"Domestic enterprises must recognize the value of open source and attach importance to open source." Jam Junping said.
The so-called "value of open source" contains two meanings: one is the benefit of open source software to the development of enterprises, and the other is the feedback of enterprises to form a good open source ecology.
The examples of the former are numerous, and the vigorous development of most Internet companies in China is inseparable from the support of "LAMP" (Linux, Apache, MySQL, PHP), and more and more enterprises are embracing open source. However, the development of domestic open source has not yet formed a good commercial closed loop, and most enterprises' attitude towards open source is "can rub and rub", and the willingness to pay for and contribute to open source is generally low.
The most direct evidence of this phenomenon is that compared with Europe and the United States, there is still no open source startup in China with a valuation of tens of billions of dollars like Databricks and Redhat. Founded in 2013, Databricks is a startup that has come out of a top university and has created a series of booming open source projects such as Apache Spark and Delta Lake.
Junping Is a veteran in the open source field, currently serving as the general manager of the cloud and computing open source business at Huawei, as well as the chairman of the technical supervision committee of the Open Atomic Open Source Foundation, the chairman of the LF AI & Data Foundation, and was the first developer in China to be selected as a Committer in the Hadoop project in the early years.
Combined with years of cultivation and observation in the field of open source, Junping And AI Technology Review discussed his current situation of domestic enterprises participating in the development of open source. He pointed out that at present, many companies still pursue "take-ism" and "free-to-play", and adopt a "only use and no maintenance" attitude towards open source software, which neither plays the value of open source well nor does it do a good job of open source. Eventually, companies will have to take on more and more "technology debt".
To break this situation, companies must learn to "buy tickets to enter the market" and carry out compliance management of open source.
1. Domestic enterprises generally lack the awareness of "contributing to open source"
Nowadays, open source has penetrated into all walks of life and become one of the source engines of enterprise technology entrepreneurship.
In addition to open source of AI frameworks such as TensorFlow and PyTorch, open source for other hardware and software facilities of enterprises around the world is also in full swing: OpenStack for cloud management, Hadoop and Spark for big data, cloud-native Kubernetes...
In recent years, Chinese enterprises have also actively participated in open source, and have done a lot of work on open source projects and open source communities, such as Huawei Sheng Si and Euler, Baidu Fei Pulp, Megvii Tianyuan... Not long ago (December 22), OpenCloudOS, an operating system open source community established by more than 20 manufacturers such as Tencent, Inspur and OPPO, was established. All this shows that the role of Chinese enterprises has gradually changed from being the beneficiary of open source to the contributor or even promoter of open source.
With the management of domestic head IT companies in recent years, the managers of domestic IT companies have paid more and more attention to open source, but according to The observation of Block Junping, domestic open source is still facing the embarrassing situation of "applause but not applause": on the one hand, homogenization projects are increasing, resulting in the diversion of users in specific scenarios, and it is difficult to form a resource accumulation effect; on the other hand, successful commercial open source projects are rare, and there is still a long way to go in Exploring an effective open source business model in China.
InfoQ once summarized two major misconceptions about open source in domestic enterprises:
Free: Open source software is free, and enterprises do not have to pay for open source software, resulting in a lower market space for commercial distributions.
Compliance: Open source software can be used and forked at will, resulting in frequent enterprise technology debt and security vulnerabilities, squeezing the market space for commercial distributions.
In the process of the gradual cloud servitization of IT products, in order to keep up with the needs of the business, it is necessary to rapidly iterate the infrastructure to adapt to the market competition of the business. Open source is one of the key drivers.
Large companies that export IT services to the outside world, such as Huawei, Tencent, Ali, etc., must participate in open source, because when open source becomes the trend of the times, if there is a lack of understanding of open source, it is difficult to sell services to customers. For companies that do not sell IT products to the outside world, even if they only do upper-level applications, the lower layer still needs to use a lot of software.
On the surface, open source is free, but as the technology of IT systems becomes more and more complex, the hidden cost of using software is gradually increasing, and the post-maintenance of open source is one of them.
"We all know that there is no software without bugs, and the same is true for open source software. Vulnerabilities, whether security or functional, are unavoidable." Shu Junping said.
According to the "2019 Open Source Security Status Survey Report" released by the US cybersecurity company Snyk, 78% of the vulnerabilities exist in indirect dependencies; 37% of open source developers do not implement any type of security testing during continuous integration (CI), 54% of developers do not conduct any security testing on Docker images; and the number of application vulnerabilities increased by 88% in two years.
Link: http://www.199it.com/archives/839573.html
In view of the above situation, the industry must carry out maintenance updates when using open source software. There are no more than two ways: either invest in open source, contribute open source, closely integrate with the upstream community, have bugs upstream, and fix them immediately; or directly purchase the professional services of third-party enterprises - this demand has also incubated a number of open source startups.
However, at present, domestic enterprises do not have a strong awareness of the maintenance and update of open source software. In areas of high stakes, such as the financial industry, the damage from software (open source or not) vulnerabilities can be enormous. And such losses are often proportional to the time from discovery to repair.
If such open source key technologies, such as databases, are applied to key businesses, but no professionals are invested in maintenance, nor are they fully purchased for technical services of professional teams for maintenance, once the vulnerability causes problems in the upper application, but cannot be solved in time, the losses are astronomical. "This has to raise deep concerns about the current state of affairs." Jam Junping said.
If open source software is likened to "tap water" and open source commercial companies are "water plants", then the shortcomings of domestic open source are that there is no mechanism of "using open source to pay water":
"Everybody unscrewed the tap, and when there was water, it was used, but there was no maintenance." Later, the waterworks went bankrupt, and after bankruptcy, will the water flowing from the faucet still be the water that someone has carefully maintained and purified in the past? Of course not." "At present, thousands of industries in China have not deeply realized this problem, and only a few leading IT manufacturers are focusing on promoting it."
