FREEDOM IS A FEATUREOPEN SOURCE

Gunnar Hellekson, Chief Technology StrategistRed Hat US Public Sector@ghelleks • +1 202 507 9027 • http://onepeople.org/gunnar.hellekson@redhat.com

13 September 2011

HOUSEKEEPING

Ask questions whenever you like.

Get up whenever you like.

Turn off your ringer.

2

HERE WE GO

What is open source, anyway?What this process is, and where you can find it in your everyday life.

Where did it start?A brief history of nerds changing the world.

How does it work?The mechanics of freedom.

How can I use it?Some practical advice.

3

THE OPEN SOURCE WAY

Create.

Share.

Collaborate.

Let everyone else do the same.

4

5

Attribution Text

THE BASICS

HOW DEVELOPMENT WORKSCOMPILERS MAKE SOURCE INTO BINARIES

7

int main() { printf(“Hello world.\n”); exit (0);}

DEVELOPER

SOURCE CODE

$ ./hello-worldHello world.$

BINARY

10101011010101010101010101010101001010101011101010101011110101010111101000100101010101010011001010101101

USER

COMPILER

WE STARTED SHARING CODE...

8

int main() { printf(“Hello world.\n”); exit (0);}

DEVELOPER

COPY #1

USER #1

int main() { printf(“Hello world.\n”); exit (0);} COPY #2

USER #2

int main() { printf(“Hello world.\n”); exit (0);}

BINARY #1

$ ./hello-worldHello world.$

BINARY #2

$ ./hello-worldHello world.$

AND ANYONE COULD IMPROVE IT

9

COPY #1

USER #1

int main() { printf(“What up.\n”); exit (0);} COPY #2

USER #2

int main() { printf(“Bonjour!\n”); exit (0);}

BINARY #1

$ ./hello-worldWhat up.$

BINARY #2

$ ./hello-worldBonjour!$

int main() { printf(“Hello world.\n”); exit (0);}

DEVELOPER

WE STARTED SELLING BINARIES

10

int main() { printf(“Hello world.\n”); exit (0);}

DEVELOPER

DEVELOPER’S BINARY

$ ./hello-worldHello world.$

DEVELOPER’S BINARY

USER #1

$ ./hello-worldHello world.$

USER #2

DEVELOPER’S BINARY

$ ./hello-worldHello world.$

WHICH CENTRALIZED CONTROL

11

int main() { printf(“Hello world.\n”); exit (0);}

DEVELOPER

DEVELOPER’S BINARY

$ ./hello-worldWhat up.$

DEVELOPER’S BINARY

USER #1

$ ./hello-worldWhat up.$

USER #2

DEVELOPER’S BINARY

$ ./hello-worldHello world.$

$

int main() { printf(“What up.\n”); exit (0);}

DEVELOPER’S BINARY

$ ./hello-worldHello world.$

OPEN SOURCE

12

int main() { printf(“Hello world.\n”); exit (0);}

COMMITTER

int main() { printf(“What up.\n”); exit (0);}

DEVELOPER’S CODE

USER #1

int main() { printf(“Wassup.\n”); exit (0);}

BINARY #1

$ ./hello-worldWassup.$

int main() { printf(“Bonjour.\n”); exit (0);}

DEVELOPER’S BINARY

$ ./hello-worldHello world.$

USER #2

OPEN SOURCEEVERYWHERE

Attribution Text

MOBILE PHONES

Attribution Text

STOCK EXCHANGES

Attribution Text

AUTOMOBILES

Attribution Text

WEATHER

Attribution Text

AIRPLANES

A BRIEF HISTORYOF OPEN SOURCE

http://www.flickr.com/photos/knobil/114698681/ Licensed CC-BY 2.0

ANARCHISTS.

http://www.flickr.com/photos/knobil/114698681/ Licensed CC-BY 2.0

COMMUNISTS.

http://www.flickr.com/photos/knobil/114698681/ Licensed CC-BY 2.0

PROBLEM SOLVERS.

Attribution Text

RMS

24

25

26

Attribution Text

GNU’S NOT UNIX

FOUR FREEDOMShttp://fsf.org

Free to use.Anyone can use it, however they like.

Free to copy.Anyone can get a copy for the cost of media.

Free to modify.If I don’t like how it works, I can change it.

Free to distribute.I can share my changes.

28

GNU PUBLIC LICENSEhttp://gnu.org/

Implements the four freedoms.Use, copy, modify, distribute.

