Date post: | 13-Apr-2017 |
Category: |
Technology |
Upload: | rogue-wave-software |
View: | 100 times |
Download: | 0 times |
1© 2016 Rogue Wave Software, Inc. All Rights Reserved.
1
Top open source lessonsfor every enterpriseEpisode 2:
When is free not free: The true costs of open source
2© 2016 Rogue Wave Software, Inc. All Rights Reserved.
2
Richard SherrardDirector of product management
Presenter
Rogue Wave Software
3© 2016 Rogue Wave Software, Inc. All Rights Reserved.
3
Poll #1What percentage of your mission critical software is open source?
A: 0 to 25%B: 26 to 50%C: 51 to 75%
D: 75%
4© 2016 Rogue Wave Software, Inc. All Rights Reserved.
4
Agenda
1. An explosion of open source2. Real cost of open source3. Managing the risk 4. Summary5. Q&A
5© 2016 Rogue Wave Software, Inc. All Rights Reserved.
5
An explosion of open source
6© 2016 Rogue Wave Software, Inc. All Rights Reserved.
6
Open source evolution
OSS in the enterprise
1980’sFreeware/shareware
BBSGPL
Unaware
1990’s“Open
source”Apache, Tomcat,
JBossPHP, Python,
RubyLinux
Early tests
2000’sFUDOSS
company explosionInsurance
playsGit
Android
Keep out!
2010’sPackage explosion
GitHub ascensionFull speed
OSS adoptionDockerSwift
Adoption
2016“OSS first”
policiesCentOS in enterpriseCloud OSSCognitive computing
Ubiquitous
7© 2016 Rogue Wave Software, Inc. All Rights Reserved.
7
Innovation drives open source adoption
Open source components provide critical functionality Improves developer productivity
No license fees
“More eyes” can improve quality & security as long as static and dynamic analysis are also used
Leveraged development effort
Apache, Tomcat, Wildfly, Jakarta Commons, jQuery Communities continuously improve features
Mature, commoditized applications and libraries
Community peer review
8© 2016 Rogue Wave Software, Inc. All Rights Reserved.
8
Poll #2 What do you see as the biggest benefit you
get from using open source?A: Innovation
B: Cost C: No Vendor Lock-in
D: QualityE: Security
F: Other
9© 2016 Rogue Wave Software, Inc. All Rights Reserved.
9
Leverage the benefits of OSS
“Open source is the way of the future. Yes, there will always be software companies that make money from software; however, open source is an excellent way to get a quality product.” – Andrew Carr, enterprise architect,in Stack Overflow
"While CIO’s may be wary of OSS, they realize that using it and contributing to the open source community attracts bright young minds, and may lead to kudos for the organization." - CIO Magazine
Innovation
Quality
Cost
Security
No vendor lock-in
10© 2016 Rogue Wave Software, Inc. All Rights Reserved.
10
Growth of open source
Use of open source continues to grow at an extreme pace
90% of companies use OSS components
in commercial software (Gartner)
>80% of a typical Java application is
open-source components and
frameworks (TechCrunch)
11 million developers
worldwide make 13 billion open source requests each year
11© 2016 Rogue Wave Software, Inc. All Rights Reserved.
11
Open source crossed the chasm
99% of Global 2000 companies are using
open source in mission critical applications
12© 2016 Rogue Wave Software, Inc. All Rights Reserved.
12
Real cost of open source
13© 2016 Rogue Wave Software, Inc. All Rights Reserved.
13
Real cost of open source
Acquisition Implementation Production
Package
choice
Package configuration and set up
Production
downtime
Documentation is sparse or
inaccurate
Unknown license
obligation or conflict
Slow response
from community
Version maintenanc
e
Developer training
14© 2016 Rogue Wave Software, Inc. All Rights Reserved.
14
Acquiring open source
Package selection
Developer skill sets & training
Architecture design
15© 2016 Rogue Wave Software, Inc. All Rights Reserved.
15
Implementing open source
"Unchecked tactical adoption of OSS creates unmanaged risk and unrealized returns, and application development professionals should not tolerate it."
Configuration & setupLicense compliance
DocumentationDevelopment issues
16© 2016 Rogue Wave Software, Inc. All Rights Reserved.
16
Open source in production
"The way to think about it is that support is unbundled (from the software) but widely available."
Production downtimeCommunity responsiveness Version maintenance
17© 2016 Rogue Wave Software, Inc. All Rights Reserved.
17
Poll #3How do you support your open source today in your organization?
A: Every developer supports themselvesB: Reach out to community for help
C: Internal OSS support teamD: Contracts with commercial support vendor
E: Not sure
18© 2016 Rogue Wave Software, Inc. All Rights Reserved.
