Ognjen Regoje bio photo

MY NAME IS
Ognjen Regoje
BUT YOU CAN CALL ME OGGY


I make things that run on the web (mostly).
More /ABOUT me.

me@ognjen.io Twitter LinkedIn Github

Turns out Elastic aren't the bad guys

The European Super League fiasco that is currently going on reminded me of a similarly unpopular situation that happened in open source: Elastic changing the licence for ElasticSearch.

The gist of the change was that you are no longer allowed to provide ElasticSearch as a service.

A lot of people were upset.

Elastic is probably the biggest company and it made the most radical change. There have been other companies that did similar things that didn’t attract nearly as much discussion.

It’s quite an important discussion given the widening trend of having open source companies that are for profit.

The reactions at the time had a few different arguments as to why they disagreed. Some where more compelling then others.

My reflex was to join in the outrage but I wanted to better understand the motivation behind this decision. I also wanted to consider the different arguments against it. I bookmarked the HackerNews threads and came back to them only recently. I tried to strip away the emotion and noise. Following is a summary of the different arguments that helped me form a more nuanced understanding of the situation.

About Elastic

One of the arguments for selecting ElasticSearch is that it’s Open Source. As a result it’s free and requires no licencing agreements.

Because of it’s permissive licence it was also usable by companies that do not want to use software with less permissive licences, such as GPL.

The other very important reason ElasticSearch is frequently chosen is because it works well. I chose it for Supplybunny because it’s free (as in beer) and because it works well. In fact, having worked on Solr before, I was very glad it existed.

The question that remains is how many companies based their decision to use it solely on the licence. And how many made that decision based on how good it actually was? I would assume that it’s mostly the second one.

I think the most common scenario was that the decision to use it was made based on the fact that it’s good. It’s permissive licence, however, made it easily accepted by companies with strict licencing requirements.

But isn’t changing the licence a bait and switch?

Considering this change as a bait and switch implies that the licence was the bait and that the decision to use it was predominantly based on the licence. While the licence might have been the cherry on top, I highly doubt it alone was the bait.

Secondly, it also implies that the licence was intentionally made permissive as a trap that they planned. That would be a very counterproductive thing to plan given that they must have known there would be significant backlash.

I’m sure this decision was extremely hard for them to make. The fact that they were willing to deal with the backlash shows just how necessary they thought it was.

Finally, it also implies that there was a “switch”. But for the vast majority of the users there wasn’t.

If you were running it yourself, such as I am, there’s no change.

If you were running it on AWS then you can continue but wont get any updates. This would probably serve you fine since Amazon will fork it as quickly as humanly possible. Oop, it’s been done while I was writing this.

For some there really was. In particular:

1. For Amazon and other providers

I’ll cover this more detail separately in the following section.

2. For companies with the strictest licencing requirements

This really might be a problem. There are organizations that do not accept even GPL licenced software. They might not even consider a non-standard licence. In this case Elastic did fuck up and should offer a recourse for these organizations. They’d rightly lose customers otherwise.

I’d venture to guess that a lot of those companies use AWS and I’d suggest that they consider switching over to elastic.co and supporting the project. I do understand that it’s unrealistic for enterprise.

Sidenote: Elastic has now added SSPL support as well. Any company that uses MongoDB will be familiar with it.

But do they own it?

Looking through the source code, Elastic employees contributed the vast majority of the source. As a result Elastic does directly own most of it.

Furthermore, contributors that are not employees will have signed the contributor agreement. That allows Elastic to distribute the contributed source without restriction. More about contributing:

Most open source libraries have similar contributor agreements.

As a result, however, they might not own it but they do have the right to distribute it however they see fit. If they chose to distribute it under a different licence they are allowed to do so. The fact that they do not own it doesn’t matter.

Have the contributors been “betrayed”?

On the one hand, I have contributed to projects that did end up making money from my (free) contribution. But I went in knowing that what the value of what I was doing was purely educational (and in some cases self-serving) and that the company can do with it as it wants.

On the other hand, contributing to an open source project that is run by a for-profit company is another kettle of fish. That makes profiting off of contributors pretty much a given.

Have the contributors been “betrayed”? To a degree, I suppose they have. They were contributing to software with one set of principles. Overnight, that set of principles changed. Their contributions might now be to software that does not align to their values. I can definitely understand how this might not feel great.

But, I don’t think the licencing change is entirely the cause. It’s also the lack of clearly communicated expectations and what signing the contributor agreement means. Although, even putting

WE MAY CHARGE FOR YOUR WORK AND MAKE IT CLOSED SOURCE AS WE PLEASE

might not have been enough.

Finally, I think that the contributors did gain at least some benefit from their work though. Perhaps they solved a bug or added a feature that was impactful to their business. Or they might have put the fact that they were a contributor to a very popular open source project on their resume. Or they just satisfied their own scientific curiosity. In any case, that does count for something as compensation.

But it’s no longer Open Source then

That’s true, it’s no longer Open Source. But there is open source and Open Source. The former is also called source available.

In both cases a powerful tool is available for free. That has enormous value, in particular to new projects.

The fact that licence is not OSI-approved does not diminish that value. It does diminish the ideals that the company upholds.

With that said, even source available software is better then closed source.

But why not AGPL then?

Based on a quick read of the AGPL I understand that it’s insufficient. It would only require Amazon to release the ElasticSearch source code. They could still do what they were doing. It would have accomplished nothing.

