Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ


Choose your language

InfoQ Homepage Podcasts Joseph Jacks on Commercial Open Source Software, RISC-V, and Disrupting the Application Layer

Joseph Jacks on Commercial Open Source Software, RISC-V, and Disrupting the Application Layer

In this podcast, Daniel Bryant spoke to Joseph Jacks, Founder of OSS Capital and the Open Core Summit, and discussed topics including the open source and open core models, innovations within open source hardware and the RISC-V instruction set architecture, and current opportunities for disruption using commercial open source software.

Key Takeaways

  • Recently, open source software and the open core business model have driven a lot of innovation and created a lot of value, particularly within the cloud “as-a-service” space. 
  • There has been some disagreement between the open source and commercially-focused communities, for example, in relation to the licencing models and how value is captured.
  • The Open Core Summit (OCS) is a new conference focusing on the intersection of commercialisation and open source software that aims to facilitate discussion in this space. 
  • Organisations building around open source software can potentially look at large cloud vendors as partners. Public clouds can provide effective distribution, and typically focus on offering breadth of services rather than the depth of expertise that can be provided by a specialist company.
  • RISC-V is an open-source hardware instruction set architecture (ISA) based on the well-established reduced instruction set computer (RISC) principles. Leveraging RISC-V can reduce the time and cost of customising chip designs.
  • A lot of recent open source innovation has focused on the infrastructure layer within computing systems. This means that the application layer is now potentially ripe for disruption via commercial open source software.

Show Notes

What was the motivations for the recent Open Core Summit that ran in San Francisco? -

  • 01:10 The Open Core summit is a new conference that focussed exclusively on the intersection of commercialisation/business and open source, or commercial open source software (COSS).
  • 01:35 The reason this term is useful is that up until now is that little attention has been paid to these kind of companies.
  • 01:45 Cygnus was the GNU support company behind GCC that Red Hat acquired.
  • 01:55 The reason we started this conference was to bring together this ecosystem constituents across the COSS landscape.
  • 02:10 We had some of the largest commercial open source vendors and founders talking about why they started their companies, how they are different, how they think the open source paradigm.
  • 02:20 We had Elastic, GitLab, Neo4J, Red Hat and many others, as well as the major cloud players Amazon, GCP, Azure etc.
  • 02:35 We had enterprises that commercialise open source software, like Docker, HashiCorp and others.
  • 02:50 The conference was motivated by the a novel category that requires more thinking and analysis and different perspectives.
  • 03:00 The Open Core Summit refers to this common architectural paradigm of commercial companies that have an open source core.
  • 03:10 We were thrilled to have the first conference happen in September 2019, and we're growing next year, bringing to a few more geographical locations like Europe, Middle East, Asia and the US.

What were the key takeaway and follow up actions? -

  • 03:40 The biggest takewaway was that it was an interesting topic to pretty much everybody in the technological world.
  • 03:50 The implications and relevance of COSS technology and the shift towards open source at the core of everything, exclusively rather than passively.
  • 04:05 There's a central core project of a company's strategy that justifies the company's existence, which is the definition of a COSS.
  • 04:15 On the enterprise side, open source drives more innovation, allows them to be more competitive, to access new technology at lower costs.
  • 04:25 The validation of the participation was a great takeaway, as was the broad perspectives.
  • 04:30 Very few people agree on anything in this world; we encouraged respectful disagreement.
  • 04:40 That's something we want to honour going forward; there's lots of polarising views in pretty much every area.
  • 04:50 Whether it's licensing, or business models, or what is the definition of open source.
  • 04:55 We think there are a lot of important principles and emerging best practices.
  • 05:00 Maybe another observation is that the COSS ecosystem is becoming slightly more a science than an art in certain areas.
  • 05:10 Some of the licensing things are becoming better understood, as to why degrees of permissiveness and optionality are important.
  • 05:20 On the other side, it's becoming more appreciated that cloud providers are a lever and an enabler of innovation and positive distribution and market dynamics for COSS vendors.
  • 05:30 Very recently, in the last couple of years, there was a concern that cloud providers were going to kill COSS vendors.
  • 05:40 I'm starting to see this narrative reverse at the edges, and I hope to see more of that - I think cloud providers are a super important stakeholder in this COSS ecosystem.
  • 05:55 Maybe another takeaway is that there's a massive pent-up demand, and starving interest in open source developers and maintainers that make all this possible.
  • 06:10 The moment they start to realise this entrepreneurial founder path is an option, in addition to donation or shared infrastructure or a job.
  • 06:30 Another option to capture some of the value you create as an open source maintainer is to start a company around your project.
  • 06:35 The most important attendee or group is that open source maintainer, who would benefit from learning about this COSS ecosystem.
  • 06:50 How did Mitchell Hashimoto go from thinking about Vagrant to solving provisioning problems to charging for some plugins.
  • 07:00 How did Shay Banon go from building ElasticSearch from a product growing that community into a huge public company.
  • 07:10 What's the story behind GitLab; how did Dmitriy start building a company in Ukraine - and how did they get in the YC incubator?
  • 07:20 Each one of these stories is different, and we're hoping that the Open Core Summit can be a place for learning about a lot of these emerging observations across all the different dimensions.
  • 07:30 Product development, hiring, culture, business models, licensing, customer side of things - for all these different stakeholders, but for the millions of open source developers that might want to start commercial open source companies.

