> On September 16, 2024, the Linux Foundation and Amazon Web Services announced the creation of the OpenSearch Software Foundation.[15][16] Ownership of OpenSearch software was transferred from Amazon to OpenSearch Software Foundation, which is organized as an open technical project within the Linux Foundation.
OpenSearch is Apache License 2.0. You can do whatever you want to/with it. How are Elastic the good guys in your mind?
Amazon's product had confusing naming and positioning, and lagged in compatibility which created a headache for Elastic.
And they were using an open source piece of software, but scaling it with closed source secret sauce on top of that. The license was saying they'd have to open up their secret sauce or pay, and their response was to leave the table instead.
OpenSearch still lacks tons of really basic functionality from Elastisearch, and watching how far ahead Elasticsearch got as a product shows how much free lunch Amazon was getting... and how much they actually cared about the product when it was time for them to put their money where their mouth was (despite AWS pulling Elastic's yearly revenue every 4 days).
Elasticsearch has generally matured like it has a passionate builder with a vision. They pushed on two major fronts (LLMs and Observability) and managed to execute effectively without letting product quality slip.
Meanwhile OpenSearch is still the place where tickets requesting 3+ year old ES functionality go to die.
-
I'm honestly on the opposite side: how is the hyperscaler offering a strictly inferior product with closed extensions and still managing to eat the main developers' lunches for the sole reason they already have sales pipelines established not the bad guy?
I guess I'm not really someone who believes in infinite scaling rules: something that can work at the individual scale doesn't have to work when hyperscalers do it (like selling hosted clusters)
> Amazon's product had confusing naming and positioning, and lagged in compatibility which created a headache for Elastic.
Irrelevant.
Elastic decided to release software to the public with a license that granted everyone under the sun the right to use it how they saw fit. This included also selling services.
That became a big part of their business model as it drove up it's adoption rates and popularity. If Elastic kept things like Elasticsearch proprietary, they would hardly have the same adoption rates.
You can't have it both ways. Why do you think people drop these projects the moment these corporations decide to pull the rug from under their userbase?
Of course it is relevant. TooBigTech is killing smaller companies just because it is too big.
When there are issues like this ("we made a successful product and someone forked it and it's killing us"), the "someone" is generally a BigTech, not 3 students in a garage. Then people complain about open source working/not working, and forget that the root problem is the monopoly that is screwing them.
No, it is irrelevant. Try to think about it for a second. You release a project under a license that grants everyone the right to use it as they see fit, including building a business on it. Everyone starts using the project as they see fit.
Do you believe you now have the right to retroactively pull the license on a whim?
Try to think about it for a second: multiple problems can exist in parallel:
1. Some company uses a permissive licence, sees a competitor making a proprietary product from their base, and starts whining. Too bad, they should have used a copyleft licence from the beginning on.
2. Some company makes a nice product. TooBigTech sees it and builds an alternative (be it a fork or from scratch, I don't care). TooBigTech offers it for free (because they can, because they are too big) and capture the market. The original smaller company dies, because they can't offer their product for free. Now TooBigTech can start enshittifying because they own the market, again.
> Do you believe you now have the right to retroactively pull the license on a whim?
If you own the copyright to the whole codebase, of course you can. All those contributors who signed a CLA and are now whining should think about that.
> Large companies using their scales to compete is a feature of capitalism, not a bug.
It's more fundamental that that. It's this idea that a corporation can arbitrarily change licensing terms already granted to end-users to extort them.
This is not limited to any managed service provided by a random cloud provider. The core reasoning is a corporation identifying end-users who are profiting from a service that directly or indirectly involves a project they release to the public under a FLOSS license. They see people getting paid, and retroactively change terms to coerce them into paying them. The same argument they throw at AWS providing a managed service also applies to any company using their project. How does this make any sense?
> It's this idea that a corporation can arbitrarily change licensing terms already granted to end-users to extort them.
If contributors refused to sign CLAs, then corporations would either not get contributions or not be able to arbitrarily change the licence. It's also the contributor's fault if they contribute to a permissive project and give up their copyright. Is it extortion if they agreed to it?
