Clearing up FUD surrounding Red Hat's actions

As someone who champions truth, yet knows truth is bent to espouse many ideas, I realize clever phrasing often turns irrational lies into strong beliefs—especially when passion takes over.

And we in the open source community are a passionate bunch.

Red Hat on mountain, generated by Bing AI images

But to clear the air a little bit—especially as I have seen some zingers going both directions (from Red Hat employees to the community, and vice-versa):

  • Red Hat is not going closed source: But they are closing off public access to RHEL's complete source code, and using a restrictive EULA Subscription Agreement to try to stop customers from sharing the source code. It's within their rights, and many agree what they did is not in the spirit of the GPL license Linux uses, but it is allowed.
  • CentOS Stream does not contain the complete CCS of RHEL: Some have claimed CentOS Stream contains everything you need to rebuild Red Hat Enterprise Linux, but this claim is not entirely true. The code—at least outside of short periods where features and CVEs are being worked downstream in RHEL then backported to Stream—is there (though this can only be independently audited if you agree to the EULA Subscription Agreement). But the Complete Corresponding Source is not. (The GPL License requires CCS be distributed to anyone who receives the binaries).
  • Red Hat did not refuse to merge the first Alma Linux contribution: This merge request may hold the record for the most activity (and emoji) for any ever added to CentOS Stream, but after a lot of community outcry, Red Hatters promised they would work towards better communications, including guidelines for CentOS Stream contributors. The author of the MR, an infrastructure lead for AlmaLinux, wrote this retrospective—it's well worth a read.

    I'm monitoring this issue to follow their progress (these guidelines are not something the community can really contribute to, as they are directed by Red Hat internally, since CentOS Stream's main branch follows RHEL's internal development practices and priorities).

    After the CVE was rated by the internal Red Hat Product Security team as 'Important', the MR was merged.

  • IBM did not force Red Hat to paywall the RHEL sources: From numerous conversations with folks inside and outside the RHEL business unit, it is my belief IBM did not, in fact, have a role in this decision.
  • Red Hat did change the terms of their source code agreement: Some Red Hat employees argue Red Hat's restrictive Subscription Agreement never changed, and this is true. However, because public sources were available (which the community used to build CentOS' successors), and there was no Subscription Agreement required to download. By removing those sources, the terms were changed. Before you did not need to agree to a Subscription Agreement to download the sources. Now you do.
  • We do not know if it was CIQ, Oracle, or some other 'rebuilder' that sparked this change: It has been alluded to in this comment by Mike McGrath and signs point towards CIQ judging by how this post on LinkedIn—from very shortly after the news broke—ripped into both CIQ and Greg Kurtzner (seemingly out of nowhere; this was prior to Red Hat's second blog post on the matter).
  • It is still hard to determine what determines value in the Red Hat ecosystem: And this is the crux of my continued interest in monitoring the fallout.

I am a downstream user of Ansible; Ansible is part of the Red Hat Ansible Automation Platform, a subscription product that features Ansible at its heart.

The downstream Ansible Community Distribution I use—and have written a bestselling book about—is completely free, and there are numerous massive corporations using Ansible freely downstream of the Ansible Automation Platform's core components.

From my conversations with folks in the Ansible business unit (an engineer and community team lead), it doesn't sound like I have much to worry about. For now.

The difficulty is the precedent.

Mike McGrath said in his blog post:

Simply rebuilding code, without adding value or changing it in any way, represents a real threat to open source companies everywhere.

Applied to the Ansible Community Distribution, which I rely on, it is simply a rebuild of the core ansible product, plus a large number of community collections—of which many are rebuilds of the official 'supported' collections maintained in the Red Hat Ansible Automation Platform by Red Hat employees.

I profit off Ansible as a downstream user, and I have never funneled a penny of that profit back to Red Hat. There are many consultants and IT firms who do the same.

When profits are squeezed at some point in the future, could Ansible's downstream community be squeezed in an attempt to get more subscriptions to the RHAAP?

I don't think so.

But I also didn't think Red Hat was capable of further harming their relationship with their downstream 'free RHEL' users, from HPC to education, and homelabbers to indie web hosts. I thought we had an uneasy peace with CentOS Stream upstream, plus rebuilders like Rocky and AlmaLinux downstream.

I hope the Enterprise Linux ecosystem comes to another uneasy peace, but right now it feels a little shaky with Rocky Linux sneaking sources, Alma Linux rebuilding off Stream, Suse forking RHEL, Springdale getting lost in the noise, and Oracle, well... doing what they do.

As for me, I'm running Debian on all my servers now, and have donated to Debian's SPI. Support the open source communities and developers you rely on!


Fully agree on Debian, the EL ecosystem is looking more and more like a dead end. Here's just a random selection of recent developments:

I also agree that Ansible will most likely be fine. For one thing, it's compact and self-contained enough for a small group of community maintainers to fork and support if that becomes necessary (in many ways that has already happened with most modules anyway after RH decided they didn't want to maintain them anymore). AWX is, IMHO, garbage and the community already has better solutions so I don't care if that disappears.

Why would EPEL be under any obligation to support ELS? They've never supported ELS. If EPEL was a service provided by Red Hat, then it would make sense. But since that is not the case, supporting ELS in EPEL is a no-go and I agree with their decision.

You are providing value back upstream in the form of Ansible content. The Ansible community has much healthier relationship with redhat than the rebuilders since a lot of Ansible users publish content that make AAP better. There didn't seem be as much of that in the reulbuilder community because there was a good path to do so till stream and that path is still pretty rough

Sure, but what about the various shops that don't? There were plenty of Alma/Rocky users who did (and do) contribute to Fedora, the Linux kernel, EPEL, etc.

What is the ratio of "freeloader:contributor" where Red Hat considers the community to start providing negative net value to Red Hat?

Ansible does seem in better shape, for sure. But what if users like me stop contributing? Does that change the equation?

Typical of yours

When you have to trash talk someone or something, you make a vid.

When you want to "fix your opinion" you just make a blogpost.

I'm not fixing my opinion—I'm clearing up some of the FUD I've seen thrown around on Reddit, Twitter, and elsewhere.

If you re-watch my video, you'll notice I did not spread any of the FUD identified in this blog post in that video. With the exception of the one statement where I implied IBM may have had some say in the matter, I can't see anything in the video's transcript that requires revision.

I've updated the section regarding the changing of the terms for source downloads—@msw on Twitter pointed out some technical inaccuracies in my description of the terms, so I've changed the wording to hopefully be a bit more accurate.

There are some people arguing semantics surrounding my hypothetical Ansible scenario, but I want to be clear:

I do not think this scenario will happen under any of the current Ansible BU leadership or community team.

But after Red Hat's actions surrounding RHEL, I think it's impossible to believe Red Hat would never move to push people into RHAAP subscriptions using what I'd call community-neglecting tactics, if Ansible's revenue were faltering, and downstream users did things similar to what Alma/Rocky's supporting partners were doing.

Considering the announcement came days after the Rocky Linux Nasa contract - seems really cause and effect doesn't it? I don't think it could be compared to elasticsearch since AWS was actually branding their service as in partnership with elastic and using the elasticsearch name. This is just rocky linux providing a support contract for their rebuild.

Just so you are aware - your name and roles are still in the official documentation for Ansible-Galaxy

Where this will all end up.....

1. The various free clone distros (Rocky/Alma/etc.) will stop trying to reach absolute binary compatibility with RHEL. Many have done so. Close will have to be good enough for the free users.

2. More distros will have commercial support options. The question is whether 'those' will go down the same path RH went down as the same everything-should-be-free arguments continue just in a different location. If company-XYZ pays Rocky (for example) for support, will their competitor company-ABC just lie in wait and be 'slightly' behind them awaiting some Rocky-like fork to recompile from Rocky sources and get the same thing for free ?

3. Pressure will hopefully increase on third party layered software vendors who previously required RHEL as a base os to support more than just RHEL as the os under the hood. App prices will go up as those vendors need to recover their increased costs that happen due to needing to support more os variants.

4. Nobody knows what will happen with Oracle and Amazon moving forward. History proves they'll both find a way to get their revenue somehow. That's what they do.

What I personally learned from this story is the confirmation of a simple thought: do not rely on software that is "owned" by an individual or an enterprise. An individual can or a small company can be sold to a large corporation, and a corporation can change the "rules of the game" at any time.

I used to try to stick to the software that nonprofit stands for as a basis for my activities, now I will follow this more closely. In particular, I plan to remove Fedora from my computer and the computers of my loved ones as soon as possible, although in some places it will not be easy to do. In favor of Debian GNU/Linux, of course.

Another +1 for Alma: they updated linux-firmware for zenbleed 3 days ago. CentOS stream finally updated now, $DEITY knows when this will trickle down to RHEL and bug-compatible rebuilds.