Do you have any advice from small companies built around open source for interacting with big cloud vendors? -

  • 08:00 I have some strong opinions here, that have been pretty controversial and contrarian that go against a lot of the perspectives and views of the keynote speaker at the summit.
  • 08:20 My view is that COSS vendors and anyone trying to commercialise their open source project; instead of viewing the cloud provider as an enemy or a competitor, view them as a partner, distributor, validation mechanism, a contributor, growing the pie and ecosystem and project.
  • 08:40 As a consequence, if you think of them as a partner, you start to think about the competitive dynamics very differently.
  • 08:50 You start to think critically about what the implications of helping the cloud provider could be instead of fighting against them.
  • 09:00 What does partnering look like?
  • 09:05 Partnering very concisely would boil down to a commercial open source vendor actually helping and going out of their way to make the process of building a hosted service based on your project a success.
  • 09:20 Partnering with the cloud providers, because they have millions of customers, a huge distribution channel, a huge number of engineers, a significant brand, which you likely don't have.
  • 09:50 Helping a cloud provider build a competitive service to the one you're building as a domain focussed company behind XYZ project.
  • 10:00 The benefits of growing the cloud further, and allowing them to compete with you and their business model - which is to drive compute cycles and storage and integration into their services.
  • 10:20 If you look at a software vendor around a successful open source project - their architecture for managing a service as a cloud offering or business is different - less vertical integration, pressure and incentives.
  • 10:40 The temptation to conflate cloud providers providing an open source service and a self hosted solution as a bad thing; that fear starts to break down quickly.
  • 11:00 Although the business model might be similar if you're offering a hosted service - you're offering a different buy position for the software.
  • 11:25 Cloud providers cannot go that deep in a particular technology.
  • 11:30 If it's so rich and diverse as to make possible building a commercial open source company around it.
  • 11:40 Doing the reverse of fighting and competing the cloud provider, and instead partnering and helping them is probably a good idea.

Do you think that multi-cloud and the standardisation here on using Kubernetes as a common platform foundation will have an impact on new or existing open source projects? -

  • 12:05 Hybrid cloud and multi cloud are definitely huge trends.
  • 12:15 Originally we had cloud washing, and now we have multi-cloud washing; the term is being used in interesting ways.
  • 12:20 This whole multi-cloud movement is definitely a good thing for open source developers, because they can access the best services without wiring into a single cloud provider.
  • 12:40 Lock-in is always a fact whatever you do, like your programming language that you use or the biggest dependencies of the system etc.
  • 12:50 For open-source developers, as this multi-cloud becomes a reality, they'll be able to build their services more efficiently without worrying about cloud specifics.
  • 13:05 This is enabled by the Kubernetes ecosystem.
  • 13:15 If you think about building a hosted service around your open-source project, like DataBricks, which is the company behind Apache Spark.
  • 13:30 Building a platform around Apache Spark in the cloud which could work anywhere in the cloud, regardless of which cloud you use, would save DataBricks a huge amount of engineering effort.
  • 13:40 The more normalisation of those APIs and common multi-cloud control plane emerges could be valuable for COSS vendors as well.
  • 13:55 That way, they wouldn't have to invest in re-writing the control logic across all the different cloud providers.
  • 14:05 Most fragmentation exists at the management control plane; security, policies, identity access management, authentication, authorisation, logging, monitoring, networking, storage ...
  • 14:15 Computing is becoming more commoditised, just moving things around like Lambda-style or EC2 or containers - directly because of Kubernetes.
  • 14:30 As Kubernetes allows people program against all these different management plane APIs, cool things are going to happen.

