By Guest Author Antoine Craske, Engineering Center Director @ La Redoute.
La Redoute was present at Open Source Lisbon 2019 for the 17th Edition, organized by Syone, last 4th of October. Open Source Lisbon is an event dedicated to the open source universe for business and developers, providing to attendees the opportunity to learn about open source ecosystem, solutions and case-studies. Last year, Benoit Dumont and Antoine Craske took the chance to present Cerberus application deeply linked to La Redoute website tests. On this edition, the conference followed the same organization having two tracks. One for the main conferences for general topics, and another one dedicated to the technical workshops. In addition, the event was available in live streaming.
Figure 1 - Open Source is eating the Software World, IDC
#1 Open Source is driven by community, but not necessarily free
A common misconception about Open Source products is that they are free, leading to the perception that the product can be used indiscriminately. The “degree” of free varies according to the type of license. For some products, there are subscription options that enclose a set of advantages for the companies which decide to subscribe.
How to provide legitimate access to an Open Source product
When implementing an Open Source Software product, one must not forget about licensing it, allowing end-users to have a legitimate access. The Open Source Initiative defines several licenses that can be used while licensing an open source product. This is a public process that aims to ensure that a soon-to-be “open source” product complies with norms and expectations from the community (License Review Process here). An important difference highlighted by Red Hat in their article “What is Open Source” is the following:
“Open source software does not necessarily mean that executable software is given away for free. It does, however, mean that its source code is available for free.”
Red Hat Enterprise Linux: a case for the subscription model
Red Hat provides one concrete example of a product that is open source but that may not be free, Red Hat Enterprise Linux. It has an “open sourced” code, free to everyone, but there is a subscription mode which companies can use to obtain a production-ready version. It frees from compiling the source code by themselves and enables to access professional support from an experienced team. At the same time, Redhat ensures quality properties such as security and stability for the solutions. For this concrete example, we observe that the commitment and involvement of the open source community is not impacted by having a subscription model available.
There are other companies, which similarly to Red Hat, are making their products free: free to see, free to modify or free to redistribute.
Public Money? Public Code
On the public sector, countries like Barcelona, Paris, Amsterdam, Helsinki are already examples of cities that collaborate themselves with free software solutions.
Alexandre Sander, EU Policy Manager at Free Software Foundation Europe (FSFE), presented the benefits of free software on public sector, based on the four principles of user’s freedom open source software: use, share, study, improve.
Considering that public governments should have full control of their systems, they started a campaign called “Public Money Public Code” (video available here), for legislation of publicly financed software to be publish with free software license. More than 200 organizations already support this campaign.
FSFE helps public administrations on the best practices and the best away to migrate their systems using open source software.
LifeRay : How open source helps the company in their business
Focused on digital transformation, Rafael Lluis, Presales Lead on Liferay, highlighted how the customer behavior is changing the company’s business and the reason behind fast delivery and digital products with secure and reliable platform is so important.
A large active community is nowadays contributing for their open source software, not just with code but also within different channels: blogs, chats, forums, user groups, etc…, that empowers the company to faster understand business, take advantage of functionalities developed by the community and spread the word using events across the countries.
#2 Open Source adoption requires an initial investment
When we think about Open Source, we must consider the initial investment to a successful completion. This investment is not just the adjustment of the organization, but it is also the financial investment to support infrastructure needs, cost of migration, training, among others.
The Elephant in the room
With a two-dimensional spectrum, Gustavo Homem, founder and CTO of Solid Angle, started with some considerations related to the size and reality of an organization having in mind a migration to an open source software solution.
Gustavo lead us to discover the Elephant in the room, where he compares the cost in time for an end-to-end migration to an open source software and why an initial investment is so important to reduce the costs in the future. Also, using real cases, he highlighted the signs that can lead a company to an unsuccessful migration to free software.
Figure 2 : The Elephant in the Room for Open Source Adoption
Retail sector as a driver of Open Source usage: La Redoute and Leroy Merlin
In a previous set of articles (Lessons Learned from the Elastic Meetup), we shared La Redoute’s experience while using the Elastic stack (ELK stack). On our side, we used Elasticsearch, Logstash and Kibana to optimize, not only the customer experience, but also to support monitoring and technical processes. This year edition, Leroy Merlin presented their perspective while adopting Elasticsearch “to drive sales and Increase Revenue”. Their main drivers for the adoption of an open source solution are relatable, for instance: to build & run fast and to use open agile products.
Leroy Merlin’s approach for their MVP is comparable to La Redoute’s solution for the Offer’s cluster. Their target was to improve the search capabilities both in the physical stores and in the e-commerce platform. In the same way, Leroy Merlin’s solution targeted Elasticsearch as the data repository and Logstash as the data feeder. Among the benefits listed, it is worth to mention: the improved response time on the web site, the scalability in the cloud and the cost reduction (“around 40% for overall business case”).
#3 Open Source Adoption accelerated via Security & Ethics requirements
With the growing needs to protect users and their privacy, many entities started to use open source solutions allowing the evolution and dissemination of these tools and at the same time expanding the communities.
CyberSecurity with OpenSource
Sérgio Silva, Ethical Hacker, Cybersecurity Specialist and CEO of CyberS3c presented open source solutions and advantages of open source code to empower CyberSecurity within an organization.
The presentation was focused on the open source tools to detect, prepare and protect the organization on every stages of a cyber-attack with a small investment.
Security Onion was one of the examples detailed during the presentation, is integrated with Kibana, Elasticsearch, Logstash and other security tools to intrusion detection, enterprise security monitoring and log management.
Open Source Software also offer solutions for the companies be compliant with GDPR such as encrypting data tools like VeraCrypt and evaluation of data protection impact assessment like Pia Software.
#4 Open-Source enterprise dynamic requires a specific organization: OSPO
The talk “Your organization needs an OSPO, or be ready to fail!” from Jose Manrique was quite interesting for open-source in enterprise. When a company want to launch a new initiative, it quickly arises the question of “how to support it?”. It is in fact the same logic for launching an open-source strategy and initiative within a company.
An OSPO focuses is a pivot role between the internal and external ecosystem
The open-source team within an organization is usually referred as an Open Source Project Office (OSPO). The model has been proven in major players, such as BBC, Netflix, Uber and Zalando. The OSPO usually has a market ratio of 1 FTE for 100 developers in a company, that scales aligned with the development team growth.
Figure 3 : Open Source Program Office (OSPO) roles within an organisation
The main OSPO roles listed in the schema illustrate the pivot role of this organization. On the inbound side, define the internal consumption of open- source projects. On the outbound side, the strategy of contributing or creating open-source projects. This last one requires an active management of its community and roadmap to guarantee its viability.
The value for company that have implemented an OSPO
We had the chance to have Hong Phuc Dang, Inner Source Manager@Zalando giving a talk about “Open Source in Enterprise”. She described the implementation of an OSPO at scale at Zalando, with 15 people dedicated to this organization. The sharing of the open-source community activity in Asia was also quite impressive by the number of projects and companies involved in the dynamic.
Regarding Zalando, the graph above factually demonstrates their open-source contribution. They started in 2014 by sharing their projects to the open-source community. At the beginning, they were the main contributors while increasing the number projects over-time. After the initial investment, we clearly see the benefits and growth from external contributions available to the whole community.