Commercial Open Source in the Cloud

Update 2018-10-16: MongoDB is facing the same problem and decided to go closed source, see the press release.

The brouhaha around Redis Labs taking some enterprise modules of its popular open source in-memory database Redis closed source has somewhat calmed down. However, I didn’t see any discussion of what I thought was the most interesting conclusion of the affair: A core strategy of commercial open source,

the dual-licensing of the software under an aggressive copyleft and a commercial license may not work when cloud providers are involved.

To recap: Redis Labs develops and provides to the market the open source in-memory database Redis. It follows the commercial open source playbook: “Free-loading” users can use the software for free under the AGPLv3 license. Paying customers receive a commercial license. Those with a commercial license do not have to open source their application code, while non-paying users may have to. These are the effects of the AGPLv3 for the free version. It does not apply to in-house solutions, even if hosted in the cloud, but it does apply to software vendors that provide on-premise or hosted solutions to third parties, that is, their customers. To avoid having to open source, software vendors purchase the commercial license and Redis Labs makes some money.

Apparently, the AGPLv3 copyleft clause does not affect underlying cloud infrastructure. Most notably, Amazon Web Services offers Redis as a component to its customers and doesn’t feel compelled to open source their cloud hosting infrastructure. To be frank, I was surprised to hear this. I always assumed (and still do) that there must be some management interface where the hosting infrastructure touches the layers above and thereby creates a derivative work in the sense of the AGPLv3 and copyright law, requiring the open sourcing of the infrastructure code. It appears that both AWS and Redis Labs lawyers don’t think so. As a consequence, the dual licensing strategy entices only application programmers, but not cloud hosters, to move from the free version to the commercial version.

This is still shaking out. Redis Labs added the inappropriately named Commons Clause to the license (while also changing it from AGPLv3 to Apache 2.0), effectively turning open source software into closed source software. The permissions still allow for free use in many ways, but it isn’t open source any longer, which led to the aforementioned brouhaha.

The open source license review mailing list is currently discussing a license proposal, which gives special rights to the “original authors” to exploit the software commercially while leaving others out. I doubt it will pass muster as an open source license.

I don’t think we have a good solution yet. For now, to avoid disillusionment, commercial open source vendors who do not want to compete on competencies alone should probably keep enterprise modules required by cloud hosters closed source from the get-go. As the Redis case shows, retracting an open source promise is not well received, even if the motivation is understandable.

Leave a Reply