A week of interesting developments ...

The week started with the announcement that Joyent had acquired ReasonablySmart. This extends the range of Joyent's offering into the framework space and it's a very smart move. There is a real opportunity here to push for the creation of an open source standard especially since Jason Hoffman, co-founder and CTO at Joyent states "Unlike competing Platform-as-a-Service offerings, we intend to keep this new Joyent offering completely open-source". Good move.

During the week I was invited by Redmonk to the Cloud Interoperability Forum. I'll be landing in San Francisco on Monday. This event promises to be a gathering of some interesting players in the open source cloud computing space. It's one to watch.

Lastly, the week ended with Jesse Robbins' announcement of Chef, an open sourced configuration management tool.

Open source is really starting to make some progress in the cloud computing space with companies like Aptana, 10Gen and the team behind Eucalyptus. Obviously I've been concerned that the Azure framework, which is about to make its entrance this year, might create a marketplace built around a proprietary stack. If this happened it could create years of lock-in under the guise of a functioning market.

However the bold moves made by the open source community and the other actions which I know are in the pipeline give me cause for comfort. In fact, it's so positive that I'll make another prediction for this year.

This is the year of open source and when open source cloud computing becomes the rule and not the exception.

Awesome ...

Have a read, have a play and then spend a few moments to consider how powerful an open sourced JavaScript everywhere framework provided by a marketplace of cloud providers could become.

Now take a look at ReasonablySmart.com.

I wandered lonely as a cloud ...

First wander ...

Over the last few days, there has been a lot of to and fro between Tim O'Reilly and Nick Carr over cloud computing. I'm sure more is to follow.

The debate over network effects at the hardware (what is commonly called Infrastructure as a Service) level of the stack (from bare bones to virtualised images to operating system) is of little value to me. The shift of the computing stack from product to services will inevitably accelerate the process by which these lower level orders of the computing stack become invisible. The lower levels will find themselves pushed to a low-margin standardised high-volume business based entirely upon open source.

What interests me is that the argument for portability, interoperability and transparency in the "cloud" will inevitably shift to the framework (development platform, messaging system, database, templating system and so forth) level of the stack (or what is commonly called Platform as a Service).

The framework layer will consolidate to a few large marketplaces with each marketplace based upon a standard framework. A few of these frameworks will be proprietary but most will be open sourced. For each standard framework there will be many homogeneous providers with portability between them.

This framework layer (which Tim hints at) is where the real battleground is. This is where the real network effects are. This is where the trillion dollar company exists. Why on earth do you think I started Zimki back in 2005-7? Why do you think MSFT is releasing Azure?

Anyone still needing help to work out where all this is heading, just think about Ballmer's comment on enabling "Microsoft partners to create their own cloud infrastructure", think about a marketplace of ISP's all providing the same framework, think about how over the last decade the lower levels of the computing stack have become invisible to most developers and then go read my old blog post.

However, a marketplace based upon a proprietary cloud technology vendor has lots of attractions from the acceleration of innovation (through componentisation) to the more mundane capex to opex conversion. James Governor said in a recent tweet that "no amount of assertive statements from thought leaders will prevent customers from adopting proprietary technology". He is absolutely right. This is a gilded cage that some CIOs are not going to walk but rush into.

My only advise is that if you're the CEO of a company and your CIO is talking cloud, find someone with a senior level background in manufacturing to check their reasoning. If you hear the words "lacks second sourcing" then consider upgrading the CIO. It'll pay in the long run.

[For reference, my reasoning for Zimki was derived from Tim's earlier work on Infoware and the Open Source paradigm shift]

[Dennis Howlett has a really interesting piece on this whole topic.]

Second wander ...

When I worked for Canon (2001-2007), along with Zimki, utility computing and open source, I used to write endless reports about the dangers of mobile phones to the camera business, the future of 3D printing & fabrication technologies along with being fairly vociferous against SED. I've always believed it to be dangerous to focus exclusively on the core or with what you are comfortable with. That's a lesson I learned from reading Schumpeter.

