of open source — that is, user freedom — than what AWS was doing, which was offering a hosted version of open-source software that competed with Elastic's hosting business.
Ultimately I think selling hosting of a single piece of open-source software as a funding model for developing a single piece of open-source software (e.g. Mongo, Elastic) has proven to not be a very sustainable funding model; at least, not if you're hoping for VC-backed company sized returns. And... I can see why that doesn't feel great. At one point, hosting was believed to be the silver bullet model as compared to consulting. But ultimately I think it's just not worked out: hosting as a model makes sense for proprietary software, but for OSS, either:
* You pay developers to build the software and also pay more developers to build the hosting stack — but then your competition only pays for the latter and can beat you on price, or
* You only pay to build the hosting stack, but then — what's the point? You haven't solved funding the software development.
>The problem was that AWS is better at acquiring customers for their competing hosting service.
I would actually take this a step further and say the problem was that Elastic apparently never had no plan for how to deal with Amazon. If hosting is ever on the table, this has to be part of the plan from the beginning. For every customer that says "your hosted solution won't work for us, we're thinking about deploying on AWS" they have to be able to translate that into profit. This seems like a lose-lose for Elastic as they have effectively ceded all that away to this fork. The use of SSPL also seems like nonsense here that won't result in them seeing a dime from Amazon.
Seems sad to be them but this has always been the case with open source. There has been countless successful businesses established that run with on source software (think Linux, glibc, etc) and almost none of them payed back open source developers or contributed anything.
To say that developers/authors of open-source believe that if their projects get picked up by some big company they would also be payed seems silly and childish. This has never been the case, why would they even believe that? It was rare when a company payed open source devs for their work (and it made the news, like when RedHat gifted Torvalds a lot of stock before going public and it's not like Torvalds was the only kernel dev at that time).
Maybe the main driver is that self-hosting of Elastic seems to be a very frustrating experience since it easily consumes a lot of memory and the default install seems quite insecure. Still AWS of course has automated all this. I guess completely free projects that are also controlled openly like Postgres don't have these problems and some of core developers seem to do lucrative consulting work. (So individuals are much better off I guess, and there is not the pressure to be like a Startup)
Maybe there is a middle ground for companies to use SSPL/BSL with a "profit sharing" clause or similar. It's still not "open source" in the traditional sense. But it could be a "win/win" scenario?
My main problem with the pro-Elastic arguments it that the crux of the argument is:
1. Elastic drives the vast majority of development for ES
2. Elastic needs revenue in order to keep paying devs to work on ES
3. AWS is competing too well with Elastic's hosted ES
And there is an underlying implication that if Elastic fails, ES development will stall almost completely and a great software project will die. But like... isn't that the point of OSS? If a software project lives and dies with a single company, what exactly is the point of it being OSS?
>AWS is competing too well with Elastic's hosted ES
AWS is too big to really be competing fairly. They have vendor lockin on customers, an enormous war chest they can (and have) used for predatory pricing and they control, like, 1/2 the hosting market.
With all that they can almost murder elastic search in their sleep without providing a better service.
That will not just be bad for ES it will be bad for everyone who isn't Bezos.
> >AWS is competing too well with Elastic's hosted ES
> AWS is too big to really be competing fairly. They have vendor lockin on customers, an enormous war chest they can (and have) used for predatory pricing and they control, like, 1/2 the hosting market.
> With all that they can almost murder elastic search in their sleep without providing a better service.
> That will not just be bad for ES it will be bad for everyone who isn't Bezos.
There's a lot of businesses with a lot of budget who want to use ES and don't want to go near AWS. Let's not pretend there's not an enormous opportunity out there for a good hosted ES platform not on AWS.
I think the "war chest" argument here is that AWS can out compete any other hosting solution by "slowly burning" their way to the top. AWS is a conglomerate and can afford to lose money on a single service. Companies like ES cannot without going under. It is monopolistic behavior and that is harmful.
Plenty of businesses compete with AWS just fine. Looking at Elastic Co's financials, they also appear to be competing just fine.
If they tell you they're not, what they're actually saying is that they've chosen a poor business model.
In this case, it looks like they've got a perfectly reasonable business, but they're upset it's not even bigger, and therefore they'd like a monopoly over ES hosting.
> It is monopolistic behavior and that is harmful.
I think a good example company to answer this question would be: What happened to RethinkDB? They shuttered. How has development changed for that project? Is it still alive and healthy?
That would be a single data point to start with, at least.
What makes you think this is a "gap in Open Source licensing"? Is it not more easily explained as Elastic's business plan having a gaping hole instead? Don't put the cart before the horse.
They built on top of a license that gave the user a set of freedoms they don't want the user to have. End of story.
Now they've patched this hole, but they want to keep the goodwill that comes from Open Source licensing instead of owning up to their decision and decide to blame AWS as a scapegoat, all the while acting as if their license does not violate one of the core values on Open Source Definition where you cannot set restrictions on specific fields of endeavor (in this case, the same field the product belongs to).
A hole which didn't exist in this way 10 years ago. But well you could have seen it coming tbh.
> all the while acting as if their license does not violate one of the core values on Open Source Definition
So you are saying if you do open source you must be fine with being exploited?
If so then why do GPL and similar exist, which are normally considered as Open Source?
It's just that the landscape changed and with this the problems around it changed.
While in the past bundling it into non free programs (+some committed aspects) was seen as a problem and as such GPL was created today the problem are similar but instead of distributing that bundles they are provided as managed services.
In this context the Server Side Public License is as much in line with the core values of Open Source as GPL is.
It's just that Amazon cares to some degree more about free software being free as in not costing them then they care about it being freely inspectable and modifiable. But cost free-ness was never a core value of Open Source, just a side effect.
The hole did exist ten years ago, though. The AGPL was released in 2007, three years before Elasticsearch was created, to fix this exact problem.
…except Elastic doesn't want to use the AGPL because anyone using Elasticsearch would have to open-source their whole codebase — a non-starter for most companies. Elastic wants to have their cake and eat it too. They want the wide adoption of open source software, while also preventing people from competing with them. That's not how open source works.
> …except Elastic doesn't want to use the AGPL because anyone using Elasticsearch would have to open-source their whole codebase — a non-starter for most companies.
They wouldn't have to. This is a common misconception about AGPL.
AGPL is meant to address the situation where someone takes GPL code, such as a database server, runs it on their systems (possibly with proprietary modifications), and provides network access to it to users, and does not provide those users with the source code. That is perfectly acceptable under GPL, GPL doesn't trigger if you aren't distributing the program.
What AGPL changed is that they made it trigger on distribution (like GPL) and on interactive access of modified versions over a network.
If Amazon's plan had been to make money by hosting a proprietary fork of the server, which would give them some sort of advantage over other clouds like Azure or Google that only have the non-proprietary version, AGPL would thwart them.
But that doesn't seem to be the case. They don't appear to trying to make it proprietary. They seem happy to run the same code that everyone else does. They are making money from it by selling management and support services for it.
If you're using a database that's not tightly integrated into your project and distributed with it, I don't believe you'd have to open your project. The API is the boundary:
- your project running on Linux kernel doesn't become GPL
- your project talking to MySQL doesn't become GPL and one talking to mongodb pre-2018 doesn't become AGPL
- your project talking to elasticsearch wouldn't become AGPL
If you modified the software and then sold a hosted solution using the modified software you would need to release the source code for your modifications. Or if you built a plugin that was directly linked to the software you might have to release the source for that plugin. But if you had other software that made network calls to the software I'm pretty sure you wouldn't have to open source that as well.
Amazon is in compliance with the terms of the AGPL already for their managed ES. Switching ES to from Apache to AGPL would only affect other users of ES, not Amazon.
> Elastic wants to have their cake and eat it too.
That doesn't follow from your preceding statement. Elastic doesn't want to constrain all users of their software by using AGPL; and instead they adopted a license which imposes restrictions only on cloud providers. That's better compared to AGPL for general consumers, if you ask me.
The "have their cake" is enjoying widescale adoption of a liberal open source license. The "eat it too" is thereafter making that license restrictive to shut down competition.
I want to clarify this. Building a SaaS product with Elasticsearch or Kibana on the backend is okay and not prohibited, as long the service is not “managed” Elasticsearch nor Kibana. For example, a music service that uses Elasticsearch on the backend to provide music catalog search is okay. A service that offers site search powered by Elasticsearch is okay. A log search service powered by Elasticsearch is okay (again, provided it doesn’t expose Elasticsearch functionality). We welcome applications built with Elasticsearch or Kibana in the backend, even those that would be seen as competitors, as long as they are not managed Elasticsearch nor Kibana services. The Elastic License allows this, and you can do it for free. See this [item][0] in our FAQ. If you have any doubt, reach out to elastic_license@elastic.co and we would be happy to clarify.
Disclaimer: I am on the Elasticsearch team and work for Elastic; I welcome any and all feedback.
What exactly does `provided it doesn’t expose Elasticsearch functionality` mean? Is exposing KQL via a search field in violation or not? Is exposing the Lucene query language okay or not? Is selling an on-prem monitoring solution that uses ES/Kibana as datastore and visualization interface ok? Is accepting payment from a client to run and maintain that solution in the clients datacenter okay? Is running that solution in a clients private cloud okay?
Can I get that in writing from someone with the power to make binding legal statements?
The problem is never in the clear cases, it’s in the edges. Now, all of a sudden, when thinking about features a legal dimension enters the picture, something that hasn’t been there before.
I agree and find that caveat baffling. "The ability to search a store of information for user-supplied input" is fairly clearly elasticsearch functionality, but it seems that is allowed? They have to be more specific on what this means.
IANAL and I am pretty sure they will need to be involved in a serious way to iron all this out. I have my understanding of the intent, which I would not invest money in at this point trying to prove, and that's as much as I can offer. It seems that you can have users search your data in your Elastic+Kibana instance. What they're precluding is you offering an Elastic instance for your customers to load their data into and then search or offer for search to their users.
I understand the intent, but elastic has proven to create legal confusion despite being warned against it and then sue over it in the past when they mixed the APL source and the x-pack source under two different licenses in the same repo and then sued floragunn over copyright violations. They might be technically correct on that lawsuit, but IMHO they knowingly created that situation.
I’d not say “intentionally” as I don’t think that this was the motivation behind the change. I’d consider it “knowingly” - they were or at least should have been aware that the change was going to create confusion about the license that individual code parts and changes were under. It was pointed out at that time.
Why didn't Elastic release some SSPL v1.1 or SSPl v2.0 with this kind of clarification? SSPL v1.0 is considered by many kind of vague in terms of p. 13 "Offering the Program as a Service".
> A log search service powered by Elasticsearch is okay (again, provided it doesn’t expose Elasticsearch functionality).
You speak as if Elastic has any say in how people use OSS. Why would anyone use the newly hampered version of ES when they can use and contribute to Amazon's truly open fork? Aside from the bad taste left in everyone's mouth from the whole "Doubling down on open" nonsense, all that reasonable people are going to see now when looking at Elastic's software (ES 7.11+) is unnecessary risk and legal ambiguity.
The disingenous market speak on Elastic's blog post was so thinly veiled that it quickly became insulting. It was gross to watch such a shameful justification form on why everyone should be okay that Elastic will continue using the marketing terms "free" and "open". By forcing a well funded fork by Amazon, Elastic may have just relegated themselves into obsolescence.
This might very well have been your intention, but the license you chose (SSPL) is extremely vague in describing this (section 13, IIRC).
For one data point, my company attorneys interpreted that, even if we present a search box in a web page, allowing visitors to search our own indexed data, it could be understood that we "offer a service" -- and thus forced us to abandon Elasticsearch and figure out alternatives.
We might be unique, but I doubt it.
GPL would not solve the problem Elastic has - it's perfectly legal (and in the spirit of the definition!) to take GPL software, host it yourself, sell the hosted service, and not pay the creator a cent.
It's also perfectly legal to run GPL software on a Windows machine without open-sourcing Windows.
`So you are saying if you do open source you must be fine with being exploited?`
And how is a company using open source software exploitative? I mean, isn't that the point of releasing open source software, that companies use it? And aren't companies in the business of making money, so at some level, they are profiting from your work?
Actually the opposite of open sourcing a system like this would be a massive fragmentation of the market with multiple competing proprietary systems emerging and total headaches for users with obsolescence a part of their daily lives. That is the grim alternative, not companies profiting from selling services based on open source software
I have been involved with open source since 2000. I have been a member of the ASF for many of those years and worked with Apache licensed projects throughout. I have been in the position Elastic is in where I managed the employer-sponsored team working on an employer-sponsored Apache licensed project, though thankfully not against a behemoth like AWS.
I have some sympathy for Elastic, but I just do not agree that AWS is doing anything wrong or against the spirit of open source. When they run into things that need to be fixed or improved in the projects they upstream them. The majority of work AWS does is in "operationalizing" the project for their cloud. It might be cool and interesting if they let us see how they do this but it is not like that work directly translates back to the open source project. Anyone that has worked with Google open-source stuff has run into the same issues where there is some behind the scenes magic that Google has internally that the projects can leverage to make them scale better etc.
It is Elastic's right to change the license if they so choose. If they own trademarks that they believe are violated it is up to them to take those challenges to a court and seek damages. Elastic is trying to have it all ways though. They want you to believe the new license is open source .. sort of true but not really. They want you to believe AWS has done something wrong. This I do not buy at all. What is special about Elasticsearch? The entire Internet and the Cloud is running on all kinds of open source software up and down the stack. It is in the interests of the behemoths that run these stacks to upstream fixes and improvements and generally they do. That does not mean they have to contribute the proprietary wrappers they have put in place around them as part of building their business model.
AWS needs to be focused on its customers, not companies like Elastic and Mongo. If its customers would prefer to operate an Elasticsearch service provided by AWS as opposed to Elastic, then that is a problem for Elastic to resolve.
> If its customers would prefer to operate an Elasticsearch service provided by AWS as opposed to Elastic, then that is a problem for Elastic to resolve.
How would you try to resolve that, if you were them?
* Since their license is Apache (most likely because they have an Open Core business model) instead of AGPL, they could offer extra services on Elastic's managed service. Amazon wouldn't able to offer since these parts are proprietary.
* They could partner up with other Cloud Providers (Microsoft, Google, ...) to offer a managed Elastic on these clouds, before these cloud providers do it themselves.
* They could offer other proprietary products that run on top of elastic (managed by them), that would force customers to use their managed service.
They actually do all of these already. Most of their development and marketing for the last couple years has been pushing their add-ons (things like machine learning, threat detection, application tracing), that are only available on their cloud or on-prem with a paid subscription.
So that's what's really puzzling to me, what's really driving this change? Is their considerable revenue from all of that still not enough to justify their valuation and growth? Or is it really just a personal vendetta against AWS?
AWS has a lot of closed source components behind the scene that makes Elasticsearch scale and run reliably in their cloud environment.
Elastic can develop similar closed source components to make things scale – in non-aws environments – in private clouds – in on-prem deployments.
Why does this matter?
There are a lot of those customers – banks etc – who will stay on-prem and medium size cloud customer for whom public cloud is more expensive than private cloud. These are the ideal customers for Elastic.
Among them, there will also be some who will do hybrid – onprem + AWS. Elastic can price their product to compete with AWS's and use their service in both on-prem and in aws seamlessly.
It might be too late, I am not sure really. If the customer wants the service provided by AWS then it is hard to change that. That said, the AWS Elasticsearch service is not that great and it is expensive so there is room to do it better and maybe just offer better support and plugins etc.
I realize that the cloud took off after Elasticsearch existed, so it is hard to fault Elastic for not having a crystal ball, but the time to get the business model right was at the beginning.
When my company chose an Apache License for the product we sponsored it was because we knew we could not do it all ourselves and so we wanted to build and foster a community. So while that means competitors could and did emerge that could take the product and do a better job monetizing, that was the only way for us to get the product we needed. The community was important.
Elasticsearch would be an also-ran without the Apache License and the community around it. Changing the license now because AWS is able to monetize just stinks, IMO.
Given that Amazon's customers are inside Amazon's proprietary AWS environment, I think it's unreasonable to expect that an outside company can meaningfully compete inside that environment. In terms of customer preference, AWS customers will _always_ prefer a product offered by Amazon to a similar offering from an outside company. Amazon will always be less expensive and better integrated with other AWS services.
Amazon customer here. We use Elastic's offering because it has a fairly good management layer. That said, there's a lot of room for either player to improve things. One example is user/access management. Kibana tries to be all things to all people and ends up doing very few of them well. If I never had to log into Kibana again it would be a good day.
Perhaps the issue is that Elastic is getting so little from the Amazon product that they resent, essentially, adding features to the Amazon product for little or no return. Elastic noted that, in their experience, some unspecified number of Amazon customers believed the Amazon product was somehow associated with Elastic. Elastic implied this was a result of Amazon's use of their trademark but all of this is hard to verify or quantify.
RedisLabs fought a similar battle with Amazon, they also ended up making changes to their license. I really do think the issue here is the scale of AWS and the very large pool of customers tied to Amazon's offering: there are so many existing and potential customer using AWS that companies like Elastic or RedisLabs feel they can't write those potential customers off. It seems to me that if Amazon was interested in the well being of those customers, they would figure out a way to continue to receive improvements from these projects instead of forking their own versions.
> The permissiveness of open source was one thought to be "we can all succeed together" and what people get upset about is the fact that this obviously violates that spirit.
I don't actually agree AWS violates the spirit of the license. The spirit of the Apache license is explicitly - "I don't care if you succeed with my code wildly beyond what i achieve, more power to you, just credit me in the byline". I license my own code in Apache usually because that's precisely my position.
There are other licenses implying a different spirit if you want to take a different position - but complaining about AWS because they chose Apache is not a great look. They're certain to lose community developers.
I don't really want to get into the moral rabbit-hole of who's right and wrong as that's clearly super controversial and subjective.
But I did want to add my personal anecdote to serve as a canary-in-the-mine on what effect the status quo could perceivably have on the proliferation of open source software over the long term:
I think we can all agree on the basic premise that having more open source software is a good thing for society.
For the longest time I dreamed of creating my own open source tools and products and simultaneously monetizing it to create a comfortable life for myself and maybe even eventually turning it into something bigger, and leave my mark on the world.
However, as the years past and events like ElasticSearch v Amazon unfolded, I became more and more disillusioned on the realistic prospects of such an outcome.
Today, I'm in the process of building something that would probably see more success in terms of adoption and do more good in the world if it's released as open source software, but at this point I've basically made up my mind to release it as proprietary software to have a realistic shot of monetizing it to achieve financial independence and eventually build a company around it.
Basically I've weighed the tradeoffs and chose to put my own ability to capture the value of what I created over trying to maximize the value my software could create if open sourced.
This was not a easy decision for me to make, but I suspect I'm not alone in having thought about these tradeoffs and reaching these same conclusions. And as more and more people witness the struggles of companies trying to build viable businesses on top of open source software, more and more people could make the same decision, and thus society would be robbed of all the value that having these pieces of software as open source could have created.
I think the chilling effect these kinds of case studies have on the proliferation of new open source software, and the loss incurred by society as a whole as a result, is at the core of what we should be trying to figure out a solution for, not some philosophical discussion around who's in the right or wrong.
(reposting from a comment in a previous submission that got buried)
It's frustrating to me, watching this culture we've built where developers feel they need to be ashamed of making money from their work. There is absolutely no reason for you to feel the need to justify building a business off of your software product, but I can completely understand why you do.
Our "group" spends so much time and effort indoctrinating its members on this idea that profiting from your skills is a bad thing, and that the only true way to be a developer is to give your work away for free as Open Source. Even silly things like negotiating for a market rate salary from your employer are frowned upon as caring only for money.
But that's all backwards. There are good reasons to release your work product as Open Source, and those all share the quality that they give you or your business some tangible benefit. So it's simple: do the benefits of open sourcing your thing outweigh the downside? If yes, go for it. If no, don't. But don't spend even a second worrying about whether it's the "right" thing to do for silly moral reasons.
If there was one thing I could change about our industry, it would be to remove the 5 year Open Source Indoctrination brainwashing session you need to go through at University before entering it. Because we'd spend a lot less time being taken advantage of later in life.
The OP is isn't ashamed but more frustrated because he wanted to do good for the world and is disappointed by the fact that he may not be able to now because gree corporations like Amazon will take all the hard earned work of contributors and profit from it, thus breaking the spirit of open source.
At least that's how I interpreted his comment..
Yeah, I think the fundamental problem we're seeing here is how difficult it is for creators of open source projects to effectively capture the value they create in the world, especially at the higher end of the scale of _extremely_ popular projects that gain widespread adoption and create a mind-blowing amount of value, like Elasticsearch.
I would argue that by releasing a project as open source, we create more value in society than by releasing as proprietary.
An ideal society imo should distribute rewards relative value created in order to incentivize and maximize value creation.
Our society does a pretty good job of rewarding and incentivizing value creation for proprietary projects, but seems to do a horrible job of incentivizing value creation through open source projects.
I think it's in society's best interest for open source creators to be rewarded every bit as handsomely for creating value in the world as creators of proprietary projects, if not more, so we can incentivize the creation of more open source projects.
Have you considered BSL [0]?
The fresh versions are source-available, but older versions convert to open source (GPL, Apache or something) after a few years.
You can still build a business on your software -- as long as you keep developing, no competitor will be able to use up to date version. And people who want to rely on open source can do so, knowing that the software will get open-sourced eventually, no matter what the company decides.
It’s not a chilling effect. It’s how value is exchanged in a free market.
Open source makes sense when many companies benefit economically from sharing resources to develop common software/tooling.
Open sourcing code from inception can lead to adoption and create profits.
At some point that code may be more valuable to another company in some way and they profit from it.
I don’t see Linus Torvalds complaining about companies that profit from Linux but then again Elastic Search has shareholders to answer to and their trademark has been violated.
They're literally describing the chilling effect. It shows a lack of imagination if you think this "free market" is the only way to create valuable software.
PS. In a truly free market, there would be no enforcement of license violations except that which companies could muster themselves, i.e. Elastic would be able to hire mercenaries to loot and pillage AWS' data centres
I think a possible solution to that problem could be a universal basic income, itself funded on the likes of Amazon.
If you had the assurance that you'd always have something to live with, wouldn't you be more open to take the risk of going open-source and see if you can run a business of that ?
I don't know. I've worked for a couple of companies who open source their software and they don't open source because they believe it's good for the world (they may or may not, but it isn't the driving motivation), they open source because it's a near requirement for building a profitable business. It's easier for a no-name company to convince enterprise clients to use your software when the code is open source - it's often a non-starter if your code is closed-source. It's easier to get developers and keep them happy. It's easier to get community contributions. It's easier to get your name out there (you lose a LOT if you have a software product without a GitHub).
As long as open-source is a near requirement for getting traction, I don't think there is much to worry about.
I think you’re right that OSS is a customer requirement in many domains today. But I think the consequence isn’t that companies will open source despite the AWS threat — it’s that tremendously valuable software will never be built in the first place.
I like FOSS and even just OSS and I have good arguments, largely borrowed from others, for why it's good and why we should often use it. It's not a panacea, though. I'm about to write some things that RMS would not endorse.
If the code is your original, differentiating product, go ahead and make it proprietary if it helps you. If there's some code that supports your product, that helps make your product possible, or that complements your product but doesn't really differentiate your work or create a bespoke advantage for your users, then seriously consider making that Open Source or Free Software.
For example, let's say you have a new, great music recommendation technique and that's why people would choose your music player or music web site or whatever. You could build that with an OS DB on the backend, on an OS operating system, using an Open Source language and Open Source libraries and still close the source for your recommendation engine. However, you could still offer a F/OSS client to an API for that for various languages. You could contribute to the projects underlying yours. You might write a whole new configurable data wrangling system that's not specific to your recommendation code but is really useful to populating your database, and you could release that as F/OSS for the community to use. You might make your own front-end toolkit for the browser, or your own websockets code on the backend, that can be used by any application. You'd be able to contribute that to the community as F/OSS without undercutting your main differentiator, too. I kind of think of this model akin to open core, but in this case it's a "Closed Core" with open everything else. Improve everything that's in common with others in a common space, and differentiate your offering in your own different, compartmentalized space. Just make sure the bindings between the parts are at the appropriate level so the licenses don't clash.
Does this mean some competitor could come along, tie all of your F/OSS together, and plug in a different core? Absolutely. If that core's not your true differentiator, though, your plans have probably already gone awry. Making it easy to plug other code in the place of your proprietary code surrounded by an open platform is almost as good for the community as making the whole thing open source, and lets you compete on what you've decided is going to be your competitive advantage.
Clearly, as you say, there's nothing wrong here legally. By choosing this license, Elastic explicitly allowed anyone in the world to do what Amazon is doing now.
Ethically, I can't find anything wrong about this either. As far as I'm concerned, there isn't a "spirit of open source". Open source is a way of doing business. Elastic made a business decision. The company has to live with the consequences.
One could certainly argue far too much power is getting concentrated with Amazon and other web giants, but that's an entirely different subject...
I think it does say something about the future of the open source model though.
Namely, that if you have a company that offers something like a database as a service, search as a service or some other API, and plan to support it's development by offering your own managed service - DO NOT OPEN SOURCE IT WITH PERMISSIVE LICENCES, AMAZON WILL UNDERCUT YOU. AND THEY WILL ALWAYS DO IT CHEAPER BECAUSE THEY DONT HAVE TO FUND FURTHER DEVELOPMENT.
Take an example what Amazon did with Mongo - First they launch a closed-source competitor (totally fine) but then they also take Mongo's source and rebadge it as their own fully-managed DocumentDB (Mongo 1.6 but with closed source additions). It's having your cake and eating it too. There's nothing legally wrong with this, but I do think this is market abuse (because they can only do this because of AWS market penetration) just to make the worlds richest man richer.
'AND THEY WILL ALWAYS DO IT CHEAPER BECAUSE THEY DONT HAVE TO FUND FURTHER DEVELOPMENT.'
Well, they DID actually contribute patches as the whole ES project was 'upstream-first', this is mentioned in the post with proofs.
From what I can find online, it looks like DocumentDB is actually a layer on top of the AWS Aurora PostgreSQL offering. This means they created a MongoDB compatible API, but are not offering a hosted mongodb cluster. (https://news.ycombinator.com/item?id=18870397)
Without wanting to come down on either side of the argument I'd like to say that the Pull Requests they reference in the blog post are over a span of roughly two years and touched somewhere in the vicinity of 1k lines of code. One of them changed one line by adding a synchronized modifier to a function..
I'd not consider that actively developing a product and adding new features.
Even if MongoDB was closed-source, it would not stop anyone from creating a product that was compatible with the MongoDB API. Put another way, your API cannot be your USP.
Lots of companies offer S3-compatible APIs, for instance. They compete not on the API, but around reliability, price, features.
Of course, we have Oracle v Google coming up in the US Supreme Court, so things could change, but this is the way things are now.
Part of the reason elasticsearch is popular is because they choose a very permissive license. That was the tradeoff they accepted for getting such high market share.
> By choosing this license, Elastic explicitly allowed anyone in the world to do what Amazon is doing now.
> Elastic made a business decision. The company has to live with the consequences.
Everybody should be allowed to change its mind when presented with new data or circumstances.
> AWS knows that if they take too much of ES' market that they won't survive. If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported.
Or Amazon (or a third party) may take over maintenance of ES if it's worth it to them. That's the whole point of open source.
> You can frame this question in terms of ethics, you can frame it in terms of licensing naivety, you can frame it in whatever way you want but Amazon is doing what it always has done: exploiting smaller businesses in its goal to become a conglomerate.
There's no exploitation here. ES are grownups and responsible for their own business decisions. Amazon is outcompeting them by providing a better service to their clients.
> Edit: a lot of people talking about the license forget that there's an entire spirit to open source. The permissiveness of open source was one thought to be "we can all succeed together" and what people get upset about is the fact that this obviously violates that spirit. The businesses set up to back companies like Elastic Search were setup to sustain the project while continuing to empower it's creators to take their vision further. If Amazon takes the pie, that doesn't happen. At best, the creators are now Amazon employees and have to follow their desires. Just because you can exploit a license, doesn't mean you should.
The whole point of "open source" as distinct from "free software" was to get away from all the ideological baggage and focus on pragmatic licensing that would appeal to businesses. Guess what: it worked.
> Amazon is outcompeting them by providing a better service to their clients.
I wouldn't necessarily say AWS' ability to use ES as a loss-leader for their Data Transfer charges is better for AWS's clients in the long-run. I can certainly see the argument for calling it exploitation.
For me, exploitation has always required the exploited party not having a choice. Customers of AWS ES vs. Elastic ES definitely have a choice in this matter and have done so deliberately.
Due to the market share of AWS for many potential customers it will come down to a decision between
a) click here in the aws marketplace and have my service added to the invoice my company gets every month anyway
b) start the painful process of onboarding a new vendor, get a quote, have procurement haggle with them for months etc etc etc. (overstating it a bit, I know)
And that is where to me it becomes a question of using/abusing your position in the market to a certain extent..
Oh I'm sorry, I'm referring to AWS exploiting the free software, not their customers, but I can see how I was not clear.
The rest of the 500+ comments here do a good job arguing both sides of it so I won't rehash that. Just saying that I can see that AWS taking the free thing and using it as a loss-leader (i.e. no possible way Elastic can compete) could be construed as exploitation of the free thing.
First-off, it's not clear to me ES is a loss-leader for Amazon, they seem to charge for it commensurate with their other hosted services, which from their filings all seem profitable.
Even if it is though, I'm just not sure I find the idea of free software being a loss-leader a bad thing. Having a loss-leader implies that AWS is providing + capturing value elsewhere. In this case, you assert this is from Data Transfer. But regardless of where the cost-centers are, AWS is delivering value to their customers and charging for it. There is competition in the cloud space, and in all honesty moving clouds generally isn't a huge deal, at least if you've architected your systems with that in mind (which any SysAdmin worth their salt should be doing in 2021).
The fact is, customers like having all their cloud managed under one roof. Customers like the exceedingly strong uptime guarantees provided by AWS. If customers have choice (which they do), and they're choosing AWS, why is it a bad thing if Elastic can't compete? If AWS is winning, it's because they have a holistic offering that customers like better.
> The whole point of "open source" as distinct from "free software" was to get away from all the ideological baggage and focus on pragmatic licensing that would appeal to businesses. Guess what: it worked.
Which OT1H is a valid reason not to go all "spirit" and "ideology" in business; OTOH, if what you're all about is spirit and ideology, it's a valid reason to stop thinking what you're doing is "Open Source" and go back to the original "Free Software" terminology.
As I think someone else mentioned already in this discussion, the term "FOSS" does more harm than good by conflating these different things, and should be avoided.
