Hacker News new | comments | ask | show | jobs | submit login
Redis is not “open core” (antirez.com)
204 points by stock_toaster 6 months ago | hide | past | web | favorite | 68 comments

This approach is open core. The open core model funds open source work by finding "market differentiating features" and keeping them proprietary in order to charge clients who might pay. Bruce Perens wrote about this in his classic post, "The emerging economic paradigm of Open Source" [2005]. This is what you're doing.


Frankly, I think it is great that RedisLabs is using proprietary [1] software in order to sustain and fund improvements for real, honest to goodness free & open source software. Thank you.

[1] "Commons Clause" is proprietary and non-free for many reasons, the asymmetric permissions are the tell.

I think it's a valid argument.

For Redis to be "open core", Redis Labs would have to be the owner and copyright-holder of the Redis codebase (like, say, NGINX Inc. is the owner and copyright holder of the Nginx codebase, and therefore are able to split Nginx arbitrarily into the Nginx "core" vs. Nginx Plus.)

But Redis Labs don't own Redis. Redis Labs—despite employing antirez—are just 1. a sponsor of the open-source development of Redis, and 2. a participant in the ecosystem of ancillary Redis products.

A closer analogy than "open core" is the thing RedHat, IBM, Dell, etc. do with OpenStack. They all make their own "distributions" of it, which combine the core FOSS OpenStack project with their own proprietary add-ons. OpenStack itself is a FOSS project, and is not "open core."

Similarly, Ubuntu and RHEL are corporately-developed Linux distributions. Is the Linux kernel, therefore, "open core"? No. Those distributions don't own Linux. They just bundle it together with their own stuff, and sell the bundle.

Red Hat is not the example you claim, everything in our products is open source, no piece of Open Stack or RHEL is proprietary software or open core. Even when we acquire proprietary software companies, we open source everything.

This model works very well for us, but I appreciate that it can be hard to replicate.

When it comes to open-source compliance, I would say RHEL follows the letter of the law but not its spirit. Although the source is available, and I’m sure it’s licensed in a way that meets OSI’s technical definition... it’s unreasonably hard to make useful modifications, contribute them back, or redistribute them.

In fact Red Hat deploys specific obsfucation techniques to make it harder for competitors to redistribute RHEL, while technically respecting the OSI definition of “open-source” [1]. I understand the business motivation for playing these sorts of games... but it kind of deflates the notion that Red Hat’s model is anything special or worth emulating.

Assuming Redis Labs will accept pull requests and generally follow the process of collaboration casually known as “open source” for their proprietary modules, even if it doesn’t meet the OSI’s technical definition of open source... Then as far as I’m concerned the Redis Labs model is more open, in practice, than RHEL’s.

[1] https://lwn.net/Articles/430098/

As the above poster said, Red Hat open sources everything. They buy proprietary software companies and open source the software. Red Hat officially sponsors the CentOS project.

I'm very familiar[1] with the "obfuscation" you linked to, and I think you are missing context. Red Hat used to ship their Linux kernel source RPMs as vanilla Linux kernels plus a series of patches. They switched to releasing the source RPMs as a fully patched kernel tree. They did this because Oracle started providing commercial support for RHEL (not just Oracle Linux), which is how Red Hat makes money. This had no impact on open source redistributions of RHEL, like CentOS, because they just compile the kernel source without modifying it. AFAIK the kernel is the only package they do that with.

[1] There was a kernel bug between RHEL 6 RC and GA, the RCs had individual patches, the GA kernel source RPM was pre-patched. Lack of patches made it harder to track down, but it was still possible by applying the patches to the RC kernel, then diffing the patched RC source against the GA source.

I don't understand, why did Red Hat need to start shipping their RHEL kernel source pre-patched just because Oracle started providing commercial support for RHEL? I don't understand how shipping pre-patched vs not pre-patched kernel source is related to Oracle providing support.

It makes it harder for Oracle (and, sadly, everyone else) to understand and support the patches.

The GPL requires that source be distributed in the preferred form for making modifications. One of the FAQ examples is that if you have a perl script that generates C code you can't just distribute the C code, you have to distribute the perl script that generates it.

IMO distributing only the pre-patched source of the kernel is the same kind of violation. The preferred form for making modifications is the original source plus separate patches, that's what the people who are working on that code use.