Built on copyright.The author provides additional rights for additional responsibilities.

In some cases, problematic.But more on that later.

29

Attribution TextAttribution Text

LINUX IS BORN

From:  torvalds@klaava.Helsinki.FI  (Linus  Benedict  Torvalds)Newsgroups:  comp.os.minixSubject:  What  would  you  like  to  see  most  in  minix?Message-­ID:  <1991Aug25.205708.9541@klaava.Helsinki.FI>Date:  25  Aug  91  20:57:08  GMTOrganization:  University  of  Helsinki

“I'm  doing  a  (free)  operating  system  (just  a  hobby,  won't  be  big  and  professional  like  gnu)  for  386(486)  AT  clones.  This  has  been  brewing  since  april,  and  is  starting  to  get  ready.  I'd  like  any  feedback  on  things  people  like/dislike  in  minix...”

30

http://catb.org/~esr/writings/homesteading/cathedral-bazaar/

ESRhttp://catb.org/esr/writings/cathedral-bazaar/

Attribution Text

NETSCAPE

Attribution Text

FIREFOX

OPEN SOURCE GROWTHAS MILLION LINES OF CODE ADDED

34

HOW IT WORKS

Attribution Text

TEST CODESUBMIT REQUESTSPROVIDE FEEDBACK

USERS

CREATE PATCHESWRITE DOCUMENTATION

CONTRIBUTORS

REVIEW + COMMIT

COMMITTERS

THE COMMUNITY

THE TOOLS

37

CODEREPOSITORY

MAILINGLIST

One for developers.

One for users.

One for casual watchers.

The heart of the project.

A complete history of all changes.

Anyone can read, only committers can write.

The to-do list.

Where users and developers interact.

Where you’ll learn why a change was made.

ISSUETRACKER

THE WORKFLOW

38

BUG

ISSUETRACKER

USERMAILING

LIST

USERSCONTRIBUTORS COMMITTERSPATCH

DEVELOPERMAILING

LIST

CODEREPOSITORY

SOURCE CODE

BUILDSYSTEM

(OPTIONAL)

RELEASE

THE LEADERS

39

PROJECT LEAD

THE LEADERS

40

PROJECT LEAD

LIEUTENANT LIEUTENANTLIEUTENANT

CONTRIBUTOR CONTRIBUTOR CONTRIBUTOR

RELEASE PROCESS

41

DEVELOPERMAILING

LIST

SOURCE CODE

BUG

ISSUETRACKER

USERMAILING

LIST

USERSCONTRIBUTORS COMMITTERSPATCH

CODEREPOSITORY

BUILDSYSTEM

(OPTIONAL)

RELEASE

RELEASE PROCESS

42

MAIN TRUNK(“HEAD”)

BRANCH (“1.0”)

PATCH #1 PATCH #2 PATCH #3

PATCH #6

BRANCH (“1.1”)

PATCH #7 PATCH #8

FASTERRISKIER

SLOWERSAFER

http://www.flickr.com/photos/redhatmagazine/498107346/sizes/o/ Image licensed CC-BY-NC 2.0.

"Have a problem. Get a bunch of people interested in the problem. When they show up, have something useful for them to do."

Greg DeKoenigsberg

A COMMUNITY OF PRACTICE.

Design for evolution.

Open a dialogue between inside and outside perspectives.

Invite different levels of participation.

Develop both public and private community spaces.

Focus on value.

Combine familiarity and excitement.

Create a rhythm for the community.

Etienne Wenger, Richard McDermott, and William M. SnyderCultivating Communities of Practice, 1st ed. (Harvard Business Press, 2002)

44

http://www.flickr.com/photos/adunne/3975637368/ Licensed CC-BY-NC-ND 2.0

http://www.flickr.com/photos/adunne/3975637368/ Licensed CC-BY-NC-ND 2.0

“Democracy is the enemy of useful work.”

Clay Johnson

http://www.flickr.com/photos/don_brubeck/3954973900/ Licensed CC-BY-NC-ND 2.0.