Disappointing to see Kodah discounting all the open source contributors to ES. Please read this before you support folks like Kodah and Elastic hijacking ES.
In short - this feeling that Elastic owns Elasticsearch (other than maybe trademark) is totally false. Many people
contributed and adopted BASED on a real open source license.
Interesting take, and I can see why Drew feels it's valid. He's ascribing to the maximalist interpretation of open source licensing. Licensing which never had any idea that Open Source would one day take over the world, licensing which never could've imagined that cloud providers would begin to undermine and influence projects to their own ends.
The problem that Drew is willfully ignoring here is that corporations see an opportunity in open source licensing to hijack projects, which I would remind you is exactly what is happening with Kibana. The control shifts away from the thousands of contributors and gets a board of engineers employed by corporations. Once these projects land in corporate control there's no denying that their culture and terms change. The CLA's he wrote about will surely be enforced, and if everyone ascribes to his belief system then the project will delve into chaos.
Corporations like ElasticSearch were setup to sustain the project that is ElasticSearch. If you destroy them, then you will get Amazon's vision of ElasticSearch, not what the contributors chose, certainly not what the creators chose. When forks happen, they happen. There is a big difference between some random or influential person forking Elastic Search and a conglomerate, who is really only forking it because they intend to undermine the business that was setup to sustain the project in the first place. Want to see a fork I was completely fine with? Look at Gogs versus Gitea.
The fact that they cleared a billion dollars is so arbitrary. At what threshold should anyone with principals and a backbone stop caring? At what point should someone like me not care if a conglomerate comes along to replicate and wipe out SourceHut? This has nothing to do with ElasticSearch and has everything to do with corporations flexing power, power which has repeatedly been used to influence and undermine projects in the open landscape that doesn't make it quite so open anymore.
Indeed, BSD projects have always provided corporations with free labor.
The BSD operating systems themselves have been largely spared from hostile forks because they are too large and no corporation wants to maintain a fork, macOS being the obvious counterexample. But even macOS cannot eclipse FreeBSD.
Smaller projects should be wary. The should start with AGPL and resist efforts coming from corporations or other open source projects to strongarm them into downgrading the license to BSD or MIT.
Especially when such other projects have convoluted licenses themselves that are only declared open source by fiat due to their historical importance at some point.
"At what threshold should anyone with principals and a backbone stop caring?"
Good lord - the views on HN are wild. I'm aging myself, but open source licensing (used) to not be that complicated.
The principles of open source are being violated by Elastic not AWS - just so we are clear. That is not so complicated.
If Elastic wants to make it so contributors to the software have FEWER rights than Elastic, that is fine, but that is not open source.
The principles of open source are normally that if I contribute to something that is open source licensed, that I can then use the code in the same way as anyone else. That includes hosting it for myself, doing a small consulting practice to build out some hosting for others, doing shared service hosting etc etc.
This is a live view of a new generation learning about the difficulties of market competition.
We're seeing this pattern in several contexts in the industry: Rather than compete, which requires listening and responding to customers (talking to people is hard), they prefer a magic wand (a new license, or regulation or something perceived to be "easy") to force large successful companies (which they see as immutable fixtures that can never be defeated) to break up or neutered so that smaller entrants can succeed.
"Be careful what you wish for". Smaller entrants aren't necessarily more ethical nor do they offer a better service than large incumbents. It really varies.
Elastic is a public company worth 15B dollars now. Not the underdog.
> at what threshold should someone ... stop caring
You’re not caring about OSS, but about keeping your turf and “ownership” of a product that is not yours. There really is no question here that Elastic is the one doing the “corporation” move and not the other way around.
> to undermine the business that was setup to sustain it
Successful OSS don’t need one business to sustain them, they rely on the combined efforts of their users - including Amazon. They have no reason to undermine a project that makes them money.
If you’re simply thinking of size, consider Amazon is a 500x more diversified business. I doubt they pull anywhere near as much revenue as Elastic does (half a billion/year) from their Elasticsearch hosting alone. Apples and oranges.
I was thinking in terms of AWS, which while more diversified has lock-in, and someone who's already using AWS is probably never going to use ES own cloud hosting
Exactly - I once used a more full stack provider, and we checked to make sure their stack was open source for key areas we spent time on, so if we wanted to switch to another HOSTED provider, all our config files, etc etc would still work - but the other providers also HOSTED this software - that wasn't considered a violation by anyone. This was before the days of the mega providers like AWS - where now I think you just have to accept lock-in - but AWS has never raised rates so it's not as scary as doing an oracle lock-in as an example.
From where i am sitting, it looks like a bait and switch: use the permissive open source license to get popular, once you are popular, switch to closed source license.
Which is not to say what they are doing is wrong, they are just as much within their rights as amazon is.
> The permissiveness of open source was one thought to be "we can all succeed together"
I think that's BS if you are talking about bsd-style licenses. Maybe i could see an argument about spirit violations if it was a GPL-family license, but the entire point of bsd style licenses is so that businesses can take the code and adapt it to their business needs.
> ES and other companies have a business that sells a managed version of their product. This is how they sustain developers to continue working on Elastic Search. This model has worked for companies long before cloud providers were a thing. What AWS and others basically did is create identical services, keep all the profits, and exploit gaps in Open Source licensing to this end.
First, Elastic sells a buckload of licenses for on-premises ELK, which is a vastly bigger market than managed services. And second, how is Amazon different from "other companies" you mention? Just because they're bigger and have a ton of experience with managed services they should be forbidden from offering managed ELK?
If you believe that just because you can exploit a license doesn’t mean you should, do you believe Elastic have wronged ElasticSearch and Lucene’s contributors by not compensating them(other than those that are employees)?
I don’t understand the argument that a company should get to “own” all the profits for a particular FOSS project.
Its not exploited. There are several other license options Elastic could have used other than the one that says "Do whatever you want".
The license communicates to others how you approve the usage of your copyright work. If you aren't communicating "do whatever you want" don't pick a license that literally says "do whatever you want".
> Edit: a lot of people talking about the license forget that there's an entire spirit to open source.
Richard Stallman, Bruce Perens, and Eric S. Raymond, the people who invented Free Software and Open Source, all specifically said, at the very creation of the god damn licenses, that this would happen, and was perfectly fine. They specifically wrote their licenses to allow this. It's not an accident or exploitation, it's a fundamental part of what they exist to serve, which is the user's rights.
The Open Source Initiative, Debian, and Fedora, have all banned licenses like SSPI which exist solely to punish cloud service providers. If that's not the open source spirit telling you where you can stick it, I don't know what is.
You are trying to twist things here. If the people who invented the thing said this is to be expected, then it's part of the spirit.
I don’t agree with you at all, and find your argument completely stupid. I don’t think there is anything twisted about it. The software was released under license terms and as long as Amazon is complying with them there isn’t a problem, it’s really is that simple.
And really this is much ado about nothing. These fork fights are sometimes interesting with bit players, but the FAANGs of the world they could just build a tool like this from the ground up if necessary.
I think, while correct, your argument is not addressing the point these commenters are making. The line of argument you are responding to seems to be based on the under-defined, and somewhat ephemeral, ‘spirit’ of open source software. The reasonings seems to be that open source software is done in some spirit of mutually and reciprocally beneficial manner. This ‘spirit’ is separate from the terms of software licenses and, it seems to be implied, that it should be seen to supersede the bare terms of a license. This reasoning is then used as the basis of ethical usage of open source software. So, when Amazon takes a piece of software and uses it not in the ‘spirit’ of open source, their compliance with licensing is irrelevant. I don’t particularly agree with this point of view, but I get the impression many people do.
If there is a "spirit" to open source, it's a lot closer to "I can take software that you released and use it however I please, while also possibly releasing my changes so that you can do the same" than "Because I wrote this open source software, I am entitled to some arbitrarily defined 'fair' level of financial rewards, despite not giving my business model much thought."
When it comes to the "spirit", the people criticizing it seem to be talking about the "spirit" of Stallman and Free Software; the term Open Source and the OSI as an institution were explicitly built on friendliness to running side by side with proprietary software and to third-party commercial use.
Nope I get it and I think it’s absolute bunk. And while I grant others are entitled to their opinion I think the implicit dismissal of my (not uncommon) opinion is condescending. As pointed out RMS doesn’t support this idea, and while he’s not some absolute moral authority I’d say it’s a strong counter argument to some absolute consensus on a “spirit” of free or open source.
Why does Elastic deserve to be deferred to here, though. They are making the license overly restrictive. Now I can’t start my own ELK stack hosting company. Meanwhile Amazon will likely benefit more users by keeping ES and Kibana open in a way that encourages their use and encourages contribution. I’m certainly not going to submit patches for Elastic’s forks now.
For people who believe in this, please study your history — look up the claims and counter claims around Emacs, specifically how it was created, commercialised, and then liberated (then forked and merged again).
“Good intenshuns” (my somewhat humorous term for “spirit”) is no way to settle even moderately complex commercial disputes — say for a text editor which in those early days of late 70s/early 80s, had very niche appeal and a small user base.
In the 21st century, with bigger markets and more money at stake, “good intenshuns” matters even less and this is why we have a bevy of F/OSS licenses to suit every need.
It’s very telling that RMS needed to create a license to support his vision of Free software. Perhaps from his experience he realised that legal code was the best way to enforce desired behaviour.
> "If you can run our product on your own, you get it for free"
Except that's not how it works with Elastic. I know at least one company (Acme Inc) that doesn't offer anything like Amazon, but does have clients who can access their "own" (client-specific) data hosted in Acme Inc's Elasticsearch cluster; it's a somewhat marginal (but still important) feature in the product, yet still, due to it, Elastic maintains that Acme Inc resells Elasticsearch and thus needs the "Enterprise" license to be in compliance.
So, Elastic are not only going for AWS and people who cannot host their own Elasticsearch, they are going a bit wider than you imply here.
> This model has worked for companies long before cloud providers were a thing.
That's not really accurate, is it?
Few if any open source companies has survived on a monopoly on hosting the product. MySQL doesn't do it at all, netiher does Red Hat, and many others. Those who do bundle it with support services for added value. They have to compete in the open market after all. They don't claim to have a monopoly.
Wordpress makes most of their money from hosting, but they don't go after AWS or any of the thousands of smaller companies all over the world that host it. Their exploding market share has been more than enough to sustain their own hosting business. And it does seem like Elastic is in a similar situation, with their hosting business still rapidly expanding.
Forget Amazon for a second. I know many people in the web hosting business and pretty much everything they host is open source software. If this is a precedent, if the opinion that hosting is morally wrong gets widespread, then that would affect a whole industry.
This comment kind of highlights how pointless this debate is.
If you go off of what the law says, how this open source license works, and the understanding that all businesses are competing to make money, what AWS did here seems pretty reasonable and perfectly legal.
If you come at it from the perspective that AWS is always evil and the little guy is always good, you’ll view this as a terrible injustice. There’s not much substance to the justifications here, seems like you had your mind made up and then half heartedly tried to backfill some sort of reasoning. Just assert that everyone else has it twisted, of course AWS always exploits, try to evoke the spirit of open source as if that’s a single, easily defined quality.
Allowing others to fork for profit and give nothing back is entirely the point of permissive licenses.
"Permissive" means exactly that developers are permitted to give nothing back. Licenses without this permission are generally copyleft.
> The permissiveness of open source was one thought to be "we can all succeed together"
Not at all. That's the spirit of copyleft. The spirit of permissive licenses is that "I don't want developers to have to give anything back."
Usually this is done to deliberately allow private companies to profit off of the work without having to disclose their proprietary improvements. That is, presumably, why MIT and Berkeley licenses are permissive: they moved IP out of the university system into silicon valley as a type of indirect economic stimulus.
> This model has worked for companies long before cloud providers were a thing.
The open core model never got much sympathy from the community or customers. The only reason there are people siding with ELK here is because the other side is the eminently unlikable Amazon. It also never worked very well.
Yes, you can sustain a company with it, and even make it large. But it's limited in size and any idea that you can get VC money on a large evaluation and things will go smooth is ridiculous. The model also has a limited lifetime, after what you'll see your business slow down or you'll have to fight against your customers. It certainly can last enough to make people rich, but it's not sustainable, unless you diversify your software. None of that is caused by cloud providers.
> ES and other companies have a business that sells a managed version of their product.
Therein lies the flaw in the argument. If a company decides to develop something and open source it, it's not a product. If the company chooses to assign their time and resources to help develop it, great, but the moment it no longer becomes beneficial for them to keep supporting it, they'll drop it and leave it to the community.
Many companies invest time and resources into furthering open source projects without being the owner/creator of it. This is no different, whether they created it in the first place or not - they chose to open source it.
Building your business around something that you give away for free will always be a terrible business model.
> Building your business around something that you give away for free
Although it’s great for new entrants to the market who’re looking to build mindshare and marketshare. Because it’s hard for incumbents to compete with Free.
“Open Source bait and switch” has been a thing for a while now. Elastic is just the most recent/high profile example.
If every legal agreement were interpreted by internet commenters' impression of its "spirit", what's the point of all that fancy language anyway? There is no universal definition of "open source/FOSS" or what its spirit might be, which is why everyone uses concrete licenses.
It's Elastic's fault. I support their new license and wish they had picked it from the start; but they didn't. If you explicitly grant someone permission to use your hard work in a certain clearly defined way, you can't be surprised when someone uses it in that way.
If taking an open source product that is released under a license that allows you to use in some ways and then using it that way and making money off it somehow is considered to be "exploiting open source" then yes, Amazon is guilty of that.
I for one wouldn't use that word in this use case. They are just one of the many companies that legally use the product to make money with it.
EDIT: While on this subject, does that mean Amazon is "exploiting open source" by building and selling products using their own Android fork off the open source code and not paying Google for it? :)
> AWS knows that if they take too much of ES' market that they won't survive. If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported.
I don't get how you came to this conclusion.
If Elastic goes bust, why would Amazon suddenly drop support for product? They have customers paying millions for the service, why the heck would they drop it?
If anything I would expect Amazon to keep the service and work harder to ensure good service, so they can absorb that portion of the market not being served.
I dont't agree with "If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported."
Unlike Google, Amazon is fantastic about supporting older AWS products. I can't think of any off hand that are completely gone. There are some that might be deprecated that you can no longer create new ones of though. An ancient database service comes to mind but I can't recall it's name.
So Amazon forking ES is then ensuring that if Elastic dies, ElasticSearch doesn’t go away, right? Part of the problem here really is that if I am using AWS for the rest of my stack, why would I run my search elsewhere, introducing latency, etc? Elastic’s opportunity was to approach AWS and try to get bought. But their business model really isn’t as good as it seems.
So if we assume the level of service is not much better, AWS is the more prudent choice, no? So trademark issues aside, AWS does ES better than Elastic?
To me that would depend on whether AWS Elasticsearch is actually profitable at that price point, or whether they are running at a loss to grab market share.
The quality of the service you get depends on if AWS makes a profit?
Also, do you think they make a profit on the bare EC2 instance? If so, why do you think that running a few management scripts that manage ES running on it would add up to more than $0.094/hour?
After all that twisting you're doing, not clear if you understand what the ALv2 is about. It is what it says, not whatever subjective "spirit"s you're trying to twist into it.
To add a voice in support of your comment, I agree with you. Amazon and others is why we can't have nice things.
I'll quote Bill Burr here:
> Just because it's legal, doesn't mean it's right.
And just because you can, doesn't mean you should.
Because of this shitty behavior, we will need to write new licenses to restrict who can do what with our software. Society moves at the pace of its slowest members. I guess for opensource, that's "at the pace of our most exploitive and cut throat business".
It feel like live by the sword, die by the sword to me.
Elastic because a highly successful business off the product being open source and then leveraging that into funding and enterprise licensing and maintenence.
To turn around after and go 'we love open source... No not like that' is disingenuous at best. The license choice was always yours to make, you took the one that gave you the best growth model that got you here.
Nothing about the new ES license would've prevented me from using it for free in the previous places I've used it for free, as far as I can tell.
Yet it would've prevented AWS from undercutting their paid offering in the place I'm at now that would rather pay for it than self-host it.
The lesson I'm taking away from this is just use a license like they're using now from day 1. Totally "open" open source only works if everyone is a good actor, which was never a realistic assumption, but it took a while for that naivety to cost so much, I guess.
> Totally "open" open source only works if everyone is a good actor
Totally open source works fine, it's when you try to mix open source with a controlling entity and a business model. You can only get away with that as long as you've got a lock on expertise and development. As soon as a significant portion of development and expertise is coming from outside, what makes the original business entity any more appealing than those others (as in this case)?
One way to stave that off for a while might be to make sure you're releasing new features you've developed at a good clip, and as you've developed them you're naturally going to have more expertise. That likely only works for so long though, most projects hit some level of maturity eventually at which point new features are somewhat superfluous, and might even be detrimental.
I think the bottom line is that if a business is based on an open source product then that business should be looking at it as something with a life, and a coming natural death (of being able to be the only/main support company for it at least), and plan accordingly. It might not happen, but you can't count on it being exclusive forever, especially if it's actually lucrative.
> Totally open source works fine, it's when you try to mix open source with a controlling entity and a business model.
Trite as it may sound, open source isn't a business model. For a profitable business, you need something unique, a moat that competitors can't cross easily. Open source can certainly be part of that model, for example by increasing the value of your core assets. Or as Joel Spolsky wrote many years ago, commodify your complement.
Google, say, releases a lot of OSS. Guess what they're not releasing? The data they have hoovered up of practically every internet user, that they sell to their customers (companies that buy advertising, not the users). "Data is the new gold". They release tensorflow under a permissive license, not the data they're training and running their DL models on. They release Android for free, as that lowers the cost of phones and drives more users into the Google online empire, giving them ever more data. Again, "data is the new gold", "commodify your complement".
(Not picking on google here to say that they are good or evil, just an example of how you can build a spectacularly good business while also releasing a lot of OSS)
Or for all those VC-funded corps popping up trying to build OSS databases and seeing it doesn't work out (Mongo, Elastic, etc.), build a database, not a database engine. Data is the new gold, software, particularly OSS, is a commodity.
> I think the bottom line is that if a business is based on an open source product then that business should be looking at it as something with a life, and a coming natural death (of being able to be the only/main support company for it at least), and plan accordingly. It might not happen, but you can't count on it being exclusive forever, especially if it's actually lucrative.
Amazing. I think capitalism wouldn't be hurt if occasionally companies made the choice to end themselves "get out while you're no top" and distribute their wealth to the stakeholders, ideally with some sort of bonus to the terminal employees. Of course, the employees might not like that, but it is an attitude of entitlement (if an understandable one) to think that you should have a job for life.
Agreed. This is quite insightful bit from kbenson. It explains well the mystery I was wondering for a while: why company wrote the code in the first place cannot compete successfully against others who supposedly have less expertise and has to rely on license change to defend their moat.
Software matures, and the expertise transfers to many other people while it matures. That shared expertise enters into public common for good. Natural and beautiful.
> Nothing about the new ES license would've prevented me from using it for free in the previous places I've used it for free, as far as I can tell.
Maybe. I can no longer tick the "does it use an approved open source license" compliance checkbox any more. Sadly, for me, there's now a very strong incentive to move forward with an Apache2.0 licensed Amazon fork instead of the Elastic one.
I would call this MongoDB'd themselves. Except that also would imply that people are still interested in MongoDB. I think their license move probably just accelerated the decline in interest in their product.
Mongo adoption has risen at a rapid rate, and cloud services now make up nearly 40% of their revenue (which, in turn, allows the company to push those $$$ into the core product). Your statement, while a common view on HN, is not correct. Just because tech bros have moved on towards other interests has not meant that adoption of Mongo has faltered.
(I am not affiliated with, nor own stock in, MongoDB, Inc in any way)
Not everything is a cloud-based VC-backed startup. As big as AWS is, they still miss out on a giant chunk of companies who don't want or are not allowed to go into the cloud, which is why AWS-on-premise exists.
The article does say they made 230+ contributions last year to the OSS Elastic is (was?) built on. Not sure how one counts those, but perhaps it helped Elastic as well?
> Yet it would've prevented AWS from undercutting their paid offering in the place I'm at now that would rather pay for it than self-host it.
Key word here is would've. They were already Apache 2.0 until 7.1.0 therefore this change will have absolutely no effect on Amazon's business; all it will do is encourage the develop of high-quality feature-rich Apache 2.0 forks while hurting Elastic's brand image - rightly so - because they're (a) no longer an open-source company [except for beats/etc which only works in the context of the now-proprietary elasticsearch/kibana], and (b) they outright lied to the community when they claimed that future versions of their open core would always remain Apache 2.0
This is where the Free Software, ideology, and the "open Source" ideology really show its difference
I view SSPL as a Copy Left style License for the SaaS age.
They picked the wrong license in the first place with Apache, they should have used GPL, AGPL, or some other copy left anyway
I generally oppose Apache, MIT and other non-copy left license exactly because it allows Amazon and other large companies is leech off the work for their own commercial offers while giving nothing back
I do note that the original "open source definitions" were drafted back in the late 90s (and from memory, built on older pre existing Debian docs of similar nature).
The world was different back then, I wonder what the authors of those docs would have considered "user freedom" to be in the age of AWS/GAE/Azure?
(I guess Stallman, for all his flaws, is a reasonable guide to what the free software movement would have thought. It'd be illuminating to hear his opinion on these new licenses. I suspect I know the answer, and it'd very strongly agree with your comment...)
Users is not just end users. AWS and others are users too and Stallman wants them to have the same freedom to use and modify software as I do. We have the same rights and responsibilities. Even Elastic is a user of the software.
I respect anyone who follows a license, I respect anyone who want to relicense a software and I respect someone who forks a project. I don't see any fault anywhere here.
I think they’d ask: In what way is AWS, GAE or Azure restricting your freedom to use free software?
If those companies customize your code and don’t recontribute it, that’s what the AGPL is for.
The SSPL doesn’t actually help with this problem. It removes your freedom to use the software in certain ways. It is a pecuniary license designed to sell you a more permissive license.
So, let's pretend I'm Amazon and I'm offering a SAAS Elasticsearch product. You need someone to manage your Elasticsearch for me, so you pay me. Internally, I'm running vanilla, unmodified Elasticsearch, which talks to a management layer of proprietary code that interfaces with the rest of AWS.
What right is being violated here? You as a user can run your own Elasticsearch software; I haven't modified it and thus I don't need to publish anything specific. What the SSPL says is I must publicize my entire SAAS product - but the user isn't paying me to run their own Elasticsearch SAAS product, they're paying me to run Elasticsearch.
So to call SSPL copyleft is totally absurd.
Now, there's a broader discussion that you raised of whether the open source definitions are out-of-date or not. Personally, I don't believe so. I don't see how any of the newer developments in the space (public clouds, managed offerings, etc) materially change anything; indeed the whole point of OSS is it's based off of deep principles.
According to Stallman at least, the principles of "Open Source" are much less deep that the principals of "free software". His opinion says the "Open Source" philosophy is based off watering down "free software" principles.
"The terms “free software” and “open source” stand for almost the same range of programs. However, they say deeply different things about those programs, based on different values. The free software movement campaigns for freedom for the users of computing; it is a movement for freedom and justice. By contrast, the open source idea values mainly practical advantage and does not campaign for principles. This is why we do not agree with open source, and do not use that term."
I guess you and Stallman agree there, and that permissive open source licenses are totally up-to-date with modern cloud computing businesses and business practices and that Elastic and their choice of Apache2 are getting exactly what they signed up for. And that "free software" licences especially the viral ones exemplified by GPL/AGPL are also still relevant in 2021, and having chosen one of those would have given Elastic.co what they claim to be demanding... (I think I agree there too.)
> And that "free software" licences especially the viral ones exemplified by GPL/AGPL are also still relevant in 2021, and having chosen one of those would have given Elastic.co what they claim to be demanding... (I think I agree there too.)
I think we agree up until this point, at which you fall into a trap. This is the same trap I was trying to avoid by giving my SSPL scenario above.
A copyleft license like GPLv3 does not prevent a business from operating a SAAS business.
AGPL would apply, but it only triggers upon modification. So as long as Amazon doesn't modify Elasticsearch itself, they don't have to publish anything (because there's nothing to publish), and if they do modify, they have to share just those changes. Which is very fair to me from a copyleft perspective.
Now SSPL tries to go further and say for merely using the software in a certain way, you must release not just any changes to the software itself but also everything around the software. That is what makes the SSPL neither open source nor free. (I guess I don't actually know how "free" is defined, so I can only say for certain that it's not open source, but I don't think SSPL even counts as copyleft)
> What right is being violated here? You as a user can run your own Elasticsearch software; I haven't modified it and thus I don't need to publish anything specific.
I as a user can no longer fix bugs in the Elasticsearch that I'm using. So I don't have the four freedoms that copyleft is all about protecting.
> What the SSPL says is I must publicize my entire SAAS product - but the user isn't paying me to run their own Elasticsearch SAAS product, they're paying me to run Elasticsearch.
That's like "I'm not blocking you from going into the building, I'm just blocking you from going through the gate outside". The point of copyleft licenses is that you need to give the user everything they need to run (or hire someone else to run) the same software (or their patched version of it) the same way.
Elastic marketing did not come up with describing AWS or any of the other big tech companies as leeches. That has been around for a very long time
I am aware FSF would disagree with my position, AGPL is better than SSPL.
As to OSI, I have losts of issue with OSI as an organization, and when they state "But Elastic’s relicensing is not evidence of any failure of the open source licensing model or a gap in open source licenses. " they are simply wrong
There is a clear gap in open source licenses when it comes to dealing with SaaS, the fact they do no see this gap is very telling.
the Free Software community saw this problem and thus the AGPL was born, something like AGPL is needed for open source, but OSI refused to even acknowledge there is a problem let alone look for solutions to it
//And no Free Software is not the same as Open Source Software, they should not be linked as being the same
edit:
>>User freedom is the whole point.
Free Software is about user freedom
Open Source is about Developer Freedom, that has always been the big difference.
Apache, MIT, BSD etc are all licenses that allow devs to take code, use it in commerical products. That is why you see places like GitHub default to these non-copy left licenses.
Free Software is about copy left, GPL and the like. Because it gives USERS freedom
I think you have zero interest in Free Software. You want “Free Software except in the ways I don’t like”.
AGPL was about ensuring user freedom by requiring server hosted source code modifications to be contributed back to the community.
SSPL isn’t about that. SSPL removes freedoms from using the software for no principled reason other than to allow a copyright holder to make more money by selling you a less restrictive proprietary license. It isn’t copyleft, it isn’t free, it isn’t open.
Hmm clever editing I can see we are not discussing in good faith.
You built a nice strawman to tear down around my “They are simply wrong” quote using it out of context
How about you address what I actually said OSI is wrong about, they are wrong about the fact that there is no gap in Open Source licensing when it comes to SaaS Sevices. SSPL may not be the best solution to it, but completely rejecting the clear problem is how you end up with less than perfect solutions like SSPL.
I am trying to argue in good faith. I’m not editing anything, I just don’t understand your argument.
I don’t see what the clear problem is with open source licensing. AGPL solves the problem of SaaS providers modifying your software without freeing their modifications, if that’s what you want. AGPL is also an OSI approved license. What more is missing?
If you want to have a business model like Elastic, then open source is simple not right for you.
This is what the OSI Board of Directors says.
It's a different discussion whether this is a good business model, but it's not like op has no point here:
What's missing is an open-source license for products whose profits accrue due to being run as SaaS.
If you're just going to say: "This is not possible with open-source licenses", then that's the gap.
What people actually want to do is exclude about 10 or less companies from selling their software at no own cost, while keeping it open-source for everyone else.
And OSI says this is not a use-case for any of their open-source licenses.
Maybe there should be a license for that.
I don't know.
The OP has a point in that everyone wants to be popular, famous, make lots of money, and also do it while being perceived as a saint.
Forcing profit accrual in your software license is easy enough. The hard part is to grow a community & popularity the way open source licenses have proven, when you have such restrictions in place.
This is only a "gap" in the sense of the grand injustice of the universe, as the Rolling Stones said, "You can't always get what you want".
'What's missing is an open-source license for products whose profits accrue due to being run as SaaS. If you're just going to say: "This is not possible with open-source licenses", then that's the gap.'
Think about what you're saying for a second.
1. Free software & open source is fundamentally opposed to user restrictions of any form, this is "Freedom Zero" and literally the whole reason the movement was created and got popular.
2. You can't create an "I GET THE MONEY" restriction and still be open source or free software, or accrue anywhere near the popularity and community goodwill you'd otherwise get
3. Therefore this is a problem?
Open source contributors have limited interest in your profits or business model if it means compromising the most essential point of it all. Open source is not a business model, and never was meant to be. Plenty of open source companies made lots of money without restricting user freedom, and they did it while AWS and others existed.
All of the tech leadership and excitement in dev communities today (Docker, Serverless, Kubernetes, Kafka, Spring, Rust, Golang) etc. is driven by open source, not by the clouds' proprietary services.
'What people actually want to do is exclude about 10 or less companies from selling their software at no own cost, while keeping it open-source for everyone else... Maybe there should be a license for that.'
Licenses like this have literally existed for over 30 years. "Everybody but Microsoft", "everybody but IBM", "everybody but the military". They're out there in spades.
Good luck, have fun. Build amazing software and build a community!
Except, these violate "Freedom Zero", the most essential point to why FLOSS was created: freedom to use, no restrictions. You might have some challenges gaining community support because of this.
"The lack of usage restrictions in its licenses is key to the success of free software. A world of proliferating and potentially conflicting usage restrictions, each seeking to address a different social cause or need, would introduce so much friction that the tremendous democratic social benefit brought about by the free sharing of software – including the empowerment of individuals to effect social change in unjust institutions – would be undermined.
Just because a license is not the right place to enforce ethical software usage doesn't mean we don't recognize the problem, or respect the people raising it. We should encourage and participate in conversations about the ethical usage of software. With the ground rules of free software as the baseline, anyone can build systems to specifically promote ethical use."
> I generally oppose Apache, MIT and other non-copy left license exactly because it allows Amazon and other large companies is leech off the work for their own commercial offers while giving nothing back
Like Elastic "leached" of Lucene? Elastics whole business model depends on Lucene being under the Apache license. If Lucene followed your suggestion (funny enough, Lucene used LGPL very early in its history) Elastic wouldn't exist at all.
That is largely hypothetical and one does not know if Elastic would taken a different form is Lucene would have been under LGPL, nothing in LGPL would have prevented it, and maybe Elastic would have chosen LGPL themselves or even AGPL which I personally would have preferred over SSPL but I understand why they choose SSPL and 100% reject OSI's position that is a non-open license, it is a non free software license, but it is IMO an Open Source license
SSPL is marketed as copyleft, but it really isn't. AGPL is. SSPL requires not only that you open source modifications to the software, but also that you open source "management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software" that you use to operate the licensed software.
