AWS contributes improvements to the project. This is just about Elastic and their business model. They could have not made it open source and it probably just would not have been widely used and successful. It is up to Elastic to come up with a business model that works, not blame others if it is not.
ES and other companies have a business that sells a managed version of their product. This is how they sustain developers to continue working on Elastic Search. This model has worked for companies long before cloud providers were a thing. What AWS and others basically did is create identical services, keep all the profits, and exploit gaps in Open Source licensing to this end. From the ES perspective, their FOSS contributions were done in good faith which basically boil down to, "If you can run our product on your own, you get it for free".
AWS knows that if they take too much of ES' market that they won't survive. If they don't survive it will just be a matter of time before ES is dropped by Amazon and totally unsupported.
You can frame this question in terms of ethics, you can frame it in terms of licensing naivety, you can frame it in whatever way you want but Amazon is doing what it always has done: exploiting smaller businesses in its goal to become a conglomerate.
Edit: a lot of people talking about the license forget that there's an entire spirit to open source. The permissiveness of open source was one thought to be "we can all succeed together" and what people get upset about is the fact that this obviously violates that spirit. The businesses set up to back companies like Elastic Search were setup to sustain the project while continuing to empower it's creators to take their vision further. If Amazon takes the pie, that doesn't happen. At best, the creators are now Amazon employees and have to follow their desires. Just because you can exploit a license, doesn't mean you should.
Gaps in open source licensing? The license Elastic chose explicitly allows anyone to take the code, run it as they wish, and not contribute anything back. There are other FOSS licenses that are slightly more strict about this; they could have chosen AGPL if they wanted someone hosting a service to publish their changes, for example. And then they could have used a proprietary license from the start if they didn't want others competing with them at all using their code.
Launching a competing offering using FOSS that someone else wrote is nothing new at all though. Red Hat built their business around subscriptions for and support of free software, much of which they wrote, but they hardly had exclusivity over the distribution (see CentOS and all the providers offering it) or the software they wrote. (It's all free software after all!)
So... you admit that the people who created the GPL decided their license wasn't sufficient to cover a certain usecase and revised it to cover it. But you think it's unfair to call this a "gap" that ES is now trying to close?
EDIT: I do think it's fair to point out ways in which the new license for ES is worse than the AGPL, but I do think it's important to point out that it's possible to believe in open source licenses and to think that the way AWS uses software violates the spirit of open source. The people who work on GNU seem to think that!
The gap in that case was that the GPL was not sufficient to ensure that software remain free software when companies started using SaaS for software that previously would have been run locally. SaaS was in effect a workaround for the GPL's distribution requirement (enabling companies to avoid giving the software's users the freedoms associated with free software), so the AGPL was created for software that was meant to run on a server.
This is different: the point of contention here is not that Elastic's software was being made proprietary (they could have easily used the AGPL if that was their concern, the AGPLv3 predates the first Elasticsearch release by three years) but that Amazon is using their software to compete with them. That's something that's pretty fundamental to both free software:
>The freedom to run the program as you wish, for any purpose (freedom 0).
...and open source:
>The license must not restrict anyone from making use of the program in a specific field of endeavor. For example, it may not restrict the program from being used in a business, or from being used for genetic research.
Freedom 0 is a feature, not a bug! It may be a "gap" in Elastic's business model, but it's certainly not a gap in FOSS licenses - the freedom to use the software as you wish is a pretty core value of free software.
Now that said, I do think that taking FOSS and making it proprietary certainly does violate the spirit of free software. Amazon doesn't seem to have done that here, though - their fork is under the Apache 2 license.
When I choose Apache or MIT, I do so for a reason and if you or Amazon use code in compliance with that license, I’m happy and you’re not “exploiting a gap” but rather “complying with the terms I offered”.
To me it boils down to if you think that it's worth it: whenever I put MIT or Apache 2.0 on my public Github projects, I don't mind anyone going out making millions on them. Other side of the coin; if I make millions on some obscure library I found on Github with an MIT license, I do not expect them to be outraged about it.
If you do not think it's worth it, as you said there are a range of other licenses out there. I love the notion of human knowledge being free and available to all to the fullest extent, I think it will drive (and has driven) immense value for humankind.
Choosing sides here seems to be choosing between two profit seeking companies. Why, as a developer, you should take a side?
In my opinion, the bottom line is this: if Amazon's exploitative behavior is continues then we're going to see more and more open source products shift towards janky-kind-of-open-source or entirely closed licenses. Small or experimental projects will have open and permissive licenses, their authors will have plans for shifting licenses should the product become really successful.
I think it marks the end of this idea that you could have an open source project and then build a commercial offering around it. No matter who you are, odds are good Amazon will get such an offering off the ground faster and they have a built-in market of AWS customers.
Elasticsearch has made their motives clear: they have real concerns that Amazon is diluting their brand and they feel that Amazon is costing them too many customers with their proprietary AWS product. We can quibble about the morals of Amazon's move (they have none, corporations have no morals) but let's not lose sight of the outcome: Amazon has forced another OSS project to switch to a closed license.
Part of the whole concept of free software is that you have freedom of choice with vendors (this is derived from "freedom 0"). Amazon is providing the software and its support as part of the Elasticsearch offering as a managed service. Elastic is a competing vendor, both as a managed service and in a traditional sense too.
Elastic made this decision because they wanted to be the exclusive vendor for Elasticsearch. That's fine, but it's not in the spirit of free software.
If anything, Elastic has exploited the third-party contributors who contributed to Elasticsearch under a CLA by promising to not do what they did and then blaming AWS for doing it anyway.
Other companies have built products on Elasticsearch (I worked one one myself at one time) and they haven't been sued by Elastic. In my experience, Elastic has behaved in the spirit of free software. Now that their license has changed I would expect they will receive fewer submissions of code from outside companies. In my opinion, the difference here is both scale and misrepresentation of the offering by Amazon through unauthorized use of Elastic's trademarks.
This is not the first company to change their license in order to avoid providing free improvements to Amazon's proprietary services, I believe that this is unique to Amazon, perhaps because of the size of their AWS customer base. I can't find any similar stories of companies changing their licenses because their code was being used by RedHat.
Amazon is one of the largest and wealthiest technology companies in the world with a large captive audience of customers locked into their AWS product. On what terms could Elasticsearch compete with Amazon, especially when any improvements to the product would effectively be improvements to Amazon's product as well?
While I may step out of the way of an oncoming train, is it really a choice? No, it's clear that an oncoming train forces people to step out of the way.
Having a permissive license is a massive asset for getting people to adopt your software, but it means you will have no control over what they do with it.
They want the goodwill and other benefits of a permissive license without loss of control that these licenses bring.
What they are objecting to is having their project co-opted by Amazon, one of the largest and wealthiest technology companies in the world. Elasticsearch and Amazon have been battling this out for a couple of years now, this is the latest move in that battle. They have been very clear that the reason they are changing the license is Amazon, not "the drawbacks" of an open source license.
* Amazon, from the wealth of innovative managed services they could offer without fully maintaining them themselves
* OSS companies, for the ability to financially sustain their projects and still offer it for free for those that want to self host without offering a managed version of the same software
* End users, who can both use the software however they wish and also choose to get a nice managed version of it.
Instead what will happen due to AWS behavior here is that there will be a lot less incentive to develop innovative new services, at least in a non-proprietary way => therefore there will be fewer services in general for AWS to offer without doing all the product work from scratch, fewer tools in general for engineers and fewer OSS tools in particular and more Firebase-like offerings. So everybody loses here in the long run.
I'm going to go on a limb and say that whichever of the cloud providers figures out the "app store" equivalent for managed services is going to be able to take over from AWS.
There is no ambiguity in this case, they are offering the exact same elasticsearch API.
But this is not even the point. I'm not interested in the legal distinctions here at all, thats for the lawyers to delineate in more detail. The point is that Amazon are practically throwing away a huge business opportunity that would also encourage more FOSS to be built in a sustainable way ("app store" / "managed service store") for some short term gain, by throwing companies such as MongoDB and Elastic under the bus.
Yes, because ES didn't use any GPL license even when they had every option to; they used the Apache license which is explicitly incredibly permissive.
With their Apache choice a pragmatic balance was met where developers could use/modify it as they please or use a managed solution from EC or even a managed solution from another company. The ecosystem thrives and their company can thrive.
But a managed solution from AWS ends being materially new and different: AWS is able to undercut them on every front, and people end up viewing AWS ElasticSearch as the canonical ElasticSearch.
Maybe trademark infringement aside, Amazon didn't break the law but they created an unprecedented situation that changed the effective balance of power which changed whether Apache was achieving their EC's goals or not.
Permissive licenses like MIT/Apache have historically been what companies prefer to have when evaluating free software. And, generally, it hasn't been a problem for companies like Elastic because companies like Amazon didn't "take" profits from Elastic (and others).
What has shifted is that, where before, there was a "code of honor" that companies could use FOSS software and Elastic would benefit from the uptick in adoption via support contracts, community building libs + writing docs, and encouraging "network effects" for them.
The "cost" of being a FOSS company was lower than the "reaped" benefits of the network effects.
That has shifted with "predatory" behavior from companies like Amazon. That abuse of the "vulnerability" in the FOSS ecosystem is a tragedy of the commons. It means that companies have to be more cautious about what they choose to open source.
This is just my opinion, of course. As a founder of a software company though, I see this as a real struggle. I would prefer have https://refinery.io be an entirely open source tool and we make money via supporting the ecosystem.
Unfortunately, it just isn't clear cut. The best option that I see today is a model like what MongoDB and CockroachDB have with licenses like BSL. But, they're not truly "open source". And that sucks.
We are living in a time where there are no good answers in the face of exploitative behavior by companies like Amazon. It means companies like mine have to maintain a proprietary platform in order to make money.
As a developer, it hurts my ideals. As a business owner, it's a risk I can't afford to take. That's why this behavior is a problem for FOSS.
I've run a couple of COSS companies and have a few arrows in the back on this subject. The 'code of honor' is not enough to float even a small company. I don't think it ever was.
Most people simply won't pay if they don't have to. It's not just a matter of money. Buying software in established companies can be a head-exploding hassle--as in 6 months of fighting procurement. Plus those do-a-good-deed contracts have a habit of disappearing as soon as there's a budget crunch or the enlightened manager who pushed it through moves to something else.
I'm not knocking such contracts in any way. They are kind of like crowdfunding for OSS and can be lifesavers. But it's naive to build a company on them.
To have a profitable COSS business you need to sell something sticky that customers need and can't get elsewhere, so there's a real exchange of value.
Amazon unsticks anything that isn't nailed down...
Open Source is for getting popular, and all of the arguments that Open Source people make against Free Software are about the ability to get popular (corporate usage and corporate contributors.) The reason companies use Open Source is because when you license something that way, it's theirs now. They're investing in their own property.
Free Software doesn't intend to have this problem, and if it sees a problem, it fixes the bug. You don't own Free Software, you own the devices that you install it on. You still might end up competing with someone, but you'll never fall behind.
Basically, their problem is that it's impossible to compete with Amazon on delivering a managed SaaS, and most of their money was coming from that.
In terms of the software itself and user freedoms, the licenses used have achieved their goals - ES is free, people using it can control exactly what they are running, can patch it and redistribute etc. No one owns ES itself, so it is Free Software in your sense.
The people who are having a problem though are the project behind most of the work on this. Now, whether this is a real problem (the company is struggling to remain profitable because of Amazon) or just a fake problem (the company is profitable but it's not growing as expected in some 5 year plan) I don't know, but this is the reason for this type of change.
Amazon has a small team for developing their version and at the end of the day, it has to fit into the operating constraints that they have. There are plenty of huge gaps in managed ES that the vendor can (and does) exploit.
It's an interesting idea to think that "Free Software" creates a sort of "distributed code base". In the sense that "code will be eventually pushed to the main repo when the patch is created". That's an interesting perspective.
Now AGPL might have, if it was used from the start... not because it would prevent any monitization, but because it might bring enough legal uncertainty for AWS to even consider using it
Suppose Elastic had used GPL instead. Then Amazon's hands are tied to a greater extent, but we still lose out. If AWS is the one maintaining ElasticSearch, then ES will steadily become more and more nichely-suited to being a part of the Amazon cloud and less suited to a self-hosted use case. Users can patch it for their own use-cases, but they'll never be able to make it as good as it would have been if there were full-time maintainers supporting them. The commons still become less rich.
The dream is that Elastic can keep maintaining ES but ES remains Apache2. Given AWS's presence in the market, it seems like that's not an especially viable option. For Elastic to keep maintaining ES while switching ES to a more restrictive license which doesn't prevent normal use cases but hamstrings AWS is less desirable, but still preferable to Elastic folding, because ES remains a tool which we can all use and patch as needed to power our own services.
On the contrary, the commons gets the version of ElasticSearch that is most useful to end users. If Elastic can offer better service to end-users, their deployment will be more popular and people will prefer their patches; if AWS can offer better service to end-users, their deployment will be more popular.
Not really, because Elastic doesn't get money from people using their free product. So, Elastic could theoretically go bankrupt even while providing an arbitrarily more popular ElasticSearch version.
AWS on the other hand is charging money for using their service, so they only need to compete with Elastic on the hosted version of ES. If their fork of ES is very hard to host on your own, that's a net benefit to AWS, regardless of how easy Elastic's fork is in the same scenarios - neither company is making money off the non-hosted version.
Network effects are great for behemoths but not so good for consumers.
I'm skeptical though.
If that were the point of the licensing, it'd be encoded in the license. This is the branding of the license, which is just innuendo. Amazon doesn't belong to any church that recognizes the spirit of Open Source, instead they just read the license and follow it.
I think the point of OSS - and there are various flavors so this isn't some unitary point, but more like a general direction - is the insight that copyright isn't actually a good model for software development. OSS licenses are a hack to sidestep fundementally misdesigned legal structures while staying within them. But because OSS uses licenses to create a more open development model, it's restricted in what it can do; it's "just" an EULA essentially.
Ideally, we'd fix this in the law, not via tricky licenses, but we don't live in a world where that ideal is anywhere even close to a serious enough problem to be addressed - at least, that's my take on "the point of the [OSS] licensing".
The various flavors of OSS try additionally to either use various other approaches to encourage a more open model in a closed world, or conversely don't bother since it's a hopeless endeavor, or vary exactly how open they want things to be; but the general gist is that the license is a hack; it's a design limitation, not by design.
Yeah — clearly they're acting in total accordance with their own interests. My point is that they're acting contrary to ours.
They make perfectly legal use of that code. What they're doing seems to be in my interest because if they do it, it means I could also establish a business using permissive code to run it and hopefully make money off it. It's good news for many wannabe startup founders out there.
This mirrors how, in general, markets approach human values. They're a nice thing to have if you can afford them, perhaps you can mention them in your marketing - but the moment competition threatens your margins, you'll drop these values to stay competitive. Ethics is a market inefficiency, and expecting companies to behave ethically over time if not explicitly forced to is, indeed, naive.
If it restricts who can use the software or what they can do with it I believe it isn't classified as free software.
The AGPL is slightly different than GPL. It confers more responsibilities on cloud providers, so that the users of the software (as a service) have the right to the source and any modifications.
Running a profitable business to service free software has nothing to do with the philosophy.
"Open source" on the other hand...
