Musings on business models for open source software
Note: I use "open source" here, but I really mean "the amalgamation of open source and free software as defined by the Open Source Definition and the Free Software Foundation, respectively". It was the shortest thing to type.
I have been thinking a lot about open source from a business perspective lately. While the statement that “open source is not a business model” is true, to frame my thoughts I started with categorizing the existing business models for open source software companies.
These companies build open source solutions for their customers on contract, often around existing open source technologies. Examples of this model are Igalia, Collabora, Open Source Consulting Group, but other companies often have open source consulting offerings in addition to their primary business model.
- Subscription Offerings
Every piece of code that these companies produce is open source. Usually, these offerings target technologies and solutions for Enterprise use cases (Server OS, Cloud, Middleware, Storage, Virtualization, Containers). Companies here sell customers annual subscriptions which provide support, updates, and access to all current binary releases of the software. Source is available to everyone. Customers do not pay for “right to use”. Examples of this model are Red Hat, WSO2, OpenNMS, Heptio (now VMware), Hortonworks (now Cloudera), Canonical, Univention
- Donation model
These companies solicit (but do not require) donations for download of their open source offerings, and/or sell branded goods to support themselves. In some cases, they sell “boxed” offerings of their software. Examples of this model are Elementary, Mozilla.
- Open Core
Pivotal is an excellent example here, where the core codebase (Cloud Foundry) is open source, but their main product offering in the space (Pivotal Cloud Foundry) adds proprietary software. The purpose of the proprietary software is to improve the usability of the open source “core”, and the business model is structured around the belief that customers want to use the “core” but get value from the usability wrapper. In other cases, there is a proprietary fork of an open source core, which contains extra features not found in the “core”.
There are quite a few examples of companies with this business model, a long list of them can be found here:
- Software as a Service (SaaS)
Companies which offer open source software services running on their infrastructure. These can be pure open source offerings, but more commonly, they are open core offerings, built on an open source core, but with proprietary feature extensions. An example of this model is Fastly, though, it is common for open core companies to have SaaS offerings as well.
- Peace of Mind
This one is brand new, created by Tidelift, where the idea is that companies can pay them to act as an intermediary to the open source projects that they consume (mostly in the web framework space). They then sponsor and support those community projects so that they remain healthy and useful for their customers.
This model assumes that your customers need to be afraid of your open source code, and that their fear, uncertainty, and doubt (aka FUD) will result in them buying a “commercial” proprietary license for that code. This is MongoDB’s new plan, via the SSPL. The SSPL says that if you use code under that license in certain situations, you will have to release every other component connected to it under that license as well. The fact that this may not be practical or possible, well, not their problem, I guess open source is just too risky for you, would you like to buy a proprietary license from us instead and resolve all that bother? While FUD is not new, applying FUD to your own products is… a bold strategy.
Okay, so we’ve got some quick and dirty business model definitions laid down. The majority of the companies in this space are open core, and it’s not hard to see why. Selling proprietary software is a relatively straightforward model. Customers pay for a license to use, they become dependent on functionality which can only be found in that software, and they usually become locked in, securing a recurring revenue stream of license renewals and forced upgrades to newer versions.
And yet, the most successful company (by financials) in this space, Red Hat, is not open core. Having been at Red Hat since 2001, I think the primary key to our success has been that we have deeply invested in delivering value to our customers and to our open source communities. The open source model allows for us to leverage a development pool far beyond what we can staff in house, incorporate the improvements of the participants in that community, and deliver offerings to our customers that put them entirely in control.
When I was in Red Hat Sales, I learned very quickly that the top value for open source for our enterprise customers was that control. They hated the lock-in model of proprietary software, not because they had to pay, but more specifically, because they were stuck on software that was not entirely meeting their needs and for which the vendor was not providing good value for the money. After all, if your customers are locked in, it is easy to reach a point where you have no real business case for improving the software, either via new features, improved usability, or bug fixing. Customers get wedged in a painful state where it is even more painful to abandon the software, trapped in a poor experience and growing to despise their vendors. Even if a customer was never going to make a change to the source code, or even look at it, the knowledge that they could (or that they could hire anyone else to maintain it for them) was empowering. They paid Red Hat because we delivered value beyond binary deliverables.
The open core model has always seemed odd to me, a sort of “half-pregnant” state. On one hand, companies must believe there is value in the open source development model, otherwise, why not simply work from an entirely proprietary stack? I suppose some companies might see the open source core as a cheap foundation for their offerings, but I think that if they treat it as such, they only get a one-time boost from it, and fail to benefit significantly over time. Regardless, open core assumes that a company could not generate revenue (or could not generate as much revenue) from open source alone. My experiences at Red Hat provide evidence that this is not the case, though, I’m careful not to assert that this is never true.
I suspect the main reason there are more open core companies in the space is a simple risk/reward ratio. Doing proprietary software presents minimal risk to a company, but I would argue that the rewards are also minimized. Proprietary software requires that your profits are invested in a linear model, to hire developers to work on the code. Working with open source software in a healthy manner requires profits to be invested into the code in a similar manner, but you also benefit from the investments of others to that same code (customers, partners, even competitors). I would also argue that customers of entirely open source offerings are happier and more engaged with their vendors, and that companies offering entirely open source offerings do more to continue innovating and creating value for their customers, out of necessity.
I also suspect that with time (and success), open source code will emerge to replace the proprietary bits in the open core model, eliminating their value to customers. I would love to hear specific examples of this happening in practice, please leave some in the comments.
I am left wondering if customers purchasing proprietary offerings from open core vendors would still be willing to do so if the entire offering was open source. My experience (and my instincts) tell me that they would, but one could argue that the lack of “pure open source” companies in the marketplace disagrees.
I’m inspired by Tidelift and what they are attempting. I believe that most customers in 2019 are starting to see the real values of open source, and are eager for the control it offers them. I think the market is ripe for players who embrace open source whole-heartedly.
Agree? Disagree? Did I miss something? I welcome your comments.