So, is Elastic in the right here?

Legally

Legally, I think it’s quite clear that they do have the right to do this.

They own most of it. The parts that they don’t, they are allowed to distribute as they wish.

Their lawyers probably told them the same thing.

Ethically

The decision split the community so clearly there isn’t a definitive answer.

Personally, after letting it sit for a while, I think they’re alright to do it. And I think the community should have supported them more.

In the long-run, I think it’s a net positive:

  • It keeps Elastic independent and sustainable
  • It provides a clear way for funding for open source projects
  • In maintains a competitive environment that often results in better software for all

Besides, Elastic also provides more than the software

The code is the most visible part of the ElasticSearch project. But Elastic provides other things to the ElasticSearch community.

They are the ones replying to most support requests.

They are the ones maintaining the docs the most.

They are the ones providing the marketing that built a community to the point where resources are plentiful.

This all counts towards the usefulness of Elasticsearch and has real value that the company should be compensated for.

About Amazon

Did Amazon do anything “wrong”?

There were two issues originally: Amazon hosting ElasticSearch and profiting from it and some trademark issues.

I am not informed about the trademark issues although I do understand that’s what sparked the issue.

Regarding hosting ElasticSearch and profiting from it, no, I don’t think they did. It’s a business. They saw the usefulness in ElasticSearch and the permissive licence and an opportunity to make money.

I don’t think they’re wrong.

But ethically

At the same time, I don’t think they’re ethically right because they were providing a comparable service in direct competition. They also did nothing, as far as I know, to support Elastic.

Some ways they could have supported a good piece of software that’s making them money:

  • Providing Elastic with resources such as AWS
  • Having their staff contribute more to ElasticSearch source
  • Negotiating a separate licence
  • Setting up profit-sharing

It doesn’t seem like they did any of that. In my (possibly naive) opinion any of these might have been a prudent business decision. Not only would it be ethically right, but at the same time they would’ve continued to profit from it for much longer since we likely wouldn’t have come to this point.

If Elastic betrayed their contributors, Amazon did that much more. Not only did they profit of off them but they contributed a lot less.

Others

Well, Redhat does fine with a permissive licence

And Redhat is absolutely the exception that proves the rule.

They’re a product of a different time and are deeply entrenched so they can afford to do it. I don’t think it’s fair comparison.

It’s similar to saying that Volvo opened their seatbelt patents so car companies now should open their battery patents. The circumstances are entirely different.

Furthermore, Redhat is also a significant contributor to the Linux kernel so they at least give something back.

Crate

Crate is a project on top of ElasticSearch. They’re a smaller player that was deeply affected by this change.

Elastic should have realized the potential for disruption this change would have had for businesses such as this. While their response might be considered proportional towards Amazon, the effect they’re having on Crate, and probably other similar small businesses, cannot. This can entirely destroy those business. I hope that Elastic has or will approach these businesses to arrange other ways of collaborating.

On the other hand, I’d say Crate’s approach to building their business leaves a lot to be desired. Building a project entirely on top of another is not a great idea to say the least. Building a project entirely on top of another that closely competes with it is even worse. Their planning should have considered something like this happening as a certainty. A business should not be so dependant on another.

Furthermore, them immediately throwing Elastic under the bus left a sour taste in my mouth. Given that they did that so quickly, I doubt they even tried to reach out to Elastic regarding alternative arrangements. Hanlon’s razor would suggest that this is poor decision-making rather then outright malice, however.

Other projects

There are other projects that did similar things that didn’t result in nearly the same amount of discussion (and vitriol).

CockroachDB relicensed.

MongoDB has had the commons clause debacle resulting in SSPL. Similar but not quite the same.

Neither of these cases are as bad as the community made them out to be.

A lot about this discussion is unproductive

Firstly, it’s the pedantic definition of Open Source. Even if it’s not capitalized, it’s better then closed source.

It’s also not important whether OSS contributors were betrayed. While contributing to any open source project you should be aware that others are making use of your contribution. And you should not expect to get anything for it. I know it’s difficult but such is life.

It’s also not productive to argue whether someone had the right to do something. Since Elastic is a relatively big company, they definitely consulted their lawyers so I’m sure they were certain that they could.

What is productive

This situation has been made productive by bringing awareness that Amazon was taking advantage of them. Hopefully, it also made other open source companies realize that if they grow enough, they will be in the same boat. It’s just business though. The strong bully the weak. Dave Chappelle put it nicely.

Secondly, it’s also been made more plain that everyone wants open source and free projects but no one wants to pay for them. This is particularly toxic in enterprise where they want free and permissive software and then go and pay another company to run it for them.

Next, it’s also productive to think about ways that open source projects can be monetized. Not even in the “uNicOrN oPeN SoUrCe pRojEcT” but in the sense that people writing open source software need to eat.

Overall, I think it’s actually in the OSS community’s interest to support moves like these. If there is no way to get compensated for OSS there would be fewer projects. Funding with no strings attached, such as by Apache foundation or running a Patreon, is very limited. OSS projects often have to find other sources of funding.

Furthermore, the licence Elastic introduced is in fact more permissive then many open core licences.

Finally, I’d also like to see Elastic working, perhaps even with OSI, on standardizing this type of licence in order to help future companies in a similar situation.

#business #ethics #open source