EDIT: And honestly the fact that Red Hat owns both makes it extra clear that they're fine with it, because again, they're a company built on free software.
Well, before the IBM acquisition anyway. We'll see where things go from here.
Partly due to releasing all their code as OSS, they have poor pricing power over their primary product (support and services (RHEL)) as that's a commodified market with a bunch of competitors who are happy to take their business (offering support for CentOS or other RHEL rebuilds) if they charge too much, or customers might just decide they have the in-house knowledge to support themselves.
That revenue is the budget of the police force in my country. Why would being bigger then that necessarily be a good thing.
RedHat wasn't really that profitable. Sure it also spent billions on growth, but Amazon spent hundreds of billions on growth. (Sure, Amazon is a conglomerate, from books to gadgets to groceries to basically everything and the biggest digital infrastructure platform on top.
(I'm simply using Amazon as illustration, it's really coincidence that this submission is about ES and AWS.)
Secondly, revenue is super not meaningless! It's the capacity for you to be profitable! Amazon had 0 net income but were able to spend money on growth because they had revenue, and were able to classify their R&D as an expense, which pushed their profit/net income down. Without that, they would've been a positive net income/profit company who then reinvested net income/profits into R&D.
You can do all the expense classification shenanigans you want to to muck around with profit (ex. have profit & spend that on growth, or classify your growth as an expense and have no profit), but it's a lot harder to grow without having the money to put to growth. You'll get that of course in two ways -- increasing capital (equity/liabilities), or well, revenue!
EDIT: Had some typos so cleaned them up.
RedHat is big, it has a lot of revenue, but it also has a looot of expenses too. Hence it's profitability is low. Whereas Amazon is a lot more profitable (even if it had no accounting profit), and that's exactly how it grew this big.
If RH were this profitable it would have probably also grown bigger too.
Of course some business models, sectors are truly niches, and you can't grow arbitrarily big. RH probably suffered from this to a degree. Selling Linux support is a niche market compared to selling almost everything that can be shipped in boxes. Of course both Amazon and RH are survivors of the early 2000s big boom-bust cycle, so probably there's a big survival bias and chance/luck at play here, so it's probably not right to say that RH should have expanded to bigger markets. (How come "AWS" is not a RH thing? It's likely that Amazon's extreme "black friday" scaling challenge it not unique to them, yet they were the ones able to successfully capitalize on this.)
I judge by your statements of RedHat's expenses/revenue/profitability that you're defining it as operating profit? That's not a great measure to look at things: certain sectors can expense things and make a mess of it - like depreciation & R&D.
That's also a measure of the core operating portion of the business alone, it. doesn't include non-core portions, nor spending on investments/divestitures (although the latter should show in pro formas or future reports. Also to be fair that would never be counted in a profit definition, but judging from what you find important, I suspect you would prefer to include it? ).
NPVs are calculated by Free Cash Flow streams discounted at whatever your discount rate.
However, once Oracle started "repackaging" RedHat, and making indents RedHat acted quickly and essentially made using their patches much more difficult (https://www.zdnet.com/article/red-hat-turns-on-oracle-and-ot...).
The problem wasn't that the spirit of open-source was violated. The problem was that AWS is better at acquiring customers for their competing hosting service. So Elastic switched the license to the non-open-source SSPL, which makes offering a hosting service essentially impossible (to satisfy the terms, Amazon would need to open-source effectively all of AWS).
This license switch is more antithetical to the spirit of open source — that is, user freedom — than what AWS was doing, which was offering a hosted version of open-source software that competed with Elastic's hosting business.
Ultimately I think selling hosting of a single piece of open-source software as a funding model for developing a single piece of open-source software (e.g. Mongo, Elastic) has proven to not be a very sustainable funding model; at least, not if you're hoping for VC-backed company sized returns. And... I can see why that doesn't feel great. At one point, hosting was believed to be the silver bullet model as compared to consulting. But ultimately I think it's just not worked out: hosting as a model makes sense for proprietary software, but for OSS, either:
* You pay developers to build the software and also pay more developers to build the hosting stack — but then your competition only pays for the latter and can beat you on price, or
* You only pay to build the hosting stack, but then — what's the point? You haven't solved funding the software development.
I would actually take this a step further and say the problem was that Elastic apparently never had no plan for how to deal with Amazon. If hosting is ever on the table, this has to be part of the plan from the beginning. For every customer that says "your hosted solution won't work for us, we're thinking about deploying on AWS" they have to be able to translate that into profit. This seems like a lose-lose for Elastic as they have effectively ceded all that away to this fork. The use of SSPL also seems like nonsense here that won't result in them seeing a dime from Amazon.
To say that developers/authors of open-source believe that if their projects get picked up by some big company they would also be payed seems silly and childish. This has never been the case, why would they even believe that? It was rare when a company payed open source devs for their work (and it made the news, like when RedHat gifted Torvalds a lot of stock before going public and it's not like Torvalds was the only kernel dev at that time).
My main problem with the pro-Elastic arguments it that the crux of the argument is:
1. Elastic drives the vast majority of development for ES
2. Elastic needs revenue in order to keep paying devs to work on ES
3. AWS is competing too well with Elastic's hosted ES
And there is an underlying implication that if Elastic fails, ES development will stall almost completely and a great software project will die. But like... isn't that the point of OSS? If a software project lives and dies with a single company, what exactly is the point of it being OSS?
AWS is too big to really be competing fairly. They have vendor lockin on customers, an enormous war chest they can (and have) used for predatory pricing and they control, like, 1/2 the hosting market.
With all that they can almost murder elastic search in their sleep without providing a better service.
That will not just be bad for ES it will be bad for everyone who isn't Bezos.
> AWS is too big to really be competing fairly. They have vendor lockin on customers, an enormous war chest they can (and have) used for predatory pricing and they control, like, 1/2 the hosting market.
> With all that they can almost murder elastic search in their sleep without providing a better service.
> That will not just be bad for ES it will be bad for everyone who isn't Bezos.
There's a lot of businesses with a lot of budget who want to use ES and don't want to go near AWS. Let's not pretend there's not an enormous opportunity out there for a good hosted ES platform not on AWS.
AWS has lots of services. Customers like it when all of their cloud is managed under one roof (apparently).
AWS is definitely competing fairly, it's just... people like their offering better.
If they tell you they're not, what they're actually saying is that they've chosen a poor business model.
In this case, it looks like they've got a perfectly reasonable business, but they're upset it's not even bigger, and therefore they'd like a monopoly over ES hosting.
> It is monopolistic behavior and that is harmful.
The irony is strong here.
That would be a single data point to start with, at least.
They built on top of a license that gave the user a set of freedoms they don't want the user to have. End of story.
Now they've patched this hole, but they want to keep the goodwill that comes from Open Source licensing instead of owning up to their decision and decide to blame AWS as a scapegoat, all the while acting as if their license does not violate one of the core values on Open Source Definition where you cannot set restrictions on specific fields of endeavor (in this case, the same field the product belongs to).
Now that's not okay.
A hole which didn't exist in this way 10 years ago. But well you could have seen it coming tbh.
> all the while acting as if their license does not violate one of the core values on Open Source Definition
So you are saying if you do open source you must be fine with being exploited?
If so then why do GPL and similar exist, which are normally considered as Open Source?
It's just that the landscape changed and with this the problems around it changed.
While in the past bundling it into non free programs (+some committed aspects) was seen as a problem and as such GPL was created today the problem are similar but instead of distributing that bundles they are provided as managed services.
In this context the Server Side Public License is as much in line with the core values of Open Source as GPL is.
It's just that Amazon cares to some degree more about free software being free as in not costing them then they care about it being freely inspectable and modifiable. But cost free-ness was never a core value of Open Source, just a side effect.
…except Elastic doesn't want to use the AGPL because anyone using Elasticsearch would have to open-source their whole codebase — a non-starter for most companies. Elastic wants to have their cake and eat it too. They want the wide adoption of open source software, while also preventing people from competing with them. That's not how open source works.
> …except Elastic doesn't want to use the AGPL because anyone using Elasticsearch would have to open-source their whole codebase — a non-starter for most companies.
They wouldn't have to. This is a common misconception about AGPL.
What AGPL changed is that they made it trigger on distribution (like GPL) and on interactive access of modified versions over a network.
If Amazon's plan had been to make money by hosting a proprietary fork of the server, which would give them some sort of advantage over other clouds like Azure or Google that only have the non-proprietary version, AGPL would thwart them.
But that doesn't seem to be the case. They don't appear to trying to make it proprietary. They seem happy to run the same code that everyone else does. They are making money from it by selling management and support services for it.
AGPL doesn't impede doing that at all.
- your project running on Linux kernel doesn't become GPL
- your project talking to MySQL doesn't become GPL and one talking to mongodb pre-2018 doesn't become AGPL
- your project talking to elasticsearch wouldn't become AGPL
(However AWS search offering... could?)
That doesn't follow from your preceding statement. Elastic doesn't want to constrain all users of their software by using AGPL; and instead they adopted a license which imposes restrictions only on cloud providers. That's better compared to AGPL for general consumers, if you ask me.
I want to clarify this. Building a SaaS product with Elasticsearch or Kibana on the backend is okay and not prohibited, as long the service is not “managed” Elasticsearch nor Kibana. For example, a music service that uses Elasticsearch on the backend to provide music catalog search is okay. A service that offers site search powered by Elasticsearch is okay. A log search service powered by Elasticsearch is okay (again, provided it doesn’t expose Elasticsearch functionality). We welcome applications built with Elasticsearch or Kibana in the backend, even those that would be seen as competitors, as long as they are not managed Elasticsearch nor Kibana services. The Elastic License allows this, and you can do it for free. See this [item] in our FAQ. If you have any doubt, reach out to email@example.com and we would be happy to clarify.
Disclaimer: I am on the Elasticsearch team and work for Elastic; I welcome any and all feedback.
Can I get that in writing from someone with the power to make binding legal statements?
The problem is never in the clear cases, it’s in the edges. Now, all of a sudden, when thinking about features a legal dimension enters the picture, something that hasn’t been there before.
You speak as if Elastic has any say in how people use OSS. Why would anyone use the newly hampered version of ES when they can use and contribute to Amazon's truly open fork? Aside from the bad taste left in everyone's mouth from the whole "Doubling down on open" nonsense, all that reasonable people are going to see now when looking at Elastic's software (ES 7.11+) is unnecessary risk and legal ambiguity.
The disingenous market speak on Elastic's blog post was so thinly veiled that it quickly became insulting. It was gross to watch such a shameful justification form on why everyone should be okay that Elastic will continue using the marketing terms "free" and "open". By forcing a well funded fork by Amazon, Elastic may have just relegated themselves into obsolescence.
For one data point, my company attorneys interpreted that, even if we present a search box in a web page, allowing visitors to search our own indexed data, it could be understood that we "offer a service" -- and thus forced us to abandon Elasticsearch and figure out alternatives.
We might be unique, but I doubt it.
It's also perfectly legal to run GPL software on a Windows machine without open-sourcing Windows.
Wordpress hosting was huge ten years ago.
And how is a company using open source software exploitative? I mean, isn't that the point of releasing open source software, that companies use it? And aren't companies in the business of making money, so at some level, they are profiting from your work?
Actually the opposite of open sourcing a system like this would be a massive fragmentation of the market with multiple competing proprietary systems emerging and total headaches for users with obsolescence a part of their daily lives. That is the grim alternative, not companies profiting from selling services based on open source software
I have some sympathy for Elastic, but I just do not agree that AWS is doing anything wrong or against the spirit of open source. When they run into things that need to be fixed or improved in the projects they upstream them. The majority of work AWS does is in "operationalizing" the project for their cloud. It might be cool and interesting if they let us see how they do this but it is not like that work directly translates back to the open source project. Anyone that has worked with Google open-source stuff has run into the same issues where there is some behind the scenes magic that Google has internally that the projects can leverage to make them scale better etc.
It is Elastic's right to change the license if they so choose. If they own trademarks that they believe are violated it is up to them to take those challenges to a court and seek damages. Elastic is trying to have it all ways though. They want you to believe the new license is open source .. sort of true but not really. They want you to believe AWS has done something wrong. This I do not buy at all. What is special about Elasticsearch? The entire Internet and the Cloud is running on all kinds of open source software up and down the stack. It is in the interests of the behemoths that run these stacks to upstream fixes and improvements and generally they do. That does not mean they have to contribute the proprietary wrappers they have put in place around them as part of building their business model.
AWS needs to be focused on its customers, not companies like Elastic and Mongo. If its customers would prefer to operate an Elasticsearch service provided by AWS as opposed to Elastic, then that is a problem for Elastic to resolve.
How would you try to resolve that, if you were them?
* Since their license is Apache (most likely because they have an Open Core business model) instead of AGPL, they could offer extra services on Elastic's managed service. Amazon wouldn't able to offer since these parts are proprietary.
* They could partner up with other Cloud Providers (Microsoft, Google, ...) to offer a managed Elastic on these clouds, before these cloud providers do it themselves.
* They could offer other proprietary products that run on top of elastic (managed by them), that would force customers to use their managed service.
So that's what's really puzzling to me, what's really driving this change? Is their considerable revenue from all of that still not enough to justify their valuation and growth? Or is it really just a personal vendetta against AWS?
AWS has a lot of closed source components behind the scene that makes Elasticsearch scale and run reliably in their cloud environment.
Elastic can develop similar closed source components to make things scale – in non-aws environments – in private clouds – in on-prem deployments.
Why does this matter?
There are a lot of those customers – banks etc – who will stay on-prem and medium size cloud customer for whom public cloud is more expensive than private cloud. These are the ideal customers for Elastic.
Among them, there will also be some who will do hybrid – onprem + AWS. Elastic can price their product to compete with AWS's and use their service in both on-prem and in aws seamlessly.
I realize that the cloud took off after Elasticsearch existed, so it is hard to fault Elastic for not having a crystal ball, but the time to get the business model right was at the beginning.
When my company chose an Apache License for the product we sponsored it was because we knew we could not do it all ourselves and so we wanted to build and foster a community. So while that means competitors could and did emerge that could take the product and do a better job monetizing, that was the only way for us to get the product we needed. The community was important.
Elasticsearch would be an also-ran without the Apache License and the community around it. Changing the license now because AWS is able to monetize just stinks, IMO.
Perhaps the issue is that Elastic is getting so little from the Amazon product that they resent, essentially, adding features to the Amazon product for little or no return. Elastic noted that, in their experience, some unspecified number of Amazon customers believed the Amazon product was somehow associated with Elastic. Elastic implied this was a result of Amazon's use of their trademark but all of this is hard to verify or quantify.
RedisLabs fought a similar battle with Amazon, they also ended up making changes to their license. I really do think the issue here is the scale of AWS and the very large pool of customers tied to Amazon's offering: there are so many existing and potential customer using AWS that companies like Elastic or RedisLabs feel they can't write those potential customers off. It seems to me that if Amazon was interested in the well being of those customers, they would figure out a way to continue to receive improvements from these projects instead of forking their own versions.
I don't actually agree AWS violates the spirit of the license. The spirit of the Apache license is explicitly - "I don't care if you succeed with my code wildly beyond what i achieve, more power to you, just credit me in the byline". I license my own code in Apache usually because that's precisely my position.