This is especially true during recessionary times. It should never be forgotten that such times do create opportunities, not just for industry but government as a whole.

Despite the neocons desperate denials, as we've seen from the banking fiasco, the laissez faire school of economic lunacy has turned out to be a house of cards. However, there is always a silver lining. Our Government appears to be slowly turning away from the mumbled dribblings on money supply of those Chicago School ephors and back to an eminently more sensible and direct Keynesian approach of investment.

This is good news ... assuming it lasts.

Beyond the positive buy-out and part nationalisation of banks and the promises of public building works, the government should look towards bolder measures including the wholesale plunder and pillage of the weakest industrial sectors to the benefit of society.

The building industry and auditing professions are prime-time to be pushed towards nationalisation and bought up on the cheap and invested in. There are lots of measures such as the enforced auction of land banks with unused planning permissions which could be introduced in order to assist with this transfer.

Furthermore, since lots of parents are no longer sending their little darlings to those expensive private schools, a quick dropping of the charitable tax status plus a few extra regulatory burdens should force a few of these schools towards bankruptcy. Picking these up on the cheap would be an excellent way to bolster the national education system. This is to say nothing of the potential to buy-up private hospitals on the cheap.

If the government sets her mind to it, it could make a nice little earner. Despite the nay-sayers professing doom should the government take such action, there will always be plenty of entrepreneurs keen to rebuild after we get through these tough times. A bit of piracy might also help with social mobility, for people to go up others also have to come down.

A Keynesian approach of control, intervention and ruthlessness and a mix of the skull and cross bones combined with a healthy dash of "ahoy there, me mateys!" is what we need. In the long run, it is also the only sensible way forward.

[Update Nov 2012 - Alas those pesky monetarists weren't quite as dead as I hoped QED QE.]

Third wander ...

As any biologist or sociologist will tell you, the fastest growth of any population is normally the generation before it collapses due to environmental degradation. The "golden" age always happens just before the fall. It happens with populations from bacteria to wolves. It also happened with the Mayans and the Romans.

We're next.

The laissez faire ephors would have us praying to the invisible fable that is the pareto optimality whilst we burn and plunder natural resources and ponder how we can turn the vast reserves of methyl hydrates into a viable source of fuel. I'd rather trust to reason than such gods of future-discounting lunacy.

This is why the latest debate that the worldwide limit of 450 ppm CO2 (a level which will cause runaway climate warming) is not achievable in economic terms is just madness. We've discounted the future long enough. Without a hospitable environment there are no future trillion dollar companies. Without a hospitable environment there is no economy.

Our choice is simple. Either we choose to do something on a grand enough scale or we choose to let nature decide our fate. Whilst many are hopeful that serendipity will conjure up some magic to solve our problems, I fear that many Mayans and Romans probably did the same.

Whilst I'm all for a gamble, if the upside is more gadgets and the downside is possible extinction ... it just doesn't seem worth it.

Far from the Madding Cloud ...

Today I was faced with a challenge.

Explain cloud computing and why interoperability, portability and markets based upon open sourced standards are important IN layman terms!

Now as James' says, I've done this subject to death over the last few years. So I thought I'd try to explain all of this using example for cloud computing and an analogy to explain why interoperability, openness and so forth is important.

So here goes ...

Imagine that average Joe has taken out a big loan to buy lots of very expensive computer hardware.

Tom rents this hardware from average Joe and uses his technological wizardry to make it all appear as one big computer.

Dick rents this big computer from Tom and uses his virtualisation technology to make it appear as lots of small virtual machines.

Harry rents some of these virtual machines and creates a multi-tenanted storage service and messaging system.

Alice also rents virtual machines from Dick to provide a multi-tenanted framework for developing applications in. Rather than building all the elements of the framework she rents Harry's storage and messaging system however she provides access to it through her own API.

Bob rents an instance of this multi-tenanted framework from Alice in order to build a multi-tenanted application which provides transport routing information based upon user provided data, some super smart algorithms and an external cartographic web service from Dave.

