My Take On Hashicorp's adoption of BSL 📑
Photo by Jornada Produtora on Unsplash
I pledged my support to opentf foundation, and here are the details about why I did. I have tried to be as clear as possible from the information I have read.
Context
Hashicorp’s Terraform has been a leading open source IaC tool for almost a decade now. Terraform has helped startups and organizations to streamline their cloud infrastructure operations - saving them a fortune in the digital transformation journeys.
Given their open source commitment, and the success described above, an entire ecosystem of partners, vendors, and community was born providing additional features with freemium pricing model. As far as the pricing model comparison between Hashicorp and most of the other vendors is concerned, they are similar.
What happened?
Hashicorp recently adopted Business Source License v1.1 (BSL or BUSL) which was previously based on Mozilla Public License v2.0 (MPL v2.0). In summary, now they do support open source and community efforts in terms of “copy, modify, and redistribute the code for all non-commercial and commercial use, except where providing a competitive offering to HashiCorp“.
This restriction is specifically targeted towards vendors who are using Hashicorp’s products to build their commercial offerings which provide additional features and benefits in varied flavours.
The main concern expressed by Hashicorp is that the offerings provided by these vendors are either fundamentally or substantially based on Hashicorp’s core products, while not contributing enough to their open source commitment.
How does this affect?
As an individual developer, it does not affect you and me. It also does not affect if your organisation’s commercial offerings are completely different than those of Hashicorp’s. I.e. you can still use Hashicorp’s products in production (if I understand the words correctly).
But if you are a vendor (or work for a vendor) who creates a platform to offer competing features which are similar to what Hashicorp’s platform has to offer, then that is not allowed after a specific Terraform version - v1.5.5.
Overall, I think this is a bit vague. Besides, the cause I am rooting for is greater than this.
Opinion
I truly appreciate and admire what Hashicorp has achieved and contributed in the space of cloud operations. They are indeed an authority in the space of IaC. I am sure this feeling of gratitude is shared by that specific set of vendors too.
It is not that I never had this question about the obvious concern they have expressed. I have always admired Hashicorp to play a fatherly figure in this way. This also makes me understand where they are coming from with regards to this issue - for all the right reasons.
When someone has authority, there is nothing right or wrong as far as the actions performed by them within their area of influence are concerned.
I understand Hashicorp’s decision and the fact that open source projects do undergo this license evolution phase. But at the same time, this always leaves an impact in upcoming days - especially at this stage. Apart from the specific set of vendors and partners, this also sends ripples of uncertainty across the community and customers - even if each of them fully understand what BSL means.
It is not about what the current or previous license means - it is more about the conscious action taken in the light of this situation, which somewhere impacts the confidence of community. That goes on to say that the customers - not the targeted vendors and partners - may now consider other options with lesser licensing complexities - which is also another headache.
To look at it retrospectively with an absurd angle - and I apologise beforehand for this - I question myself - was this all part of the plan by Hashicorp? Why did they wait 10 years for this to happen? In hindsight, Hashicorp could have leveraged this authority to contribute to the healthy competition - with an upper hand - to their vendors. Its not that all the infrastructure pain points are addressed.
I do understand that the pioneers like Hashicorp have a better view about this situation, more so who else would know their business better than themselves. Hashicorp deserves full credit to what they have built, and they are very well aware of what impact this decision would cause. But perhaps, they had tough choices to make from business survival perspective.
The contradiction I am unable to figure out for Hashicorp is - did they really understand the meaning of OSS back then? It is easy to talk about charity, and hard to do so. If business was the corner-stone of their operations, then they should have not touted the “free and open source” slogan in the first place. At least an intimation or a hint would have worked too. As I said before, I understand this decision of theirs, but if that is the case then it all sounds like a misuse of OSS model and community. Almost like gaining popularity and hard-but-free great contributions from thousands in the community, and then licensing it.
I want to but I am not in a position to imagine what would happen if all the OSS decides to adopt BSL/close-source hence forth.
It can happen that I did not understand the license fully, but I am skeptical for 2 reasons:
I am not a legal expert, I am just a developer who loves Terraform. I am really not sure about when to use and when not to use it for production.
I am not sure if and when will they change their minds again.
I signed the opentf pledge to highlight the impact of this decision on their own ecosystem, more importantly I believe they can do better.
Rest is described in the OpenTF Manifesto.
Sumeet N.