There are other licenses implying a different spirit if you want to take a different position - but complaining about AWS because they chose Apache is not a great look. They're certain to lose community developers.
But I did want to add my personal anecdote to serve as a canary-in-the-mine on what effect the status quo could perceivably have on the proliferation of open source software over the long term:
I think we can all agree on the basic premise that having more open source software is a good thing for society.
For the longest time I dreamed of creating my own open source tools and products and simultaneously monetizing it to create a comfortable life for myself and maybe even eventually turning it into something bigger, and leave my mark on the world.
However, as the years past and events like ElasticSearch v Amazon unfolded, I became more and more disillusioned on the realistic prospects of such an outcome.
Today, I'm in the process of building something that would probably see more success in terms of adoption and do more good in the world if it's released as open source software, but at this point I've basically made up my mind to release it as proprietary software to have a realistic shot of monetizing it to achieve financial independence and eventually build a company around it.
Basically I've weighed the tradeoffs and chose to put my own ability to capture the value of what I created over trying to maximize the value my software could create if open sourced.
This was not a easy decision for me to make, but I suspect I'm not alone in having thought about these tradeoffs and reaching these same conclusions. And as more and more people witness the struggles of companies trying to build viable businesses on top of open source software, more and more people could make the same decision, and thus society would be robbed of all the value that having these pieces of software as open source could have created.
I think the chilling effect these kinds of case studies have on the proliferation of new open source software, and the loss incurred by society as a whole as a result, is at the core of what we should be trying to figure out a solution for, not some philosophical discussion around who's in the right or wrong.
(reposting from a comment in a previous submission that got buried)
Our "group" spends so much time and effort indoctrinating its members on this idea that profiting from your skills is a bad thing, and that the only true way to be a developer is to give your work away for free as Open Source. Even silly things like negotiating for a market rate salary from your employer are frowned upon as caring only for money.
But that's all backwards. There are good reasons to release your work product as Open Source, and those all share the quality that they give you or your business some tangible benefit. So it's simple: do the benefits of open sourcing your thing outweigh the downside? If yes, go for it. If no, don't. But don't spend even a second worrying about whether it's the "right" thing to do for silly moral reasons.
If there was one thing I could change about our industry, it would be to remove the 5 year Open Source Indoctrination brainwashing session you need to go through at University before entering it. Because we'd spend a lot less time being taken advantage of later in life.
I would argue that by releasing a project as open source, we create more value in society than by releasing as proprietary.
An ideal society imo should distribute rewards relative value created in order to incentivize and maximize value creation.
Our society does a pretty good job of rewarding and incentivizing value creation for proprietary projects, but seems to do a horrible job of incentivizing value creation through open source projects.
I think it's in society's best interest for open source creators to be rewarded every bit as handsomely for creating value in the world as creators of proprietary projects, if not more, so we can incentivize the creation of more open source projects.
> An ideal society imo should distribute rewards relative value created in order to incentivize and maximize value creation.
Isn't that exactly the point of capitalism and the reason why proprietorship is possible?
That is exactly in the spirit of open source, which is what I believe the parent poster is saying.
You can still build a business on your software -- as long as you keep developing, no competitor will be able to use up to date version. And people who want to rely on open source can do so, knowing that the software will get open-sourced eventually, no matter what the company decides.
Open source makes sense when many companies benefit economically from sharing resources to develop common software/tooling.
Open sourcing code from inception can lead to adoption and create profits.
At some point that code may be more valuable to another company in some way and they profit from it.
I don’t see Linus Torvalds complaining about companies that profit from Linux but then again Elastic Search has shareholders to answer to and their trademark has been violated.
PS. In a truly free market, there would be no enforcement of license violations except that which companies could muster themselves, i.e. Elastic would be able to hire mercenaries to loot and pillage AWS' data centres
I think a possible solution to that problem could be a universal basic income, itself funded on the likes of Amazon.
If you had the assurance that you'd always have something to live with, wouldn't you be more open to take the risk of going open-source and see if you can run a business of that ?
> First Quarter Fiscal 2020 Financial Highlights
> Total revenue was $89.7 million, an increase of 58% year-over-year, or 62% on a constant currency basis.
As long as open-source is a near requirement for getting traction, I don't think there is much to worry about.
If the code is your original, differentiating product, go ahead and make it proprietary if it helps you. If there's some code that supports your product, that helps make your product possible, or that complements your product but doesn't really differentiate your work or create a bespoke advantage for your users, then seriously consider making that Open Source or Free Software.
For example, let's say you have a new, great music recommendation technique and that's why people would choose your music player or music web site or whatever. You could build that with an OS DB on the backend, on an OS operating system, using an Open Source language and Open Source libraries and still close the source for your recommendation engine. However, you could still offer a F/OSS client to an API for that for various languages. You could contribute to the projects underlying yours. You might write a whole new configurable data wrangling system that's not specific to your recommendation code but is really useful to populating your database, and you could release that as F/OSS for the community to use. You might make your own front-end toolkit for the browser, or your own websockets code on the backend, that can be used by any application. You'd be able to contribute that to the community as F/OSS without undercutting your main differentiator, too. I kind of think of this model akin to open core, but in this case it's a "Closed Core" with open everything else. Improve everything that's in common with others in a common space, and differentiate your offering in your own different, compartmentalized space. Just make sure the bindings between the parts are at the appropriate level so the licenses don't clash.
Does this mean some competitor could come along, tie all of your F/OSS together, and plug in a different core? Absolutely. If that core's not your true differentiator, though, your plans have probably already gone awry. Making it easy to plug other code in the place of your proprietary code surrounded by an open platform is almost as good for the community as making the whole thing open source, and lets you compete on what you've decided is going to be your competitive advantage.
Clearly, as you say, there's nothing wrong here legally. By choosing this license, Elastic explicitly allowed anyone in the world to do what Amazon is doing now.
Ethically, I can't find anything wrong about this either. As far as I'm concerned, there isn't a "spirit of open source". Open source is a way of doing business. Elastic made a business decision. The company has to live with the consequences.
One could certainly argue far too much power is getting concentrated with Amazon and other web giants, but that's an entirely different subject...
Namely, that if you have a company that offers something like a database as a service, search as a service or some other API, and plan to support it's development by offering your own managed service - DO NOT OPEN SOURCE IT WITH PERMISSIVE LICENCES, AMAZON WILL UNDERCUT YOU. AND THEY WILL ALWAYS DO IT CHEAPER BECAUSE THEY DONT HAVE TO FUND FURTHER DEVELOPMENT.
Take an example what Amazon did with Mongo - First they launch a closed-source competitor (totally fine) but then they also take Mongo's source and rebadge it as their own fully-managed DocumentDB (Mongo 1.6 but with closed source additions). It's having your cake and eating it too. There's nothing legally wrong with this, but I do think this is market abuse (because they can only do this because of AWS market penetration) just to make the worlds richest man richer.
From what I can find online, it looks like DocumentDB is actually a layer on top of the AWS Aurora PostgreSQL offering. This means they created a MongoDB compatible API, but are not offering a hosted mongodb cluster. (https://news.ycombinator.com/item?id=18870397)
I'd not consider that actively developing a product and adding new features.
Elasticsearch has 35000 pull requests merged. Amazon did 9 of those giving them a contributor ratio of 0.026%.
Amazon's contributions to Elasticsearch and Kibana are purely symbolic. This makes their claim as new stewards of the projects even more laughable.
Lots of companies offer S3-compatible APIs, for instance. They compete not on the API, but around reliability, price, features.
Of course, we have Oracle v Google coming up in the US Supreme Court, so things could change, but this is the way things are now.
Everybody should be allowed to change its mind when presented with new data or circumstances.
Or Amazon (or a third party) may take over maintenance of ES if it's worth it to them. That's the whole point of open source.
> You can frame this question in terms of ethics, you can frame it in terms of licensing naivety, you can frame it in whatever way you want but Amazon is doing what it always has done: exploiting smaller businesses in its goal to become a conglomerate.
There's no exploitation here. ES are grownups and responsible for their own business decisions. Amazon is outcompeting them by providing a better service to their clients.
> Edit: a lot of people talking about the license forget that there's an entire spirit to open source. The permissiveness of open source was one thought to be "we can all succeed together" and what people get upset about is the fact that this obviously violates that spirit. The businesses set up to back companies like Elastic Search were setup to sustain the project while continuing to empower it's creators to take their vision further. If Amazon takes the pie, that doesn't happen. At best, the creators are now Amazon employees and have to follow their desires. Just because you can exploit a license, doesn't mean you should.
The whole point of "open source" as distinct from "free software" was to get away from all the ideological baggage and focus on pragmatic licensing that would appeal to businesses. Guess what: it worked.
I wouldn't necessarily say AWS' ability to use ES as a loss-leader for their Data Transfer charges is better for AWS's clients in the long-run. I can certainly see the argument for calling it exploitation.
Due to the market share of AWS for many potential customers it will come down to a decision between
a) click here in the aws marketplace and have my service added to the invoice my company gets every month anyway
b) start the painful process of onboarding a new vendor, get a quote, have procurement haggle with them for months etc etc etc. (overstating it a bit, I know)
And that is where to me it becomes a question of using/abusing your position in the market to a certain extent..
The rest of the 500+ comments here do a good job arguing both sides of it so I won't rehash that. Just saying that I can see that AWS taking the free thing and using it as a loss-leader (i.e. no possible way Elastic can compete) could be construed as exploitation of the free thing.
Even if it is though, I'm just not sure I find the idea of free software being a loss-leader a bad thing. Having a loss-leader implies that AWS is providing + capturing value elsewhere. In this case, you assert this is from Data Transfer. But regardless of where the cost-centers are, AWS is delivering value to their customers and charging for it. There is competition in the cloud space, and in all honesty moving clouds generally isn't a huge deal, at least if you've architected your systems with that in mind (which any SysAdmin worth their salt should be doing in 2021).
The fact is, customers like having all their cloud managed under one roof. Customers like the exceedingly strong uptime guarantees provided by AWS. If customers have choice (which they do), and they're choosing AWS, why is it a bad thing if Elastic can't compete? If AWS is winning, it's because they have a holistic offering that customers like better.
In short - this feeling that Elastic owns Elasticsearch (other than maybe trademark) is totally false. Many people
contributed and adopted BASED on a real open source license.
The problem that Drew is willfully ignoring here is that corporations see an opportunity in open source licensing to hijack projects, which I would remind you is exactly what is happening with Kibana. The control shifts away from the thousands of contributors and gets a board of engineers employed by corporations. Once these projects land in corporate control there's no denying that their culture and terms change. The CLA's he wrote about will surely be enforced, and if everyone ascribes to his belief system then the project will delve into chaos.
Corporations like ElasticSearch were setup to sustain the project that is ElasticSearch. If you destroy them, then you will get Amazon's vision of ElasticSearch, not what the contributors chose, certainly not what the creators chose. When forks happen, they happen. There is a big difference between some random or influential person forking Elastic Search and a conglomerate, who is really only forking it because they intend to undermine the business that was setup to sustain the project in the first place. Want to see a fork I was completely fine with? Look at Gogs versus Gitea.
The fact that they cleared a billion dollars is so arbitrary. At what threshold should anyone with principals and a backbone stop caring? At what point should someone like me not care if a conglomerate comes along to replicate and wipe out SourceHut? This has nothing to do with ElasticSearch and has everything to do with corporations flexing power, power which has repeatedly been used to influence and undermine projects in the open landscape that doesn't make it quite so open anymore.
Why do you think UNIX companies agreed on MIT license for the basic X Windows infrastructure, but then Motif was commercial on top?
Or how UNIX clones and Windows have used parts of BSD.
40 years now, more than known.
The BSD operating systems themselves have been largely spared from hostile forks because they are too large and no corporation wants to maintain a fork, macOS being the obvious counterexample. But even macOS cannot eclipse FreeBSD.
Smaller projects should be wary. The should start with AGPL and resist efforts coming from corporations or other open source projects to strongarm them into downgrading the license to BSD or MIT.
Especially when such other projects have convoluted licenses themselves that are only declared open source by fiat due to their historical importance at some point.
Good lord - the views on HN are wild. I'm aging myself, but open source licensing (used) to not be that complicated.
The principles of open source are being violated by Elastic not AWS - just so we are clear. That is not so complicated.
If Elastic wants to make it so contributors to the software have FEWER rights than Elastic, that is fine, but that is not open source.
The principles of open source are normally that if I contribute to something that is open source licensed, that I can then use the code in the same way as anyone else. That includes hosting it for myself, doing a small consulting practice to build out some hosting for others, doing shared service hosting etc etc.
This is a live view of a new generation learning about the difficulties of market competition.
We're seeing this pattern in several contexts in the industry: Rather than compete, which requires listening and responding to customers (talking to people is hard), they prefer a magic wand (a new license, or regulation or something perceived to be "easy") to force large successful companies (which they see as immutable fixtures that can never be defeated) to break up or neutered so that smaller entrants can succeed.
"Be careful what you wish for". Smaller entrants aren't necessarily more ethical nor do they offer a better service than large incumbents. It really varies.
> at what threshold should someone ... stop caring
You’re not caring about OSS, but about keeping your turf and “ownership” of a product that is not yours. There really is no question here that Elastic is the one doing the “corporation” move and not the other way around.
> to undermine the business that was setup to sustain it
Successful OSS don’t need one business to sustain them, they rely on the combined efforts of their users - including Amazon. They have no reason to undermine a project that makes them money.
My organization uses open source precisely because we can choose between competing providers.
Which is not to say what they are doing is wrong, they are just as much within their rights as amazon is.
> The permissiveness of open source was one thought to be "we can all succeed together"
I think that's BS if you are talking about bsd-style licenses. Maybe i could see an argument about spirit violations if it was a GPL-family license, but the entire point of bsd style licenses is so that businesses can take the code and adapt it to their business needs.
First, Elastic sells a buckload of licenses for on-premises ELK, which is a vastly bigger market than managed services. And second, how is Amazon different from "other companies" you mention? Just because they're bigger and have a ton of experience with managed services they should be forbidden from offering managed ELK?
I don’t understand the argument that a company should get to “own” all the profits for a particular FOSS project.
The license communicates to others how you approve the usage of your copyright work. If you aren't communicating "do whatever you want" don't pick a license that literally says "do whatever you want".
Richard Stallman, Bruce Perens, and Eric S. Raymond, the people who invented Free Software and Open Source, all specifically said, at the very creation of the god damn licenses, that this would happen, and was perfectly fine. They specifically wrote their licenses to allow this. It's not an accident or exploitation, it's a fundamental part of what they exist to serve, which is the user's rights.
The Open Source Initiative, Debian, and Fedora, have all banned licenses like SSPI which exist solely to punish cloud service providers. If that's not the open source spirit telling you where you can stick it, I don't know what is.
You are trying to twist things here. If the people who invented the thing said this is to be expected, then it's part of the spirit.
Quite condescending this attitude.
I don’t agree with you at all, and find your argument completely stupid. I don’t think there is anything twisted about it. The software was released under license terms and as long as Amazon is complying with them there isn’t a problem, it’s really is that simple.
And really this is much ado about nothing. These fork fights are sometimes interesting with bit players, but the FAANGs of the world they could just build a tool like this from the ground up if necessary.
Share and share alike. That's it.