IANAL, but I work on the Red Hat kernel. I don't need the patches of the Red Hat kernel in order to make modifications to it. I need the patches from the upstream kernel in order to copy them to the Red Hat kernel, but I often use "--depth=1" clones of git trees, in other words clones without the "patches", and make modifications to them.

Patches are useful, of course. They are useful to understand the evolution of the software, to support it, etc. But they are not necessary in order to make modifications to the software. Ten-fifteen years ago it was actually the norm that open source software had private source control repositories and only made periodic releases as tarballs.

Sure, it's possible to work without the patches. Equally it's possible to make modifications to code that was generated by a Perl script - or even to modify binary code directly without having the source at all (I've seen it done). The salient question is: what is the preferred form for making modifications to the work? And certainly I'd always want to have the patch history available when working on a codebase.

Working on a codebase however is not what the license says. It says specifically "making modifications".

If you have the Perl script that generates C code, you get a benefit from being able to modify the Perl script rather than the C code. So the Perl script is the preferred form for making modifications.

If you have the history, you don't get any benefit from modifying the history. In this sense, having the history is not relevant to making modifications, only to studying the code (for example to make the same modifications on another branch/fork of the code, like I do with upstream patches, or like Oracle could do if they had the Red Hat patches).

Your could say that this phrasing is shortsighted, but note that neither Red Hat not Debian or anyone else has ever given the complete history to Linux or any other piece of software they distribute, but they had to give the complete base source tarball as distributed by the upstream project.

> In this sense, having the history is not relevant to making modifications, only to studying the code

Studying the code is the first step in making modifications. I would always want to have a working "git blame" before trying to modify a codebase, so that I could understand lines in the context of the changes they were part of before I modified those lines. I consider it considerably harder to modify a codebase when I don't have proper version control history available.

The rest of the comment explains what the license means by "preferred form for making modifications" and why the full commit history isn't it.

My intuition is the same as yours, but I also note that Oracle didn't sue Red Hat over it. This even though they are also among the Linux kernel copyright holders and are one of the most litigious companies known to the tech industry, PR consequences be damned.

So maybe their lawyers disagree with us? Or maybe they're institutionally allergic to being a GPL enforcement plaintiff, even in their own strategic interest.

Not sure that suing is in their strategic interest. Do they publish the oracle Linux kernel prepatched? If so, they wouldn’t want to set a precedent that Red Hat is breaking the GPL.

No idea if they do that, but good point if so.

> Redis Labs would have to be the owner and copyright-holder of the Redis codebase

This is actually an interesting argument but I'm not sure this statement is necessarily or obviously true. What has been put forth in this blog posting is that Redis Labs has created proprietary modules for features that antirez has no intention of accepting into Redis core (like JSON and a full-text search engine). So why does it matter whether or not Redis labs owns the code? NGINX Inc. sells modules for features they aren't putting into the core product as well.

It doesn't appear like owning the full copyright to the core makes any difference.

Would you consider postgres "open core" as well?

Citus makes proprietary modules for it, and likely employs some postgres devs. I wouldn't consider postgres "open core" by any means. I would consider Citus "a proprietary extension".

If the majority of the development of an open source product comes from proprietary extensions then it's open core. That's the project's particular monetization model.

In this case, it seems like that is the monetization model for Redis (and plenty of other open source projects). It's not the case, as far as I know, for Postgres.

It's a little different with Redis though, because Redis labs employs the Benevolent Dictator of the project.

> Would you consider postgres "open core" as well?

Its not entirely bizarre to say that, though it's farther from undisputable open core than Redis is, as there isn't a single proprietary vendor with as significant a relationship to the open source project as is the case with RedisLabs.

> Citus makes proprietary modules for it, and likely employs some postgres devs.

And EntrepriseDB. And a number of other proprietary downstream vendors that sponsor significant Postgres development. If PG is open core, it's radically decentralized open core.

> therefore are able to split Nginx arbitrarily into the Nginx "core" vs. Nginx Plus.

Anyone can split the Nginx core codebase arbitrarily into A and A Plus.

"Nginx" is trademarked, just as "Redis" trademarked, but I don't think we're talking about trademarks. I think we're talking about code, and the BSD open source code bases can -- in theory -- be changed and evolved by literally anyone.


> Those distributions don't own Linux.

With such permissive OSS licenses, there is little of the traditional concept to the word "own".

> Similarly, Ubuntu and RHEL are corporately-developed Linux distributions.

