Hacker News new | past | comments | ask | show | jobs | submit login
AWS announces forks of Elasticsearch and Kibana (amazon.com)
1314 points by ke4qqq 34 days ago | hide | past | favorite | 932 comments



I do not get why people are coming down on AWS here. Elastic made the software available under the Apache License. That gives AWS the right to offer this service. Maybe they did not have right to trademarks, there are courts to settle that.

AWS contributes improvements to the project. This is just about Elastic and their business model. They could have not made it open source and it probably just would not have been widely used and successful. It is up to Elastic to come up with a business model that works, not blame others if it is not.


I don't really get how people get this twisted.

ES and other companies have a business that sells a managed version of their product. This is how they sustain developers to continue working on Elastic Search. This model has worked for companies long before cloud providers were a thing. What AWS and others basically did is create identical services, keep all the profits, and exploit gaps in Open Source licensing to this end. From the ES perspective, their FOSS contributions were done in good faith which basically boil down to, "If you can run our product on your own, you get it for free".

AWS knows that if they take too much of ES' market that they won't survive. If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported.

You can frame this question in terms of ethics, you can frame it in terms of licensing naivety, you can frame it in whatever way you want but Amazon is doing what it always has done: exploiting smaller businesses in its goal to become a conglomerate.

Edit: a lot of people talking about the license forget that there's an entire spirit to open source. The permissiveness of open source was one thought to be "we can all succeed together" and what people get upset about is the fact that this obviously violates that spirit. The businesses set up to back companies like Elastic Search were setup to sustain the project while continuing to empower it's creators to take their vision further. If Amazon takes the pie, that doesn't happen. At best, the creators are now Amazon employees and have to follow their desires. Just because you can exploit a license, doesn't mean you should.


>What AWS and others basically did is create identical services, keep all the profits, and exploit gaps in Open Source licensing to this end.

Gaps in open source licensing? The license Elastic chose explicitly allows anyone to take the code, run it as they wish, and not contribute anything back. There are other FOSS licenses that are slightly more strict about this; they could have chosen AGPL if they wanted someone hosting a service to publish their changes, for example. And then they could have used a proprietary license from the start if they didn't want others competing with them at all using their code.

Launching a competing offering using FOSS that someone else wrote is nothing new at all though. Red Hat built their business around subscriptions for and support of free software, much of which they wrote, but they hardly had exclusivity over the distribution (see CentOS and all the providers offering it) or the software they wrote. (It's all free software after all!)


> they could have chosen AGPL if they wanted someone hosting a service to publish their changes, for example.

So... you admit that the people who created the GPL decided their license wasn't sufficient to cover a certain usecase and revised it to cover it. But you think it's unfair to call this a "gap" that ES is now trying to close?

EDIT: I do think it's fair to point out ways in which the new license for ES is worse than the AGPL, but I do think it's important to point out that it's possible to believe in open source licenses and to think that the way AWS uses software violates the spirit of open source. The people who work on GNU seem to think that!


>So... you admit that the people who created the GPL decided their license wasn't sufficient to cover a certain usecase and revised it to cover it. But you think it's unfair to call this a "gap" that ES is now trying to close?

The gap in that case was that the GPL was not sufficient to ensure that software remain free software when companies started using SaaS for software that previously would have been run locally. SaaS was in effect a workaround for the GPL's distribution requirement (enabling companies to avoid giving the software's users the freedoms associated with free software), so the AGPL was created for software that was meant to run on a server.

This is different: the point of contention here is not that Elastic's software was being made proprietary (they could have easily used the AGPL if that was their concern, the AGPLv3 predates the first Elasticsearch release by three years) but that Amazon is using their software to compete with them. That's something that's pretty fundamental to both free software:

>The freedom to run the program as you wish, for any purpose (freedom 0).

...and open source:

>The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.

Freedom 0 is a feature, not a bug! It may be a "gap" in Elastic's business model, but it's certainly not a gap in FOSS licenses - the freedom to use the software as you wish is a pretty core value of free software.

Now that said, I do think that taking FOSS and making it proprietary certainly does violate the spirit of free software. Amazon doesn't seem to have done that here, though - their fork is under the Apache 2 license.


Amazon doesn't need to use a proprietary license, the product they have built around Elasticsearch is itself proprietary. They have produced and are selling Elasticsearch-as-a-service for their AWS environment.


I see it as “there are a variety of licenses from which to choose, depending on your goals”. BSD, Apache, and MIT all represent different points in space, as do GPL and AGPL.

When I choose Apache or MIT, I do so for a reason and if you or Amazon use code in compliance with that license, I’m happy and you’re not “exploiting a gap” but rather “complying with the terms I offered”.


Fully agree with this. Free is free, you could always argue that there is "a spirit to open source"; but as with everything there's always going to be people exploiting and using it, that comes with the free.

To me it boils down to if you think that it's worth it: whenever I put MIT or Apache 2.0 on my public Github projects, I don't mind anyone going out making millions on them. Other side of the coin; if I make millions on some obscure library I found on Github with an MIT license, I do not expect them to be outraged about it.

If you do not think it's worth it, as you said there are a range of other licenses out there. I love the notion of human knowledge being free and available to all to the fullest extent, I think it will drive (and has driven) immense value for humankind.


People also seem to miss a point when trying to invoke the "Spirit of the Open Source License": The only reason why Elastic is changing their license is because they want to profit from it. So, isn't that exactly against the "Spirit of Open Source License"? If they truly cared about that, they should be angry about it at all.

Choosing sides here seems to be choosing between two profit seeking companies. Why, as a developer, you should take a side?


I as a developer take the side that allows me to use the open source code as I see fit based on the license terms provided. Elastic initially chose a license which would allow them to capture more of the market/mind space of developers and now that they've accomplished that they want to fully monetize those developers.


It's worth keeping in mind that we don't always know which projects will truly become successful. The precursor to Elasticsearch, Compass, wasn't hugely popular. When I started looking hard at Elasticsearch, with plans to actually use it, I had to spend a lot of time explaining why I didn't want to use Solr, which was much more popular at the time.

In my opinion, the bottom line is this: if Amazon's exploitative behavior is continues then we're going to see more and more open source products shift towards janky-kind-of-open-source or entirely closed licenses. Small or experimental projects will have open and permissive licenses, their authors will have plans for shifting licenses should the product become really successful.

I think it marks the end of this idea that you could have an open source project and then build a commercial offering around it. No matter who you are, odds are good Amazon will get such an offering off the ground faster and they have a built-in market of AWS customers.

Elasticsearch has made their motives clear: they have real concerns that Amazon is diluting their brand and they feel that Amazon is costing them too many customers with their proprietary AWS product. We can quibble about the morals of Amazon's move (they have none, corporations have no morals) but let's not lose sight of the outcome: Amazon has forced another OSS project to switch to a closed license[0].

[0]: https://techcrunch.com/2019/02/21/redis-labs-changes-its-ope...


Amazon's behavior may feel exploitative, but it isn't. That would be like saying Red Hat is exploitative.

Part of the whole concept of free software is that you have freedom of choice with vendors (this is derived from "freedom 0"). Amazon is providing the software and its support as part of the Elasticsearch offering as a managed service. Elastic is a competing vendor, both as a managed service and in a traditional sense too.

Elastic made this decision because they wanted to be the exclusive vendor for Elasticsearch. That's fine, but it's not in the spirit of free software.

If anything, Elastic has exploited the third-party contributors who contributed to Elasticsearch under a CLA by promising to not do what they did and then blaming AWS for doing it anyway.


I don't think it's fair to say that Elastic wants to be the exclusive vendor of Elasticsearch. They have registered and own the trademark, I believe it is fair to say that they want to be the only vendor who can use that trademark. I don't think this is uncommon or unreasonable.

Other companies have built products on Elasticsearch (I worked one one myself at one time) and they haven't been sued by Elastic. In my experience, Elastic has behaved in the spirit of free software. Now that their license has changed I would expect they will receive fewer submissions of code from outside companies. In my opinion, the difference here is both scale and misrepresentation of the offering by Amazon through unauthorized use of Elastic's trademarks.

This is not the first company to change their license in order to avoid providing free improvements to Amazon's proprietary services, I believe that this is unique to Amazon, perhaps because of the size of their AWS customer base. I can't find any similar stories of companies changing their licenses because their code was being used by RedHat.


Trademark disputes are best solved with litigation, not product relicensing.


Another OSS project has chosen to switch to a closed license in response to competition from Amazon.


I'm not sure what value the word "chosen" has in this context.

Amazon is one of the largest and wealthiest technology companies in the world with a large captive audience of customers locked into their AWS product. On what terms could Elasticsearch compete with Amazon, especially when any improvements to the product would effectively be improvements to Amazon's product as well?

While I may step out of the way of an oncoming train, is it really a choice? No, it's clear that an oncoming train forces people to step out of the way.


Elastic wants to get the benefits of permissive licenses without the drawbacks.

Having a permissive license is a massive asset for getting people to adopt your software, but it means you will have no control over what they do with it.

They want the goodwill and other benefits of a permissive license without loss of control that these licenses bring.


I have to disagree, I see no reason to think that Elasticsearch is seeking to avoid "the drawbacks" of a permissive license. I believe the project has been using a permissive license since it's first release in 2010.

What they are objecting to is having their project co-opted by Amazon, one of the largest and wealthiest technology companies in the world. Elasticsearch and Amazon have been battling this out for a couple of years now, this is the latest move in that battle.[0] They have been very clear that the reason they are changing the license is Amazon, not "the drawbacks" of an open source license.

[0]: https://searchaws.techtarget.com/news/252471650/AWS-faces-El...


That Amazon can do this is "the drawback" here.


They could also collaborate with Elastic as a customer. In fact, the model where a company develops a managed service and offers it on cloud providers infrastructure (i.e. "app store") would have everyone benefit:

* Amazon, from the wealth of innovative managed services they could offer without fully maintaining them themselves

* OSS companies, for the ability to financially sustain their projects and still offer it for free for those that want to self host without offering a managed version of the same software

* End users, who can both use the software however they wish and also choose to get a nice managed version of it.

Instead what will happen due to AWS behavior here is that there will be a lot less incentive to develop innovative new services, at least in a non-proprietary way => therefore there will be fewer services in general for AWS to offer without doing all the product work from scratch, fewer tools in general for engineers and fewer OSS tools in particular and more Firebase-like offerings. So everybody loses here in the long run.

I'm going to go on a limb and say that whichever of the cloud providers figures out the "app store" equivalent for managed services is going to be able to take over from AWS.


Commented on your earlier comment, but didn't see another user basically wrote the same thing, as I hadn't refreshed. Isn't Amazon just an "end user" in this case? End user doesn't have to mean someone who queries an ElasticSearch cluster, it could be someone who hosts one and charges for that.


Are Amazon writing the software that transforms and loads the data into ES, as well queries ES? If yes, they are an end-user. If not, they are a managed service provider.

There is no ambiguity in this case, they are offering the exact same elasticsearch API.

But this is not even the point. I'm not interested in the legal distinctions here at all, thats for the lawyers to delineate in more detail. The point is that Amazon are practically throwing away a huge business opportunity that would also encourage more FOSS to be built in a sustainable way ("app store" / "managed service store") for some short term gain, by throwing companies such as MongoDB and Elastic under the bus.


Totally agree. I think you could also say a similar thing about Amazon however: they are benefiting off of the permissive license Elastic chose to use, without the drawback of having to spend developer time improving the open source project they are profiting from.


> But you think it's unfair to call this a "gap" that ES is now trying to close?

Yes, because ES didn't use any GPL license even when they had every option to; they used the Apache license which is explicitly incredibly permissive.


I don't think this is a fair critique: they have a pragmatic goal of running a business while being as unrestrictive as possible.

With their Apache choice a pragmatic balance was met where developers could use/modify it as they please or use a managed solution from EC or even a managed solution from another company. The ecosystem thrives and their company can thrive.

But a managed solution from AWS ends being materially new and different: AWS is able to undercut them on every front, and people end up viewing AWS ElasticSearch as the canonical ElasticSearch.

Maybe trademark infringement aside, Amazon didn't break the law but they created an unprecedented situation that changed the effective balance of power which changed whether Apache was achieving their EC's goals or not.


The AGPL is nearly 2 decades old, and its tradeoffs are well known among people working in open source. If Elastic had wanted its protections (and restrictions) they easily could have chosen it.


AGPL also harms adoption at companies because of the "invasive" nature of the license. Google, for example, bans the use of any AGPL software. It's too vague for the legal team to confidently understand the "bounds" of the copyleft license.

Permissive licenses like MIT/Apache have historically been what companies prefer to have when evaluating free software. And, generally, it hasn't been a problem for companies like Elastic because companies like Amazon didn't "take" profits from Elastic (and others).

What has shifted is that, where before, there was a "code of honor" that companies could use FOSS software and Elastic would benefit from the uptick in adoption via support contracts, community building libs + writing docs, and encouraging "network effects" for them.

The "cost" of being a FOSS company was lower than the "reaped" benefits of the network effects.

That has shifted with "predatory" behavior from companies like Amazon. That abuse of the "vulnerability" in the FOSS ecosystem is a tragedy of the commons. It means that companies have to be more cautious about what they choose to open source.

This is just my opinion, of course. As a founder of a software company though, I see this as a real struggle. I would prefer have https://refinery.io be an entirely open source tool and we make money via supporting the ecosystem.

Unfortunately, it just isn't clear cut. The best option that I see today is a model like what MongoDB and CockroachDB have with licenses like BSL. But, they're not truly "open source". And that sucks.

We are living in a time where there are no good answers in the face of exploitative behavior by companies like Amazon. It means companies like mine have to maintain a proprietary platform in order to make money.

As a developer, it hurts my ideals. As a business owner, it's a risk I can't afford to take. That's why this behavior is a problem for FOSS.


> What has shifted is that, where before, there was a "code of honor" that companies could use FOSS software and Elastic would benefit from the uptick in adoption via support contracts, community building libs + writing docs, and encouraging "network effects" for them.

I've run a couple of COSS companies and have a few arrows in the back on this subject. The 'code of honor' is not enough to float even a small company. I don't think it ever was.

Most people simply won't pay if they don't have to. It's not just a matter of money. Buying software in established companies can be a head-exploding hassle--as in 6 months of fighting procurement. Plus those do-a-good-deed contracts have a habit of disappearing as soon as there's a budget crunch or the enlightened manager who pushed it through moves to something else.

I'm not knocking such contracts in any way. They are kind of like crowdfunding for OSS and can be lifesavers. But it's naive to build a company on them.

To have a profitable COSS business you need to sell something sticky that customers need and can't get elsewhere, so there's a real exchange of value.


"sell something sticky"

Amazon unsticks anything that isn't nailed down...


In these specific contexts, it's important to stop using the term "FOSS." It just clouds the issue. FOSS is Free Software and software so permissively licensed that it could be relicensed and extended as Free Software. Open Source is simply giving up your ownership of the code one wrote, and this Spirit of Open Source is when one pretends that people won't actually take advantage of explicit grant of rights for reasons.

Open Source is for getting popular, and all of the arguments that Open Source people make against Free Software are about the ability to get popular (corporate usage and corporate contributors.) The reason companies use Open Source is because when you license something that way, it's theirs now. They're investing in their own property.

Free Software doesn't intend to have this problem, and if it sees a problem, it fixes the bug. You don't own Free Software, you own the devices that you install it on. You still might end up competing with someone, but you'll never fall behind.


No FOSS license would have protected ES from the problem they have with Amazon. Amazon is in full compliance with the AGPL for example, so if ES had changed the license from Apache to AGPL, nothing would have changed - that is why they had to move to a non-free license instead.

Basically, their problem is that it's impossible to compete with Amazon on delivering a managed SaaS, and most of their money was coming from that.

In terms of the software itself and user freedoms, the licenses used have achieved their goals - ES is free, people using it can control exactly what they are running, can patch it and redistribute etc. No one owns ES itself, so it is Free Software in your sense.

The people who are having a problem though are the project behind most of the work on this. Now, whether this is a real problem (the company is struggling to remain profitable because of Amazon) or just a fake problem (the company is profitable but it's not growing as expected in some 5 year plan) I don't know, but this is the reason for this type of change.


As someone who has used OSS Elasticsearch, the Amazon managed offering, and the licensed and supported product, I don’t think that’s true.

Amazon has a small team for developing their version and at the end of the day, it has to fit into the operating constraints that they have. There are plenty of huge gaps in managed ES that the vendor can (and does) exploit.


This comment is really insightful. Thank you for the perspective!

It's an interesting idea to think that "Free Software" creates a sort of "distributed code base". In the sense that "code will be eventually pushed to the main repo when the patch is created". That's an interesting perspective.


Not necessarily. "Just" making it free software (eg slapping a GPL v2 on Elasticsearch) doesn't require AWS to share any changes to the codebase, and wouldn't have prevented the current AWS/Elastic drama as it wouldn't have prevented AWS from monetizing Elasticsearch.

Now AGPL might have, if it was used from the start... not because it would prevent any monitization, but because it might bring enough legal uncertainty for AWS to even consider using it


Agreed! No silver bullet. AWS is able to extract value regardless of the license being used.


None of this is new. GNU was founded and developed its licenses to address this issue. But there’s a tradeoff. One that GNU happily accepts. But there has never been a “code of honor” in this space. Give me a break. Companies have been offering Apache- and GPL- licensed software as a service for longer than Elastic has been a company. Elastic wanted to have its cake and eat it too. They overplayed their hand here and now they’re paying the price. They’ll likely soon lose control of the code base. But that’s the whole point of open source.


People getting mad about a code of honor in a decades old, brutal business environment is truly bizarre to me. This isn't a playground pickup game, it's business.


The business is several decades younger than the ethics.


The whole point of open-source is to curate a useful software commons. Suppose Elastic does lose control of their codebase, and it winds up getting maintained entirely by AWS. Then what's to stop AWS from taking their forked Apache2 code closed-source? Bam, no more ElasticSearch. Without professional maintainers, CVEs will pile up and it will gradually become abandonware.

Suppose Elastic had used GPL instead. Then Amazon's hands are tied to a greater extent, but we still lose out. If AWS is the one maintaining ElasticSearch, then ES will steadily become more and more nichely-suited to being a part of the Amazon cloud and less suited to a self-hosted use case. Users can patch it for their own use-cases, but they'll never be able to make it as good as it would have been if there were full-time maintainers supporting them. The commons still become less rich.

The dream is that Elastic can keep maintaining ES but ES remains Apache2. Given AWS's presence in the market, it seems like that's not an especially viable option. For Elastic to keep maintaining ES while switching ES to a more restrictive license which doesn't prevent normal use cases but hamstrings AWS is less desirable, but still preferable to Elastic folding, because ES remains a tool which we can all use and patch as needed to power our own services.


> Suppose Elastic had used GPL instead. Then Amazon's hands are tied to a greater extent, but we still lose out. If AWS is the one maintaining ElasticSearch, then ES will steadily become more and more nichely-suited to being a part of the Amazon cloud and less suited to a self-hosted use case. Users can patch it for their own use-cases, but they'll never be able to make it as good as it would have been if there were full-time maintainers supporting them. The commons still become less rich.

On the contrary, the commons gets the version of ElasticSearch that is most useful to end users. If Elastic can offer better service to end-users, their deployment will be more popular and people will prefer their patches; if AWS can offer better service to end-users, their deployment will be more popular.


> If Elastic can offer better service to end-users, their deployment will be more popular and people will prefer their patches; if AWS can offer better service to end-users, their deployment will be more popular.

Not really, because Elastic doesn't get money from people using their free product. So, Elastic could theoretically go bankrupt even while providing an arbitrarily more popular ElasticSearch version.

AWS on the other hand is charging money for using their service, so they only need to compete with Elastic on the hosted version of ES. If their fork of ES is very hard to host on your own, that's a net benefit to AWS, regardless of how easy Elastic's fork is in the same scenarios - neither company is making money off the non-hosted version.


ES has to provide a much better service to win. Amazon can use their market power and vendor lock in to drive adoption of a worse service and squeeze out a better ES.

Network effects are great for behemoths but not so good for consumers.


This is a job for antitrust, not licensing.


It sure would be nice if the DOJ in an administration sponsored by Amazon can be relied upon to prosecute an antitrust against Amazon.

I'm skeptical though.


Well, it's actually a job for Elastic, since their primary concern is ensuring that they continue to turn a profit. But I'm certainly not opposed to antitrust.


> The whole point of open-source is to curate a useful software commons.

If that were the point of the licensing, it'd be encoded in the license. This is the branding of the license, which is just innuendo. Amazon doesn't belong to any church that recognizes the spirit of Open Source, instead they just read the license and follow it.


Even if we take out the whole morals aspect of it all, because capitalism, I think this this is really right. Yes on: amazon is free to do whatever the license allows. But no on: if that wee the point of the licensing, it'd be encoded in the license.

I think the point of OSS - and there are various flavors so this isn't some unitary point, but more like a general direction - is the insight that copyright isn't actually a good model for software development. OSS licenses are a hack to sidestep fundementally misdesigned legal structures while staying within them. But because OSS uses licenses to create a more open development model, it's restricted in what it can do; it's "just" an EULA essentially.

Ideally, we'd fix this in the law, not via tricky licenses, but we don't live in a world where that ideal is anywhere even close to a serious enough problem to be addressed - at least, that's my take on "the point of the [OSS] licensing".

The various flavors of OSS try additionally to either use various other approaches to encourage a more open model in a closed world, or conversely don't bother since it's a hopeless endeavor, or vary exactly how open they want things to be; but the general gist is that the license is a hack; it's a design limitation, not by design.


> Amazon doesn't belong to any church that recognizes the spirit of Open Source

Yeah — clearly they're acting in total accordance with their own interests. My point is that they're acting contrary to ours.


Who is "ours" here?

They make perfectly legal use of that code. What they're doing seems to be in my interest because if they do it, it means I could also establish a business using permissive code to run it and hopefully make money off it. It's good news for many wannabe startup founders out there.


So, according to some in this thread, as a business owner you are "exploiting open source" by taking more permissively licensed code and making money off it. Shame on you! /s


The people expecting a “code of honor” in American capitalism are hopelessly naive. You may as well ask a lion to observe a code of honor and not target any sickly antelopes.


A strong lion may seemingly indulge such a code of honor for a while - not because of honor, but because healthy antelopes taste better and the lion is fast enough to catch them. But these conditions can change at any moment.

This mirrors how, in general, markets approach human values. They're a nice thing to have if you can afford them, perhaps you can mention them in your marketing - but the moment competition threatens your margins, you'll drop these values to stay competitive. Ethics is a market inefficiency, and expecting companies to behave ethically over time if not explicitly forced to is, indeed, naive.


RMS once said: the GPL doesn't restrict how you USE the software.

If it restricts who can use the software or what they can do with it I believe it isn't classified as free software.

The AGPL is slightly different than GPL. It confers more responsibilities on cloud providers, so that the users of the software (as a service) have the right to the source and any modifications.


I thought Stallman created GPL so software can be "free as in speech". It's another dimensional of ideology, and respectably so. It, however, has nothing do with whether it is moral for AWS to host an Apache-licensed open-source package.


The A in AGPL stands for Affero, which was a company that produced a version of the GPL (with FSF permission) -- that was AGPLv1, written by a commercial company in 2002 to fix the loophole in the GPL.


It is what is says. Calling it a gap is your opinion for your own biases, however you got them. They knew what they were getting into.


Open source is not about the license but the philosophy


Like, contributing back? AFAICT Amazon did contribute back to ES, in the form of code.

Running a profitable business to service free software has nothing to do with the philosophy.