His goal is freedom zero, the freedom of a user to use the software as they want.
RMS doesn't, but others also in the copyleft camp certainly have. E.g. https://sfconservancy.org/blog/2020/jan/06/copyleft-equality...
For people who believe in this, please study your history — look up the claims and counter claims around Emacs, specifically how it was created, commercialised, and then liberated (then forked and merged again).
“Good intenshuns” (my somewhat humorous term for “spirit”) is no way to settle even moderately complex commercial disputes — say for a text editor which in those early days of late 70s/early 80s, had very niche appeal and a small user base.
In the 21st century, with bigger markets and more money at stake, “good intenshuns” matters even less and this is why we have a bevy of F/OSS licenses to suit every need.
It’s very telling that RMS needed to create a license to support his vision of Free software. Perhaps from his experience he realised that legal code was the best way to enforce desired behaviour.
Except that's not how it works with Elastic. I know at least one company (Acme Inc) that doesn't offer anything like Amazon, but does have clients who can access their "own" (client-specific) data hosted in Acme Inc's Elasticsearch cluster; it's a somewhat marginal (but still important) feature in the product, yet still, due to it, Elastic maintains that Acme Inc resells Elasticsearch and thus needs the "Enterprise" license to be in compliance.
So, Elastic are not only going for AWS and people who cannot host their own Elasticsearch, they are going a bit wider than you imply here.
That's not really accurate, is it?
Few if any open source companies has survived on a monopoly on hosting the product. MySQL doesn't do it at all, netiher does Red Hat, and many others. Those who do bundle it with support services for added value. They have to compete in the open market after all. They don't claim to have a monopoly.
Wordpress makes most of their money from hosting, but they don't go after AWS or any of the thousands of smaller companies all over the world that host it. Their exploding market share has been more than enough to sustain their own hosting business. And it does seem like Elastic is in a similar situation, with their hosting business still rapidly expanding.
Forget Amazon for a second. I know many people in the web hosting business and pretty much everything they host is open source software. If this is a precedent, if the opinion that hosting is morally wrong gets widespread, then that would affect a whole industry.
If you go off of what the law says, how this open source license works, and the understanding that all businesses are competing to make money, what AWS did here seems pretty reasonable and perfectly legal.
If you come at it from the perspective that AWS is always evil and the little guy is always good, you’ll view this as a terrible injustice. There’s not much substance to the justifications here, seems like you had your mind made up and then half heartedly tried to backfill some sort of reasoning. Just assert that everyone else has it twisted, of course AWS always exploits, try to evoke the spirit of open source as if that’s a single, easily defined quality.
FY20 Revenue of $427.6 million,Up 57% year-over-year (60% in constant currency)
?! they can't sustain developers on this?
Allowing others to fork for profit and give nothing back is entirely the point of permissive licenses.
"Permissive" means exactly that developers are permitted to give nothing back. Licenses without this permission are generally copyleft.
Not at all. That's the spirit of copyleft. The spirit of permissive licenses is that "I don't want developers to have to give anything back."
Usually this is done to deliberately allow private companies to profit off of the work without having to disclose their proprietary improvements. That is, presumably, why MIT and Berkeley licenses are permissive: they moved IP out of the university system into silicon valley as a type of indirect economic stimulus.
The open core model never got much sympathy from the community or customers. The only reason there are people siding with ELK here is because the other side is the eminently unlikable Amazon. It also never worked very well.
Yes, you can sustain a company with it, and even make it large. But it's limited in size and any idea that you can get VC money on a large evaluation and things will go smooth is ridiculous. The model also has a limited lifetime, after what you'll see your business slow down or you'll have to fight against your customers. It certainly can last enough to make people rich, but it's not sustainable, unless you diversify your software. None of that is caused by cloud providers.
Therein lies the flaw in the argument. If a company decides to develop something and open source it, it's not a product. If the company chooses to assign their time and resources to help develop it, great, but the moment it no longer becomes beneficial for them to keep supporting it, they'll drop it and leave it to the community.
Many companies invest time and resources into furthering open source projects without being the owner/creator of it. This is no different, whether they created it in the first place or not - they chose to open source it.
Building your business around something that you give away for free will always be a terrible business model.
Although it’s great for new entrants to the market who’re looking to build mindshare and marketshare. Because it’s hard for incumbents to compete with Free.
“Open Source bait and switch” has been a thing for a while now. Elastic is just the most recent/high profile example.
It's Elastic's fault. I support their new license and wish they had picked it from the start; but they didn't. If you explicitly grant someone permission to use your hard work in a certain clearly defined way, you can't be surprised when someone uses it in that way.
Amazon is not Google, they virtually NEVER drop a service.
I for one wouldn't use that word in this use case. They are just one of the many companies that legally use the product to make money with it.
EDIT: While on this subject, does that mean Amazon is "exploiting open source" by building and selling products using their own Android fork off the open source code and not paying Google for it? :)
I don't get how you came to this conclusion.
If Elastic goes bust, why would Amazon suddenly drop support for product? They have customers paying millions for the service, why the heck would they drop it?
If anything I would expect Amazon to keep the service and work harder to ensure good service, so they can absorb that portion of the market not being served.
If your multi-billion dollar company depends on the spirit of your competitors, you're going to have a bad time.
No. Opensource was started to avoid vendor lock-ins.
Maybe it's time to launch a free (as in freedom) infrastructure movement.
Unlike Google, Amazon is fantastic about supporting older AWS products. I can't think of any off hand that are completely gone. There are some that might be deprecated that you can no longer create new ones of though. An ancient database service comes to mind but I can't recall it's name.
Raw EC2 costs: $0.156/hr or $112/month
AWS Elasticsearch: $0.25/hr or $180/month
Elastic's Elasticsearch: $0.3375/hr or $243/month
(price stays about the same for 1, 2 or 3 nodes)
Also, do you think they make a profit on the bare EC2 instance? If so, why do you think that running a few management scripts that manage ES running on it would add up to more than $0.094/hour?
If they can take the market like that they'll do it, that's what companies do. The limits of taking the market has never been ethics, but sales.
I'll quote Bill Burr here:
> Just because it's legal, doesn't mean it's right.
And just because you can, doesn't mean you should.
Because of this shitty behavior, we will need to write new licenses to restrict who can do what with our software. Society moves at the pace of its slowest members. I guess for opensource, that's "at the pace of our most exploitive and cut throat business".
Elastic because a highly successful business off the product being open source and then leveraging that into funding and enterprise licensing and maintenence.
To turn around after and go 'we love open source... No not like that' is disingenuous at best. The license choice was always yours to make, you took the one that gave you the best growth model that got you here.
Yet it would've prevented AWS from undercutting their paid offering in the place I'm at now that would rather pay for it than self-host it.
The lesson I'm taking away from this is just use a license like they're using now from day 1. Totally "open" open source only works if everyone is a good actor, which was never a realistic assumption, but it took a while for that naivety to cost so much, I guess.
Totally open source works fine, it's when you try to mix open source with a controlling entity and a business model. You can only get away with that as long as you've got a lock on expertise and development. As soon as a significant portion of development and expertise is coming from outside, what makes the original business entity any more appealing than those others (as in this case)?
One way to stave that off for a while might be to make sure you're releasing new features you've developed at a good clip, and as you've developed them you're naturally going to have more expertise. That likely only works for so long though, most projects hit some level of maturity eventually at which point new features are somewhat superfluous, and might even be detrimental.
I think the bottom line is that if a business is based on an open source product then that business should be looking at it as something with a life, and a coming natural death (of being able to be the only/main support company for it at least), and plan accordingly. It might not happen, but you can't count on it being exclusive forever, especially if it's actually lucrative.
Trite as it may sound, open source isn't a business model. For a profitable business, you need something unique, a moat that competitors can't cross easily. Open source can certainly be part of that model, for example by increasing the value of your core assets. Or as Joel Spolsky wrote many years ago, commodify your complement.
Google, say, releases a lot of OSS. Guess what they're not releasing? The data they have hoovered up of practically every internet user, that they sell to their customers (companies that buy advertising, not the users). "Data is the new gold". They release tensorflow under a permissive license, not the data they're training and running their DL models on. They release Android for free, as that lowers the cost of phones and drives more users into the Google online empire, giving them ever more data. Again, "data is the new gold", "commodify your complement".
(Not picking on google here to say that they are good or evil, just an example of how you can build a spectacularly good business while also releasing a lot of OSS)
Or for all those VC-funded corps popping up trying to build OSS databases and seeing it doesn't work out (Mongo, Elastic, etc.), build a database, not a database engine. Data is the new gold, software, particularly OSS, is a commodity.
Amazing. I think capitalism wouldn't be hurt if occasionally companies made the choice to end themselves "get out while you're no top" and distribute their wealth to the stakeholders, ideally with some sort of bonus to the terminal employees. Of course, the employees might not like that, but it is an attitude of entitlement (if an understandable one) to think that you should have a job for life.
Software matures, and the expertise transfers to many other people while it matures. That shared expertise enters into public common for good. Natural and beautiful.
Maybe. I can no longer tick the "does it use an approved open source license" compliance checkbox any more. Sadly, for me, there's now a very strong incentive to move forward with an Apache2.0 licensed Amazon fork instead of the Elastic one.
Key word here is would've. They were already Apache 2.0 until 7.1.0 therefore this change will have absolutely no effect on Amazon's business; all it will do is encourage the develop of high-quality feature-rich Apache 2.0 forks while hurting Elastic's brand image - rightly so - because they're (a) no longer an open-source company [except for beats/etc which only works in the context of the now-proprietary elasticsearch/kibana], and (b) they outright lied to the community when they claimed that future versions of their open core would always remain Apache 2.0
Where did they make this claim?
"We did not change the license of any of the Apache 2.0 code of Elasticsearch, Kibana, Beats, and Logstash — and we never will."
I view SSPL as a Copy Left style License for the SaaS age.
They picked the wrong license in the first place with Apache, they should have used GPL, AGPL, or some other copy left anyway
I generally oppose Apache, MIT and other non-copy left license exactly because it allows Amazon and other large companies is leech off the work for their own commercial offers while giving nothing back
Copyleft licenses such as AGPL are open source licenses, because they preserve user freedom.
The SSPL is not an open source license (and likely not even Copyleft) because it restricts user freedom that have usually been guaranteed by FLOSS.
Open source isn’t about guaranteeing a for-profit company a business model. “Leeching” is irrelevant (and also just Elastic marketing propaganda).
User freedom is the whole point.
I do note that the original "open source definitions" were drafted back in the late 90s (and from memory, built on older pre existing Debian docs of similar nature).
The world was different back then, I wonder what the authors of those docs would have considered "user freedom" to be in the age of AWS/GAE/Azure?
(I guess Stallman, for all his flaws, is a reasonable guide to what the free software movement would have thought. It'd be illuminating to hear his opinion on these new licenses. I suspect I know the answer, and it'd very strongly agree with your comment...)
I respect anyone who follows a license, I respect anyone who want to relicense a software and I respect someone who forks a project. I don't see any fault anywhere here.
If those companies customize your code and don’t recontribute it, that’s what the AGPL is for.
The SSPL doesn’t actually help with this problem. It removes your freedom to use the software in certain ways. It is a pecuniary license designed to sell you a more permissive license.
What right is being violated here? You as a user can run your own Elasticsearch software; I haven't modified it and thus I don't need to publish anything specific. What the SSPL says is I must publicize my entire SAAS product - but the user isn't paying me to run their own Elasticsearch SAAS product, they're paying me to run Elasticsearch.
So to call SSPL copyleft is totally absurd.
Now, there's a broader discussion that you raised of whether the open source definitions are out-of-date or not. Personally, I don't believe so. I don't see how any of the newer developments in the space (public clouds, managed offerings, etc) materially change anything; indeed the whole point of OSS is it's based off of deep principles.
"The terms “free software” and “open source” stand for almost the same range of programs. However, they say deeply different things about those programs, based on different values. The free software movement campaigns for freedom for the users of computing; it is a movement for freedom and justice. By contrast, the open source idea values mainly practical advantage and does not campaign for principles. This is why we do not agree with open source, and do not use that term."
I guess you and Stallman agree there, and that permissive open source licenses are totally up-to-date with modern cloud computing businesses and business practices and that Elastic and their choice of Apache2 are getting exactly what they signed up for. And that "free software" licences especially the viral ones exemplified by GPL/AGPL are also still relevant in 2021, and having chosen one of those would have given Elastic.co what they claim to be demanding... (I think I agree there too.)
I think we agree up until this point, at which you fall into a trap. This is the same trap I was trying to avoid by giving my SSPL scenario above.
A copyleft license like GPLv3 does not prevent a business from operating a SAAS business.
AGPL would apply, but it only triggers upon modification. So as long as Amazon doesn't modify Elasticsearch itself, they don't have to publish anything (because there's nothing to publish), and if they do modify, they have to share just those changes. Which is very fair to me from a copyleft perspective.
Now SSPL tries to go further and say for merely using the software in a certain way, you must release not just any changes to the software itself but also everything around the software. That is what makes the SSPL neither open source nor free. (I guess I don't actually know how "free" is defined, so I can only say for certain that it's not open source, but I don't think SSPL even counts as copyleft)
I as a user can no longer fix bugs in the Elasticsearch that I'm using. So I don't have the four freedoms that copyleft is all about protecting.
> What the SSPL says is I must publicize my entire SAAS product - but the user isn't paying me to run their own Elasticsearch SAAS product, they're paying me to run Elasticsearch.
That's like "I'm not blocking you from going into the building, I'm just blocking you from going through the gate outside". The point of copyleft licenses is that you need to give the user everything they need to run (or hire someone else to run) the same software (or their patched version of it) the same way.
I am aware FSF would disagree with my position, AGPL is better than SSPL.
As to OSI, I have losts of issue with OSI as an organization, and when they state "But Elastic’s relicensing is not evidence of any failure of the open source licensing model or a gap in open source licenses. " they are simply wrong
There is a clear gap in open source licenses when it comes to dealing with SaaS, the fact they do no see this gap is very telling.
the Free Software community saw this problem and thus the AGPL was born, something like AGPL is needed for open source, but OSI refused to even acknowledge there is a problem let alone look for solutions to it
//And no Free Software is not the same as Open Source Software, they should not be linked as being the same
>>User freedom is the whole point.
Free Software is about user freedom
Open Source is about Developer Freedom, that has always been the big difference.
Apache, MIT, BSD etc are all licenses that allow devs to take code, use it in commerical products. That is why you see places like GitHub default to these non-copy left licenses.
Free Software is about copy left, GPL and the like. Because it gives USERS freedom
I think you have zero interest in Free Software. You want “Free Software except in the ways I don’t like”.
AGPL was about ensuring user freedom by requiring server hosted source code modifications to be contributed back to the community.
SSPL isn’t about that. SSPL removes freedoms from using the software for no principled reason other than to allow a copyright holder to make more money by selling you a less restrictive proprietary license. It isn’t copyleft, it isn’t free, it isn’t open.
You built a nice strawman to tear down around my “They are simply wrong” quote using it out of context
How about you address what I actually said OSI is wrong about, they are wrong about the fact that there is no gap in Open Source licensing when it comes to SaaS Sevices. SSPL may not be the best solution to it, but completely rejecting the clear problem is how you end up with less than perfect solutions like SSPL.
I don’t see what the clear problem is with open source licensing. AGPL solves the problem of SaaS providers modifying your software without freeing their modifications, if that’s what you want. AGPL is also an OSI approved license. What more is missing?
If you want to have a business model like Elastic, then open source is simple not right for you.
This is what the OSI Board of Directors says.
It's a different discussion whether this is a good business model, but it's not like op has no point here:
What's missing is an open-source license for products whose profits accrue due to being run as SaaS.
If you're just going to say: "This is not possible with open-source licenses", then that's the gap.
What people actually want to do is exclude about 10 or less companies from selling their software at no own cost, while keeping it open-source for everyone else.
And OSI says this is not a use-case for any of their open-source licenses.
Maybe there should be a license for that.
I don't know.
Forcing profit accrual in your software license is easy enough. The hard part is to grow a community & popularity the way open source licenses have proven, when you have such restrictions in place.
This is only a "gap" in the sense of the grand injustice of the universe, as the Rolling Stones said, "You can't always get what you want".
'What's missing is an open-source license for products whose profits accrue due to being run as SaaS. If you're just going to say: "This is not possible with open-source licenses", then that's the gap.'
Think about what you're saying for a second.
1. Free software & open source is fundamentally opposed to user restrictions of any form, this is "Freedom Zero" and literally the whole reason the movement was created and got popular.
2. You can't create an "I GET THE MONEY" restriction and still be open source or free software, or accrue anywhere near the popularity and community goodwill you'd otherwise get
3. Therefore this is a problem?
Open source contributors have limited interest in your profits or business model if it means compromising the most essential point of it all. Open source is not a business model, and never was meant to be. Plenty of open source companies made lots of money without restricting user freedom, and they did it while AWS and others existed.
All of the tech leadership and excitement in dev communities today (Docker, Serverless, Kubernetes, Kafka, Spring, Rust, Golang) etc. is driven by open source, not by the clouds' proprietary services.
'What people actually want to do is exclude about 10 or less companies from selling their software at no own cost, while keeping it open-source for everyone else... Maybe there should be a license for that.'
Licenses like this have literally existed for over 30 years. "Everybody but Microsoft", "everybody but IBM", "everybody but the military". They're out there in spades.
Good luck, have fun. Build amazing software and build a community!
Except, these violate "Freedom Zero", the most essential point to why FLOSS was created: freedom to use, no restrictions. You might have some challenges gaining community support because of this.
The excerpt worth reading:
"The lack of usage restrictions in its licenses is key to the success of free software. A world of proliferating and potentially conflicting usage restrictions, each seeking to address a different social cause or need, would introduce so much friction that the tremendous democratic social benefit brought about by the free sharing of software – including the empowerment of individuals to effect social change in unjust institutions – would be undermined.
Just because a license is not the right place to enforce ethical software usage doesn't mean we don't recognize the problem, or respect the people raising it. We should encourage and participate in conversations about the ethical usage of software. With the ground rules of free software as the baseline, anyone can build systems to specifically promote ethical use."
Like Elastic "leached" of Lucene? Elastics whole business model depends on Lucene being under the Apache license. If Lucene followed your suggestion (funny enough, Lucene used LGPL very early in its history) Elastic wouldn't exist at all.
If you want to offer ElasticSearch as a service, you have to open-source your entire hosting stack including UI. God help you if you pay for any proprietary software — you literally can't satisfy these terms. Notably, Elastic itself doesn't have to do this for its own hosting service, because of course it can't satisfy the terms: no hosting company I know of can.
The point of the license isn't to get contributions back. The point is to prevent competition to Elastic's hosting business. Elastic's new version of ElasticSearch is source-available software, not open-source, by pretty much any reasonable definition.
It's worse than that: you need to release your entire hosting stack under the SSPL. It's extremely unlikely that you're able to do this. Hope your servers aren't running Linux! (Or bash or the GNU coreutils or...)
If it were acceptable for the rest of the stack to be under another free software license, I'm not actually sure I'd be opposed to it. But yeah, as-is it sure looks like they've just written the license such that it's impossible for a hosting provider to comply.
(I _do_ totally understand the principle of strongly viral licenses, I think the GPL is an amazing thing. The chardonnay socialist in me wishes the whole world would use it. Pragmatically, at work I feel obliged to point out the responsibilities of using GPLed dependancies. From a profit-focussed business decision, it's often better avoided. I agree what Amazon does with Mongo/Redis/Elastic et al. qualifies as "leeching", maybe I'm only fooling myself that my work's projects are somehow better...)
Had ElasticSearch been under a copyleft license, the only difference would be that Elastic would've been unable to simply move away from the copyleft license.
Sure, if your whole business model is “sell a SaaS”, then making the whole offering an open source product that is simple for other people to host and offer an equivalent (or, if integrated with other offerings you don’t have, often more compelling) service is a bad choice.
But people choose open source licensing for a reason, and against competing software, a proprietary license can be a negative feature which makes it harder to grow mindshare and prove out utility.
Literally one of the selling points of ES amongst my peers was that it was easier to set up to host in a multi-node cloud than the earlier Solr.
Which is great, good for them! But... yeah.
You’re welcome to license under SSPL (or AGPL) if you wish. But if you want commercial customers (or even users), you’ll have to bear in mind that licenses like SSPL are a “no” (or at least, requires legal review) in many commercial entities, including startups.
Licenses like SSPL won’t give you the growth a new entrant could potentially get with a more commercially friendly FOSS license, because your potential users/customers will see it as a proprietary product and evaluate you as such.
In Elastic’s specific case, iirc a major competitor for them was the proprietary Splunk, so Elastic being FOSS really helped their case. Had they been SSPL from day 1, their growth trajectory would have likely been different.
While true, personally I'd not be willing to contribute to such a project.
Of course, such a license would require legal blessing, which in itself is a lot of (paper) work. What if, the company decides to change the license in an year?
It would have prevented its use in a previous company i worked at (largely for ideaological not practical concerns).
> Totally "open" open source only works if everyone is a good actor, which was never a realistic assumption, but it took a while for that naivety to cost so much, I guess.
That seems like a silly conclusion. Amazon is being a good actor by all accounts. On top of that Elastic is like a 15 billion dollar company, if that's not working, i need to get going on a business venture that doesnt work.
Anyways what makes you think they would be succesful if they used the license from day 1. Having your cake and eating it too only works if you switch halfway through.
People used and recommended the software for years because it was Open Source. People contributed to the project because it was Open Source. It became popular BECAUSE of Open Source.
Your argument doesn't work because you wouldn't have known about it if it wasn't Open Source.
The decent thing to do (for all managed Open Source products that you didn't create yourself), would have been to offer a cut to the original team. Instead, AWS takes all their customers, keeps 100% of the revenue, and passes on nothing.
The Affero General Public License (AGPL) was published in 2002. https://en.wikipedia.org/wiki/Affero_General_Public_License
Plenty of people saw this coming. It was completely predictable. The reasons why licenses like the AGPL haven't yet caught on are complex. But I don't think anyone can credibly claim that they were blind-sided. Rather, I think many people and companies simply feared the day of reckoning, discounted the threat, and did as most everybody else was doing.
They are not complex. Permissive licenses encourage adoption but hinder monetization; restrictive licenses do the opposite. Pick your poison.
Like with the GPL 20 years ago, the intuition today seems to be that licenses like the AGPL are simply anathema to adoption (because "viral", etc) and therefore market capture, and if you can't capture the market you can't monetize your investment. It's something of a self-fulfilling prophecy, but eventually more people (authors, users, etc) will begin to explore the space commercially and, hopefully, disprove the conventional wisdom.
First release of elastic was Feb 2010. AWS launched in March, 2006. The folks at 10gen used the AGPL for MongoDB since Feb, 2009. Yeah nobody could've seen this coming.
It wouldn't surprise me if that license in a few years don't get nicknamed "Mongo's license"
Elastic is also infamous for data loss and still has consensus problems so maybe proper priorities are the real problem.
It simply becomes the default - and (if on AWS) nobody will even think of Elastic after a couple of years.
AWS just proved that the market wants to buy solutions, not software. There are tons of customers and environments where a dedicated vendor can offer something far better than the lowest-common-denominator that AWS provides.
If you want another success story, just look at how Snowflake built a better Redshift on AWS (quite literally).
1. Start at page 23 of their earnings report: https://s2.q4cdn.com/265747582/files/doc_financials/2021/q2/...
The biggest advantage the big three have is that some people don’t even bother looking for alternatives.
Who are the members of the original team? Are we not going to give a cut to all the other contributors to the project throughout the years? How much should each contributor get? Are we measuring by lines of code touched?
They don't seem to have any revenue sharing scheme with Linus, yet all the Linux companies seem to be doing pretty well for themselves.
You also haven’t resolved the logical contradiction that Elastic is equally “guilty” of profiting off of Lucene.
I honestly don’t think a nuanced understanding of these licenses and open source business models can lead to any conclusion except this one: Amazon is not in the wrong here, Elastic is being entitled, misleading and duplicitous. Elastic is free to use Lucene as its kernel and monetize it, and Amazon is free to offer a managed Elasticsearch service.
If you write Apache 2.0 software, you have no right to bitch about competition. That’s the short of it. And remember - Elastic is doing fine. They’re worth $15B. The founder has hundreds of millions of dollars now, and rightly so.
One of the reasons to choose open source is to avoid lock in by having multiple suppliers, and at least in theory have some healthy competition between them.
"My argument is that AWS is eating seed grain, on its supply side, and doesn't know it."
Frankly Elastic has been very hostile at accepting PRs if they seem like they’d compete with Elastic’s proprietary offerings. Glaring conflict of interest. So I’m glad Elastic forced a full fork.
BTW, in case you didn’t realize this license change will not prevent Amazon from running their own fork. So even from a greedy business perspective Elastic made a horrible decision, even ignoring the ethics of lying to the community as they have done repeatedly and without showing any remorse.
edit: Fixed typo where I wrote "Elastic" instead of "Amazon" when talking about Amazon being no exception to preferring to merge upstream where possible
This claim is highly unrealistic. Offering managed services has been the hallmark of the cloud from day 1. The cloud is nothing more than managed solutions.
It's highly disingenuous to claim that it was not possible to expect a business dedicated to offer managed services to offer a managed service.
I don’t disagree about, what I would say charitable, instead of decent thing to do is.
Amazon EMR release 5.24.0 includes several optimizations in Spark that improve query performance.
Why have these optimizations not been contributed back to the community?
I don't see that happening anytime soon. There is still a market for hobbyist and boostrapped businesses who can't afford the insane prices offered AWS, Azure, GCP & Co. Storage, Computing and Bandwidth on these platform is inflated for the "enterprise and over-funded-startups" market.
Hetzner, Ionos, Scaleway and OVH are still order of magnitude below AWS in terms of prices. And the quality difference is in no way justifying the price difference. (Especially with Hetzer and Scaleway which are almost on par with cloud platforms)
> All changes to Elasticsearch were sent as upstream pull requests (#42066, #42658, #43284, #43839, #53643, #57271, #59563, #61400, #64513), and we then included the “oss” builds offered by Elastic in our distribution. This ensured that we were collaborating with the upstream developers and maintainers, and not creating a “fork” of the software.
With links on the issue numbers. Why should we not understand this as contributing back?
Someone pointed out elsewhere:
*Correction after looking a bit closer, I think Amazon has submitted at least 600 PRs, they only listed 9 in the blog post. That's better but it still doesn't change the fact their business model doesn't allow the companies they're building on the backs of to have a sustainable revenue stream.
Author: paulward24 <firstname.lastname@example.org>
Date: Wed Jul 3 04:37:07 2019 -0700
Ensure to access RecoveryState#fileDetails under lock
Referring to the fact that the original 600 Amazon PR claim was rescinded in that thread
Sometimes step changes happen, and things are just different afterwards.
I see two related "changes in the world" here that are contributing to this current drama.''
1) the rise of SaaS and globally centralised cloud hosting.
2) the emergence of companies solely (or mostly) built on paying salaries to developers writing an open source software project. (Elastic/Mongo/Redis being the primary examples).
As I see it, the 30 year old "Open Source" principles didn't see these coming any more than the buggy whip industry saw the Model T coming.
Personally, I'd really like to see those three companies (and others/new entrants) come up with a workable new model for software licenses for some kind of "freely usable software" ("free" in the generic "no obligations" sense, not the GPL/Stallman "freedom" sense) written by salaried devs at for-profit companies. I think the world would be a better place with more software closer to the Stallman end of the license spectrum than the Oracle end. I don't think that's necessarily a given. It might well be true that in general, a for profit company cannot make enough money out of writing software and giving it away to keep teams of full time developers paid.
Also, I think through history every law was made in the name of making law more just, bringing the legal system closer to an ideal of justice.
We also know that simply throwing out law and bringing back case by case judgments (eg. what kings and lords of old did) just gets us further from that ideal, hence we work on our laws and licenses. But that doesn't mean we should forget that they are imperfect and sometimes they need updating.
AWS is the bigger fish :|
Apache license is a longer and more complicated version that is the same in spirit but also includes the agreement that the licensor does not sue the licensee over patent infringement for use of their contributions to the software or the cumalative software, unless the licensee makes a patent claim against the licensor in which case the license terminates
Its arguable that Elastic simply hasn’t come up with an open-source compatible business model, and that’s fine. But its not Amazon’s fault.
Or more accurately, Elastic is pretending it doesn't have an open-source compatible business model.
The actual truth is, they've built a great business. $500MM in yearly revenue, with 40+% y/y growth, for a valuation of like $15B last time I checked. And yet they're trying to pretend this is a David vs Goliath story and that they're literally going to go out of business because of Amazon. Nope, it's all gaslighting. They don't need to make this license change, without it they'll still be a $50B business in a decade or less.
They're just having an immature childish response because, while they're making boatloads of money, Amazon is also making boatloads of money, and that's not fair in their eyes because Amazon didn't invent Elasticsearch. It's all so childish (and ignores the tremendous value AWS as a whole is, but that's another rant)
The core disagreement was that Amazon (and many other contributors) wanted to add that to the base distribution, and Elasticsearch fought them for years on it, deliberately breaking any community plugins that got a solution working.
Enough blame for the current situation on all sides.
So, to call Elastic a successful open-source business model isn't quite accurate, and you're correct to point that out.
I think this is precisely correct, and it's really strange to me that a company developing innovative software would decide to apache license all of their work but I still feel for them. I'm guessing that they wanted to build a thing and make some money off of it while mostly just contributing to moving tech forward and that's a super noble goal... but that noble goal would have been much better served by using a license better tailored to OSS free use for non-commercial purposes and pursuing individual agreements for commercial use.
Then again, if it was launched with such stringent requirements would so many contributors have helped them develop into such a usable product?
Elastic has indeed found a profitable business model: they have their own cloud (cloud.elastic.co). But for it to be profitable they need to cover the costs of both developing the Elastic stack, and running a SaaS. AWS only has to cover the cost of running a SaaS (since they are getting the stack for free) which gives them a HUGE cost-wise advantage.
To counter this advantage Elastic is asking them to partner with them like other cloud providers do (Microsoft, Google, Alibaba etc) but AWS has refused to do that.
Isn't it then fair for Elastic to restrict AWS from using their software?