Hypothetically, suppose Ubuntu was responsible for over 90% of Linux development, and Ubuntu maintained extensive non-OSS additions to Linux.

Or suppose CloudBees was responsible for over 90% of Jenkins development, and CloudBees maintained extensive non-OSS additions to Jenkins.

Then yes, in both cases I would absolutely call it open-core.

I don't think that's a dirty word; it simple describes the realities of the situation.

You seem to be making a distinction with a difference.

> For Redis to be "open core", Redis Labs would have to be the owner and copyright-holder of the Redis codebase

Cloudera (Hadoop), MapR (Hadoop), Elastic (Lucene), LucidWorks (Lucene/Solr), DataStax (Cassandra), and DataBricks (Spark) are all companies with an "open core" business model around Open Source projects hosted at the Apache Software Foundation. (Those are just off the top of my head -- there are plenty more.) All ASF projects have many copyright holders.

I think part of the confusion is that we are assigning an attribute to an API that can and should be willfully ignorant of the ecosystem around it. The APIs are not open core but the companies around them are using an open core business model.

antirez as the creator of redis is stating that redis is not open core. antirez as an employee of Redis Labs is working for a company that has adopted an open core strategy, and which is using redis as their core, which doesn't make redis the API open core.

Redis labs employs antirez, the Redis trademark is owned by antirez but used by Redis Labs and the open source project has a page for commercial support which directs you to Redis Labs and no other potential commercial support options. The ties between the open source project and a single company are much stronger than any of the examples you have provided. I would argue strong enough to warrant classifying Redis as open core.

Red Hat is wrong example, both RHEL and Openstack has no secret sauce, it's all opensourced.

"We're not open core, we're some entirely new term we've invented for ourselves, please don't dismiss us like you dismissed the dozens of previous people who did exactly what we're doing but with different confusing terminology!"

Taking an Open Source product and having paid proprietary addons for additional functionality people are willing to pay for is the definition of the "open core" model. I'd have a lot more respect for what Redis and Neo4j are doing here if they weren't creating a cloud of associated FUD and confusion.

I agree with this - there's nothing wrong with "We're taking extensions and making them proprietary" (unless you share Stallman's belief that proprietary software is inherently immoral). There's nothing wrong with proprietary software being hosted on GitHub, having source available, accepting pull requests, allowing noncommercial redistribution, etc.

But the Redis Labs blog post was incredibly confusing when it could have just straight-up said "We're making some plugins proprietary," and this post is awfully embarrassed of the term "open core" when there's nothing to be embarrassed about. Debian, the group that is so doctrinaire about free software that it literally doesn't ship gcc's manpage by default on the grounds that it's nonfree, is happily running the open-core edition of GitLab. You're not doing something bad by saying you need money from paying customers to support the folks working on FOSS. There are lessons to be learned from previous open core efforts, and they won't apply 100%, but no lesson on successful companies applies 100% to a different situation. And they certainly apply more than 0%.

> Debian ... is happily running the open-core edition of GitLab.

I'm not sure I would describe it that way. Certainly some part of the community is happy about it, other parts are certainly not.

So PostgreSQL is open core, because it's an open source product that people have taken and made paid proprietary addons for additional functionality. Literally what your definition is.

I swear, this entire fiasco is utter stupidity and has caused countless worthless debates. This is no big deal. Anyone who thinks this is a big deal doesn't have a clue and should just stop now.

"open core" describes the business model, not the product. PostgreSQL is an open-source product with many vendors who have an open-core business built on top, offering their own proprietary products and services.

I don't know why Antirez is on the defensive here about being open core. So what? If that's a viable model for keeping Redis sustainable, then that's all that matters.

For what it's worth, having closed sourced extensions for an open source licensed core product (in this case Redis) is the canonical definition of "open core", and this post does not really prove otherwise. Sure, there could be some minor variation here (with Redis Labs not owning Redis directly), but largely it's the same model for all practical purposes.

He's probably worried that someone will think that RedisLabs controls what he decides to put into Redis. By saying that it's not open core, he's stating that his decisions are impartial and not governed by potential revenue loss at RedisLabs. Given how stubborn Antirez can be, personally I'm willing to accept that at face value.

It's funny that he specifically mentions not wanting to put into Redis the exact type of software that RedisLabs sells.

I'm fully willing to accept at face value his reasoning but we wouldn't even be discussing this again if there wasn't yet another blog post telling us how we all have it wrong.

My advice to Antirez is to just leave this alone for a month and I doubt anyone will still care in a week.

Yes because Redis Labs is doing basically what we agreed was not in the roadmap of the open source for years... It's not a coincidence, we basically thought that there was potential in the intersection of: (what customers asked /\ what I was not going to do). But the blog post is not defensive, I think that the discussion that started from this Redis licensing thing is truly interesting, and that "open core" is a flat way to classify certain scenarios. Usually it captures well the idea, but certain times not. For instance imagine if Redis Labs would just specialize in writing orchestration software to sell Redis as a service... It's hard to argue that this would be an open core model. And what Redis Labs is doing is kinda that in a different way, to add value outside the space of the OSS project main focus.

It seems to me that the main source of confusion is about the independence of Redis from Redis Labs.

To you Redis is an independent open-source project, to which Redis Labs generously donates your salary so that it you can work on it full time.

But to most people online, that is not immediately obvious: because of the company name, you working at Redis Labs, and them being the main sponsor, Redis is seen as the "open-source core product" of Redis Labs. https://redislabs.com/community/oss-projects/ also strongly leaves that impression - it even says that to contribute to Redis you have to sign the contributor agreement with Redis Labs.

Once you have that impression, it's natural to assume that Redis + Redis Labs modules are part of one product family, and that the roadmap for both is being planned based on the business goals of Redis Labs.

Redis labs website describes itself as the "home of Redis" and sells a product called "Redis Enterprise". If that doesn't sound exactly like textbook open core, I don't know what does.

Sqlite is in the public domain and, like redis, has various apis for writing your own extensions. Some of those extensions are free, some are proprietary (thinking of sqlite encryption extension, although there are free alternatives).

There's nothing new about this. Postgres has apis for writing foreign data wrappers, MySQL has pluggable storage engines, etc etc.

Is antireZ worried about redis' reputation after the hn license drama? Is he just waxing philosophical? I kept waiting for the post to go somewhere.

Redis is awesome. antireZ is doing great work. Its a bummer he felt compelled in some way to write this.

Ok so “Redis” isn’t open core but the RedisLabs ecosystem is - is this really a necessary distinction? The point is that the people funding it are taking something off the table, whatever label you give it.

But then what’s wrong with open core? It’s a reasonable business model, so why the denial?

But that's exactly the crux of his argument - they're not taking anything away, because the things Redis Labs is working on are things that he would not accept into Redis itself even if someone were to donate the code for free. The Labs modules only exist because of Labs.

Whether you believe him or not is your call, but it's not simply a semantic argument.

Glad somebody understood the argument despite it was not very clearly stated.

>For example providing a single node of a database into the open source, and then having the clustering logic and mechanism implemented in a different non-free layer, is an open core technology.

> that is able to provide strong guarantees is non free. In an open core business model around an open source system it is fundamental that you take something useful out of the free software part.

Isn't that an exact description of the difference between redis clustering and RLEC ? I would say that easy setup and automated (ie, no downtime) recovery are "strong guarantees" and are the "clustering ... mechanism implemented in a different non-free layer" .

I support there being a real business model to maintain the FOSS redis. Just wanted to point out that it sounds like you're arguing against yourself about the true nature of Redis / Open Core

That's a whole lot of rationalisation about how it's not an 'open core' model where text actually supports that it, in fact, is open core. Not that it matters.

I'm sorry if the post looks defensive, my only goal is to have a further discussion about possible models, and how "open core" requires some thought about is real essence, and how IMHO an "added value" model also exists.

Personally, I couldn't care less. Open Core sounds good as well. My impression was that this post was more for you than for readers.

Well you are free to have your opinion about my post, but for me it's a different matter: while I believe that who does "open core" has all the right to do it, and I hope they'll have all the success, I don't think it's always the right model. In the case of Redis, imagine if any HA would be in the closed part, that is, Sentinel and Redis Cluster. The applicability of Redis as free software would be more limited, because in order to work well an open core strategy really needs to take away from the party something really valuable. So I think that an "added value" strategy works better. It leverages the delta between what users (or even more interesting, what enterprises want), and the developers of the product do not. For instance Redis directly queried by JSON is IMHO the least interesting thing to do, yet a lot of people want to do that. Similarly a CRDTs store with the Redis data types is great, even if it ends not being Redis from the POV of latency, memory metrics and so forth. That's my point, one strategy is to take something, remove an important part, and force a subset of people to buy. The other is instead to develop in the OSS a complete product, and focus on offering additional things that different subset of users really would like to see because they have vertical needs here and there.

