Back in February 2022, we wrote a piece about the risks and benefits of open-source software development. The ongoing altercations between MinIO and various licensees echo our discussion. But, as a potential or current customer, what should you be thinking and doing?
Background
MinIO is an open-source software solution that implements a scale-out object storage platform. The company has majored on the lightweight and friction-free deployment model of the MinIO binary, citing their volume of Docker pulls and GitHub stars as a measure of success. You can find more on the platform and solution over at the Tech Field Day website (including the company’s first TFD appearance, also featuring yours truly).
Breach
So, what are the licensing disagreements about? Initially, MinIO was released under the Apache v2 licence, then changed to use AGPL v3 (although some code was always AGPL v3). Both Nutanix and Weka have been shipping MinIO code in alleged breach of these licensing terms, which require disclosure and the sharing of related code (the extent of which is contested).
We think the transition between licensing was done to (legitimately) restrict 3rd-party free usage of MinIO intellectual property. AGPL v3 requires disclosure of software use and to make available the source code of any derivative versions. It restricts sub-licensing where the code is restricted from end users. The terms also cover network-accessed versions of software, such as those used on public cloud or SaaS platforms. See this post for more background.
- Nutanix Objects Violates MinIO’s Open Source License
- Update: Nutanix Objects Violates MinIO’s Open Source License
- Weka Violates MinIO’s Open Source Licenses
- Our Response to Weka’s Post and Clarifying Terminology
- WEKA Responds to Unfounded Allegations Made by MinIO Regarding Open Source Licensing
Rather than go legal, MinIO has chosen the Court of Public Opinion, opting to name and shame Nutanix and Weka without (in the case of Weka) having a prior private conversation to resolve the situation. We don’t know if legal proceedings are taking place in the background or what subsequent discussions are taking place between MinIO, Nutanix, Weka, or any other additional parties as a result of this very public disagreement.
Risks and Benefits
As we pointed out in our blog post back in February 2022, the open-source model is beneficial for many reasons. Start-ups get access to “free” software development and a test bed of usually willing and enthusiastic followers. With the right adoption model (and distribution platform like Docker/Kubernetes), a new product like MinIO can gain rapid adoption.
However, there’s a flip side to this. Commercial companies can choose to fork software and create new development lines (subject to licensing terms). We saw this happen with MongoDB and AWS (which developed DocumentDB), while many organisations chose to use CentOS rather than license RHEL.
Generally, the open-source model has been to develop a “free” solution that everyone can use, while the enterprise version adds extra features and support. In the case of MongoDB, this also includes consuming the software in a SaaS model, also reflected with other database platforms.
There’s a careful balance required between exploiting the benefits of the open-source model to gain traction while at the same time protecting intellectual property. The “spirit” of a licence is very different from the legal interpretation. As a result, both Nutanix and Weka may feel comfortable with their respective position, while MinIO sees it differently.
The Customer
As either a current or potential customer of MinIO, Nutanix or Weka, the uncertainty and risk introduced by the public disagreement between these companies is clearly a cause for concern. There may be unquantified liabilities at stake, including additional software licence costs incurred by the customer. Data could be at risk if court injunctions are issued.
None of this sits well with the internal product management teams within businesses that are charged with reviewing and selecting technology. In my experience (mostly in financial organisations), we would be risk averse and find another solution that didn’t have the exposed risk. This would include any of the three companies we’d mentioned and likely introduce discussions with any other data platform vendor to see what 3rd party software dependencies exist. I would also look to write any contractual agreements to include indemnification of the use of 3rd party and open-source software from any future supplier.
The Architect’s View®
Of course, software copyright and licensing disputes happen all the time. As an example, I was recently involved as an expert advisor in one ongoing case I can’t currently discuss. Generally, though, these disagreements are resolved through legal channels that can be costly and time-consuming – but generally more private than blog posts on company websites.
We totally respect MinIO’s right to protect intellectual property. But why has the company chosen to air these grievances in public? It could be to mitigate the expense of lengthy litigation or to make other infringers come forward and legitimise their usage. From the online statements made so far, both sides feel entitled to opposing views, so court cases could prove expensive. Not a great use of capital for start-ups.
This is perhaps the crux of the matter. The MinIO business model depends on the traction gained from free use being converted into paid licences. However, like Aesop’s fable about the North Wind and the Sun, wouldn’t it be better to persuade rather than force customers to convert to the paid model?
Copyright (c) 2007-2023 – Post #77ea – Brookend Ltd, first published on https://www.architecting.it/blog, do not reproduce without permission.