And then those contributors come whining because the corporation does whatever they want. Too bad, don't sign a CLA. And don't contribute to permissively-licenced projects if you don't want your code to end in proprietary products.
> Large companies using their scales to compete is a feature of capitalism, not a bug.
Large companies using their dominant position to compete is not a feature of capitalism. Antitrust laws prevent that. It's just that the US ignores them.
> AWS only gets to compete using their source code because they opened it in the first place. The competition was explicitly invited.
This part I agree with: if you build a permissively-licenced project, you don't get to whine when competitors use it in their own proprietary alternatives.
> Elastic decided to release software to the public with a license that granted everyone under the sun the right to use it how they saw fit. This included also selling services.
The original licensing decision was made well before the formation of Elastic the company. Maybe Shay didn't quite give it the full consideration. I don't know him super well, but like most developers starting open source projects, I don't think he has a legal background. I confess to a certain about of naivety, thinking that contributors would adhere to the spirit of contribution rather than the absolute letter of the license. I don't think it's unreasonable to have societal expectations above and beyond the legal requirements.
I've been doing open source for ~25 years and it appears to me there's been a distinct shift in how companies approach open source. I feel like what I started with was almost a eutopic ideal and now I'm expected to just do free support work for companies that don't want to pay anything to anyone. I don't see any problem with devs realizing their mistake or changing their mind and updating the license accordingly. For my part, I used to use ASLv2 for everything and now I default to AGPL.
> You can't have it both ways. Why do you think people drop these projects the moment these corporations decide to pull the rug from under their userbase?
Just like you have no legal obligations above what the license says, they have no legal obligations to make their work available under the license you want. It's open source, so feel free to take the commit from version before the license change. Of course, it turns out it's quite a bit messier to have two incompatible versions floating around, but as long as we're limiting ourselves to legal requirements that's a non-issue.
The most obvious reason these projects get dropped after a license change is because they now use a license that needs to be reviewed. It's a lot easier to justify spending on a new AWS service than it is getting a new license approved. But, that was more or less happening anyway. If you're already on AWS it's easier to add a new service than pay for hosting a service with a third party. I don't particularly fault Elastic for not wanting to be Amazon's R & D arm and support team.
We have a lot of systems and infrastructure in place that only mostly work because both parties hold up their own end of an unspoken agreement. Large tech companies have decided they can save money by breaking breaking away from that and just sticking to the letter of the license text. Legally, they have that right, but the other parties have predictably responded. I think what it really shows is our licenses don't fit all scenarios. Maybe I'm okay with individuals and companies with a market cap < $1T using the software under terms akin to open source but don't want to be a de facto employee for a large company reselling my software. We're well past the point of open source being about software freedom.
Most of these projects start off as a developer choosing a license without having the legal background to truly assess it and then they run into an 800 lbs. gorilla with loads of in-house counsel. Blaming them for not thinking it all the way through or realizing the implication of their license choice seems to me counter-productive. Okay, so they made a mistake. What now? They don't want to continue working under the framework where they feel being taken advantage of. I don't think they should be obligated to continue doing so because all of the non-Amazon folks don't want to incur the headache of forking. I'd love to see some of that ire aimed at the company willing to break the illusion to make some extra money than the folks that have freely given away their work for years.
> Well they obviously do have the rights, are you saying they broke the law?
No, they do not. They can release new versions with some other license if they get all contributors to agree. They absolutely cannot pull the FLOSS licenses from existing releases.
> They can release new versions with some other license if they get all contributors to agree.
Contributors must sign a Contributor License Agreement (CLA) before a contribution will be merged. The CLA signers gave Elastic the right to change licenses, among others, when they signed the agreement. Consequently, Elastic doesn't need to get individual sign-off from each contributor before changing the project license. The code wasn't based on copyleft license, so there's no compulsion to continue using the same licensing terms for all future distributions. That's a motivating factor for many CLAs. If you made a contribution prior to the introduction of the CLA then things get murkier.
You keep spamming this to anyone who replies to you: maybe your take is the irrelevant since it didn't stop them from pulling the rug in the first place?
> people drop these projects the moment
Noisy people always proclaim that they will, and hyperscalers gleefully market their forks... meanwhile it's mostly hyperscaler customers that they weren't going to get in the first place that actually move.
Elasticsearch was source available for 4 years and still saw massive growth.
People tried to spin Redis db-engine rankings dropping as being due to Valkey, but their trendline doesn't seem to have been affected at all by the change: https://db-engines.com/en/ranking_trend/system/Redis
-
But to be more direct, I'm honestly unimpressed with this brand of reductionism.
It's super easy to keep yelling IRRELEVANT THEY WERE RUNNING AN OPEN LIBRARY AND SHOULD HAVE EXPECTED SOMEONE TO SHOW UP WITH A HAULER TO TAKE ALL THE BOOKS, but it's not useful.
I'd also rather have a software ecosystem that uses targeted defenses to counter hyperscalers (which are more like an invasive species) than one that throws up its hands at them.
For anything that isn't Linux-scale, the alternative is that most of the well funded development ends up being from hyperscalers and that just concentrates their power.
> Yes, anti trust rules should have stopped amazon. But they didn't, this directly hurts open source.
What absurd, twisted logic. No, it does not affect open source. What are you talking about?
> The problem is Amazon, not elastic that's trying to survive.
No, the problem is Elastic trying to coerce end-users to pay them for using FLOSS projects. It makes absolutely no difference if AWS provides a managed service or if I run Elasticsearch in a AWS EC2 instance I pay for.
If a corporation wants to build a business model around FLOSS, it's their responsibility to figure out how to do that. What they cannot do is abuse FLOSS licenses to pull bait-and-switch on their userbase to coerce them to meet their revenue targets.
They did figure it out. Contributors signed CLA and so their license change was absolutely legal and in line with what everyone agreed upon. When you started using the product, you should have known this.
This risk has always existed. It existed when they chose to open source it in the first place.
Time and time again we see the lesson being learned the hard way that "if your business value is your codebase, it's hard to build a business whilst literally giving it away".
> "if your business value is your codebase, it's hard to build a business whilst literally giving it away".
perhaps then it comes as no surprise that some very outspoken open-source proponents do not open-source their core business components. I can understand they do it in order to exist as a company, as busineses, but I don't understand why they have to endure being shamed for staying closed-source, while all their stack is open. many such companies exist.
and let's add to this all the fact that everything released in 2025 as open-source gets slurped by LLMs for training. so, essentially, you feed bro's models breakfast with your open-source, like it or not. in the very near future we'll be able to perhaps prompt a 'retell' of Redis which is both the same software, but written so that it is not.
in essence there seems to be now little reason to open-source anything at all, and particularly if this is a core-business logic. open-source if you can outpace everybody else (with tech), or else you shouldn't care about the revenue.
A sufficiently capable LLM might be good enough to do cleanroom design on its own, with little to no human assistance. That would destroy the entire idea of copyright as it exists for software.
You need one agent that can write a complete specification of any piece of software, either just by using it and inferring how it works, or by reverse engineering if not prohibited by the license. You then have a lawyer in the middle (human or LLM) review it, removing any bits that are copyrighted. You then need another agent that can re-implement that spec. You just made a perfectly legal clone.
Cleanroom design is a well-established precedent in the US, and has been used before, just with teams of humans instead of LLMs.
I think some companies will be completely unaffected by this, as either the behavior of their code can't easily be infered just from API calls, or because their value actually lies in users / data / business relationships, not the code directly. Stripe would be my go-to example, you can't just reverse-engineer all their optimizations and antifraud models just by getting a developer API key and calling their API endpoints. They also have a lot of relationships with banks and other institutions, which are arguably just as important to their business as their code. Instagram, Uber or Amazon also fall into this bucket somewhat.
Because, unlike humans, LLMs reliably reproduce exact excerpts from their training data. It's very easy to get image generation models to spit out screenshots from movies.
> Can we start at "humans are not computers", maybe?
Sure. So it stands to reason that "computers" are not bound by human laws. So an LLM that finds a piece of copyright data out there on the internet, downloads it, and republishes it has not broken any law? It certainly can't be prosecuted.
My original point was that copyright protections are about (amongst other things) protecting distribution and derivative works rights. I'm not seeing a coherent argument that feeding a copyrighted work (that you obtained legally) into a machine is breaching anyone's copyright.
> So an LLM that finds a piece of copyright data out there on the internet, downloads it, and republishes it has not broken any law?
Are you even trying? A gun that kills a person has not broken any law? It certainly can't be prosecuted.
> I'm not seeing a coherent argument that feeding a copyrighted work (that you obtained legally) into a machine is breaching anyone's copyright.
So you don't see how having an automated blackbox that takes copyrighted material as an input and provides a competing alternative that can't be proven to come from the input goes against the idea of copyright protections?
> So you don't see how having an automated blackbox that takes copyrighted material as an input and provides a competing alternative that can't be proven to come from the input goes against the idea of copyright protections?
Semantically, this is the same as a human reading all of Tom Clancy and then writing a fast-paced action/war/tension novel.
Is that in breach of copyright?
Copyright protects the expression of an idea. Not the idea.
> Copyright protects the expression of an idea. Not the idea.
Copyright laws were written before LLMs. Because a new technology can completely bypass the law doesn't mean that it is okay.
If I write a novel, I deserve credit for it and I deserve the right to sell it and to prevent somebody else from selling it in their name. If I was allowed to just copy any book and sell it, I could sell it for much cheaper because I didn't spend a year writing it. And the author would be screwed because people would buy my version (cheaper) and would possibly never even hear of the original author (say if my process of copying everything is good enough and I make a "Netflix of stolen books").
Now if I take the book, have it automatically translated by a program and sell it in my name, that's also illegal, right? Even though it may be harder to detect: say I translate a Spanish book to Mandarin, someone would need to realise that I "stole" the Spanish book. But we wouldn't want this to be legal, would we?
An LLM does that in a way that is much harder to detect. In the era of LLMs, if I write a technical blog, nobody will ever see it because they will get the information from the LLM that trained on my blog. If I open source code, nobody will ever see it if they can just ask their LLM to write an entire program that does the same thing. But chances are that the LLM couldn't have done it without having trained on my code. So the LLM is "stealing" my work.
You could say "the solution is to not open source anything", but that's not enough: art (movie, books, paintings, ...) fundamentally has to be shown and can therefore be trained on. LLMs bring us towards a point where open source, source available or proprietary, none of those concepts will matter: if you manage to train your LLM on that code (even proprietary code that was illegally leaked), you'll have essentially stolen it in a way that may be impossible to detect.
How in the world does it sound like it is a desirable future?
Maybe I need to explain it: my point is that the one responsible is the human behind the gun... or behind the LLM. The argument that "an LLM cannot do anything illegal because it is not a human" is nonsense: it is operated by a human.
> I agree with the fact that LLMs are big open-source laundering machines, and that is a problem.
Why do you believe this is a problem? I mean, to believe that you first need to believe that having access to the source code is somehow a problem.
> I mostly see it as a problem for copyleft licences.
Nonsense.
At most, the problem lies in people ignoring what rights a FLOSS license grants to end users, and then feigning surprise when end users use their software just as the FLOSS license intended.
Also a telltale sign is the fact that these blind criticisms single out very precise corporations. Apparently they have absolutely no issue if any other cloud provider sells managed services. They single out AWS but completely ignore the fact that the organization behind ValKey includes the likes of Google, Ericsson, and even Oracle of all things. Somehow only AWS is the problem.
> I mean, to believe that you first need to believe that having access to the source code is somehow a problem.
How in the world did you get there from what I said? Open source code has a licence that says what the copyright owner allows or not. LLMs are laundering machine in the sense that they allow anybody to just ignore licences and copyright in all code (even proprietary code: if you manage to train on the code of Windows without getting caught, you're good).
> At most, the problem lies in people ignoring what rights a FLOSS license grants to end users
Once it's been used to train an LLM, there is no right anymore. The licence, copyright, all that is worthless.
> Also a telltale sign is the fact that these blind criticisms [...]
> LLMs are laundering machine in the sense that they allow anybody to just ignore licences and copyright in all code (...)
No. Having access to the code does that. You only need a single determined engineer to do that. I mean, do you believe that until the inception of LLMs the world was completely unaware of the whole concept of reverse engineering stuff?
> Once it's been used to train an LLM, there is no right anymore.
Nonsense. You do not lose your rights to your work just because someone used a glorified template engine to write something similar. In fact, your whole blend of comment conveys a complete lack of experience using LLMs in coding applications, because all major assistant coding services do enforce copyright filters even when asking questions.
> do you believe that until the inception of LLMs the world was completely unaware of the whole concept of reverse engineering stuff?
The scale makes all the difference! A single determined engineer, in their whole life, cannot remotely read all the code that goes into the training phase. How in the world can you believe it is the same thing?
> Nonsense. You do not lose your rights to your work just because [...]
It is only nonsense if you don't try to understand what I'm saying. What I am saying is that if it is impossible to prove that the LLM was trained with copyrighted material, then the copyright doesn't matter.
But maybe your single determined engineer can reverse engineer any trained LLM and extract the copyright code that was used in the training?
This is exactly what the AGPL was made to combat against. But open source devs still choose more permissive licenses first - presumably to attract corporate clients to use their product (and because devs are suckers to large corporate interests)
This. They choose a permissive licence, proudly advertise it ("use us instead of our competitor because they are copyleft and we are not"), and then come whining when other competitors benefit from the very fact that they chose a permissive licence.
There are different FOSS communities that hold different values. I come from the copyleft camp because I want to advance Software Freedom objectives for end-users. Others are more interested in advancing software developer freedom, and they find the obligations that are designed to advance end-user rights are unduly burdensome to the software developer. Articles like the one on the FreeBSD website [1] explain why they take a different position
I choose to believe that both of these sub-communities of the larger FOSS community are principled in their beliefs. I don’t see whining from FreeBSD folks about competitors, or for-profit companies using all the permissions they give with their choice of license.
> I don’t see whining from FreeBSD folks about competitors
Sure! Then that's all good! I have nothing against the use of permissive licences (though I am on the copyleft camp too, obviously). Or put it in the public domain.
My problem is with those who do and then whine about it.
It especially bugs me when company blogs call out “abuse” when they only exist as a company because others gave them the permissions needed to build a business on software they did not author themselves!
The solution to the old problem of "what if someone uses my code to compete with me" is "don't open source your code".
This isn't complicated. It's trade secrets 101.
I'm being disingenuous though. Of course the bait-and-switch merchants know this, they're just banking on getting enough product momentum off the free labour of others before they cash in. That's the plan all along.
I think that is a little unfair. I don't know anything about the companies behind Redis and Elastic. But another possibility is that they want to make a good open source product and create some sort of business around it and find it difficult to make a waterproof moat. I'm sure that there are many other open source companies with the same basic strategy that are just more lucky, e.g. don't get AWS as competition.
> The problem here is that Amazon is in a position where they can fork and sell it for a loss in order to crush the competition.
Everyone can fork any FLOSS project. That's by design. There are also no restrictions on random people selling services directly or indirectly using said FLOSS projects.
If a corporation changes their mind and decide it was a mistake for them to release software as FLOSS, they have the right to do what Redis just did. What they can't do is feign ignorance or do a bait-and-switch to try to coerce their userbase to cough up licensing fees for FLOSS projects.
Selling at a loss isn’t bad. Selling at a loss to build marketshare or kill competition usually is.
The issue is that previous companies usually use this aspect to build marketshare, so there is no other way to compete. Other tactics include lobbying, patent bullying, etc.
Shoot, as bad as Uber is, just look at how taxis in major cities were formed.
Then look at labor laws in other countries.
Under the current legal/political structure for any modern country, there is no winning without exploitation, which is why I refuse to start my own business.
No - that's why their pricing is so detailed and why their services have few limits you can't request them to increase.
They can afford to maintain a better branch of Elastic Search or Redis or so on, an drive those companies out of business by the virtue of efficient free market competition. At which point they'll make sure their branch is only useful on their servers, perhaps by adding dependencies on all their internal microservices - so technically they released the code but you can only run it if you're Amazon.
> At which point they'll make sure their branch is only useful on their server
Can you think of any examples where they've done that? They certainly could, but I can't think of any times they have actually rug-pulled like that, and the motive to do so seems tenuous too. In order for Amazon to do something like this they would need established market dominance, as well as a belief that some new player will hurt their market share enough to justify alienating the FOSS community.
Sorry, I didn't want to imply that they do. This would be illegal as per antitrust regulations.
What I wanted to say is that AWS using a permissively-licenced project is fine. The project should have thought about the licence beforehand and started with copyleft from the beginning on. Their problem now.
But a more general problem I see is that even if you use a copyleft license for your project, you have the risk to be crushed by anti-competitive behaviours coming from TooBigTech. It's not rare, they do that all the time and the US doesn't enforce anything. And when others (like the EU) try to do it, the US put pressure because they defend their US TooBigTech.
The latter is not a model or licencing issue, it's an antitrust issue. Now Amazon could compete with Redis without doing it illegaly, but they can only because they are so big. And the fact that they are so big is related to the lack of antitrust enforcement (it's documented, TooBigTech have all abused their dominance forever).
Not really. I have done multiple AWS pricing and costing exercises while launching services and there was never a direction from the VP to sell it lower than what it costs to build and operate. Cost to build and operate includes everything from salaries, infrastructure and many other line items. And usually things are projected 3-5 years into the future and P&L analysis must show that eventually the service will make a profit. It does make some assumptions about minimum customer adoption for the profit margins to materialize which eventually becomes part of the product and sales teams goals.
The costing model does allow losses to be incurred in the initial years because building the thing is more expensive at first but then it should settle down and revenue should outpace expenses.
What can happen with these open source products being launched as a service is that that initial cost can be cut down by as much as 50-75% but rarely more than that because you still need to build all the surrounding infrastructure, documentation, UI. It still gives AWS an advantage by relying on an existing body of work they can start with where many problems have been thought through and solved. Also you will likely get a good product roadmap skeleton ready to be prioritized which otherwise can be a huge time sink.
In a nutshell, no. AWS won’t sell a service at a loss (there are exceptions of course) but there is room to incur a loss at the beginning but it is priced to eventually turn a profit. Whether that happens for every service in reality is a different story.
Most (all?) open source licenses allow you to sell hosted clusters. They offered a hosted solution well before they changed its license. You can also fork it; but depending on the license, you might need to open-source any fork.
: I don't know of any open source license ones that don't allow someone to sell hosted cluster. Even AGPL, which is copyleft, allows it; so long as the hosted version is either: the same as the open-source version, or it's version is also open-sourced.
Nobody knows what the AGPL actually says, since it has not been determined sufficiently in court (at least in the EU) which is why the license is blacklisted by most companies.
If you want corporate adoption except AWS, you still cannot use AGPL.
I feel like there should be a license that doesn’t allow hyperscalers alone to fork without releasing source while being palatable to smaller companies
Interesting that you use the word "free." Long before there was open-source, it was called "free software" and the restrictions on use that required derivative software to give back their changes was the entire point.
Also from https://en.wikipedia.org/wiki/OpenSearch_(software):
> On September 16, 2024, the Linux Foundation and Amazon Web Services announced the creation of the OpenSearch Software Foundation.[15][16] Ownership of OpenSearch software was transferred from Amazon to OpenSearch Software Foundation, which is organized as an open technical project within the Linux Foundation.
OpenSearch is Apache License 2.0. You can do whatever you want to/with it. How are Elastic the good guys in your mind?