Sue, who runs IT for a multi-billion dollar transport company, decides to use Bob's new transport routing system as a key part of her business processes. It's provided on a software as a service basis and marketed as "cloud" which is the latest hot thing, so Sue is happy.

Sue has never heard of Dave, Alice, Harry, Dick, Tom or average Joe. That's cloud computing!

The downside is that average Joe forgets to pay a bill and his machines get repossessed.

As for the analogy;

Imagine that average Joe has taken out a big loan to buy lots of very expensive houses.

Tom uses his financial wizardry to make it all appear as one big security.

Dick divides this security into smaller ...

... you know the rest.

Gang up now before the *aaS cloud gets you

Back in July, I gave a general talk at CloudCamp London on how consumers will need to push vendors towards interoperability and portability in the cloud.

At FOWA during the session on the important bits of cloud computing, a member of the audience - Terry Jones - put a similar question of portability and interoperability to both the speakers and the crowd. I happen to be in agreement with Terry that the consumers of cloud services have an important role to play here and so far have been remarkably silent on the issue.

What I suspect we need is some form of consumer association providing unbiased information and supporting the needs of consumers. Such an association should primarily consist of cloud consumers and to a lesser extent service providers or technology vendors. Well, as a starting point, there is Google Cloud Users group started by Sam Johnston.

Anyway, I've finally got around to creating a video of my talk.

CloudCamp Jul'08 - Gang up now before the *aaS cloud gets you

Busy, Busy ...

The last two weeks have been extremely busy for me. Along with working on the business case and funding for an interactive book company, I've started a new job and been a co-chair of a major London conference.

So in quick order ...

The interactive book company is Amphilab (I now work as an advisor having finished an initial three month stint). The company produces books with printed electronics. Let me just note one thing, these are not one page e-readers BUT real BOOKS with real paper pages which interact with computers. So it's old fashioned paper and ink (which we all love) AND turning pages (which we all love) PLUS text that interacts with computers & mobiles. We've already got a book deal and I'm now helping Manolis look for some funding that he needs.

I've also started a new job with Canonical as the software services manager. This role combines my passion for cloud computing & open source and puts it to good use for a great company. I know I was not intending to do any more work in the cloud computing space but then I met Mark and the Canonical team. It's a great place with great people - life just seems to be getting better and better.

Lastly, I've just finished co-chairing the Future of Web Apps (FOWA) conference. It was an absolute blast with some great talks by people like Kevin Marks, Gavin Bell, Suw Charman-Anderson, Julie Meyers, Ben Huh and the list goes on. The crowd was amazing, the venue excellent and Carsonified put on a grand show for everyone. Brilliant.

P.S. I've linked to my FOWA talk below. I know that I haven't yet created a video for my "Gang up now before the *aaS cloud gets you" talk at CloudCamp, London - I'll get around to it soon.

P.P.S. I'm also still writing, speaking, doing some ad-hoc work, building a bio-reactor and I'm in the process of moving home!

FOWA Talk - Innovation, the future and why nothing is ever simple.

The obvious dangers of the cloud ...

We've had numerous instances of downtime, changes in TOCs and services disappearing in the cloud computing world. To this list of shenanigans can now be added Nings unilateral closing of WidgetLaboratory.

I'm not going to go on a rant about the need for open sourced standards to protect the interest of businesses built upon such services, because both James Urquhart and those smart guys at Reasonably Smart have already said what needs to be said.

It seems that Reasonably Smart are also planning to raise further investment. If you're looking at getting into the cloud computing space, I'd strongly recommend you talk to them. To be open in my dealings, I know James Duncan very well but I have no vested interest in the company; I just happen to strongly agree with what they are doing.

I want to clearly emphasise one important point. The value of large scale utility computing provider of a JavaScript based application platform can be measured in the tens of millions. By following an open source route, the value of the technology is in effect zero. However, the potential value of a marketplace of utility computing providers based upon an open sourced standard (with revenues from utility sales, switching services, maintenance contracts, brokerages and exchanges) can be measured in the tens of billions.

If I had the cash I'd invest in the company myself, unfortunately I don't. They have a reasonably good chance, with a little bit of luck and support, in hitting the big time.

