Linux Containers Authors: Yeshim Deniz, Carmen Gonzalez, Elizabeth White, Lori MacVittie, Liz McMillan

Related Topics: Linux Containers

Linux Containers: Article

Succeeding with Open Source

Meeting your needs

In this issue, Bernard Golden, author of Succeeding with Open Source, discusses open source software, its pros and cons, and how to choose the right Linux implementation for your business.

What is open source software and how is it different from traditional software?
The primary difference between open source software and traditional software is the licensing conditions under which open source is distributed. Traditional software licenses tightly control the use and distribution of the software in order to ensure consistency, so they can realize revenues from license sales. This means, for example, you are usually restricted as to how many machines you may install the software on.

Open source software, by contrast, is distributed under licenses designed to encourage widespread use with few restrictions. This means you can use the software on as many machines as you choose.

Another important difference between open source and traditional software is that open source is distributed as source code, which users are encouraged to modify and redistribute. Users can modify the product to better serve their needs rather than being forced to live with the product's functionality as is. One of the few restrictions about open source is that, should you modify the product and redistribute it, you are expected to make your source changes available.

This is a general overview of open source software licenses. There are additional nuances depending upon the specific license. For most IT shops, license differences don't really mean anything because they don't modify the product and don't distribute to other organizations. If you want to know more about licenses, Larry Rosen's book Open Source Licensing: Software Freedom and Intellectual Property Law (Prentice Hall PTR, 2004) is an excellent reference.

Is all open source software also free?
Open source software tends to be extremely inexpensive, available on CDs at a low price, and usually also available for download at no charge. Open source products are usually not built by commercial entities but rather by informal project teams, so there is no company as such that distributes and charges for the product.

Anyone can take an open source product and distribute (and charge) for it; however, open source licenses preclude a distributor from imposing conditions on users and preventing them from further distributing the product. What this means, in effect, is that even if a commercial entity distributes an open source product at a given price, the purchaser can then make it available to others for free. Essentially, this forces distribution at no cost, or at the cost of distribution. So, open source software tends to be available at no cost.

This discussion applies to the software itself. There are many organizations that offer open source support, training, consulting, and other services, all of which have a price. Since software has virtually no marginal costs associated with additional copies, open source software tends to be free; however, open source services have significant costs like labor, marketing, and capital, and therefore are not free.

What questions should managers be asking their employees when the employees suggest using open source tools?
The most important question a manager should ask is, "How mature are the product elements our organization needs?" Because open source is so easy to download, many times implementation of the software begins before other important organization requirements like training, documentation, support, and so forth are considered. A formal process to assess the product in its entirety is important. The Open Source Maturity Model, described in Succeeding with Open Source, is a tool that enables IT shops to perform open source assessments. Without asking the question about the maturity of all the product elements, the organization runs the risk that it may be unprepared to support the product it has implemented.

What are the basic advantages and disadvantages of using open source software?
For most organizations the biggest advantages of open source are its low cost and control. We've talked about pricing already, but control can be just as important. Using open source, organizations have a lot more ability to use software in ways that work for them. They can implement as many copies as they want, rather than being limited to only installing on certain machines. Organizations can control how often and how soon they want to upgrade to a new version of the software, rather than being forced to move based on the vendor's plans. There's no vendor lock-in either, since the software is not usually provided by a commercial entity. Finally, the availability of source code means that, should it choose, the organization can modify the product to better suits its needs - no one-size-fits-all situation.

The downside to open source is implied by the answer to your third question. Open source is much more of an unbundled product compared to its commercial counterpart. The other product elements users can usually depend on (training, etc.) need to be found and assessed by the user organization. In effect, IT organizations need to take on an integration role. This integration responsibility is the flip side of the enhanced control described above: the control carries responsibility along with it.

There are so many open source software packages around. How do I know which ones are "ready for prime time"?
As noted, a formal process like the OSMM is important to determine if a given product is suitable for your organization. Relying on "buzz" or opinions expressed on product forums is dangerous because the organization's requirements aren't taken into account. Only by assessing all of the product's elements in light of the organization's requirements can it be determined if the product is "ready for prime time."

Which open source packages provide the greatest value for users in terms of overall capability and maturity?
This is a great question. Many organizations have realized excellent ROI on their Linux implementations and are eager to consider other open source packages, but aren't sure where to turn for other open source candidates. The broad coalition of major technology providers that endorsed Linux is not so obvious for other products, so it takes a bit more persistence to find good products. I call this search "reaching into second- and third-tier open source products," not so much because they're not good quality, but because they're not so well known. The best established of the lesser-known products are MySQL (www.mysql.com) and JBoss (www.jboss.org), both excellent candidates for the enterprise software stack. MySQL is a very fast SQL database, while JBoss is a fully certified J2EE application server.

The Apache Software Foundation (www.apache.org) is an umbrella organization for a number of valuable open source applications like Struts (Java Web applications), SpamAssassin (anti-spam software), and some Web services software like Axis.

Zope (www.zope.org) is an enterprise content management system designed to enable decentralized control of Web site content. Plone (www.plone.org) is a portal product built on top of Zope. Computer Associates has recently announced support for Zope and participated in the creation of the Plone Foundation.