Don't worry, man. I'm not reading 'deep into it'. It's a simple matter of interpretation of open core, where you represent stance of open core being features taken out and monetised, where other represent stance it's added value on top of core functionality. And the wording seems to mix both in your representation, namely what constitutes core features and what's added value. A thought experiment could clear all that out - what would it change in rationale if Redis Labs was not associated with you in any way?

This paragraph confuses me:

> Redis Labs customers often asked directly for such things. And actually, such features could be cool, but it’s not Redis, I’m not interested, and the open source side of Redis does not have the development force to keep all this things going btw. And this is a major advantage both for Redis and for Redis Labs: it is relatively cheap to pay just me and a few more OSS development time internally, while allocating the rest of the resources to development of things that are useful for the Redis Labs business. There is anyway a great deal of contributions arriving from the community. And I also keep saying “no” to all this fancy ideas… which is also a problem.

At first the author says that there is not enough manpower to develop new large-scale Redis features, but then he says that contributions are being turned away.

Sorry when saying "no to fancy ideas" I mean to the ideas of doing with Redis more than its natural scope, not saying no to the contributions. I'll clarify.

Hey, antirez! I don't understand all the recent drama around Redis, I think what you and your crew are doing is absolutely awesome. Thank you for all your hard work. This is your work, and you never have to defend yourself, or give long and deep explanations for what you do with your own work. You don't owe anything to anybody. I hope you become a millionaire :)

I think the idea is that plenty of people want to add a feature, but they might not stick around to maintain it.

Then the core group is left with the maintenance headache for years to come, and more features makes any changes antirez wants to make more difficult.

There is also a cost to increasing absolute codebase size, even when people stick around to maintain their contributions.

I admire antirez very much for making it a priority to keep the core small.

I admire antirez generally, his C code is really great reading for instructional purposes.

What are the possible ways to monetize open source software?

* support or training. RedHat seems to have cracked this, other large companies struggle to make it work.

* building an SaaS around it. That seems to work only if no other large player attempts the same

* proprietary extensions (whether you call it "open core" or not).

* getting sponsored for adding features (doesn't seem to scale all that well)

I have no moral objections to any of those.

And then there are things like OTRS AG delaying the release of their own source code, to make the SaaS offering more attractive compared to self-hosting, which kinda annoys me (mostly because it means they can't really accept user-contributed features in a meaningful way).

> getting sponsored for adding features (doesn't seem to scale all that well)

And that's a problem.

> In an open core business model around an open source system it is fundamental that you take something useful out of the free software part.

Here's the problem and why what he's saying is a distinction without a difference. This rule is arbitrary, I had never seen it before and it's needed for redis not to be open core.

It very much is.

> I want Redis to be Redis, that is, this general tool that the developer can use in different ways to solve certain problems.

It's telling that the best that can be said is this ambiguous language. Nothing prevents these "different ways" and "certain problems" to change at any given moment.

antirez keep doing what you are doing. so many thousands get utility from a small, reliable, piece of software that does what we need, and next release doesn't suddenly increase its surface area. I trust your judgement.

Deep respect for your work and courage to use BSD for Redis. BUT this communication disaster SHOULD have been prevented and seen in advance. Stay far far away of Common Clause licenses shit. Call it what it is: proprietary software. Nothing wrong with a term that is clear for all. Even if source code is available.

Open-core describes the business model, not the product. It's about offering (open or proprietary) products and services on top of open-source foundation and is exactly what Redis Labs does, and has always done.

This post is very confusing as open-core is not directly relevant to Redis the database, and it seems to be defending something that nobody is accusing it of in the first place.

Right. The correct term is "freemium".

Interesting but very difficult to read.

Yep that's one of my best "Italian sentence construction translated in English" piece... Sorry, it often comes out like that when I write impulsively.

It reminded me of your article [1] (English has been my pain for 15 years). As a non-English speaker, sometimes I wonder if my readers (& clients) do not understand the context or my English.

[1] http://antirez.com/news/61

I speak Spanish and it all sounded very natural to me... :-)

It was liked by me. A post very good.

Naturally :-D

Interesting article but the font was so horrible that I ended up changing it in the developers tools.

Horrible in what sense? What browser/OS? Monospace fonts were in use by the entire world 30 years ago, it’s definitely readable.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact