This week, Redis found itself in a heap of hot water, due to a change in its licensing.  View in browser »
The New Stack Update

ISSUE 130: When Open Source Gets Squeezed by the Cloud Giants

Talk Talk Talk

“The life of an operator is all about becoming a proficient systems integrator.”

Caleb Hailey, CEO, Sensu.
Add It Up
If Redis Users Change Databases

The database Redis is incredibly popular according to the 2018 StackOverflow Developer Survey. The StackOverflow study reported Redis was the “most loved” of any database, which means that based on future plans it expects to retain the largest percentage users over the next year. Of the 18 percent of developers that use Redis, 65 percent want to use the database in the future. Moreover, many of the largest Web and mobile services rely on Redis for fast delivery of cached content, including Pinterest, Tumblr, Instagram, GitHub, Docker Hub, and Stack Overflow.

Yet, with a for-profit entity taking advantage of an “open core” business model, it remains to be seen which users will stop using the database because they want to use something with more permissive licensing. If there is a revolt, users may fork the existing project and create a foundation to govern its management. Or, perhaps people will switch to another open source database.

What's Happening

In The New Stack Makers podcast, learn how security considerations change with a microservice architecture, the new patterns and practices teams are following to secure containerized microservices, and how advanced tooling can help automate and streamline security for cloud native applications.

Automation Makes Microservices Security Practical to Deliver

When Open Source Gets Squeezed by the Cloud Giants

This week, Redis found itself in a heap of hot water, due to a change in its licensing. The company’s core database technology remains open source and has a devoted community. But the company reworded the licensing of its add-on modules, in effect limiting the use of some modules by third parties offering Redis-based services — most notably cloud providers that offer Redis but don’t pay the company for the privilege. Redis was able to make this change because it retains the copyright to the open source code.

Today’s cloud providers have repeatedly taken “advantage of successful open source projects [by] repackaging them into competitive, proprietary service offerings,” Redis asserts. “Cloud providers contribute very little, if anything, to those open source projects. Instead, they use their monopolistic nature to derive hundreds of millions [of] dollars in revenues from them. Already, this behavior has damaged open source communities and put some of the companies that support them out of business.”

While many agree with what Redis is doing in theory, they do wonder about the effect these changes will make to the Redis community itself. As early MongoDB contributor and current VMware product manager Jared Rosoff pointed out on Twitter, “I think lots of people just feel like the rules changed out from under them. Even if the result of the change isn’t controversial, it’s hard to trust a platform that can change on a whim.”

Others feel that professional Redis users should have anticipated this possibility. Chef CTO Adam Jacob wrote in a Twitter thread that “At any minute, if you used that software in a derivative work, you ran the risk that the single copyright holder decided that in order to get future work, you were going to have to comply with whatever terms they dictated. As a business owner, shame on you if you didn’t know it.”

And on the latest TNS Context podcast, which will be out later today, Google developer advocate Kelsey Hightower pointed out that “I think they made a business decision. ... I think paying customers understand these things a little bit better: Most companies aren’t in business to make zero dollars.”

What do you think? Should open source companies change their licensing to address business needs, even if that need is simply survival? Or are the bonds they make with their open source communities sacrosanct and shouldn’t be changed lightly?

Kube-hunter: Aqua’s New Open Source Tool for Hunting Kubernetes Security Issues

Container security firm Aqua Security has brought security penetration testing to Kubernetes, by open sourcing a tool called Kube-hunter to help search for security issues in Kubernetes clusters. Kube-hunter can run as a container on any machine outside your cluster. Provide the domain name or IP address of the cluster and Kube-hunter searches a domain or address range for open Kubernetes-related ports and tests for configuration issues that present exposure to hackers. The Kube-hunter webpage lists the vulnerabilities, severity, details of the user environment and URLs that users can share with others in the organization.

Robin Systems Unveils Kubernetes ‘Hyper-Converged’ Offering

Taking aim at solving the three biggest challenges of Kubernetes – managing databases, storage and networking — Robin Systems released what it calls a “hyper-converged” Kubernetes platform, designed to overcome challenges that organizations still face with Kubernetes and to simplify application deployment. Hyper-converged means taking application workloads — deploy, snapshot, clone, map, backup — and paring them with data management and network management capabilities and an orchestration piece like Kubernetes. It provides native storage, compute and network, and an application management layer to control them so that DevOps and IT operations are simplified. Robin Systems provides the ability to do self-service deployment of big data, databases and AI/ML workloads.

LaunchDarkly: Providing a Control Switch for Features

LaunchDarkly is bringing back the feature flag. Feature flags enable developers to hide a feature, provide access to limited, users or execute a kill switch, and they are gaining new attention in the age of continuous integration and continuous delivery. As CI/CD pipelines become ever more complex, feature flags, also known as feature toggles, provide an alternative to maintaining multiple source-code branches. It enables customers to target users, do controlled rollouts and A/B testing without re-deploying the application.

Party On

A framed painting — a visual for a Grafana team photo with Brian Gann and Jacqui Jeanis. How appropriate!

The InfluxData team was in Portland for Sensu Summit this week. Left to right: Noah Crowley, Anais Dotis-Georgiou and Katy Farmer.

On The Road


Open Source Summit
The Linux Foundation Open Source Summit is the leading conference for developers, sysadmins, devops professionals, architects and other technologists – as well as open source community and industry leaders – to collaborate, share information, learn about the latest technologies and gain a competitive advantage by using innovative open solutions. 15% off Attendee registration with code TNS15. Register Now!
CI/CD With Kubernetes
Kubernetes helps accelerate software delivery in much the same way containers improve the delivery process. While the benefits of containers in the DevOps, continuous integration, and continuous delivery pipelines will be familiar, many developers and DevOps teams are still figuring out how to best implement Kubernetes. In this ebook, we’ll explore use cases and best practices for how Kubernetes helps facilitate continuous integration and continuous delivery.
Download The Ebook
We are grateful for the support of our ebook foundation sponsor:

And our sponsors for this ebook:

Copyright © 2018 The New Stack, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list