Snort (www.snort.org) is a network Intrusion Detection System that helps organizations improve their security by doing network traffic and protocol analysis as well as packet logging and attack detection.

This is by no means an exhaustive list; there are over 80,000 open source products and it's impossible to keep up with all of them. The critical thing to keep in mind is that each of them must be assessed for maturity in light of an organization's requirements to ensure that the product in question will serve its intended purpose.

About Bernard Golden
Bernard Golden is the CEO of Navica.
[email protected]

More Stories By Kevin Bedell

Kevin Bedell, one of the founding editors of Linux.SYS-CON.com, writes and speaks frequently on Linux and open source. He is the director of consulting and training for Black Duck Software.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

@ThingsExpo Stories
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Events announced today that Sheng Liang to Keynote at SYS-CON's 19th Cloud Expo, which will take place on November 1-3, 2016 at the Santa Clara Convention Center in Santa Clara, California.
@ThingsExpo has been named the Top 5 Most Influential Internet of Things Brand by Onalytica in the ‘The Internet of Things Landscape 2015: Top 100 Individuals and Brands.' Onalytica analyzed Twitter conversations around the #IoT debate to uncover the most influential brands and individuals driving the conversation. Onalytica captured data from 56,224 users. The PageRank based methodology they use to extract influencers on a particular topic (tweets mentioning #InternetofThings or #IoT in this ...
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Penta Security is a leading vendor for data security solutions, including its encryption solution, D’Amo. By using FPE technology, D’Amo allows for the implementation of encryption technology to sensitive data fields without modification to schema in the database environment. With businesses having their data become increasingly more complicated in their mission-critical applications (such as ERP, CRM, HRM), continued ...
The IoT has the potential to create a renaissance of manufacturing in the US and elsewhere. In his session at 18th Cloud Expo, Florent Solt, CTO and chief architect of Netvibes, discussed how the expected exponential increase in the amount of data that will be processed, transported, stored, and accessed means there will be a huge demand for smart technologies to deliver it. Florent Solt is the CTO and chief architect of Netvibes. Prior to joining Netvibes in 2007, he co-founded Rift Technologi...
SYS-CON Events announced today that Streamlyzer will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Streamlyzer is a powerful analytics for video streaming service that enables video streaming providers to monitor and analyze QoE (Quality-of-Experience) from end-user devices in real time.
@ThingsExpo has been named the Top 5 Most Influential M2M Brand by Onalytica in the ‘Machine to Machine: Top 100 Influencers and Brands.' Onalytica analyzed the online debate on M2M by looking at over 85,000 tweets to provide the most influential individuals and brands that drive the discussion. According to Onalytica the "analysis showed a very engaged community with a lot of interactive tweets. The M2M discussion seems to be more fragmented and driven by some of the major brands present in the...
Established in 1998, Calsoft is a leading software product engineering Services Company specializing in Storage, Networking, Virtualization and Cloud business verticals. Calsoft provides End-to-End Product Development, Quality Assurance Sustenance, Solution Engineering and Professional Services expertise to assist customers in achieving their product development and business goals. The company's deep domain knowledge of Storage, Virtualization, Networking and Cloud verticals helps in delivering ...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
SYS-CON Media announced today that @WebRTCSummit Blog, the largest WebRTC resource in the world, has been launched. @WebRTCSummit Blog offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. @WebRTCSummit Blog can be bookmarked ▸ Here @WebRTCSummit conference site can be bookmarked ▸ Here
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
Virgil consists of an open-source encryption library, which implements Cryptographic Message Syntax (CMS) and Elliptic Curve Integrated Encryption Scheme (ECIES) (including RSA schema), a Key Management API, and a cloud-based Key Management Service (Virgil Keys). The Virgil Keys Service consists of a public key service and a private key escrow service. 

In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, will discuss the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docke...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life sett...
In the next five to ten years, millions, if not billions of things will become smarter. This smartness goes beyond connected things in our homes like the fridge, thermostat and fancy lighting, and into heavily regulated industries including aerospace, pharmaceutical/medical devices and energy. “Smartness” will embed itself within individual products that are part of our daily lives. We will engage with smart products - learning from them, informing them, and communicating with them. Smart produc...
Just over a week ago I received a long and loud sustained applause for a presentation I delivered at this year’s Cloud Expo in Santa Clara. I was extremely pleased with the turnout and had some very good conversations with many of the attendees. Over the next few days I had many more meaningful conversations and was not only happy with the results but also learned a few new things. Here is everything I learned in those three days distilled into three short points.
SYS-CON Events announced today that Coalfire will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, health...
Cloud based infrastructure deployment is becoming more and more appealing to customers, from Fortune 500 companies to SMEs due to its pay-as-you-go model. Enterprise storage vendors are able to reach out to these customers by integrating in cloud based deployments; this needs adaptability and interoperability of the products confirming to cloud standards such as OpenStack, CloudStack, or Azure. As compared to off the shelf commodity storage, enterprise storages by its reliability, high-availabil...