Open source is a type of generosity. Generosity is good in the software world because the rules of the game benefits everybody the most when everybody are generous. I believe it's similar to prisoners dilemma but with even bigger benefits when we are all generous.
However, it's also a tit-for-tat game. When others start to be greedy it makes some sense to be greedy yourself. Thus short circuiting the game and making the playground worse for everyone. Until we realize that generous is better again.
So tying back to your comment. Yes, open source contributors doesn't expect something back but they can only hope that others at least pay it forward.
If they want to ensure others "pay it forward" (also release their source code), they should be contributing to copyleft projects instead.
The AGPL would ensure users of elasticsearch, whether hosted by elastic or AWS, have access to the source code of the software they're using.
But Amazon is releasing their source code. Even more of it than Elastic.
... have to let Bezos et al. exploit it?
(And that's maybe not as bad a thing as it sounds on the surface. Linux, Apache, PHP, Ruby, HAProxy, Nginx, and probably hundreds of open source projects I can't even start to list don't seem to feel the need to come out swinging like Elastic/Mongo/Redis have. )
We might actually be better off with Amazon as the steward because they don’t need to make money on the software itself.
It would make a lot of sense for them to slowly close it down or modify it so that it eventually only makes sense to use it on their platform. Or something similar. And given what I've seen from their behaviour I would expect them to exploit whatever market leverage they can.
Brian Behlendorf didn't write Apache (or more accurately, patch NCSA httpd) out of "generosity", he was doing what was known back then as "scratching his own itch". Sure, he generously gave it away as well, but that was after he'd done the work to benefit _himself_.
Same with Larry Wall and Perl. He wrote the language he wanted, and shared it afterwards. He didn't write it out of generosity (and to be fair, he is 100% the sort of person who might have).
I think the dual license strategy Larry chose for Perl really shines light on his motivations, "use GPL if you want to, use the enormously more permissive Artistic License if you want to". He just wanted anybody who might find his software useful for any reason at all (including becoming insanely rich, if they could work out how to do so) to be able to use Perl.
Open source should be about optimisation. For example you have some infrastructure code (like LLVM, Linux kernel, etc.) that brings you little competitive advantage but you benefit from distributed maintenance - OSS is a perfect fit. And people using it but not contributing back is not really that big of a deal.
The incentives to upstream exist without licensing requirement - maintaining a fork which when the upstream knows nothing about what you're doing and could break you with every commit is not fun. You also lose on distributed review/support aspect. At the end of the day if someone finds a way to profit and not contribute back - how does that impact you ? Unless they are a direct competitor and you OSS something critical - in which case like people above said - you should rethink your business model.
Also OSS has a bunch of secondary benefits - recruiting, developer mindshare, etc.
I think viewing OSS as a generosity is not sustainable, and the incentives exist even without restrictive licensing.
Sure it's nice when you can motivate it like that but I feel that the long tail of open source projects doesn't fit your description but are projects driven by a few enthusiasts.
But why would you very deliberately choose a software license which very explicitly distinguishes itself from normal proprietary software licenses by spelling out how it requires no payment and will always require no payment (and in some cases, explicitly prohibits anyone else from requiring payment!), and still maintain an expectation of payment?
Elastic, at this moment, is pulling in half a billion dollars in revenue per year. They're growing at at least 40% y/y. They're valued at $15B at this very moment.
So, tell me again why this license change is so necessary? Oh right, it's not, it's just a disingenuous move to try to monopolize the market they're in.
Except, the irony is, this isn't even going to increase the money they're making, because Amazon, as I predicted days ago, was always just gonna fork 7.1.0 and keep it Apache 2.0. Which is not only legally their right, but actually ethically is a good thing to do anyway.
And don't even get me started on how Elastic puts most of its real efforts into their proprietary features anyway, and if you hypothetically opened up a pull request that perfectly implemented TLS or some other feature they'd deny it because they have a conflict of interest with X-Pack.
Now I want to be clear. I'm personally an anarcho-capitalist, I reject the whole idea that a company being big makes it evil. I don't think it's a problem that Amazon is making money with free software - aren't all of us in the industry making money with Linux, or with apache httpd, or <insert open source software here>?
So, I don't hold the fact that Elastic is a multi billion dollar company against them either. But when they try to gaslight the communtity and portray this absurd, patently false, downright offensive david vs goliath narrative, I'm going to call them out for being liars, because that's what they are. They have shown they will break deep promises they made to the community without a second thought.
They've also shown they couldn't even be honest in their communication around this licensing change. They claimed this would have no effect on their users - bullshit, a good friend of mine works at Wikimedia and they can't run Elasticsearch 7.1.1 or above in the future because they don't run proprietary software. Meanwhile the license change doesn't even do what they claim it's for.
They also have mastered the art of doublespeak like this:
> The list of improvements under this new free and open, yet proprietary, license, is overwhelming
Ah yes, the infamous "free and open, yet proprietary" software. Couldn't live without it.
At least according to the OSI, who last I checked, really care about open source ideals.
Pretty sure rms is 100% convinced _both_ sides of this disagreement are morally wrong.
Do you really think that liking open source is in any way correlated with politics? I'd like to read a source on that one, because it's certainly not been my experience. Maybe we've contributed to different projects and/or read different people.
But even that aside, you think that everyone who likes open source is condemning amazon and on elastic's side? That is even more suspect. Just as an example, the creator of sourcehut has been criticizing elastic all week, and all of his posts—at least one of them explicitly saying that Amazon is definitely allowed to do what it's doing—have reached the front page here. And he's someone whose "liking open source" credentials are good enough, I think.
: I'm not even going to get into other implication, that wanting to improve society is also in any way related to any given political leaning.
(sometimes I feel upvote isn't enough)
> Under the Confluent Community License, you can access the source code and modify or redistribute it; there is only one thing you cannot do, and that is use it to make a competing SaaS offering.
>No. Apache Kafka is licensed under Apache 2.0. The license change only applies to our Confluent software that was previously called “Confluent Open Source”: Confluent Schema Registry, Confluent REST Proxy, Confluent ksqlDB and some Confluent Connectors.
I love that they try to make it sound like they even have a choice in changing Kafka's license.
What is? Because I don't think the point of open source is to have big companies make money off code that other entities—in many cases individuals—made available for free. It's certainly something that happens, and I don't think it's universally bad, but I wouldn't say it's the point, either. I've heard of several high profile cases of the people who maintain high-profile projects supporting $billions worth of commercial products struggling to make ends meet, and I don't think that's the point. That's not a system working as designed, because nobody designed it and there arguably is no point—it's simply a dynamic that emerged organically from the factors that drive people to contribute to open source, and those that drive businesses to maximize their profits.
Forking is the/a point in the sense that I can't think of a version of Open Source that is still Open Source but that doesn't allow forking -- that allowing for forking is a deliberate choice, not an accidental one.
Because I don't think those two align as closely as many of the arguments here gloss over...
Conversations like this are just sort of pointless, where one side says it's supposed to be this and the other replies no, it should be that, when really open source software is just a thing that happened. It's up to us to define an ethics around it and to decide how we interact with other actors in the ecosystem who might not have the same principles and goals.
To have a discussion about how it should work, to make subjective value judgments like the ones these comments are full of, we need better arguments than 'the license says it's fine, so on what basis can you criticize Amazon's and/or Elastic's conduct here?' or 'but that's not nice!' or 'Amazon/Elastic has $XXXM revenue so they are bad'.
Lower case open source is a term that I personally try not to use, specifically because of that confusion. I personally try to refer to that as source available or shared source when possible.
Stallman and the OSI do _not_ agree on "Libre software" and "Open Source" - in a quite fundamental way.
When I use Open Source (capitalized) I am arguing for Libre software with the values Stallman is talking about. The point of disagreement I have with Stallman is this -- Stallman argues that using the 'wrong' word to describe Libre software risks corrupting the movement. I argue that using a generally accepted word to describe the movement, and culturally reinforcing the common understanding of that word as a subset of Libre (ie, not just giving up saying "Open Source can mean whatever the Mongo devs want it to") is valuable enough to override those concerns.
Stallman goes on to argue that the Open Source movement doesn't care about Libre software, and we should not align with that movement. I argue that a very large contingent of the Open Source community does care about Libre software, and it is worth advocating to the remainder of the community that Open Source software is Libre software and that the real ideals of Open Source beyond just source availability can not exist without the ideals of Libre software.
Stallman and I disagree about whether or not we should use the term Open Source to describe Libre software, but we don't disagree about what Libre software is. Even Stallman admits that aside from some minor differences, the official OSI definition is mostly in alignment with Libre software. What Stallman is really disagreeing with is with the PR strategy. And the reason I'm not going to try and separate those terms is because I explicitly disagree with him that his strategy in this specific case is helpful, and because I and many other people in the community want to continue to fight for the idea that Open Source needs to be Libre.
Part of the reason we use Open Source to describe Libre software is because we don't believe that Mongo or Elasticsearch have the right to decide for us what Open Source means, and we're not willing to drop the issue, give up all of the good will and public recognition we've built around the term, and just go use something else that the public doesn't recognize. Because if we do, and we have any success at all, then pretty soon proprietary companies will start to co-opt that term too.
I don't see any indication that confusion over what the OSI meant by the term 'Open Source' is the reason why Mongo felt emboldened to write a new license that took away user freedoms. Mongo didn't argue that Open Source was different from Libre, they attacked the very spirit of both movements by implying that their focus on 'sustainability' and 'fairness' was somehow fixing flaws in the OSI/GNU definitions and making their software even more free. If we were all using the term Libre instead, nothing about Mongo's PR strategy with the SSPL would have changed, they would have still claimed that their license was reinforcing the 'spirit' of Libre software.
Do you have numbers on how much AWS profits from Amazon Elastic Search service?
Have you checked the profits from Elastic for their offerings?
Have you compared them?
How do you quantify "insane"?
Honest questions. Just a data person.
So legally open source but socially closed source/non-commercial use?
They seriously have this entitled attitude that because you used the free software project that they started, that now they're entitled to that money. It's patently absurd. Imagine if Linus Torvalds went around with that attitude, claiming he deserves to be a trillionaire because of the absurd amount of value Linux has produced. (And ironically Linux is a more restrictive license than Elasticsearch)
Good point. When I willingly contribute to open source with no compensation, it's with the understanding that it's because my contribution is available to anyone under the same terms, I'm contributing to a "commons" open to all, willingly for the public good.
If anyone wants to use it for profit-making purposes, that's generally fine with me, because everyone can on an equal basis.
If instead the software is licensed such that one company has special rights to profit off of it that others don't... why would I donate my contributions for free to that company? Shouldn't I get a cut?
Up to now I've had a sort of knee-jerk response of "it's Elastic's software, they can do what they want", but I think you're actually right. They're reaped the benefits of open source, including free work from the community, and now they want to claim exclusive rights to profit off of it. It's basically the perfect example of wanting to have the cake and eat it too.
I love having my opinion changed. Thanks for that.
Elastic (and Mongo and RadisLabs) are trying to do something new.
Linux, without doubt, "reaped the benefits of open source, including free work from the community," to the point where although the original release was 100% Linus's own code and arguably "Linus's software", these days to a first approximation _none_ of the code is "his". The percentage of the ~27million LOC that is "linux" these days that were personally written by Linus is effectively zero.
Elastic is a company paying 500-1000 employees who I suspect (but haven't checked) contributed the majority of the code rather than it being "free work from the community". (And their ability to relicense the code suggests that any community contributed code was contributed under their CLA which meant the contributors explicitly granted Elastic future rights to relicense those contributions, so it's not like the "community" can pretend they didn't know this was possible.)
I don't know that Elastic's business model will work. I don't think there's any guarantee that it will. Part of me kinda hopes it does, because I suspect that the business success of "company backed venture capital funded free-as-in-beer software" might result in more and better software being available to use - perhaps software on such a large scale that "scratch your own itch" motivations have insurmountable ramp up difficulties. I personally think the jump[ from AntiRez's "scratch your own itch" redis, to RedisLab's "Widely Fortune500 adopted and enterprise ready Redis" is not a thing AntiRez wanted to stick around and do. And the world _might_ be a better place for the existence of the non-OSI approved software under license like RedisLabs "source available" one.
It'll be interesting t watch this play out over the next decade or so...
Just to add a bit more nuance, I think we tend to focus a lot on community contributions, but IMO the biggest benefit of FOSS is not that; it's adoption.
Even if Elastic writes 100% of the code, by making it open source, they are promoting the widespread adoption of their software. A project with a non-free license or a custom license is a non-starter at many (most?) companies, or at a minimum requires talking to legal which is a PITA.
So, even with no community contributions, Elastic would never have been able to get to where they're at now - making $500MM in revenue a year and at a $15B evaluation - if it weren't open source.
Now just to be clear, Elastic is totally allowed to close things up now that they've reaped the benefits. The beautiful irony is that, when you close source after you've reaped the benefits, by definition you've also hit the point where it's now obviously beneficial for a company like Amazon to make their own fork and keep their AWS Elasticsearch cash cow going.
So, ultimately the community is totally fine. Indeed Elastic has been going down this road for a few years now, so it's actually a good thing for us that this happened. Better to have an amicable divorce early rather than a messy one later. But I can't help but point out that Elastic has broken its promises and misled the community - to their detriment more than to ours.
This isn't an accident, it's in fact the whole point of open source that people can make open source forks when the original authors decide to no longer do open source.
I don't think there's much 'amicable' about it though in this case at the moment.
I don't think that's true, at least for software such as Elastic, Mongo and RedisLabs.
There are a lot of big companies that benefit from those, and might want to invest it, despite not being their direct revenue driver.
See for example the Cassandra database released by Facebook. Or how Amazon is going to invest in their Elastic fork now. Or how Linux is funded by dozens of companies (IBM, RedHat, Oracle...)
Or pretty much any programming language: I haven't seen a programming language that's not truly Open Source (as in the compiler/interpreter + API) for decades.
The kind of software where it's not going to work is where it's solving a business need for companies that are not software companies: but Open Source isn't common in those fields anyway.
Do they want to have their cake and eat it too?
The "free work from the community" either was contributed under the terms of a CLA that allows for relicensing, or members of the community all agreed to relicense their contributions, or that free work was removed entirely.
You’d have to add a replicator button to the car so you make a copy and don’t actually take the original.
Do you know that OpenBSD initially MADE OpenSSL?
LibreSSL (the fork of OpenSSL)
What is with this new generation of developers (I don't mean new as in young since I meet people in their 40s espousing these ideas), who make all these high-minded arguments about how evil it is to profit off of someone else's work, when literally that's what proprietary software is for. If you don't want someone to make money with your code, don't give it away freely, sell it.
Instead, what Elastic did was they made a beautiful piece of open source software, licensed under Apache 2.0. Because it was Apache 2.0, organizations were comfortable building Elasticsearch into their stacks because they knew that they couldn't get Microsofted. Additionally because it was Apache 2.0, hundreds of contributors who are not affiliated with Elastic submitted patches to their codebase.
Elastic used its position as an open source maintainer to grow Elasticsearch to be one of the most important pieces of software in the world (nowhere as important as linux or arguably lucene but still in the top echelon), and then once it did that it decided to lie to the community, pull the rug out from under them and switch to proprietary.