"When the service launched, imagine our surprise when the Amazon CTO tweeted that the service was released in collaboration with us. It was not. And over the years, we have heard repeatedly that this confusion persists. NOT OK." https://www.elastic.co/blog/why-license-change-AWS


"Free Software" is not about the license but the philosiphy.

"Open source" on the other hand...


Regardless, neither helps with Elastic's problem (if we accept it as a problem).


CentOS and Fedora are both trademarks owned by RedHat and staffed by RedHatters.


They are now. CentOS was originally created outside of Redhat to remove all of Redhat’s trademarks from RHEL, since that was the only part of RHEL that wasn’t freely redistributable. When CentOS originally came out, my impression was that Redhat was not very happy, similar to Elasticsearch here.


Sure, of course. They're still both free software, they're still both used by companies who aren't paying for Red Hat subscriptions, there's no shortage of consulting companies who will provide support for CentOS or Fedora like Red Hat would for RHEL, etc. That's the point: Red Hat has plenty of competition, including from others using their own software, and that's fine!

EDIT: And honestly the fact that Red Hat owns both makes it extra clear that they're fine with it, because again, they're a company built on free software.

Well, before the IBM acquisition anyway. We'll see where things go from here.


Yes, but, while RH is the 900lb gorilla in the "pure OSS" business (and yes, we should be thankful for their contributions all over the OSS ecosystem even if we aren't RH customers), from a business perspective they are not that spectacular. Looking at wikipedia, the company was formed in 1993, has a revenue of $3.4 billion, and 13400 employees. By IT sector standards, that's decent but far from spectacular.

Partly due to releasing all their code as OSS, they have poor pricing power over their primary product (support and services (RHEL)) as that's a commodified market with a bunch of competitors who are happy to take their business (offering support for CentOS or other RHEL rebuilds) if they charge too much, or customers might just decide they have the in-house knowledge to support themselves.


> revenue of $3.4 billion, and 13400 employees. By IT sector standards, that's decent but far from spectacular.

That revenue is the budget of the police force in my country. Why would being bigger then that necessarily be a good thing.


Revenue is meaningless, profitability is the important thing. Amazon was net income 0, but it was always enormously profitable, it immediately spent that money on growth.

RedHat wasn't really that profitable. Sure it also spent billions on growth, but Amazon spent hundreds of billions on growth. (Sure, Amazon is a conglomerate, from books to gadgets to groceries to basically everything and the biggest digital infrastructure platform on top.

(I'm simply using Amazon as illustration, it's really coincidence that this submission is about ES and AWS.)


I'm not quite sure I agree with your words here; generally speaking, net income is profit (accounting profit, to be precise -- there are other profits but we normally talk about accounting profit).

Secondly, revenue is super not meaningless! It's the capacity for you to be profitable! Amazon had 0 net income but were able to spend money on growth because they had revenue, and were able to classify their R&D as an expense, which pushed their profit/net income down. Without that, they would've been a positive net income/profit company who then reinvested net income/profits into R&D.

You can do all the expense classification shenanigans you want to to muck around with profit (ex. have profit & spend that on growth, or classify your growth as an expense and have no profit), but it's a lot harder to grow without having the money to put to growth. You'll get that of course in two ways -- increasing capital (equity/liabilities), or well, revenue!

EDIT: Had some typos so cleaned them up.


I wrote profitability exactly for this reason. Revenue in itself is just as meaningless as profitability, I agree. (That's what aggregates like NPV [net present value] and other indicators are for.)

RedHat is big, it has a lot of revenue, but it also has a looot of expenses too. Hence it's profitability is low. Whereas Amazon is a lot more profitable (even if it had no accounting profit), and that's exactly how it grew this big.

If RH were this profitable it would have probably also grown bigger too.

Of course some business models, sectors are truly niches, and you can't grow arbitrarily big. RH probably suffered from this to a degree. Selling Linux support is a niche market compared to selling almost everything that can be shipped in boxes. Of course both Amazon and RH are survivors of the early 2000s big boom-bust cycle, so probably there's a big survival bias and chance/luck at play here, so it's probably not right to say that RH should have expanded to bigger markets. (How come "AWS" is not a RH thing? It's likely that Amazon's extreme "black friday" scaling challenge it not unique to them, yet they were the ones able to successfully capitalize on this.)


Perhaps this would inform the discussion better, but how do you define "profitability" if not by accounting profit? There has to be a strict measure in order to make sense of things. As. I said before, the convention is to use profitability = accounting profit.

I judge by your statements of RedHat's expenses/revenue/profitability that you're defining it as operating profit? That's not a great measure to look at things: certain sectors can expense things and make a mess of it - like depreciation & R&D.

That's also a measure of the core operating portion of the business alone, it. doesn't include non-core portions, nor spending on investments/divestitures (although the latter should show in pro formas or future reports. Also to be fair that would never be counted in a profit definition, but judging from what you find important, I suspect you would prefer to include it? ).

NPVs are calculated by Free Cash Flow streams discounted at whatever your discount rate.


Money spent on growth is not generally counted as profit.


RedHat is not a "product" company but a "service" company, so comparing it to other big tech companies is an apples to oranges comparison. The nature of big tech is scalability (product), whereas Redhat is more of a sustainable business focused on providing support around OSS software, it isn't aiming to do anything new and revolutionary. Not every company has to be gunning towards world domination..


RedHat was never worried about CentOS, the people/companies using CentOS never had the budgets for RedHat anyway and the companies using RedHat often need certification and support contracts (due to regulations). So CentOS never was seen as a competition I would argue.

However, once Oracle started "repackaging" RedHat, and making indents RedHat acted quickly and essentially made using their patches much more difficult (https://www.zdnet.com/article/red-hat-turns-on-oracle-and-ot...).


I agree with the other comments here saying that this is not a gap in open-source licensing. If Elastic wanted to force Amazon to contribute modifications back, they could have switched to the AGPL to do that. But they didn't — because, as the AWS blog points out, AWS was already contributing their changes back.

The problem wasn't that the spirit of open-source was violated. The problem was that AWS is better at acquiring customers for their competing hosting service. So Elastic switched the license to the non-open-source SSPL, which makes offering a hosting service essentially impossible (to satisfy the terms, Amazon would need to open-source effectively all of AWS).

This license switch is more antithetical to the spirit of open source — that is, user freedom — than what AWS was doing, which was offering a hosted version of open-source software that competed with Elastic's hosting business.

Ultimately I think selling hosting of a single piece of open-source software as a funding model for developing a single piece of open-source software (e.g. Mongo, Elastic) has proven to not be a very sustainable funding model; at least, not if you're hoping for VC-backed company sized returns. And... I can see why that doesn't feel great. At one point, hosting was believed to be the silver bullet model as compared to consulting. But ultimately I think it's just not worked out: hosting as a model makes sense for proprietary software, but for OSS, either:

* You pay developers to build the software and also pay more developers to build the hosting stack — but then your competition only pays for the latter and can beat you on price, or

* You only pay to build the hosting stack, but then — what's the point? You haven't solved funding the software development.


>The problem was that AWS is better at acquiring customers for their competing hosting service.

I would actually take this a step further and say the problem was that Elastic apparently never had no plan for how to deal with Amazon. If hosting is ever on the table, this has to be part of the plan from the beginning. For every customer that says "your hosted solution won't work for us, we're thinking about deploying on AWS" they have to be able to translate that into profit. This seems like a lose-lose for Elastic as they have effectively ceded all that away to this fork. The use of SSPL also seems like nonsense here that won't result in them seeing a dime from Amazon.


Seems sad to be them but this has always been the case with open source. There has been countless successful businesses established that run with on source software (think Linux, glibc, etc) and almost none of them payed back open source developers or contributed anything.

To say that developers/authors of open-source believe that if their projects get picked up by some big company they would also be payed seems silly and childish. This has never been the case, why would they even believe that? It was rare when a company payed open source devs for their work (and it made the news, like when RedHat gifted Torvalds a lot of stock before going public and it's not like Torvalds was the only kernel dev at that time).


Maybe the main driver is that self-hosting of Elastic seems to be a very frustrating experience since it easily consumes a lot of memory and the default install seems quite insecure. Still AWS of course has automated all this. I guess completely free projects that are also controlled openly like Postgres don't have these problems and some of core developers seem to do lucrative consulting work. (So individuals are much better off I guess, and there is not the pressure to be like a Startup)


Maybe there is a middle ground for companies to use SSPL/BSL with a "profit sharing" clause or similar. It's still not "open source" in the traditional sense. But it could be a "win/win" scenario?


I think this is the key.

My main problem with the pro-Elastic arguments it that the crux of the argument is:

1. Elastic drives the vast majority of development for ES 2. Elastic needs revenue in order to keep paying devs to work on ES 3. AWS is competing too well with Elastic's hosted ES

And there is an underlying implication that if Elastic fails, ES development will stall almost completely and a great software project will die. But like... isn't that the point of OSS? If a software project lives and dies with a single company, what exactly is the point of it being OSS?


>AWS is competing too well with Elastic's hosted ES

AWS is too big to really be competing fairly. They have vendor lockin on customers, an enormous war chest they can (and have) used for predatory pricing and they control, like, 1/2 the hosting market.

With all that they can almost murder elastic search in their sleep without providing a better service.

That will not just be bad for ES it will be bad for everyone who isn't Bezos.


> >AWS is competing too well with Elastic's hosted ES

> AWS is too big to really be competing fairly. They have vendor lockin on customers, an enormous war chest they can (and have) used for predatory pricing and they control, like, 1/2 the hosting market.

> With all that they can almost murder elastic search in their sleep without providing a better service.

> That will not just be bad for ES it will be bad for everyone who isn't Bezos.

There's a lot of businesses with a lot of budget who want to use ES and don't want to go near AWS. Let's not pretend there's not an enormous opportunity out there for a good hosted ES platform not on AWS.


I think the "war chest" argument here is that AWS can out compete any other hosting solution by "slowly burning" their way to the top. AWS is a conglomerate and can afford to lose money on a single service. Companies like ES cannot without going under. It is monopolistic behavior and that is harmful.


It's really not a monopoly though? There are quite a few cloud providers.

AWS has lots of services. Customers like it when all of their cloud is managed under one roof (apparently).

AWS is definitely competing fairly, it's just... people like their offering better.


Plenty of businesses compete with AWS just fine. Looking at Elastic Co's financials, they also appear to be competing just fine.

If they tell you they're not, what they're actually saying is that they've chosen a poor business model.

In this case, it looks like they've got a perfectly reasonable business, but they're upset it's not even bigger, and therefore they'd like a monopoly over ES hosting.

> It is monopolistic behavior and that is harmful.

The irony is strong here.


I think a good example company to answer this question would be: What happened to RethinkDB? They shuttered. How has development changed for that project? Is it still alive and healthy?

That would be a single data point to start with, at least.


What makes you think this is a "gap in Open Source licensing"? Is it not more easily explained as Elastic's business plan having a gaping hole instead? Don't put the cart before the horse.

They built on top of a license that gave the user a set of freedoms they don't want the user to have. End of story. Now they've patched this hole, but they want to keep the goodwill that comes from Open Source licensing instead of owning up to their decision and decide to blame AWS as a scapegoat, all the while acting as if their license does not violate one of the core values on Open Source Definition where you cannot set restrictions on specific fields of endeavor (in this case, the same field the product belongs to).

Now that's not okay.


> Plan having a gaping hole instead?

A hole which didn't exist in this way 10 years ago. But well you could have seen it coming tbh.

> all the while acting as if their license does not violate one of the core values on Open Source Definition

So you are saying if you do open source you must be fine with being exploited?

If so then why do GPL and similar exist, which are normally considered as Open Source?

It's just that the landscape changed and with this the problems around it changed.

While in the past bundling it into non free programs (+some committed aspects) was seen as a problem and as such GPL was created today the problem are similar but instead of distributing that bundles they are provided as managed services.

In this context the Server Side Public License is as much in line with the core values of Open Source as GPL is.

It's just that Amazon cares to some degree more about free software being free as in not costing them then they care about it being freely inspectable and modifiable. But cost free-ness was never a core value of Open Source, just a side effect.


The hole did exist ten years ago, though. The AGPL was released in 2007, three years before Elasticsearch was created, to fix this exact problem.

…except Elastic doesn't want to use the AGPL because anyone using Elasticsearch would have to open-source their whole codebase — a non-starter for most companies. Elastic wants to have their cake and eat it too. They want the wide adoption of open source software, while also preventing people from competing with them. That's not how open source works.


Slightly off topic but...

> …except Elastic doesn't want to use the AGPL because anyone using Elasticsearch would have to open-source their whole codebase — a non-starter for most companies.

They wouldn't have to. This is a common misconception about AGPL.


Is the AGPL not a copyleft license? What are the derivative works you're required to distribute as AGPL?


AGPL is meant to address the situation where someone takes GPL code, such as a database server, runs it on their systems (possibly with proprietary modifications), and provides network access to it to users, and does not provide those users with the source code. That is perfectly acceptable under GPL, GPL doesn't trigger if you aren't distributing the program.

What AGPL changed is that they made it trigger on distribution (like GPL) and on interactive access of modified versions over a network.

If Amazon's plan had been to make money by hosting a proprietary fork of the server, which would give them some sort of advantage over other clouds like Azure or Google that only have the non-proprietary version, AGPL would thwart them.

But that doesn't seem to be the case. They don't appear to trying to make it proprietary. They seem happy to run the same code that everyone else does. They are making money from it by selling management and support services for it.

AGPL doesn't impede doing that at all.


If you're using a database that's not tightly integrated into your project and distributed with it, I don't believe you'd have to open your project. The API is the boundary:

- your project running on Linux kernel doesn't become GPL

- your project talking to MySQL doesn't become GPL and one talking to mongodb pre-2018 doesn't become AGPL

- your project talking to elasticsearch wouldn't become AGPL

(However AWS search offering... could?)


If you modified the software and then sold a hosted solution using the modified software you would need to release the source code for your modifications. Or if you built a plugin that was directly linked to the software you might have to release the source for that plugin. But if you had other software that made network calls to the software I'm pretty sure you wouldn't have to open source that as well.


This FUD about the AGPL drives its unpopularity more than any reality.


Amazon is in compliance with the terms of the AGPL already for their managed ES. Switching ES to from Apache to AGPL would only affect other users of ES, not Amazon.


> Elastic wants to have their cake and eat it too.

That doesn't follow from your preceding statement. Elastic doesn't want to constrain all users of their software by using AGPL; and instead they adopted a license which imposes restrictions only on cloud providers. That's better compared to AGPL for general consumers, if you ask me.


The "have their cake" is enjoying widescale adoption of a liberal open source license. The "eat it too" is thereafter making that license restrictive to shut down competition.


Not if I am a cloud provider.


Jason from Elastic here.

I want to clarify this. Building a SaaS product with Elasticsearch or Kibana on the backend is okay and not prohibited, as long the service is not “managed” Elasticsearch nor Kibana. For example, a music service that uses Elasticsearch on the backend to provide music catalog search is okay. A service that offers site search powered by Elasticsearch is okay. A log search service powered by Elasticsearch is okay (again, provided it doesn’t expose Elasticsearch functionality). We welcome applications built with Elasticsearch or Kibana in the backend, even those that would be seen as competitors, as long as they are not managed Elasticsearch nor Kibana services. The Elastic License allows this, and you can do it for free. See this [item][0] in our FAQ. If you have any doubt, reach out to elastic_license@elastic.co and we would be happy to clarify.

Disclaimer: I am on the Elasticsearch team and work for Elastic; I welcome any and all feedback.

[0]: https://www.elastic.co/pricing/faq/licensing#i-build-a-saas-...


What exactly does `provided it doesn’t expose Elasticsearch functionality` mean? Is exposing KQL via a search field in violation or not? Is exposing the Lucene query language okay or not? Is selling an on-prem monitoring solution that uses ES/Kibana as datastore and visualization interface ok? Is accepting payment from a client to run and maintain that solution in the clients datacenter okay? Is running that solution in a clients private cloud okay?

Can I get that in writing from someone with the power to make binding legal statements?

The problem is never in the clear cases, it’s in the edges. Now, all of a sudden, when thinking about features a legal dimension enters the picture, something that hasn’t been there before.


I agree and find that caveat baffling. "The ability to search a store of information for user-supplied input" is fairly clearly elasticsearch functionality, but it seems that is allowed? They have to be more specific on what this means.


IANAL and I am pretty sure they will need to be involved in a serious way to iron all this out. I have my understanding of the intent, which I would not invest money in at this point trying to prove, and that's as much as I can offer. It seems that you can have users search your data in your Elastic+Kibana instance. What they're precluding is you offering an Elastic instance for your customers to load their data into and then search or offer for search to their users.


I understand the intent, but elastic has proven to create legal confusion despite being warned against it and then sue over it in the past when they mixed the APL source and the x-pack source under two different licenses in the same repo and then sued floragunn over copyright violations. They might be technically correct on that lawsuit, but IMHO they knowingly created that situation.


If they are intentionally causing confusion it seems their right to recover would be seriously limited by their failure to mitigate damages.


I’d not say “intentionally” as I don’t think that this was the motivation behind the change. I’d consider it “knowingly” - they were or at least should have been aware that the change was going to create confusion about the license that individual code parts and changes were under. It was pointed out at that time.


Why didn't Elastic release some SSPL v1.1 or SSPl v2.0 with this kind of clarification? SSPL v1.0 is considered by many kind of vague in terms of p. 13 "Offering the Program as a Service".


> A log search service powered by Elasticsearch is okay (again, provided it doesn’t expose Elasticsearch functionality).

You speak as if Elastic has any say in how people use OSS. Why would anyone use the newly hampered version of ES when they can use and contribute to Amazon's truly open fork? Aside from the bad taste left in everyone's mouth from the whole "Doubling down on open" nonsense, all that reasonable people are going to see now when looking at Elastic's software (ES 7.11+) is unnecessary risk and legal ambiguity.

The disingenous market speak on Elastic's blog post was so thinly veiled that it quickly became insulting. It was gross to watch such a shameful justification form on why everyone should be okay that Elastic will continue using the marketing terms "free" and "open". By forcing a well funded fork by Amazon, Elastic may have just relegated themselves into obsolescence.


This might very well have been your intention, but the license you chose (SSPL) is extremely vague in describing this (section 13, IIRC).

For one data point, my company attorneys interpreted that, even if we present a search box in a web page, allowing visitors to search our own indexed data, it could be understood that we "offer a service" -- and thus forced us to abandon Elasticsearch and figure out alternatives. We might be unique, but I doubt it.


GPL would not solve the problem Elastic has - it's perfectly legal (and in the spirit of the definition!) to take GPL software, host it yourself, sell the hosted service, and not pay the creator a cent.

It's also perfectly legal to run GPL software on a Windows machine without open-sourcing Windows.


> A hole which didn't exist in this way 10 years ago.

Wordpress hosting was huge ten years ago.


`So you are saying if you do open source you must be fine with being exploited?`

And how is a company using open source software exploitative? I mean, isn't that the point of releasing open source software, that companies use it? And aren't companies in the business of making money, so at some level, they are profiting from your work?

Actually the opposite of open sourcing a system like this would be a massive fragmentation of the market with multiple competing proprietary systems emerging and total headaches for users with obsolescence a part of their daily lives. That is the grim alternative, not companies profiting from selling services based on open source software


If you actually do Open Source, you wouldn't feel exploited. You would feel happy that the terms you specified were honored.


I have been involved with open source since 2000. I have been a member of the ASF for many of those years and worked with Apache licensed projects throughout. I have been in the position Elastic is in where I managed the employer-sponsored team working on an employer-sponsored Apache licensed project, though thankfully not against a behemoth like AWS.

I have some sympathy for Elastic, but I just do not agree that AWS is doing anything wrong or against the spirit of open source. When they run into things that need to be fixed or improved in the projects they upstream them. The majority of work AWS does is in "operationalizing" the project for their cloud. It might be cool and interesting if they let us see how they do this but it is not like that work directly translates back to the open source project. Anyone that has worked with Google open-source stuff has run into the same issues where there is some behind the scenes magic that Google has internally that the projects can leverage to make them scale better etc.

It is Elastic's right to change the license if they so choose. If they own trademarks that they believe are violated it is up to them to take those challenges to a court and seek damages. Elastic is trying to have it all ways though. They want you to believe the new license is open source .. sort of true but not really. They want you to believe AWS has done something wrong. This I do not buy at all. What is special about Elasticsearch? The entire Internet and the Cloud is running on all kinds of open source software up and down the stack. It is in the interests of the behemoths that run these stacks to upstream fixes and improvements and generally they do. That does not mean they have to contribute the proprietary wrappers they have put in place around them as part of building their business model.

AWS needs to be focused on its customers, not companies like Elastic and Mongo. If its customers would prefer to operate an Elasticsearch service provided by AWS as opposed to Elastic, then that is a problem for Elastic to resolve.


> If its customers would prefer to operate an Elasticsearch service provided by AWS as opposed to Elastic, then that is a problem for Elastic to resolve.

How would you try to resolve that, if you were them?


Some ideas:

* Since their license is Apache (most likely because they have an Open Core business model) instead of AGPL, they could offer extra services on Elastic's managed service. Amazon wouldn't able to offer since these parts are proprietary.

* They could partner up with other Cloud Providers (Microsoft, Google, ...) to offer a managed Elastic on these clouds, before these cloud providers do it themselves.

* They could offer other proprietary products that run on top of elastic (managed by them), that would force customers to use their managed service.


They actually do all of these already. Most of their development and marketing for the last couple years has been pushing their add-ons (things like machine learning, threat detection, application tracing), that are only available on their cloud or on-prem with a paid subscription.

Cloud partnerships: https://www.elastic.co/partners/microsoft-azure https://www.elastic.co/partners/google-cloud

So that's what's really puzzling to me, what's really driving this change? Is their considerable revenue from all of that still not enough to justify their valuation and growth? Or is it really just a personal vendetta against AWS?


Here's one way to look at it:

AWS has a lot of closed source components behind the scene that makes Elasticsearch scale and run reliably in their cloud environment.

Elastic can develop similar closed source components to make things scale – in non-aws environments – in private clouds – in on-prem deployments.

Why does this matter?

There are a lot of those customers – banks etc – who will stay on-prem and medium size cloud customer for whom public cloud is more expensive than private cloud. These are the ideal customers for Elastic.

Among them, there will also be some who will do hybrid – onprem + AWS. Elastic can price their product to compete with AWS's and use their service in both on-prem and in aws seamlessly.


It might be too late, I am not sure really. If the customer wants the service provided by AWS then it is hard to change that. That said, the AWS Elasticsearch service is not that great and it is expensive so there is room to do it better and maybe just offer better support and plugins etc.

I realize that the cloud took off after Elasticsearch existed, so it is hard to fault Elastic for not having a crystal ball, but the time to get the business model right was at the beginning.

When my company chose an Apache License for the product we sponsored it was because we knew we could not do it all ourselves and so we wanted to build and foster a community. So while that means competitors could and did emerge that could take the product and do a better job monetizing, that was the only way for us to get the product we needed. The community was important.

Elasticsearch would be an also-ran without the Apache License and the community around it. Changing the license now because AWS is able to monetize just stinks, IMO.


Given that Amazon's customers are inside Amazon's proprietary AWS environment, I think it's unreasonable to expect that an outside company can meaningfully compete inside that environment. In terms of customer preference, AWS customers will _always_ prefer a product offered by Amazon to a similar offering from an outside company. Amazon will always be less expensive and better integrated with other AWS services.


Amazon customer here. We use Elastic's offering because it has a fairly good management layer. That said, there's a lot of room for either player to improve things. One example is user/access management. Kibana tries to be all things to all people and ends up doing very few of them well. If I never had to log into Kibana again it would be a good day.


That sounds fair to me.

Perhaps the issue is that Elastic is getting so little from the Amazon product that they resent, essentially, adding features to the Amazon product for little or no return. Elastic noted that, in their experience, some unspecified number of Amazon customers believed the Amazon product was somehow associated with Elastic. Elastic implied this was a result of Amazon's use of their trademark but all of this is hard to verify or quantify.

RedisLabs fought a similar battle with Amazon, they also ended up making changes to their license. I really do think the issue here is the scale of AWS and the very large pool of customers tied to Amazon's offering: there are so many existing and potential customer using AWS that companies like Elastic or RedisLabs feel they can't write those potential customers off. It seems to me that if Amazon was interested in the well being of those customers, they would figure out a way to continue to receive improvements from these projects instead of forking their own versions.


> The permissiveness of open source was one thought to be "we can all succeed together" and what people get upset about is the fact that this obviously violates that spirit.

I don't actually agree AWS violates the spirit of the license. The spirit of the Apache license is explicitly - "I don't care if you succeed with my code wildly beyond what i achieve, more power to you, just credit me in the byline". I license my own code in Apache usually because that's precisely my position.

There are other licenses implying a different spirit if you want to take a different position - but complaining about AWS because they chose Apache is not a great look. They're certain to lose community developers.


I don't really want to get into the moral rabbit-hole of who's right and wrong as that's clearly super controversial and subjective.

But I did want to add my personal anecdote to serve as a canary-in-the-mine on what effect the status quo could perceivably have on the proliferation of open source software over the long term:

I think we can all agree on the basic premise that having more open source software is a good thing for society.

For the longest time I dreamed of creating my own open source tools and products and simultaneously monetizing it to create a comfortable life for myself and maybe even eventually turning it into something bigger, and leave my mark on the world.

However, as the years past and events like ElasticSearch v Amazon unfolded, I became more and more disillusioned on the realistic prospects of such an outcome.

Today, I'm in the process of building something that would probably see more success in terms of adoption and do more good in the world if it's released as open source software, but at this point I've basically made up my mind to release it as proprietary software to have a realistic shot of monetizing it to achieve financial independence and eventually build a company around it.

Basically I've weighed the tradeoffs and chose to put my own ability to capture the value of what I created over trying to maximize the value my software could create if open sourced.

This was not a easy decision for me to make, but I suspect I'm not alone in having thought about these tradeoffs and reaching these same conclusions. And as more and more people witness the struggles of companies trying to build viable businesses on top of open source software, more and more people could make the same decision, and thus society would be robbed of all the value that having these pieces of software as open source could have created.

I think the chilling effect these kinds of case studies have on the proliferation of new open source software, and the loss incurred by society as a whole as a result, is at the core of what we should be trying to figure out a solution for, not some philosophical discussion around who's in the right or wrong.

(reposting from a comment in a previous submission that got buried)


It's frustrating to me, watching this culture we've built where developers feel they need to be ashamed of making money from their work. There is absolutely no reason for you to feel the need to justify building a business off of your software product, but I can completely understand why you do.

Our "group" spends so much time and effort indoctrinating its members on this idea that profiting from your skills is a bad thing, and that the only true way to be a developer is to give your work away for free as Open Source. Even silly things like negotiating for a market rate salary from your employer are frowned upon as caring only for money.

But that's all backwards. There are good reasons to release your work product as Open Source, and those all share the quality that they give you or your business some tangible benefit. So it's simple: do the benefits of open sourcing your thing outweigh the downside? If yes, go for it. If no, don't. But don't spend even a second worrying about whether it's the "right" thing to do for silly moral reasons.

If there was one thing I could change about our industry, it would be to remove the 5 year Open Source Indoctrination brainwashing session you need to go through at University before entering it. Because we'd spend a lot less time being taken advantage of later in life.


The OP is isn't ashamed but more frustrated because he wanted to do good for the world and is disappointed by the fact that he may not be able to now because gree corporations like Amazon will take all the hard earned work of contributors and profit from it, thus breaking the spirit of open source. At least that's how I interpreted his comment..


Yeah, I think the fundamental problem we're seeing here is how difficult it is for creators of open source projects to effectively capture the value they create in the world, especially at the higher end of the scale of _extremely_ popular projects that gain widespread adoption and create a mind-blowing amount of value, like Elasticsearch.

I would argue that by releasing a project as open source, we create more value in society than by releasing as proprietary.

An ideal society imo should distribute rewards relative value created in order to incentivize and maximize value creation.

Our society does a pretty good job of rewarding and incentivizing value creation for proprietary projects, but seems to do a horrible job of incentivizing value creation through open source projects.

I think it's in society's best interest for open source creators to be rewarded every bit as handsomely for creating value in the world as creators of proprietary projects, if not more, so we can incentivize the creation of more open source projects.


> I would argue that by releasing a project as open source, we create more value in society than by releasing as proprietary.

> An ideal society imo should distribute rewards relative value created in order to incentivize and maximize value creation.

Isn't that exactly the point of capitalism and the reason why proprietorship is possible?


How is it contrary to the spirit of open source if greedy corporations like Amazon use their market forces to spread your work to a bigger audience?

That is exactly in the spirit of open source, which is what I believe the parent poster is saying.


Have you considered BSL [0]? The fresh versions are source-available, but older versions convert to open source (GPL, Apache or something) after a few years.

You can still build a business on your software -- as long as you keep developing, no competitor will be able to use up to date version. And people who want to rely on open source can do so, knowing that the software will get open-sourced eventually, no matter what the company decides.

[0] https://mariadb.com/bsl-faq-adopting/


It’s not a chilling effect. It’s how value is exchanged in a free market.

Open source makes sense when many companies benefit economically from sharing resources to develop common software/tooling.

Open sourcing code from inception can lead to adoption and create profits.

At some point that code may be more valuable to another company in some way and they profit from it.

I don’t see Linus Torvalds complaining about companies that profit from Linux but then again Elastic Search has shareholders to answer to and their trademark has been violated.


They're literally describing the chilling effect. It shows a lack of imagination if you think this "free market" is the only way to create valuable software.

PS. In a truly free market, there would be no enforcement of license violations except that which companies could muster themselves, i.e. Elastic would be able to hire mercenaries to loot and pillage AWS' data centres


It's an interesting anecdote.

I think a possible solution to that problem could be a universal basic income, itself funded on the likes of Amazon.

If you had the assurance that you'd always have something to live with, wouldn't you be more open to take the risk of going open-source and see if you can run a business of that ?


From https://www.elastic.co/about/press/elastic-n-v-reports-stron...

> First Quarter Fiscal 2020 Financial Highlights

> Total revenue was $89.7 million, an increase of 58% year-over-year, or 62% on a constant currency basis.


I don't know. I've worked for a couple of companies who open source their software and they don't open source because they believe it's good for the world (they may or may not, but it isn't the driving motivation), they open source because it's a near requirement for building a profitable business. It's easier for a no-name company to convince enterprise clients to use your software when the code is open source - it's often a non-starter if your code is closed-source. It's easier to get developers and keep them happy. It's easier to get community contributions. It's easier to get your name out there (you lose a LOT if you have a software product without a GitHub).

As long as open-source is a near requirement for getting traction, I don't think there is much to worry about.


I think you’re right that OSS is a customer requirement in many domains today. But I think the consequence isn’t that companies will open source despite the AWS threat — it’s that tremendously valuable software will never be built in the first place.


I like FOSS and even just OSS and I have good arguments, largely borrowed from others, for why it's good and why we should often use it. It's not a panacea, though. I'm about to write some things that RMS would not endorse.

If the code is your original, differentiating product, go ahead and make it proprietary if it helps you. If there's some code that supports your product, that helps make your product possible, or that complements your product but doesn't really differentiate your work or create a bespoke advantage for your users, then seriously consider making that Open Source or Free Software.

For example, let's say you have a new, great music recommendation technique and that's why people would choose your music player or music web site or whatever. You could build that with an OS DB on the backend, on an OS operating system, using an Open Source language and Open Source libraries and still close the source for your recommendation engine. However, you could still offer a F/OSS client to an API for that for various languages. You could contribute to the projects underlying yours. You might write a whole new configurable data wrangling system that's not specific to your recommendation code but is really useful to populating your database, and you could release that as F/OSS for the community to use. You might make your own front-end toolkit for the browser, or your own websockets code on the backend, that can be used by any application. You'd be able to contribute that to the community as F/OSS without undercutting your main differentiator, too. I kind of think of this model akin to open core, but in this case it's a "Closed Core" with open everything else. Improve everything that's in common with others in a common space, and differentiate your offering in your own different, compartmentalized space. Just make sure the bindings between the parts are at the appropriate level so the licenses don't clash.

Does this mean some competitor could come along, tie all of your F/OSS together, and plug in a different core? Absolutely. If that core's not your true differentiator, though, your plans have probably already gone awry. Making it easy to plug other code in the place of your proprietary code surrounded by an open platform is almost as good for the community as making the whole thing open source, and lets you compete on what you've decided is going to be your competitive advantage.


don't you think the elastic founders achieved financial independence from elastic? think again?!


Staunch free software proponent here.

Clearly, as you say, there's nothing wrong here legally. By choosing this license, Elastic explicitly allowed anyone in the world to do what Amazon is doing now.

Ethically, I can't find anything wrong about this either. As far as I'm concerned, there isn't a "spirit of open source". Open source is a way of doing business. Elastic made a business decision. The company has to live with the consequences.

One could certainly argue far too much power is getting concentrated with Amazon and other web giants, but that's an entirely different subject...


I think it does say something about the future of the open source model though.

Namely, that if you have a company that offers something like a database as a service, search as a service or some other API, and plan to support it's development by offering your own managed service - DO NOT OPEN SOURCE IT WITH PERMISSIVE LICENCES, AMAZON WILL UNDERCUT YOU. AND THEY WILL ALWAYS DO IT CHEAPER BECAUSE THEY DONT HAVE TO FUND FURTHER DEVELOPMENT.

Take an example what Amazon did with Mongo - First they launch a closed-source competitor (totally fine) but then they also take Mongo's source and rebadge it as their own fully-managed DocumentDB (Mongo 1.6 but with closed source additions). It's having your cake and eating it too. There's nothing legally wrong with this, but I do think this is market abuse (because they can only do this because of AWS market penetration) just to make the worlds richest man richer.


'AND THEY WILL ALWAYS DO IT CHEAPER BECAUSE THEY DONT HAVE TO FUND FURTHER DEVELOPMENT.' Well, they DID actually contribute patches as the whole ES project was 'upstream-first', this is mentioned in the post with proofs.

From what I can find online, it looks like DocumentDB is actually a layer on top of the AWS Aurora PostgreSQL offering. This means they created a MongoDB compatible API, but are not offering a hosted mongodb cluster. (https://news.ycombinator.com/item?id=18870397)


Without wanting to come down on either side of the argument I'd like to say that the Pull Requests they reference in the blog post are over a span of roughly two years and touched somewhere in the vicinity of 1k lines of code. One of them changed one line by adding a synchronized modifier to a function..

I'd not consider that actively developing a product and adding new features.


> Well, they DID actually contribute patches as the whole ES project was 'upstream-first', this is mentioned in the post with proofs.

Elasticsearch has 35000 pull requests merged. Amazon did 9 of those giving them a contributor ratio of 0.026%.

Amazon's contributions to Elasticsearch and Kibana are purely symbolic. This makes their claim as new stewards of the projects even more laughable.


Even if MongoDB was closed-source, it would not stop anyone from creating a product that was compatible with the MongoDB API. Put another way, your API cannot be your USP.

Lots of companies offer S3-compatible APIs, for instance. They compete not on the API, but around reliability, price, features.

Of course, we have Oracle v Google coming up in the US Supreme Court, so things could change, but this is the way things are now.


Part of the reason elasticsearch is popular is because they choose a very permissive license. That was the tradeoff they accepted for getting such high market share.


> By choosing this license, Elastic explicitly allowed anyone in the world to do what Amazon is doing now. > Elastic made a business decision. The company has to live with the consequences.

Everybody should be allowed to change its mind when presented with new data or circumstances.


> AWS knows that if they take too much of ES' market that they won't survive. If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported.

Or Amazon (or a third party) may take over maintenance of ES if it's worth it to them. That's the whole point of open source.

> You can frame this question in terms of ethics, you can frame it in terms of licensing naivety, you can frame it in whatever way you want but Amazon is doing what it always has done: exploiting smaller businesses in its goal to become a conglomerate.

There's no exploitation here. ES are grownups and responsible for their own business decisions. Amazon is outcompeting them by providing a better service to their clients.

> Edit: a lot of people talking about the license forget that there's an entire spirit to open source. The permissiveness of open source was one thought to be "we can all succeed together" and what people get upset about is the fact that this obviously violates that spirit. The businesses set up to back companies like Elastic Search were setup to sustain the project while continuing to empower it's creators to take their vision further. If Amazon takes the pie, that doesn't happen. At best, the creators are now Amazon employees and have to follow their desires. Just because you can exploit a license, doesn't mean you should.

The whole point of "open source" as distinct from "free software" was to get away from all the ideological baggage and focus on pragmatic licensing that would appeal to businesses. Guess what: it worked.


> Amazon is outcompeting them by providing a better service to their clients.

I wouldn't necessarily say AWS' ability to use ES as a loss-leader for their Data Transfer charges is better for AWS's clients in the long-run. I can certainly see the argument for calling it exploitation.


For me, exploitation has always required the exploited party not having a choice. Customers of AWS ES vs. Elastic ES definitely have a choice in this matter and have done so deliberately.


But do they really, in all cases?

Due to the market share of AWS for many potential customers it will come down to a decision between

a) click here in the aws marketplace and have my service added to the invoice my company gets every month anyway

b) start the painful process of onboarding a new vendor, get a quote, have procurement haggle with them for months etc etc etc. (overstating it a bit, I know)

And that is where to me it becomes a question of using/abusing your position in the market to a certain extent..


Oh I'm sorry, I'm referring to AWS exploiting the free software, not their customers, but I can see how I was not clear.

The rest of the 500+ comments here do a good job arguing both sides of it so I won't rehash that. Just saying that I can see that AWS taking the free thing and using it as a loss-leader (i.e. no possible way Elastic can compete) could be construed as exploitation of the free thing.


First-off, it's not clear to me ES is a loss-leader for Amazon, they seem to charge for it commensurate with their other hosted services, which from their filings all seem profitable.

Even if it is though, I'm just not sure I find the idea of free software being a loss-leader a bad thing. Having a loss-leader implies that AWS is providing + capturing value elsewhere. In this case, you assert this is from Data Transfer. But regardless of where the cost-centers are, AWS is delivering value to their customers and charging for it. There is competition in the cloud space, and in all honesty moving clouds generally isn't a huge deal, at least if you've architected your systems with that in mind (which any SysAdmin worth their salt should be doing in 2021).

The fact is, customers like having all their cloud managed under one roof. Customers like the exceedingly strong uptime guarantees provided by AWS. If customers have choice (which they do), and they're choosing AWS, why is it a bad thing if Elastic can't compete? If AWS is winning, it's because they have a holistic offering that customers like better.


To be clear, Amazon is taking over maintenance of ES and Kibana. That’s explicitly what’s happening.


Disappointing to see Kodah discounting all the open source contributors to ES. Please read this before you support folks like Kodah and Elastic hijacking ES.

In short - this feeling that Elastic owns Elasticsearch (other than maybe trademark) is totally false. Many people contributed and adopted BASED on a real open source license.

https://drewdevault.com/2021/01/19/Elasticsearch-does-not-be...


Interesting take, and I can see why Drew feels it's valid. He's ascribing to the maximalist interpretation of open source licensing. Licensing which never had any idea that Open Source would one day take over the world, licensing which never could've imagined that cloud providers would begin to undermine and influence projects to their own ends.

The problem that Drew is willfully ignoring here is that corporations see an opportunity in open source licensing to hijack projects, which I would remind you is exactly what is happening with Kibana. The control shifts away from the thousands of contributors and gets a board of engineers employed by corporations. Once these projects land in corporate control there's no denying that their culture and terms change. The CLA's he wrote about will surely be enforced, and if everyone ascribes to his belief system then the project will delve into chaos.

Corporations like ElasticSearch were setup to sustain the project that is ElasticSearch. If you destroy them, then you will get Amazon's vision of ElasticSearch, not what the contributors chose, certainly not what the creators chose. When forks happen, they happen. There is a big difference between some random or influential person forking Elastic Search and a conglomerate, who is really only forking it because they intend to undermine the business that was setup to sustain the project in the first place. Want to see a fork I was completely fine with? Look at Gogs versus Gitea.

The fact that they cleared a billion dollars is so arbitrary. At what threshold should anyone with principals and a backbone stop caring? At what point should someone like me not care if a conglomerate comes along to replicate and wipe out SourceHut? This has nothing to do with ElasticSearch and has everything to do with corporations flexing power, power which has repeatedly been used to influence and undermine projects in the open landscape that doesn't make it quite so open anymore.


What? It was always known.

Why do you think UNIX companies agreed on MIT license for the basic X Windows infrastructure, but then Motif was commercial on top?

Or how UNIX clones and Windows have used parts of BSD.

40 years now, more than known.


Indeed, BSD projects have always provided corporations with free labor.

The BSD operating systems themselves have been largely spared from hostile forks because they are too large and no corporation wants to maintain a fork, macOS being the obvious counterexample. But even macOS cannot eclipse FreeBSD.

Smaller projects should be wary. The should start with AGPL and resist efforts coming from corporations or other open source projects to strongarm them into downgrading the license to BSD or MIT.

Especially when such other projects have convoluted licenses themselves that are only declared open source by fiat due to their historical importance at some point.


There another obvious counterexample, PS 4 OS, not sure if PS 5 still uses it.


"At what threshold should anyone with principals and a backbone stop caring?"

Good lord - the views on HN are wild. I'm aging myself, but open source licensing (used) to not be that complicated.

The principles of open source are being violated by Elastic not AWS - just so we are clear. That is not so complicated.

If Elastic wants to make it so contributors to the software have FEWER rights than Elastic, that is fine, but that is not open source.

The principles of open source are normally that if I contribute to something that is open source licensed, that I can then use the code in the same way as anyone else. That includes hosting it for myself, doing a small consulting practice to build out some hosting for others, doing shared service hosting etc etc.


The licensing still isn't that complicated.

This is a live view of a new generation learning about the difficulties of market competition.

We're seeing this pattern in several contexts in the industry: Rather than compete, which requires listening and responding to customers (talking to people is hard), they prefer a magic wand (a new license, or regulation or something perceived to be "easy") to force large successful companies (which they see as immutable fixtures that can never be defeated) to break up or neutered so that smaller entrants can succeed.

"Be careful what you wish for". Smaller entrants aren't necessarily more ethical nor do they offer a better service than large incumbents. It really varies.


Elastic is a public company worth 15B dollars now. Not the underdog.

> at what threshold should someone ... stop caring

You’re not caring about OSS, but about keeping your turf and “ownership” of a product that is not yours. There really is no question here that Elastic is the one doing the “corporation” move and not the other way around.

> to undermine the business that was setup to sustain it

Successful OSS don’t need one business to sustain them, they rely on the combined efforts of their users - including Amazon. They have no reason to undermine a project that makes them money.


They're an underdog when compared to Amazon…


If you’re simply thinking of size, consider Amazon is a 500x more diversified business. I doubt they pull anywhere near as much revenue as Elastic does (half a billion/year) from their Elasticsearch hosting alone. Apples and oranges.


I was thinking in terms of AWS, which while more diversified has lock-in, and someone who's already using AWS is probably never going to use ES own cloud hosting


Elastic products run on AWS


Hosting open source software has been a popular business model since day one.

My organization uses open source precisely because we can choose between competing providers.


Exactly - I once used a more full stack provider, and we checked to make sure their stack was open source for key areas we spent time on, so if we wanted to switch to another HOSTED provider, all our config files, etc etc would still work - but the other providers also HOSTED this software - that wasn't considered a violation by anyone. This was before the days of the mega providers like AWS - where now I think you just have to accept lock-in - but AWS has never raised rates so it's not as scary as doing an oracle lock-in as an example.


From where i am sitting, it looks like a bait and switch: use the permissive open source license to get popular, once you are popular, switch to closed source license.

Which is not to say what they are doing is wrong, they are just as much within their rights as amazon is.

> The permissiveness of open source was one thought to be "we can all succeed together"

I think that's BS if you are talking about bsd-style licenses. Maybe i could see an argument about spirit violations if it was a GPL-family license, but the entire point of bsd style licenses is so that businesses can take the code and adapt it to their business needs.


> ES and other companies have a business that sells a managed version of their product. This is how they sustain developers to continue working on Elastic Search. This model has worked for companies long before cloud providers were a thing. What AWS and others basically did is create identical services, keep all the profits, and exploit gaps in Open Source licensing to this end.

First, Elastic sells a buckload of licenses for on-premises ELK, which is a vastly bigger market than managed services. And second, how is Amazon different from "other companies" you mention? Just because they're bigger and have a ton of experience with managed services they should be forbidden from offering managed ELK?


If you believe that just because you can exploit a license doesn’t mean you should, do you believe Elastic have wronged ElasticSearch and Lucene’s contributors by not compensating them(other than those that are employees)?

I don’t understand the argument that a company should get to “own” all the profits for a particular FOSS project.


Its not exploited. There are several other license options Elastic could have used other than the one that says "Do whatever you want".

The license communicates to others how you approve the usage of your copyright work. If you aren't communicating "do whatever you want" don't pick a license that literally says "do whatever you want".


very good point on lucene contributors making money


Yeah, Elastic is a 'smaller' company than Amazon, but they still are a $15 billion company. They aren't exactly a mom and pop shop.


> Edit: a lot of people talking about the license forget that there's an entire spirit to open source.

Richard Stallman, Bruce Perens, and Eric S. Raymond, the people who invented Free Software and Open Source, all specifically said, at the very creation of the god damn licenses, that this would happen, and was perfectly fine. They specifically wrote their licenses to allow this. It's not an accident or exploitation, it's a fundamental part of what they exist to serve, which is the user's rights.

The Open Source Initiative, Debian, and Fedora, have all banned licenses like SSPI which exist solely to punish cloud service providers. If that's not the open source spirit telling you where you can stick it, I don't know what is.

You are trying to twist things here. If the people who invented the thing said this is to be expected, then it's part of the spirit.


> I don't really get how people get this twisted.

Quite condescending this attitude.

I don’t agree with you at all, and find your argument completely stupid. I don’t think there is anything twisted about it. The software was released under license terms and as long as Amazon is complying with them there isn’t a problem, it’s really is that simple.

And really this is much ado about nothing. These fork fights are sometimes interesting with bit players, but the FAANGs of the world they could just build a tool like this from the ground up if necessary.


I think, while correct, your argument is not addressing the point these commenters are making. The line of argument you are responding to seems to be based on the under-defined, and somewhat ephemeral, ‘spirit’ of open source software. The reasonings seems to be that open source software is done in some spirit of mutually and reciprocally beneficial manner. This ‘spirit’ is separate from the terms of software licenses and, it seems to be implied, that it should be seen to supersede the bare terms of a license. This reasoning is then used as the basis of ethical usage of open source software. So, when Amazon takes a piece of software and uses it not in the ‘spirit’ of open source, their compliance with licensing is irrelevant. I don’t particularly agree with this point of view, but I get the impression many people do.


If there is a "spirit" to open source, it's a lot closer to "I can take software that you released and use it however I please, while also possibly releasing my changes so that you can do the same" than "Because I wrote this open source software, I am entitled to some arbitrarily defined 'fair' level of financial rewards, despite not giving my business model much thought."

Share and share alike. That's it.


When it comes to the "spirit", the people criticizing it seem to be talking about the "spirit" of Stallman and Free Software; the term Open Source and the OSI as an institution were explicitly built on friendliness to running side by side with proprietary software and to third-party commercial use.


Stallman has no problems dual licensing software and selling proprietary licenses to companies.

His goal is freedom zero, the freedom of a user to use the software as they want.


> Stallman has no problems dual licensing software and selling proprietary licenses to companies.

RMS doesn't, but others also in the copyleft camp certainly have. E.g. https://sfconservancy.org/blog/2020/jan/06/copyleft-equality...


Nope I get it and I think it’s absolute bunk. And while I grant others are entitled to their opinion I think the implicit dismissal of my (not uncommon) opinion is condescending. As pointed out RMS doesn’t support this idea, and while he’s not some absolute moral authority I’d say it’s a strong counter argument to some absolute consensus on a “spirit” of free or open source.


Why does Elastic deserve to be deferred to here, though. They are making the license overly restrictive. Now I can’t start my own ELK stack hosting company. Meanwhile Amazon will likely benefit more users by keeping ES and Kibana open in a way that encourages their use and encourages contribution. I’m certainly not going to submit patches for Elastic’s forks now.


Re “spirit of open source”:

For people who believe in this, please study your history — look up the claims and counter claims around Emacs, specifically how it was created, commercialised, and then liberated (then forked and merged again).

“Good intenshuns” (my somewhat humorous term for “spirit”) is no way to settle even moderately complex commercial disputes — say for a text editor which in those early days of late 70s/early 80s, had very niche appeal and a small user base.

In the 21st century, with bigger markets and more money at stake, “good intenshuns” matters even less and this is why we have a bevy of F/OSS licenses to suit every need.

It’s very telling that RMS needed to create a license to support his vision of Free software. Perhaps from his experience he realised that legal code was the best way to enforce desired behaviour.


> "If you can run our product on your own, you get it for free"

Except that's not how it works with Elastic. I know at least one company (Acme Inc) that doesn't offer anything like Amazon, but does have clients who can access their "own" (client-specific) data hosted in Acme Inc's Elasticsearch cluster; it's a somewhat marginal (but still important) feature in the product, yet still, due to it, Elastic maintains that Acme Inc resells Elasticsearch and thus needs the "Enterprise" license to be in compliance.

So, Elastic are not only going for AWS and people who cannot host their own Elasticsearch, they are going a bit wider than you imply here.


> This model has worked for companies long before cloud providers were a thing.

That's not really accurate, is it?

Few if any open source companies has survived on a monopoly on hosting the product. MySQL doesn't do it at all, netiher does Red Hat, and many others. Those who do bundle it with support services for added value. They have to compete in the open market after all. They don't claim to have a monopoly.

Wordpress makes most of their money from hosting, but they don't go after AWS or any of the thousands of smaller companies all over the world that host it. Their exploding market share has been more than enough to sustain their own hosting business. And it does seem like Elastic is in a similar situation, with their hosting business still rapidly expanding.

Forget Amazon for a second. I know many people in the web hosting business and pretty much everything they host is open source software. If this is a precedent, if the opinion that hosting is morally wrong gets widespread, then that would affect a whole industry.


This comment kind of highlights how pointless this debate is.

If you go off of what the law says, how this open source license works, and the understanding that all businesses are competing to make money, what AWS did here seems pretty reasonable and perfectly legal.

If you come at it from the perspective that AWS is always evil and the little guy is always good, you’ll view this as a terrible injustice. There’s not much substance to the justifications here, seems like you had your mind made up and then half heartedly tried to backfill some sort of reasoning. Just assert that everyone else has it twisted, of course AWS always exploits, try to evoke the spirit of open source as if that’s a single, easily defined quality.


>This is how they sustain developers to continue working on Elastic Search.

FY20 Revenue of $427.6 million,Up 57% year-over-year (60% in constant currency)

?! they can't sustain developers on this?


> exploit gaps in Open Source licensing

Allowing others to fork for profit and give nothing back is entirely the point of permissive licenses.

"Permissive" means exactly that developers are permitted to give nothing back. Licenses without this permission are generally copyleft.

> The permissiveness of open source was one thought to be "we can all succeed together"

Not at all. That's the spirit of copyleft. The spirit of permissive licenses is that "I don't want developers to have to give anything back."

Usually this is done to deliberately allow private companies to profit off of the work without having to disclose their proprietary improvements. That is, presumably, why MIT and Berkeley licenses are permissive: they moved IP out of the university system into silicon valley as a type of indirect economic stimulus.


> This model has worked for companies long before cloud providers were a thing.

The open core model never got much sympathy from the community or customers. The only reason there are people siding with ELK here is because the other side is the eminently unlikable Amazon. It also never worked very well.

Yes, you can sustain a company with it, and even make it large. But it's limited in size and any idea that you can get VC money on a large evaluation and things will go smooth is ridiculous. The model also has a limited lifetime, after what you'll see your business slow down or you'll have to fight against your customers. It certainly can last enough to make people rich, but it's not sustainable, unless you diversify your software. None of that is caused by cloud providers.


> ES and other companies have a business that sells a managed version of their product.

Therein lies the flaw in the argument. If a company decides to develop something and open source it, it's not a product. If the company chooses to assign their time and resources to help develop it, great, but the moment it no longer becomes beneficial for them to keep supporting it, they'll drop it and leave it to the community.

Many companies invest time and resources into furthering open source projects without being the owner/creator of it. This is no different, whether they created it in the first place or not - they chose to open source it.

Building your business around something that you give away for free will always be a terrible business model.


> Building your business around something that you give away for free

Although it’s great for new entrants to the market who’re looking to build mindshare and marketshare. Because it’s hard for incumbents to compete with Free.

“Open Source bait and switch” has been a thing for a while now. Elastic is just the most recent/high profile example.


If every legal agreement were interpreted by internet commenters' impression of its "spirit", what's the point of all that fancy language anyway? There is no universal definition of "open source/FOSS" or what its spirit might be, which is why everyone uses concrete licenses.

It's Elastic's fault. I support their new license and wish they had picked it from the start; but they didn't. If you explicitly grant someone permission to use your hard work in a certain clearly defined way, you can't be surprised when someone uses it in that way.


> matter of time before ES is dropped by Amazon and totally unsupported.

Amazon is not Google, they virtually NEVER drop a service.


If taking an open source product that is released under a license that allows you to use in some ways and then using it that way and making money off it somehow is considered to be "exploiting open source" then yes, Amazon is guilty of that.

I for one wouldn't use that word in this use case. They are just one of the many companies that legally use the product to make money with it.

EDIT: While on this subject, does that mean Amazon is "exploiting open source" by building and selling products using their own Android fork off the open source code and not paying Google for it? :)


> AWS knows that if they take too much of ES' market that they won't survive. If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported.

I don't get how you came to this conclusion.

If Elastic goes bust, why would Amazon suddenly drop support for product? They have customers paying millions for the service, why the heck would they drop it?

If anything I would expect Amazon to keep the service and work harder to ensure good service, so they can absorb that portion of the market not being served.


> a lot of people talking about the license forget that there's an entire spirit to open source

If your multi-billion dollar company depends on the spirit of your competitors, you're going to have a bad time.


> The permissiveness of open source was one thought to be "we can all succeed together"

No. Opensource was started to avoid vendor lock-ins.

Maybe it's time to launch a free (as in freedom) infrastructure movement.


I dont't agree with "If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported."

Unlike Google, Amazon is fantastic about supporting older AWS products. I can't think of any off hand that are completely gone. There are some that might be deprecated that you can no longer create new ones of though. An ancient database service comes to mind but I can't recall it's name.


So Amazon forking ES is then ensuring that if Elastic dies, ElasticSearch doesn’t go away, right? Part of the problem here really is that if I am using AWS for the rest of my stack, why would I run my search elsewhere, introducing latency, etc? Elastic’s opportunity was to approach AWS and try to get bought. But their business model really isn’t as good as it seems.


Elastic's Cloud offering runs in the major cloud providers [0].

https://www.elastic.co/subscriptions/cloud


Is it better than AWS’s implementation?


And/or cost competitive.


Looking at a single machine (i3.large, 15GB ram, 470GB SD):

Raw EC2 costs: $0.156/hr or $112/month

AWS Elasticsearch: $0.25/hr or $180/month

Elastic's Elasticsearch: $0.3375/hr or $243/month (price stays about the same for 1, 2 or 3 nodes)


So if we assume the level of service is not much better, AWS is the more prudent choice, no? So trademark issues aside, AWS does ES better than Elastic?


To me that would depend on whether AWS Elasticsearch is actually profitable at that price point, or whether they are running at a loss to grab market share.


The quality of the service you get depends on if AWS makes a profit?

Also, do you think they make a profit on the bare EC2 instance? If so, why do you think that running a few management scripts that manage ES running on it would add up to more than $0.094/hour?


And all of their servers run Linux kernel.


> AWS knows that if they take too much of ES' market that they won't survive.

If they can take the market like that they'll do it, that's what companies do. The limits of taking the market has never been ethics, but sales.


After all that twisting you're doing, not clear if you understand what the ALv2 is about. It is what it says, not whatever subjective "spirit"s you're trying to twist into it.


Spirit is for those aiming for rainbows and music, this is a business.


And that's exactly what the GPL advocates have been saying for ages.


To add a voice in support of your comment, I agree with you. Amazon and others is why we can't have nice things.

I'll quote Bill Burr here:

> Just because it's legal, doesn't mean it's right.

And just because you can, doesn't mean you should.

Because of this shitty behavior, we will need to write new licenses to restrict who can do what with our software. Society moves at the pace of its slowest members. I guess for opensource, that's "at the pace of our most exploitive and cut throat business".


It feel like live by the sword, die by the sword to me.

Elastic because a highly successful business off the product being open source and then leveraging that into funding and enterprise licensing and maintenence.

To turn around after and go 'we love open source... No not like that' is disingenuous at best. The license choice was always yours to make, you took the one that gave you the best growth model that got you here.


Nothing about the new ES license would've prevented me from using it for free in the previous places I've used it for free, as far as I can tell.

Yet it would've prevented AWS from undercutting their paid offering in the place I'm at now that would rather pay for it than self-host it.

The lesson I'm taking away from this is just use a license like they're using now from day 1. Totally "open" open source only works if everyone is a good actor, which was never a realistic assumption, but it took a while for that naivety to cost so much, I guess.


> Totally "open" open source only works if everyone is a good actor

Totally open source works fine, it's when you try to mix open source with a controlling entity and a business model. You can only get away with that as long as you've got a lock on expertise and development. As soon as a significant portion of development and expertise is coming from outside, what makes the original business entity any more appealing than those others (as in this case)?

One way to stave that off for a while might be to make sure you're releasing new features you've developed at a good clip, and as you've developed them you're naturally going to have more expertise. That likely only works for so long though, most projects hit some level of maturity eventually at which point new features are somewhat superfluous, and might even be detrimental.

I think the bottom line is that if a business is based on an open source product then that business should be looking at it as something with a life, and a coming natural death (of being able to be the only/main support company for it at least), and plan accordingly. It might not happen, but you can't count on it being exclusive forever, especially if it's actually lucrative.


> Totally open source works fine, it's when you try to mix open source with a controlling entity and a business model.

Trite as it may sound, open source isn't a business model. For a profitable business, you need something unique, a moat that competitors can't cross easily. Open source can certainly be part of that model, for example by increasing the value of your core assets. Or as Joel Spolsky wrote many years ago, commodify your complement.

Google, say, releases a lot of OSS. Guess what they're not releasing? The data they have hoovered up of practically every internet user, that they sell to their customers (companies that buy advertising, not the users). "Data is the new gold". They release tensorflow under a permissive license, not the data they're training and running their DL models on. They release Android for free, as that lowers the cost of phones and drives more users into the Google online empire, giving them ever more data. Again, "data is the new gold", "commodify your complement".

(Not picking on google here to say that they are good or evil, just an example of how you can build a spectacularly good business while also releasing a lot of OSS)

Or for all those VC-funded corps popping up trying to build OSS databases and seeing it doesn't work out (Mongo, Elastic, etc.), build a database, not a database engine. Data is the new gold, software, particularly OSS, is a commodity.


> I think the bottom line is that if a business is based on an open source product then that business should be looking at it as something with a life, and a coming natural death (of being able to be the only/main support company for it at least), and plan accordingly. It might not happen, but you can't count on it being exclusive forever, especially if it's actually lucrative.

Amazing. I think capitalism wouldn't be hurt if occasionally companies made the choice to end themselves "get out while you're no top" and distribute their wealth to the stakeholders, ideally with some sort of bonus to the terminal employees. Of course, the employees might not like that, but it is an attitude of entitlement (if an understandable one) to think that you should have a job for life.


Agreed. This is quite insightful bit from kbenson. It explains well the mystery I was wondering for a while: why company wrote the code in the first place cannot compete successfully against others who supposedly have less expertise and has to rely on license change to defend their moat.

Software matures, and the expertise transfers to many other people while it matures. That shared expertise enters into public common for good. Natural and beautiful.


> Nothing about the new ES license would've prevented me from using it for free in the previous places I've used it for free, as far as I can tell.

Maybe. I can no longer tick the "does it use an approved open source license" compliance checkbox any more. Sadly, for me, there's now a very strong incentive to move forward with an Apache2.0 licensed Amazon fork instead of the Elastic one.


Interesting. ElasticSearch might have OpenOffice'd or Hudson'd themselves.


I would call this MongoDB'd themselves. Except that also would imply that people are still interested in MongoDB. I think their license move probably just accelerated the decline in interest in their product.


Mongo adoption has risen at a rapid rate, and cloud services now make up nearly 40% of their revenue (which, in turn, allows the company to push those $$$ into the core product). Your statement, while a common view on HN, is not correct. Just because tech bros have moved on towards other interests has not meant that adoption of Mongo has faltered. (I am not affiliated with, nor own stock in, MongoDB, Inc in any way)


Nobody can afford to use an Apache 2.0 license when an Amazon type company also uses your product in the same way.


Not everything is a cloud-based VC-backed startup. As big as AWS is, they still miss out on a giant chunk of companies who don't want or are not allowed to go into the cloud, which is why AWS-on-premise exists.


Nobody has to use a license. If you don't feel you can afford it, don't use it.


How many developers does AWS have contributing to ES vs Elastic? Besides those 9 PRs, what has AWS contributed back to ES?


The article does say they made 230+ contributions last year to the OSS Elastic is (was?) built on. Not sure how one counts those, but perhaps it helped Elastic as well?


> Yet it would've prevented AWS from undercutting their paid offering in the place I'm at now that would rather pay for it than self-host it.

Key word here is would've. They were already Apache 2.0 until 7.1.0 therefore this change will have absolutely no effect on Amazon's business; all it will do is encourage the develop of high-quality feature-rich Apache 2.0 forks while hurting Elastic's brand image - rightly so - because they're (a) no longer an open-source company [except for beats/etc which only works in the context of the now-proprietary elasticsearch/kibana], and (b) they outright lied to the community when they claimed that future versions of their open core would always remain Apache 2.0


> (b) they outright lied to the community when they claimed that future versions of their open core would always remain Apache 2.0

Where did they make this claim?


It is covered in the blog post if you read it.

https://web.archive.org/web/20200120104750/https:/www.elasti...

"We did not change the license of any of the Apache 2.0 code of Elasticsearch, Kibana, Beats, and Logstash — and we never will."


Ah, thanks, somehow that completely slipped by me.


This is where the Free Software, ideology, and the "open Source" ideology really show its difference

I view SSPL as a Copy Left style License for the SaaS age.

They picked the wrong license in the first place with Apache, they should have used GPL, AGPL, or some other copy left anyway

I generally oppose Apache, MIT and other non-copy left license exactly because it allows Amazon and other large companies is leech off the work for their own commercial offers while giving nothing back


I suspect the Free Software foundation would strongly disagree.

Copyleft licenses such as AGPL are open source licenses, because they preserve user freedom.

The SSPL is not an open source license (and likely not even Copyleft) because it restricts user freedom that have usually been guaranteed by FLOSS.

https://opensource.org/node/1099

Open source isn’t about guaranteeing a for-profit company a business model. “Leeching” is irrelevant (and also just Elastic marketing propaganda).

User freedom is the whole point.


I _mostly_ agree here.

But...

I do note that the original "open source definitions" were drafted back in the late 90s (and from memory, built on older pre existing Debian docs of similar nature).

The world was different back then, I wonder what the authors of those docs would have considered "user freedom" to be in the age of AWS/GAE/Azure?

(I guess Stallman, for all his flaws, is a reasonable guide to what the free software movement would have thought. It'd be illuminating to hear his opinion on these new licenses. I suspect I know the answer, and it'd very strongly agree with your comment...)


Users is not just end users. AWS and others are users too and Stallman wants them to have the same freedom to use and modify software as I do. We have the same rights and responsibilities. Even Elastic is a user of the software.

I respect anyone who follows a license, I respect anyone who want to relicense a software and I respect someone who forks a project. I don't see any fault anywhere here.


I think they’d ask: In what way is AWS, GAE or Azure restricting your freedom to use free software?

If those companies customize your code and don’t recontribute it, that’s what the AGPL is for.

The SSPL doesn’t actually help with this problem. It removes your freedom to use the software in certain ways. It is a pecuniary license designed to sell you a more permissive license.


So, let's pretend I'm Amazon and I'm offering a SAAS Elasticsearch product. You need someone to manage your Elasticsearch for me, so you pay me. Internally, I'm running vanilla, unmodified Elasticsearch, which talks to a management layer of proprietary code that interfaces with the rest of AWS.

What right is being violated here? You as a user can run your own Elasticsearch software; I haven't modified it and thus I don't need to publish anything specific. What the SSPL says is I must publicize my entire SAAS product - but the user isn't paying me to run their own Elasticsearch SAAS product, they're paying me to run Elasticsearch.

So to call SSPL copyleft is totally absurd.

Now, there's a broader discussion that you raised of whether the open source definitions are out-of-date or not. Personally, I don't believe so. I don't see how any of the newer developments in the space (public clouds, managed offerings, etc) materially change anything; indeed the whole point of OSS is it's based off of deep principles.


According to Stallman at least, the principles of "Open Source" are much less deep that the principals of "free software". His opinion says the "Open Source" philosophy is based off watering down "free software" principles.

"The terms “free software” and “open source” stand for almost the same range of programs. However, they say deeply different things about those programs, based on different values. The free software movement campaigns for freedom for the users of computing; it is a movement for freedom and justice. By contrast, the open source idea values mainly practical advantage and does not campaign for principles. This is why we do not agree with open source, and do not use that term."

https://www.gnu.org/philosophy/open-source-misses-the-point....

I guess you and Stallman agree there, and that permissive open source licenses are totally up-to-date with modern cloud computing businesses and business practices and that Elastic and their choice of Apache2 are getting exactly what they signed up for. And that "free software" licences especially the viral ones exemplified by GPL/AGPL are also still relevant in 2021, and having chosen one of those would have given Elastic.co what they claim to be demanding... (I think I agree there too.)


> And that "free software" licences especially the viral ones exemplified by GPL/AGPL are also still relevant in 2021, and having chosen one of those would have given Elastic.co what they claim to be demanding... (I think I agree there too.)

I think we agree up until this point, at which you fall into a trap. This is the same trap I was trying to avoid by giving my SSPL scenario above.

A copyleft license like GPLv3 does not prevent a business from operating a SAAS business.

AGPL would apply, but it only triggers upon modification. So as long as Amazon doesn't modify Elasticsearch itself, they don't have to publish anything (because there's nothing to publish), and if they do modify, they have to share just those changes. Which is very fair to me from a copyleft perspective.

Now SSPL tries to go further and say for merely using the software in a certain way, you must release not just any changes to the software itself but also everything around the software. That is what makes the SSPL neither open source nor free. (I guess I don't actually know how "free" is defined, so I can only say for certain that it's not open source, but I don't think SSPL even counts as copyleft)


A much better description would be "distributing usage to others" instead of just "using". Which is much better analogy for what is going on here.


> What right is being violated here? You as a user can run your own Elasticsearch software; I haven't modified it and thus I don't need to publish anything specific.

I as a user can no longer fix bugs in the Elasticsearch that I'm using. So I don't have the four freedoms that copyleft is all about protecting.

> What the SSPL says is I must publicize my entire SAAS product - but the user isn't paying me to run their own Elasticsearch SAAS product, they're paying me to run Elasticsearch.

That's like "I'm not blocking you from going into the building, I'm just blocking you from going through the gate outside". The point of copyleft licenses is that you need to give the user everything they need to run (or hire someone else to run) the same software (or their patched version of it) the same way.


Elastic marketing did not come up with describing AWS or any of the other big tech companies as leeches. That has been around for a very long time

I am aware FSF would disagree with my position, AGPL is better than SSPL.

As to OSI, I have losts of issue with OSI as an organization, and when they state "But Elastic’s relicensing is not evidence of any failure of the open source licensing model or a gap in open source licenses. " they are simply wrong

There is a clear gap in open source licenses when it comes to dealing with SaaS, the fact they do no see this gap is very telling.

the Free Software community saw this problem and thus the AGPL was born, something like AGPL is needed for open source, but OSI refused to even acknowledge there is a problem let alone look for solutions to it

//And no Free Software is not the same as Open Source Software, they should not be linked as being the same

edit:

>>User freedom is the whole point.

Free Software is about user freedom

Open Source is about Developer Freedom, that has always been the big difference.

Apache, MIT, BSD etc are all licenses that allow devs to take code, use it in commerical products. That is why you see places like GitHub default to these non-copy left licenses.

Free Software is about copy left, GPL and the like. Because it gives USERS freedom


“They are simply wrong”? That’s your argument?

I think you have zero interest in Free Software. You want “Free Software except in the ways I don’t like”.

AGPL was about ensuring user freedom by requiring server hosted source code modifications to be contributed back to the community.

SSPL isn’t about that. SSPL removes freedoms from using the software for no principled reason other than to allow a copyright holder to make more money by selling you a less restrictive proprietary license. It isn’t copyleft, it isn’t free, it isn’t open.


Hmm clever editing I can see we are not discussing in good faith.

You built a nice strawman to tear down around my “They are simply wrong” quote using it out of context

How about you address what I actually said OSI is wrong about, they are wrong about the fact that there is no gap in Open Source licensing when it comes to SaaS Sevices. SSPL may not be the best solution to it, but completely rejecting the clear problem is how you end up with less than perfect solutions like SSPL.


I am trying to argue in good faith. I’m not editing anything, I just don’t understand your argument.

I don’t see what the clear problem is with open source licensing. AGPL solves the problem of SaaS providers modifying your software without freeing their modifications, if that’s what you want. AGPL is also an OSI approved license. What more is missing?


Well sorry but it's actually stated right here:

https://opensource.org/node/1099

If you want to have a business model like Elastic, then open source is simple not right for you. This is what the OSI Board of Directors says.

It's a different discussion whether this is a good business model, but it's not like op has no point here:

What's missing is an open-source license for products whose profits accrue due to being run as SaaS. If you're just going to say: "This is not possible with open-source licenses", then that's the gap.

What people actually want to do is exclude about 10 or less companies from selling their software at no own cost, while keeping it open-source for everyone else.

And OSI says this is not a use-case for any of their open-source licenses. Maybe there should be a license for that. I don't know.


The OP has a point in that everyone wants to be popular, famous, make lots of money, and also do it while being perceived as a saint.

Forcing profit accrual in your software license is easy enough. The hard part is to grow a community & popularity the way open source licenses have proven, when you have such restrictions in place.

This is only a "gap" in the sense of the grand injustice of the universe, as the Rolling Stones said, "You can't always get what you want".

'What's missing is an open-source license for products whose profits accrue due to being run as SaaS. If you're just going to say: "This is not possible with open-source licenses", then that's the gap.'

Think about what you're saying for a second.

1. Free software & open source is fundamentally opposed to user restrictions of any form, this is "Freedom Zero" and literally the whole reason the movement was created and got popular.

2. You can't create an "I GET THE MONEY" restriction and still be open source or free software, or accrue anywhere near the popularity and community goodwill you'd otherwise get

3. Therefore this is a problem?

Open source contributors have limited interest in your profits or business model if it means compromising the most essential point of it all. Open source is not a business model, and never was meant to be. Plenty of open source companies made lots of money without restricting user freedom, and they did it while AWS and others existed.

All of the tech leadership and excitement in dev communities today (Docker, Serverless, Kubernetes, Kafka, Spring, Rust, Golang) etc. is driven by open source, not by the clouds' proprietary services.

'What people actually want to do is exclude about 10 or less companies from selling their software at no own cost, while keeping it open-source for everyone else... Maybe there should be a license for that.'

Licenses like this have literally existed for over 30 years. "Everybody but Microsoft", "everybody but IBM", "everybody but the military". They're out there in spades.

Good luck, have fun. Build amazing software and build a community!

Except, these violate "Freedom Zero", the most essential point to why FLOSS was created: freedom to use, no restrictions. You might have some challenges gaining community support because of this.

https://www.fsf.org/bulletin/2019/fall/building-ethical-soft...

The excerpt worth reading:

"The lack of usage restrictions in its licenses is key to the success of free software. A world of proliferating and potentially conflicting usage restrictions, each seeking to address a different social cause or need, would introduce so much friction that the tremendous democratic social benefit brought about by the free sharing of software – including the empowerment of individuals to effect social change in unjust institutions – would be undermined.

Just because a license is not the right place to enforce ethical software usage doesn't mean we don't recognize the problem, or respect the people raising it. We should encourage and participate in conversations about the ethical usage of software. With the ground rules of free software as the baseline, anyone can build systems to specifically promote ethical use."


> I generally oppose Apache, MIT and other non-copy left license exactly because it allows Amazon and other large companies is leech off the work for their own commercial offers while giving nothing back

Like Elastic "leached" of Lucene? Elastics whole business model depends on Lucene being under the Apache license. If Lucene followed your suggestion (funny enough, Lucene used LGPL very early in its history) Elastic wouldn't exist at all.


That is largely hypothetical and one does not know if Elastic would taken a different form is Lucene would have been under LGPL, nothing in LGPL would have prevented it, and maybe Elastic would have chosen LGPL themselves or even AGPL which I personally would have preferred over SSPL but I understand why they choose SSPL and 100% reject OSI's position that is a non-open license, it is a non free software license, but it is IMO an Open Source license


SSPL is marketed as copyleft, but it really isn't. AGPL is. SSPL requires not only that you open source modifications to the software, but also that you open source "management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software" that you use to operate the licensed software.

If you want to offer ElasticSearch as a service, you have to open-source your entire hosting stack including UI. God help you if you pay for any proprietary software — you literally can't satisfy these terms. Notably, Elastic itself doesn't have to do this for its own hosting service, because of course it can't satisfy the terms: no hosting company I know of can.

The point of the license isn't to get contributions back. The point is to prevent competition to Elastic's hosting business. Elastic's new version of ElasticSearch is source-available software, not open-source, by pretty much any reasonable definition.


>If you want to offer ElasticSearch as a service, you have to open-source your entire hosting stack including UI.

It's worse than that: you need to release your entire hosting stack under the SSPL. It's extremely unlikely that you're able to do this. Hope your servers aren't running Linux! (Or bash or the GNU coreutils or...)

If it were acceptable for the rest of the stack to be under another free software license, I'm not actually sure I'd be opposed to it. But yeah, as-is it sure looks like they've just written the license such that it's impossible for a hosting provider to comply.


On the other hand, a lot of people (myself included) have no intention of ever being in Amazon's large scale hosting business, and actively avoid building my software on GPL/AGPL where there are more permissive (but still "standard" like Apache/MIT) license choices available.

(I _do_ totally understand the principle of strongly viral licenses, I think the GPL is an amazing thing. The chardonnay socialist in me wishes the whole world would use it. Pragmatically, at work I feel obliged to point out the responsibilities of using GPLed dependancies. From a profit-focussed business decision, it's often better avoided. I agree what Amazon does with Mongo/Redis/Elastic et al. qualifies as "leeching", maybe I'm only fooling myself that my work's projects are somehow better...)


The thing is, in this case, Amazon's business is not about extending ElasticSearch with proprietary features. It's about hosting the OSS product.

Had ElasticSearch been under a copyleft license, the only difference would be that Elastic would've been unable to simply move away from the copyleft license.


> The lesson I’m taking away from this is just use a license like they’re using now from day 1.

Sure, if your whole business model is “sell a SaaS”, then making the whole offering an open source product that is simple for other people to host and offer an equivalent (or, if integrated with other offerings you don’t have, often more compelling) service is a bad choice.

But people choose open source licensing for a reason, and against competing software, a proprietary license can be a negative feature which makes it harder to grow mindshare and prove out utility.


> that is simple for other people to host

Literally one of the selling points of ES amongst my peers was that it was easier to set up to host in a multi-node cloud than the earlier Solr.

Which is great, good for them! But... yeah.


> The lesson I'm taking away from this is just use a license like they're using now from day 1

You’re welcome to license under SSPL (or AGPL) if you wish. But if you want commercial customers (or even users), you’ll have to bear in mind that licenses like SSPL are a “no” (or at least, requires legal review) in many commercial entities, including startups.

Licenses like SSPL won’t give you the growth a new entrant could potentially get with a more commercially friendly FOSS license, because your potential users/customers will see it as a proprietary product and evaluate you as such.

In Elastic’s specific case, iirc a major competitor for them was the proprietary Splunk, so Elastic being FOSS really helped their case. Had they been SSPL from day 1, their growth trajectory would have likely been different.


> Nothing about the new ES license would've prevented me from using it for free in the previous places I've used it for free, as far as I can tell.

While true, personally I'd not be willing to contribute to such a project. Of course, such a license would require legal blessing, which in itself is a lot of (paper) work. What if, the company decides to change the license in an year?


I think it’s significant in this case that most of the development of ES and the underlying engine is done by Elastic. This re-licensing is only of interest because it means most ongoing work on the project will now happen under the new license. If that was not the case nobody would care, the contributors could fork back to Apache 2.0 and continue. After all, the ElasticSearch license used up until 7.1 also allows me to fork the project under a new restrictive license, but nobody is likely to care if I did.


> Nothing about the new ES license would've prevented me from using it for free in the previous places I've used it for free, as far as I can tell.

It would have prevented its use in a previous company i worked at (largely for ideaological not practical concerns).

> Totally "open" open source only works if everyone is a good actor, which was never a realistic assumption, but it took a while for that naivety to cost so much, I guess.

That seems like a silly conclusion. Amazon is being a good actor by all accounts. On top of that Elastic is like a 15 billion dollar company, if that's not working, i need to get going on a business venture that doesnt work.

Anyways what makes you think they would be succesful if they used the license from day 1. Having your cake and eating it too only works if you switch halfway through.


It wouldn't have been picked up by the community if it weren't Open Source. Yes, you may have used it if the current product just appeared on the market with a source available license but that's not what happened.

People used and recommended the software for years because it was Open Source. People contributed to the project because it was Open Source. It became popular BECAUSE of Open Source.

Your argument doesn't work because you wouldn't have known about it if it wasn't Open Source.


Elastic Search launched more than a decade back, when the cloud was used in an entirely different manner. The team had no way to foresee the shift to the managed services model; of AWS taking popular Open Source products, repackaging it and undercutting the original authors.

The decent thing to do (for all managed Open Source products that you didn't create yourself), would have been to offer a cut to the original team. Instead, AWS takes all their customers, keeps 100% of the revenue, and passes on nothing.

Terrible.


> The team had no way to foresee the shift to the managed services model; of AWS taking popular Open Source products, repackaging it and undercutting the original authors.

The Affero General Public License (AGPL) was published in 2002. https://en.wikipedia.org/wiki/Affero_General_Public_License

Plenty of people saw this coming. It was completely predictable. The reasons why licenses like the AGPL haven't yet caught on are complex. But I don't think anyone can credibly claim that they were blind-sided. Rather, I think many people and companies simply feared the day of reckoning, discounted the threat, and did as most everybody else was doing.


> The reasons why licenses like the AGPL haven't yet caught on are complex.

They are not complex. Permissive licenses encourage adoption but hinder monetization; restrictive licenses do the opposite. Pick your poison.


That was the argument against the GPL, and yet Linux beat BSD. The tension exists, but it's not such a simple trade-off, and the dynamic is highly context dependent. The complexity is in identifying and achieving the best business model.

Like with the GPL 20 years ago, the intuition today seems to be that licenses like the AGPL are simply anathema to adoption (because "viral", etc) and therefore market capture, and if you can't capture the market you can't monetize your investment. It's something of a self-fulfilling prophecy, but eventually more people (authors, users, etc) will begin to explore the space commercially and, hopefully, disprove the conventional wisdom.


> The team had no way to foresee the shift to the managed services model; of AWS taking popular Open Source products, repackaging it and undercutting the original authors.

First release of elastic was Feb 2010. AWS launched in March, 2006. The folks at 10gen used the AGPL for MongoDB since Feb, 2009. Yeah nobody could've seen this coming.


Not sure Mongo is the right example to use here, given the've gone down exactly the same "non OSI approved license" change themselves...


In fact, Elastic new license was created by Mongo.

It wouldn't surprise me if that license in a few years don't get nicknamed "Mongo's license"


AWS didn't undercut anyone. They offered their customers exactly what they wanted. Many of these software vendors have delayed offering their own cloud-hosted versions, often years after AWS, even when these vendors should be better equipped at running them.

Elastic is also infamous for data loss and still has consensus problems so maybe proper priorities are the real problem.


There is no meaningful way for an independent vendor to compete with a Cloud Provider offering the same service. It gets bundled in the initial sales pitch, promoted in their documentation and at events, and gets heavily discounted.

It simply becomes the default - and (if on AWS) nobody will even think of Elastic after a couple of years.


And yet many companies are competing just fine. Elastic's biggest growth comes from cloud services, which matches every other database vendor from MongoDB to Redis. [1].

AWS just proved that the market wants to buy solutions, not software. There are tons of customers and environments where a dedicated vendor can offer something far better than the lowest-common-denominator that AWS provides.

If you want another success story, just look at how Snowflake built a better Redshift on AWS (quite literally).

1. Start at page 23 of their earnings report: https://s2.q4cdn.com/265747582/files/doc_financials/2021/q2/...


The big three may have some advantages, but there are numerous smaller competitors.

The biggest advantage the big three have is that some people don’t even bother looking for alternatives.


You compete by not competing. Make your software proprietary and sell it to the cloud provider for hefty license fees.


> The decent thing to do (for all managed Open Source products that you didn't create yourself), would have been to offer a cut to the original team.

Who are the members of the original team? Are we not going to give a cut to all the other contributors to the project throughout the years? How much should each contributor get? Are we measuring by lines of code touched?


If Linus had hindered AWS' use of Linux early on, would that have been better for Linux? What would "the cloud" look like?

They don't seem to have any revenue sharing scheme with Linus, yet all the Linux companies seem to be doing pretty well for themselves.


Linux is not project developed as a product mostly by a single company. Substituting Linux into this situation doesn’t really provide any insight.


Actually, your argument that there’s any relevance to Elastic being the primary developer lacks insight. It changes nothing about the licensing situation nor about the ethics. You’re also not factoring in the fact that the nonrestrictive license is why Elasticsearch became the standard.

You also haven’t resolved the logical contradiction that Elastic is equally “guilty” of profiting off of Lucene.

I honestly don’t think a nuanced understanding of these licenses and open source business models can lead to any conclusion except this one: Amazon is not in the wrong here, Elastic is being entitled, misleading and duplicitous. Elastic is free to use Lucene as its kernel and monetize it, and Amazon is free to offer a managed Elasticsearch service.

If you write Apache 2.0 software, you have no right to bitch about competition. That’s the short of it. And remember - Elastic is doing fine. They’re worth $15B. The founder has hundreds of millions of dollars now, and rightly so.


Right. So what would Linux look like if it was developed by a single company?

One of the reasons to choose open source is to avoid lock in by having multiple suppliers, and at least in theory have some healthy competition between them.


> "We proposed to give back jointly at a significant level and were turned down." Adrian Cockcroft (VP AWS)

https://twitter.com/adrianco/status/1105178074499375106?s=20


There's a good quote on that thread which captures what AWS is doing with products like ElasticSearch:

"My argument is that AWS is eating seed grain, on its supply side, and doesn't know it."


We have no idea what “significant level” means here.


~1k lines (per enumerated prs in blog post) against millions of lines, aka less than a fraction of a percent.. plus ignoring code review, issue triaged etc. insignificant level might be more apt.


Amazon is literally under no obligation to contribute any code back. Yet they do because most people prefer to merge upstream if they can, and Amazon is no exception.

Frankly Elastic has been very hostile at accepting PRs if they seem like they’d compete with Elastic’s proprietary offerings. Glaring conflict of interest. So I’m glad Elastic forced a full fork.

BTW, in case you didn’t realize this license change will not prevent Amazon from running their own fork. So even from a greedy business perspective Elastic made a horrible decision, even ignoring the ethics of lying to the community as they have done repeatedly and without showing any remorse.

edit: Fixed typo where I wrote "Elastic" instead of "Amazon" when talking about Amazon being no exception to preferring to merge upstream where possible


AWS launched RDS with MySQL 4 months before the first version of ElasticSearch. Yea in that case it was Oracle, but I think it was clear what the direction was. And it was definitely clear in 2014 with Aurora and Redshift. They could have changed their license in 2015, but they didn’t. Why?


> Elastic Search launched more than a decade back, when the cloud was used in an entirely different manner. The team had no way to foresee the shift to the managed services model;

This claim is highly unrealistic. Offering managed services has been the hallmark of the cloud from day 1. The cloud is nothing more than managed solutions.

It's highly disingenuous to claim that it was not possible to expect a business dedicated to offer managed services to offer a managed service.


I generally agree, but isn’t the ability to do unforeseen things one of the powers and major wins of being a user of open source ecosystem?

I don’t disagree about, what I would say charitable, instead of decent thing to do is.


The issue is, I think, that acting in such a manner is supposed to cost you in community good will. The potential for bad PR can force you to act in a more ethical manner, but there's a big separation between the people with the checkbooks and the folks who are aware of the issues here. The courts are there for extraordinary circumstances but it's generally better for all parties to settle a dispute without litigation and AWS could just shovel some money in the direction of elastisearch.


I always get a laugh out of these for-profit companies trying to cater to a tech community open source ethos, and discovering there was a reason why companies weren’t doing this


Amazon has not been contributing back to the open source projects when they offer a service based on it.

E.g. https://aws.amazon.com/blogs/big-data/performance-updates-to...

Amazon EMR release 5.24.0 includes several optimizations in Spark that improve query performance.

Why have these optimizations not been contributed back to the community?


Because they don't want to, or see no value in doing so. I've been downvoted to oblivion just by stating that contributions to popular OSS projects, especially those initiated,or heavily used by large tech companies,are nothing more than just free labour. Amazon's business is commodity: they made books,one of the most precious things we,as a civilization could create,a commodity. The storage space, computing, even ML is being commoditised. Logistics will folow,then some more. The company's perspective and business goals are completely different than many would like to think.


> The storage space, computing, even ML is being commoditised

I don't see that happening anytime soon. There is still a market for hobbyist and boostrapped businesses who can't afford the insane prices offered AWS, Azure, GCP & Co. Storage, Computing and Bandwidth on these platform is inflated for the "enterprise and over-funded-startups" market.

Hetzner, Ionos, Scaleway and OVH are still order of magnitude below AWS in terms of prices. And the quality difference is in no way justifying the price difference. (Especially with Hetzer and Scaleway which are almost on par with cloud platforms)


The announcement claims:

> All changes to Elasticsearch were sent as upstream pull requests (#42066, #42658, #43284, #43839, #53643, #57271, #59563, #61400, #64513), and we then included the “oss” builds offered by Elastic in our distribution. This ensured that we were collaborating with the upstream developers and maintainers, and not creating a “fork” of the software.

With links on the issue numbers. Why should we not understand this as contributing back?


That's 9 PRs vs, as someone pointed out below, roughly 41000 commits in the project.


Disclosure: I work at Amazon on cloud infrastructure, but not directly on the codebase being discussed here.

Someone pointed out elsewhere:

  *Correction after looking a bit closer, I think Amazon has submitted at least 600 PRs, they only listed 9 in the blog post. That's better but it still doesn't change the fact their business model doesn't allow the companies they're building on the backs of to have a sustainable revenue stream.


The other comment claiming 600 Amazon PRs was mistaken:

https://news.ycombinator.com/item?id=25866527


That's counting emails. Unlike other Git-based projects like the Linux kernel, it seems a lot of commits are made with users.noreply.github.com email addresses. For example.

  commit 8e413f85e8978da83db107aae51e5543d4779dba
  Author: paulward24 <52216289+paulward24@users.noreply.github.com>
  Date:   Wed Jul 3 04:37:07 2019 -0700
  
      Ensure to access RecoveryState#fileDetails under lock
    
      Closes #43840


Not claiming every git commit uses work emails

Referring to the fact that the original 600 Amazon PR claim was rescinded in that thread


Got it. Thank you for mentioning it here. Comments are getting a bit unwieldy to stay on top of.


Because the community decided to use a license that allows it.


The community did that in good faith. What's the incentive for the community to contribute to the project if Vendor XYZ is going to offer the same project with more optimizations?


The buggy whip community invested in buggy whip manufacturing too.

Sometimes step changes happen, and things are just different afterwards.

I see two related "changes in the world" here that are contributing to this current drama.''

1) the rise of SaaS and globally centralised cloud hosting.

2) the emergence of companies solely (or mostly) built on paying salaries to developers writing an open source software project. (Elastic/Mongo/Redis being the primary examples).

As I see it, the 30 year old "Open Source" principles didn't see these coming any more than the buggy whip industry saw the Model T coming.

Personally, I'd really like to see those three companies (and others/new entrants) come up with a workable new model for software licenses for some kind of "freely usable software" ("free" in the generic "no obligations" sense, not the GPL/Stallman "freedom" sense) written by salaried devs at for-profit companies. I think the world would be a better place with more software closer to the Stallman end of the license spectrum than the Oracle end. I don't think that's necessarily a given. It might well be true that in general, a for profit company cannot make enough money out of writing software and giving it away to keep teams of full time developers paid.


There is nothing unfair about being able to make optimizations of your own on top of the software. That freedom is in fact one of the core values of OSS. Any “fairness” judgements you make are irrelevant for as long as the license satisfies its goal and the software is freely available to everyone.


Fairness (ethics, moral judgement, justice) is inherently a different layer of our civilization than license (law, contracts). I'd say fairness is more important than any and all licenses ever.

Also, I think through history every law was made in the name of making law more just, bringing the legal system closer to an ideal of justice.

We also know that simply throwing out law and bringing back case by case judgments (eg. what kings and lords of old did) just gets us further from that ideal, hence we work on our laws and licenses. But that doesn't mean we should forget that they are imperfect and sometimes they need updating.


Your point being? You care more about fairness in the dealings of two billion dollar businesses, than the open in open-source?


because then you wouldn’t have been quietly walked into vendor lock-in which extends beyond the software license to the hardware you’re leasing!


The irony is strong in this case, because Elastic started by making ES into an open core thing and putting every new feature into their business side. (The improvements they made to the basic ES clustering, indexing, sharding, Lucene integration, etc. are very valuable, and I'm not discounting them, but their added value is drastically reduced compared to the features. Just like AWS' added value for businesses is a lot more important than having yet another cool x-pack feature.)

AWS is the bigger fish :|


Except a small group of people have all the swords.


What's the major difference between Apache and MIT license?


MIT license is super simple, short way of saying "You must give me credit if you use this in the form of including this license and my copyright statement in software you distribute"

Apache license is a longer and more complicated version that is the same in spirit but also includes the agreement that the licensor does not sue the licensee over patent infringement for use of their contributions to the software or the cumalative software, unless the licensee makes a patent claim against the licensor in which case the license terminates


Obviously Amazon has the legal right to make a fork, but I think it's understandable why people would still prefer that the people who actually did the innovation and the majority of the work get their cut of the insane profits AWS is making.


With for-profit corporate open source, you are either giving it away because doing so benefits you in some other way, or you are doing it wrong; expecting downstream open source users to pay you is “doing it wrong”.

Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.


> Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.

Exactly this.

Or more accurately, Elastic is pretending it doesn't have an open-source compatible business model.

The actual truth is, they've built a great business. $500MM in yearly revenue, with 40+% y/y growth, for a valuation of like $15B last time I checked. And yet they're trying to pretend this is a David vs Goliath story and that they're literally going to go out of business because of Amazon. Nope, it's all gaslighting. They don't need to make this license change, without it they'll still be a $50B business in a decade or less.

They're just having an immature childish response because, while they're making boatloads of money, Amazon is also making boatloads of money, and that's not fair in their eyes because Amazon didn't invent Elasticsearch. It's all so childish (and ignores the tremendous value AWS as a whole is, but that's another rant)


ES had a business model. It was open-core, but with critical features like Security and Access-Control hidden behind their paid support.

The core disagreement was that Amazon (and many other contributors) wanted to add that to the base distribution, and Elasticsearch fought them for years on it, deliberately breaking any community plugins that got a solution working.

Enough blame for the current situation on all sides.


Yeah, I simplified things for the sake of argument, but just to be clear, the whole open core business model was a huge conflict of interest and has convinced me that open core is a way worse conflict of interest than other ways to monetize (enterprise support, operating cloud service etc).

So, to call Elastic a successful open-source business model isn't quite accurate, and you're correct to point that out.


please add disclaimers if you work at amz


I don’t, I work for a non-profit that refuses to run proprietary software such as Elasticsearch 7.1.1 in prod. Not sure why you made that blind assumption. Very bizarre.


Thank you for pointing this out. I used to run elasticsearch on a project and these pay walled features were a large source of frustration to the point that eventually I recommended moving it to the AWS service because we were already paying amazon anyway and in a large organization it is a huge pain to contract another vendor.


> Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.

I think this is precisely correct, and it's really strange to me that a company developing innovative software would decide to apache license all of their work but I still feel for them. I'm guessing that they wanted to build a thing and make some money off of it while mostly just contributing to moving tech forward and that's a super noble goal... but that noble goal would have been much better served by using a license better tailored to OSS free use for non-commercial purposes and pursuing individual agreements for commercial use.

Then again, if it was launched with such stringent requirements would so many contributors have helped them develop into such a usable product?


> Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.

Elastic has indeed found a profitable business model: they have their own cloud (cloud.elastic.co). But for it to be profitable they need to cover the costs of both developing the Elastic stack, and running a SaaS. AWS only has to cover the cost of running a SaaS (since they are getting the stack for free) which gives them a HUGE cost-wise advantage.

To counter this advantage Elastic is asking them to partner with them like other cloud providers do (Microsoft, Google, Alibaba etc) but AWS has refused to do that.

Isn't it then fair for Elastic to restrict AWS from using their software?


This is the whole point of open source. Every contributor to something like Kafka or numpy is not expecting a cut from the thousands of companies that use it.


My two cents:

Open source is a type of generosity. Generosity is good in the software world because the rules of the game benefits everybody the most when everybody are generous. I believe it's similar to prisoners dilemma but with even bigger benefits when we are all generous.

However, it's also a tit-for-tat game. When others start to be greedy it makes some sense to be greedy yourself. Thus short circuiting the game and making the playground worse for everyone. Until we realize that generous is better again.

So tying back to your comment. Yes, open source contributors doesn't expect something back but they can only hope that others at least pay it forward.


> Yes, open source contributors doesn't expect something back but they can only hope that others at least pay it forward.

If they want to ensure others "pay it forward" (also release their source code), they should be contributing to copyleft projects instead.

The AGPL would ensure users of elasticsearch, whether hosted by elastic or AWS, have access to the source code of the software they're using.


> If they want to ensure others "pay it forward" (also release their source code), they should be contributing to copyleft projects instead.

But Amazon is releasing their source code. Even more of it than Elastic.


A restrictive licence limits the potential value that the code can bring to the world. To maximize the value you bring as an open source developer you can't expect returns (to the community), only hope for it.


> To maximize the value you ...

... have to let Bezos et al. exploit it?

(And that's maybe not as bad a thing as it sounds on the surface. Linux, Apache, PHP, Ruby, HAProxy, Nginx, and probably hundreds of open source projects I can't even start to list don't seem to feel the need to come out swinging like Elastic/Mongo/Redis have. )


Amazon's forks will still be Apache-licensed, so if there's a tit-for-tat element here, it appears to be Amazon responding to Elastic's abandonment of open-source.


Yeah, and here I feel that there's something missing in my description. While I think Elastics move is bad I definitely don't feel like Amazon is the good guy here either. I feel that there's a good chance that Amazon steam rolls Elastic and then five ten years away the community is worse off.


Open Source makes the most sense when your position is “I made this because it solved a problem I had and am giving it away so that it might solve problems for you.”

We might actually be better off with Amazon as the steward because they don’t need to make money on the software itself.


> need to make money on the software itself.

It would make a lot of sense for them to slowly close it down or modify it so that it eventually only makes sense to use it on their platform. Or something similar. And given what I've seen from their behaviour I would expect them to exploit whatever market leverage they can.


What you described is exactly what Elastic doing now, and it triggers a fork. We will be fine if it happens again.


Depends if they actually develop it. For other open source software, they usually keep improvements (say, improvements to Spark working with S3 from EMR, to give example from my area) to themselves in proprietary modules.


Maybe?

Brian Behlendorf didn't write Apache (or more accurately, patch NCSA httpd) out of "generosity", he was doing what was known back then as "scratching his own itch". Sure, he generously gave it away as well, but that was after he'd done the work to benefit _himself_.

Same with Larry Wall and Perl. He wrote the language he wanted, and shared it afterwards. He didn't write it out of generosity (and to be fair, he is 100% the sort of person who might have).

I think the dual license strategy Larry chose for Perl really shines light on his motivations, "use GPL if you want to, use the enormously more permissive Artistic License if you want to". He just wanted anybody who might find his software useful for any reason at all (including becoming insanely rich, if they could work out how to do so) to be able to use Perl.


> Open source is a type of generosity.

Open source should be about optimisation. For example you have some infrastructure code (like LLVM, Linux kernel, etc.) that brings you little competitive advantage but you benefit from distributed maintenance - OSS is a perfect fit. And people using it but not contributing back is not really that big of a deal.

The incentives to upstream exist without licensing requirement - maintaining a fork which when the upstream knows nothing about what you're doing and could break you with every commit is not fun. You also lose on distributed review/support aspect. At the end of the day if someone finds a way to profit and not contribute back - how does that impact you ? Unless they are a direct competitor and you OSS something critical - in which case like people above said - you should rethink your business model.

Also OSS has a bunch of secondary benefits - recruiting, developer mindshare, etc.

I think viewing OSS as a generosity is not sustainable, and the incentives exist even without restrictive licensing.


> Open source should be about optimisation.

Sure it's nice when you can motivate it like that but I feel that the long tail of open source projects doesn't fit your description but are projects driven by a few enthusiasts.


I don't get it. I can understand performing acts of generosity without saying anything about payback and with no expectation of reciprocity. I can also understand performing acts of generosity without saying anything about reciprocity while having some expectation of reciprocity (like, "I'll do someone a favor, and it sure would be nice if they return a favor one day").

But why would you very deliberately choose a software license which very explicitly distinguishes itself from normal proprietary software licenses by spelling out how it requires no payment and will always require no payment (and in some cases, explicitly prohibits anyone else from requiring payment!), and still maintain an expectation of payment?


Yeah let's talk about greed for a second.

Elastic, at this moment, is pulling in half a billion dollars in revenue per year. They're growing at at least 40% y/y. They're valued at $15B at this very moment.

So, tell me again why this license change is so necessary? Oh right, it's not, it's just a disingenuous move to try to monopolize the market they're in.

Except, the irony is, this isn't even going to increase the money they're making, because Amazon, as I predicted days ago, was always just gonna fork 7.1.0 and keep it Apache 2.0. Which is not only legally their right, but actually ethically is a good thing to do anyway.

And don't even get me started on how Elastic puts most of its real efforts into their proprietary features anyway, and if you hypothetically opened up a pull request that perfectly implemented TLS or some other feature they'd deny it because they have a conflict of interest with X-Pack.

Now I want to be clear. I'm personally an anarcho-capitalist, I reject the whole idea that a company being big makes it evil. I don't think it's a problem that Amazon is making money with free software - aren't all of us in the industry making money with Linux, or with apache httpd, or <insert open source software here>?

So, I don't hold the fact that Elastic is a multi billion dollar company against them either. But when they try to gaslight the communtity and portray this absurd, patently false, downright offensive david vs goliath narrative, I'm going to call them out for being liars, because that's what they are. They have shown they will break deep promises they made to the community without a second thought.

They've also shown they couldn't even be honest in their communication around this licensing change. They claimed this would have no effect on their users - bullshit, a good friend of mine works at Wikimedia and they can't run Elasticsearch 7.1.1 or above in the future because they don't run proprietary software. Meanwhile the license change doesn't even do what they claim it's for.

They also have mastered the art of doublespeak like this:

> The list of improvements under this new free and open, yet proprietary, license, is overwhelming

Ah yes, the infamous "free and open, yet proprietary" software. Couldn't live without it.


[flagged]


Except What Elastic is doing is fundamentally opposed to open source, and what Amazon is doing is fundamentally aligned.

At least according to the OSI, who last I checked, really care about open source ideals.

https://opensource.org/node/1099


It's not like the OSI and the FSF haven't got at least a few major differences about "ideals" though.

Pretty sure rms is 100% convinced _both_ sides of this disagreement are morally wrong.


> people who like open source (generally left-wing people doing stuff for betterment of society)

Do you really think that liking open source is in any way correlated with politics?[1] I'd like to read a source on that one, because it's certainly not been my experience. Maybe we've contributed to different projects and/or read different people.

But even that aside, you think that everyone who likes open source is condemning amazon and on elastic's side? That is even more suspect. Just as an example, the creator of sourcehut has been criticizing elastic all week, and all of his posts—at least one of them explicitly saying that Amazon is definitely allowed to do what it's doing—have reached the front page here. And he's someone whose "liking open source" credentials are good enough, I think.

[1]: I'm not even going to get into other implication, that wanting to improve society is also in any way related to any given political leaning.


That's a very good description. Thank you.

(sometimes I feel upvote isn't enough)


Confluent absolutely wants a cut for hosted Kafka usage, though, and has made similar changes to Elastic.

https://www.confluent.io/confluent-community-license-faq/

> Under the Confluent Community License, you can access the source code and modify or redistribute it; there is only one thing you cannot do, and that is use it to make a competing SaaS offering.


Kafka is an ASF project, and not controlled by Confluent. There is nothing stopping anyone from offering a hosted Kafka. You seem to be conflating Kafka with Confluent's own products.

>No. Apache Kafka is licensed under Apache 2.0. The license change only applies to our Confluent software that was previously called “Confluent Open Source”: Confluent Schema Registry, Confluent REST Proxy, Confluent ksqlDB and some Confluent Connectors.

I love that they try to make it sound like they even have a choice in changing Kafka's license.


> This is the whole point of open source.

What is? Because I don't think the point of open source is to have big companies make money off code that other entities—in many cases individuals—made available for free. It's certainly something that happens, and I don't think it's universally bad, but I wouldn't say it's the point, either. I've heard of several high profile cases of the people who maintain high-profile projects supporting $billions worth of commercial products struggling to make ends meet, and I don't think that's the point. That's not a system working as designed, because nobody designed it and there arguably is no point—it's simply a dynamic that emerged organically from the factors that drive people to contribute to open source, and those that drive businesses to maximize their profits.


I think GP meant that allowing for forks is the point of Open Source. Which I would argue is kind of a big point of Open Source -- the point isn't who's doing the forking or who's profiting -- but the point is that forks like this are intentionally allowed.


Sure. Don't know if I'd say that's the point, either, but it's definitely a lot closer to the essential spirit of the whole thing.


Yeah, that's fair. Maybe I should rephrase to say it's a point. I could see someone arguing that forking is just a component of the deeper philosophical attitude about how people can use and distribute and modify code in general.

Forking is the/a point in the sense that I can't think of a version of Open Source that is still Open Source but that doesn't allow forking -- that allowing for forking is a deliberate choice, not an accidental one.


The essential spirit of "open source" or of "free as in freedom software"?

Because I don't think those two align as closely as many of the arguments here gloss over...


I was thinking more the former. I understand the latter as more of an ethical position, and it's one I'm not really familiar enough with to talk intelligently about...

Conversations like this are just sort of pointless, where one side says it's supposed to be this and the other replies no, it should be that, when really open source software is just a thing that happened. It's up to us to define an ethics around it and to decide how we interact with other actors in the ecosystem who might not have the same principles and goals.

To have a discussion about how it should work, to make subjective value judgments like the ones these comments are full of, we need better arguments than 'the license says it's fine, so on what basis can you criticize Amazon's and/or Elastic's conduct here?' or 'but that's not nice!' or 'Amazon/Elastic has $XXXM revenue so they are bad'.


I don't know what distinction other people make, but when I capitalize Open Source, I'm referring to Libre software, specifically of the kind that Stalman or the OSI would talk about.

Lower case open source is a term that I personally try not to use, specifically because of that confusion. I personally try to refer to that as source available or shared source when possible.


This is exactly the confusion I'm talking about.

Stallman and the OSI do _not_ agree on "Libre software" and "Open Source" - in a quite fundamental way.

"The terms “free software” and “open source” stand for almost the same range of programs. However, they say deeply different things about those programs, based on different values. The free software movement campaigns for freedom for the users of computing; it is a movement for freedom and justice. By contrast, the open source idea values mainly practical advantage and does not campaign for principles. This is why we do not agree with open source, and do not use that term."

https://www.gnu.org/philosophy/open-source-misses-the-point....


I know this isn't going to help, but:

When I use Open Source (capitalized) I am arguing for Libre software with the values Stallman is talking about. The point of disagreement I have with Stallman is this -- Stallman argues that using the 'wrong' word to describe Libre software risks corrupting the movement. I argue that using a generally accepted word to describe the movement, and culturally reinforcing the common understanding of that word as a subset of Libre (ie, not just giving up saying "Open Source can mean whatever the Mongo devs want it to") is valuable enough to override those concerns.

Stallman goes on to argue that the Open Source movement doesn't care about Libre software, and we should not align with that movement. I argue that a very large contingent of the Open Source community does care about Libre software, and it is worth advocating to the remainder of the community that Open Source software is Libre software and that the real ideals of Open Source beyond just source availability can not exist without the ideals of Libre software.

Stallman and I disagree about whether or not we should use the term Open Source to describe Libre software, but we don't disagree about what Libre software is. Even Stallman admits that aside from some minor differences, the official OSI definition is mostly in alignment with Libre software. What Stallman is really disagreeing with is with the PR strategy. And the reason I'm not going to try and separate those terms is because I explicitly disagree with him that his strategy in this specific case is helpful, and because I and many other people in the community want to continue to fight for the idea that Open Source needs to be Libre.

Part of the reason we use Open Source to describe Libre software is because we don't believe that Mongo or Elasticsearch have the right to decide for us what Open Source means, and we're not willing to drop the issue, give up all of the good will and public recognition we've built around the term, and just go use something else that the public doesn't recognize. Because if we do, and we have any success at all, then pretty soon proprietary companies will start to co-opt that term too.

I don't see any indication that confusion over what the OSI meant by the term 'Open Source' is the reason why Mongo felt emboldened to write a new license that took away user freedoms. Mongo didn't argue that Open Source was different from Libre, they attacked the very spirit of both movements by implying that their focus on 'sustainability' and 'fairness' was somehow fixing flaws in the OSI/GNU definitions and making their software even more free. If we were all using the term Libre instead, nothing about Mongo's PR strategy with the SSPL would have changed, they would have still claimed that their license was reinforcing the 'spirit' of Libre software.


Yeah, i get your point, but i'm thinking many in the dev camp didn't really realize the extent of this 'principle' as in 'people are nice kinda way'. I think this will only make OSS developers more aware about what kind of licencing they choose or choose to contribute to, one thing is to contribute to free software. But when others can live in mansions because of it, maybe not so much :)


Elastic forced the fork. AWS was contributing and complying with the license. Why should AWS not be allowed to make insane profits off open source?


AWS was entirely within their rights to do what they did. If Elastic wanted AWS to stop, they just had to re-license their software. Which they have now done. If AWS wants to continue to offer the latest version of ES then they simply have to comply with the new licensing terms. Nobody has done anything wrong or unreasonable, or “forced” anyone to do anything, though it was perhaps not in Elastic’s best interest to have offered ES under the original license.


The problem is that "their cut" of the profits was defined as precisely 0%, as per their original license terms.


> insane profits AWS is making

Do you have numbers on how much AWS profits from Amazon Elastic Search service?

Have you checked the profits from Elastic for their offerings?

Have you compared them?

How do you quantify "insane"?

Honest questions. Just a data person.


> that the people who actually did the innovation and the majority of the work get their cut of the insane profits AWS is making.

So legally open source but socially closed source/non-commercial use?


I'd phrase it backwards: these people think it should have the appearance of open source and get all the benefits (contributions from community, widespread adoption), but legally and ethically speaking it's closed source and they get to make all the money.

They seriously have this entitled attitude that because you used the free software project that they started, that now they're entitled to that money. It's patently absurd. Imagine if Linus Torvalds went around with that attitude, claiming he deserves to be a trillionaire because of the absurd amount of value Linux has produced. (And ironically Linux is a more restrictive license than Elasticsearch)


> contributions from community

Good point. When I willingly contribute to open source with no compensation, it's with the understanding that it's because my contribution is available to anyone under the same terms, I'm contributing to a "commons" open to all, willingly for the public good.

If anyone wants to use it for profit-making purposes, that's generally fine with me, because everyone can on an equal basis.

If instead the software is licensed such that one company has special rights to profit off of it that others don't... why would I donate my contributions for free to that company? Shouldn't I get a cut?


Your comment and the one you're replying to actually just changed my mind on this topic.

Up to now I've had a sort of knee-jerk response of "it's Elastic's software, they can do what they want", but I think you're actually right. They're reaped the benefits of open source, including free work from the community, and now they want to claim exclusive rights to profit off of it. It's basically the perfect example of wanting to have the cake and eat it too.

I love having my opinion changed. Thanks for that.


I agree, but I think there's many many shades of grey here.

Elastic (and Mongo and RadisLabs) are trying to do something new.

Linux, without doubt, "reaped the benefits of open source, including free work from the community," to the point where although the original release was 100% Linus's own code and arguably "Linus's software", these days to a first approximation _none_ of the code is "his". The percentage of the ~27million LOC that is "linux" these days that were personally written by Linus is effectively zero.

Elastic is a company paying 500-1000 employees who I suspect (but haven't checked) contributed the majority of the code rather than it being "free work from the community". (And their ability to relicense the code suggests that any community contributed code was contributed under their CLA which meant the contributors explicitly granted Elastic future rights to relicense those contributions, so it's not like the "community" can pretend they didn't know this was possible.)

I don't know that Elastic's business model will work. I don't think there's any guarantee that it will. Part of me kinda hopes it does, because I suspect that the business success of "company backed venture capital funded free-as-in-beer software" might result in more and better software being available to use - perhaps software on such a large scale that "scratch your own itch" motivations have insurmountable ramp up difficulties. I personally think the jump[ from AntiRez's "scratch your own itch" redis, to RedisLab's "Widely Fortune500 adopted and enterprise ready Redis" is not a thing AntiRez wanted to stick around and do. And the world _might_ be a better place for the existence of the non-OSI approved software under license like RedisLabs "source available" one.

It'll be interesting t watch this play out over the next decade or so...


Great comment.

Just to add a bit more nuance, I think we tend to focus a lot on community contributions, but IMO the biggest benefit of FOSS is not that; it's adoption.

Even if Elastic writes 100% of the code, by making it open source, they are promoting the widespread adoption of their software. A project with a non-free license or a custom license is a non-starter at many (most?) companies, or at a minimum requires talking to legal which is a PITA.

So, even with no community contributions, Elastic would never have been able to get to where they're at now - making $500MM in revenue a year and at a $15B evaluation - if it weren't open source.

Now just to be clear, Elastic is totally allowed to close things up now that they've reaped the benefits. The beautiful irony is that, when you close source after you've reaped the benefits, by definition you've also hit the point where it's now obviously beneficial for a company like Amazon to make their own fork and keep their AWS Elasticsearch cash cow going.

So, ultimately the community is totally fine. Indeed Elastic has been going down this road for a few years now, so it's actually a good thing for us that this happened. Better to have an amicable divorce early rather than a messy one later. But I can't help but point out that Elastic has broken its promises and misled the community - to their detriment more than to ours.


That is in fact exactly the trap door of open source -- you are QUITE WELCOME to switch to a non-opensource model once you've reaped the benefits, but guess what, anyone else is also QUITE WELCOME to make a still-open-source fork at the point you do that.

This isn't an accident, it's in fact the whole point of open source that people can make open source forks when the original authors decide to no longer do open source.

I don't think there's much 'amicable' about it though in this case at the moment.


> perhaps software on such a large scale that "scratch your own itch" motivations have insurmountable ramp up difficulties

I don't think that's true, at least for software such as Elastic, Mongo and RedisLabs.

There are a lot of big companies that benefit from those, and might want to invest it, despite not being their direct revenue driver.

See for example the Cassandra database released by Facebook. Or how Amazon is going to invest in their Elastic fork now. Or how Linux is funded by dozens of companies (IBM, RedHat, Oracle...)

Or pretty much any programming language: I haven't seen a programming language that's not truly Open Source (as in the compiler/interpreter + API) for decades.

The kind of software where it's not going to work is where it's solving a business need for companies that are not software companies: but Open Source isn't common in those fields anyway.


> Elastic is a company paying 500-1000 employees who I suspect (but haven't checked) contributed the majority of the code rather than it being "free work from the community".

https://news.ycombinator.com/item?id=25867682

Do they want to have their cake and eat it too?


If a company or a person wants to relicense their open source project, either they need to get permission from all its contributors to relicense their contributions, or the contributors already signed a CLA that allows for relicensing, or the contributors' code is removed entirely.

The "free work from the community" either was contributed under the terms of a CLA that allows for relicensing, or members of the community all agreed to relicense their contributions, or that free work was removed entirely.


There’s a bit more community contribution that just “code”. I have never contributed code to elasticsearch, but I have co-founded the Berlin ES meetup, before elastic, the company, even was a thing. The group was for some time one of the largest around. For a while, I was one of the most active posters in their IRC channel, helping other users with whatever issues they’d have using ES. I signed no CLA, I received no money nor do I want any. But I contributed my time in the understanding that we’re all working on something that benefits both ourselves and the wider community. That implicit understanding is now gone.


Why are you contributing to projects with CLAs if you disagree with their terms?


My interpretation of his point is that he doesn't and that many other contributors to Elastic might have made the same decision.


Indeed. I would have a hard time using something with a custom licence in my company, so there are definite advantages to Apache licencing.


I don't quite understand your logic here. Does he deserve to be a trillionaire? Maybe? Does Jeff Bezos deserve his whole net worth just because he acquired it legally?


It's like leaving your car in the middle of the road, keys in the ignition, and a deed transferring ownership to whoever holds it under the window wiper, then getting annoyed at someone driving off with it.


Sort of.

You’d have to add a replicator button to the car so you make a copy and don’t actually take the original.


Are Google and OpenBSD paying for their OpenSSL forks? Google, Apple, and Microsoft paying for WebKit?


>OpenBSD paying for their OpenSSL forks

Do you know that OpenBSD initially MADE OpenSSL?

But also

LibreSSL (the fork of OpenSSL)

OpenBGPD

OpenOSPFD

OpenNTPD

OpenSMTPD

OpenSSH



And Google did not initially made Blink.


But OpenBSD was never involved with OpenSSL (until they forked it).


Forgive me for expressing my frustrating for a moment here:

What is with this new generation of developers (I don't mean new as in young since I meet people in their 40s espousing these ideas), who make all these high-minded arguments about how evil it is to profit off of someone else's work, when literally that's what proprietary software is for. If you don't want someone to make money with your code, don't give it away freely, sell it.

Instead, what Elastic did was they made a beautiful piece of open source software, licensed under Apache 2.0. Because it was Apache 2.0, organizations were comfortable building Elasticsearch into their stacks because they knew that they couldn't get Microsofted. Additionally because it was Apache 2.0, hundreds of contributors who are not affiliated with Elastic submitted patches to their codebase.

Elastic used its position as an open source maintainer to grow Elasticsearch to be one of the most important pieces of software in the world (nowhere as important as linux or arguably lucene but still in the top echelon), and then once it did that it decided to lie to the community, pull the rug out from under them and switch to proprietary.

Now to be clear, I actually think this won't even make them more money, it will just hurt their brand image and incentivize high-quality Apache 2.0 feature-rich forks, so really it's just an absurd blunder. But I am so unbelievably frustrated that people keep espousing this reverse entitlement attitude that you espoused here: the idea that an open source vendor gives away their software for free, intentionally, so that they can benefit from the community and vice versa, and then suddenly now somehow I'm an asshole if I've been operating a service that uses Elasticsearch. It's completely backwards logic.

To put it another way, as an open source maintainer, you don't owe anybody your time. You are free to tell the people opening github issues and bug tracker tickets to go fuck themselves. But similar, nobody owes you anything, so if you yell at someone using your free software for commercial purposes, now you're being the entitled asshole. They don't owe you any money.

You people seem to think open source just means "source available". It's SO MUCH MORE than that.

[/unhinged rant]


Were you an ES contributor who feels betrayed, or are you speaking more hypothetically?

I was just a free ES user, and feel fine with all of this. I don't see a bait and switch, I see a fundamentally changed market compared to 10 years ago where a business model that was perfectly reasonable is now very precarious in the face of the major cloud vendors, and a desperation move to protect their business, not some grand cynical plan.

If I needed to submit a patch I'm not gonna care about the project being "truly" open source vs just source-available.

But the more these "allowed" but kinda-dirty-feeling things happen, the less likely I am to choose a "true" open source license for any projects I may start...


