Red Hat: Enterprises embraced open source during the pandemic

The pandemic may have left an indelible mark on cloud infrastructure and enterprise open source software, according to a new report commissioned by Red Hat, the purveyor of enterprise open source software products IBM picked up for $34 billion in 2018.

The third annual “State of Enterprise Open Source” report found that nearly 70% of IT leaders believe COVID-19 has accelerated investment in public cloud infrastructure. Moreover, 90% reported that they now use enterprise open source in their organizations, compared to 83% and 89%, respectively, in the previous two reports.

“Much of the data shows continuing trend lines of enterprise open source gaining adoption and strategic use,” Red Hat technology evangelist Gordon Haff told VentureBeat.

When it comes to how they’re using enterprise open source, 64% reported using it for IT infrastructure modernization (rather than infrastructure “plumbing”), while 54% and 53% reported using it for application development and “digital transformation,” respectively. “Digital transformation describes the efforts of organizations to use innovative technologies to create — or survive — disruptive changes in business models, products, or services,” Haff said. “It often involves the extensive use of data, but it also has a significant people and process component.”

The research, which was conducted by Illuminas, solicited the opinions of 1,250 IT leaders (who weren’t necessarily Red Hat customers and apparently were unaware that Red Hat was the survey’s sponsor) globally last year. The respondents were all key purchase decision-makers in organizations, spanning “app development, app infrastructure, cloud, storage, middleware, server OS, or virtualization,” and the organizations they represent have at least 1% Linux installed.

Business as usual

Cloud computing infrastructure was one of the big winners last year, with each passing quarter showing sharp inclines due to the rapid transition to remote work, not to mention the continued growth of services such as online gaming and streaming as the world hunkered down during the pandemic. Cloud infrastructure spending grew a whopping 32% to $39 billion in Q4 2020 alone.

It’s perhaps less easy to draw direct correlations between the pandemic and its impact on enterprise open source software uptake, but some indications suggest a connection.

“Enterprise open source use continues to increase,” Haff said. “Certainly, it was already very high, and [I] can’t really say based on the data whether there’s a direct correlation with COVID-19 or not.”

But other reports indicate there was a broader embrace of open source products in general last year. GitHub data suggested people collaborated more, particularly on open source projects, with many seeing sizable activity spikes.

Moreover, the open source community already operated in a “distributed manner,” putting it in a strong position as the rest of the world transitioned to remote work. Apache Software Foundation (ASF) president David Nalley noted in October: “The asynchronous, distributed communications and decision-making of open source development has made us resilient to the types of stress the pandemic has applied to other organizations.”

In other words, it was business as usual for the open source world, which more or less served as the model entire industries were required to adjust to. “It’s in moments like this where open source truly shows its power,” Red Hat president and CEO Paul Cormier wrote in the report. “Collaboration, transparency, and the idea that the best idea can come from anywhere are the principles that help organizations not just meet challenges but reach new heights.”

There was additional evidence that businesses built on open source software did well during the pandemic. Cockroach Labs, the company behind open source, cloud-native distributed SQL database CockroachDB, raised $86 million in May, followed by another $160 million eight months later at a $2 billion valuation. And Starburst Data, which targets enterprises with a commercial version of Presto-based open source SQL query engine Trino, raised $42 million last June, followed by another $100 million at a $1.2 billion valuation.

Starburst Data CEO Justin Borgman said open source software offers businesses a number of benefits over proprietary software, whether they run it themselves or go with a commercial incarnation. “These are risky times,” Borgman told VentureBeat. “Simply put, [open source is] a lower-risk investment. Worst case, they can run open source themselves — there’s no real lock-in. Proprietary investments are high risk because they involve long contracts and your data is locked in.”

Digging further into the Red Hat report, 66% of respondents believed that Kubernetes was “very” or “extremely” important to cloud-native application strategies, but there were variances by industry. For example, in telecommunications, 81% said they expected to increase their container usage in the next 12 months, with 94% noting that Kubernetes is important to their cloud-native app strategies. The finance and retail industries, on the other hand, reported plans to increase their container usage by 72%, with 85% saying Kubernetes was important to their cloud-native app strategies.

Both finance and telecommunications topped the industries in terms of in-production container adoption, followed by retail and health care. “We can observe that industries like financial services and telecommunications, which have continued to invest aggressively in infrastructure over the past year, are further along with container deployments than retail and health care, which have struggled more in general,” Haff said.

Above: Container adoption by industry

The security factor

Most modern software relies on open source software to some degree, as it saves companies the time and money of having to develop and maintain everything themselves. A recent study commissioned by IBM, “The Value of Open Source in the Cloud Era,” noted that “nearly all” of the 3,440 respondents used open source software in some aspect of their operations, with 70% preferring cloud providers based on open source technologies and 94% rating open source software as “equal to or better than” proprietary software.

However, open source software has often hit the spotlight for its security shortfalls. Equifax, for example, seemingly blamed its mega security breach four years ago on the open source server framework Apache Struts. And open source is still trying to shake off this reputation. In its “State of Software Security: Open Source Edition” report last year, cloud app security company Veracode noted that “open source libraries are ubiquitous and risky,” adding that 70% of applications have a security flaw in an open source library on first scan. And in Sonatype’s “2020 State of the Software Supply Chain” report, the company reported a 430% surge in cyberattacks aimed specifically at “infiltrating open source software supply chains.”

But commercial open source software differs from community-supported versions, given that the former typically comes with support and service-level guarantees from the company behind it. Indeed, Red Hat defines “enterprise open source” as something more than simply an open source-based product that is sold. Red Hat describes it as something that offers “a hardened product for the enterprise, including added security, [and] vendor support 24/7,” Haff noted.

With that in mind, Red Hat’s report found that 87% of respondents see “enterprise open source” as equally or more secure than proprietary software, due in large part to its vetting processes and commercial testing.

Contributions

A common concern from the open source community is that commercial companies that benefit from the software often don’t contribute anything back to the code. That was a core complaint from Elastic, the company behind the Java-based open source engine Elasticsearch. Elastic recently confirmed it was changing its licensing arrangements to restrict cloud service providers (such as Amazon’s AWS) from offering Elasticsearch as a service without contributing back to the project. This led AWS to create a new Elasticsearch fork.

The situation also highlighted some of the growing tensions in the open source world. Red Hat this year added a new question to its annual survey, asking what impact an organization’s active contributions to the open source community have on the decision to use a specific software vendor. According to the data, 38% are “much more likely” to select a vendor that contributes, while 45% are “somewhat more likely.”

“We were surprised that a significant majority did care,” Haff said. “To us, this says that IT decision-makers are gaining a greater understanding of how the open source development model works and can directly benefit them.”

By VentureBeat Source Link