Now to be clear, I actually think this won't even make them more money, it will just hurt their brand image and incentivize high-quality Apache 2.0 feature-rich forks, so really it's just an absurd blunder. But I am so unbelievably frustrated that people keep espousing this reverse entitlement attitude that you espoused here: the idea that an open source vendor gives away their software for free, intentionally, so that they can benefit from the community and vice versa, and then suddenly now somehow I'm an asshole if I've been operating a service that uses Elasticsearch. It's completely backwards logic.
To put it another way, as an open source maintainer, you don't owe anybody your time. You are free to tell the people opening github issues and bug tracker tickets to go fuck themselves. But similar, nobody owes you anything, so if you yell at someone using your free software for commercial purposes, now you're being the entitled asshole. They don't owe you any money.
You people seem to think open source just means "source available". It's SO MUCH MORE than that.
I was just a free ES user, and feel fine with all of this. I don't see a bait and switch, I see a fundamentally changed market compared to 10 years ago where a business model that was perfectly reasonable is now very precarious in the face of the major cloud vendors, and a desperation move to protect their business, not some grand cynical plan.
If I needed to submit a patch I'm not gonna care about the project being "truly" open source vs just source-available.
But the more these "allowed" but kinda-dirty-feeling things happen, the less likely I am to choose a "true" open source license for any projects I may start...
Really? Everyone's cares are different, but I don't like contributing my time and programming output for free to proprietary software, for it's owner to make money off my work.
I don't mind contributing to open source, where anyone can make money off of it with no special privileges to some. It feels like contributing to a commons.
But contributing to proprietary software without getting compensated feels like getting taken advantage of to me.
When I speak of betrayal I'm more speaking in the general sense that under my value structure, it is immoral to lie to someone or to break promises, which is what Elastic did. They told people they would never make the Apache 2.0 code proprietary, and then they did it anyway. For a shitty reason at that.
I also think the world (particularly technology and laws) is a complicated place with a lot of history. The old timers tend to appreciate this a bit more. There’s a book out there about the “Death of Expertise”. People think they can learn a complex domain from some questionable YouTube videos and maybe blog posts or a book. They decry the experts. In fairness there are also a lot of charlatan experts out there.
Combine the two problems, and it is an opening for “outrage bandwagons” to form that claim to simplify the matter without actually understanding it. And companies try to exploit this comprehension gap to fulfill their agenda.
Hmmm.... is that what happened or did AWS usurp Elastic's main stream of revenue providing an enterprise cloud platform, and in response they changed their licensing in an attempt to protect the viability of their company while minimizing the impact on contributors to the framework..
As I understand it the only prohibition of use is to offering the software as a cloud-hosted solution of the software itself.
You may disagree with this strategy, but I think you should also explain another way for companies that develop these frameworks to be financially viable. Because I think there is an issue of how people can sustain a business centered around open source.
If I become dependent on it, one company can't control the pricing of people offering hosted services, because it's open source, nobody needs their permission to host it. "vendor lock-in" does not exist with open source.
If that was incompatible with ES's business model for a main stream of revenue, as the project IP holder they are welcome to change their license terms.
But what they're saying is that open source was incompatible with their business model.
It is what it is, but users clamoring for the ethical superiority of vendor lock-in and thinking that's somehow open source values is... weird to me.
If you can’t sustain a business around open sources, then don’t be open source.
Elastic chose to close their source but are now lying about it to make it look better than it is. AWS is releasing an “actually OSS” fork - totally inline and allowed under permissive OSS - and is somehow unethical? The mind reels.
Yup. This mentality drives me absolutely insane. People seem to regurgitate whatever propaganda fake-open-source-company-X tells them.
Sorry, I'm not going to feel bad that the $15B company that built their business off the backs of open source - which is totally fine - is upset that another company is competing with them. And the biggest irony is, Amazon's not eating Elastic's lunch, they're both eating respectable lunches. Elastic's built a great business, which they are now doing their best to ruin as quickly as possible.
Would you prefer more software to be released openly or less? Cause if you're making moves like Amazon did with their ES service, you're pushing the world towards "less."
I'm not too concerned with this, but it's strange to me that people are both trying to keep OSS licenses "pure" and advocating that companies release less of their code in the first place...
OSS was never about source availability - that’s just a form of cheap escrow and has fairly limited value. Open source is about user freedom to do whatever they want with the software - guaranteed freedoms.
This isn’t about “purity”, it’s about using a label on the tin that says “FREEDOM INSIDE” and then peeling the label off and telling a subset of users to pay up or give away any software code you’ve ever used to touch my software. We used to call that a “bait and switch” to be polite , though really it’s more like a shakedown.
I have been there during the first .com wave, so I know how hard it was, including what happens when the money stops flooding in.
You very profoundly and deeply misunderstand what the SSPL actually says, which is understandable because Elastic have helped promulgate this misinformation. Please go read the license. It is not straightforward, it's very vague and exposes an organization to enormous uncertainty. If you don't want to read the license itself, then start with https://anonymoushash.vmbrasseur.com/2021/01/14/elasticsearc...
Additionally, organizations that commit to running free software, are forced to drop Elasticsearch now (or more accurately, they're all going to just run the best fork of 7.1.0 and call it a day). So Elastic's statement that it doesn't impact users is just a complete lie.
Finally, this whole discussion is irrelevant because the license change won't actually protect Elastic's business. Amazon is going to behave no differently, except that now they have a better codebase to work with because they don't need to worry about Elastic rejecting pull requests that cannibalize their proprietary features.
> You may disagree with this strategy, but I think you should also explain another way for companies that develop these frameworks to be financially viable. Because I think there is an issue of how people can sustain a business centered around open source.
Absolutely not, I refuse to explain that for you, because you're reversing the responsibility here. If you want to build a company around giving away software for free, you better have a way to monetize the giving away of the software for free. There's plenty of strategies to do this, such as the famous "Commoditize your complement", OR you can be a redhat and sell enterprise support, OR you can be elastic and sell cloud services.
And guess what? Elastic HAS built a more than financially viable business with Apache 2.0 licenses. They pull in $500M revenue per year, with 40%+ y/y growth. They're valued at $15B right this moment. And you seriously believe that this organization is on the verge of bankruptcy?
Do the math, you're being tricked by a dishonest company. A company that so many of us had respect for until they started down this path a couple years ago.
And for the love of god, I implore everyone in this thread, please give up the whole "won't somebody think of the poor company?" argument. Open source is not a business model in and of itself. It never has been. If anything, the rise of these companies that build their brand image around being open source and then re-license to proprietary as soon as it's convenient is the literal problem. They're polluting the whole spirit of open source, which was always "I'm giving this away freely, and I don't ask for anything in return except you can't infringe my trademark" (for apache 2.0). You guys have the open source mentality totally backwards.
And don't get me wrong, I'm an AnCap. I'm as capitalist as it gets. So I'm not criticizing the mentality out of some misguided hatred of private ownership; rather, all I'm saying is if you talk the talk you better be prepared to walk the walk. All these entitled companies that make their software successful BECAUSE it's open source and the community feels safe building stacks upon it, and then clutch their pearls when someone else makes money from that software, are totally absurd and should be laughed at.
Sorry for the rant, I drank too much coffee today. But for the love of god, can't you see how, ethics of lying to the community aside, this licensing change doesn't even help protect Elastic's business interests, but rather just strengthens their competitors?
Ironically, it is exactly Amazon that seems to be demonstrating a way to develop an open source ElasticSearch fork and be financially viable, right?
If it's super non-competitive high, it is even more curious they seem to see it as such a threat. I'm becoming increasingly unsure if they actually see it as a threat, or if it's just like "nobody should be able to make money from our open source without giving us a cut".
Or is it just that all managed ES seems too expensive to you?
Maybe I'm missing something, but I don't really see the sense in the "pull out the rug, it's not OSS" anymore. Sure, I agree that The Open Source Definition doesn't encompass something like the Elastic License, but :shrug:
Who exactly is having the rug pulled out from under them? AWS? As they very clearly state in the article: "When AWS decides to offer a service based on an open source project, we ensure that we are equipped and prepared to maintain it ourselves if necessary" (presumably because they understand that the license could change, or the maintainers could just stop maintaining).
It seems like it made good business sense for Elastic to switch licenses, and it's not really clear to me who would (for business reasons, not philosophy) switch to solr/other just because of the license switch.
It also makes perfect sense that AWS would release an apache-licensed fork - they have serious monopoly power - they con offer this service cheaper inside AWS, and the integrations can be smoother/better.
So really why be mad at either party? They both made good business choices it seems to me, maybe elastic will end up loosing out, but if that happens, I can't imagine that staying on the apache license would have saved their bacon.
It actually makes incredibly bad business sense for Elastic to switch licenses, because they won't get any more revenue as a result and have now forced a high-quality Apache 2.0 fork.
> Maybe I'm missing something, but I don't really see the sense in the "pull out the rug, it's not OSS" anymore. Sure, I agree that The Open Source Definition doesn't encompass something like the Elastic License, but :shrug:
Well, they explicitly promised that they would stay Apache 2.0 licensed, which was a lie. And they're no longer open source software. So yeah that's a big deal in my book.
> Who exactly is having the rug pulled out from under them? AWS? As they very clearly state in the article: "When AWS decides to offer a service based on an open source project, we ensure that we are equipped and prepared to maintain it ourselves if necessary" (presumably because they understand that the license could change, or the maintainers could just stop maintaining).
I wasn't referring to Amazon, I was referring to the community overall. And don't get me wrong, the community will be fine because we'll have high-quality forks. I'm just pointing out the scumminess of what Elastic did for the company that claims to be the little guy getting exploited.
But they absolutely did pull the rug. Or as a better analogy, they shut the door behind themselves.
>AWS contributes improvements to the project.
Per a poster below, 9 PRs out of 41,000 (I haven't verified). For a company the size of Amazon, unless it was one heck of a PR that's basically nothing.
*Correction after looking a bit closer, I think Amazon has submitted at least 600 PRs, they only listed 9 in the blog post. That's better but it still doesn't change the fact their business model doesn't allow the companies they're building on the backs of to have a sustainable revenue stream.
I will also note that is clearly not enough competition in the cloud provider space, if there were more competition then elastic might be able to make money from the platform providers by implementing ES for each platform as you suggest.
Elastic loses nothing by pissing off AWS, this was clearly the right move. AWS has contributed very little to the project so far, so if they took their toys home in a huff it makes no difference to Elastic. And if AWS does contribute significant development to their new fork, Elastic is free to copy any worthwhile commits into the official repo under the terms of the license Amazon has released their fork under. The only thing Elastic is going to suffer for this is some people whinging on HN about whether or not it’s “really open source” anymore.
Disclaimer: worked at AWS.
Yes, Amazon has a vast number of engineers. They also have a vast need for engineers.
So they have to make a business case to continue to fund engineers, and I don't think one exists for the type of development we're wanting.
To be clear, there is some development they could justify.
If they are replicating new features that Elastic releases, so they're not falling behind the market, the business case is retaining customers. But that's playing catch up.
If new features optimize the service, the business case is being able to advertise lower TCO, which attracts customers. That could be quite beneficial, but there's usually not a ton of optimization you can do.
There is a business case for new features that increase integration with other AWS services. That increases customer usage of AWS. But AWS is so proprietary this would likely be useless outside AWS.
So none of that, I think, is the development people are looking for.
What we'd want are features a software business develops to differentiate their product in the market. If the features go into the open source version, however, then by definition they aren't differentiating.
This is the key business contradiction in AWS trying to fund open source development.
Maybe I'm missing something and they can make the business case for continued differentiating feature development. So, I'd say I'm wrong if after two years we're seeing such features being released to the commnuity.
Looking at the various projects at https://github.com/opendistro-for-elasticsearch/, the most prominent ones seem to only have a handful of somewhat active developers, almost two years after launch.
If AWS hires a lot of people to work full time on their ASL2-licensed Elasticsearch and Kibana forks, then ... that's not necessarily _just_ bad for Elastic? I doubt Elastic execs thought AWS would just fall over and discontinue something that's probably billions in revenue at this point. If AWS actually starts contributing code beyond trivial bug fixes, code Elastic can legally fold into their own Elasticsearch (via the ASL2-licensed fork) if it's good enough, then ... good for both?
I think this important bit is sublicense v.s. relicense, where in sublicense case, you have to retain the original terms carried for the original code.
Now, Elastic relicensed the whole software stack under SSDL. So to integrate any parts AWS done, they need to license Elasticsearch back to some mixture of SSDL and ASL, which would be weird.
That may be true for a few OSS projects, but if they were forced to do that for ALL the projects they're profiting from the math would probably not look as simple.
So what you're saying is people shouldn't work on open source projects. That's essentially what your statement boils down to.
That doesn't mean people shouldn't contribute to open source projects.
I should point out too, most companies actually can't afford to fork and take over projects. At $PreviousJob we wrote proprietary software but used open source software (for example Intel DPDK). If DPDK were to suddenly switch their licensing, we would never have the resources to maintain something like that long term. So just because it _can_ be forked and "taken over" by another company doesn't mean will. It most likely won't.
Open source is the last thing on either of the two gorillas' minds.
What Elastic is doing with its licensing is not open source.
You might argue that if Elastic Inc dies then the project dies, but then it wasn’t a very robust project.
elasticsearch $ git shortlog -nes | grep -i 'amazon'
You're not required to contribute with your amazon e-mail address, and I see a lot of people who don't due to inertia or because they want to avoid tying their identity their employer.
Neither party is going to come out of this smelling like roses, but ES is hardly a tiny upstart barely able to get by.
Nobody at that time knew or predicted that SaaS (let alone cloud computing) would be a thing, that large, profitable middlemen will directly host the software, pass through just the API, with zero customer exposure to the running instance.
AWS taking advantage of this — yeah sure it may be legal, like how business lobbying senators for obvious policy hacks is legal — but doesn't mean it's fair or acceptable. It's totally OK to call them out here and not reward them for it.
Stallman strikes again!
It appears that they are concerned that it may be argued that if for example YouTube uses an AGPL DB that they would be required to release YouTube under AGPL.
I'm not saying that the interpretation is correct, but if companies can't be sure they won't use your software.
And to be honest IANAL but their interpretation seems reasonable to me. If you put Mastodon behind NGINX I think it is fairly easy to argue that the user is "interacting with it remotely through a computer network". So now if you have a theoretical AGPL Elasticsearch and your site sends the user search query to it and returns the user the results it doesn't seem clear that this is a legally meaningful difference. I certainly wouldn't want to argue that in court. I'd just use different software.
Licenses exist for a reason. The onus is on the person choosing the license to choose one which aligns with their intentions. You cannot and should not expect downstream consumers of the software to confine themselves to some subset of the actual license's allowed activities just because it's the "nice" thing to do (as of course this assumes morality is in any way objective).
In contrast, a number of people here are acting as if AWS is totally in the wrong. But the only wrong here is Elastic making the mistake and then acting as if the whole thing is AWS' fault. No, if you license your software improperly that's on you, not anyone else.
Elastic made a strategic mistake, and Amazon made the jerk move that was open to them.
Amazon built the product with the hope that it would continue to be developed with that license. What are they supposed to do with the license change? Just accept whatever Elastic said? I don't think you can blame them for taking the last version where they agreed with the license and continue to use and develop it. Sure, maybe making it open is a bit of a jab back, but even in isolation it makes sense for them.