> If I needed to submit a patch I'm not gonna care about the project being "truly" open source vs just source-available.

Really? Everyone's cares are different, but I don't like contributing my time and programming output for free to proprietary software, for it's owner to make money off my work.

I don't mind contributing to open source, where anyone can make money off of it with no special privileges to some. It feels like contributing to a commons.

But contributing to proprietary software without getting compensated feels like getting taken advantage of to me.


I've made very small contributions, irrelevant in the scheme of things. I've also run decent-sized Elasticsearch clusters (~10-20TB total store).

When I speak of betrayal I'm more speaking in the general sense that under my value structure, it is immoral to lie to someone or to break promises, which is what Elastic did. They told people they would never make the Apache 2.0 code proprietary, and then they did it anyway. For a shitty reason at that.


A lot of engineers I’ve observed are increasingly far removed from sales, marketing, and ultimately, their customers.

I also think the world (particularly technology and laws) is a complicated place with a lot of history. The old timers tend to appreciate this a bit more. There’s a book out there about the “Death of Expertise”. People think they can learn a complex domain from some questionable YouTube videos and maybe blog posts or a book. They decry the experts. In fairness there are also a lot of charlatan experts out there.

Combine the two problems, and it is an opening for “outrage bandwagons” to form that claim to simplify the matter without actually understanding it. And companies try to exploit this comprehension gap to fulfill their agenda.


> "Elastic used its position as an open source maintainer to grow Elasticsearch to be one of the most important pieces of software in the world (nowhere as important as linux or arguably lucene but still in the top echelon), and then once it did that it decided to lie to the community, pull the rug out from under them and switch to proprietary."

Hmmm.... is that what happened or did AWS usurp Elastic's main stream of revenue providing an enterprise cloud platform, and in response they changed their licensing in an attempt to protect the viability of their company while minimizing the impact on contributors to the framework.. As I understand it the only prohibition of use is to offering the software as a cloud-hosted solution of the software itself.

You may disagree with this strategy, but I think you should also explain another way for companies that develop these frameworks to be financially viable. Because I think there is an issue of how people can sustain a business centered around open source.


So one reason I choose open source is precisely because of the legal guarantee that there will be comptetition in providing services based on it.

If I become dependent on it, one company can't control the pricing of people offering hosted services, because it's open source, nobody needs their permission to host it. "vendor lock-in" does not exist with open source.

If that was incompatible with ES's business model for a main stream of revenue, as the project IP holder they are welcome to change their license terms.

But what they're saying is that open source was incompatible with their business model.

It is what it is, but users clamoring for the ethical superiority of vendor lock-in and thinking that's somehow open source values is... weird to me.


It is a fair point


Last I checked, sustaining a for profit business wasn’t a guaranteed right. It’s called competition, and plenty of companies fail.

If you can’t sustain a business around open sources, then don’t be open source.

Elastic chose to close their source but are now lying about it to make it look better than it is. AWS is releasing an “actually OSS” fork - totally inline and allowed under permissive OSS - and is somehow unethical? The mind reels.


> AWS is releasing an “actually OSS” fork - totally inline and allowed under permissive OSS - and is somehow unethical? The mind reels.

Yup. This mentality drives me absolutely insane. People seem to regurgitate whatever propaganda fake-open-source-company-X tells them.

Sorry, I'm not going to feel bad that the $15B company that built their business off the backs of open source - which is totally fine - is upset that another company is competing with them. And the biggest irony is, Amazon's not eating Elastic's lunch, they're both eating respectable lunches. Elastic's built a great business, which they are now doing their best to ruin as quickly as possible.


Having "open source" vs "source available" or whatever you want to call the new license isn't a guaranteed right either, so if there's no problem with the one then what's the problem with the other?

Would you prefer more software to be released openly or less? Cause if you're making moves like Amazon did with their ES service, you're pushing the world towards "less."

I'm not too concerned with this, but it's strange to me that people are both trying to keep OSS licenses "pure" and advocating that companies release less of their code in the first place...


I would prefer that companies stop abusing their communities by leveraging them and then discarding them when they have enough power to do so.

OSS was never about source availability - that’s just a form of cheap escrow and has fairly limited value. Open source is about user freedom to do whatever they want with the software - guaranteed freedoms.

This isn’t about “purity”, it’s about using a label on the tin that says “FREEDOM INSIDE” and then peeling the label off and telling a subset of users to pay up or give away any software code you’ve ever used to touch my software. We used to call that a “bait and switch” to be polite , though really it’s more like a shakedown.


Next time, go commercial from get go.


do you think that would have hurt adoption from the get-go? How about ability to get unpaid community code contribution?


Sure it would be harder, but that is life, hard and made of options.

I have been there during the first .com wave, so I know how hard it was, including what happens when the money stops flooding in.


> As I understand it the only prohibition of use is to offering the software as a cloud-hosted solution of the software itself.

You very profoundly and deeply misunderstand what the SSPL actually says, which is understandable because Elastic have helped promulgate this misinformation. Please go read the license. It is not straightforward, it's very vague and exposes an organization to enormous uncertainty. If you don't want to read the license itself, then start with https://anonymoushash.vmbrasseur.com/2021/01/14/elasticsearc...

Additionally, organizations that commit to running free software, are forced to drop Elasticsearch now (or more accurately, they're all going to just run the best fork of 7.1.0 and call it a day). So Elastic's statement that it doesn't impact users is just a complete lie.

Finally, this whole discussion is irrelevant because the license change won't actually protect Elastic's business. Amazon is going to behave no differently, except that now they have a better codebase to work with because they don't need to worry about Elastic rejecting pull requests that cannibalize their proprietary features.

> You may disagree with this strategy, but I think you should also explain another way for companies that develop these frameworks to be financially viable. Because I think there is an issue of how people can sustain a business centered around open source.

Absolutely not, I refuse to explain that for you, because you're reversing the responsibility here. If you want to build a company around giving away software for free, you better have a way to monetize the giving away of the software for free. There's plenty of strategies to do this, such as the famous "Commoditize your complement", OR you can be a redhat and sell enterprise support, OR you can be elastic and sell cloud services.

And guess what? Elastic HAS built a more than financially viable business with Apache 2.0 licenses. They pull in $500M revenue per year, with 40%+ y/y growth. They're valued at $15B right this moment. And you seriously believe that this organization is on the verge of bankruptcy?

Do the math, you're being tricked by a dishonest company. A company that so many of us had respect for until they started down this path a couple years ago.

And for the love of god, I implore everyone in this thread, please give up the whole "won't somebody think of the poor company?" argument. Open source is not a business model in and of itself. It never has been. If anything, the rise of these companies that build their brand image around being open source and then re-license to proprietary as soon as it's convenient is the literal problem. They're polluting the whole spirit of open source, which was always "I'm giving this away freely, and I don't ask for anything in return except you can't infringe my trademark" (for apache 2.0). You guys have the open source mentality totally backwards.

And don't get me wrong, I'm an AnCap. I'm as capitalist as it gets. So I'm not criticizing the mentality out of some misguided hatred of private ownership; rather, all I'm saying is if you talk the talk you better be prepared to walk the walk. All these entitled companies that make their software successful BECAUSE it's open source and the community feels safe building stacks upon it, and then clutch their pearls when someone else makes money from that software, are totally absurd and should be laughed at.

Sorry for the rant, I drank too much coffee today. But for the love of god, can't you see how, ethics of lying to the community aside, this licensing change doesn't even help protect Elastic's business interests, but rather just strengthens their competitors?


> but I think you should also explain another way for companies that develop these frameworks to be financially viable.

Ironically, it is exactly Amazon that seems to be demonstrating a way to develop an open source ElasticSearch fork and be financially viable, right?


If becoming one of the most valuable companies in the world in an adjacent field and using that to fund an open source SaaS is a demonstration of a financially viable open source business; we're in trouble.


Going from the frankly insane pricing for managed ES on AWS (we tried it, were happy with the service and massively disappointed in the pprice, now manage our own on AWS), Amazon makes enough money from the SaaS to fund it.


How does the price compare to other managed ES including from the ES founders?

If it's super non-competitive high, it is even more curious they seem to see it as such a threat. I'm becoming increasingly unsure if they actually see it as a threat, or if it's just like "nobody should be able to make money from our open source without giving us a cut".

Or is it just that all managed ES seems too expensive to you?


> Elastic used its position as an open source maintainer to grow Elasticsearch to be one of the most important pieces of software in the world (nowhere as important as linux or arguably lucene but still in the top echelon), and then once it did that it decided to lie to the community, pull the rug out from under them and switch to proprietary.

Maybe I'm missing something, but I don't really see the sense in the "pull out the rug, it's not OSS" anymore. Sure, I agree that The Open Source Definition doesn't encompass something like the Elastic License, but :shrug:

Who exactly is having the rug pulled out from under them? AWS? As they very clearly state in the article: "When AWS decides to offer a service based on an open source project, we ensure that we are equipped and prepared to maintain it ourselves if necessary" (presumably because they understand that the license could change, or the maintainers could just stop maintaining).

It seems like it made good business sense for Elastic to switch licenses, and it's not really clear to me who would (for business reasons, not philosophy) switch to solr/other just because of the license switch.

It also makes perfect sense that AWS would release an apache-licensed fork - they have serious monopoly power - they con offer this service cheaper inside AWS, and the integrations can be smoother/better.

So really why be mad at either party? They both made good business choices it seems to me, maybe elastic will end up loosing out, but if that happens, I can't imagine that staying on the apache license would have saved their bacon.


> It seems like it made good business sense for Elastic to switch licenses

It actually makes incredibly bad business sense for Elastic to switch licenses, because they won't get any more revenue as a result and have now forced a high-quality Apache 2.0 fork.

> Maybe I'm missing something, but I don't really see the sense in the "pull out the rug, it's not OSS" anymore. Sure, I agree that The Open Source Definition doesn't encompass something like the Elastic License, but :shrug:

Well, they explicitly promised that they would stay Apache 2.0 licensed, which was a lie. And they're no longer open source software. So yeah that's a big deal in my book.

> Who exactly is having the rug pulled out from under them? AWS? As they very clearly state in the article: "When AWS decides to offer a service based on an open source project, we ensure that we are equipped and prepared to maintain it ourselves if necessary" (presumably because they understand that the license could change, or the maintainers could just stop maintaining).

I wasn't referring to Amazon, I was referring to the community overall. And don't get me wrong, the community will be fine because we'll have high-quality forks. I'm just pointing out the scumminess of what Elastic did for the company that claims to be the little guy getting exploited.

But they absolutely did pull the rug. Or as a better analogy, they shut the door behind themselves.


I think the fact that you've been downvoted only validates your point. I agree that I think the idea of "open source" has veered so far away now from Free Software ideals that this is the only reasonable outcome, even if it was not desired. The Open Source vs. Free Software people kept saying they were fundamentally the same but one was more palatable to commercial entities, but the (granted, not the most pleasant) "free software fundamentalists" called this outcome a mile away.


How so? If the licence permits free copy/fork/whatever it's all great to expect some return but surely it's not guaranteed?


Why Elastic and not Lucene or OpenJDK ?


They already have fork of OpenJDK (Amazon Corretto)


Corretto is not a fork, but a distribution.


Which is perfectly alright, there are plenty of Java implementations, including full commercial ones, just like with ISO languages.


Money


Amazon is doing all of the work of buying servers and hiring skilled professionals and setting up instances of Elastic and automating it so that you can easily rent a server to run it.


I agree. What Amazon is doing is clearly legal , but it also clearly violates cultural norms about fairness. I don't know much about the Elasticsearch team or company, but from a 50k ft view it seems like Amazon could and should throw them a couple mil, at least out of pity.


They probably offered to throw them a couple of million dollars to avoid the hassle and the bad PR, but ElasticSearch is worth a lot more than that.


Because an 800lbs gorilla is trying to crush an open source project? They could've come up with some agreement to oem Elastic and they both could've benefited. Instead they decided to just build a competing service at the expense of Elastic. It's the same reason most of the community had no time for Oracle forking RHEL.

>AWS contributes improvements to the project.

Per a poster below, 9 PRs out of 41,000 (I haven't verified). For a company the size of Amazon, unless it was one heck of a PR that's basically nothing.

*Correction after looking a bit closer, I think Amazon has submitted at least 600 PRs, they only listed 9 in the blog post. That's better but it still doesn't change the fact their business model doesn't allow the companies they're building on the backs of to have a sustainable revenue stream.


Someone at Elastic didn't do the math on this. Amazon can easily fund developers, they just didn't because they didn't have to. Now that the gorilla has been enraged woe to the thing that pissed it off. We'll see if amazon actually contributes to the new fork. The fact that amazon is in a better position to make money off of open source software is part of the calculation that startups should be making if they are writing open source software, especially if their moat is a proprietary shim that any of the big providers could rewrite in a month if they cared. Adding a rider to your open source that says "oh, and only the original authors at this one company are allowed to implement those shims" may play well with the HN crowd, but it isn't open source anymore.

I will also note that is clearly not enough competition in the cloud provider space, if there were more competition then elastic might be able to make money from the platform providers by implementing ES for each platform as you suggest.


> Now that the gorilla has been enraged woe to the thing that pissed it off. We'll see if amazon actually contributes to the new fork.

Elastic loses nothing by pissing off AWS, this was clearly the right move. AWS has contributed very little to the project so far, so if they took their toys home in a huff it makes no difference to Elastic. And if AWS does contribute significant development to their new fork, Elastic is free to copy any worthwhile commits into the official repo under the terms of the license Amazon has released their fork under. The only thing Elastic is going to suffer for this is some people whinging on HN about whether or not it’s “really open source” anymore.


Just curious, have you ever operated Elasticsearch at scale? I haven't operated at the petabyte level but I have at the terabyte level, and everything I've seen tells me that this move is going to hurt Elastic immensely. They've forced Amazon to create the Elastic equivalent of postgressql/mariadb/jenkins ci.


What downside exists for Elastic from making this change? If AWS makes valuable contributions on their fork, Elastic will absorb them, but the converse is no longer true. If the downside is that the AWS hosted ElasticSearch service will become successful, well, that was happening anyway before the relicensing.


I don’t see a path for absorbing and relicense. Especially if the core code method signature diverges in the future. It is going to be a lot of trouble for Elastic to absorb non-trivial contributions from the fork.


Aws has an advantage of the manpower. They can easily move ahead of origin and ES can never catch up.


> Amazon can easily fund developers, they just didn't because they didn't have to.

Disclaimer: worked at AWS.

Yes, Amazon has a vast number of engineers. They also have a vast need for engineers.

So they have to make a business case to continue to fund engineers, and I don't think one exists for the type of development we're wanting.

To be clear, there is some development they could justify.

If they are replicating new features that Elastic releases, so they're not falling behind the market, the business case is retaining customers. But that's playing catch up.

If new features optimize the service, the business case is being able to advertise lower TCO, which attracts customers. That could be quite beneficial, but there's usually not a ton of optimization you can do.

There is a business case for new features that increase integration with other AWS services. That increases customer usage of AWS. But AWS is so proprietary this would likely be useless outside AWS.

So none of that, I think, is the development people are looking for.

What we'd want are features a software business develops to differentiate their product in the market. If the features go into the open source version, however, then by definition they aren't differentiating.

This is the key business contradiction in AWS trying to fund open source development.

Maybe I'm missing something and they can make the business case for continued differentiating feature development. So, I'd say I'm wrong if after two years we're seeing such features being released to the commnuity.


> Amazon can easily fund developers, they just didn't because they didn't have to.

Looking at the various projects at https://github.com/opendistro-for-elasticsearch/, the most prominent ones seem to only have a handful of somewhat active developers, almost two years after launch.

If AWS hires a lot of people to work full time on their ASL2-licensed Elasticsearch and Kibana forks, then ... that's not necessarily _just_ bad for Elastic? I doubt Elastic execs thought AWS would just fall over and discontinue something that's probably billions in revenue at this point. If AWS actually starts contributing code beyond trivial bug fixes, code Elastic can legally fold into their own Elasticsearch (via the ASL2-licensed fork) if it's good enough, then ... good for both?


Apache 2 license doesn’t allow you to relicense. So absorbing changes from AWS’ fork won’t be clear or easy as many in this thread suggest.


Apache 2 license explicitly does grant the right to sublicense. See §2.


Honestly I don't know how that works. My understanding is that you cannot move existing ASL code under a different terms other than ASL unless you are the copyright holder. All modifications you done can be subject to whatever terms you liked. This seems to match what they said http://www.apache.org/foundation/license-faq.html#Distribute...

I think this important bit is sublicense v.s. relicense, where in sublicense case, you have to retain the original terms carried for the original code.

Now, Elastic relicensed the whole software stack under SSDL. So to integrate any parts AWS done, they need to license Elasticsearch back to some mixture of SSDL and ASL, which would be weird.


"Amazon can easily fund developers, they just didn't because they didn't have to"

That may be true for a few OSS projects, but if they were forced to do that for ALL the projects they're profiting from the math would probably not look as simple.


Of course Amazon will contribute to the new fork. They have many thousands of paying customers who have little incentive to switch, for better or worse. The only thing that might actually call for a migration is a significant decline in feature development.


Your argument illustrates the hard fact revealed by the Parler ban. No, Amazon isn't a monopoly (I'm using an Elastic cluster on Azure), but they wield influence as though they were.


> The fact that amazon is in a better position to make money off of open source software is part of the calculation that startups should be making if they are writing open source software

So what you're saying is people shouldn't work on open source projects. That's essentially what your statement boils down to.


No, it's a fair thing to consider when you're creating a business based on a project that can be forked, that someone with more money and resources than you can fork it and run you out of business.

That doesn't mean people shouldn't contribute to open source projects.

I should point out too, most companies actually can't afford to fork and take over projects. At $PreviousJob we wrote proprietary software but used open source software (for example Intel DPDK). If DPDK were to suddenly switch their licensing, we would never have the resources to maintain something like that long term. So just because it _can_ be forked and "taken over" by another company doesn't mean will. It most likely won't.


Elasticsearch isn't two scrappy guys in a garage writing code out of the good of their hearts. It's a VC-backed $15B company which now needs to make money.

Open source is the last thing on either of the two gorillas' minds.


You’re confused. This isn’t about crushing an OSS project: it’s about ensuring there actually IS an open source project.

What Elastic is doing with its licensing is not open source.

You might argue that if Elastic Inc dies then the project dies, but then it wasn’t a very robust project.


It doesn’t seem unreasonable to me that a project would die if it’s original developper community dies. Some projects survive that shift, but it’s the exception more than the rule.


Source? I'm only seeing a single digit number of commits from Amazon emails out of ~57k total commits:

elasticsearch $ git shortlog -nes | grep -i 'amazon'


disclosure: I work at AWS

You're not required to contribute with your amazon e-mail address, and I see a lot of people who don't due to inertia or because they want to avoid tying their identity their employer.


Agreed it's not perfect, and that's why I included my methodology and asked if anyone has a better source since less substantiated claims are being quoted:

https://news.ycombinator.com/item?id=25866653


I believe I was incorrect, one of the contributors I thought was an Amazon employee that I was attributing commits to isn't.


Elastic isn't an open source project after the license change.


An open source product with a market cap of $15B.

Neither party is going to come out of this smelling like roses, but ES is hardly a tiny upstart barely able to get by.


Popular OSS licenses were designed in an era to allow direct customers (businesses) to directly install and use the software, and redistribution means only distributing the package.

Nobody at that time knew or predicted that SaaS (let alone cloud computing) would be a thing, that large, profitable middlemen will directly host the software, pass through just the API, with zero customer exposure to the running instance.

AWS taking advantage of this — yeah sure it may be legal, like how business lobbying senators for obvious policy hacks is legal — but doesn't mean it's fair or acceptable. It's totally OK to call them out here and not reward them for it.


> The first version of the Affero General Public License (AGPLv1), was published by Affero, Inc. in March 2002

Stallman strikes again!


The AGPL was a good attempt but it seems that it too vague. For example even Google, with its teams of lawyers doesn't feel comfortable using it for any purpose.

https://opensource.google/docs/using/agpl-policy/

It appears that they are concerned that it may be argued that if for example YouTube uses an AGPL DB that they would be required to release YouTube under AGPL.

I'm not saying that the interpretation is correct, but if companies can't be sure they won't use your software.

And to be honest IANAL but their interpretation seems reasonable to me. If you put Mastodon behind NGINX I think it is fairly easy to argue that the user is "interacting with it remotely through a computer network". So now if you have a theoretical AGPL Elasticsearch and your site sends the user search query to it and returns the user the results it doesn't seem clear that this is a legally meaningful difference. I certainly wouldn't want to argue that in court. I'd just use different software.


Stallman will break all sorts of records for being “the most annoyingly correct forecaster of computer trends with the less affable personality ever”.


Then Elastic should've come up with a non-Apache-2.0 license at inception.

Licenses exist for a reason. The onus is on the person choosing the license to choose one which aligns with their intentions. You cannot and should not expect downstream consumers of the software to confine themselves to some subset of the actual license's allowed activities just because it's the "nice" thing to do (as of course this assumes morality is in any way objective).


They made a mistake with their original licensing, and now they have corrected it. The comments on this post seem strangely invested in Elastic not fixing their mistake.


Did they made a mistake? It looks to me that they took advantage of Splunk being proprietary. Not many people would use closed Splunk alternative. So they have made an open alternative and everyone loved it and this is what created the community and made them popular. Then they started using their position to force people into their proprietary Basic package because there was no security in the OSS version. That caused many data leaks from unsecured Elastic clusters. Can you imagine MariaDB not having any security by default? Or nginx without ACL? I never cared about Machine Learning, APM, SIEM and their other "products". Then they released "basic security" which was not open and was still pretty limited (e.g. not supporting OpenID). Elastic is big now, listed on the stock exchange so I understand they have to listen to their shareholders. While I don't like Amazon business and I am not their customer, I actually welcome this attempt to finally make a basic usable Elastic really open!


Right but "who is wrong" is what the disagreement is about, and if Elastic made the mistake then arguably it is them who are wrong.

In contrast, a number of people here are acting as if AWS is totally in the wrong. But the only wrong here is Elastic making the mistake and then acting as if the whole thing is AWS' fault. No, if you license your software improperly that's on you, not anyone else.


Does it need to be a binary thing ?

Elastic made a strategic mistake, and Amazon made the jerk move that was open to them.


What about Elastic making the "jerk move" by switching the license under Amazon?

Amazon built the product with the hope that it would continue to be developed with that license. What are they supposed to do with the license change? Just accept whatever Elastic said? I don't think you can blame them for taking the last version where they agreed with the license and continue to use and develop it. Sure, maybe making it open is a bit of a jab back, but even in isolation it makes sense for them.


> What about Elastic making the "jerk move" by switching the license under Amazon?

They’re also switching out the license under everyone else. It’s maybe notable that elastics cloud offering was acquired at some point (it used to be found.io). I used to do elasticsearch consulting and I could name a few customers that will now have to reevaluate their product.


I don't see how AWS is being a jerk.

They're a hosting company, they're hosting open source software and they're doing it well.


What open source license would prevent someone from capitalizing on your project?


No open source license prevents people from capitalizing your project. Adding a non-commercial clause to an OSS license makes it not comply with OSS anymore.

Preventing companies from hosting the software with propietary changes can be done with licenses like the AGPL, but again, the objective is not to disallow commercial use, but rather to force the source code to be available for the users of the software.


None. That's... kinda the point of OSS.


And frankly, I don't even buy the morality argument. It is a moral good to provide value to customers such that they voluntarily choose to give you money in exchange for that value.