18
Risk of OSS
19© 2016 Rogue Wave Software, Inc. All Rights Reserved.
19
Risk of open sourceOpen source software is “Free as in free speech, not free as in free lunch”
How do you manage OSS risk?
Poor documentation
Incorrectly advertised features
Major security vulnerabilities
Difficulty attaining internal
knowledge
When OSS misbehaves in your critical infrastructure, the damage could end up costing more than commercial solutions
No commercial support
20© 2016 Rogue Wave Software, Inc. All Rights Reserved.
20
Risk: How open source is different
Navigate complex OSS packages requiring broad and deep expertise
Who do you call when your “mission-critical” open source
application has an issue?
Developers have to negotiate wasted cycles and downtime while
waiting for fixes from the community
No formal training provided on the OSS package
Developers do not have anyone to help with risks and development
pitfalls
You are dependent upon the OSS communities to provide you help
and fixes
21© 2016 Rogue Wave Software, Inc. All Rights Reserved.
21
Managing the risk
22© 2016 Rogue Wave Software, Inc. All Rights Reserved.
22
Managing the risk
OSS Maturity state
PastDidn’t understand
OSS“Don’t worry, it’s
free”Low grade noise on
licensing
Unaware
PresentSecurity is making
headlinesLicensing lawsuits
Reactive Intermittent
attention(Un)known unknowns
Experimentation
Near futureMore diligence in
supporting production
Visibility into OSS use
Open source experience is a hiring attribute
Intentional
23© 2016 Rogue Wave Software, Inc. All Rights Reserved.
23
Do you know what OSS you're
using?
Can you trust what
OSS is in your
code?
Do you monitor for
security flaws in your OSS
on an ongoing basis?
How do you determine what legal,
compliance, or copyright
issues are in your OSS?
Are you possibly at
risk for unknown
security flaws in your OSS?
How do you track your
OSS inventory?
Do you know where & and how OSS is being used throughout
your organization?
Measuring open source risk
24© 2016 Rogue Wave Software, Inc. All Rights Reserved.
24
Example audit reportOpen source Bill of
Material (BOM) License information Compliance
information
25© 2016 Rogue Wave Software, Inc. All Rights Reserved.
25
Time
Diffi
cult
y
Expertise
Integration
Support
Inconsistency
Team cost
Slows response
timeMany tools
Deployment
Traceability
The sources of open source risk
26© 2016 Rogue Wave Software, Inc. All Rights Reserved.
26
Technical risk
Expertise
Support
Team cost
Slows response
time
27© 2016 Rogue Wave Software, Inc. All Rights Reserved.
27
Value of open source supportSupport offerings range across the top open source packages.
Access to enterprise architects ready to support you Avoid downtime and wasted cycles Navigate complex OSS packages requiring broad and deep expertise Mitigate risks and development pitfalls Architecture review & performance tuning Receive formal, instructor-led training across several OSS packages Gain the peace of mind that comes with 24X7 support coverage
28© 2016 Rogue Wave Software, Inc. All Rights Reserved.
28
Poll #4What do you see as the biggest technical risk of open source?
A: SupportB: Slow response from community
C: Expertise D: Inconsistence
D: Other?
29© 2016 Rogue Wave Software, Inc. All Rights Reserved.
29
What now?
30© 2016 Rogue Wave Software, Inc. All Rights Reserved.
30
Supporting OSSFive best practices for supporting OSS: Be proactive Get smart Stay informed Keep watch Maintain vigilance
Action plan: Do an OSS audit so you now exactly where, how, and why OSS is used Identify where support is needed and get the expertise Pay attention to security updates, patches, and latest versions
31© 2016 Rogue Wave Software, Inc. All Rights Reserved.
31
Q & A
32© 2016 Rogue Wave Software, Inc. All Rights Reserved.
32
Watch on demand
• Watch this webinar on demand
• Read the recap blog to see the results of the polls and Q&A session
33© 2016 Rogue Wave Software, Inc. All Rights Reserved.
33
Follow up
Free newsletter: vulnerabilities, industry news, and enterprise support stories
openlogic.com/products-services/openlogic-exchange/openupdate
For OpenLogic support customers:
OSS Radio
Get a free OSS support ticket to experience our expertise
roguewave.com/freeticket
34© 2016 Rogue Wave Software, Inc. All Rights Reserved.
34
Stay tuned
Top open source lessons for every enterpriseJuly 13: Open source applied: Real-world usesExamine actual field issues, from architecture to production, to better select and use the right packages.
July 27: Top issues in the top enterprise packagesDive into specific packages with two architects to discover what goes right and what goes wrong.
35© 2016 Rogue Wave Software, Inc. All Rights Reserved.
35