Finally, I'm overjoyed to see this post by Tony Lucas (the guy behind FlexiScale) on the importance of Interoperability and Portability in the cloud computing world. I couldn't agree more, and I believe that FlexiScale (at the infrastructure layer of the software stack) and Reasonablysmart.com (at the platform or framework layer of the software stack) have the potential to be real game changers in this service world.

To James Duncan and Tony Lucas, fortune favours the brave ... I'm cheering for you both.

Phew, it's hot in here ....

The "cloud" is a hot topic, by which I mean it has moved firmly into the transitional stage of its lifecycle and it is therefore becoming more mainstream. There is now so much movement and so many players in the field that the cacophony of noise can be overwhelming to those new to the subject. Eventually de facto standards will emerge but for now you have the maelstrom of players all jostling for position.

I thought I'd make a few comments about things I've found interesting in the last few weeks.

First of all, Artur Bergman and Brad Fitzpatrick are working on a Perl implementation of Google App Engine. From Brad's blog:-

"In the process we can build the start of an open source App Engine server clone that's suitable for many purposes .... but perhaps in the future (once Hypertable/Hbase/etc are ready) a full stack to give to ISPs to let them run App Engine apps on their own."

An open sourced stack allowing ISPs to create an ecosystem of providers, this is very smart move.

Secondly, James Duncan has also just released an open source JavaScript cloud environment. Now James used to be the CIO of Fotango in the Zimki days, so it is no surprise that he has followed an open source route. I see that he has gone for cloneable apps (network effects), open sourced reference model (focus on kickstarting an ecosystem), JavaScript language (allows a wider audience) and maintaining operational advantages through their own implementation (such as the data store). Well it's early days but they've made some smart moves and have every chance of doing very well.

I also note that Zimory are introducing and operating an international trading platform to exchange data center resources. Looks like I'm going to win my bet for computer resource brokers in the next six years. Whilst Zimory's service is principally based upon open source technology, the functionality controlling the connection between the local manager and the marketplace is kept proprietary and patented. That's a pity, as you don't need patent protection here but reputation. Patents might perversely slow the adoption rate.

I haven't seen the patent yet but the idea of exchanges and the ability to "offer and to retrieve data center resources dynamically and on-demand" has been obvious to anyone working in the field for the last five years, not that anyone at the European Patent Office would know that. Still at least we have people moving into the marketspace arena. Personally, I'm also expecting to see Microsoft make a big play in this area.

Lastly, I note that Tim O'Reilly and others have created the Open Web Foundation, an independent non-profit dedicated to the development and protection of open, non-proprietary specifications for web technologies. Whilst this is a positive move, my concern is that their focus will be on specification rather than open sourced standards (i.e. operational open sourced reference models of what is to be provided). Time will tell, however the encouraging sign is that Tim favours the practical approach taken by the IETF of "a rough consensus and running code".

My view is that in a service based economy, it makes logical sense for that "running code" to be the open specification in a cloud computing world. It is all hotting up and the next five years promise a real shake up of the industry.

Slightly grey swan ....

Well Apple have been upgrading to MobileMe recently. So this morning I was surprised to discover that my entire email account with a mere 7,540 messages in it had disappeared (note: they did reappear later).

Fortunately I don't trust vendor promises in the SaaS world, even promises on email hosting, so I always make my own backups. Now I use a MacBook with MacOSX and I accept James Governor's point on the gorgeousness of walled gardens. However, I'm careful to ensure that either my applications and data are portable, hence I use open office, or that I'm aware of the consequences. Hence whilst I use keynote, I always export to other formats before backing up.

That said, I do rely on my mac.com address, so I better get that sorted.

Despite my careful tendency, I was concerned to read the following forum post from someone who has lost all of their email. Apparently 1% (of which I'm guessing I am one of the lucky few) have experienced a problem. Though I'm sure this is a major headache to some people, this is still a relatively minor scare.

But what happens if you lose more than just access to your email. What if it's your CRM system or your storage service.