If you want to offer ElasticSearch as a service, you have to open-source your entire hosting stack including UI. God help you if you pay for any proprietary software — you literally can't satisfy these terms. Notably, Elastic itself doesn't have to do this for its own hosting service, because of course it can't satisfy the terms: no hosting company I know of can.
The point of the license isn't to get contributions back. The point is to prevent competition to Elastic's hosting business. Elastic's new version of ElasticSearch is source-available software, not open-source, by pretty much any reasonable definition.
>If you want to offer ElasticSearch as a service, you have to open-source your entire hosting stack including UI.
It's worse than that: you need to release your entire hosting stack under the SSPL. It's extremely unlikely that you're able to do this. Hope your servers aren't running Linux! (Or bash or the GNU coreutils or...)
If it were acceptable for the rest of the stack to be under another free software license, I'm not actually sure I'd be opposed to it. But yeah, as-is it sure looks like they've just written the license such that it's impossible for a hosting provider to comply.
On the other hand, a lot of people (myself included) have no intention of ever being in Amazon's large scale hosting business, and actively avoid building my software on GPL/AGPL where there are more permissive (but still "standard" like Apache/MIT) license choices available.
(I _do_ totally understand the principle of strongly viral licenses, I think the GPL is an amazing thing. The chardonnay socialist in me wishes the whole world would use it. Pragmatically, at work I feel obliged to point out the responsibilities of using GPLed dependancies. From a profit-focussed business decision, it's often better avoided. I agree what Amazon does with Mongo/Redis/Elastic et al. qualifies as "leeching", maybe I'm only fooling myself that my work's projects are somehow better...)
The thing is, in this case, Amazon's business is not about extending ElasticSearch with proprietary features. It's about hosting the OSS product.
Had ElasticSearch been under a copyleft license, the only difference would be that Elastic would've been unable to simply move away from the copyleft license.
> The lesson I’m taking away from this is just use a license like they’re using now from day 1.
Sure, if your whole business model is “sell a SaaS”, then making the whole offering an open source product that is simple for other people to host and offer an equivalent (or, if integrated with other offerings you don’t have, often more compelling) service is a bad choice.
But people choose open source licensing for a reason, and against competing software, a proprietary license can be a negative feature which makes it harder to grow mindshare and prove out utility.
> The lesson I'm taking away from this is just use a license like they're using now from day 1
You’re welcome to license under SSPL (or AGPL) if you wish. But if you want commercial customers (or even users), you’ll have to bear in mind that licenses like SSPL are a “no” (or at least, requires legal review) in many commercial entities, including startups.
Licenses like SSPL won’t give you the growth a new entrant could potentially get with a more commercially friendly FOSS license, because your potential users/customers will see it as a proprietary product and evaluate you as such.
In Elastic’s specific case, iirc a major competitor for them was the proprietary Splunk, so Elastic being FOSS really helped their case. Had they been SSPL from day 1, their growth trajectory would have likely been different.
> Nothing about the new ES license would've prevented me from using it for free in the previous places I've used it for free, as far as I can tell.
While true, personally I'd not be willing to contribute to such a project.
Of course, such a license would require legal blessing, which in itself is a lot of (paper) work. What if, the company decides to change the license in an year?
I think it’s significant in this case that most of the development of ES and the underlying engine is done by Elastic. This re-licensing is only of interest because it means most ongoing work on the project will now happen under the new license. If that was not the case nobody would care, the contributors could fork back to Apache 2.0 and continue. After all, the ElasticSearch license used up until 7.1 also allows me to fork the project under a new restrictive license, but nobody is likely to care if I did.
> Nothing about the new ES license would've prevented me from using it for free in the previous places I've used it for free, as far as I can tell.
It would have prevented its use in a previous company i worked at (largely for ideaological not practical concerns).
> Totally "open" open source only works if everyone is a good actor, which was never a realistic assumption, but it took a while for that naivety to cost so much, I guess.
That seems like a silly conclusion. Amazon is being a good actor by all accounts. On top of that Elastic is like a 15 billion dollar company, if that's not working, i need to get going on a business venture that doesnt work.
Anyways what makes you think they would be succesful if they used the license from day 1. Having your cake and eating it too only works if you switch halfway through.
It wouldn't have been picked up by the community if it weren't Open Source. Yes, you may have used it if the current product just appeared on the market with a source available license but that's not what happened.
People used and recommended the software for years because it was Open Source. People contributed to the project because it was Open Source. It became popular BECAUSE of Open Source.
Your argument doesn't work because you wouldn't have known about it if it wasn't Open Source.
Elastic Search launched more than a decade back, when the cloud was used in an entirely different manner. The team had no way to foresee the shift to the managed services model; of AWS taking popular Open Source products, repackaging it and undercutting the original authors.
The decent thing to do (for all managed Open Source products that you didn't create yourself), would have been to offer a cut to the original team. Instead, AWS takes all their customers, keeps 100% of the revenue, and passes on nothing.
> The team had no way to foresee the shift to the managed services model; of AWS taking popular Open Source products, repackaging it and undercutting the original authors.
Plenty of people saw this coming. It was completely predictable. The reasons why licenses like the AGPL haven't yet caught on are complex. But I don't think anyone can credibly claim that they were blind-sided. Rather, I think many people and companies simply feared the day of reckoning, discounted the threat, and did as most everybody else was doing.
That was the argument against the GPL, and yet Linux beat BSD. The tension exists, but it's not such a simple trade-off, and the dynamic is highly context dependent. The complexity is in identifying and achieving the best business model.
Like with the GPL 20 years ago, the intuition today seems to be that licenses like the AGPL are simply anathema to adoption (because "viral", etc) and therefore market capture, and if you can't capture the market you can't monetize your investment. It's something of a self-fulfilling prophecy, but eventually more people (authors, users, etc) will begin to explore the space commercially and, hopefully, disprove the conventional wisdom.
> The team had no way to foresee the shift to the managed services model; of AWS taking popular Open Source products, repackaging it and undercutting the original authors.
First release of elastic was Feb 2010. AWS launched in March, 2006. The folks at 10gen used the AGPL for MongoDB since Feb, 2009. Yeah nobody could've seen this coming.
AWS didn't undercut anyone. They offered their customers exactly what they wanted. Many of these software vendors have delayed offering their own cloud-hosted versions, often years after AWS, even when these vendors should be better equipped at running them.
Elastic is also infamous for data loss and still has consensus problems so maybe proper priorities are the real problem.
There is no meaningful way for an independent vendor to compete with a Cloud Provider offering the same service. It gets bundled in the initial sales pitch, promoted in their documentation and at events, and gets heavily discounted.
It simply becomes the default - and (if on AWS) nobody will even think of Elastic after a couple of years.
And yet many companies are competing just fine. Elastic's biggest growth comes from cloud services, which matches every other database vendor from MongoDB to Redis. [1].
AWS just proved that the market wants to buy solutions, not software. There are tons of customers and environments where a dedicated vendor can offer something far better than the lowest-common-denominator that AWS provides.
If you want another success story, just look at how Snowflake built a better Redshift on AWS (quite literally).
> The decent thing to do (for all managed Open Source products that you didn't create yourself), would have been to offer a cut to the original team.
Who are the members of the original team? Are we not going to give a cut to all the other contributors to the project throughout the years? How much should each contributor get? Are we measuring by lines of code touched?
Actually, your argument that there’s any relevance to Elastic being the primary developer lacks insight. It changes nothing about the licensing situation nor about the ethics. You’re also not factoring in the fact that the nonrestrictive license is why Elasticsearch became the standard.
You also haven’t resolved the logical contradiction that Elastic is equally “guilty” of profiting off of Lucene.
I honestly don’t think a nuanced understanding of these licenses and open source business models can lead to any conclusion except this one: Amazon is not in the wrong here, Elastic is being entitled, misleading and duplicitous. Elastic is free to use Lucene as its kernel and monetize it, and Amazon is free to offer a managed Elasticsearch service.
If you write Apache 2.0 software, you have no right to bitch about competition. That’s the short of it. And remember - Elastic is doing fine. They’re worth $15B. The founder has hundreds of millions of dollars now, and rightly so.
Right. So what would Linux look like if it was developed by a single company?
One of the reasons to choose open source is to avoid lock in by having multiple suppliers, and at least in theory have some healthy competition between them.
~1k lines (per enumerated prs in blog post) against millions of lines, aka less than a fraction of a percent.. plus ignoring code review, issue triaged etc. insignificant level might be more apt.
Amazon is literally under no obligation to contribute any code back. Yet they do because most people prefer to merge upstream if they can, and Amazon is no exception.
Frankly Elastic has been very hostile at accepting PRs if they seem like they’d compete with Elastic’s proprietary offerings. Glaring conflict of interest. So I’m glad Elastic forced a full fork.
BTW, in case you didn’t realize this license change will not prevent Amazon from running their own fork. So even from a greedy business perspective Elastic made a horrible decision, even ignoring the ethics of lying to the community as they have done repeatedly and without showing any remorse.
edit: Fixed typo where I wrote "Elastic" instead of "Amazon" when talking about Amazon being no exception to preferring to merge upstream where possible
AWS launched RDS with MySQL 4 months before the first version of ElasticSearch. Yea in that case it was Oracle, but I think it was clear what the direction was. And it was definitely clear in 2014 with Aurora and Redshift. They could have changed their license in 2015, but they didn’t. Why?
> Elastic Search launched more than a decade back, when the cloud was used in an entirely different manner. The team had no way to foresee the shift to the managed services model;
This claim is highly unrealistic. Offering managed services has been the hallmark of the cloud from day 1. The cloud is nothing more than managed solutions.
It's highly disingenuous to claim that it was not possible to expect a business dedicated to offer managed services to offer a managed service.
The issue is, I think, that acting in such a manner is supposed to cost you in community good will. The potential for bad PR can force you to act in a more ethical manner, but there's a big separation between the people with the checkbooks and the folks who are aware of the issues here. The courts are there for extraordinary circumstances but it's generally better for all parties to settle a dispute without litigation and AWS could just shovel some money in the direction of elastisearch.
I always get a laugh out of these for-profit companies trying to cater to a tech community open source ethos, and discovering there was a reason why companies weren’t doing this
Because they don't want to, or see no value in doing so. I've been downvoted to oblivion just by stating that contributions to popular OSS projects, especially those initiated,or heavily used by large tech companies,are nothing more than just free labour.
Amazon's business is commodity: they made books,one of the most precious things we,as a civilization could create,a commodity. The storage space, computing, even ML is being commoditised. Logistics will folow,then some more. The company's perspective and business goals are completely different than many would like to think.
> The storage space, computing, even ML is being commoditised
I don't see that happening anytime soon. There is still a market for hobbyist and boostrapped businesses who can't afford the insane prices offered AWS, Azure, GCP & Co. Storage, Computing and Bandwidth on these platform is inflated for the "enterprise and over-funded-startups" market.
Hetzner, Ionos, Scaleway and OVH are still order of magnitude below AWS in terms of prices. And the quality difference is in no way justifying the price difference. (Especially with Hetzer and Scaleway which are almost on par with cloud platforms)
> All changes to Elasticsearch were sent as upstream pull requests (#42066, #42658, #43284, #43839, #53643, #57271, #59563, #61400, #64513), and we then included the “oss” builds offered by Elastic in our distribution. This ensured that we were collaborating with the upstream developers and maintainers, and not creating a “fork” of the software.
With links on the issue numbers. Why should we not understand this as contributing back?
Disclosure: I work at Amazon on cloud infrastructure, but not directly on the codebase being discussed here.
Someone pointed out elsewhere:
*Correction after looking a bit closer, I think Amazon has submitted at least 600 PRs, they only listed 9 in the blog post. That's better but it still doesn't change the fact their business model doesn't allow the companies they're building on the backs of to have a sustainable revenue stream.
That's counting emails. Unlike other Git-based projects like the Linux kernel, it seems a lot of commits are made with users.noreply.github.com email addresses. For example.
commit 8e413f85e8978da83db107aae51e5543d4779dba
Author: paulward24 <52216289+paulward24@users.noreply.github.com>
Date: Wed Jul 3 04:37:07 2019 -0700
Ensure to access RecoveryState#fileDetails under lock
Closes #43840
The community did that in good faith. What's the incentive for the community to contribute to the project if Vendor XYZ is going to offer the same project with more optimizations?
The buggy whip community invested in buggy whip manufacturing too.
Sometimes step changes happen, and things are just different afterwards.
I see two related "changes in the world" here that are contributing to this current drama.''
1) the rise of SaaS and globally centralised cloud hosting.
2) the emergence of companies solely (or mostly) built on paying salaries to developers writing an open source software project. (Elastic/Mongo/Redis being the primary examples).
As I see it, the 30 year old "Open Source" principles didn't see these coming any more than the buggy whip industry saw the Model T coming.
Personally, I'd really like to see those three companies (and others/new entrants) come up with a workable new model for software licenses for some kind of "freely usable software" ("free" in the generic "no obligations" sense, not the GPL/Stallman "freedom" sense) written by salaried devs at for-profit companies. I think the world would be a better place with more software closer to the Stallman end of the license spectrum than the Oracle end. I don't think that's necessarily a given. It might well be true that in general, a for profit company cannot make enough money out of writing software and giving it away to keep teams of full time developers paid.
There is nothing unfair about being able to make optimizations of your own on top of the software. That freedom is in fact one of the core values of OSS. Any “fairness” judgements you make are irrelevant for as long as the license satisfies its goal and the software is freely available to everyone.
Fairness (ethics, moral judgement, justice) is inherently a different layer of our civilization than license (law, contracts). I'd say fairness is more important than any and all licenses ever.
Also, I think through history every law was made in the name of making law more just, bringing the legal system closer to an ideal of justice.
We also know that simply throwing out law and bringing back case by case judgments (eg. what kings and lords of old did) just gets us further from that ideal, hence we work on our laws and licenses. But that doesn't mean we should forget that they are imperfect and sometimes they need updating.
The irony is strong in this case, because Elastic started by making ES into an open core thing and putting every new feature into their business side. (The improvements they made to the basic ES clustering, indexing, sharding, Lucene integration, etc. are very valuable, and I'm not discounting them, but their added value is drastically reduced compared to the features. Just like AWS' added value for businesses is a lot more important than having yet another cool x-pack feature.)
MIT license is super simple, short way of saying "You must give me credit if you use this in the form of including this license and my copyright statement in software you distribute"
Apache license is a longer and more complicated version that is the same in spirit but also includes the agreement that the licensor does not sue the licensee over patent infringement for use of their contributions to the software or the cumalative software, unless the licensee makes a patent claim against the licensor in which case the license terminates
Obviously Amazon has the legal right to make a fork, but I think it's understandable why people would still prefer that the people who actually did the innovation and the majority of the work get their cut of the insane profits AWS is making.
With for-profit corporate open source, you are either giving it away because doing so benefits you in some other way, or you are doing it wrong; expecting downstream open source users to pay you is “doing it wrong”.
Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.
> Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.
Exactly this.
Or more accurately, Elastic is pretending it doesn't have an open-source compatible business model.
The actual truth is, they've built a great business. $500MM in yearly revenue, with 40+% y/y growth, for a valuation of like $15B last time I checked. And yet they're trying to pretend this is a David vs Goliath story and that they're literally going to go out of business because of Amazon. Nope, it's all gaslighting. They don't need to make this license change, without it they'll still be a $50B business in a decade or less.
They're just having an immature childish response because, while they're making boatloads of money, Amazon is also making boatloads of money, and that's not fair in their eyes because Amazon didn't invent Elasticsearch. It's all so childish (and ignores the tremendous value AWS as a whole is, but that's another rant)
ES had a business model. It was open-core, but with critical features like Security and Access-Control hidden behind their paid support.
The core disagreement was that Amazon (and many other contributors) wanted to add that to the base distribution, and Elasticsearch fought them for years on it, deliberately breaking any community plugins that got a solution working.
Enough blame for the current situation on all sides.
Yeah, I simplified things for the sake of argument, but just to be clear, the whole open core business model was a huge conflict of interest and has convinced me that open core is a way worse conflict of interest than other ways to monetize (enterprise support, operating cloud service etc).
So, to call Elastic a successful open-source business model isn't quite accurate, and you're correct to point that out.
I don’t, I work for a non-profit that refuses to run proprietary software such as Elasticsearch 7.1.1 in prod. Not sure why you made that blind assumption. Very bizarre.
Thank you for pointing this out. I used to run elasticsearch on a project and these pay walled features were a large source of frustration to the point that eventually I recommended moving it to the AWS service because we were already paying amazon anyway and in a large organization it is a huge pain to contract another vendor.
> Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.
I think this is precisely correct, and it's really strange to me that a company developing innovative software would decide to apache license all of their work but I still feel for them. I'm guessing that they wanted to build a thing and make some money off of it while mostly just contributing to moving tech forward and that's a super noble goal... but that noble goal would have been much better served by using a license better tailored to OSS free use for non-commercial purposes and pursuing individual agreements for commercial use.
Then again, if it was launched with such stringent requirements would so many contributors have helped them develop into such a usable product?
> Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.
Elastic has indeed found a profitable business model: they have their own cloud (cloud.elastic.co). But for it to be profitable they need to cover the costs of both developing the Elastic stack, and running a SaaS. AWS only has to cover the cost of running a SaaS (since they are getting the stack for free) which gives them a HUGE cost-wise advantage.
To counter this advantage Elastic is asking them to partner with them like other cloud providers do (Microsoft, Google, Alibaba etc) but AWS has refused to do that.
Isn't it then fair for Elastic to restrict AWS from using their software?
This is the whole point of open source. Every contributor to something like Kafka or numpy is not expecting a cut from the thousands of companies that use it.
Open source is a type of generosity. Generosity is good in the software world because the rules of the game benefits everybody the most when everybody are generous. I believe it's similar to prisoners dilemma but with even bigger benefits when we are all generous.
However, it's also a tit-for-tat game. When others start to be greedy it makes some sense to be greedy yourself. Thus short circuiting the game and making the playground worse for everyone. Until we realize that generous is better again.
So tying back to your comment. Yes, open source contributors doesn't expect something back but they can only hope that others at least pay it forward.
A restrictive licence limits the potential value that the code can bring to the world. To maximize the value you bring as an open source developer you can't expect returns (to the community), only hope for it.
(And that's maybe not as bad a thing as it sounds on the surface. Linux, Apache, PHP, Ruby, HAProxy, Nginx, and probably hundreds of open source projects I can't even start to list don't seem to feel the need to come out swinging like Elastic/Mongo/Redis have. )
Amazon's forks will still be Apache-licensed, so if there's a tit-for-tat element here, it appears to be Amazon responding to Elastic's abandonment of open-source.
Yeah, and here I feel that there's something missing in my description. While I think Elastics move is bad I definitely don't feel like Amazon is the good guy here either. I feel that there's a good chance that Amazon steam rolls Elastic and then five ten years away the community is worse off.
Open Source makes the most sense when your position is “I made this because it solved a problem I had and am giving it away so that it might solve problems for you.”
We might actually be better off with Amazon as the steward because they don’t need to make money on the software itself.
It would make a lot of sense for them to slowly close it down or modify it so that it eventually only makes sense to use it on their platform. Or something similar. And given what I've seen from their behaviour I would expect them to exploit whatever market leverage they can.
Depends if they actually develop it. For other open source software, they usually keep improvements (say, improvements to Spark working with S3 from EMR, to give example from my area) to themselves in proprietary modules.
Brian Behlendorf didn't write Apache (or more accurately, patch NCSA httpd) out of "generosity", he was doing what was known back then as "scratching his own itch". Sure, he generously gave it away as well, but that was after he'd done the work to benefit _himself_.
Same with Larry Wall and Perl. He wrote the language he wanted, and shared it afterwards. He didn't write it out of generosity (and to be fair, he is 100% the sort of person who might have).
I think the dual license strategy Larry chose for Perl really shines light on his motivations, "use GPL if you want to, use the enormously more permissive Artistic License if you want to". He just wanted anybody who might find his software useful for any reason at all (including becoming insanely rich, if they could work out how to do so) to be able to use Perl.
Open source should be about optimisation. For example you have some infrastructure code (like LLVM, Linux kernel, etc.) that brings you little competitive advantage but you benefit from distributed maintenance - OSS is a perfect fit. And people using it but not contributing back is not really that big of a deal.
The incentives to upstream exist without licensing requirement - maintaining a fork which when the upstream knows nothing about what you're doing and could break you with every commit is not fun. You also lose on distributed review/support aspect. At the end of the day if someone finds a way to profit and not contribute back - how does that impact you ? Unless they are a direct competitor and you OSS something critical - in which case like people above said - you should rethink your business model.
Also OSS has a bunch of secondary benefits - recruiting, developer mindshare, etc.
I think viewing OSS as a generosity is not sustainable, and the incentives exist even without restrictive licensing.
Sure it's nice when you can motivate it like that but I feel that the long tail of open source projects doesn't fit your description but are projects driven by a few enthusiasts.
I don't get it. I can understand performing acts of generosity without saying anything about payback and with no expectation of reciprocity. I can also understand performing acts of generosity without saying anything about reciprocity while having some expectation of reciprocity (like, "I'll do someone a favor, and it sure would be nice if they return a favor one day").
But why would you very deliberately choose a software license which very explicitly distinguishes itself from normal proprietary software licenses by spelling out how it requires no payment and will always require no payment (and in some cases, explicitly prohibits anyone else from requiring payment!), and still maintain an expectation of payment?
Elastic, at this moment, is pulling in half a billion dollars in revenue per year. They're growing at at least 40% y/y. They're valued at $15B at this very moment.
So, tell me again why this license change is so necessary? Oh right, it's not, it's just a disingenuous move to try to monopolize the market they're in.
Except, the irony is, this isn't even going to increase the money they're making, because Amazon, as I predicted days ago, was always just gonna fork 7.1.0 and keep it Apache 2.0. Which is not only legally their right, but actually ethically is a good thing to do anyway.
And don't even get me started on how Elastic puts most of its real efforts into their proprietary features anyway, and if you hypothetically opened up a pull request that perfectly implemented TLS or some other feature they'd deny it because they have a conflict of interest with X-Pack.
Now I want to be clear. I'm personally an anarcho-capitalist, I reject the whole idea that a company being big makes it evil. I don't think it's a problem that Amazon is making money with free software - aren't all of us in the industry making money with Linux, or with apache httpd, or <insert open source software here>?
So, I don't hold the fact that Elastic is a multi billion dollar company against them either. But when they try to gaslight the communtity and portray this absurd, patently false, downright offensive david vs goliath narrative, I'm going to call them out for being liars, because that's what they are. They have shown they will break deep promises they made to the community without a second thought.
They've also shown they couldn't even be honest in their communication around this licensing change. They claimed this would have no effect on their users - bullshit, a good friend of mine works at Wikimedia and they can't run Elasticsearch 7.1.1 or above in the future because they don't run proprietary software. Meanwhile the license change doesn't even do what they claim it's for.
They also have mastered the art of doublespeak like this:
> The list of improvements under this new free and open, yet proprietary, license, is overwhelming
Ah yes, the infamous "free and open, yet proprietary" software. Couldn't live without it.
> people who like open source (generally left-wing people doing stuff for betterment of society)
Do you really think that liking open source is in any way correlated with politics?[1] I'd like to read a source on that one, because it's certainly not been my experience. Maybe we've contributed to different projects and/or read different people.
But even that aside, you think that everyone who likes open source is condemning amazon and on elastic's side? That is even more suspect. Just as an example, the creator of sourcehut has been criticizing elastic all week, and all of his posts—at least one of them explicitly saying that Amazon is definitely allowed to do what it's doing—have reached the front page here. And he's someone whose "liking open source" credentials are good enough, I think.
[1]: I'm not even going to get into other implication, that wanting to improve society is also in any way related to any given political leaning.
> Under the Confluent Community License, you can access the source code and modify or redistribute it; there is only one thing you cannot do, and that is use it to make a competing SaaS offering.
Kafka is an ASF project, and not controlled by Confluent. There is nothing stopping anyone from offering a hosted Kafka.
You seem to be conflating Kafka with Confluent's own products.
>No. Apache Kafka is licensed under Apache 2.0. The license change only applies to our Confluent software that was previously called “Confluent Open Source”: Confluent Schema Registry, Confluent REST Proxy, Confluent ksqlDB and some Confluent Connectors.
I love that they try to make it sound like they even have a choice in changing Kafka's license.
What is? Because I don't think the point of open source is to have big companies make money off code that other entities—in many cases individuals—made available for free. It's certainly something that happens, and I don't think it's universally bad, but I wouldn't say it's the point, either. I've heard of several high profile cases of the people who maintain high-profile projects supporting $billions worth of commercial products struggling to make ends meet, and I don't think that's the point. That's not a system working as designed, because nobody designed it and there arguably is no point—it's simply a dynamic that emerged organically from the factors that drive people to contribute to open source, and those that drive businesses to maximize their profits.
I think GP meant that allowing for forks is the point of Open Source. Which I would argue is kind of a big point of Open Source -- the point isn't who's doing the forking or who's profiting -- but the point is that forks like this are intentionally allowed.
Yeah, that's fair. Maybe I should rephrase to say it's a point. I could see someone arguing that forking is just a component of the deeper philosophical attitude about how people can use and distribute and modify code in general.
Forking is the/a point in the sense that I can't think of a version of Open Source that is still Open Source but that doesn't allow forking -- that allowing for forking is a deliberate choice, not an accidental one.
I was thinking more the former. I understand the latter as more of an ethical position, and it's one I'm not really familiar enough with to talk intelligently about...
Conversations like this are just sort of pointless, where one side says it's supposed to be this and the other replies no, it should be that, when really open source software is just a thing that happened. It's up to us to define an ethics around it and to decide how we interact with other actors in the ecosystem who might not have the same principles and goals.
To have a discussion about how it should work, to make subjective value judgments like the ones these comments are full of, we need better arguments than 'the license says it's fine, so on what basis can you criticize Amazon's and/or Elastic's conduct here?' or 'but that's not nice!' or 'Amazon/Elastic has $XXXM revenue so they are bad'.
I don't know what distinction other people make, but when I capitalize Open Source, I'm referring to Libre software, specifically of the kind that Stalman or the OSI would talk about.
Lower case open source is a term that I personally try not to use, specifically because of that confusion. I personally try to refer to that as source available or shared source when possible.
Stallman and the OSI do _not_ agree on "Libre software" and "Open Source" - in a quite fundamental way.
"The terms “free software” and “open source” stand for almost the same range of programs. However, they say deeply different things about those programs, based on different values. The free software movement campaigns for freedom for the users of computing; it is a movement for freedom and justice. By contrast, the open source idea values mainly practical advantage and does not campaign for principles. This is why we do not agree with open source, and do not use that term."
When I use Open Source (capitalized) I am arguing for Libre software with the values Stallman is talking about. The point of disagreement I have with Stallman is this -- Stallman argues that using the 'wrong' word to describe Libre software risks corrupting the movement. I argue that using a generally accepted word to describe the movement, and culturally reinforcing the common understanding of that word as a subset of Libre (ie, not just giving up saying "Open Source can mean whatever the Mongo devs want it to") is valuable enough to override those concerns.
Stallman goes on to argue that the Open Source movement doesn't care about Libre software, and we should not align with that movement. I argue that a very large contingent of the Open Source community does care about Libre software, and it is worth advocating to the remainder of the community that Open Source software is Libre software and that the real ideals of Open Source beyond just source availability can not exist without the ideals of Libre software.
Stallman and I disagree about whether or not we should use the term Open Source to describe Libre software, but we don't disagree about what Libre software is. Even Stallman admits that aside from some minor differences, the official OSI definition is mostly in alignment with Libre software. What Stallman is really disagreeing with is with the PR strategy. And the reason I'm not going to try and separate those terms is because I explicitly disagree with him that his strategy in this specific case is helpful, and because I and many other people in the community want to continue to fight for the idea that Open Source needs to be Libre.
Part of the reason we use Open Source to describe Libre software is because we don't believe that Mongo or Elasticsearch have the right to decide for us what Open Source means, and we're not willing to drop the issue, give up all of the good will and public recognition we've built around the term, and just go use something else that the public doesn't recognize. Because if we do, and we have any success at all, then pretty soon proprietary companies will start to co-opt that term too.
I don't see any indication that confusion over what the OSI meant by the term 'Open Source' is the reason why Mongo felt emboldened to write a new license that took away user freedoms. Mongo didn't argue that Open Source was different from Libre, they attacked the very spirit of both movements by implying that their focus on 'sustainability' and 'fairness' was somehow fixing flaws in the OSI/GNU definitions and making their software even more free. If we were all using the term Libre instead, nothing about Mongo's PR strategy with the SSPL would have changed, they would have still claimed that their license was reinforcing the 'spirit' of Libre software.
Yeah, i get your point, but i'm thinking many in the dev camp didn't really realize the extent of this 'principle' as in 'people are nice kinda way'. I think this will only make OSS developers more aware about what kind of licencing they choose or choose to contribute to, one thing is to contribute to free software. But when others can live in mansions because of it, maybe not so much :)
AWS was entirely within their rights to do what they did. If Elastic wanted AWS to stop, they just had to re-license their software. Which they have now done. If AWS wants to continue to offer the latest version of ES then they simply have to comply with the new licensing terms. Nobody has done anything wrong or unreasonable, or “forced” anyone to do anything, though it was perhaps not in Elastic’s best interest to have offered ES under the original license.
I'd phrase it backwards: these people think it should have the appearance of open source and get all the benefits (contributions from community, widespread adoption), but legally and ethically speaking it's closed source and they get to make all the money.
They seriously have this entitled attitude that because you used the free software project that they started, that now they're entitled to that money. It's patently absurd. Imagine if Linus Torvalds went around with that attitude, claiming he deserves to be a trillionaire because of the absurd amount of value Linux has produced. (And ironically Linux is a more restrictive license than Elasticsearch)
Good point. When I willingly contribute to open source with no compensation, it's with the understanding that it's because my contribution is available to anyone under the same terms, I'm contributing to a "commons" open to all, willingly for the public good.
If anyone wants to use it for profit-making purposes, that's generally fine with me, because everyone can on an equal basis.
If instead the software is licensed such that one company has special rights to profit off of it that others don't... why would I donate my contributions for free to that company? Shouldn't I get a cut?
Your comment and the one you're replying to actually just changed my mind on this topic.