Can you provide an overview of the RISC-V chipset? -

  • 14:50 I was lucky to speak at the second RISC-V summit yesterday, so this is fresh on my mind.
  • 15:05 RISC is the Reduced Instruction Set Computing architecture, for the way processors are designed and laid out on chips.
  • 15:20 The predecessor for that was CISC - Complex Instruction Set Computing - we went from complex instruction sets to reduced instruction sets.
  • 15:30 John Hennessy and David Patterson created RISC, which is used in every computer; both in the embedded side and on the server side.
  • 15:40 x86 is a proprietary RISC implementation, and the R in ARM stands for RISC.
  • 15:50 RISC-V is an open-source standard for making it possible to unlock custom chip design and hardware engineering for anyone.
  • 16:00 Up until now, this RISC technology has been dominated by proprietary implementations, driven by ARM and Intel and a few other companies.
  • 16:10 What RISC-V makes possible is this disaggregation and democratisation of innovation at the chip level because of an open standard.
  • 16:20 There's the open standard RISC-V specification, and there's implementations of that specification.
  • 16:25 You can think of RISC-V as an open-source standard in the way that GraphQL is a standard for a new API for querying a model that is not software.
  • 16:45 There are many implementations of chips and cores in the RISC-V ecosystem, for different types of purposes.
  • 16:50 32-bit and 64-bit are available today; there's work going on to produce a 128-bit, but it's hardware engineers that are looking to customise specific instructions at the chip level.
  • 17:00 The reason this is interesting practically is up until RISC-V becoming a viable open standard, you had to contend with two expensive things; time and money.
  • 17:15 If you wanted to change a design in a chip, or have specific chip level instruction customisation in silicon; there's two time and money dimensions that are significant.
  • 17:30 The time aspect is: to convince ARM or Intel to make a small design change, it could take from a year to several years.
  • 17:40 The cost side of thing starts around 15 million dollars for a basic embedded chip - hundreds of millions for a higher ended chip.
  • 17:55 There's a lot that needs to come together to realise this vision; the fab[rication] ecosystem, the tape-out process (how you get the chips minted); how you get the toolchain and software built.
  • 18:10 What RISC-V does on those two dimensions is reduces the time down by orders of magnitude.
  • 18:15 The manufacturing supply chain is starting to be optimised, you could customise, change a design, or have a new core yourself without needing to go through third-party ARM or Intel, because it is free.
  • 18:35 You don't need to pay someone, to delegate design to expensive third-party engineers, and then wait on their queue and waterfall pipeline of many other generalised projects and cost.
  • 18:55 There's an emerging ecosystem of COSS vendors supporting and commercialising the RISC-V standard, such as SiFive, which is a popular name in the RISC-V ecosystem.
  • 19:15 There's a bunch of companies that help customers customise their designs, and build new designs for chips and benefit from the RISC-V standard.
  • 19:20 The semiconductor chip industry is a $500B market; if RISC-V is successful over time, it could be profoundly disruptive and unlock a lot of innovation and move things faster and productive.

You talked about the COSS platform - what is that about? -

  • 20:00 We are the organisers of the Open Core Summit; it's vendor neutral, and open to anyone interested in commercial open source or open source maintainers.
  • 20:10 We are also the folks behind an investment fund - we invest in early stage COSS companies.
  • 20:15 In addition, we also are launching a new startup school, helping open source creators and developers about the process and approach of starting a company around an open source project.
  • 20:40 It is to help free and open source maintainers learn how to become COSS founders.
  • 20:50 We think this process is attainable enough to simplify the path and build a network of mentors and coaches to transfer knowledge from the super early stage companies to help the next generation.
  • 21:10 They cover how to tackle the license question; how did you acquire your first customers; how did you think about the company strategy; how did the business model work.
  • 21:15 It's a two-times a year, five-month programme; the first collection of companies are joining that are late Q1 2020; we're announcing more later.
  • 21:30 The other thing in this COSS platform is cons media; we do lots of interviews and podcasts that help people demystify a lot of the nuanced topics like open source cultural impact, hiring strategy.
  • 21:55 There's also a lot of relevant topics like how open source is affecting cloud providers, how many services are getting released, research papers, blogs.
  • 22:05 There's a lot of content we provide, but we have user generated content from founders, and also the venture world - there's $10B invested over the last decade.

How would people get involved in areas with a lot of disruption? -

  • 22:40 The most under-explored area that is ripe for innovation and development is the application layer.
  • 22:50 Open-source right now is very clearly ubiquitous at the infrastructure layer - databases, middleware tools, operating system level stuff.
  • 23:10 The application layer is maybe under-explored - the biggest part of the software stack in terms of products, customer interactions, revenue and so on.
  • 23:20 I think someone getting into this world from an engineering perspective or an open-source creator could really benefit from thinking about what are the applications that could be built as an open-source projects.
  • 23:35 There's a bunch of things that are starting to see that have been surprising that you wouldn't think you could build; a type of financial gateway, or a systems of record, or chat messaging.
  • 24:00 The reason I say that is that we have 10s of millions of open-source creators, and we have 4 billion people on the internet.
  • 24:05 If you go back 15-20 years, those numbers were vastly smaller; we only had a few hundred million people on the internet, and maybe a million open source creators or less.
  • 24:25 It's abundantly clear that open-source has won, as Nat Friedman from GitHub pointed out at GitHub Octoverse.
  • 24:40 We have CNBC for mainstream news; they put together a video about the rise of open source, for non-engineer people.
  • 24:55 The model's getting better understood, and for the commercial open-source model, check out COSS media for the blogs and podcasts that we're putting out.
  • 25:10 We have four geographies and regions that we're coming to in 2020; we're coming to Paris in early April, Beijing in June, and New York in September finishing with Tel Aviv in December.

Where can people find you on-line? -

  • 25:45 You can find me on Twitter at, or you can Google Joseph Jacks, so you can find me that way.

More about our podcasts

You can keep up-to-date with the podcasts via our RSS Feed, and they are available via SoundCloud, Apple Podcasts, Spotify, Overcast and the Google Podcast. From this page you also have access to our recorded show notes. They all have clickable links that will take you directly to that part of the audio.

Previous podcasts

Rate this Article