Myth Debunked: Open Source Equals No Vendor Lock-in

As an open source advocate and former head of a successful open source project, I find it troubling that there is a trend within the industry of declaring “no vendor lock-in” for open source or commercial open source solutions.  In fact, this trend is not limited to one segment of the open source ecosystem as projects from databases to platforms are jumping on the bandwagon.  The inference is that by publishing source code and developing in the open somehow magically erases the age-old problem of vendor lock-in.  Additionally, this argument is used against the “legacy” or the most successful software and hardware companies in the world as a differentiator.  Unfortunately, this is a false argument as open source does little to remove the age old issue of vendor lock-in.  In actuality both vendor lock-in and technical (tech) lock-in exist.

While many open source projects begin with an altruistic goal, commercialization is inevitable.  This commercialization leads to everything from professional services or support to a full blown commercial products including legal indemnification and additional commercial only features.  Once a company purchases licenses from these commercial open source companies they become subject to the normal cadence of software releases, bug fixes, support, and more.  Just like their “legacy” counterparts, commercial open source companies depend on paying customers for revenue and must differentiate themselves from the open source project.  Take it from me, the number one question that customers ask a commercial open source vendor is “what’s the difference between the commercial and open source solution?”

But, what if a company never purchases a commercial open source license?  Aren’t they vendor neutral and free to do whatever they want?”  Here in lies the heart of the argument regarding open source and vendor lock-in.  While it is true that you aren’t legally bound to a single company, you are still locked-in to the open source community itself.  In the case of a large and vibrant open source project such as OpenStack, you are part of a large and diverse community consisting of users, commercializers, and corporations of every size.  In the case of a project such as MongoDB, the majority of contributions come from a single-source, 10Gen, which is a commercial company.  In either case, you are still vendor locked-in but vendor is replaced by community and you are subject to whim of the developers, committers, governance, and leadership of the projects themselves.

Whether you choose to use an open source project or pay for a commercial open source solution, you cannot escape the phenomenon known as tech lock-in.  Once you develop an application or solution that relies on an open source project, commercial or not, it is very difficult to switch technologies.  Imagine Rackspace switching from OpenStack to CloudStack, a move which would result in years of lost development and testing time followed by a period of risky technical and business challenges.  Or, imagine writing a customer facing application on MongoDB and then deciding to move to Cassandra.  It’s a daunting task fraught with risk, development time, and countless hours of testing.  While you may claim there is no vendor lock-in, the tech lock-in is enormous and the result is the same; you can’t easily escape your choices!

Finally, I hear from open source pundits that by the very nature of publishing a project’s source code equals freedom from the tyranny of large independent software vendors.  However, many open source users never look at the source code nor do they contribute to the projects themselves.  In fact, enterprises that value the open source solution will seek its commercial entity.  These companies aren’t in the business in building a DB or platform; instead they are developing and selling software applications or manufacturing goods and services.  Of course there are exceptions of companies that develop and extend the open source solutions for their own use.  A great example of this is service providers that are involved with developing or extending OpenStack.  These companies cannot purchase an off-the-shelf OpenStack solution and must extend and create secret sauces for their own use of the technology.  However, enterprises are looking at companies such as Red Hat to do for OpenStack what they did for Linux, commercialize it.

In the end, open source is a wonderful development model and there is nothing more powerful than being a part of an open source community.  However, open source cannot solve the age old issues of vendor lock-in or tech lock-in; Myth Debunked!