Up to now I've had a sort of knee-jerk response of "it's Elastic's software, they can do what they want", but I think you're actually right. They're reaped the benefits of open source, including free work from the community, and now they want to claim exclusive rights to profit off of it. It's basically the perfect example of wanting to have the cake and eat it too.
I love having my opinion changed. Thanks for that.
I agree, but I think there's many many shades of grey here.
Elastic (and Mongo and RadisLabs) are trying to do something new.
Linux, without doubt, "reaped the benefits of open source, including free work from the community," to the point where although the original release was 100% Linus's own code and arguably "Linus's software", these days to a first approximation _none_ of the code is "his". The percentage of the ~27million LOC that is "linux" these days that were personally written by Linus is effectively zero.
Elastic is a company paying 500-1000 employees who I suspect (but haven't checked) contributed the majority of the code rather than it being "free work from the community". (And their ability to relicense the code suggests that any community contributed code was contributed under their CLA which meant the contributors explicitly granted Elastic future rights to relicense those contributions, so it's not like the "community" can pretend they didn't know this was possible.)
I don't know that Elastic's business model will work. I don't think there's any guarantee that it will. Part of me kinda hopes it does, because I suspect that the business success of "company backed venture capital funded free-as-in-beer software" might result in more and better software being available to use - perhaps software on such a large scale that "scratch your own itch" motivations have insurmountable ramp up difficulties. I personally think the jump[ from AntiRez's "scratch your own itch" redis, to RedisLab's "Widely Fortune500 adopted and enterprise ready Redis" is not a thing AntiRez wanted to stick around and do. And the world _might_ be a better place for the existence of the non-OSI approved software under license like RedisLabs "source available" one.
It'll be interesting t watch this play out over the next decade or so...
Just to add a bit more nuance, I think we tend to focus a lot on community contributions, but IMO the biggest benefit of FOSS is not that; it's adoption.
Even if Elastic writes 100% of the code, by making it open source, they are promoting the widespread adoption of their software. A project with a non-free license or a custom license is a non-starter at many (most?) companies, or at a minimum requires talking to legal which is a PITA.
So, even with no community contributions, Elastic would never have been able to get to where they're at now - making $500MM in revenue a year and at a $15B evaluation - if it weren't open source.
Now just to be clear, Elastic is totally allowed to close things up now that they've reaped the benefits. The beautiful irony is that, when you close source after you've reaped the benefits, by definition you've also hit the point where it's now obviously beneficial for a company like Amazon to make their own fork and keep their AWS Elasticsearch cash cow going.
So, ultimately the community is totally fine. Indeed Elastic has been going down this road for a few years now, so it's actually a good thing for us that this happened. Better to have an amicable divorce early rather than a messy one later. But I can't help but point out that Elastic has broken its promises and misled the community - to their detriment more than to ours.
That is in fact exactly the trap door of open source -- you are QUITE WELCOME to switch to a non-opensource model once you've reaped the benefits, but guess what, anyone else is also QUITE WELCOME to make a still-open-source fork at the point you do that.
This isn't an accident, it's in fact the whole point of open source that people can make open source forks when the original authors decide to no longer do open source.
I don't think there's much 'amicable' about it though in this case at the moment.
> perhaps software on such a large scale that "scratch your own itch" motivations have insurmountable ramp up difficulties
I don't think that's true, at least for software such as Elastic, Mongo and RedisLabs.
There are a lot of big companies that benefit from those, and might want to invest it, despite not being their direct revenue driver.
See for example the Cassandra database released by Facebook. Or how Amazon is going to invest in their Elastic fork now. Or how Linux is funded by dozens of companies (IBM, RedHat, Oracle...)
Or pretty much any programming language: I haven't seen a programming language that's not truly Open Source (as in the compiler/interpreter + API) for decades.
The kind of software where it's not going to work is where it's solving a business need for companies that are not software companies: but Open Source isn't common in those fields anyway.
> Elastic is a company paying 500-1000 employees who I suspect (but haven't checked) contributed the majority of the code rather than it being "free work from the community".
If a company or a person wants to relicense their open source project, either they need to get permission from all its contributors to relicense their contributions, or the contributors already signed a CLA that allows for relicensing, or the contributors' code is removed entirely.
The "free work from the community" either was contributed under the terms of a CLA that allows for relicensing, or members of the community all agreed to relicense their contributions, or that free work was removed entirely.
There’s a bit more community contribution that just “code”. I have never contributed code to elasticsearch, but I have co-founded the Berlin ES meetup, before elastic, the company, even was a thing. The group was for some time one of the largest around. For a while, I was one of the most active posters in their IRC channel, helping other users with whatever issues they’d have using ES. I signed no CLA, I received no money nor do I want any. But I contributed my time in the understanding that we’re all working on something that benefits both ourselves and the wider community. That implicit understanding is now gone.
I don't quite understand your logic here. Does he deserve to be a trillionaire? Maybe? Does Jeff Bezos deserve his whole net worth just because he acquired it legally?
It's like leaving your car in the middle of the road, keys in the ignition, and a deed transferring ownership to whoever holds it under the window wiper, then getting annoyed at someone driving off with it.
Forgive me for expressing my frustrating for a moment here:
What is with this new generation of developers (I don't mean new as in young since I meet people in their 40s espousing these ideas), who make all these high-minded arguments about how evil it is to profit off of someone else's work, when literally that's what proprietary software is for. If you don't want someone to make money with your code, don't give it away freely, sell it.
Instead, what Elastic did was they made a beautiful piece of open source software, licensed under Apache 2.0. Because it was Apache 2.0, organizations were comfortable building Elasticsearch into their stacks because they knew that they couldn't get Microsofted. Additionally because it was Apache 2.0, hundreds of contributors who are not affiliated with Elastic submitted patches to their codebase.
Elastic used its position as an open source maintainer to grow Elasticsearch to be one of the most important pieces of software in the world (nowhere as important as linux or arguably lucene but still in the top echelon), and then once it did that it decided to lie to the community, pull the rug out from under them and switch to proprietary.
Now to be clear, I actually think this won't even make them more money, it will just hurt their brand image and incentivize high-quality Apache 2.0 feature-rich forks, so really it's just an absurd blunder. But I am so unbelievably frustrated that people keep espousing this reverse entitlement attitude that you espoused here: the idea that an open source vendor gives away their software for free, intentionally, so that they can benefit from the community and vice versa, and then suddenly now somehow I'm an asshole if I've been operating a service that uses Elasticsearch. It's completely backwards logic.
To put it another way, as an open source maintainer, you don't owe anybody your time. You are free to tell the people opening github issues and bug tracker tickets to go fuck themselves. But similar, nobody owes you anything, so if you yell at someone using your free software for commercial purposes, now you're being the entitled asshole. They don't owe you any money.
You people seem to think open source just means "source available". It's SO MUCH MORE than that.
Were you an ES contributor who feels betrayed, or are you speaking more hypothetically?
I was just a free ES user, and feel fine with all of this. I don't see a bait and switch, I see a fundamentally changed market compared to 10 years ago where a business model that was perfectly reasonable is now very precarious in the face of the major cloud vendors, and a desperation move to protect their business, not some grand cynical plan.
If I needed to submit a patch I'm not gonna care about the project being "truly" open source vs just source-available.
But the more these "allowed" but kinda-dirty-feeling things happen, the less likely I am to choose a "true" open source license for any projects I may start...
> If I needed to submit a patch I'm not gonna care about the project being "truly" open source vs just source-available.
Really? Everyone's cares are different, but I don't like contributing my time and programming output for free to proprietary software, for it's owner to make money off my work.
I don't mind contributing to open source, where anyone can make money off of it with no special privileges to some. It feels like contributing to a commons.
But contributing to proprietary software without getting compensated feels like getting taken advantage of to me.
I've made very small contributions, irrelevant in the scheme of things. I've also run decent-sized Elasticsearch clusters (~10-20TB total store).
When I speak of betrayal I'm more speaking in the general sense that under my value structure, it is immoral to lie to someone or to break promises, which is what Elastic did. They told people they would never make the Apache 2.0 code proprietary, and then they did it anyway. For a shitty reason at that.
A lot of engineers I’ve observed are increasingly far removed from sales, marketing, and ultimately, their customers.
I also think the world (particularly technology and laws) is a complicated place with a lot of history. The old timers tend to appreciate this a bit more. There’s a book out there about the “Death of Expertise”. People think they can learn a complex domain from some questionable YouTube videos and maybe blog posts or a book. They decry the experts. In fairness there are also a lot of charlatan experts out there.
Combine the two problems, and it is an opening for “outrage bandwagons” to form that claim to simplify the matter without actually understanding it. And companies try to exploit this comprehension gap to fulfill their agenda.
> "Elastic used its position as an open source maintainer to grow Elasticsearch to be one of the most important pieces of software in the world (nowhere as important as linux or arguably lucene but still in the top echelon), and then once it did that it decided to lie to the community, pull the rug out from under them and switch to proprietary."
Hmmm.... is that what happened or did AWS usurp Elastic's main stream of revenue providing an enterprise cloud platform, and in response they changed their licensing in an attempt to protect the viability of their company while minimizing the impact on contributors to the framework..
As I understand it the only prohibition of use is to offering the software as a cloud-hosted solution of the software itself.
You may disagree with this strategy, but I think you should also explain another way for companies that develop these frameworks to be financially viable. Because I think there is an issue of how people can sustain a business centered around open source.
So one reason I choose open source is precisely because of the legal guarantee that there will be comptetition in providing services based on it.
If I become dependent on it, one company can't control the pricing of people offering hosted services, because it's open source, nobody needs their permission to host it. "vendor lock-in" does not exist with open source.
If that was incompatible with ES's business model for a main stream of revenue, as the project IP holder they are welcome to change their license terms.
But what they're saying is that open source was incompatible with their business model.
It is what it is, but users clamoring for the ethical superiority of vendor lock-in and thinking that's somehow open source values is... weird to me.
Last I checked, sustaining a for profit business wasn’t a guaranteed right. It’s called competition, and plenty of companies fail.
If you can’t sustain a business around open sources, then don’t be open source.
Elastic chose to close their source but are now lying about it to make it look better than it is. AWS is releasing an “actually OSS” fork - totally inline and allowed under permissive OSS - and is somehow unethical? The mind reels.
> AWS is releasing an “actually OSS” fork - totally inline and allowed under permissive OSS - and is somehow unethical? The mind reels.
Yup. This mentality drives me absolutely insane. People seem to regurgitate whatever propaganda fake-open-source-company-X tells them.
Sorry, I'm not going to feel bad that the $15B company that built their business off the backs of open source - which is totally fine - is upset that another company is competing with them. And the biggest irony is, Amazon's not eating Elastic's lunch, they're both eating respectable lunches. Elastic's built a great business, which they are now doing their best to ruin as quickly as possible.
Having "open source" vs "source available" or whatever you want to call the new license isn't a guaranteed right either, so if there's no problem with the one then what's the problem with the other?
Would you prefer more software to be released openly or less? Cause if you're making moves like Amazon did with their ES service, you're pushing the world towards "less."
I'm not too concerned with this, but it's strange to me that people are both trying to keep OSS licenses "pure" and advocating that companies release less of their code in the first place...
I would prefer that companies stop abusing their communities by leveraging them and then discarding them when they have enough power to do so.
OSS was never about source availability - that’s just a form of cheap escrow and has fairly limited value. Open source is about user freedom to do whatever they want with the software - guaranteed freedoms.
This isn’t about “purity”, it’s about using a label on the tin that says “FREEDOM INSIDE” and then peeling the label off and telling a subset of users to pay up or give away any software code you’ve ever used to touch my software. We used to call that a “bait and switch” to be polite , though really it’s more like a shakedown.
> As I understand it the only prohibition of use is to offering the software as a cloud-hosted solution of the software itself.
You very profoundly and deeply misunderstand what the SSPL actually says, which is understandable because Elastic have helped promulgate this misinformation. Please go read the license. It is not straightforward, it's very vague and exposes an organization to enormous uncertainty. If you don't want to read the license itself, then start with https://anonymoushash.vmbrasseur.com/2021/01/14/elasticsearc...
Additionally, organizations that commit to running free software, are forced to drop Elasticsearch now (or more accurately, they're all going to just run the best fork of 7.1.0 and call it a day). So Elastic's statement that it doesn't impact users is just a complete lie.
Finally, this whole discussion is irrelevant because the license change won't actually protect Elastic's business. Amazon is going to behave no differently, except that now they have a better codebase to work with because they don't need to worry about Elastic rejecting pull requests that cannibalize their proprietary features.
> You may disagree with this strategy, but I think you should also explain another way for companies that develop these frameworks to be financially viable. Because I think there is an issue of how people can sustain a business centered around open source.
Absolutely not, I refuse to explain that for you, because you're reversing the responsibility here. If you want to build a company around giving away software for free, you better have a way to monetize the giving away of the software for free. There's plenty of strategies to do this, such as the famous "Commoditize your complement", OR you can be a redhat and sell enterprise support, OR you can be elastic and sell cloud services.
And guess what? Elastic HAS built a more than financially viable business with Apache 2.0 licenses. They pull in $500M revenue per year, with 40%+ y/y growth. They're valued at $15B right this moment. And you seriously believe that this organization is on the verge of bankruptcy?
Do the math, you're being tricked by a dishonest company. A company that so many of us had respect for until they started down this path a couple years ago.
And for the love of god, I implore everyone in this thread, please give up the whole "won't somebody think of the poor company?" argument. Open source is not a business model in and of itself. It never has been. If anything, the rise of these companies that build their brand image around being open source and then re-license to proprietary as soon as it's convenient is the literal problem. They're polluting the whole spirit of open source, which was always "I'm giving this away freely, and I don't ask for anything in return except you can't infringe my trademark" (for apache 2.0). You guys have the open source mentality totally backwards.
And don't get me wrong, I'm an AnCap. I'm as capitalist as it gets. So I'm not criticizing the mentality out of some misguided hatred of private ownership; rather, all I'm saying is if you talk the talk you better be prepared to walk the walk. All these entitled companies that make their software successful BECAUSE it's open source and the community feels safe building stacks upon it, and then clutch their pearls when someone else makes money from that software, are totally absurd and should be laughed at.
Sorry for the rant, I drank too much coffee today. But for the love of god, can't you see how, ethics of lying to the community aside, this licensing change doesn't even help protect Elastic's business interests, but rather just strengthens their competitors?
If becoming one of the most valuable companies in the world in an adjacent field and using that to fund an open source SaaS is a demonstration of a financially viable open source business; we're in trouble.
Going from the frankly insane pricing for managed ES on AWS (we tried it, were happy with the service and massively disappointed in the pprice, now manage our own on AWS), Amazon makes enough money from the SaaS to fund it.
How does the price compare to other managed ES including from the ES founders?
If it's super non-competitive high, it is even more curious they seem to see it as such a threat. I'm becoming increasingly unsure if they actually see it as a threat, or if it's just like "nobody should be able to make money from our open source without giving us a cut".
Or is it just that all managed ES seems too expensive to you?
> Elastic used its position as an open source maintainer to grow Elasticsearch to be one of the most important pieces of software in the world (nowhere as important as linux or arguably lucene but still in the top echelon), and then once it did that it decided to lie to the community, pull the rug out from under them and switch to proprietary.
Maybe I'm missing something, but I don't really see the sense in the "pull out the rug, it's not OSS" anymore. Sure, I agree that The Open Source Definition doesn't encompass something like the Elastic License, but :shrug:
Who exactly is having the rug pulled out from under them? AWS? As they very clearly state in the article: "When AWS decides to offer a service based on an open source project, we ensure that we are equipped and prepared to maintain it ourselves if necessary" (presumably because they understand that the license could change, or the maintainers could just stop maintaining).
It seems like it made good business sense for Elastic to switch licenses, and it's not really clear to me who would (for business reasons, not philosophy) switch to solr/other just because of the license switch.
It also makes perfect sense that AWS would release an apache-licensed fork - they have serious monopoly power - they con offer this service cheaper inside AWS, and the integrations can be smoother/better.
So really why be mad at either party? They both made good business choices it seems to me, maybe elastic will end up loosing out, but if that happens, I can't imagine that staying on the apache license would have saved their bacon.
> It seems like it made good business sense for Elastic to switch licenses
It actually makes incredibly bad business sense for Elastic to switch licenses, because they won't get any more revenue as a result and have now forced a high-quality Apache 2.0 fork.
> Maybe I'm missing something, but I don't really see the sense in the "pull out the rug, it's not OSS" anymore. Sure, I agree that The Open Source Definition doesn't encompass something like the Elastic License, but :shrug:
Well, they explicitly promised that they would stay Apache 2.0 licensed, which was a lie. And they're no longer open source software. So yeah that's a big deal in my book.
> Who exactly is having the rug pulled out from under them? AWS? As they very clearly state in the article: "When AWS decides to offer a service based on an open source project, we ensure that we are equipped and prepared to maintain it ourselves if necessary" (presumably because they understand that the license could change, or the maintainers could just stop maintaining).
I wasn't referring to Amazon, I was referring to the community overall. And don't get me wrong, the community will be fine because we'll have high-quality forks. I'm just pointing out the scumminess of what Elastic did for the company that claims to be the little guy getting exploited.
But they absolutely did pull the rug. Or as a better analogy, they shut the door behind themselves.
I think the fact that you've been downvoted only validates your point. I agree that I think the idea of "open source" has veered so far away now from Free Software ideals that this is the only reasonable outcome, even if it was not desired. The Open Source vs. Free Software people kept saying they were fundamentally the same but one was more palatable to commercial entities, but the (granted, not the most pleasant) "free software fundamentalists" called this outcome a mile away.
Amazon is doing all of the work of buying servers and hiring skilled professionals and setting up instances of Elastic and automating it so that you can easily rent a server to run it.
I agree. What Amazon is doing is clearly legal , but it also clearly violates cultural norms about fairness. I don't know much about the Elasticsearch team or company, but from a 50k ft view it seems like Amazon could and should throw them a couple mil, at least out of pity.
Because an 800lbs gorilla is trying to crush an open source project? They could've come up with some agreement to oem Elastic and they both could've benefited. Instead they decided to just build a competing service at the expense of Elastic. It's the same reason most of the community had no time for Oracle forking RHEL.
>AWS contributes improvements to the project.
Per a poster below, 9 PRs out of 41,000 (I haven't verified). For a company the size of Amazon, unless it was one heck of a PR that's basically nothing.
*Correction after looking a bit closer, I think Amazon has submitted at least 600 PRs, they only listed 9 in the blog post. That's better but it still doesn't change the fact their business model doesn't allow the companies they're building on the backs of to have a sustainable revenue stream.
Someone at Elastic didn't do the math on this. Amazon can easily fund developers, they just didn't because they didn't have to. Now that the gorilla has been enraged woe to the thing that pissed it off. We'll see if amazon actually contributes to the new fork. The fact that amazon is in a better position to make money off of open source software is part of the calculation that startups should be making if they are writing open source software, especially if their moat is a proprietary shim that any of the big providers could rewrite in a month if they cared. Adding a rider to your open source that says "oh, and only the original authors at this one company are allowed to implement those shims" may play well with the HN crowd, but it isn't open source anymore.
I will also note that is clearly not enough competition in the cloud provider space, if there were more competition then elastic might be able to make money from the platform providers by implementing ES for each platform as you suggest.
> Now that the gorilla has been enraged woe to the thing that pissed it off. We'll see if amazon actually contributes to the new fork.
Elastic loses nothing by pissing off AWS, this was clearly the right move. AWS has contributed very little to the project so far, so if they took their toys home in a huff it makes no difference to Elastic. And if AWS does contribute significant development to their new fork, Elastic is free to copy any worthwhile commits into the official repo under the terms of the license Amazon has released their fork under. The only thing Elastic is going to suffer for this is some people whinging on HN about whether or not it’s “really open source” anymore.
Just curious, have you ever operated Elasticsearch at scale? I haven't operated at the petabyte level but I have at the terabyte level, and everything I've seen tells me that this move is going to hurt Elastic immensely. They've forced Amazon to create the Elastic equivalent of postgressql/mariadb/jenkins ci.
What downside exists for Elastic from making this change? If AWS makes valuable contributions on their fork, Elastic will absorb them, but the converse is no longer true. If the downside is that the AWS hosted ElasticSearch service will become successful, well, that was happening anyway before the relicensing.
I don’t see a path for absorbing and relicense. Especially if the core code method signature diverges in the future. It is going to be a lot of trouble for Elastic to absorb non-trivial contributions from the fork.
> Amazon can easily fund developers, they just didn't because they didn't have to.
Disclaimer: worked at AWS.
Yes, Amazon has a vast number of engineers. They also have a vast need for engineers.
So they have to make a business case to continue to fund engineers, and I don't think one exists for the type of development we're wanting.
To be clear, there is some development they could justify.
If they are replicating new features that Elastic releases, so they're not falling behind the market, the business case is retaining customers. But that's playing catch up.
If new features optimize the service, the business case is being able to advertise lower TCO, which attracts customers. That could be quite beneficial, but there's usually not a ton of optimization you can do.
There is a business case for new features that increase integration with other AWS services. That increases customer usage of AWS. But AWS is so proprietary this would likely be useless outside AWS.
So none of that, I think, is the development people are looking for.
What we'd want are features a software business develops to differentiate their product in the market. If the features go into the open source version, however, then by definition they aren't differentiating.
This is the key business contradiction in AWS trying to fund open source development.
Maybe I'm missing something and they can make the business case for continued differentiating feature development. So, I'd say I'm wrong if after two years we're seeing such features being released to the commnuity.
> Amazon can easily fund developers, they just didn't because they didn't have to.
Looking at the various projects at https://github.com/opendistro-for-elasticsearch/, the most prominent ones seem to only have a handful of somewhat active developers, almost two years after launch.
If AWS hires a lot of people to work full time on their ASL2-licensed Elasticsearch and Kibana forks, then ... that's not necessarily _just_ bad for Elastic? I doubt Elastic execs thought AWS would just fall over and discontinue something that's probably billions in revenue at this point. If AWS actually starts contributing code beyond trivial bug fixes, code Elastic can legally fold into their own Elasticsearch (via the ASL2-licensed fork) if it's good enough, then ... good for both?
Honestly I don't know how that works. My understanding is that you cannot move existing ASL code under a different terms other than ASL unless you are the copyright holder. All modifications you done can be subject to whatever terms you liked. This seems to match what they said http://www.apache.org/foundation/license-faq.html#Distribute...
I think this important bit is sublicense v.s. relicense, where in sublicense case, you have to retain the original terms carried for the original code.
Now, Elastic relicensed the whole software stack under SSDL. So to integrate any parts AWS done, they need to license Elasticsearch back to some mixture of SSDL and ASL, which would be weird.
"Amazon can easily fund developers, they just didn't because they didn't have to"
That may be true for a few OSS projects, but if they were forced to do that for ALL the projects they're profiting from the math would probably not look as simple.
Of course Amazon will contribute to the new fork. They have many thousands of paying customers who have little incentive to switch, for better or worse. The only thing that might actually call for a migration is a significant decline in feature development.
Your argument illustrates the hard fact revealed by the Parler ban. No, Amazon isn't a monopoly (I'm using an Elastic cluster on Azure), but they wield influence as though they were.
> The fact that amazon is in a better position to make money off of open source software is part of the calculation that startups should be making if they are writing open source software
So what you're saying is people shouldn't work on open source projects. That's essentially what your statement boils down to.
No, it's a fair thing to consider when you're creating a business based on a project that can be forked, that someone with more money and resources than you can fork it and run you out of business.
That doesn't mean people shouldn't contribute to open source projects.
I should point out too, most companies actually can't afford to fork and take over projects. At $PreviousJob we wrote proprietary software but used open source software (for example Intel DPDK). If DPDK were to suddenly switch their licensing, we would never have the resources to maintain something like that long term. So just because it _can_ be forked and "taken over" by another company doesn't mean will. It most likely won't.
Elasticsearch isn't two scrappy guys in a garage writing code out of the good of their hearts. It's a VC-backed $15B company which now needs to make money.
Open source is the last thing on either of the two gorillas' minds.
It doesn’t seem unreasonable to me that a project would die if it’s original developper community dies. Some projects survive that shift, but it’s the exception more than the rule.
You're not required to contribute with your amazon e-mail address, and I see a lot of people who don't due to inertia or because they want to avoid tying their identity their employer.
Agreed it's not perfect, and that's why I included my methodology and asked if anyone has a better source since less substantiated claims are being quoted:
Popular OSS licenses were designed in an era to allow direct customers (businesses) to directly install and use the software, and redistribution means only distributing the package.
Nobody at that time knew or predicted that SaaS (let alone cloud computing) would be a thing, that large, profitable middlemen will directly host the software, pass through just the API, with zero customer exposure to the running instance.
AWS taking advantage of this — yeah sure it may be legal, like how business lobbying senators for obvious policy hacks is legal — but doesn't mean it's fair or acceptable. It's totally OK to call them out here and not reward them for it.
The AGPL was a good attempt but it seems that it too vague. For example even Google, with its teams of lawyers doesn't feel comfortable using it for any purpose.
It appears that they are concerned that it may be argued that if for example YouTube uses an AGPL DB that they would be required to release YouTube under AGPL.
I'm not saying that the interpretation is correct, but if companies can't be sure they won't use your software.
And to be honest IANAL but their interpretation seems reasonable to me. If you put Mastodon behind NGINX I think it is fairly easy to argue that the user is "interacting with it remotely through a computer network". So now if you have a theoretical AGPL Elasticsearch and your site sends the user search query to it and returns the user the results it doesn't seem clear that this is a legally meaningful difference. I certainly wouldn't want to argue that in court. I'd just use different software.
Then Elastic should've come up with a non-Apache-2.0 license at inception.
Licenses exist for a reason. The onus is on the person choosing the license to choose one which aligns with their intentions. You cannot and should not expect downstream consumers of the software to confine themselves to some subset of the actual license's allowed activities just because it's the "nice" thing to do (as of course this assumes morality is in any way objective).
They made a mistake with their original licensing, and now they have corrected it. The comments on this post seem strangely invested in Elastic not fixing their mistake.
Did they made a mistake? It looks to me that they took advantage of Splunk being proprietary. Not many people would use closed Splunk alternative. So they have made an open alternative and everyone loved it and this is what created the community and made them popular. Then they started using their position to force people into their proprietary Basic package because there was no security in the OSS version. That caused many data leaks from unsecured Elastic clusters. Can you imagine MariaDB not having any security by default? Or nginx without ACL? I never cared about Machine Learning, APM, SIEM and their other "products". Then they released "basic security" which was not open and was still pretty limited (e.g. not supporting OpenID). Elastic is big now, listed on the stock exchange so I understand they have to listen to their shareholders. While I don't like Amazon business and I am not their customer, I actually welcome this attempt to finally make a basic usable Elastic really open!
Right but "who is wrong" is what the disagreement is about, and if Elastic made the mistake then arguably it is them who are wrong.
In contrast, a number of people here are acting as if AWS is totally in the wrong. But the only wrong here is Elastic making the mistake and then acting as if the whole thing is AWS' fault. No, if you license your software improperly that's on you, not anyone else.
What about Elastic making the "jerk move" by switching the license under Amazon?
Amazon built the product with the hope that it would continue to be developed with that license. What are they supposed to do with the license change? Just accept whatever Elastic said? I don't think you can blame them for taking the last version where they agreed with the license and continue to use and develop it. Sure, maybe making it open is a bit of a jab back, but even in isolation it makes sense for them.
> What about Elastic making the "jerk move" by switching the license under Amazon?
They’re also switching out the license under everyone else. It’s maybe notable that elastics cloud offering was acquired at some point (it used to be found.io). I used to do elasticsearch consulting and I could name a few customers that will now have to reevaluate their product.
No open source license prevents people from capitalizing your project. Adding a non-commercial clause to an OSS license makes it not comply with OSS anymore.
Preventing companies from hosting the software with propietary changes can be done with licenses like the AGPL, but again, the objective is not to disallow commercial use, but rather to force the source code to be available for the users of the software.
And frankly, I don't even buy the morality argument. It is a moral good to provide value to customers such that they voluntarily choose to give you money in exchange for that value.
These people have this bizarre fusion of capitalist and communist reasoning, I really can't reconcile it. On the one hand they seem to think profit is fundamentally evil, but on the other hand they seem to think the problem is that Elastic isn't being allowed to monopolize all the profit.
Well, which is it? Did Elastic release non-restrictively-licensed free software out of the goodness of their hearts, giving it away with no expectation of a return? Or did they create this codebase purely for profit, and thus have no claim to moral highground? It's all so silly and childish.
And the biggest irony is, Elastic is already a successful business. They're trying to pretend their business model is not viable as long as Amazon keeps operating, which is just gaslighting.
> Nobody at that time knew or predicted that SaaS (let alone cloud computing) would be a thing
I'm not old enough or experienced enough with computer history to seriously argue about this, but this statement sets off some alarm bells for me.
My understanding is that extremely early on in computing history, especially early in the Internet era, people were thinking about SaaS. We had shared terminals, Sun was even trying to turn remote VMs into a feasible business model. I am very skeptical of the idea that Open Source developers never considered that someone might want to sell computer hosting or provide API access to a virtual environment.
I mean, doesn't the whole problem with modern Linux security stem from the fact that it's user-specific; that it was designed around this idea that it would be running on a server and accessed by a bunch of different user accounts & terminals? It was personal computers that were the surprise, not shared hosting and remote terminals/APIs.
Am I off base here? This doesn't square with how I understand computing history.
Let’s leave alone for a moment the fact that the most permissive licenses (BSD, MIT) were not really designed, as much as they appeared out of historical accidents as a “just don’t bother us” device...
When it comes to licenses that were written “with a plan”, there is a charitable reading and an uncharitable one.
The charitable reading is that, back then, it was assumed that every computer user, local or remote, would have access to a compiler; and that any user would eventually learn how to operate a compiler, hence making it obvious that they would want to mod and compile the software they ran. And then they saw the licenses worked well enough to develop an ecosystem, and more or less left it at that (unless explicitly threatened, as they did when reacting to freeloading trends in embedding with the GPL 3).
The less charitable reading is that they left the door open precisely because they knew it ensured demand for service providers and system administrators (which many of the original “foss hackers” were, in their day job).
In any case, I don’t think anyone would have predicted they would become so dominant; everyone just assumed the big commercial vendors would be around forever, and FOSS would always be the underdog ecosystem; hence, leaving certain activities commercially unburdened would have always been somewhat necessary.
Ignoring that Linus himself isn't particularly software freedom-y (I think he, entirely and provably correctly in my view, firmly believes in open source as a way to achieve good software, but the freedom angle isn't as important as for someone like Stallman), Linux being GPL is arguably the reason why it dominates - any changes worth talking about to Linux get propagated publicly and openly, as opposed to if it were under a permissive licence.