Without easy switching between providers (including interoperability and portability) in a cloud computing world and the ability to chose one provider as primary and another as synced backup, then this will happen again and again. One day, some company is going to wake up and discover that all its accounting information has gone or worse still some forward thinking Government department will find itself with a lot of explaining to do.

"Yes Mr Jones, I know we had your detailed medical history stretching over the last five decades, but that was yesterday. So can we start again please ... date of birth?"

"Didn't you have a backup?"

"Yes Mr Jones, it was with the original data at our service provider. So unfortunately we don't have either, but we do have a copy of the SLA."

"Will it help with my treatment?"

"No, not really ... date of birth please?"

Somebody, somewhere should really start an independent business consumer association to provide interoperability and portability information for different service providers. These providers will need to be pressurised towards open sourced standards, easy switching between each other, competitive marketplaces and compliance to the appropriate standard. You will need this for all the usual reasons of second sourcing including competitive pricing, reducing security concerns over vendor lock-in and to enable the use of one provider as primary and another as backup.

It's in business users interest to do this, because none of these ubiquitous activities are a source of competitive advantage to a business user. Your interests are in price and quality of service, not product differentiation for common processes. Vendors and some of their favoured pundits will tell you all sorts of reasons why you don't need this and how feature differentiation provided to tens of thousands of businesses somehow does create you a competitive advantage and that standardisation will just stifle innovation. For a common process, this is just poppycock. Instead standardisation of common processes as services should accelerate business innovation through componentisation.

Some will just do their best to muddy the water but be aware, that black swan event is just around the corner.

Smart move ... almost.

Thanks to Tony Lucas for spotting this announcement by 10Gen that they have open sourced their platform as a service technology. Overall it's a move in the right direction but alas somewhat spoiled by ... AGPL.

I'm sort of hoping that Tony and the crowd at Flexiscale make a move into the open source space with an entire GPLv3 stack. They're smart cookies and it can't be long before we see someone make a move and back it up with a partner programme.

Someone, somewhere will make a play to grab the market.

Economically it makes sense, but this is a point of disagreement between myself and James Governor. Will utility computing markets form around open sourced standards? James makes a valid point about consumers choosing proprietary technology but my view is the shift from a product to a service based economy for ubiquitous activities will change this.

Until that time, I suspect that James will continue to cheekily (geddit?) call me the *AAS master. Of course should I be right then there will be no end to my "young padawan" references.

Only time will tell.

Patience, ....

More duck with your pheasant?

One minute standards are too early, the next Bert tells us that standards are right for the cloud - here's theirs. Don't worry, Bert has given us something new to think about in his post on Open Source does NOT provide interoperability.

Of course, arguments just like portability need more than one participant. I'm not aware of anyone who would argue that Open Source, on its own, brings interoperability. What is sometimes discussed is how open sourced standards (i.e. complete open sourced operational reference models for a service) can be used (along with multiple service providers, trademarks and compliance authorities) to create competitive utility computing markets which have interoperability and portability between service providers.

Open source is key to this, it is critical for competitive markets and it is the only practical way of achieving it without entering a lock-in nightmare of a proprietary reference model. If Bert actually wanted to create an argument he could have said that Open Source is not key for interoperability in the cloud, then we'd have something to discuss.

I'm somewhat bored by all the vendors who try to explain why those components of IT which are ubiquitous aren't going to end up as services and who attempt to bring product mentality into a service world. The argument runs counter to an economy based on services. It's like those half baked ideas which pronounced the death of IT through commoditisation and ignore the feedback created by standard components (from commoditisation) which in turn leads to even faster innovation (as per the whole theory of componentisation).

However, since Bert is picking on open source, I thought I'd point out a few probable flaws with his argument:-

"Although there are open source systems for the base technology, they aren’t a complete solution". Well it's no surprise that without open sourced standards there is no interoperability. The closest we've seen to open sourced standards are the open SDK of GAE (Google App Engine) and Eucalyptus.

"Each provider must complete the solution themselves". Fortunately an open sourced standard is a reference model, it provides all the primitives. You can either implement it, or something that matches it. For example, if you consider that the open SDK of GAE is an open sourced standard, then GAE is simply Google's implementation of the open SDK and AppDrop is another.

"providers are looking for competitive advantage". There are two forms of competitive advantage here. One is in operational advantage, as in a faster, cheaper or somehow better implementation of the standard. The second is in product differentiation (a new feature etc). Product differentiation can* kill interoperability and it belongs in the product world and not in the world of ubiquitous activities treated as services.

"debian to ubuntu, Suse to Fedora, Redhat to CentOS": these are all competing products in a product world. In a service world you could get marketplaces such as "Fedora" as a Service where you will get Fedora and not something else. You could swap between service providers and know that as long as they complied with the "Fedora" standard it will work. Interoperability can be achieved with a proprietary standard, but it means the service provider gives up some strategic control of their business to the technology vendor. The use of open source in the standard is also about protecting the service provider (such as small ISPs) and reducing their barriers to adopting a standard.

I have no financial or commercial interests in the cloud world, I do however see lots of vendors either trying to persuade business consumers that interoperability, lock-in and portability are not issues, or that some committee will save the day.

I do wish Bert the best of luck with his standards committee, however if you are a consumer of these services, you really need to ask yourself whether you want the poachers to be the gamekeepers in a service world or whether it's business consumers who should be running any standards committee.

*I've added this conditionality in response to a comment by James Urquhart, with which I completely agree.

Why an apple is not a pear ...

Today I spoke at OpenTech. Overall, it went quite well.

However I did find myself on the receiving end of a rant from one of the attendees about how open standards won't allow someone to switch from Amazon's EC2 to Google App Engine.

I must admit I was somewhat perplexed at why this person ever thought they would and why they were talking to me about it. I explained my view but I also thought that I'd reiterate the same points here.

From the ideas of componentisation, the software stack contains three main stable layers of subsystems from the application to the framework to hardware. This entire software stack is shifting from a product to a service based economy (due to commoditisation of IT) and this will eventually lead to numerous competitive utility computing markets based upon open sourced standards at the various layers of this stack.

These markets will depend upon substitutability (which includes portability and interoperability) between providers. For example you might have multiple providers offering services which match the open SDK of Google App Engine or another market with providers matching Eucalyptus. What you won't get is substitutability from one layer of the stack (e.g. the hardware level where EC2 resides) to another (e.g. the framework level where GAE resides). They are totally different things: apples and pears.

On a related note, open standards and open sourced standards are also completely different things. Open standards are specifications including open APIs and open data formats. On the other hand an open sourced standard is an operational piece of code. The code is the standard not any specification.

In my view it is open sourced standards and not "open standards" which will create substitutability. Furthermore these standards will emerge through competition and adoption rather than committee.

My apologies for repeating myself in the last few posts, but I've increasingly found myself being challenged over my views and hence I thought it was best to reinforce these ideas.

RedMonk talks clouds.

I've been busy with my new project, but I've just picked up all the cloud talk going on at RedMonk.

I've left a brief comment, so I thought I'd post a copy here as well.

=======

Good post.

I've talked about this stuff for a long time but to cut a long story short, standards (as in open formats and APIs) are not enough to create portability and interoperability between providers nor do they solve the additional issues of competition and strategic control for vendors (and a host of others).

We are likely to only achieve competitive utility computing markets where we "write and run enterprise applications that you could move from cloud to cloud" if the markets are based upon open sourced standards.

Since IT is moving from a product to a service based economy with competition on Price vs QoS rather than product differentiation, the use open sourced standards is obvious for the service provision of ubiquitous activities.

It is however unappealing for those vendors who are wedded to a product world with competition based upon features. For those willing to accept the new world, there will be opportunities from brokerages to exchanges to compliance authorities and so on.

Posts you might find of interest.

• video of OSCON talk covering these issues
• Data Portability and all that Jazz
• JSops, JSops ... buy, buy, buy.
• Open Source Utility Grid
• Do we have to change?

=======

As for Alistair Croll's question on whether there is a way of solving the SaaS lock-in (or more correctly lack of second sourcing) issue - well yes there is, it's called open source. The real question that should be asked is when will the *aaS vendors realise that they are competing in a service and not a product based economy?

One final warning, as I've said before there will be more open sourced standards at the application layer of the stack than the framework (now called platform) and the hardware (now called infrastructure) layer. If your "product" doesn't become the open sourced standard when a market emerges around that service offering (whether it's CRM, HR, ERP or JavaScript Development Environments or VM etc), then the odds are it's game over for you. Standardisation and consolidation go hand in hand in the service world.

This is a disruptive change that is going on, and there will be casualties from the product world.

From Web 2.0 to Enterprise 2.0

This is a recreation of my talk from the Enterprise 2.0 conference in Milan (June 2008).

During the talk I examined the concepts of web 2.0, enterprise 2.0 and the forces behind change. The talk links together a number of topics from componentisation, software as a service, participation, network effects, innovation and commoditisation into a single theme (most of this stuff is old hat for those who have seen any of my presentations over the last few years).

The video covers in very simple and general terms:-

• What is commoditisation?
• What is innovation?
• Why is web 2.0 important?
• Why is web 2.0 important now?
• Why is enterprise 2.0 important?
• Some basic lessons on managing enterprise 2.0.

From Web 2.0 to Enterprise 2.0 (50 mins approx)

Two things of note.

I read the following post on the shenanigans at salesforce.com with some interest. I've long argued the need for second sourcing in the SaaS world and this example adds just further weight to that argument.

We need open sourced standards, portability and interoperability between vendors.

In the long run trust, reputation and honesty will be everything in the SaaS world. I note that Craig Heartwell calls for someone to have the strength of their convictions and quit Salesforce over this treatment of customers. Saying you have principles is one thing, having the integrity to stand by them is another. However, that said, resignation is always the last option and whilst Chris might be annoyed at his treatment and his lack of choices, this situation is not irreversible especially if customers group together.

Open sourced EC2 .... not by Amazon

Thanks to James Urquhart for spotting Eucalyptus.

From their site: "EUCALYPTUS -- Elastic Utility Computing Architecture for Linking Your Programs To Useful Systems -- is an open-source software infrastructure for implementing Elastic/Utility/Cloud computing using computing clusters and/or workstation farms.".

Not only is it "interface-compatible with Amazon.com's EC2" but it is also "designed to be modified and extended so that multiple client-side interfaces can be supported"

Now, that is good news. If you happen to be an ISP starting to get nervous of this new world of large utility computing providers, then group together, get involved with EUCALYPTUS and create a marketplace.

EUCALYPTUS would appear to be, a full blown, open sourced standard at the "Hardware as a Service" level of the computing stack. All we need now are multiple providers, some trademarks and a compliance authority.

P.S. If you are interested in utility computing then the two blogs I keep an eye on are : James Urquhart and Rich Miller.

Web 2.0 Strategies

I've noticed a little bit of a ding dong going on over Enterprise 2.0. At the heart of this is a wonderful quote from Jevon Macdonald (picked up Dennis Howlett's ZDNet article):

"The Drag Queens of Enterprise 2.0 are those old Enterprise software vendors who haven’t done anything to change their products, but instead they went out and have bought a nice dress and have put some eye shadow on their football player physiques."

This statement resonates with the changes occurring in the "cloud computing"¹ world. IT is moving from a product to a serviced based economy and competition in this new world takes more than just adding "as a Service" to your product.

I had a peek at the schedule and there is a whole session on "cloud computing". I don't know the speakers but hopefully this will be a balanced view and not some sort of "our product" + "as a Service" vendor love-in. If anyone is going, I'm not, then I've provided a set of questions that you might want to ask².

Now, it seems that Dennis' comments have drawn a bit of flak, even to the point that Steve Wylie, the Conference Director, has suggested that Dennis could save himself the trip.

Well, I'm really excited to be speaking at Web 2.0 Strategies in London on the 12th, alongside some stars of the Enterprise & Web world such as Euan Semple, Dion Hinchcliffe, Julie Meyer and Jeff Schick. So Dennis, if they want you stay away then come and join us instead.