They’re also switching out the license under everyone else. It’s maybe notable that elastics cloud offering was acquired at some point (it used to be found.io). I used to do elasticsearch consulting and I could name a few customers that will now have to reevaluate their product.
They're a hosting company, they're hosting open source software and they're doing it well.
Preventing companies from hosting the software with propietary changes can be done with licenses like the AGPL, but again, the objective is not to disallow commercial use, but rather to force the source code to be available for the users of the software.
These people have this bizarre fusion of capitalist and communist reasoning, I really can't reconcile it. On the one hand they seem to think profit is fundamentally evil, but on the other hand they seem to think the problem is that Elastic isn't being allowed to monopolize all the profit.
Well, which is it? Did Elastic release non-restrictively-licensed free software out of the goodness of their hearts, giving it away with no expectation of a return? Or did they create this codebase purely for profit, and thus have no claim to moral highground? It's all so silly and childish.
And the biggest irony is, Elastic is already a successful business. They're trying to pretend their business model is not viable as long as Amazon keeps operating, which is just gaslighting.
I'm not old enough or experienced enough with computer history to seriously argue about this, but this statement sets off some alarm bells for me.
My understanding is that extremely early on in computing history, especially early in the Internet era, people were thinking about SaaS. We had shared terminals, Sun was even trying to turn remote VMs into a feasible business model. I am very skeptical of the idea that Open Source developers never considered that someone might want to sell computer hosting or provide API access to a virtual environment.
I mean, doesn't the whole problem with modern Linux security stem from the fact that it's user-specific; that it was designed around this idea that it would be running on a server and accessed by a bunch of different user accounts & terminals? It was personal computers that were the surprise, not shared hosting and remote terminals/APIs.
Am I off base here? This doesn't square with how I understand computing history.
When it comes to licenses that were written “with a plan”, there is a charitable reading and an uncharitable one.
The charitable reading is that, back then, it was assumed that every computer user, local or remote, would have access to a compiler; and that any user would eventually learn how to operate a compiler, hence making it obvious that they would want to mod and compile the software they ran. And then they saw the licenses worked well enough to develop an ecosystem, and more or less left it at that (unless explicitly threatened, as they did when reacting to freeloading trends in embedding with the GPL 3).
The less charitable reading is that they left the door open precisely because they knew it ensured demand for service providers and system administrators (which many of the original “foss hackers” were, in their day job).
In any case, I don’t think anyone would have predicted they would become so dominant; everyone just assumed the big commercial vendors would be around forever, and FOSS would always be the underdog ecosystem; hence, leaving certain activities commercially unburdened would have always been somewhat necessary.
If you think about it the usage is best described tied to a an era of pay as you go services launched in the first decade of the 2000's.
There's otherwise not that much in common between Google Docs, pay-as-you go VPS/VM, Kubernetes, platforms like GCP/AWS, and Dropbox.
When you run AWS Elasticsearch, you have no access to ES instance. You can't configure it, you can't add your own plugins. You are no longer a user, you are just a consumer of the UI/API, even when the primary product is still called Elasticsearch.
They feel that Amazon's decision is unacceptable for whatever reasons, regardless that it is permitted by law.
It's not just legal. It's explicitly allowed behavior according to the license that Elastic chose. This isn't like "yes it's the law but some laws aren't fair!". The only laws that are coming into play here are basically ones which say "you made your bed now lie in it".
Elastic explicitly said (by choosing a license) "you can do X with our software!" and now they are mad because... someone did X with their software?
If the Apache license allows morally unacceptable behavior... why did they choose that license?
Which is ironic because, they also at the same time believe that Elastic is entitled to all the profits, and wax philosophical about "but how will any company be built around open source if we don't carry Elastic's water for them?"
It's just all so farcical.
I'm actually going to disagree slightly here. Making profit is not necessarily healthy, generating value and capturing a fraction of that value as profit is though.
Our system is complex enough at this point where you definitely can and do have entities that are capturing more value than they are delivering, and that is immoral (imo). In that light, profit definitely can be evil.
However it is certainly not always evil, and I don't think AWS' actions qualify in this case. They are delivering value to their customers, and they are capturing a fraction thereof.
Now, there are absolutely cases where there is unethical profit, but (under my worldview, at least) those are all cases where the state gives a company a special advantage, or literally gives it money. So, the following is unethical:
- bailouts of corporations ("corporate welfare")
- government providing an exclusive monopoly to a given company
- government de-facto forcing someone to buy a product due to coercion
The following is not unethical:
- making a product, offering it freely for whatever price people are willing to pay
While true in a simplistic sense, this is generally not true when you have a society / economy as complex as ours.
Partly this is due to perceived value vs "actual value", and to me a business is only moral (obviously businesses can't really be moral, so what I'm really saying is "the only businesses that should exist") if you actually believe that what you are delivering to the other party is more valuable than what you are costing them, so that it is actually a win-win. Generally this is hard to measure, but I can provide some examples of when this is pretty clearly not the case.
1. Get rich quick schemes. Things like online courses that tell you how to make boatloads of cash by doing X. Except they don't actually work, so the value to the purchaser is effectively $0, while what they paid for it is certainly not.
2. A larger scale example: the collapse of the housing market in 2008. This is a better example of effects from the complexity I mentioned earlier. A significant part of the crash can be attributed to CDOs/MBSes. Long story short, banks were doing some repackaging shenanigans to make something that was shit look less shit. Any honest accounting will realize that this provided zero real value. Yet the bank's were getting rich off it. That certainly sounds like capturing (>0) more value than you are delivering (0) to me.
That is the kind of behavior I'm talking about.
It is very unfortunate that this is the modern day main stream view of Open Source and Tech sector in general. Especially in Silicon Valley.
And it is funny because Tech is also the most profit making industry. And they are also earning Top End salary.
While what AWS is doing is (probably, IANAL) within their legal rights, it's arguably immoral because it is basically saying, "We love this project so much we're going to build it into a different direction and charge people to access our version." Which, given AWS's widespread adoption, puts the OS version in peril.
Edit: Thanks for pointing out that AWS will be releasing the code under an Apache 2 license. That does change my opinion somewhat, though I'll leave my original comment for posterity.
No, you won’t be charged to access their fork on Github. If you want them to host your Elastic or Kibana service you’d have to pay for the service, but that’s not related to access to the Apache licensed source code.
From the article:
"Our forks of Elasticsearch and Kibana will be based on the latest ALv2-licensed codebases, version 7.10. We will publish new GitHub repositories in the next few weeks. In time, both will be included in the existing Open Distro distributions, replacing the ALv2 builds provided by Elastic. We’re in this for the long haul, and will work in a way that fosters healthy and sustainable open source practices—including implementing shared project governance with a community of contributors."
Aren't they sharing the fork? Sounds more like "we like it but its no longer free to use, so we're making it free. btw you can pay us to host it for you"
So is ES to blame for having a permissive license? Or is it AWS for making it trivial to use? Or are we to blame for dismissing any license that isn't OSI approved (and even then, we still snort at things like Affero GPL!)
IMHO, if there IS a "bad guy" in this situation, its us...
And which part of the same article ever said Elastic are not OK with Amazon providing a Services using their Open Source Software? Which they are legally allowed to do so with Apache 2.0? They even mentioned and I quote:
"We collaborate with cloud service providers, including Microsoft, Google, Alibaba, Tencent, Clever Cloud, and others. We have shown we can find a way to do it."
What they are not happy with was the TradeMark. Amazon usage of that Trademark to mislead customers and this isn't some recent things either. It has been going on for 5 years. ( And yes the court should be used to settle that. )
So majority of HN; including its previous threads with 1000+ comments, is basically making allegation that Elastic is making the changes because of their Business Model. Until that can be proved, allegations remain merely assertions.
But right now it is being stated as Facts. And it is now being spin into ethical debate.
And I was under the impression, should Amazon be forced to fork it, which they did as announced, would have to use a different name. Instead they choose to use ElasticSearch again.
Of course, sometimes they get mad that this also enables other people to sell premium services on top of the open source core, and sometimes those other people can make more money because they are major incumbents that integrate other offerrings. But that doesn’t mean the startup would have been better or grown faster or sold more of its own services if it hadn’t been open source.
It also doesn’t mean closing-up negates that competition: once the value of the product is proven, the major incumbents also have had proven for them the potential value of funding a fork with its own dedicated team, which can reap the community reach benefits of open source and compete with the relative upstarts now-proprietary offering.
It seems like a lot of us perhaps rushed to discussion before reading this article, which is about Amazon forking ElasticSearch so that an OSS version would remain available.
Honestly, this is a shitty move by Elastic and I’ll be advocating against new uses of it, though /because reasons/, I doubt this will come up for me in the near future. ;)
Actually, you can totally use Apache 2.0 code as your kernel and then make the whole thing a restrictive license. In fact, that's why we're having this discussion right now. Elastic just made their Elasticsearch/Kibana codebases entirely proprietary, even though they rely on Apache 2.0 Lucene as their kernel. Which to be clear is totally fine, I'm just pointing out the obvious.
While this wouldn't prevent a company from using your project, but it would at least force them to pass on any of their changes.
...it would deter them, which is what your original question was asking. Preventing and deterring are two completely different things.
I say "Rich people get huge tax breaks, why??" you say "well that's how tax law works, why get angry?"
I say "I'm a small business getting exploited by a goliath!" you say "well everyone is playing by the rules so it's their fault"
Systems are so biased by large actors and for some reason everyday people jump in and defend them? We should totally take everything in critically but this defense doesn't seem reasonable at all.
There seems to be a generational knowledge gap where people of a certain age think there large actors are permanent and evil. That’s plainly untrue. Often the scrappy upstart is being unethical.
The reality is, ElasticSearch with all of it's capabilities would not exist if the company would not exist.
How many other new interesting products will no longer be built as open source, because they know that AWS can just co-opt them and then their business will be effectively over.
The laws and licences cannot possibly cover all the details of the real world, there needs to be some humanity involved, some "let's try to not be assholes" attitude.
I prefer to live in a world where I'm not required to be a robot. Following all the clauses and laws to all the details will end up with that. It's not a great path.
We all need more empathy.
Would the company and product be as popular as it is today if it was licensed this way from the beginning?
I see this as a type of bait-and-switch. I invest in this open source technology, and then after I invest money into the service, they change what is being sold.
ES was never going to make a penny from us anyways and AWS is not making any money from the ES software itself. What they are making money is from our usage of their core services. Same goes for all the other open softwares, Kafka, Airflow, EMR to name some. Plus it would be dumb to have your infrastructure on AWS and buying ES cloud service where you'd require to send your data out of AWS as you'd have to pay for the data out.
You both articulate the problem and dismiss it in the same sentence. AWS have a right to offer the service - they do not have a right to tell people that they built ES, or to say that they work hand-in-hand with ES, etc. But there is nothing that a small open source group can do without tackling the shit-ton of lawyers that Jeff Bezos can bring to bear on the problem. No matter the points of law, he can just outspend them in every capacity to get the outcome he wants.
The fantasy that OSS allows equal competition is no longer a reality, ISV's cannot compete with a cloud vendor who uses their own investments against them in addition to their anti-competitive monopoly lock-in of already having Customers running on their cloud platform.
Elastic's move to SSPL is effectively "OSS + free for everyone with the exception of exploitation by a major cloud vendor", since without it we're heading towards a mono culture future where all hosted OSS software is going to be funded and resourced by the billions major cloud vendors have reaped in collecting all the rent for hosting others OSS investments, that AWS gives nothing back in exchange for.
SSPL is effectively being used a tool to force AWS to do the ethical thing and reach an agreement with Elastic to distribute a portion of their profits from using their trademarks and hosting their Software they've invested a decade in building. AWS has instead chosen the path to maintain their own fork to avoid sharing any profits with Elastic as they're obviously currently making so much from hosting Elastic's products that it's in their financial best interest to start hiring dev resources to maintain their own fork then sharing profits with Elastic to fund its continued development.
Will be interesting to see how this strategy turns out, AWS may have already become to big to compete against who will be able to out resource, out fund & take over any ISV's OSS product, but it's clear the longer Elastic waits, the harder it would be to protect their own investments being used against them.
This comment kind of implies there is this 'free and fair market' that just magically rewards better products etc..
Mostly, it's a game of power.
Large companies use power to wipe out smaller one's and consolidate, sometimes to the near term benefit of consumers, sometimes not.
Also - just because something is legal, doesn't mean it's fair, we really shouldn't have to state that. This doesn't mean that Amazon is 'bad' because they are big, or Elastic is 'good' because they are small or any of that, but the issue is worth consideration.
...well, there is no but. The price I pay to live in a free world is that I can’t do anything about anyone else’s bad behaviour. I just have to put up with it because the alternatives are worse. At least I get a free world out of it.
I hope Elastic get something out of the free world in which they exist. Patches from early contributors, I’m guessing. Certainly a brand and adoption they wouldn’t have enjoyed had they remained closed source.
It’s a better world than one where we lack high quality open and free software, even if we have to live alongside the Amazons.
They made multiple accusations. One of them is AWS announced Elastic search in partnership with Elastic when there was no partnership at all.
also tested and fixed for free by community contributors.
Open source software was about empowering people in particular, not corporations. It has however made it very, very difficult for individuals to make money from their software whilst the corporations reap the rewards from countless man hours of this free work across the a myriad of domains.
I still think it's something we can get better at as an industry. Just choosing different licenses doesn't really solve the problem, people regularly shun paid software licenses, feeling entitled to all software for free, and I think that's an issue for the ecosystem as a whole.
Also good to see Amazon sponsoring lots of OSS development. Wish they could have done it in collab with ElasticCo, but I think that’s on them as there’s no way they can allow peers to contribute and stay in business.
Something being legal does not make it ethical, many people see what AWS did, including profiting off the TradeMark of Elastic Search with zero compensation to the project is unethical
AWS is clearly in the wrong here, I am surpised by the number of people that defend AWS, this is why FOSS continues to struggle
AWS is a leech on Open Source, like many other large companies. I will be SHOCKED if AWS fork has any actual feature improvements, my guess is it will be a pure maintenance fork with security updates (maybe)
AWS has changed the "new low" what an open-source project can expect if a cloud company earning billions on top of open-source can just change their project and fork it.
Cloud companies taking your source are a "new thing" to consider in the world of open-source.
"Hey here is some software. You are free to use it without paying me."
"Ok, we'll use it and not pay you"
"What, how dare you?! You dick!"
Elastic: Hey here is some software. You are free to use it without paying us
... years go by and the community is loving it, Elastic is loving it everything is great
AWS: Wow! Free, popular software. Millions of dollars already invested in it so we don't have to. We'll take it for free and sell it.
... years go by
Elastic: Hey AWS! So glad you like our software but we can see that your actions are hurting our business which will hurt the software and the community in the future if we don't do anything. What do you think about making a deal?
AWS: Lol, suck it.
... years go by where other cloud providers make deals with Elastic
Elastic: Okay AWS, from now on we are changing our license so you and other companies similar to yours cannot re-sell it
AWS (and their fans): What, how dare you?! We've made millions by reselling it as our own, and not you are going to restrict us doing exactly that. You dick!
The latest event is more like
AWS: Ok, your choice, we'll keep developing and making available an open-source version with the original license.