Not exactly the same. As I mentioned in the comment, you have direct access to the Linux OS when you host. Open as in access to the underlying OS is open. You can configure it, install packages that you want, etc.
When you run AWS Elasticsearch, you have no access to ES instance. You can't configure it, you can't add your own plugins. You are no longer a user, you are just a consumer of the UI/API, even when the primary product is still called Elasticsearch.
I think "it's legal but not necessarily moral" is a bit of a dodge.
It's not just legal. It's explicitly allowed behavior according to the license that Elastic chose. This isn't like "yes it's the law but some laws aren't fair!". The only laws that are coming into play here are basically ones which say "you made your bed now lie in it".
Elastic explicitly said (by choosing a license) "you can do X with our software!" and now they are mad because... someone did X with their software?
If the Apache license allows morally unacceptable behavior... why did they choose that license?
Indeed. And it's not like an accident, I'd say it's totally part of the original intention of these open source licenses that anyone in the world has an equal right to profit off the software, nobody monopolizes that. That was part of the intent of open source licenses such as apache, consciously designed.
Fundamentally, these people do not believe in the core principles of capitalism, such as the notion that free trade makes both parties richer and that profit is not an evil but a necessary and healthy phenomenon. Thus because Amazon is a huge company, they view it making profit as fundamentally evil. They've also basically been brainwashed to think that the word "monopoly" means "any time a large company competes in the same market as a smaller one".
Which is ironic because, they also at the same time believe that Elastic is entitled to all the profits, and wax philosophical about "but how will any company be built around open source if we don't carry Elastic's water for them?"
> profit is not an evil but a necessary and healthy phenomenon
I'm actually going to disagree slightly here. Making profit is not necessarily healthy, generating value and capturing a fraction of that value as profit is though.
Our system is complex enough at this point where you definitely can and do have entities that are capturing more value than they are delivering, and that is immoral (imo). In that light, profit definitely can be evil.
However it is certainly not always evil, and I don't think AWS' actions qualify in this case. They are delivering value to their customers, and they are capturing a fraction thereof.
There's nothing unethical about "capturing more value than you deliver" (well, assuming I understand you right; I'm interpreting that to mean side A gets say +10EV and side B gets +100EV). In free trade, both sides benefit; that's why they freely chose to trade with each other. It is a myth that one side can unilaterally benefit at the expense of the other side. So if you actually meant "it's unethical if the consumer is coming out of the transaction worse than they came into it", that can't happen under a system of free enterprise. (To the extent that you think it's happening, you are making a value judgement that a certain side is irrational or stupid to perceive a trade to be valuable)
Now, there are absolutely cases where there is unethical profit, but (under my worldview, at least) those are all cases where the state gives a company a special advantage, or literally gives it money. So, the following is unethical:
- bailouts of corporations ("corporate welfare")
- government providing an exclusive monopoly to a given company
- government de-facto forcing someone to buy a product due to coercion
The following is not unethical:
- making a product, offering it freely for whatever price people are willing to pay
> It is a myth that one side can unilaterally benefit at the expense of the other side
While true in a simplistic sense, this is generally not true when you have a society / economy as complex as ours.
Partly this is due to perceived value vs "actual value", and to me a business is only moral (obviously businesses can't really be moral, so what I'm really saying is "the only businesses that should exist") if you actually believe that what you are delivering to the other party is more valuable than what you are costing them, so that it is actually a win-win. Generally this is hard to measure, but I can provide some examples of when this is pretty clearly not the case.
1. Get rich quick schemes. Things like online courses that tell you how to make boatloads of cash by doing X. Except they don't actually work, so the value to the purchaser is effectively $0, while what they paid for it is certainly not.
2. A larger scale example: the collapse of the housing market in 2008. This is a better example of effects from the complexity I mentioned earlier. A significant part of the crash can be attributed to CDOs/MBSes. Long story short, banks were doing some repackaging shenanigans to make something that was shit look less shit. Any honest accounting will realize that this provided zero real value. Yet the bank's were getting rich off it. That certainly sounds like capturing (>0) more value than you are delivering (0) to me.
Is it not consistent with a dislike of Microsoft's Embrace, Extend, Entinguish approach?
While what AWS is doing is (probably, IANAL) within their legal rights, it's arguably immoral because it is basically saying, "We love this project so much we're going to build it into a different direction and charge people to access our version." Which, given AWS's widespread adoption, puts the OS version in peril.
Edit: Thanks for pointing out that AWS will be releasing the code under an Apache 2 license. That does change my opinion somewhat, though I'll leave my original comment for posterity.
> it is basically saying, "We love this project so much we're going to build it into a different direction and charge people to access our version."
No, you won’t be charged to access their fork on Github. If you want them to host your Elastic or Kibana service you’d have to pay for the service, but that’s not related to access to the Apache licensed source code.
It's not. Sure, Amazon is continuing to charge for their existing ES managed services. But they're open sourcing the project behind it. So quite the opposite of what you've said. You can access this open source version of ES free of charge (once it's release on GitHub."
From the article:
"Our forks of Elasticsearch and Kibana will be based on the latest ALv2-licensed codebases, version 7.10. We will publish new GitHub repositories in the next few weeks. In time, both will be included in the existing Open Distro distributions, replacing the ALv2 builds provided by Elastic. We’re in this for the long haul, and will work in a way that fosters healthy and sustainable open source practices—including implementing shared project governance with a community of contributors."
Aren't they sharing the fork? Sounds more like "we like it but its no longer free to use, so we're making it free. btw you can pay us to host it for you"
The real problem is that WE, as a community, demand certain licenses from the tools we use. If Elasticsearch didn't have such a permissive license, we simply wouldnt have used it, it wouldnt have become popular, and there would be no demand for AWS to provide it as a managed service.
So is ES to blame for having a permissive license? Or is it AWS for making it trivial to use? Or are we to blame for dismissing any license that isn't OSI approved (and even then, we still snort at things like Affero GPL!)
IMHO, if there IS a "bad guy" in this situation, its us...
Forgive me, which part of [1] even mentioned Profits, Revenue, Business Models, CopyLeft ?
And which part of the same article ever said Elastic are not OK with Amazon providing a Services using their Open Source Software? Which they are legally allowed to do so with Apache 2.0? They even mentioned and I quote:
"We collaborate with cloud service providers, including Microsoft, Google, Alibaba, Tencent, Clever Cloud, and others. We have shown we can find a way to do it."
What they are not happy with was the TradeMark. Amazon usage of that Trademark to mislead customers and this isn't some recent things either. It has been going on for 5 years. ( And yes the court should be used to settle that. )
So majority of HN; including its previous threads with 1000+ comments, is basically making allegation that Elastic is making the changes because of their Business Model. Until that can be proved, allegations remain merely assertions.
But right now it is being stated as Facts. And it is now being spin into ethical debate.
And I was under the impression, should Amazon be forced to fork it, which they did as announced, would have to use a different name. Instead they choose to use ElasticSearch again.
What is the point of the license change then? AFAICT the software license does not affect the trademark, so the only effect of this change is to disallow hosting ElasticSearch as a service.
Understandable, because a lot of people open source their code under a permissive license because it’s a cool thing to do, not because they understand what truly open sourcing their code means.
I don’t think VC-backed startups do that. They open source code because open source materially benefits adoption and mindshare, which grows the potential market for services, and that’s how they end up with big valuations selling premium services on top of their open source core.
Of course, sometimes they get mad that this also enables other people to sell premium services on top of the open source core, and sometimes those other people can make more money because they are major incumbents that integrate other offerrings. But that doesn’t mean the startup would have been better or grown faster or sold more of its own services if it hadn’t been open source.
It also doesn’t mean closing-up negates that competition: once the value of the product is proven, the major incumbents also have had proven for them the potential value of funding a fork with its own dedicated team, which can reap the community reach benefits of open source and compete with the relative upstarts now-proprietary offering.
And this is the core of the issue I think: people use Apache and MIT licenses by default without thinking two seconds about the consequences. It's just the default on GitHub.
Elastic is derived from Apache Lucene, it’s unclear if anyone involved in its’ development could legally have made it more restrictive, though they apparently are trying to.
It seems like a lot of us perhaps rushed to discussion before reading this article, which is about Amazon forking ElasticSearch so that an OSS version would remain available.
Honestly, this is a shitty move by Elastic and I’ll be advocating against new uses of it, though /because reasons/, I doubt this will come up for me in the near future. ;)
> Elastic is derived from Apache Lucene, it’s unclear if anyone involved in its’ development could legally have made it more restrictive, though they apparently are trying to.
Actually, you can totally use Apache 2.0 code as your kernel and then make the whole thing a restrictive license. In fact, that's why we're having this discussion right now. Elastic just made their Elasticsearch/Kibana codebases entirely proprietary, even though they rely on Apache 2.0 Lucene as their kernel. Which to be clear is totally fine, I'm just pointing out the obvious.
Yes and no. I think I remember hearing about a license before that would require anybody that forks your project to create a PR for any changes they make.
While this wouldn't prevent a company from using your project, but it would at least force them to pass on any of their changes.
I am not sure that there are, but that's also the point. Open source software does not guarantee or even offer a business model. If you want to license your project with a "do what you want, no warranty" license that is attractive to contributors, you cannot also add a clause to limit something.
This is how must awful actions by powerful entities are justified.
I say "Rich people get huge tax breaks, why??" you say "well that's how tax law works, why get angry?"
I say "I'm a small business getting exploited by a goliath!" you say "well everyone is playing by the rules so it's their fault"
Systems are so biased by large actors and for some reason everyday people jump in and defend them? We should totally take everything in critically but this defense doesn't seem reasonable at all.
Everyday people jump in and defend them because sometimes the big company is doing the right thing? Like some of us have been around since 25-30 years ago when the OSI was created and Linux was taking off. We have had these arguments for decades.
There seems to be a generational knowledge gap where people of a certain age think there large actors are permanent and evil. That’s plainly untrue. Often the scrappy upstart is being unethical.
Yes, the license allows it. So, technically they can. But you have to admit that it's a bit of a dick move.
The reality is, ElasticSearch with all of it's capabilities would not exist if the company would not exist.
How many other new interesting products will no longer be built as open source, because they know that AWS can just co-opt them and then their business will be effectively over.
The laws and licences cannot possibly cover all the details of the real world, there needs to be some humanity involved, some "let's try to not be assholes" attitude.
I prefer to live in a world where I'm not required to be a robot. Following all the clauses and laws to all the details will end up with that. It's not a great path.
> The reality is, ElasticSearch with all of it's capabilities would not exist if the company would not exist
Would the company and product be as popular as it is today if it was licensed this way from the beginning?
I see this as a type of bait-and-switch. I invest in this open source technology, and then after I invest money into the service, they change what is being sold.
> that gives AWS the right to offer this service. Maybe they did not have right to trademarks, there are courts to settle that.
You both articulate the problem and dismiss it in the same sentence. AWS have a right to offer the service - they do not have a right to tell people that they built ES, or to say that they work hand-in-hand with ES, etc. But there is nothing that a small open source group can do without tackling the shit-ton of lawyers that Jeff Bezos can bring to bear on the problem. No matter the points of law, he can just outspend them in every capacity to get the outcome he wants.
We use ES and Kibana open source. Our entire infrastructure is on AWS and if AWS is managing the installation and maintenance efforts thats a great help.
ES was never going to make a penny from us anyways and AWS is not making any money from the ES software itself. What they are making money is from our usage of their core services. Same goes for all the other open softwares, Kafka, Airflow, EMR to name some. Plus it would be dumb to have your infrastructure on AWS and buying ES cloud service where you'd require to send your data out of AWS as you'd have to pay for the data out.
Unless it's not clear yet, the biggest benefactors of OSS have become the 3 largest cloud vendors owned by 3 of the largest tech mega corps, namely:
- AWS
- Azure
- GCP
The multi-billion dollar infrastructure and network lock-in cloud vendors enjoy ensures there will only be these 3 cloud platforms (in the western world) that will enjoy most of the value derived from OSS, who are collecting rents on the backs of ISV's who developed the OSS products, because of which they're also going to be most invested in keeping the OSS status quo where they're able to repackage the resources & efforts others have invested into developing their OSS products and reap a majority of the profits by offering it as a managed hosted service on their platform, since relatively no customer using the cloud is going to want to use an external service if there's also the same managed service being offered by the cloud vendor.
The fantasy that OSS allows equal competition is no longer a reality, ISV's cannot compete with a cloud vendor who uses their own investments against them in addition to their anti-competitive monopoly lock-in of already having Customers running on their cloud platform.
Elastic's move to SSPL is effectively "OSS + free for everyone with the exception of exploitation by a major cloud vendor", since without it we're heading towards a mono culture future where all hosted OSS software is going to be funded and resourced by the billions major cloud vendors have reaped in collecting all the rent for hosting others OSS investments, that AWS gives nothing back in exchange for.
SSPL is effectively being used a tool to force AWS to do the ethical thing and reach an agreement with Elastic to distribute a portion of their profits from using their trademarks and hosting their Software they've invested a decade in building. AWS has instead chosen the path to maintain their own fork to avoid sharing any profits with Elastic as they're obviously currently making so much from hosting Elastic's products that it's in their financial best interest to start hiring dev resources to maintain their own fork then sharing profits with Elastic to fund its continued development.
Will be interesting to see how this strategy turns out, AWS may have already become to big to compete against who will be able to out resource, out fund & take over any ISV's OSS product, but it's clear the longer Elastic waits, the harder it would be to protect their own investments being used against them.
"It is up to Elastic to come up with a business model that works, not blame others if it is not. "
This comment kind of implies there is this 'free and fair market' that just magically rewards better products etc..
Mostly, it's a game of power.
Large companies use power to wipe out smaller one's and consolidate, sometimes to the near term benefit of consumers, sometimes not.
Also - just because something is legal, doesn't mean it's fair, we really shouldn't have to state that. This doesn't mean that Amazon is 'bad' because they are big, or Elastic is 'good' because they are small or any of that, but the issue is worth consideration.
You’re legally allowed to call me an asshole to my face, but in a world where we expect civility...
...well, there is no but. The price I pay to live in a free world is that I can’t do anything about anyone else’s bad behaviour. I just have to put up with it because the alternatives are worse. At least I get a free world out of it.
I hope Elastic get something out of the free world in which they exist. Patches from early contributors, I’m guessing. Certainly a brand and adoption they wouldn’t have enjoyed had they remained closed source.
It’s a better world than one where we lack high quality open and free software, even if we have to live alongside the Amazons.
I think people's gut reaction to this being wrong is that a conglomerate is making millions off of others work, I think that's a fair reaction.
Open source software was about empowering people in particular, not corporations. It has however made it very, very difficult for individuals to make money from their software whilst the corporations reap the rewards from countless man hours of this free work across the a myriad of domains.
I still think it's something we can get better at as an industry. Just choosing different licenses doesn't really solve the problem, people regularly shun paid software licenses, feeling entitled to all software for free, and I think that's an issue for the ecosystem as a whole.
I think this is actually best for users and the community. Sucks for elastic, but glad to see the project continuing as open source.
Also good to see Amazon sponsoring lots of OSS development. Wish they could have done it in collab with ElasticCo, but I think that’s on them as there’s no way they can allow peers to contribute and stay in business.
>>I do not get why people are coming down on AWS here. Elastic made the software available under the Apache License. That gives AWS the right to offer this service.
Something being legal does not make it ethical, many people see what AWS did, including profiting off the TradeMark of Elastic Search with zero compensation to the project is unethical
AWS is clearly in the wrong here, I am surpised by the number of people that defend AWS, this is why FOSS continues to struggle
AWS is a leech on Open Source, like many other large companies. I will be SHOCKED if AWS fork has any actual feature improvements, my guess is it will be a pure maintenance fork with security updates (maybe)
It's a failing of many licenses where if the binary isn't modified then the rest of the software doesn't need to be similarly licensed. This goes against the spirit and intent of these licenses. Simply wrapping a OSS product in proprietary service layers is antithetical to the spirit of the open source license and not in the best interests of the community.
Allowed by the law does not mean it's considered ethical.
AWS has changed the "new low" what an open-source project can expect if a cloud company earning billions on top of open-source can just change their project and fork it.
Cloud companies taking your source are a "new thing" to consider in the world of open-source.
I read the first paragraph and just though jesus AWS are dicks. They literally frame it like they're doing this for the betterment of everyone when in reality they're being cheap. It is legal, but it is immoral just like lots of things Amazon does. That's why they are coming down on AWS.
Your right to do something does not remove my right to call you a dick for doing it. There is a large difference between what is legally allowed and what should be encouraged for the good of society.
That's not the exactly what's been happening. I'll give you a more accurate timeline
Elastic: Hey here is some software. You are free to use it without paying us
Community: Awesome!
... years go by and the community is loving it, Elastic is loving it everything is great
AWS: Wow! Free, popular software. Millions of dollars already invested in it so we don't have to. We'll take it for free and sell it.
... years go by
Elastic: Hey AWS! So glad you like our software but we can see that your actions are hurting our business which will hurt the software and the community in the future if we don't do anything. What do you think about making a deal?
AWS: Lol, suck it.
... years go by where other cloud providers make deals with Elastic
Elastic: Okay AWS, from now on we are changing our license so you and other companies similar to yours cannot re-sell it
AWS (and their fans): What, how dare you?! We've made millions by reselling it as our own, and not you are going to restrict us doing exactly that. You dick!
> AWS (and their fans): What, how dare you?! We've made millions by reselling it as our own, and not you are going to restrict us doing exactly that. You dick!
The latest event is more like
AWS: Ok, your choice, we'll keep developing and making available an open-source version with the original license.
Precisely why GPL is the way it is. If a company released Apache or BSD code they must understand that the code can be used and extended for commercial purposes and they don't have to offer those extensions back to the community. If you want to ensure those who derive benefits from it also contribute back, you choose GPL.
GPL doesn't require you to give back to the community, only to your users. That's a huge difference and that's why GPL is generally ok for internal projects.
I didn’t say any differently. A company like Amazon would have to release their enhancements/changes/ modifications. It doesn’t matter if it’s to their users - they can’t prohibit their users from sharing it which for all intents and purposes is contributing back to the community.
AWS are the good guys here. Elastic built a popular product off the work of countless open source contributors. That's how they became a market leader in this product space. It's how open source works. The people who contributed to the product did so with no expectation of reward except that their efforts would remain open source.
Elasticsearch got popular, and now Elastic wants to reap all the rewards and make money off the product. They're free to do that, and create restricted-license or closed-source versions for future enhancements. But the community doesn't have to buy into that and continue to contribute to what is no longer truly an open source product. AWS is forking it and continuing with the original, truly open source license.
This is pretty much exactly what happened to MySQL, and now we have MariaDB, which is a better and truly open source product.
AWS does plenty of things worth criticizing, and one can even criticize them in this particular instance for not working with Elastic to provide more support to whatever it was they were asking for. And Elastic may very well have a legitimate gripe about trademarks. But yanking the Apache license out and moving to a more-restrictive license is not the right solution, and is not what everyone who contributed to building the product signed up for.
You can't create an open source project, wait for it to gain market dominance, decide to be less open source, and expect the community to continue contributing.
Elastic shot themselves in the foot and now they can either revert their decision or get left behind as the community moves on to what will ultimately end up being the better product.
It's possible for there to be no good guys in a fight. They are both multi-billion dollar corporations looking out for their shareholders' interests. "Open source" is being thrown around by both sides as a marketing/goodwill tool, nothing more.
I'm about to make a really petty and possibly off topic comment, so sorry for this --
"this is the correct take" is like my least-favorite Twitter-ism of them all. it's so ridiculously authoritative and final. Like, "Whoa, okay, everyone stop the discussion. @SandwichGuy87 has identified the correct take. Thanks for bringing us to reality, @SandwichGuy87."
I think if you read the two parent comments to "this is the correct take", they also take an authoritative mood.
Rather qualifying a statement with "I think", or "I believe", they basically assume some reality to be true and then describe it. And that's ok, as readers we assume that the author is giving their opinion.
So "this is the correct take" should be read as "in the reality that I believe is true, this is the correct take".
Except [I believe] it should be called out to help the author become aware of the rigidity in thought of they are unaware of it. Perhaps they truly believe something is the only truth., and then they can defend their authoritative statement if they wish.
I agree but I am a firm believer that all things between people are highly situational, including when to inform, when to explain, when to suggest, when to ask, and when to listen. Correcting people can be considered impolite. In discussions marked by conflict, it's often more useful to get the other person to arrive at your conclusion themselves, by simply presenting the information and your evaluation of its meaning. It depends a lot upon the audience, the prior conversation, the circumstances etc. People are marked by a great deal of hysteresis (not to be confused with hysteria lol).
I guess "I believe this is correct." would be more polite. But on a social media site where everything is about prompting the next comment, and no one can unilaterally end any conversation, it's obviously toothless. In that context, the "polite" alternative could come off as tentative.
I hadn't heard "twitterism" before. Is there a list of these? I unplugged from Twitter more than a year ago, and have benefited immensely. But I'm sure I'm missing references because of it.
“Acting out of self interest” doesn’t make you the bad guy. In fact, it makes you the good guy because you chose to align your own interests with something that is good. This is why Apple is the “good guy” when it comes to privacy and Google is the “bad guy” (relative to each other at least). Sure, Apple is acting in their own interest when they advertise how privacy focused they are. But they chose to make that a selling point for themselves, while Google did not.
I personally feel AWS should have collaborated with Elastic long before this. AWS is likely making a ton on the elasticsearch offering.
What’s interesting is a few people working at AWS has decided to be a bully and then now trying to kill a company. There is zero goodwill to the community here. Both parties working off their egos.
I hope they can keep it up and make their solution a MariaDB and not a subpar version of ES.
> It's possible for there to be no good guys in a fight
Without Amazon for this would have end up like Qt software .In this case Amazon clearly are the good guys. Although they do it in their self interest, i am glad it happened.
MariaDB came out with the BSL license for projects like maxcale to help protect against AWS nonsense (and the like). The mysql -> mariadb response is completely different, but no less terrible.
This is history repeating itself as Amazon, once again, attempt to gut open source efforts.
For a short while Amazon did contribute to some MariaDB projects.
MongoDB now have similar license and AWS offers compatible API's.
it does feel like the whole issue blew up so much because AWS & Elastic.co are unable to work together. We many never know the details, so can't say who's in the wrong here.
It's not clear to me how taking open source software and providing commercial managed services is "nonsense"? Or is it specifically when AWS does it that it's not okay?
Either way, is there something specific at play that makes it fundamentally different from say WPEngine running hosted Wordpress? Is it purely a function of scale?
If a startup decides that Kubernetes is worth providing a managed service for at what point does providing that managed service become "AWS nonsense"? Is there a revenue watermark beyond which what they're doing becomes unfair? Or is k8s ok because it's backed by a mega-corp already?
AWS repeatedly said they were "together with elastic" in service offerings. They apparently were not, so they were just running on elastics coat tails, offering nothing to elastic, and saying they were totally together.
It's hilarious that you picked K8. K8 destroyed dockers ability to make money. They were planning on rolling out their own system, but didn't get it out fast enough and got eaten.
Was k8 nonsense? no, they made a product from the ground up.
Contributor efforts are remaining open source. The change in license goes into effect in the 7.11 release. Code contributed under Apache stays that way.
Typically open source projects have only a handful of core developers - with a large majority being pass-by contributors interested in fixing their problems/use case. Characterizing it to sound like all these developers are being slighted is strange.
Not being able to reap what you sow is a problem with open source. I don’t doubt we are seeing less great software being shared in the open because of it. If we want more useful software shared as open source we should fix this. The Amazon problem doesn’t help. I’m with Elastic.
> Not being able to reap what you sow is a problem with open source. I don’t doubt we are seeing less great software being shared in the open because of it. If we want more useful software shared as open source we should fix this. The Amazon problem doesn’t help. I’m with Elastic.
Simply put, this is a naive and entitled attitude. And here's my proof of that: Elastic is a success story. They gave away software for free and turned it into a $15B business. And yet there's still people like you being apologists for their outright lies and intentionally misleading statements. I find it so incredibly absurd.
Elastic is tricking you into thinking that they are not an absurdly successful business. That's not true.
Oh, and one last time: This license change doesn't even protect their business, so it's totally pointless. It's just a business blunder. The SSPL will not make a difference to Amazon because they're not going to use the SSPL version of the code. It's so simple.
On the contrary, this is win-win for everyone: Amazon now has to make their fork competitive with Elastic's, so they'll have to invest more resources in open source development. Elastic is also still free to grab their Apache-licensed improvements.
Meanwhile, if Elastic's future improvements are better than AWS', it'll drive use of their services over Amazon's.
Elastic doesn't need to make more money than Amazon. They just need to be able to make enough to have a healthy business, and so far they've achieved that. $500MM yearly revenue with 40+% growth is nothing to scoff at.
It really seems like Elastic's motivation here is jealousy more than anything else. Which I understand from an emotional perspective, but from a logical perspective it's a big business blunder they've made IMO.
I totally agree, I think this is great for the community because the writing was on the wall ever since the initial X-pack source-available drama as well as the original OpenDistro drama.
IANAL but I think code doesn’t really belong to contributors if they agreed to sign their rights over with a CLA, no? Which is why I always feel iffy about CLA’s. I get why they’re needed but I don’t like what they enable.
So AFAIK it’s not exactly so. One can actually change project license granted they have agreement of every single contributor to do so. Which they do since they had the CLA system from the start.
So theoretically they can even unpublish all the code if they want. It’s just probably not worth the reputation as damage.
IANAL though so I’d be very interested to hear a patent lawyer take on this.
IANAL either but I believe that if you release code under license A you can relicense it to license B, but anyone that obtained the code under license A will be able to keep on using it under that license.
A license is like a contract, and you can’t change a contract out of the blue without the permission of both sides. Otherwise licenses would be useless, as at any point someone could go “aha, I changed my license to the give-me-all-your-money license and you’re using my code, so pay up!”.
Since the license A in this case is an open source license, anyone that has a copy of the software with license A (such as amazon) will be able to share it again under license A. So effectively the old code base will always remain under license A, and only new changes will be fully protected by license B.
IANAL, but AFAIK while Amazon could ‘unpublish’ the code by removing it from their Github or something like that, there is no way to ‘unlicense’ it.
On a project without a CLA, you’ll have to ask permission to every contributor for a use that goes beyond the initially agreed to license. On a project with a CLA, the organisation to which the code has been licensed no longer needs to do that. The situation becomes similar to a project that only has one author and no outside contributors. So they can release a commercial version in parallel, or they can decide to change the license for new versions. But none of this magically changes the licence for old code: code once released stays under the license it was released under. Otherwise the whole system of Free and Open Source licences would be extremely brittle, if authors could just revoke their licences as they saw fit.
If one wants to contribute to something under an Apache license but exclude certain part, one is expected to explicitly point the exclusion out as in “this part is not delivered under Apache 2 license”.
Yes, but open-source software adoption and growth is about more than just those who build it, it's about those who use it. Elastic wouldn't exist without the users either.
> This is pretty much exactly what happened to MySQL, and now we have MariaDB, which is a better and truly open source product.
This is controversial example, in my understanding MySql creator requested to agree with his terms for all OSS commits, which gave him copyright rights on codebase, then sold his rights to Sun, and only then created MariaDb - OSS fork.
Where is the controversy there? Did he sign a non-compete?
NextCloud and OwnCloud
Jenkins and Hudson
More software is good.
I'd say the MariaDB-is-better conclusion is controversial since the improves to Oracle's MySQL are substantial. At least around Innodb, and disregarding their embarrassingly bad bugs.
> Where is the controversy there? Did he sign a non-compete?
Controversy is that he accepted patches from OSS contributors, but assumed his own copyright on them, then sold his rights to big corp (Sun), which (Oracle) closed some sources, it is probably not very clean behavior.
> Elastic built a popular product off the work of countless open source contributors. That's how they became a market leader in this product space.
That's simply not true. Elasticsearch and Kibana are primarily built by developers on the Elastic payroll.
You can verify this by looking at the "Contributors" tab on Github for both projects. I honestly couldn't find a single person there who wasn't employed by Elastic at the time of their contributions.
> The people who contributed to the product did so with no expectation of reward except that their efforts would remain open source
Again, did you do a survey of any of these people? Seeing they are Elastic employees I guess they asked for more than just OSS glory... Probably lunch and and a pay check.
> But yanking the Apache license out and moving to a more-restrictive license is not the right solution, and is not what everyone who contributed to building the product signed up for.
What would you suggest, at this point in time, that Elastic did instead?
They released the projects as OSS 10 years ago - there's no changing that. Now they need to stop Amazon or they might not survive as a company.
I'm honestly interested to hear your suggestion.
Personally I'd theoretically be ok with having contributed long ago, and the company now going SSPL. Not that easy to have known, that far back, how things would turn out.
> need to stop Amazon or they might not survive as a company
They make lots of money, but also have high salary costs, right. I wonder if you looked at the numbers and growth / profitablity, and concluded that they're at risk, or if you're assuming
Just as Elastic chose their license, and then Amazon took advantage of that, so did contributors decide to contribute under that license. So those contributors do not deserve any more sympathy than Elastic. Both got stuff yanked out from under them. Those contributors shot themselves in the foot.
FROM ORIGINAL POST: >When AWS decides to offer a service based on an open source project, we ensure that we are equipped and prepared to maintain it ourselves if necessary.
You might disagree but to me this sounds like hyperbole; a veiled threat should any other OSS dev decide to change their licensing just to disadvantage AWS.
I think it's juvenile to think that even AWS has the resources necessary to for every OSS product they offer. Think Linux (the kernel) etc. drivers, frameworks, as well as every dependency these projects contain.
It's a good point. Imagine if one of those open source projects that Elastic uses licensed there own little bit of code under the SSL. Elastic would flip out.
While it's great that AWS has indeed contributed fixes to upstream Elasticsearch, they link to 9 PRs that are generally on the trivial end of the scale. (Though I don't doubt the PR that adds a missing synchronized keyword might have been gnarly and time consuming to debug, and that diff size does not necessarily correlate to importance)
For a project AWS was making hundreds of millions in revenue on four years ago (as per an ex AWS employee), patting your own shoulder for such a trivial amount of contributions is a bit disingenuous. They might have contributed more, but if there was something significant, they probably would have mentioned.
Disclosure: I work at Amazon on cloud infrastructure, but not on the codebase in question. I helped with parts of the blog post to try to explain some of the nuance about how things are set up with Elasticsearch as an "upstream".
The 9 PRs were only to demonstrate working in the "upstream first" practice, and aren't exhaustive. It also doesn't cover the additional work in the Apache Lucene project that benefits Elasticsearch as well, which is where larger code investments are being made (since that's the right place for them to live, for much of what's being built).
A lot can be said about AWS and open source, but it is clear they have created some "secret sauce" on the networking, storage and virtualization side of things which is their core business. Unlike Elastic they never promised open source and never used it as marketing. So it completely fair for them to keep those things closed as they provide a big part of the competitive advantage to their cloud.
Those components underpin things like Aurora (which does tricks with storage and replication that MySQL can't) and this warm/hot storage. So there is probably no practical way to open source those elasticsearch changes without opening up their storage system as well and even then it wouldn't run outside of AWS.
There is a slideshare about their networking approach for VPC somewhere it's quite clever. But I can't find anything for EBS and what features it might have that make Aurora replicate the way it does.
Edit: I found this video https://www.youtube.com/watch?v=St3SE4LWhKo it uses the slides I mean but looks like there are a few versions from different events. Google for "another day, another billion packets"
I remember what it looks like, tried to Google it but can't find it. The gist of it was that they didn't create any tunnels or VPN like infrastructure to create VPC, because it wouldn't scale to large numbers of nodes. Especially because your servers can be on completely different hosts all of their internal network.
They want to fork because $$, fine. But they could at least stop pretending to be saint of OSS. They're bragging of raising 9 PRs of total 41000 in elastic repo.
They are brave regardless. Elastic is not only database engine but whole ecosystem. Drivers, tooling, existing code, data pipelines, documentation and tutorials. Long terms keeping with elastic will be challenging to say at least.
AWS's model seems to be to take a popular OSS product, do _just_ enough to make it work with AWS, make tons of money out of it, contribute a minimal amount back... and then act all surprised when they're painted as the bad guys.
Take postgres. RDS is a core AWS product. They absolutely rely on it. But if you take a look at
https://www.postgresql.org/community/contributors/, are any of the current major contributors at AWS? If they are, I can't see them.
It's okay to behave like that when you're a small or even medium sized tech company. But when you're the world's number one cloud service, by quite some margin? Hmmn.
Other people have chosen to license their own work with the license of their choice. The license is being complied with by AWS in fact and in spirit.
If you don't agree with the spirit of the Apache license terms, that's fine. You can draft an Apache-for-everyone-except-AWS license and lobby for its use by others.
You are missing the forest for the trees. I don't see many (really any) people saying that AWS went against the license terms. Simply that their actions do not benefit these projects in any proportional way which they rely on heavily. I'm sure many of these projects would much rather just have more collaboration and support from AWS than to have to think about and deal with a major player being a bad actor.
Edit: I am much more talking about projects like Postgres than companies like Elastic.
From my personal exchanges with people on Twitter on various contributions to projects in the Kubernetes ecosystem, I have frequently seen that some AWS employees (and sometimes the companies they partner with) want to make it seem like AWS is _really_ doing open source with real contributions. Every time I pointed my finger and asked, I got a response from such people "you should know not all contributions to the open source are code".
I'm not gatekeeping what "real contributions" are: You can fund development of OSS, you can provide Project Manager support, you can publicize and organize events (for the sake of the tech; not sales), do DevRel for something, provide UX/UXR/design support etc. They're all real contributions.
But for some reason, AWS contributions to 3rd party OSS projects stops right at "it works fine on AWS". It's kind of a meme at this point.
Disclosure: I work at Amazon on AWS infrastructure. And sometimes I have exchanges with ahmetb on Twitter.
I cannot dispute the fact that Google has more developers working on k8s than AWS does. And that AWS developers have been focused more on making sure that k8s works great on AWS, rather than the core code. I've heard folks say that they think that k8s works better on Google because of all the Google developers using it. And that might have been true at some point. But, in any case, that means that you're probably going to see more activity making k8s work well on AWS than work in other areas.
But it doesn't mean that other "3rd party" packages don't see more general activity that goes beyond "it works fine on AWS". Like the work in the upstream Linux kernel to apply the retpoline approach (invented by folks at Google, but not applied to upstream Linux) to mitigate Spectre. [1]
It is meme when people pick it up and propagate it.
Elastic is at least open about reasons. AWS pretend to be an OSS champion. Compared to other players Google, MS they do the least amount of OSS work. Hypocrisy is really worse than selfishness. It definitely shifted my neutral view of AWS.
I can still spin ElasticSearch cluster for my backend and I have somehow open license. Where is open source version of Aurora, Dynamo, DocumentDB, Neptune or Redshift? Where is anything OSS from AWS that is useful outside interfacing with AWS services?
Is it though? Every single one of their blog posts have been focused on spinning their decision as being great for the open source community. What they should have said was - we are a business, have VCs/shareholders and need to make money now, so sorry but the free ride is over.
Elastic say they want to make money of the product they've spent money developing and literally point at the company who basically announced they were using it in partnership with them and turns out isn't and isn't paying their fair share - AWS.
AWS say they want elasticsearch and kibana to be open source. What they really mean is they want to use elasticsearch without paying their fair share.
What is the "fair share" payment for ElasticSearch under its Apache license? I'm not a lawyer but it appears to be $0. Meanwhile, how come everyone showing sympathy for Elastic's position doesn't seem to be showing equal sympathy for Apache Lucene? Surely Lucene is deserving of at least as much credit as Elastic.
If I recall correctly, the creator, chief maintainers, and primary contributors to Lucene are also at Elastic. The ElasticSearch/Lucene distinction is one primarily brought up by AWS advocates to muddy the waters.
Elastic made the mistake of building a whole business on open source software by relying on the poor experience and artificial overhead to launching that software independently and in a production ready fashion. It's no surprise then that people in the community identify that this value is somewhat artificial. If you bridge that gap (either cloud providers providing it or someone contributes containerized/terraformed single deployment scripts), the value of having someone navigate the artificial complexity for you vanishes, and thus the value to the customer.
You have to question what value Elastic is offering its customers on top of the opensource project. Why is it that people complain about AWS devaluing the commercial services of Elastic but none of you complain about opensource devaluing the development of code in general. I can't for the life of me find a job that pays to write a new framework or some piece of interesting software because opensource completely devalues code. I think the proliferation of opensource is probably worse than some of you imagine. I'm not writing any opensource that isn't sponsored because I refuse to spend my time devaluing software development. The vast majority of the profits from opensource all end up in the hands of massive tech companies anyway. If we could skew the commercial advantages to the developer our industry would be a lot more pleasant.
Having given Elastic's support two tries at different companies, it doesn't surprise me that their business model is failing. Their support was _terrible_ both times; at no point were we ever in touch with anyone who seemed like they understood the product, cared about our issues, or were in any hurry to fix them. We were locked in year long, 6-figure support contracts in both cases, and issues dragged on for months until we basically gave up. We got better answers out of random Google searches and a 20 minute conversation with a friend of a friend.
AWS's hosted ElasticSearch only recently is able to handle the data set sizes we were dealing with, and their enterprise support on this (and other products) is vastly better than anything we ever got out of Elastic.
> We got better answers out of random Google searches and a 20 minute conversation with a friend of a friend.
On the other hand, if you were asking support to train you on "how to do A, B, C" while you didn't even check the documentation nor made a basic google search, I can understand why you were disappointed. Paying more for support doesn't change the nature of it, it doesn't magically become a google bot for you.
Could you maybe give an example on the issues you reported to support ?
If I have a six figure support contract and ask you how to do a simple thing with your product, you better have an answer. If it's so simple, why are you worried about it, when I'm paying for it?
We weren't having issues solved by basic documentation.
In the most recent example, we were occasionally hitting Java heap OutOfMemory under our workloads and wanted tuning or even architectural advice. It turns out that ElasticSearch didn't limit ingestion rate to control memory pressure and was happy to accept writes under load until it exploded. Heavy users of ElasticSearch commonly have to watch ES memory pressure and throttle their own writes client-side.
I would've loved to hear these limitations from elastic.co, be offered some tips on appropriate techniques for throttling, or have them accept a feature request to better handle this server side. We never got anywhere near that level of depth of understanding our problem, after months of trying. It felt like we were talking to first-level support who didn't understand the product much better than we did.
> I can't for the life of me find a job that pays to write a new framework or some piece of interesting software because opensource completely devalues code.
Could you put some more color around this part? I don't understand the argument you're making here. It sounds like you're arguing that there's not market demand for the thing you'd like to be paid to make because it already exists and that the version that exists is open source. How is that any different than if the thing you'd like to make is under a proprietary license but at a price point you are unable to compete with?
Disclosure: My entire career in the software industry has been at companies who pay people to write software that is made available under open source licenses. Whether or not there is demand for a new thing to be created has proven independent of the license on that thing. We create and support software that meets our customer's needs, give them a path to easily extending functionality with hiring a whole development team, and indemnify them from the risk of consuming potentially insecure, unsupported software in critical production environments. Open source is a software development model, not a business model. Providing customer value is a business model, and it's rather independent of the license underneath.
Being paid to write open source is the exception rather than the norm and very hard to break into even after decades of voluntary open source contributions.
> Providing customer value is a business model, and it's rather independent of the license underneath.
Yes, my argument and tl;dr is that flooding the market with free software has created an environment where superior for-profit alternatives (open or not) have no value to the majority, so software developers have got to go much much further to create a sense of value. There is of course intrinsic value to the software being used and it took skill and expertise to produce, it's just the perception of value is near zero due to the abundance of free alternatives and the culture of expectation that it should be free.
===
To support yourself financially when building a new library of some sort, you either require a commercial sponsor (someone who values this as part of a broader intent, thinks they will get kudos, free maintenance and hiring opportunities, but doesn't devalue their own business by open sourcing it), a derivative business from the software (support contracts, saas, book sales, bs enterprise features that should really have been there to begin with), or is run as a charity (donors or you simply just have to make $0 and lap up the praise for doing it out of the kindness of your heart).
The bottom line here is charity. People routinely work on software for no personal gain and people routinely expect all generic software to be free, to the point where a one off $5 per head charge is considered excessive and will never be considered.
If we imagined a world where people did place value on generic software, that is to say people expected to pay $1-$5 for a compiler or a library, that opens a lot of opportunity to individuals to compete and produce higher quality software and would give me the opportunity to work on things that I find interesting and care about.
Are you saying that most software engineering jobs in your experience are about integrating existing projects rather than building anything interesting?
I would say that all software engineering jobs are about integrating existing projects, although ideally that would be accomplished by building something interesting.
Often we draw some artificial line and ignore everything below that. If you draw the line right below where you're working, then you can "I'm building a system from scratch! Just using [Excel|a web browser|AWS services|NPM libraries|C standard lib|an assembler]."
I'm not sure there's any obviously "right" place to draw the line. The people working on better compilers are building on a stack of technology so vast they can't see the bottom, even if they're clearly many, many levels below where I am tinkering with some payment code talking to Stripe's APIs.
Not sure what the parent meant, but that sentence is most definitely true for the vast vast majority of software development of products - websites, apps (desktop, mobile etc..), IOT etc...
Making products is, as far as I know, also the vast majority of software engineering jobs.
I'm sure there are some software development work that is writing code that isn't integrating third party code- especially in library maintenance, low-level embedded stuff and some core business code of products.
Even if your products are novel and their core require specialized code, only a small number of the developers in the organization will work on that, the vast majority will work on things around the core.
I mean I was an embedded C dev, I "integrated" a compiler, an x86 chip, and a bunch of proprietary hardware. All software can be described as a kind of glue (luckily glue can be interesting lol)...
Some of us are systems/infra people for whom foundational stuff is where the interest lies. Some of us are product people who thrive on more direct user-facing value. It’s a lot easier for the latter group to find interest in integrating preexisting open-source building blocks, while the former wish they could be making the building blocks themselves.
But is that dynamic being driven by open source or does it just exist naturally? Like it doesn't make sense to code a complete OS from scratch every five years or write a brand new implementation of a web server. Code reuse is encourages by open source but it happens a lot with out it as well. And I'd argue it makes technology a lot more valuable because we have a suit of existing well built software that's been tunned over the years.
> Like it doesn't make sense to code a complete OS from scratch every five years
No but it does make sense for us to pay for using an OS given that it's fundamental to what we do. The free as in free beer model means that the entities that produce operating systems do not extract any significant fraction of the value they are responsible for generating. It also perpetuates this idea that we shouldn't pay for software at all, not even $5 for a compiler.
So with that in mind, I'm saying that we should be careful about what software we opensource, and ideally we should at least be commercially sponsored to produce the software that we do open source if we want careers in building these high quality components or if we want to breed a culture whereby employers do invest engineering hours building these things.
> And I'd argue it makes technology a lot more valuable
Yes it means that businesses are able to produce a lot more for a lot less, but it also means that my skills are valued less. Companies value engineers by their hours of input not by the commercial value of the code. For example, I think Electron is terrible for desktop app development. It's great for prototyping but it's bloated and inefficient, I think we can do a lot better. There is no real market for an alternative because we have QT on the high perf C++ side and we have the trash web code on the other. If we had a culture of expecting to pay small amounts for software it would be more likely that I could write a high quality middle ground based on Golang or something, which is less approachable than web dev but more approachable than C++, and we would have higher quality and better performing code produced by it. For us to have this thing I either have to build this thing for free also or I have to come up with some fairly contrived business model, hope that kind people donate etc. The backdrop of opensource culture has devalued this implementation beyond the point of viability, so we will not see it unless a commercial sponsor has a specific need for it or I'm feeling particularly charitable.
I disagree. I think because the incremental cost for another copy of some already written software is 0, the perceived value is 0. It's the general problem with copyright IMHO.
It's not like a widget, that there's a value intrinsic to each widget - the value is all in the creating the initial copy of the software and in any ongoing changes people want.
And while for a singular person, perhaps writing FLOSS is charity, but for companies it might well be more payment in kind - i.e. cooperation on making it do things each company wants makes it more valuable for everyone.
> Elastic made the mistake of building a whole business on open source software by relying on the poor experience and artificial overhead to launching that software independently and in a production ready fashion
It's a billion dollar business. I don't think they have made any mistakes, until now at least. They are very successful.
They are portraying themselves as a small indie dev up against a titan, but with over $400 million in revenue last year they are no small fish.
Yes they have been successful and continue to be. I still think they have made a mistake, I don't see why success would invalidate that. If amazon are eating into their profits their mistake was to not protect their business against that threat from the beginning. The mistake cost them whichever rewards amazon are reaping. That doesn't mean they have failed entirely, and clearly far from it.
> The mistake cost them whichever rewards amazon are reaping
I disagree because if they had had it closed or non-free open source from the start, they would not have a $15 billion business. Partly because people wouldn't have adopted it, and partly because it is build on other open source projects (Lucene).
I don't think there is a scenario where they get their cake (an open source project and a vastly successful business) and get to eat it too (they have no competition).
I think nothing makes this point better that their current business model (cloud hosting) is based on an acquisition. They had to acquire a business model...
I have a lot of empathy for Elastic here, it really sucks to see something you build being eaten by the 800 lb ruthless Amazon gorilla. But you can't have a company that starts with a bunch of OSS devs saying "open source lols" and somehow VCs throw money at it.
GPL2 doesn't prevent a closed fork of Linux. It requires that if you distribute your closed fork outside of your organization, you must also distribute the modified source under the GPL2 license. Large tech companies run their own forks of Linux without providing the source.
Linux had many reasons for its success, but overall governance was definitely one of them. People felt free to contribute meaningful code in the knowledge that the GPL would “defend it” against a future as free fodder for corporations. Corporations treated it with kid gloves because they were scared of the GPL, and this left the ecosystem free to breathe; and Microsoft’s all-out war on the “communist” licence effectively solidified a front of motivated contributors in a way that the existing BSD efforts had never managed to.
Exactly. For corporations, it was like the guaranteed mutual destruction which keeps peace stable. They felt safe to contribute because their competition could not steal the contribution from the communal pot.
A similar setup is needed for the SaaS age. AGPL is a good step but is problematic for corporations because of the patent grant clauses, the way GPL2 is not.
If open source weren't a thing, software development would be much bigger pain than it is now. If something goes wrong in the code you're using, you can look into the source and at the very least implement a hack if you can't change the base. All that goes out the window with open source if you throw it away.
Also, software developers would be much more rare since the cost of learning would've been much higher.
That doesn’t require open source, just the source. (Some?) Borland compilers used to come with the source of their standard library, which allowed us to hack around bugs in their time() implementation, but it wasn’t open source.
I really wish AWS would rename their fork. Call it something else, and just call it compatible with Elasticsearch v(FORKED_VERSION). Their continued trying to associate it to ES is causing most of the issues, and after this situation I don't think the name is a valuable as it used to be. AWS have the resources to do a nice clean re-branding as well.
I am actually quite surprised they haven't just hired a small team of core devs for it and try and out compete Elastic. The groundwork is laid, I could easily see AWS being able to maintain a "Fast Follower" + AWS Optimisation approach and be able to offer a substantial portion of the value for a fraction of the costs. Try and pick up the open source community now while there is concerns around the license.
Additionally at this point the AWS core platform is different enough then GCP / Azure / other clouds. I imagine they could build optimisations for AWS in and be able to save costs on providing the service. (i.e. it might be worth doing some work in FPGAs / ASICs, giving faster performance while only being economical when your the scale of AWS). I kind of am surprised AWS hasn't grown to attempt to have a guiding hand over many of the open source projects that are effectively their vendors. Many projects have a handful of core contributors and a hiring a key person will ensure your able to influence development in a way that assists you (assuming it is neutral to beneficial to the project).
Edit: I should probably say I don't love the idea (morality) of the "Fast Follower" capturing the value of an innovative project and screwing the people involved in making the project successful. However it is how competition works and how many other businesses operate in other industries. Since elastic and AWS can't seem to come to a mutually beneficial agreement, then I would prefer them to sort it out in competition.
> I really wish AWS would rename their fork. Call it something else, and just call it compatible with Elasticsearch v(FORKED_VERSION). Their continued trying to associate it to ES is causing most of the issues, and after this situation I don't think the name is a valuable as it used to be. AWS have the resources to do a nice clean re-branding as well.
Have you seen the names and logos for AWS services. They can't brand crap. Amazon can barely Brand anything? They got where they got via customer service not via branding. And now they're so big it doesn't matter what they do, it's got Amazon on it and we're all buying off of them anyways.
They could just call it Elastic Search? Because they have Elastic Compute and Elastic Load Balancers and I'm sure some more elastic bits, so Elastic Noun fits in their stable.
I don't work with AWS, but their products are so popular that I recognize many of them from conversations. I genuinely thought Elastic Search was an AWS offering until I saw this page.
I have no affection for Elastic Co, but why should they sit there and let Amazon eat their lunch?
Maybe I’m forgetting something but I can’t think of a single significant open source project created by Amazon. As far as I can tell they prefer to keep their differentiating services proprietary to their platform. That’s about as far from open source as you can get.
There’s nothing wrong with that per se, but I do think it’s pretty rich that they’re going to try to claim the high road in a dispute with a company that actually has created something as useful as Elasticsearch and released it as open source (with caveats, yes). It’s pretty easy to be high and mighty about open source when you’re on the taking side.
It seems to me that if companies like Elastic can’t defend their ability to make a profit from companies like Amazon there’s a good chance we’re all going to miss out. I think it’s pretty obvious that Amazon’s not going to create the next Elasticsearch and release it as open source.
The reason Amazon is eating Elastic's lunch though, is because Elastic offered a eat-all-you-want buffet, a decision that was applauded by people who think food should be mostly free, but they didn't expect a guest to arrive who had unlimited appetite.
They asked the guy: please sir, would you care to have just one last serving of rib-eye and then we'll offer coffee and desert and then perhaps you could leave? But they didn't leave. They just grabbed another plate full of rib-eye and told the desert people to stand down, stand by.
On the one hand you have someone who tried to make an offer nobody could refuse. On the other hand you have someone who tried to take advantage of that offer to its capacity.
If Amazon had been a small operator, perhaps even a startup, HN would be completely and 100% on their side.
Software costs nothing to duplicate, Amazon isn't taking advantage of ESs resources (as someone losing food might). It's leveraging it's own resources, which it created at substantial cost.
People look at the money Amazon is making with ES, as if it's making money off ES, rather than off ES & AWS. The money Amazon would otherwise leave on the table wouldn't necessarily go to ES, I doubt ES has an claim to being worse off. It's "unlimited" service usage taps markets that might be out of reach for ES otherwise.
I had meetings lately with AWS regarding the license and was told about the fork. They mentioned something to the effect that Elastic was being greedy with open-source software.
I am an early contributor to Elasticsearch. I probably have more commits to the core product than most employees. It is now incredibly difficult for a non-employee to have any PR looked at unless it is a bug. I stopped contributing after their last "we are open" debacle but did have one outstanding feature PR open. Over two years later, still not merged. You will have others commenting that they would like the feature, but Elastic sits on it. Not blaming them, but at this point, it really is being driven by them. I give up trying to contribute.
Both companies are doing things in their self-interest and "greed"
For Amazon, they are "being greedy" because large scale cloud vendors primarily benefit from commoditized open source as they can provide the cheapest offering at scale...
Steve Jobs said something like Dropbox was a feature, not a product. I think Bezos feels the same about literally everything. AFAIK Azure/Google have actual partnerships with the Elastic stack, partnerships that assumedly benefit both sides and have staying power.
Part of me wonders if AWS always had planned to do this, and they were just waiting until it made business sense to fork (ie they had features and a new direction in mind but neglected to implement them because Elasticsearch was good enough as is). The alternative part is just 2 big corporations not finding a way to get along. Which means without clear direction and careful stewardship I'd expect the forks to just be cleanroom reimplementations or something like that.
> AFAIK Azure/Google have actual partnerships with the Elastic stack, partnerships that assumedly benefit both sides and have staying power.
Can you elaborate a bit here? We deploy from elastic.co into AWS and it seems to be fully supported. I'm not sure what they'd be doing with Google Cloud/Azure that they're not doing with AWS. Their homepage seems to still equate them all "Run where and how you want. Deploy on Google Cloud, Microsoft Azure, and Amazon Web Services with Elastic Cloud."
I may be wrong. I'm reading into this that was on HN the other day--
"We collaborate with cloud service providers, including Microsoft, Google, Alibaba, Tencent, Clever Cloud, and others. We have shown we can find a way to do it. We even work with other parts of Amazon. We are always open to doing that; it just needs to be OK."
https://www.elastic.co/blog/why-license-change-AWS.
I actually commented on that exact quote in the article to the same effect. I was kind of worried reading it that they plan to ditch the AWS integration tbh.. but at least for now I’m pretty sure it’s the same as the others.
> I think Bezos feels the same about literally everything.
That sounds weird. Comparing the "productization" of ES+Kibana to any AWS database stack is night and day. And not in AWS'es favor. ES and Kibana are much more of a product.
To Elastic: if you're a $15B [0] company you don't get to be a victim by appealing to your customer base to whine about how your competitor is profiting "unjustly" from a decision you made that led to your growth in the first place. Choosing Apache2 license ensures your OSS gets traction, but then you'll have to live with its consequences when Amazon comes knocking on the door.
That's just a valuation, based on expectations, hype, and chicken entrail readings, and not really all that useful. It's not like they have anywhere near $15 billion lying around. They made a net loss of $75 million last year.
I am so delighted to hear this. Open source wins again. Open source is the right for you to do whatever you want with the software, AND YES, that includes monetize it. I've been sitting on the sidelines reading the different perspectives, but I just cannot see how you can be on the side of Elasticsearch. How can they take all the work from the OSS community and add a clause that THEY only can monetize it? I will tell you right now, I have NO desire to ever contribute to the closed version of Elasticsearch and I will gladly jump on board and contribute to the AWS version. We are watching in real time the OSS community being degraded by these ridiculous licenses.
The greed here is on Elasticsearch and not on AWS. If you wanted to have a closed source piece of software that you have the only rights to monetize, then you should have closed it off from the beginning instead of taking all the work from the OSS community and giving the rights for ONLY you to monetize it.
So after witnessing all these problems, more projects will start closed source or with restrictive licenses(GPLs) instead of OSS or more permissive licenses. This is how OSS community is being degraded. A few tech giants are disrupting entire OSS community. It may be legal/morally ok(or not I dont care) for AWS to do this but it is for sure we’ll have less OSS because of this.
Closed source software will not attract talented developers unless a lot of money is poured in to it. It is okay to have closed source, but its not okay to take the contributions of the open source and then later make it closed source.
I'm really confused by your perspective. How is this a win for open source? A big open source project has just shifted away from open source to protect their revenue stream, and now serves as (yet another) warning against other companies to open source their code because Amazon will eat your lunch.
No matter what you believe is right I fail to see how events such as this are anything but bad for open source. This will directly lead to fewer companies working on open source code, fewer jobs available writing open source code, and fewer code being available outside of the closed-source moats of tech giants for smaller companies to use.
If all you want is Apache 2.0 Elasticsearch, period, there isn't really much good news here. Amazon declared an intention to compete with Elastic NV. But the race hasn't even started yet. It remains to be seen whether Amazon's fork will keep up, whether the forks will remain compatible, whether they'll both last, long-term.
Whatever happened to that pure-AGPL fork of MongoDB?
Amazon are the masters of theivery. The hypocrisy is not going unnoticed. Amazon contributed nothing of value to open source, then they basically stole the hard work of others and again contributed nothing back and now they're going so far as to preach about open source. Please. The sad part is, users won't care and customers won't care because at the end of the day ease of use wins. Elastic are taking drastic measures which will in the short term impact then but hopefully in the long term everyone will give more thought to what licenses they choose. Open source is no longer just about the freedom of choice but now a marketing and commercial strategy for big tech. Just keep that in mind if you ever want to build something of value in the open.
The fact that AWS doesn't link to the Elastic License is hilarious to me. The plain reading of the license is "APLv2 but AWS Can't Sell a Hosted Version" so of course AWS forks the last APL version and plows ahead.
Note, I'm not trying to side with either AWS or Elastic here and I fully recognize that both Elastic re-licensing and AWS forking are within each org's rights. I really just think it is funny how beside the point AWS's press release is here.
To be fair, it was actually extremely difficult for me to find the license text after Elastic's announcements too. All the announcements and FAQ's etc. seemed to omit a link to the actual text.
Thank you! I had actually tried to find it after posting my comment and couldn't find it through their website. The day of the announcement Github hadn't been updated yet, and I gave up when I saw this didn't say where to look: https://github.com/elastic/elasticsearch/blob/master/LICENSE....
> This means that Elasticsearch and Kibana will no longer be open source software.
This is categorically not true. The source is open, and will likely always will be. It’s not free for AWS going forward, however. Why is it that Amazon has such a hard time paying for stuff they use and commercialize? There’s no issues here with other providers (GCP, Azure, etc.), so clearly the problem lies with them. While they’re at it, they should also get off this “open and free” high horse they seem to be on. A few patches here and there don’t qualify as big time contributor status. If they want to show that they’re committed, how about the release their infrastructure code that runs all their services? That’d definitely go a lot further than “big bad Elastic changed their license and we’re defending users.” Get outta here with that nonsense, history shows otherwise with all the other tech that’s been ripped off.
I also don’t get all the criticism for Elastic doing this. They own the software, and they can do whatever they want. Should they have done this license from the start? Maybe, but it’s not exactly easy getting a project off the ground without some way to gain attention. If you’ve got no users, you’ve got to show at least what your code is doing, and picking software licenses is not exactly a straightforward task. They changed their license to fight back, and it’s entirely within their right to do so.
Hate to feel like I’m venting, but AWS is being the bully here and feigning that they’re pro-user, which is frustrating to witness.
Just because AWS is being an asshole doesn't mean they are also completely wrong. SSPL isn't Open Source per that old definition AWS themselves points to, or the one Fedora seems to take. On the other hand, if you mean to say "I want to be able to read the source code" then yes, we can still do that. But from a legal perspective that is not even close to the same thing.
> But from a legal perspective that is not even close to the same thing.
Very true. However, my rebuttal would be that the majority of folks reading this are of an engineering background, and seeing the words “no longer open source” can land quite differently.
The issue here is that it's quite impossible to compete with AWS if it offers even an inferior version of a service.
Because of network egress pricing.
You are most likely on AWS already. And even if elastic offers a 2x better product at 1/2 the price, your cost of traffic for an external service will easily 4x versus using AWS services. And that's really the frustration for these service providers.
You can NEVER compete. Ever. Against an equivalent service offered by AWS because the egress pricing acts as a pricing barrier.
And there's not a way to remove the egress pricing moat because it's so natural. Of course it costs less money to move data within a datacenter than outside of it. So, why wouldn't it cost less to do everything inside AWS? Egress pricing is probably multiples of this actual discrepancy to erect the moat even deeper.
It really does feel hopeless to run an open-source service that isn't running on an existing crowd. Perhaps that's one reason Snowflake is doing well.
Snowflake actually has historically run as a multinenant service with access to say your S3 bucket, so the majority of data transfer is VM <=> S3 in the same Region (so included/free).
As a snowflake customer, you would submit queries (and data ingestion) as Egress pricing (roughly $.01/GB though assuming it was using the private link or similar) and then the smallish results come back as Ingress (which AWS charges for, we do not, but whatever).
I hope someone corrects me on the AWS side (I really thought that there was a way to do zero rating for same “AZ” third-party services), but it’s not fundamental.
That cost acts as a barrier if AWS launches its own Snowflake competitor. Basically AWS taxes you for not using other AWS services, once you are inside AWS.
Just to clarify, AWS has a feature called PrivateLink [1] that charges $.01/GB transferred between a Service provider and the end customer (I thought there was a free variant for same AZ, but I seem to be wrong about that).
We offer a similar feature called VPC Peering, and in particular Private Service Access [2]. Because we can be sure that the traffic is in the same Zone (or not), talking to a third-party service in the same Zone does not incur egress charges.
But did you mean this $.01/GB or were you thinking of VM <=> Internet / External IP pricing?
Generally a VM <> external pricing.
Its tricky to setup Privatelink with a service provider. For example Elastic cloud will have its own kubernetes setup. It could be behind a HW loadbalancer - how do you set up Privatelink there ?
Super tricky and not applicable in all circumstances. GCP and AWS must move towards sane traffic pricing (or risk anti-monopoly lawsuits). The licensing changes are just a first step.
P.S. : offtopic... can i use privatelink between AWS and Google Cloud ? do you have an idea on how much it would cost on either side ?
> can i use privatelink between AWS and Google Cloud ? do you have an idea on how much it would cost on either side ?
You basically have to hookup Cloud Provider A through a middle layer to Cloud Provider B (e.g., connect via Equinix or Megaport). It’s not drastically different than a hybrid setup, except you don’t control the premises on either side.
While getting you the right link to our Partner Interconnect docs, it turns out we have a nice solution guide writing up the various options [1].
The costs boil down to some non-trivial fixed price each month to cover the 1/10/100+ Gbps connection on each side, plus whatever transfer fees each provider charges for egress over that method. At large enough volumes, providers of all sorts usually have equivalent fixed prices. Getting multiple redundant lines, or doing VPN encryption, obviously costs more and is more work than “just a pipe”.
Even at list prices though, this gets you closer to $.02/GB each way in Europe or North America. At high volume in the same metro area (like Northern Virginia), you can easily agree to much lower rates on either side.
I don't think it would be hard to offer PrivateLink to tenants via Kubernetes. You'd just make a K8s LoadBalancer, set the annotations to back it with an NLB, then expose that with PrivateLink.
> If the VPCs in the VPC peering connection are within the same region, the charges for transferring data within the VPC peering connection are the same as the charges for transferring data across Availability Zones. If the VPCs are in different regions, inter-region data transfer costs apply.
I checked with a couple of people and they read the above to mean that any peering data transfer costs the SAME as if you were transferring data across availability zones. This is not free.
Well sure, it's not free, but it's the same cost as if you were moving data within your AWS account, so they're not charging for the use of VPC peering specifically.
This is quite true. Right now we are working to move our $(msg queue software) from $(one of its market leaders) to AWS's in-house offering, because the network transfer cost is twice the cost of our subscription on the $(one of its market leaders).
What's the basis of your statement? For data warehouse/data lake type applications, data typically goes in and aggregates come out. The point of these systems is to fish out only the data you actually need to make decisions, which is usually much smaller than the source dataset. Compute and storage therefore tend to dwarf other costs.
There is something wrong in what amazon is doing. Not legally, but morally.
A giant chooses to use your open source software and undercut you by bundling it with other offerings they have. At the minimum they should collaborate with the open source devs or donate to the project.
There is nothing wrong with what Amazon is doing ethically. They're creating value for their customers, and releasing open source software while doing so. Indeed it's Elastic who tried to get all the positives of open source with none of the negatives (as evidenced by them making Elasticsearch/Kibana no longer open source)
BTW, not that it's super relevant but the narrative that Amazon is driving Elastic bankrupt is farcical. Elastic pulls in $500MM in revenue and is valued at $15B+. Elastic's doing fine.
Note: One thing Amazon did do that was unethical was claim that they had "collaborated with Elastic" when they announced AWS Elasticsearch long ago. That is indefensible. But there is nothing wrong with them forking.
It is absolutely possible that something legal can still be ethically unacceptable.
This is an instance where people believe that it is ethically unacceptable for Amazon to do what they've been doing, so strongly that they are relicensing open source software to prohibit Amazon from continuing to benefit from their work on it.
Ethics are not as simple as law, especially in technology, and very especially in open source licensing.
> This is an instance where people believe that it is ethically unacceptable for Amazon to do what they've been doing, so strongly that they are relicensing open source software to prohibit Amazon from continuing to benefit from their work on it.
Elastic isn't the saint here, they aren't doing this to "Double Down On Open Source" as they claim. They're simply doing it so they can squeeze the hell out of the SAAS market by betraying their promises to the community and contributors.
> It is absolutely possible that something legal can still be ethically unacceptable.
I didn't say that wasn't the case.
I specifically made this claim:
It is not just legal for Amazon to do this, but it is also ethical. They are contributing value, not just to their paying customers but to the whole FOSS community. That's a moral good under my framework. You may have a different ethical framework; that's fine.
what value did they contribute? the 9 shitty PRs? A rich person going to the British Museum and leaving a 1£ donation is ethically unacceptable in my book.
This is about a for profit corporation making more money, not ethics.
If there’s been any breach of ethics, it’s Elastic’s license change in the first place which was completely contrary to the spirit and intent of open source.
Perhaps you don’t agree. That’s fine, but let’s not assume this is consensus and that Elasic, Inc. is all about having the highest of ideals. From my POV, They’re panicked about a business model.
>> There is something wrong in what amazon is doing. Not legally, but morally.
> There is nothing wrong with what Amazon is doing ethically.
You're responding to something he didn't say, and it's telling. He was referring to morals; you're talking about ethics. There's a difference, and it matters. MOST of the discussion on this issue seems to miss this distinction, and what the difference implies, and that's telling too.
As someone else pointed out above, Amazon owes the entirety of it's BAZILLION-dollar AWS business to open source. You'd think they could find it in their hearts to acquiesce to a simple request that they not muddy the waters around Elastic's registered trademark. That was immoral. Everything else that has now followed, whether legal or ethical, is based on an immorality.
And that's why there's a lawsuit. Who knows when that will be resolved though. In the meantime Amazon could keep doing what they're doing and just ignore whatever Elastic is asking of them. So Elastic drew the consequence and have stopped extending goodwill to Amazon.
The AWS version of ES has been abysmal- it’s only saving grace is that it’s “in the ecosystem”- I was convinced by an AWS zealot on my team. Never again.
Personally me and my team just evaluated the AWS ES and Elastic offerings, and the AWS offering (surprisingly!) came out on top, for our use case. Better performance, better IaC support, and marginally cheaper.
Honestly I would have preferred the Elastic offering to work better, but that wasn't the case.
I send about 100GB a day to Amazon ES and it works fine. I used to maintain ES 2.x and 5.x on my own and it was more work for me personally at a slight cost savings.
What has been abysmal for you? Maybe your use case is more advanced than ours, which is mainly absorbing logs from all over the place and doing the typical dashboard and alerts on them (with Grafana).
I've seen devs toss crud into infra with debug logs enabled, with millions of lines of deprecated log messages, etc., and the infra budget eats their costs.
It's insane. Unless you're literally Facebook, or ingesting data from CERN's LHC... what possible use case requires 100GB of text data ingest per day?
Maybe it's a case of someone throwing a Service Mesh into a Microservices K8s cluster and logging all the things?
4-5MB/min per VM for input/output traffic in compressed logs of application servers. Around 100ish VMs/site. That's a half GB/min. 700GB+/day in plain text logs per a single site from app servers alone.
Normally that's no issue as the data is stored in SANs and not sent onto the cloud for analysis, just giving a perspective.
It's absolutely caused by exactly those things you've mentioned. I think we could drop it down by 75% easily if we simply had people putting severity levels in correctly and disabled storing debug logs except in experimental environments.
90%+ of our logs are severity INFO or have no severity at all. It's like pulling teeth to even get devs to output logs using the corporate standard json-per-line format with mandatory fields.
Still, once you're running hundreds of VMs processing a big data pipeline it's not hard to end up with massive amounts of logs. It's not just logging, really, it's also metrics and trace information.
It is, relative to the scale AWS ES is apparently built to support.
> Amazon Elasticsearch Service lets you store up to 3 PB of data in a single cluster, enabling you to run large log analytics workloads via a single Kibana interface.
Yes, that's a small amount of data. I've worked at small companies with an order of magnitude more data per day and larger companies with three orders of magnitude more data per day flowing into a text indexing service.
We used to use ES, but after multiple issues with the index getting corrupt for various reasons we decided to actually save money and use Algolia (before their price structure change - now it would be more expensive). Over the last year+ we've had no issues with search or indexing.
I guess it depends on who’s managing your elk. I’ve been running elks stacks for just about 8 years in some form or another, AWS’ was very poor in availability compared to what it should have been.
There was a bunch of issues honestly, large messages got truncated, huge stalls in throughput (like 300-500ms of freezing), the fact that it was missing a bunch of features and was slower to query was just icing on the cake.
Outages during scale out, weird insurmountable restrictions on cross region replication, cost, backup and restore doesn’t work properly, cluster irrecoverable corruption and it is 100% opaque whenever something goes wrong. This results in escalation to AWS support who barely understand it.
The big sell was easy deployment and cost management but the negatives outweighed that.
We tried Elastic themselves but the sales and technical process was a nightmare. It was virtually impossible to work out what we were going to have to spend. We needed X-Pack (RBAC and SSO) but the enterprise licensing is all over the place for it.
Ergo we didn’t bother and stuck with our DBMS FTE stuff. It’s crap but the ROI is better.
Part of the issue is lack of visibility into what is going on, you don't get a lot of ability to debug.
Company I was at switched from AWS's ElasticSearch to hosting it ourselves on top of EC2 instances so that we could control the memory/CPU/disks and see logging/understand more about the internals to help understand why it was slow for our use case.
So... if Amazon's fork is still Apache 2.0 license, which is a permissive license... Elasticsearch is welcome to take any code they want from it and port it into their copy, no? Correct me if I'm wrong.
Yes, we all know this is a lot of work, and will be a manual process if it wasn't coordinated, increasingly manual as the codebases diverge. But, anything especially valuable Amazon does, ElasticSearch can copy if they want. The same is not true in the opposite direction of course.
Steven Schuuman [1] was CEO before Shay Bannon. Schuuman (who made 450MM from selling SpringSource to VMWare) is a billionaire. Stop pretending this is about "OSS" and not 'hey, that's my mad money Jeff!'.
If Elastic was a company that was fully owned only by "OSS Developers", then fine, this would be an opportunity to support that sort of enlightended for profit corporation and fellow developers.
But the stakeholders here are Billionaires and millionaires. No doubt Elastic took very good care of software developers (lots of perks) but since this is about money (lest we forget) it would be interested to see a breakdown of just who made what from this "OSS" "project".
The time-tested model for a situation like this that benefits everyone is big company offering X as a service hires/funds N developers in proportion to the popularity of that service on their platform. That helps ensure the project is sustainable, gives back to the community the big service obviously benefits from, and is certainly a form of "good karma".
I think a lot of people are upset due to the perceived violation of that social contract, though it obviously isn't a legal issue and may not even be a moral one depending on where you draw the line. AWS has the appearance of benefitting enormously from many OSS projects but rarely funds contributions - funding that would be a rounding error to the AWS budget.
The ball is entirely in Amazon's court. They've earned this reputation (fair or not). They can make the problem go away at any time if they want to spend a little money.
> The time-tested model for a situation like this that benefits everyone is big company offering X as a service hires/funds N developers in proportion to the popularity of that service on their platform
That model would have worked nicely if Elastic.co had created a Foundation (like Google with k8s) and/or donated their core to a Foundation (like Hortonworks and Cloudera with many projects). They couldn't let go off their iron grip on it, even though they commoditized the core themselves by F/OSSing it.
The audacity of these AWS folks patronizing elastic about open source despite AWS making millions of dollars off of their open source project just reeks of entitlement. Glad I am never going to use AWS.
Large companies have monetized open source for decades, ever since open source has existed. Red Hat, IBM, Microsoft, Oracle, Amazon..the list is endless. I can't imagine why people will quit the open source movement now because they realize they can't make money from it – that has always been true. Writing FOSS to get rich has always been an oxymoron.
The whole point of "The Cloud" is to profit from F/OSS. And Elastic, Redis, Mongo, and also RedHat have indeed already adapted their licenses or offerings accordingly.
AWS has known all along what they are doing with this OSS strategy. They are the only provider that doesn't lose by having heavily commoditized, open source backend software - they can support profitable operations at a much lower cost point than these mid-sized companies like Elastic/Mongo
Elastic, and the "open source business model" companies certainly should have seen this coming. But the attitude in the early 2010s was 'lol open source fun, figure out business model later' and somehow VCs bit and a company like Elastic could take off. They shouldn't have been surprised.
I would rather live in a world where a mid-sized company like Elastic could thrive than an AWS monoculture. Most things Amazon make me feel icky... but I also feel like this is the reality of open source... its not really open source if it's entirely associated with one company..
There is an important thing that gets ignored a lot in these conversations where an organization that stewards an open-source project close-sources it.
That software grew largely because it was open-source, and it really makes a difference. It's not only those who contributed to the software and made PRs (which is sometimes a surprisingly small number of devs), but the software often only exists because it was taken up by a large number of projects that then created an ecosystem and a userbase around it.
Importantly, software is never "finished", so when the single large company behind a popular open-source project close-sources it, it often means the end of that project as an open-source alternative. It's frustrating if for example the existence of that killer open-source project in the past stopped other projects from blossoming.
The close-sourcing of several projects has made me cautious nowadays about using software that is backed by a company that exists only around that product.
It is normally one of the main points I see mentioned in these conversations, specially by people going against the closing of the source, not something ignored.
We need to dismantle these tech behemoths so they can't bully smaller companies. This is toxic behavior on Amazon's part, but par for the course for Bezos's company.
The fundamental "open source sustainability" problem is capitalism, or at least our incarnation of it, and everyone dances around it. You can't license your way out of this problem. You can't services-company your way out of this problem. The fundamental issue is that it is good for the world for skilled developers to spend all day writing software and giving it away, but they can make much more money writing software and not giving it away.
And I'm not even necessarily advocating we change our system of governance - we can do it fine with our current one. Even the culture of academia would be fine here. There certainly are skilled scientists who find it more profitable to do secret work in for-profit labs, but far less so than in software. (In large part, that system works because of government-funded universities and government-funded research grants.)
Why not? The government already distinguishes between a corp and a person - why can't licences do the same?
As an aside, the flip-side of not being payed is less liability. Charging people for your library could make you liable for security issues? Since security is important, maybe there is room for improvement on both sides of the aisle.
> but they can make much more money writing software and not giving it away
Hey guess what. It's possible to take an Apache 2.0 codebase, let's say Lucene, and then build more Apache 2.0 code on top of it, give it away entirely for free, and still build a $15B business. And you think capitalism has failed here?
Yes, it's possible to take an existing Apache 2.0 codebase, release some new Apache 2.0 code, build a $15B business, and then stop offering your code under Apache 2.0. Great! Shareholder value! That's literally what you set out to do! How could it have possibly failed?
What I'm actually saying is that when people think that outcome is a bad thing, their beef is with our particular breed of capitalism. When they say "This good outcome could have been so much better, had there been regulations on breaking up large companies so they can't bully small ones," then what they're saying is that they're objecting to the free market as it exists in our particular breed of capitalism. And when they say, as others say, "This good outcome could have been so much better if it weren't for the dictators at the OSI micromanaging the term 'open source'," then what they're actually saying is they're objecting to companies freely choosing to believe what the OSI says, because the OSI has no power. If you think that something was short of the mark here, that something was our breed of capitalism.
I'm agreeing with you. Capitalism did not fail. It did what everyone expected it to do. If you're happy with the outcome, great! I'm not telling anyone they ought to be unhappy with the outcome. But if you are unhappy with the outcome, I'm telling you why.
The reason I'm happy with Capitalism is because Elastic backstabbed the community and in a manner of weeks we'll have community-driven Apache 2.0 forks. So I think the market is responding as it should and am happy to see it.
> This good outcome could have been so much better, had there been regulations on breaking up large companies so they can't bully small ones
Well, I disagree with the (I think?) implication that Amazon is doing any bullying here, and I disagree that companies should be broken up purely for their size. But since we're getting into anti-trust authority, perhaps I can convince you to throw the ring into Mordor:
While anti-trust could theoretically fight monopolies, those laws exist within a system in which special interests will co-opt those powers to essentially defend their own monopolies. So, big company X kicks over the right amount of lobbying dollars and magically the politicians want to bring an anti-trust suit against competitor Y, etc.
Now the blue-pilled response is to say, "hey that's just another failure of capitalism, and that's why we need to get money out of politics!". In my unashamedly biased opinion, the red-pilled answer is to realize that these power structures will always be co-opted and the best solution is decentralization and therefore not having a state that can hand out bailouts, force small businesses to close up shop, discriminate against low-skilled workers with minimum wage regulations, exert arbitrary power through anti-trust legislation, etc.
Sorry, I kind of got down a philosophical rabbithole.
It is the state that recognizes Amazon and Elastic in the first place, though. Without the state's involvement, a developer at Elastic could choose to continue releasing their work product to the world under an open-source license - and a developer at AWS could choose to release the secret sauce that makes AWS's Elasticsearch such a threat to Elastic.
We're having this whole conversation about whether big companies might subvert and coerce the state without recognizing that they already do coerce it by making the state recognize their very existence. They would have no power without that (what is a lobbyist without anything to lobby on behalf of?), but they've been so successful at hawking their narrative that all of us think it's perfectly normal and inevitable that they exist.
Take that red-and-black pill (either because it's half-doomer or because it's ancom, either way) and chew on it.
I seem to recall something like this. I also recall working with ES and having a negative impression on it based on some technical detail - but I can't recall what that was :-/
If you think capitalism causes problems with people getting paid for good work, I think you might be glossing over the historical failures of the alternatives relative to the ultimate goal of free / open software: user freedom.
Even in a socialist system, how does it solve the problem of competition, free ridership, and economically non-rival/non-excludable goods like software source code? You still need to collect money but no one has to pay it unless you erect laws that restrict user freedom.
What’s even more boring is critiquing capitalism when that has actually nothing to do with the problem at hand.
I brought up socialism as a counter example of how there is very little practical way to solve this issue with a different economic system. You’re free to bring up a different example of how an economic system will help the conundrum of preserving economic exchange and user freedom. A Potlatch gift economy perhaps? Except that’s kind of hard to impose.
Right, I don't know the answer here. I just want people to start thinking seriously about the problem, because neither the regulatorily-captured free market nor the Politburo sound like great options.
And I'm mostly agreeing with the comment I'm replying to, because it is concretely thinking seriously about alternative models. "Capitalism, but your company can't get too big" seems fairly compelling tbh.
Capitalism is the elephant in the room, the economic (and cultural) system we have now.
Any change we want to do within this framework requires changing its rules. The real problem we have to face now is the perpetual growth model, which is a natural consequence of capitalism.
I don't know how and if we can fix this system to prevent perpetual growth without killing its essence. That's the real conversation we should do.
So don't act like someone is offending your religion.
It's not an elephant in the room if we're actively talking about it.
For someone who claims to want a conversation, you're doing a good job of insulting me repeatedly without actually discussing anything relevant to this post.
This is really clearly a case of Elastic wanting to have its cake and eat it too but also of the existential challenge that faces the open source community -- how do developers of open source software pay to keep the lights on?
There's a bit of a myth that OSS is lots and lots of volunteers spending their free-time to contribute bits of code here and there. But the reality is that most of the current major open source projects are all basically corporately sponsored. It's not the Cathedral and the Bazaar, it's the Cathedral and the anchor tenants at the local mall. And they're all contributing funds to build the Christmas display and Take-pictures-with-Santa spot near the fountains. It's open to the public, but the moment somebody starts busing in hundres of tourists they get upset.
I don't trust aws will do a good job with the fork. Can anyone tell me a FOSS project led by amazon that's not for accessing their services (boto)?
Now that elastic.co is going sideways, sphinxsearch (best search server experience I've had) non-foss since circa 2017, what are the good search server options for a small shop dealing wth geo search?
Corretto is explicitly not a fork, though. They take the source code from openjdk, and builds their own distribution. This is how the openjdk is meant to be used, and all parties are happy.
Elastic has the right to take the code private. Basically they are making a fork.
AWS also has the right to create their fork and contribute to it.
If we're playing the game of "who's the bigger dickhead" I would say it's Elastic. Before these 2 forks, many companies benefitted from hosting Elasticsearch for their customers. From their reasoning, it seems that only they should benefit from the code. Which is not Elastic's by the way. It belongs to the world.
This may sound heretical but the idea of open sourcing commercial offerings always seemed like bad business to me. We are seeing it come to roost now with cloud providers selling a more desirable version of an open source platform that the makers of the platform.
If you strip everything down to first principles, you get paid because you have a valuable asset. That asset may be your skill, your time, a piece of land, a patent, etc. With open source, you give away your key asset and then you have nothing except the wish and hope that nobody takes it and eats your lunch with your own fork. Which is clearly what is happening in this case.
I am all for things being done as open source because you believe in the freedom of it, or it's fun for you, but it seems like a really bad way of getting programmers and businesses paid, if you're into that sort of thing.
This is an embarrassing anecdote, but I thought I'd share. I started using Elasticsearch because it showed up in the AWS console along with all the other "Elastic" things ("Elastic Compute Cloud") and I figured it was a thing they made themselves. Only later on in the process did I realize that there was a company called Elastic that named it.
Very unfortunate. Probably a lesson about naming your company after a common English word.
This feels like a spin? Isn't AWS biting hand that feeds them? They need a win-win strategy for open source devs. It's hard enough to compete with their version of your service (spark, kafka) without them forking your project. what's next, are they going to fork spark and kafka?
I mean, if you're a contributor to Elasticsearch or Kibana, you now have a choice on which project you are going to make contributions to. Apart from dislike of AWS, I can't see why anyone would choose the version with the more restrictive license, which is SSPL.
Apache Spark and Apache Kafka? It doesn't seem likely that the Apache Software Foundation would consider implementing the SSPL instead of the Apache License.
Ominous. AWS is going to pay premium to acquire services of those core Elasticsearch developers, aren't they?
The blog post also signals an intention to make sure there's parity in terms of API surface with mainline Elasticsearch.
Also, AWS' decision to create a committee is something Elastic.co could have done... Alas, this is where we are. Would be interesting to see which of these forks take off. The developer community is likely to rally behind F/OSS. I can also see a lot of IaaS/PaaS upstarts like RailwayApp [0] prefer OpenDistro.
I'm half-expecting AWS to announce a managed Solr service and prompt an exodus to it with lower pricing and free data migration.
No, you've got things reversed - as do most in this thread.
Elastic's original announcement was disingenuous, they titled their blog post "Doubling Down on Open" when they were making Elasticsearch and Kibana no longer open source. Furthermore, Elastic promised in the past that ALL FUTURE VERSIONS of the open core of Elasticsearch would remind Apache 2.0. They broke that promise when they switched to proprietary licenses only with 7.1.1.
BTW, while the reasoning from Elastic is that they did it because of Amazon, the actual effect is just to make organizations like the one I work for (a non-profit that refuses to run proprietary software in prod) have to use one of these Apache 2.0 forks, while not stopping Amazon from operating their Elasticsearch service at all (since Amazon is always free to operate an Apache 2.0 service and indeed that's the whole damn point of the license)
The AWS model isn't that they actually do novel development on this software, it's that they grab the code, add a bunch of crufty hacks to it to make it work better in their environment then sell it as a hosted version.
Think of it like the Amazon marketplace equivalent: watch for products doing well, then get the cheapest possible clone made and sell it as Amazon Basic, while harassing the original vendors of these products and promoting their own brand in search results.
Don't try to compete on same market, provide differentiated offering. Focus on consultancy, custom development (plugins etc), on-prem deployments. You are the foremost experts of the software, capitalize that instead of trying to compete on ops stuff which is AWS bread and butter.
That might follow with recognition that your market might be smaller than what Elastic co has so far projected, and even it might not be enough to sustain $15B market cap, but bursting that bubble should not be all doom and gloom. Being small does not equate not being successful.
AWS is doing a terrible job with their es version. and es has aquired endgame and giving endgame away for 'free' with you purchase of es licensing, and the es stack run by es is getting a lot more attention and development that AWS version
Elastic.co has a lot of proprietary add-ons in their cloud and subscription tiers, for example machine learning, application tracing, endpoint security, threat detection, in addition to enhancements to the core software, like fine-grained access control. This is where much of their development and marketing effort goes, and is what differentiates them from others offering ES-as-a-service.
Unfortunately for them a lot of users don't need any of that, and are just fine with the formerly-OSS core.
Better quality is a better answer. AWS charges a big premium for Elasticsearch and I don't think they'd drop their prices to try to squeeze Elastic - for one, it would be unlikely to even work - but even so it's always best to differentiate on being the better quality/"value" than the lowest cost.
Having used AWS Elasticsearch, it has a lot of deep problems with it in its current state so Elastic can compete on value just fine.
In other news, I think the Elastic licensing change beyond being ethically a dick move (legally it's their right), is just horrible business strategy. I said on this site several days ago that Amazon was just going to make an Apache 2.0 fork and keep chugging along, and that's exactly what we're seeing.
> AWS charges a big premium for Elasticsearch and I don't think they'd drop their prices to try to squeeze Elastic
Your margin is my opportunity. (c)
Though AWS still growing too fast atm so they value quantity of services over quality. But once they have capacity they can squeeze out of business almost anyone.
Unfortunately lower cost will do nothing to get you in the door at an enterprise that has a committed spend with AWS. I'm sure Elastic has been finding this out the hard way.
At the end of the day, all this really demonstrates is that the business model of producing open source software for free and charging for support or hosted solutions either does not work or does not scale. Part of the point of open source software is that anyone who uses it can inspect the source and make changes. If your business model depends on users not providing their own services for the software you have developed, that is on you.
This is also why, if you have a customer or competitor who makes changes to the software and does not release those changes if they convey the software to others, you are not protected by using a permissive open source license. If AWS was allegedly not committing back to Elasticsearch/Kibana, they are within their rights to do so, whether Elastic like it or not. Elastic should not have used a permissive open source license like APL. The only thing that protects users here is strong copyleft, in this case a license like AGPL.
At the end of the day, these licenses protect users. Maybe something else is needed to protect the interests of businesses which also respecting users - whatever that is, it is not necessarily one of the stated goals of free or open source software, so assigning an open source license and expecting support to cover the costs is not going to end well for you if you get big enough to matter.
Elastic are alleging that Amazon abused the Elasticsearch trademark and stole code from the proprietary (not open-source) part of their product.
> I took a personal loan to register the Elasticsearch trademark in 2011 believing in this norm in the open source ecosystem. Seeing the trademark so blatantly misused was especially painful to me. Our efforts to resolve the problem with Amazon failed, forcing us to file a lawsuit. NOT OK.
> We have seen that this trademark issue drives confusion with users thinking Amazon Elasticsearch Service is actually a service provided jointly with Elastic, with our blessing and collaboration. This is just not true. NOT OK.
> When the service launched, imagine our surprise when the Amazon CTO tweeted that the service was released in collaboration with us. It was not. And over the years, we have heard repeatedly that this confusion persists. NOT OK.
> When Amazon announced their Open Distro for Elasticsearch fork, they used code that we believe was copied by a third party from our commercial code and provided it as part of the Open Distro project. We believe this further divided our community and drove additional confusion.
> Elastic are alleging that Amazon abused the Elasticsearch trademark and stole code from the proprietary (not open-source) part of their product.
Sure, but that allegation has absolutely nothing to do with Elastic breaking its earlier promise to the community and making Elasticsearch/Kibana no longer open source. Indeed, the license change will have no effect on Amazon except to make Amazon's fork more successful because it's now been made necessary.
I'm extremely skeptical of AWS's ability to deliver a compelling, featured ES fork up against Elastic. Unless they actively hire contributors, they're going to get lapped functionality-wise.
They are already drowning trying to support the ops load of their managed ES that is far behind Elastic's. Without a major shift in poaching Elastic employees and adding many more devs, I agree AWS doesn't currently have the ability to do this.
>Instead, new versions of the software will be offered under the Elastic License (which limits how it can be used) or the Server Side Public License (which has requirements that make it unacceptable to many in the open source community).
I'm a bit out of the loop here, can someone please tell me why Elastic decided to enact this seemingly Anti-OSS license?
tl;dr Elastic alleges that Amazon is infringing on their trademark and is offering Elastic's products as a service on AWS without being a good partner.
From Elastic's summary of the license change: "The SSPL allows free and unrestricted use and modification, with the simple requirement that if you provide the product as a service to others, you must also publicly release any modifications as well as the source code of your management layers under SSPL."
> The SSPL allows free and unrestricted use and modification, with the simple requirement that if you provide the product as a service to others, you must also publicly release any modifications as well as the source code of your management layers under SSPL."
The magic is in the "management layers" part. True copyleft says "you can use this software in your product but you have to open source any changes to the software". Okay, fine. This "poison pill proprietary license dressed up as copyleft" is saying "if you sell a service that uses an UNMODIFIED version of elasticsearch, you have to release every piece of software around elasticsearch, including your hypervisors, kernels, os image...the list goes on". It's very clearly an attempt to make the requirement so odious that no-one would risk triggering that clause.
Which is why functionally all they did was force Amazon (and other organizations like Wikimedia who don't sell Elasticsearch as a service but do refuse to run proprietary software) to have to fork.
Elastic's business model is "make + distribute ElasticSearch for free, then offer hosted ES for money." AWS (among others) offers hosted ElasticSearch as well - Elastic feels this isn't fair, variously because: AWS may have violated trademark by calling theirs "Amazon Elasticsearch Service", or because AWS doesn't contribute enough to the open source development of ElasticSearch, or one of a few other grievances. So they're changing their license to one that protects against this sort of "abuse" of the Apache license.
The less charitable version is that since Elastic's business model revolves around selling hosted ElasticSearch and AWS is outcompeting them there, they're switching to an "Open Source, but you're not allowed to do that anymore" license. But because Elastic values the goodwill they get from being "open source," they're trying to convince the world that this is a principled, moral stance instead of a run-of-the-mill self-interested decision to make their business more viable.
Rightly or wrongly, they are joining a long line of OSS maintainers trying to protect themselves from the clouds profiting from them.
It seems reasonable to me at least to say: you can use this software for free, but you can't resell it. If you want professional support, please support someone who is maintaining the software.
> It seems reasonable to me at least to say: you can use this software for free, but you can't resell it. If you want professional support, please support someone who is maintaining the software.
Well, first of all I disagree that that's reasonable, but let's be clear here:
any license with a non-commerciality provision is not open source. This is explicitly part of the open source definition:
> The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
This is why Elasticsearch and Kibana are no longer open source; you have a choice of two proprietary licenses if you want to use their version.
I don't think they were disingenuous here: I think they probably chose a license somewhat randomly (acknowledging it wasn't copy left probably?), then got developing. Down the road, they saw someone using the software in a way they didn't like and decided that as they were now bigger, they could afford to get a license drawn up with their values in mind. I doubt there was a nefarious plan to use a licence for it's reputation.
Now, I do think we are missing a standard license in this space - everyone seems to be writing their own, which limits those that can use them to larger projects.
I absolutely reject the notion that they chose Apache 2.0 "randomly"...indeed it's what Lucene, which they use as their kernel of sorts, is licensed under.
You use Apache 2.0 when you explicitly don't want copyleft. But here's what's great: copyleft wouldn't even stop Amazon, so they have to use SSPL which is a proprietary license masquerading as copyleft.
Also, one way they were clearly outright reneging on their promise was that Elastic explicitly promised the community that the parts of the codebase that were Apache 2.0 licensed (the 'open core') would never be made proprietary. They broke that promise for this move.