A WEAPON AGAINST TYRANTS

THE FORK

48

THE FORK

49

BUG

ISSUETRACKER

USERMAILING

LIST

USERSCONTRIBUTORS COMMITTERSPATCH

DEVELOPERMAILING

LIST

CODEREPOSITORY

SOURCE CODE

BUILDSYSTEM

(OPTIONAL)

RELEASE

THE FORK

50

BUG

ISSUETRACKER

CONTRIBUTORS COMMITTERSPATCH

DEVELOPERMAILING

LIST

CODEREPOSITORY

SOURCE CODE

BUILDSYSTEM

(OPTIONAL)FORKED CODEREPOSITORY

REBELCOMMITTERS

NEW DEVELOPER

MAILINGLIST

RELEASE PROCESS

51

MAIN TRUNK(“HEAD”)

BRANCH (“1.0”)

NEW TRUNK

X

FORKING IS GREAT AND AWFUL

A “nuclear option” for consensus failure.Everyone loses in a fork, so when it happens, it is usually the only alternative.

Keeps despots honest.By threatening the loss of their user and contributor community, project leaders become very accommodating.

Proof that you have freedom.If you can fork the code, your fate is in your hands. For better or worse.

52

53

HOW TO AVOID FORKS

Working groups make decisions through a "rough consensus" process. IETF consensus does not require that all participants agree although this is, of course, preferred. In general, the dominant view of the working group shall prevail. (However, it must be noted that "dominance" is not to be determined on the basis of volume or persistence, but rather a more general sense of agreement). Consensus can be determined by a show of hands, humming, or any other means on which the WG agrees (by rough consensus, of course). Note that 51% of the working group does not qualify as "rough consensus" and 99% is better than rough. It is up to the Chair to determine if rough consensus has been reached.

IETF Working Group Guidelines and Procedureshttp://tools.ietf.org/html/rfc2418

GREAT FORKS IN HISTORY

ApacheMost popular web server on the planet was “a patch-y” fork of the NCSA web server.

AndroidThe popular mobile operating system forked Linux over irreconcilable design goals.

WebKitThe KDE project’s web browser engine was forked by Apple for its Safari web browser. KDE is considering “un-forking” the projects.

X.orgThe ubiquitous windowing system for UNIX and Linux forked the XFree86 project over a licensing dispute.

54

Attribution Text

FOGELhttp://producingoss.com/

Attribution Text

LICENSING

LICENSING IS CRUCIAL

Licensing creates the community.It tells us how contributions are handled.

Licensing determines the business model.If you compel source redistribution, how do you build a business?

Licensing should be easy.If it’s too complicated, you lose contributors.

57

OPEN SOURCE INSTITUTEhttp://opensource.org/

Free redistribution.Anyone can make a copy.

Include the source code.If you have the binary, you should have the code.

Allows derived works.Let people change what they’re given.

Non-discriminatory.You can’t restrict who can use it.

Must not restrict other software.You can’t restrict what can use it.

Technology-neutral.The “how” shouldn’t change anything.

58

THREE LICENSING CAMPS

PERMISSIVE

BSDMIT

ApacheBeerware

Public Domain

WEAKCOPYLEFT

MozillaEclipseLGPL

STRONGCOPYLEFT

GPLAGPLEUPL

59

I will not write my own software license.I will not write my own software license.I will not write my own software license.I will not write my own software license.I will not write my own software license.I will not write my o

60

Attribution Texthttp://www.blackducksoftware.com/oss/licenses

Attribution Text

WHAT ALL THIS GETS YOU

MORE, SMALLER STEPS

EFFECTIVENESS

100%

50-80%

<= 0%

http://david.upton.com/opensource

64

MODULAR BY DESIGNSMALL PIECES, LOOSLEY COUPLED.

"a change to one element in Mozilla is likely to impact three times as many other elements as a similar change in Linux. We conclude that the first version of Mozilla was much less modular than a comparable version of Linux."

MacCormack, Rusnak, and Baldwin. “Exploring the Structure of Complex Software Designs: An Empirical Study of Open Source and Proprietary Code” http://opensource.mit.edu/papers/

maccormackrusnakbaldwin2.pdf

“Mozilla, after its release as open source, was rapidly and successfully redesigned to become much more modular - at least as modular as Linux, in fact.... the differences in code appear to result from differences in organization.”

Nick Carr, http://www.roughtype.com/archives/2006/01/open_sources_du.php

"Springfield Model 1861"http://en.wikipedia.org/wiki/Springfield_Model_1861 65

MODULARITY DRIVES INNOVATION

“The Springfield Rifle cost $20 each at the Springfield Armory where they were officially made. Overwhelmed by the demand, the armory opened its weapons patterns up to twenty private contractors. The most notable producer of contract Model 1861 Springfields was Colt, who made several minor design changes in their version, the "Colt Special" rifled musket. These changes included redesigned barrel bands, a new hammer, and a redesigned bolster. Several of these changes were eventually adopted by the Ordnance Department and incorporated into the model 1863 rifled musket."

Effective Use of ResourcesOpen Source permits innovation all the way down.

66

A FARM TEAMUSING THE LONG TAIL OF DEVELOPERS

More IdeasGood ideas comes from lots of good ideas.

67

LONG TAILS MEAN INNOVATIONMORE PARTICIPANTS, MORE GOOD IDEAS

68

HIGHER QUALITYMORE CODE, FEWER BUGS

Coverity has tracked the code quality of open source software since 2004. Proprietary software, on average, has 20,000 to 30,000 defects per million lines of code. This has been true since 1960.

2004 Linux has 985 defects in 5.7 MLOC, or 99.3% lower than a proprietary system.

2005 Linux grew 4.7%, but defect density went down 2.3%.

2006 Funded by DHS, Coverity adds the LAMP stack and 32 OSS projects, and defect density stayed the same.

2008 Now covers 250 projects, with 434 defects per MLOC. Worst performer has 1237 defects per MLOC.

2009 Now covers 280 projects, with defect density down 16%.

Attribution Text

MAKING MONEY

Attribution TextAttribution Text70

INNOVATIONIT’S MORE THAN PRODUCTS

SERVICES

PRODUCTS

HOBBIES

AMATEURS

71

Attribution Text

NOW WHAT?

OPEN SOURCE STRATEGY

Create a use policy.Open source software is commercial software.

Create a release policy.When can employees and contractors contribute? When should they?

Track your software and license use.But you’re already doing that, right?

73

OPEN SOURCE STRATEGYCREATE A USE POLICY: BASICS

StrategyWhy are we bothering with a policy?

BackgroundWhat’s the state of the organization now?

ProcessWho does the policy govern, who’s keeping track, and how decisions get made.

74

Create a level playing field.OSS is commercial software. Licenses are licenses.

Manage licensing questions.Just like proprietary software, pay attention to the license. Which licenses will you accept, and under what circumstances?

Define the support requirements.When is support required? At what level?Help projects decide what SLAs they need, and how those SLAs can be fulfilled.

75

OPEN SOURCE STRATEGYCREATE A USE POLICY: PROCUREMENT

Define the sources.Can you download code, or do you require media? Where will the code be stored?

Define the code evaluation process.How will you determine the code’s fitness? The quality of the community? Suitability of the license?

Accommodate different use cases.Research and development is different than production. Encourage experimentation.

76

OPEN SOURCE STRATEGYCREATE A USE POLICY: SOURCING

Define the process.When will you contribute? Who approves contributions?

Define the norms.Should changes be encouraged at all? When developers work with the outside, do they use their official email addresses?

Expect new projects.Ensure a clear, obvious, and simple process for approving the release of brand-new projects.

77

OPEN SOURCE STRATEGYCREATE A RELEASE POLICY

Define the metrics.How will you measure progress? What will indicate progress in different use cases?

Define the tools.Where will downloaded code live? Where will you track license use? How can your staff discover what work their colleagues have already done?

Define the reporting.How frequently will you report on your OSS use? What do you want people to know?

78

OPEN SOURCE STRATEGYTRACK SOFTWARE AND LICENSE USE

Stormy’s Policy Guidehttp://olex.openlogic.com/wazi/2009/create-open-source-policy/

A great walkthrough of policy creation.

FOSSBazaarhttp://fossbazaar.org/http://fossology.org/A project to simplify open source policies.

Open Source for Americahttp://opensourceforamerica.org/resourceshttp://opensourceforamerica.org/helpdesk References and a helpdesk for policy writers.

79

OPEN SOURCE STRATEGYRESOURCES

GOVERNMENT OSS ORGANIZATIONS

Open Source for Americahttp://opensourceforamerica.org/Helps government and industry use and make open source together.

CivicCommonshttp://civiccommons.org/Building an open source government stack.

Mil-OSShttp://mil-oss.org/DoD and intelligence open source advocates.

80

YOU ARE HERE

81

THANK YOU.

Gunnar Hellekson, Chief Technology StrategistRed Hat US Public Sector@ghelleks • +1 202 507 9027 • http://onepeople.org/gunnar.hellekson@redhat.com