These people have this bizarre fusion of capitalist and communist reasoning, I really can't reconcile it. On the one hand they seem to think profit is fundamentally evil, but on the other hand they seem to think the problem is that Elastic isn't being allowed to monopolize all the profit.

Well, which is it? Did Elastic release non-restrictively-licensed free software out of the goodness of their hearts, giving it away with no expectation of a return? Or did they create this codebase purely for profit, and thus have no claim to moral highground? It's all so silly and childish.

And the biggest irony is, Elastic is already a successful business. They're trying to pretend their business model is not viable as long as Amazon keeps operating, which is just gaslighting.


> Nobody at that time knew or predicted that SaaS (let alone cloud computing) would be a thing

I'm not old enough or experienced enough with computer history to seriously argue about this, but this statement sets off some alarm bells for me.

My understanding is that extremely early on in computing history, especially early in the Internet era, people were thinking about SaaS. We had shared terminals, Sun was even trying to turn remote VMs into a feasible business model. I am very skeptical of the idea that Open Source developers never considered that someone might want to sell computer hosting or provide API access to a virtual environment.

I mean, doesn't the whole problem with modern Linux security stem from the fact that it's user-specific; that it was designed around this idea that it would be running on a server and accessed by a bunch of different user accounts & terminals? It was personal computers that were the surprise, not shared hosting and remote terminals/APIs.

Am I off base here? This doesn't square with how I understand computing history.


Let’s leave alone for a moment the fact that the most permissive licenses (BSD, MIT) were not really designed, as much as they appeared out of historical accidents as a “just don’t bother us” device...

When it comes to licenses that were written “with a plan”, there is a charitable reading and an uncharitable one.

The charitable reading is that, back then, it was assumed that every computer user, local or remote, would have access to a compiler; and that any user would eventually learn how to operate a compiler, hence making it obvious that they would want to mod and compile the software they ran. And then they saw the licenses worked well enough to develop an ecosystem, and more or less left it at that (unless explicitly threatened, as they did when reacting to freeloading trends in embedding with the GPL 3).

The less charitable reading is that they left the door open precisely because they knew it ensured demand for service providers and system administrators (which many of the original “foss hackers” were, in their day job).

In any case, I don’t think anyone would have predicted they would become so dominant; everyone just assumed the big commercial vendors would be around forever, and FOSS would always be the underdog ecosystem; hence, leaving certain activities commercially unburdened would have always been somewhat necessary.


Cloud computing is a very slippery term to pin down.

If you think about it the usage is best described tied to a an era of pay as you go services launched in the first decade of the 2000's.

There's otherwise not that much in common between Google Docs, pay-as-you go VPS/VM, Kubernetes, platforms like GCP/AWS, and Dropbox.


By your reasoning Linus Torvalds should be getting a cut of any money made on a linux host.


Ignoring that Linus himself isn't particularly software freedom-y (I think he, entirely and provably correctly in my view, firmly believes in open source as a way to achieve good software, but the freedom angle isn't as important as for someone like Stallman), Linux being GPL is arguably the reason why it dominates - any changes worth talking about to Linux get propagated publicly and openly, as opposed to if it were under a permissive licence.


Not exactly the same. As I mentioned in the comment, you have direct access to the Linux OS when you host. Open as in access to the underlying OS is open. You can configure it, install packages that you want, etc.

When you run AWS Elasticsearch, you have no access to ES instance. You can't configure it, you can't add your own plugins. You are no longer a user, you are just a consumer of the UI/API, even when the primary product is still called Elasticsearch.

Big difference.


When you run code on a lambda or a serverless VM you never see the OS either.


but that is a feature of their offering. You are comparing apples to oranges here.


Interpreting your point to be "If it's legal, it's automatically acceptable", I can offer you clarity on why some people are coming down on AWS here:

They feel that Amazon's decision is unacceptable for whatever reasons, regardless that it is permitted by law.


I think "it's legal but not necessarily moral" is a bit of a dodge.

It's not just legal. It's explicitly allowed behavior according to the license that Elastic chose. This isn't like "yes it's the law but some laws aren't fair!". The only laws that are coming into play here are basically ones which say "you made your bed now lie in it".

Elastic explicitly said (by choosing a license) "you can do X with our software!" and now they are mad because... someone did X with their software?

If the Apache license allows morally unacceptable behavior... why did they choose that license?


Indeed. And it's not like an accident, I'd say it's totally part of the original intention of these open source licenses that anyone in the world has an equal right to profit off the software, nobody monopolizes that. That was part of the intent of open source licenses such as apache, consciously designed.


Morality is not enforceable through software licensing, nor necessarily enforceable at all.


If the moral behavior can be agreed on, surely it can be stipulated?


Fundamentally, these people do not believe in the core principles of capitalism, such as the notion that free trade makes both parties richer and that profit is not an evil but a necessary and healthy phenomenon. Thus because Amazon is a huge company, they view it making profit as fundamentally evil. They've also basically been brainwashed to think that the word "monopoly" means "any time a large company competes in the same market as a smaller one".

Which is ironic because, they also at the same time believe that Elastic is entitled to all the profits, and wax philosophical about "but how will any company be built around open source if we don't carry Elastic's water for them?"

It's just all so farcical.


> profit is not an evil but a necessary and healthy phenomenon

I'm actually going to disagree slightly here. Making profit is not necessarily healthy, generating value and capturing a fraction of that value as profit is though.

Our system is complex enough at this point where you definitely can and do have entities that are capturing more value than they are delivering, and that is immoral (imo). In that light, profit definitely can be evil.

However it is certainly not always evil, and I don't think AWS' actions qualify in this case. They are delivering value to their customers, and they are capturing a fraction thereof.


There's nothing unethical about "capturing more value than you deliver" (well, assuming I understand you right; I'm interpreting that to mean side A gets say +10EV and side B gets +100EV). In free trade, both sides benefit; that's why they freely chose to trade with each other. It is a myth that one side can unilaterally benefit at the expense of the other side. So if you actually meant "it's unethical if the consumer is coming out of the transaction worse than they came into it", that can't happen under a system of free enterprise. (To the extent that you think it's happening, you are making a value judgement that a certain side is irrational or stupid to perceive a trade to be valuable)

Now, there are absolutely cases where there is unethical profit, but (under my worldview, at least) those are all cases where the state gives a company a special advantage, or literally gives it money. So, the following is unethical:

- bailouts of corporations ("corporate welfare")

- government providing an exclusive monopoly to a given company

- government de-facto forcing someone to buy a product due to coercion

The following is not unethical:

- making a product, offering it freely for whatever price people are willing to pay


> It is a myth that one side can unilaterally benefit at the expense of the other side

While true in a simplistic sense, this is generally not true when you have a society / economy as complex as ours.

Partly this is due to perceived value vs "actual value", and to me a business is only moral (obviously businesses can't really be moral, so what I'm really saying is "the only businesses that should exist") if you actually believe that what you are delivering to the other party is more valuable than what you are costing them, so that it is actually a win-win. Generally this is hard to measure, but I can provide some examples of when this is pretty clearly not the case.

1. Get rich quick schemes. Things like online courses that tell you how to make boatloads of cash by doing X. Except they don't actually work, so the value to the purchaser is effectively $0, while what they paid for it is certainly not.

2. A larger scale example: the collapse of the housing market in 2008. This is a better example of effects from the complexity I mentioned earlier. A significant part of the crash can be attributed to CDOs/MBSes. Long story short, banks were doing some repackaging shenanigans to make something that was shit look less shit. Any honest accounting will realize that this provided zero real value. Yet the bank's were getting rich off it. That certainly sounds like capturing (>0) more value than you are delivering (0) to me.

That is the kind of behavior I'm talking about.


>Thus because Amazon is a huge company, they view it making profit as fundamentally evil.

It is very unfortunate that this is the modern day main stream view of Open Source and Tech sector in general. Especially in Silicon Valley.

And it is funny because Tech is also the most profit making industry. And they are also earning Top End salary.


Is it not consistent with a dislike of Microsoft's Embrace, Extend, Entinguish approach?

While what AWS is doing is (probably, IANAL) within their legal rights, it's arguably immoral because it is basically saying, "We love this project so much we're going to build it into a different direction and charge people to access our version." Which, given AWS's widespread adoption, puts the OS version in peril.

Edit: Thanks for pointing out that AWS will be releasing the code under an Apache 2 license. That does change my opinion somewhat, though I'll leave my original comment for posterity.


> it is basically saying, "We love this project so much we're going to build it into a different direction and charge people to access our version."

No, you won’t be charged to access their fork on Github. If you want them to host your Elastic or Kibana service you’d have to pay for the service, but that’s not related to access to the Apache licensed source code.


It's not. Sure, Amazon is continuing to charge for their existing ES managed services. But they're open sourcing the project behind it. So quite the opposite of what you've said. You can access this open source version of ES free of charge (once it's release on GitHub."

From the article:

"Our forks of Elasticsearch and Kibana will be based on the latest ALv2-licensed codebases, version 7.10. We will publish new GitHub repositories in the next few weeks. In time, both will be included in the existing Open Distro distributions, replacing the ALv2 builds provided by Elastic. We’re in this for the long haul, and will work in a way that fosters healthy and sustainable open source practices—including implementing shared project governance with a community of contributors."


> charge people to access our version

Aren't they sharing the fork? Sounds more like "we like it but its no longer free to use, so we're making it free. btw you can pay us to host it for you"


Using any AWS extension or hosted service that isn't immediately replaceable is a really stupid move.


The real problem is that WE, as a community, demand certain licenses from the tools we use. If Elasticsearch didn't have such a permissive license, we simply wouldnt have used it, it wouldnt have become popular, and there would be no demand for AWS to provide it as a managed service.

So is ES to blame for having a permissive license? Or is it AWS for making it trivial to use? Or are we to blame for dismissing any license that isn't OSI approved (and even then, we still snort at things like Affero GPL!)

IMHO, if there IS a "bad guy" in this situation, its us...


Forgive me, which part of [1] even mentioned Profits, Revenue, Business Models, CopyLeft ?

And which part of the same article ever said Elastic are not OK with Amazon providing a Services using their Open Source Software? Which they are legally allowed to do so with Apache 2.0? They even mentioned and I quote:

"We collaborate with cloud service providers, including Microsoft, Google, Alibaba, Tencent, Clever Cloud, and others. We have shown we can find a way to do it."

What they are not happy with was the TradeMark. Amazon usage of that Trademark to mislead customers and this isn't some recent things either. It has been going on for 5 years. ( And yes the court should be used to settle that. )

So majority of HN; including its previous threads with 1000+ comments, is basically making allegation that Elastic is making the changes because of their Business Model. Until that can be proved, allegations remain merely assertions.

But right now it is being stated as Facts. And it is now being spin into ethical debate.

And I was under the impression, should Amazon be forced to fork it, which they did as announced, would have to use a different name. Instead they choose to use ElasticSearch again.

[1] https://www.elastic.co/blog/why-license-change-AWS


If the dispute is with AWS abusing the trademark, license change is an exaggerated punishment that harms many others besides AWS itself.


What is the point of the license change then? AFAICT the software license does not affect the trademark, so the only effect of this change is to disallow hosting ElasticSearch as a service.


Understandable, because a lot of people open source their code under a permissive license because it’s a cool thing to do, not because they understand what truly open sourcing their code means.


I don’t think VC-backed startups do that. They open source code because open source materially benefits adoption and mindshare, which grows the potential market for services, and that’s how they end up with big valuations selling premium services on top of their open source core.

Of course, sometimes they get mad that this also enables other people to sell premium services on top of the open source core, and sometimes those other people can make more money because they are major incumbents that integrate other offerrings. But that doesn’t mean the startup would have been better or grown faster or sold more of its own services if it hadn’t been open source.

It also doesn’t mean closing-up negates that competition: once the value of the product is proven, the major incumbents also have had proven for them the potential value of funding a fork with its own dedicated team, which can reap the community reach benefits of open source and compete with the relative upstarts now-proprietary offering.


This is a pretty important point. That AWS can make something a big business does not mean a small startup could have done the same without AWS.


And this is the core of the issue I think: people use Apache and MIT licenses by default without thinking two seconds about the consequences. It's just the default on GitHub.


Elastic is derived from Apache Lucene, it’s unclear if anyone involved in its’ development could legally have made it more restrictive, though they apparently are trying to.

It seems like a lot of us perhaps rushed to discussion before reading this article, which is about Amazon forking ElasticSearch so that an OSS version would remain available.

Honestly, this is a shitty move by Elastic and I’ll be advocating against new uses of it, though /because reasons/, I doubt this will come up for me in the near future. ;)


> Elastic is derived from Apache Lucene, it’s unclear if anyone involved in its’ development could legally have made it more restrictive, though they apparently are trying to.

Actually, you can totally use Apache 2.0 code as your kernel and then make the whole thing a restrictive license. In fact, that's why we're having this discussion right now. Elastic just made their Elasticsearch/Kibana codebases entirely proprietary, even though they rely on Apache 2.0 Lucene as their kernel. Which to be clear is totally fine, I'm just pointing out the obvious.


What are better alternative licenses that also wouldn't deter contributors?


So you're looking for a license that would give you all the benefits but still encourage people to contribute - so only you get their work for free?


Yes and no. I think I remember hearing about a license before that would require anybody that forks your project to create a PR for any changes they make.

While this wouldn't prevent a company from using your project, but it would at least force them to pass on any of their changes.


> While this wouldn't prevent a company from using your project...

...it would deter them, which is what your original question was asking. Preventing and deterring are two completely different things.


I am not sure that there are, but that's also the point. Open source software does not guarantee or even offer a business model. If you want to license your project with a "do what you want, no warranty" license that is attractive to contributors, you cannot also add a clause to limit something.


This is how must awful actions by powerful entities are justified.

I say "Rich people get huge tax breaks, why??" you say "well that's how tax law works, why get angry?"

I say "I'm a small business getting exploited by a goliath!" you say "well everyone is playing by the rules so it's their fault"

Systems are so biased by large actors and for some reason everyday people jump in and defend them? We should totally take everything in critically but this defense doesn't seem reasonable at all.


Everyday people jump in and defend them because sometimes the big company is doing the right thing? Like some of us have been around since 25-30 years ago when the OSI was created and Linux was taking off. We have had these arguments for decades.

There seems to be a generational knowledge gap where people of a certain age think there large actors are permanent and evil. That’s plainly untrue. Often the scrappy upstart is being unethical.


Yes, the license allows it. So, technically they can. But you have to admit that it's a bit of a dick move.

The reality is, ElasticSearch with all of it's capabilities would not exist if the company would not exist.

How many other new interesting products will no longer be built as open source, because they know that AWS can just co-opt them and then their business will be effectively over.

The laws and licences cannot possibly cover all the details of the real world, there needs to be some humanity involved, some "let's try to not be assholes" attitude.

I prefer to live in a world where I'm not required to be a robot. Following all the clauses and laws to all the details will end up with that. It's not a great path.

We all need more empathy.


> The reality is, ElasticSearch with all of it's capabilities would not exist if the company would not exist

Would the company and product be as popular as it is today if it was licensed this way from the beginning?

I see this as a type of bait-and-switch. I invest in this open source technology, and then after I invest money into the service, they change what is being sold.


We use ES and Kibana open source. Our entire infrastructure is on AWS and if AWS is managing the installation and maintenance efforts thats a great help.

ES was never going to make a penny from us anyways and AWS is not making any money from the ES software itself. What they are making money is from our usage of their core services. Same goes for all the other open softwares, Kafka, Airflow, EMR to name some. Plus it would be dumb to have your infrastructure on AWS and buying ES cloud service where you'd require to send your data out of AWS as you'd have to pay for the data out.



> that gives AWS the right to offer this service. Maybe they did not have right to trademarks, there are courts to settle that.

You both articulate the problem and dismiss it in the same sentence. AWS have a right to offer the service - they do not have a right to tell people that they built ES, or to say that they work hand-in-hand with ES, etc. But there is nothing that a small open source group can do without tackling the shit-ton of lawyers that Jeff Bezos can bring to bear on the problem. No matter the points of law, he can just outspend them in every capacity to get the outcome he wants.


Unless it's not clear yet, the biggest benefactors of OSS have become the 3 largest cloud vendors owned by 3 of the largest tech mega corps, namely:

  - AWS
  - Azure
  - GCP
The multi-billion dollar infrastructure and network lock-in cloud vendors enjoy ensures there will only be these 3 cloud platforms (in the western world) that will enjoy most of the value derived from OSS, who are collecting rents on the backs of ISV's who developed the OSS products, because of which they're also going to be most invested in keeping the OSS status quo where they're able to repackage the resources & efforts others have invested into developing their OSS products and reap a majority of the profits by offering it as a managed hosted service on their platform, since relatively no customer using the cloud is going to want to use an external service if there's also the same managed service being offered by the cloud vendor.

The fantasy that OSS allows equal competition is no longer a reality, ISV's cannot compete with a cloud vendor who uses their own investments against them in addition to their anti-competitive monopoly lock-in of already having Customers running on their cloud platform.

Elastic's move to SSPL is effectively "OSS + free for everyone with the exception of exploitation by a major cloud vendor", since without it we're heading towards a mono culture future where all hosted OSS software is going to be funded and resourced by the billions major cloud vendors have reaped in collecting all the rent for hosting others OSS investments, that AWS gives nothing back in exchange for.

SSPL is effectively being used a tool to force AWS to do the ethical thing and reach an agreement with Elastic to distribute a portion of their profits from using their trademarks and hosting their Software they've invested a decade in building. AWS has instead chosen the path to maintain their own fork to avoid sharing any profits with Elastic as they're obviously currently making so much from hosting Elastic's products that it's in their financial best interest to start hiring dev resources to maintain their own fork then sharing profits with Elastic to fund its continued development.

Will be interesting to see how this strategy turns out, AWS may have already become to big to compete against who will be able to out resource, out fund & take over any ISV's OSS product, but it's clear the longer Elastic waits, the harder it would be to protect their own investments being used against them.


People get upset about the GPL but this is exactly why it was created.


Precisely why GPL is the way it is. If a company released Apache or BSD code they must understand that the code can be used and extended for commercial purposes and they don't have to offer those extensions back to the community. If you want to ensure those who derive benefits from it also contribute back, you choose GPL.


GPL doesn't require you to give back to the community, only to your users. That's a huge difference and that's why GPL is generally ok for internal projects.


I didn’t say any differently. A company like Amazon would have to release their enhancements/changes/ modifications. It doesn’t matter if it’s to their users - they can’t prohibit their users from sharing it which for all intents and purposes is contributing back to the community.


"It is up to Elastic to come up with a business model that works, not blame others if it is not. "

This comment kind of implies there is this 'free and fair market' that just magically rewards better products etc..

Mostly, it's a game of power.

Large companies use power to wipe out smaller one's and consolidate, sometimes to the near term benefit of consumers, sometimes not.

Also - just because something is legal, doesn't mean it's fair, we really shouldn't have to state that. This doesn't mean that Amazon is 'bad' because they are big, or Elastic is 'good' because they are small or any of that, but the issue is worth consideration.


You’re legally allowed to call me an asshole to my face, but in a world where we expect civility...

...well, there is no but. The price I pay to live in a free world is that I can’t do anything about anyone else’s bad behaviour. I just have to put up with it because the alternatives are worse. At least I get a free world out of it.

I hope Elastic get something out of the free world in which they exist. Patches from early contributors, I’m guessing. Certainly a brand and adoption they wouldn’t have enjoyed had they remained closed source.

It’s a better world than one where we lack high quality open and free software, even if we have to live alongside the Amazons.


I feel people don't actually read the accusation from Elastic.

They made multiple accusations. One of them is AWS announced Elastic search in partnership with Elastic when there was no partnership at all.


> it probably just would not have been widely used and successful

also tested and fixed for free by community contributors.


I think people's gut reaction to this being wrong is that a conglomerate is making millions off of others work, I think that's a fair reaction.

Open source software was about empowering people in particular, not corporations. It has however made it very, very difficult for individuals to make money from their software whilst the corporations reap the rewards from countless man hours of this free work across the a myriad of domains.

I still think it's something we can get better at as an industry. Just choosing different licenses doesn't really solve the problem, people regularly shun paid software licenses, feeling entitled to all software for free, and I think that's an issue for the ecosystem as a whole.


I think this is actually best for users and the community. Sucks for elastic, but glad to see the project continuing as open source.

Also good to see Amazon sponsoring lots of OSS development. Wish they could have done it in collab with ElasticCo, but I think that’s on them as there’s no way they can allow peers to contribute and stay in business.


Well it could disincentivize others from keeping things open sourced or making meaningful contributions.


>>I do not get why people are coming down on AWS here. Elastic made the software available under the Apache License. That gives AWS the right to offer this service.

Something being legal does not make it ethical, many people see what AWS did, including profiting off the TradeMark of Elastic Search with zero compensation to the project is unethical

AWS is clearly in the wrong here, I am surpised by the number of people that defend AWS, this is why FOSS continues to struggle

AWS is a leech on Open Source, like many other large companies. I will be SHOCKED if AWS fork has any actual feature improvements, my guess is it will be a pure maintenance fork with security updates (maybe)


It's a failing of many licenses where if the binary isn't modified then the rest of the software doesn't need to be similarly licensed. This goes against the spirit and intent of these licenses. Simply wrapping a OSS product in proprietary service layers is antithetical to the spirit of the open source license and not in the best interests of the community.


But is it in the spirit of the license to have multi billion company appropriate it without paying fair share to contributors?


Allowed by the law does not mean it's considered ethical.

AWS has changed the "new low" what an open-source project can expect if a cloud company earning billions on top of open-source can just change their project and fork it.

Cloud companies taking your source are a "new thing" to consider in the world of open-source.


With Apache License they don't have to contribute back and it is questionable/unlikely they'll do.


Sounds like there needs to be an Apache 3.0 license with an AWS exception in it.


Agreed, next time learn what using non copyleft licenses mean in practice.


I read the first paragraph and just though jesus AWS are dicks. They literally frame it like they're doing this for the betterment of everyone when in reality they're being cheap. It is legal, but it is immoral just like lots of things Amazon does. That's why they are coming down on AWS.


If this continues the motivation for open sourcing your work will be lost.


Interesting. Why not buy the company then?


Your right to do something does not remove my right to call you a dick for doing it. There is a large difference between what is legally allowed and what should be encouraged for the good of society.


Sure you can call someone a dick for abiding by the terms of the agreement that you set out, but that doesn't mean you're right.

"Hey here is some software. You are free to use it without paying me."

"Ok, we'll use it and not pay you"

"What, how dare you?! You dick!"


That's not the exactly what's been happening. I'll give you a more accurate timeline

Elastic: Hey here is some software. You are free to use it without paying us Community: Awesome!

... years go by and the community is loving it, Elastic is loving it everything is great

AWS: Wow! Free, popular software. Millions of dollars already invested in it so we don't have to. We'll take it for free and sell it.

... years go by

Elastic: Hey AWS! So glad you like our software but we can see that your actions are hurting our business which will hurt the software and the community in the future if we don't do anything. What do you think about making a deal?

AWS: Lol, suck it.

... years go by where other cloud providers make deals with Elastic

Elastic: Okay AWS, from now on we are changing our license so you and other companies similar to yours cannot re-sell it

AWS (and their fans): What, how dare you?! We've made millions by reselling it as our own, and not you are going to restrict us doing exactly that. You dick!


> AWS (and their fans): What, how dare you?! We've made millions by reselling it as our own, and not you are going to restrict us doing exactly that. You dick!

The latest event is more like

AWS: Ok, your choice, we'll keep developing and making available an open-source version with the original license.


The trademark side absolutely kills any credibility or goodwill they could hope to have.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: