red hat

IBM is buying HashiCorp for $6.4 billion.

That's four months after HashiCorp rugpulled their entire development community and ditched open source for the 'Business Source License.'

As someone on Hacker News pointed out so eloquently:

IBM is like a juicer that takes all the delicious flavor out of a fruit

skywhopper replied:

"HashiCorp already did a great job pre-draining all their flavor."

Some people wonder if HashiCorp's decision to drop open source was because they wanted to juice the books for a higher price. I mean, six billion dollars? And they're not even a pointless AI company!

We're at the stage in the Red Hat drama where everyone is consulting history, trying to figure out what parts are being repeated in 2023 after Red Hat effectively locked down the sources used to build RHEL clones.

One talk linked quite often was Fork Yeah! The Rise and Development of illumos, by Bryan Cantrill over a decade ago. Bryan was a software engineer at Sun, who went over to Oracle after the buyout, then left to join Joyent, and now resides as CTO of Oxide.

The talk focuses on Sun Microsystem's handling of Solaris and OpenSolaris, both before and after their Oracle acquisition, and the whole talk is worth a listen—so much context about the history of ZFS, Solaris, Illumos, dtrace, and even UNIX and Linux history are contained within.

But there was one section (around the 32:00 mark) where if you substitute "Red Hat" for "Sun," rhymes with this year's "open source company" drama:

I went back and looked at some of the mail trails about this and like, "oh, my God!"

As someone who champions truth, yet knows truth is bent to espouse many ideas, I realize clever phrasing often turns irrational lies into strong beliefs—especially when passion takes over.

And we in the open source community are a passionate bunch.

But to clear the air a little bit—especially as I have seen some zingers going both directions (from Red Hat employees to the community, and vice-versa):

...about Red Hat's EULA and its enforceability according to the license terms of the GPLv2. (Specifically in reference to my blog post last Wednesday).

And for that, I apologize.

Basically, the GPLv2 says there can be "no restrictions" placed on any use of the source code provided to any user of the software with its license.

Red Hat's EULA says that Red Hat reserves the right to terminate your business relationship (the Red Hat Subscription) if you redistribute the source code.

This doesn't restrict your right to share the source code that has been previously provided, since you are still free to do so.

It doesn't make sense logically, and certainly not ethically (I don't think anyone could argue this is in the spirit of the GPLv2 license), but legally, logic and ethics sometimes take a back seat to interpretation.

Update: I still think a court case could go either way given enough money and good lawyers, but apparently IBM's lawyers don't, otherwise they wouldn't have written the EULA.

(See update at the bottom of this post)

One of the interesting outcomes of the Red Hat situation:

Distribution of GPLv2-licensed code requires no restrictions be placed on downstream users rights to use and redistribute the code (whether they obtained it freely or paid for access):

Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients exercise of the rights granted herein.

Does threatening retaliation (account suspension) for sharing code count as a 'restriction' on exercising a user's rights?

So far I've heard from three corporate open source licensing experts the answer is no.

According to them, the EULA only deals with an account-holder's ability to acquire services from Red Hat (a contract).

Two years ago, Red Hat killed CentOS, a widely-used free version of their Enterprise Linux distribution.

The community of CentOS users—myself included—were labeled as 'freeloaders', using the work of the almighty Red Hat corporation, without contributing anything back. Don't mind all the open source developers, Linux kernel contributors, and software devs who used CentOS for testing and building their software. Also ignore the fact that Red Hat builds their product on top of Linux, which they didn't build and don't own.

For all of my open source projects, effective immediately, I am no longer going to maintain 'official' support for Red Hat Enterprise Linux.

I will still support users of CentOS Stream, Rocky Linux, and Alma Linux, as I am able to test against those targets.

Support will be 'best effort', and if you mention you are using my work on Red Hat Enterprise Linux, I will close your bug/feature/support request as 'not reproducible', since doing so would require I jump through artificial barriers Red Hat has erected to prevent the use of their Linux distribution by the wider community.

For more of my reasoning, see my previous blog post: Dear Red Hat: Are you dumb?.

This decision will not change until and unless I see evidence Red Hat cares about giving free and open access to the sources required to build and test against their Linux distribution.

Process

The timeline for this transition to not supporting RHEL is as follows:

I've had a busy week, so I didn't have time until today to read this news about Red Hat locking down RHEL sources behind a Red Hat subscription.

I repeat the title: Red Hat, are you dumb?

When Red Hat decided to turn the community CentOS distribution into a leading-edge distro instead of basically "Red Hat Enterprise Linux, but free", users like me were justifiably angered.

I don't contribute to CentOS or Red Hat development much, if at all. But I have, for over a decade, provided software and tools that were compatible with RHEL, Debian, Ubuntu, Fedora, Arch, and sometimes other more exotic distros.

I could test my stuff against CentOS Stream... or UBI... or Fedora. Those are mostly like RHEL. Or I could try linking a Red Hat Developer subscription to my test runners and build tools so I could use a licensed copy of Red Hat Enterprise Linux, because that would be required for... actually ensuring compatibility.

But that's dumb.

I've worked in open source my entire career¹. To say that I'm worried about the impact recent events have on the open source ecosystem would be an understatement.

In the past couple months:

• Red Hat effectively killed CentOS
• Elastic effectively killed Elasticsearch

People may rightfully refute these statements, but the statements are more complicated than you might think. Killing a project doesn't mean the project will vanish overnight, but what has happened so far is two very large companies in the 'enterprise open source' space have shown the chinks in the armor of the monetization of open source software.

For many years, everyone in the industry pointed at Red Hat as the shining example of 'how to build a company around open source'.

And for the past decade, the open source Elasticsearch, Logstash, and Kibana logging ecosystem was on a tear, becoming a standard in the open source cloud stack.