Use of open source software is on the rise, with Gartner estimating its adoption by 95 percent of organizations. While open source brings attractive benefits, it is easy to under-estimate the scale of management that is required: choosing the right open source software stack is a big enough challenge on its own, let alone ongoing coordination and control. After all, open source is — by its very nature — made up of software from multiple vendors, not a single source.
Does this mean open source should be avoided? Far from, but its implementation has to be carefully considered. This is why many organizations turn their attention to what is referred to as ‘commercial’ open source: in other words, open source for which they pay a license (rather than just downloading it for free from an open source community’s repository). This makes sense because, in theory, commercial open source brings some quality control and support. However, the reality can be a lot different, not least because all the software is still coming from different vendors, compared to less fragmented software environments where a vendor might provide all, or at least several integrated software packages.
Picture this: it is 2 am on a Friday and something in your tech stack isn’t behaving, and it could be any one of the 15 open source software packages involved, from different vendors. To find out the source of the fault, it is necessary to contact each of those vendors, who almost certainly do not communicate with each other, and will probably be pointing fingers. Service level agreements (SLAs) with each one may be different, and that will dictate their level of responsiveness: be prepared to deal with automated attendants and call-routing.
Eventually, the problem is identified, but a huge amount of time and effort has gone into the troubleshooting process, during which time, the system has continued to malfunction, which can lead to dissatisfied users, disgruntled customers, and lost business. Expensive internal development resources were probably called in, adding to the organizational cost of the problem and leading to developer mis-identity. Complicating things further, what if the issue was a result of an uncaught security vulnerability being actively exploited by a hacker?
So then, what is the solution? A logical starting point is to have a very clear idea of where there may be gaps in support. For instance, Red Hat supports OpenJDK but taking a closer look at what that means in practice, that support is limited to OpenJDK’s interaction with Red Hat software. So, if an issue occurs outside of the Red Hat area, then the organization is left working out the problem themselves.
However, creating this ‘blueprint’ of what is supported and what is not, plus the interactions (or not) between all the different ‘moving parts’ of an open source software stack is a lot of hard work. Most organizations — even their knowledgeable IT departments — are rarely open source experts. To give this effort a sense of scale, some years ago I worked with a team that certified open source software for use in production environments. Our certification checklist consisted of 42 necessary qualifications to consider. It was a lot of work for us, and we were considered industry experts! Most organizations simply do not have the resources needed to choose and control open source to the required level.
Another option is to hand the challenge over to an open source specialist like OpenLogic to take care of everything, from helping to choose open source software in the first place to ongoing maintenance and troubleshooting, with consistent SLAs for all open source technologies. A single point of support means no more spending the night trying to sort out issues. OpenLogic is the highway to utilizing community open source software with commercial support. In this model, instead of purchasing a commercial version of your open source software and managing multiple vendors, you adopt the free, community version of open source packages and get commercial support for all of your open source from a single vendor. The benefits of this model include cost-savings, faster issue resolution, simplified vendor management, and more comprehensive support.
Open source has significant advantages, but to make the most of these and not run into problems, it is necessary to understand and find a way to deal with the scale of support that is required. Commercial open source has its benefits, but you’ll still deal with vendor fragmentation. Consider handing over the hard work to a third party like OpenLogic and stand a better chance of a good night’s sleep.
By Justin Reock, Chief Architect, OpenLogic, Perforce Software.