In October this year, in order to enhance the awareness of financial enterprises on open source management, five departments, including Chinese Min min bank, issued opinions on regulating the application and development of open source technology in the financial industry, pointing out the stakes of using open source software to be invested in maintenance.
In contrast, Europe and the United States have been more successful in the commercial closed loop of open source, in open source, manufacturers, developers, open source companies, etc. can obtain commercial returns through their own contributions, but China is still chaotic in the commercialization of open source.
"Is it because Chinese developers are stupid because they don't have successful open source commercial companies like Databricks?" No. It's because everyone thinks that they can use it for free, rub it on it, and have not completed the closed loop in the user value link." Block Junping concluded.
2, open source should be like "tropical rainforest"
He believes that open source is likened to a primeval forest in the Amazon. In the open source world, there are big companies, small companies, and newly founded companies:
"The amazon's primeval forest is so well developed precisely because it is vigorous and vibrant, and in fact, open source is also like this." Open source requires big trees, rivers, and all kinds of small trees, mushrooms, mushrooms, etc., to form a symbiotic relationship. I think the good thing about open source is that people can thrive in an environment full of possibilities."
In order to raise enterprise awareness of the value of open source, Huawei launched the "Open Source Rainforest" program in September this year.
Generally speaking, open source work is from the supply side to discuss the contribution of developers or vendors to the open source community, and the "open source rainforest" hopes to guide enterprises to correctly understand open source and understand open source from the consumer side, so as to complete a better open source cycle.
Specifically, Huawei will work with third-party institutions to summarize relevant theories and cases into several open source professional courses, so that enterprises can quickly have a practical foundation in the form of teaching. At the same time, Huawei will also choose to build open source capability centers with some partners and customers, or use joint innovation projects to complete the organization and process construction of enterprise open source, so that these enterprises have open source practical capabilities.
As a contributor to the open source community and a decision maker on the open source strategy of vendors, Junping Said: "I am doing both the supply side and the consumer side of open source. At the Open Atom Foundation and the LF AI & Data Foundation, I am pushing for more good projects to open source. On the application side, what I want to do is to guide domestic enterprises to understand the value of open source and invest in open source innovation."
In a sense, the cooperative nature of open source is contradictory to the competitive nature of business. In order to balance the competitive relationship between enterprises in open source, it is necessary to establish a fair, open and transparent open source community atmosphere, and it is also necessary to develop neutral foundations, such as the Open Atomic Open Source Foundation and the LF AI & Data Foundation.
In addition, there are many forms of enterprise participation in open source. Block Junping introduced that in foreign countries, some companies do not directly participate in the open source of the project for a long time, but serve the open source project cloud, and then obtain profits from it. "Although this is not an open source contribution in the traditional concept, and the open source field has mixed praise for this approach, at least it has successfully promoted the promotion of open source projects, and it has also proved that open source projects have commercial value and the ability to industrialize."
According to the 2020 open source ecosystem white paper released by the Academy of Information and Communications Technology, in 2019, more than half of enterprises used open source software to apply to the database direction, cloud computing open source technology has been widely used in the field of cloud computing, more than 70% of enterprises have applied open source container technology, and more than 60% of enterprises have applied or are testing microservice frameworks.
Cloud computing is one of the hottest business models in recent years. Block Junping believes that in the cloud era, open source will have a huge impact on various industries.
The core of the cloud is to service itself to the Internet of IT products, which means that in order to improve efficiency and simplify use, there need to be some standards, merge similar services between cloud vendors, and form dozens of granular standard services in thousands of services, thus covering all user needs, and open source can solve this problem very well. Leifeng Network
"Because the essence of open source is to open up cooperation and competition through everyone, and ultimately form a de facto standard for the industry or field." For the user, he can get it for free, and when it is used, good things will not be monopolized. Everyone is willing to form a trend. So open source is a good way to "make a good software product a de facto standard." Block Junping commented.
At the same time, what does the cloud mean for open source?
From the 1960s and 1970s to the present, open source has gone through more than half a century, experiencing a distinct transformation from "personal heroism" to "enterprises becoming the main force of open source". Enterprises want to continue to open source, and it is impossible not to commercialize.
There are many monetization paths to open source commercialization, and cloud servitization is an increasingly common approach. Although open source is free, after moving open source software to the cloud and deeply integrating with infrastructure, open source software becomes "what you see is what you get", out of the box, complete the commercial closed loop, and truly generate application value. Leifeng Network
In other words, open source can continue to grow, and it also needs innovative business models such as cloud computing.
3. Conclusion
Data show that more than 90% of China's top 500 companies do not really understand open source, and only a dozen participate in open source contributions. In contrast, 79.2% of Fortune Global 500 companies understand open source, and 22% participate in open source contributions.
If open source is compared to a theater, people who watch the theater do not buy tickets to enter the theater, but try their best to find the back door, and one day, the theater will also close. Domestic open source to get out of the embarrassing situation of "applauding but not calling", in addition to the leadership of the head manufacturer, in the end, it is still necessary to rely on the actual participation of major small and medium-sized enterprises. Leifeng Network
There's a buzzword in the open source community: "Open source is not a zero-sum game, you're helping others while helping yourself."
"Fetchism" has a long history of criticism in the open source field. With the improvement of the open source ecosystem, enterprises will be more and more affected by open source, and the times are also calling for a "contributor culture". At this time, if you just reach out and keep silent about the return, you will go against the trend. And we all know that violating the law of the development of things is punishable.
On other days, we have suffered lessons of blood and tears, and it is better to plan ahead as soon as possible.
![Well-known open source companies listed to create billionaires, the founder does not want to be a CEO only want to be a code farmer[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)