And what's doubly hilarious is from a business perspective it's an awful move. It won't stop Amazon from making money - they'll just fork 7.1.0 and develop under Apache 2.0 like they just did, and keep operating their service just the same. And by the way, it's Amazon's right, legally AND ethically, to be able to operate AWS Elasticsearch for profit - just as Elastic is right both legally and ethically to use Lucene as a necessary part of Elasticsearch.
I see a couple other people shared links, but for future reference, the Algolia search box at the bottom of most pages is a great way to answer these sorts of questions.
They couldn't compete with practically free (Amazon hosting their software as a service), and allegedly Amazon weren't commiting anything back into their repo.
Elastic appeared to make their money through hosting their own instances and selling professional licenses, which Amazon was in direct competition with.
There behavior with Elasticsearh [0] seems similar to what they did to sellers with Amazon Choice and their other knockoffs [1].
> When Amazon announced their Open Distro for Elasticsearch fork, they used code that we believe was copied by a third party from our commercial code and provided it as part of the Open Distro project. We believe this further divided our community and drove additional confusion.
> Recently, we found more examples of what we consider to be ethically challenged behavior. We have differentiated with proprietary features, and now we see these feature designs serving as "inspiration" for Amazon, telling us their behavior continues and is more brazen. NOT OK.
Elastic tried to use open source as marketing and then cripple the open source version by making things like access control and encryption only available in their non-open source version. That's of course completely within their rights, but you can't complain if AWS recognises these things as important to their customers and adds them to their version. It's nice of AWS to open source that, they wouldn't even have to do that according to the license.
I would bet on AWS in this case as they will also likely have the support of anyone who wants to make a hosted service of those products. It will be interesting to see if eventually AWS starts making new APIs that diverge from the Elastic or if they chose to keep the product maintenance mode.
I understand that this is not what you meant, but AWS ES service has a different API than the one in the official Elastic documentation already - mainly that it’s a smaller subset of it. What may seem like a good decision for “aaS” product in general, is a real pain with ES specifically, because of how delicate it is for tuning.
AFAIK, that tweet from Vogel is the only time someone representing AWS claimed to have a partnership with Elastic. He was wrong, but I don't think it's fair calling it "dishonest."
I'm not sure I understand Amazon's game theory on this one. Anything they contribute to their Apache License branch can be used by Elastic, but not vice versa.
This means Elastic can continue to differentiate from Amazon without worry. Amazon however can keep the code they've not contributed back internally, but they could always do that.
Perhaps this is simply an image move they don't plan to actually enhance or maintain the fork?
Also Elastic moving from Apache to (essentially) GPL is not making it closed source. Just as Amazon was within their rights to maintain an internal fork, so is Elastic to move to a GPL model. Demonizing either over business decisions is dumb.
It guarantees a future for open-source Elasticsearch. If there are contributors that want to use ES under an open-source license, now there is a steward for that code that will guarantee the code's long term support and open-sourceness.
And no, SSPL is nothing like the GPL. The purpose of GPL is to keep the code open-source. The purpose of SSPL is to others from using the software in certain ways (to make money), and its wording is not clear enough (and it does not have legal precedence) to make it clear what its actual limitations are.
Anyone may, and many people do, have open source forks of Elastic on github. 18.9k of them on github alone. There was no need for "another" other than PR.
I feel compelled to note that your summary of SSPL is wholly inaccurate. SSPL is very clearly a GPL derivative. It's language though leaves a lot to be desired, but the intent was clear. It does NOT prohibit making money offering the software as a service. It does require to contribute your changes back to the software if you are doing so.
The real failure is that companies have danced well enough around the edges of GPLv3 for so long that Amazon running a service which is basically just the software with modifications, but without the source code being contributed to open source, is feasible. This is even becoming a problem for Linux.
The reality is that Amazon Elasticsearch is clearly a derivative work under copyright law, and under GPL should be re-contributed. But major companies have "danced" the line so it does not have to be. SSPL is an attempt to bridge that gap, a poor one, but an attempt. The OSI appears more interested in defending their license than helping resolve this egregious situation. The SSPL sucks, but not having a solution for it sucks more.
AWS is calling them out as they deserve too and now AWS is going to run with a true open source codebase moving forward. Ironic considering the, generally baseless, accusations that AWS just takes open source stuff but doesn’t contribute back to the community.
This all just comes across as Elastic having sour grapes for being out competed on managed service offerings and trying to save that with shady license moves. With a separate fork, now they’re going to have to compete on the codebase too as, ironically, the proprietary model against the open source community the claim is being hurt here.
perfect response, this is exactly, by design, what open source is about.
now this is just the beginning; for they will need to throw money at their fork to make sure it's successful. And isn't that ultimately what this was about, money? Now Amazon has the opportunity to hire the core engineers to contribute to the TRUE open source project.
Everything by design as intended. Go Amazon.
Don't start an open source projects if that's not what you want to be. Or did you forget what made you successful to begin with?
The problem is much more fundamental. Free Software is about users having the right to understand and modify the software that they use. This is my understanding of 'the printer story': https://www.fsf.org/blogs/community/201cthe-printer-story201.... With hosted solutions the software runs on the supplier servers - so if the user wants to modify it he has to resign from the hosted solution (or maybe negotiate a special case - this does not seem very realistic). This is a fundamental limitation. If the software is Open Source the user still can copy it, modify and run it on their own servers (or on some other cloud supplier who would agree to the change) - but it is a lot of hassle (and hassle is important - after all with enough work you can always decompile a binary so it is only the hassle that differentiates source code from binary). Maybe if there was enough competition between cloud providers - then this could work - but I think the economy is against it.
This is Node.js and IO.js. vi and vim. vim and neovim. In other words, it’s just another perfectly fine software fork. If Elastic can’t sustain a valuable product they created, someone else will. If it it’s not valuable enough to invest in, something better will replace it. I don’t see why quarreling over software licensing is a valuable use of their time, especially when the foundation of their software is more open source software.
You can’t have a business only based on open source software. As a company you need to provide bit more than what is there in open source world. Just technical support won’t cut it. What elastic provides can be very well mimicked by other players if they want to and have money for it. I believe Elastic
Realized their business model is not working and so they changed their license. But AWS has money and man power to fork it.
ElasticSearch move was very easy to conter-attack.
Amazon does not lack smart guy to its side.
Anyway the way cloud providers are using open source project can become a issue and "drain" day by day the open source community, especially smart startup creating a value in the day by day.
I think there is some space for new ideas and new startup to find out a way to balance these forces and find out a deal in a win-win scenario....what do you think?
This seemed inevitable, as Amazon has done this several times now when asked to pay to support the organizations behind large enterprise OSS offerings.
Elasticsearch is now being released under a proprietary license. The last FOSS version got forked by Amazon. This is a good thing if you care about software freedom. Sure, under Amazon it may be a "throw over the wall" model but at least there are open opportunities for the source code to be forked again, and in the meantime at least it's being maintained under an FOSS license.
First, the dispute between AWS and Elasic is a trademark dispute. Second, ES had always been incomplete in it's open source form. No auth or access control (this feature requires an x-pack subscription) is included. It's also important to point out that ES relies on other open source software (Lucene) for its core functionality. Its hard to feel bad for either party here.
The amount the dialogue has been moved to open source and "who's in the right" is a bit scary. These are billion dollar companies making decisions and writing Mean Girls-type blog posts about each other in the hope of chasing profits, but their use of the term "open source" repeatedly makes the community act like this is what matters to either of them?
Going to start the first actual tech discussion here – the codebases can be naturally expected to diverge, but will AWS keep the APIs the same? I can't imagine the fork will be successful without leveraging the massive Elasticsearch ecosystem. And what bearing does Oracle v Google have if they do "steal" APIs from future SSPL-licensed code?
I'm not sure how the "AWS is stealing Elasti Cos product" holds up. AWS is willing to dedicate the time and infra to maintaining a copy of the last "freely" available version.
It is surely a significant investment on AWS part and they're even maintaining the Av2 license.
At the end of the day, we have a huge, highly profitable company backing and a better license
There has to be a way for an OSS project / companies to offer licences to managed service providers in a way that gets them supported financially. That would be a massive win for everyone
Something like: okay yes, this is OSS, except if you want to offer it as a managed service, in which case you need to purchase a licence.
Hopefully they change the names. Even if keeping the old names isn't legally trademark infringement (IANAL, so I don't know), using those names without Elastic's consent is a low blow.
That said, being able to make a fork if you disagree with the direction of an open source project is one of the great things about open source. AWS clearly has the resources, and the motivation to maintain a fork of Elasticsearch, at least they are making their fork open source instead of keeping it proprietary. It probably would have been a better situation if AWS had created some kind of reciprocal partnership with Elastic and Elastic hadn't felt the need to change the license, but it is likely too late for that now.
Haha bravo Amazon, you couldn't have scripted a more perfect response. Well done. Game on etc.
Elastic is a 15 billion dollar MONSTER of a publicly traded company doing hundred+ million revenue per quarter. By market cap they'd be a ~top-20 biggest company overall and contender if not title-holder for the biggest tech company in the UK, Australia, and most other non-US countries. They are not some plucky feel-good startup fighting the good fight against nasty/unfair big-corps that are drinking their milkshake.
That multi-billion dollar corporation does not own ElasticSearch 7.10 any more than Amazon does. Elastic have taken 7.10 and released it under a new license that prevents others from doing stuff with it. That's allowed. You could do that too. It's allowed. And some plucky startup in a garage (or say, Google, or MS, or Amazon) could decide they'll make changes to 7.10 and release it open source. All fine. All allowed.
If your argument is that AWS is a form of mono/duo/oligo-poly and there are antitrust matters at play due to distorted market power being used illegally to crush a competitor... great make that argument.
Most of the other arguments boil down to variations on an anti-capitalist theme.
What a joke. Unfortunately capitalist firms privatizing tech, exploiting working class labor, and locking up/monopolizing humanity's shared inheritance, is nothing new. The original developers will shortly be completely replaced by Amazon developers, and Amazon's Elasticsearch fork will be repurposed for Amazon-specific use cases only. Goodbye any use cases beyond what Amazon approves.
Amazon say: "Thanks original developers, farewell! We will take over from here."
I think this can act as an important reminder to license your (group) project as GPLv3 or AGLPv3, it's a trojan horse and helps the open source/free software revolution.
Can you have a license that cuts AWS, Amazon and all of their subsidiaries from doing this?
It feels predatory and although Elastic is a huge company by the numbers that keep getting touted here, they're a rounding error on Amazons scale.
Amazons practice in sections of their online market place has been clone / re-brand what's selling well in the market, slap an amazon basics logo on it. Then harass, ban or in the best case put the margins so low (or in the negative until the competition bleeds out) that the original seller can no longer compete. To me, this feels like the OSS equivalent.
I'm anti-Amazon though and not sure if I'm just jaded at this point.
The sad part is that while I really want to support Elasic here we are likely going to have to move to Amazon's Apache-licensed fork for our internal use because SSPL is incompatible with our company's open source policy.
Same here. I manage a handful of projects (10+ websites) and won't touch Elastic with a 10 foot pole now that they aren't Apache anymore. It actually doesn't matter how much they yell about their "intent." – It's an unproven license with some restrictions and I don't even want the headache and cost of having to talk to lawyers about why "it'll be fine!!" or even waste a minute during a meeting about the license impacts of solving any of the problems we face.
The ambiguity is just simply not worth the cognitive overhead. I have enough to worry about without this silly game Elastic's playing where we (customers, users) are left having to figure out the legal ambiguities and wink-winks of their new license.
And right now, we're actively searching/researching a self-hosted log analysis solution. And we've been looking at Elastic's offering and comparing it to self-hosting. Not anymore.
If I were working at ElasticSearch/Kibana, I would be filling a DMCA takedown on GitHub against all the offending repos.
This is how to defend your copyright and trademark.
And yes, it's getting into aggressive territory and not everybody might agree with that strategy, but that's how the game is played. It's a full on conflict and the result might very well kill elastic in the long term if no action is taken now.
> This is how to defend your copyright and trademark.
The DMCA will not help you with trademark enforcement, and the license under which Amazon received ElasticSearch allows distribution of both the original and derivative works.
It can do. The case is more complex than just copying some original work.
Get a lawyer for a week, they will find 7 angles to defend the company. If not the DMCA there are a other simple procedures that big players have to follow.
ElasticSearch is a billion dollar company. It's the least they could do.
It seems like a lot of companies want to open source their software which would otherwise be a key secret sauce in order to get popularity, recognition, and traction. Once they're well known, in this case, Elastic; they are complaining about how others are taking advantage of their position. It's shooting themselves in the foot.
It's kind of like an Uber model - offer taxi services while bleeding cash to wipe out the entire Taxi industry (Short term success) to get fame and popularity, get AOUs and ARPUs going; and then have a difficult time monetizing their mistakes.
As individuals, we (mostly) want companies building open source to thrive, particularly if they aren't behemoths of the industry. Ultimately though, efficiency matters more than sentiment. Companies rightly prefer a "good enough" product from a single source; even just avoiding a second enterprise agreement negotiation would make the AWS version worthwhile. Throwing unusual licenses into the mix, I guess new custom for Elastic Co is mostly going to be passed along by the other cloud providers feeding the anti-AWS prejudice within some customers.
What I understand is that Elastic is upset AWS used the name for it's service promotion, stole propertiary code and alleged business partnership with Elastic.
So Elastic felt loosing due to AWS using is assets, so changed the licence to compensate.
Now AWS announces it cuts ties with Elastic by forking Elastic. So what AWS seems to announce is that it will continue to earn from Elastic , still will be using the name and further more it will openly compete with Elastic?
It is an extremely aggressive move, take all and destroy, or am I missing on something?
It's literally the obvious move that anyone who has been paying attention predicted. I predicted this myself days ago, and trust me it didn't require any genius.
Elastic is just fundamentally in the wrong here. (I'm not talking about the trademark dispute; that's irrelevant to the licensing changes, frankly)
First we had GPL, then some people noticed the “over a network” loophole being exploited, so AGPL was born. Has the time come for FAGPL (F*** Amazon General Public License)?
It seems a bit unfaithful, not mentioning that the behavior of AWS played a key part in the decision of elastic[1]. They didn't even link to the announcement. Instead they act as if they are the saviors, upholding the open source status of elaticsearch and kibana: NOT OK
I'm very curious how trademark stuff with work with this and if the whole "<something> for <existing trademark name>" naming scheme will continue to hold. E.g. Windows Subsystem for Linux.
What if someone searches for Elasticsearch and finds Elastic's docs and there's confusion as to why something is different from AWS's Opendistro for Elasticsearch? How would that relate to trademark dilution?
aws steamrolling at its best. big tech at its worst. Even worse is the PR stunt "for the community".
Lies lies and lies. Wake up. They could have done things by the book by collaborating with the ES team. They didn't. Don't ever let them feed on lack of true knowledge. Build infrastructures that can be deployed anywhere. Support the OSS products you buy if you can. Reevaluate.
Ethical is the question of good corporate practice to do what's right to your partner. As a key executive of a company, I am expected to call any CEO and say - you know what CEO Joe, that contract we signed 2 weeks ago, we goofed. Can we please re-cut ? And because Joe is interested in a mutually beneficial relationship that lasts a long time, that's what usually happens.
Enter the FAANGS.
Clearly, it was Elastic's mistake to operate on a open license that lends to FAANGS literally imploding Elastic market share. Elastic mistake, OK . However, it is not ethical for a FAANG to profit off errors, just as it is not ethical for a Bank to charge overdraft fees over overdraft fees from a grandma. They can, but they really shouldn't. What is legal is not ethical.
In the middle east it is legal to stone a female adulterer to death. That's not OK.
2) Tort. It will be argued in court that AWS misappropriated the Elastic TM. That's where AWS is going to pay. AWS clearly stepped over the line.
It is just a question of how costly that mistake was.
I'm afraid there may be less open source projects in the future as if you become successful by being community driven open source, you get run over by AWS once you get big enough and the project will end up being more closed to only offer highly priced corporate targeted SaaS to survive and one might just start off as closed to begin with.
I'm a bit disappointed by all the good guy/bad guy judgement going on here on HN, when both players are working with the market forces to get the best result.
From AWS' perspective, taking an OSS Project and offering it as a hosted solution is legally fine.
Elastic isn't happy about the fact that AWS make more profit from their OSS product than themselves, so they recognize that OSS isn't their best approach anymore, and do it differently.
AWS decides that forking and maintaining the their own OSS version is more profitable in the long run than paying license fees.
What changed since Elastic's original license choice? Hosting an SaaS version was possible back then, but it didn't happen at the scale that it is, so it was more of a theoretical problem. Now it's a very practical problem.
This is a bit of a simplistic take, and there seem to be a lot of side shows (like trademarks), so more details lurk in the shadows.
If I were to try to make a value judgement, my premise would be the flourishing OSS is a good thing. AWS's actions have have driven Elastic to make their product no longer OSS, which is not good. OTOH they maintain an OSS fork, which is good.
But the interesting broader question is: would it have been beneficial for OSS if Amazon were paying some license fees to Elastic, for an OSS product? I think we need to find some model whereby OSS shops are not forced to rely on the whim of a giant to make their money. Whether this can be done sustainably without restricting usage rights remains to be seen, IMHO.
AWS slagging off Elastic in this post really isn't a good look. I expect more of them. There's one thing putting spin on their decision (which only non technical managers will be fooled by) but whinging about Elastic writing a 'blustery blog post' and doing something 'fishy' etc is pathetic.
Fuck Amazon is all I have to say. This just adds yet another reason why I would never use AWS. People that defend Amazon are the ones ensuring no other companies will release their software as open source since you'll get exploited by shitty companies like Amazon.
How "good" they are, you can gauge that by the fact that they are actively removing all discuss comments in linked blog post that points out to their hypocricy.
Don't believe me, just go ahead say something negative and see it get removed within 30 minutes.
So is there a standard license people can use to prevent this? Something like "Apache 2.0 but the only thing you can't do is resell this service as a managed cloud product"?
I think that would be valuable and the right choice for many projects.
How much is the Elastic Search business worth to AWS?
I'd image now AWS will have to put significant resources to maintaining their fork and keeping it current. Couldn't that money have been applied to a licensing deal with Elastic instead?
I don’t like how opinionated these articles are, both the announcement from Elasticsearch and AWS. I’d prefer a simple summary of changes and reasons for these changes, with as much objectivity (and as little blaming) as possible.
> They believe that restricting their license will lock others out of offering managed Elasticsearch services, which will let Elastic build a bigger business.
Elastic reaped a lot of benefits from open-source software. It's unfortunate that this is happening, but their decision was self-serving for much of the company's life.
I think this is a negative sum outcome. The key metric is customer value and the Apache License had previously struck a balance between commercialization and customer lock-in. The Cloud gorillas (AWS, Azure, GCP, and Alibaba) have disrupted this balance but they too are delivering customer value.
I'm not sure if OSS vendors like Elastic need to modify their business models, Apache needs to address the suboptimal situation, or if the Cloud gorillas need to change their business tactics but something has to give.
AWS has a point there (although I personally don't like their wording, open source is only a side effect here, it's more about how Amazon can charge for it also in future).
It only makes me sad that AWS makes a lot of $$$ with their elastic SaaS because of their size and for that reason can monetize it better than the original authors. Feels very Amazon like for me.
At end I have the feeling it could be all avoided if Amazon paid a little bit royalty to Elastic and both sides would have talked more and better together.
what if more developers start thinking like elastic , big tech will benefit from their code but not leave any business for them to survive on.
AWS would be a multi-trillion company by then, will buy these companies and make that code proprietary. they have no incentive to let their competitors win.
Wow. Amazon is blatantly misleading people here. They know the SSPL was created specifically because MongoDB had the same issues with Amazon’s service. I worked for MongoDB. Nobody wanted the SSPL, but Amazon was relentless.
MongoDB’s cloud service offering was thriving quite well (and still is, thankfully). Then Amazon announced the exact feature set as their own service, while contributing nothing to the project. They even linked entirely to MongoDB’s comprehensive documentation. “Anticompetitive” is the kindest description I can offer of Amazon’s behavior.
Just remember —- the SSPL and similar licenses are still completely open source. Amazon knows they’re forcing companies to change licenses, but shaming them as being “unacceptable to many in the open source community”.
This is political rhetoric, and I’m shocked anybody outside of Amazon would support this. The people who started these projects and surrounding businesses are generally very good people — I’ve been disabled with a neurological condition for 6 years now, but live can afford to live relatively comfortably thanks to the people at MongoDB. And I contributed code to the project before I started working for them (10gen at the time). So I’m admittedly biased, but it really seems like Amazon has become the Trump of Silicon Valley. I’m done with political rhetoric like this.
I'm not so sure I agree about that, presuming you're talking about the open source comments. If not, you can ignore the rest of the comment (except the last paragraph, pertinent question for you)
The SSPL is not an open source license [0], and that's all there is to it.
There must be a better version of it out there somewhere. Something to the tune of "use our software as you wish, however you may not offer it as a hosted solution without a license from us. This license entitles you to direct support and other goodies to justify such a stance".
I can't think of those "other" goodies but that's why I'm not a business type :D
I don't think I'm making a crazy statement here, am I? Maybe I'm just being young and naive. Can you shed some light on your experience with trying to work with Amazon to address the problems? I imagine they didn't listen (they're just too big to care it seems), but I'd like some first-hand experience to gauge with.
If time permits, please read through thread in the “SSPLv2 being withdrawal by its stewards” section. Specifically, the SaaS grab Eliot mentions.
Unfortunately I wasn’t involved in the discussions with Amazon, so I don’t want to speculate on details or mislead anybody. I can say that MongoDB absolutely had a relationship with Amazon prior the SaaS grab. I believe Amazon was the largest deployment target for MDB’s cloud service (which runs on most major cloud platforms).
That said, the reason I say Amazon is blatantly misleading people is that the authors of the blog post chose a definition of “open source” that fits their argument against Elastic. They state companies that use SSPL software may have to give up their entire source code, which simply isn’t the case. It’s not even as restrictive as the GPL (the FSF has a different definition of open source). Please note that the OSI doesn’t consider any GPL license open source.
Honestly, the only accurate definition of open source is that the source code is available to the public. That means we can modify the software, learn from it, etc. With the SSPL, you can even run a customized Elastic or MongoDB server to support any business needs unless your business is providing said software as a service and making money from it. Even then, all you have to do is release the code that runs said software as a service...
Amazon is claiming that you’d have to release your code even if you’re using the product for your game, social network, analytics app, etc. That’s just not true.
For the record, I wish everything could be under a permissive MIT or BSD-style license. But companies like Oracle, Microsoft (in the 90s) and Amazon felt entitled to destroy open projects that competed with their own. Hence the wide variety of open source licenses that now exist.
My first kernel commit was 2004, and while I don’t think anybody can own the term “open source”, I feel like I’ve been part of the open source community for ~20 years now. IMHO, Amazon is by far the least open source friendly company out there. They never contributed a single commit to MongoDB (at least while I was there), yet made money off their own SaaS, and even directed their users to MongoDB’s documentation.
Hope that clarifies my stance (and frustration) a bit...
How can people honestly think that big innovations will come out of the Amazon’s Elastic fork?
There is not fundamental technical reasons for that fork.
Call me hippie, but a project is all about love and dedication. And I hardly think Amazon is that much in love with the Elastic codebase and roadmap.
Time will tell...
The SSPL is not an open source license. This is quite clear. The Open Source Initiative, stewards of the term "open source", have said so at https://opensource.org/node/1099.
While AWS may be disingenuous, the statement you quoted is 100% correct.
Nobody wants the SSPL (not even MongoDB), but Amazon is forcing companies to do this while contributing nothing. These projects are still open source, and actually contribute to the libraries they depend upon. As a former developer of MongoDB who watched this happen, I’ve contributed to a variety of open source projects. MongoDB also couldn’t just lay everybody off and let Amazon grow their monopolies (much like Oracle’s behavior). But please don’t suggest I’m any less a part of the open source community than I was 20 years ago.
If you don’t believe the SSPL is open source, then you definitely don’t believe the GPL (and related licenses) are open source.
The definition of open source Amazon points everybody to is not the same as what’s defined by the FSF and other organizations. Nobody gets to own the term “open source” — that simply means the source code is available for you to modify, build learn from, etc. The details Amazon mentions only come into play when trying to make money off of an open source project.
The SSPL is not open source because it does not meet the definition of "open source" per the Open Source Initiative (https://opensource.org/). See https://opensource.org/osd for the definition in question.
And it _also_ doesn't meet the definition of "free software" per the FSF.
If no one gets to own the term "open source" and anyone can define it however they like, then the term is meaningless.
With all due respect, dictionaries can certainly define the term. They create definitions based on examples of the word's use, and Oxford English defines it as: "Denoting software for which the original source code is made freely available and may be redistributed and modified."
We can agree to disagree about the details; no use arguing on the internet, and I respect your view. But please keep in mind the OSI's mission is fitting open source into a legal framework. It's not the ASF, FSF, Mozilla Foundation or other organizations who actually support and organize open source projects. Full disclosure; I also worked on Apache Drill, thanks to the ASF.
My primary point is that Amazon is not part of the open source community (AFAIK, they've never claimed to be). So it's hard for me to trust a company overtly focused on monetizing OSS without contributing. IMHO, all of the engineers at Elastic who gave so much time and effort for this project are still part of the open source community. I hate to see Amazon effectively judging which projects/people are "truly" part of the community when their motivation is so clearly corrupt.
I hope this comes across with respect, and please know that I'd much rather not see licenses like the SSPL. But after seeing Amazon's monopolistic and anticompetitive behavior play out repeatedly with various companies, I can't just watch them do this without saying something. Even on a stale HN thread. :)
One last thing to note -- Bruce Perens left the OSI in January of 2020 (shortly after the SSPL stuff went down), and said: "We created a tower of babel of licenses. We did not design-in license compliance and we have a tremendous noncompliance problem that isn't getting better. We did not design a good framework for where proprietary software can go, and where it never should. Our license loopholes are exploited." ESR (who I detest as a human being), was banned from the OSI two months later. I don't mean to suggest this was a direct reaction the SSPL though -- please see the OSI's wikipedia page and cited sources.
for Elastic to be truly open source, we will need adoption and push by major players and the key difference is Google cloud and Azure not looking at Elastic opportunity
Well, I think people have various opinions on this one, but if you restrict supposedly free software with the trademark, fork happens to get rid of trademark. This isn't the first time and certainly not the last.
I'm as capitalist as anyone, but you do have to wonder how much money is enough. AWS/Amazon has plenty of money to do the right thing and pay ElasticSearch fairly but they'd rather rip off their work to keep Bezos in his billions.
I understand the question mark about what it is that Amazon did wrong here, and for the most part I agree that they've done nothing wrong.
But I am not Amazon's side here. This is my very subjective take on the matter and by no means am I claiming to be correct.
Amazon represents and existential threat to the open source business model. To those who say otherwise: How do you compete with a company with the incredible amount of resources available to Amazon? They could outprice you (running at a loss) and use that as leverage to bring your customers into their ecosystem.
I'm not saying Amazon is actively hostile towards opensource. I recognise that they even submit contributions to the stacks they use (at least the ones I've seen). But there's no argument that I could host a better instance than Amazon. That would be one hell of a grandiose delusion.
I don't know what the answer is here for open source. Maybe a license that allows free use, but prohibits you directly competing (offering a paid solution for support of the product) without a license.
I don't think that's unfair stance to take, it doesn't punish Amazon for being such an incredibly successful and powerful hosting provider (I like AWS, I really hope I'm not sounding hostile towards them) but it creates a symbiotic relationship instead of a directly competitive one.
Maybe I'm being naive and overlooking something, but I don't see what choices Elastic had here.
I don't agree with the arguments that Elastic made a killing last year and therefore they should shut up and be grateful. Be grateful for what, exactly? That a behemoth of a platform is taking business share from them? You can't expect them to be OK with that, surely. I don't agree with their response either, but I think it's time the open source community acknowledges that we're in a different era now and we need a license to reflect that.
1. Don't punish Amazon, they haven't done anything wrong (and you can very easily nuke small businesses that offered support too, nobody is whining about them). Open source should belong to all of us. Making money off of that should really belong the original authors. I don't think that's a wildly ridiculous opinion.
2. Protect your business model, or maybe even come up with a new one that works hand-in-hand with a hosting provider like Amazon, rather than waiting for them to drain your market (which is not their intention but you can't ignore that it's happening).
An example I can think of for 2) is building a version of the product that's more suitable for Amazon, which might help relieve overhead for them setting that product up. Then charge them for supporting that codebase. I'm imagining a twist of the "enterprise-grade" tier with extra features for enterprise-grade users. Have a "cloud-provider" tier on top of that (that supports replication, multi-instance, easy-up-down state or whatever you can think of).
Again: I'm just a dude who thinks there's a growing elephant in the room that can be addressed in a manner that's beneficial to all parties. I don't mean to attack Amazon or Elastic, but I think this incident is a harbinger for what's to come
-----
EDIT: Maybe the right move is to approach the cloud providers as an OSS provider and ask them to work with you on your business model. Don't wait for Amazon to build your product into an offering, build it with them. Take a cut of the revenue. Maybe?
Bezos is executing better than the original SAAS vendors that FOSS community editions. You want to compete with buff Jeff then make sure you support Azure/GCP too and can price below Bezos' margin above raw EC2 - usually means you have to get creative with spot instances and avoiding cross data center network.
Amazon can, and will price you out of the market regardless of what you do. And if your idea is novel enough, they will just make their own version of it (or fork it, like in the original post!).
Is that wrong? The computer revolution was ignited by other companies essentially copying the designs of microprocessors and reselling them as their own.
What will happen next? AWS will poach elastic developers. AWS will need to show the open source community what happens when someone revolts. They now need to destroy elastic at any cost. I hope elastic has some large releases coming up, or some tricks up their sleeves
Do people really believe Amazon is as predatory as this comment makes out?
Amazon is winning because they've been delivering a better product in general. AWS was a game-changer when it came on the scene. They continue to add new services all the time. AMZN is not MSFT. Why would Amazon need to nerf the other guys when people like them better in the first place?
I don't think their intention is to Embrace, Extend, Extinguish, but I also think it's a side affect of being such a behemoth with a much better offering.
I can't think of a way to offer an OSS product and make money in the "traditional" means of support when Amazon is around. You just can't compete with them because you're right: They are a MUCH better product.
Not because they understand the software better than you (although I'm not saying they don't either), they just have more resources.
Why can't we work together instead of being in direct competition, you know? There must be a way to do that
AWS contributes improvements to the project. This is just about Elastic and their business model. They could have not made it open source and it probably just would not have been widely used and successful. It is up to Elastic to come up with a business model that works, not blame others if it is not.