As the OpenStack Summit in Barcelona kicks off, Rackspace has released a report entitled ‘The State of Open Source’. With every conference seemingly extolling the virtues of open source software, this report is timely. It manages to differentiate between enterprise open source and the wider open source software market.
What is Enterprise Open Source?
Enterprise open source projects are based on community open source projects. Where they differ is that the enterprise versions are backed by at least one vendor. That vendor takes the open source code and curates it, tests it and delivers a roadmap. They then wrap their own support for the software and consultancy around it. For enterprise customers this looks like commercial software without the huge license fees.
The open source community gains as well. It provides a steady revenue stream for those who are writing plug-ins and add-ons to the project. This means that any code changes such as bug fixes are pushed back to the community. This is part of the license agreement between the community and the enterprise open source vendors. It is a lucrative market. Red Hat has built a billion dollar business out of Linux and is extending that with its OpenStack solution. New vendors are appearing on a regular basis and many of them are making serious money.
Not just about enterprise versions
A surprise from this survey is that companies are not only using enterprise open source. IT departments are taking on open source projects and managing them internally. Across all groups less than 50% of projects are using enterprise open source software. This is a surprise. IT departments talk about their lack of time to complete projects. Using the free community versions of open source means they have to curate, patch and manage updates themselves. It also puts them under pressure to contribute back to the community.
If this were a developer survey then the use of free software would be expected. This is not. This is a survey that talked to IT managers and CIOs. It shows that the demand for innovation and new solutions from business units is making them look at alternative solutions. It is also possible that years of budget cuts in IT is forcing them to reconsider their approach to open source.
One challenge that this brings is skills. The survey makes it clear that companies are concerned that they lack the skills to support open source. This makes the choice of community versions of software even more of a surprise.
Innovation, cost savings and competitiveness driving adoption
The top three reasons for using open source are innovation, cost-savings and competitiveness. With no license costs there are considerable savings to make. The average saving is given as £30,146 per project. The report goes on to say that no respondent said that moving to open source had ended up costing them more than using commercial software. This is good news for open source advocates but there are some questions that needs answering.
What were the size of the projects? Without that it is hard to know if the savings are significant. Saving money by deploying an open source solution that requires little work is just about license costs. However, it would be expected that most projects would require some work so the amount of coding required would have been interesting.
Are the saving from just the development or ongoing maintenance? Operational expenditure is often left out of savings for a project. Longer term savings from recurring license costs versus patching and maintenance also need considering. There was no attempt to look at this.
Did companies have to retrain staff or bring in new developers? The survey showed a skills shortage. Retraining and paying contractors will have eaten into savings. It would be interesting to see if the savings increased over the course of multiple projects.
What were the projects replacing and how many people will use the solution? Was this about replacing expensive commercial software with free software? An indication of saving per user would have given some insight into the impact on software licensing.
Did they get to market quicker? This is about competitiveness and the average project saved six months. This is a big cost saving and commercial advantage. If represented in the figures given, then some projects were not that successful.
Skills and attracting talent
The survey showed that companies were concerned they lacked the talent to take on open source. It is a surprise then that the survey showed attracting the best talent was very low on the agenda for companies. To deliver that innovation that the business units want requires more than just free software.
There is a growing shortage of developers and cyber security staff in the market. This is pushing staff costs higher and this will have an impact on costs. Taking on mediocre talent will also mean that projects take longer. This will lead to lower savings. Companies need to think about their plans to retrain staff and how to attract the best talent. Open source is a good place to find very talented developers and ignoring that is a mistake.
Who is using open source?
90% of the UK companies interviewed said that they used some form of open source in their enterprise. Of these, 25% said that they were 100% open source in terms of new software developments. This is an important distinction. What isn’t disclosed is how long they believe it will take to replace the current commercial software that they are using with the new open source projects.
The mix of industries using open source is also interesting. 94% of the energy, oil, gas and utilities vendors in the survey are using some open source. They are not the only surprise. Financial institutions (86%) and retail, distribution and transport (82%) are also taking to open source.
One of the biggest adopters of open source (79%) is healthcare. It is being forced to modernize while dealing with funding and skills shortfalls. The use of open source in retail is less of a surprise. This is a highly competitive market that is looking to hook customers with a constant stream of innovation at a low cost.
Unfortunately there were no survey questions that revealed an understanding of what these sectors were using open source for. There are a lot of players in these sectors who are deploying cloud services where open source is widely used. There is also a lot of Linux use inside these sectors which could also account for these numbers.
The most surprising claim is that 30% of companies using open source are downloading the free versions from the web. This means that they are doing a lot of coding themselves. They are also willing to spend a lot of time updating their software when new versions are available. This is a significant burden although the nature of the code downloaded was not revealed.
Security still a major issue
Security and open source is always a contentious issue. Advocates claim that the number of developers on projects means that bugs and security are lower than commercial software. This is unproven. There is no large scale substantive survey comparing open source and equivalent commercial software to determine the code errors per thousand lines of code. Both types of software have their long-term security problems.
The majority of commercial software breaches are based on old code. The same is true of open source software. Both the Heartbleed and Shellshock vulnerabilities had existed for a long time. Companies need to ensure that they carry out proper security assessments of all software that they deploy.
There is a marked difference in security concerns between different groups in this survey. Those who are 100% committed to using open source for new developments were happier with its security state. Those who had not taken that decision were using security as a reason for holding back. The survey shows that 49% thought that commercial software was more secure and 43% were worried about vulnerabilities in open source.
The level of concern varied by industry with media, leisure and entertainment (73%) having the least trust. This is in stark contrast to oil, gas, energy and utilities (27%) who are arguably more security conscious.
The C-suite is finally onboard
Perhaps the best news of all for open source advocates is that the C-suite is onboard and supporting open source. This is likely to be more than just about cost saving. The C-Suite will have had to be convinced that any risks from open source are manageable. This shows a considerable shift from previous years when the C-suite was only slowly moving to support limited open source usage. In the majority of those cases it was about enterprise open source only and mainly the use of Linux.
There is plenty in this survey for both supporters of open source and those that are more cautious. There are still issues to overcome if open source is to continue to grow in the market. The success of projects such as Linux and OpenStack show that it is possible to move away from highly expensive commercial software. The big surprise in this survey is that it is not just these curated open source projects that are in use but that there is a wider use of free open source software.