Additional Notes:

1.Looking for a definition of "cloud computing" ..... join the club. James Urquhart has had several attempts at doing this but there so many vendors vying for "thought leadership" that the term keeps on getting mangled. It's like the Haas become IaaS, FaaS or PaaS becomes DaaS and SOA becomes ROA and WOA debate. If you're looking for an answer, sorry, but wait for five years until marketing and the pundits have moved on and then the terms will get cleaned up. For the time being just accept it as an ephemeral concept meaning that your systems will exist somewhere on the internet, probably.

2."When people talk about the 'cloud' they often use analogies to public utilities. However, when I change my electricity provider, I don't normally need to rewire my house. I want that same easy switching in the 'cloud computing' world. I want to move from Microsoft, to IBM, to Amazon and back again, at a click of switch. I want portability, interoperability and choice. You wouldn't catch manufacturing using services without second sourcing options, I don't see why IT should be different.

Can the panel :

• demonstrate an example of two large independent 'computing cloud' providers that I can simply switch between. I can change electricity providers with a quick phone call and no downtime - I'd like the panel to show me how to do that with one of their systems or alternatively explain how I'm going to avoid lock-in?
• explain how portability and interoperability is going to be achieved without the core systems being completely open sourced? We know that the standards approach, for example POSIX & SQL and a myriad of others, has failed in the past to achieve such goals.
• explain how something which is ubiquitous and well defined, and therefore suitable for provision as a service, is anything but a cost of doing business? Shouldn't the customer focus be on price and quality of service alone?

One Good, One Bad ... Twice.

Let us start with the good. OnSaaS has provided an introduction into the Software as a Service world where it describes a stack of services from the application, to the framework it runs on, to the operating system underneath this. It describes this stacks as SaaS, PaaS (platform) and IaaS (infrastructure). Whilst I dislike the abundance of *aaS terms almost as much as I dislike the growing plethora of *OAs, the division of the the "as a Service" world into a conceptual computing stack is something I'd agree with.

On a side note, IaaS used to be called HaaS back in 2006. I do find that all this term re-invention creates confusion.

What I find unfortunate is their linking (the bad) of the utility computing definition to the term IaaS. Utility computing is a billing and commodity provisioning model whereas "as a service" is simply about delivery methods. Don't confuse the two, they are not the same.

One of the most exciting future developments of the service world is the potential growth of competitive utility computing markets. These markets will be based upon portability between providers and competition in how services are implemented. However, how do you strike the right balance between competition (the difference between services) and yet ensure portability?

As previously explained, over the last year, the optimal way to achieve this is to use a combination of GPLv3 and trademarks. The "SaaS loophole" of GPLv3 allows for competition (an individual service can be modified without releasing the code) whilst preventing the branching of systems into a proprietary product (i.e. any modified code which is provided in a distributed executable must be released). This blend of competition and protection can be enhanced by the use of trademarks to provide compliance information to end users. For example, you can modify the service but you can only use the trademark if you comply to the primitives (which can be tested remotely) and allow for portability (which can be tested remotely).

This perfect storm of competition, protection and portability can be created by using open source software licensed under GPLv3 (or an equivalent) with enforcement of a reputable trademark. If you want to know more about this, then I'd suggest seeking out the counsel of Roberta Cairney. It was my discussion with Roberta which brought out the reasons why the SaaS Loophole was so essential for the SaaS world.

As I said back at OSCON in 2007, GPLv3 is the perfect license for the service world. To close the "SaaS loophole" would reduce the value of the license as it discourages competition and increases the barrier to adoption for no discernible benefit. I said "no discernible" benefit as the idea that you can create portability and compliance by removing the SaaS Loophole is wishful thinking at best. For portability to work, you will need an open sourced standard and the emergence of a compliance authority. GPLv3 is the ideal license for encouraging this to happen.

This view is not universal, as Linux Magazine's doubts¹ over the GPL shows. It positively describes Facebook's CPAL (Common Public Attribution License) as an example of what is wrong with GPL.

The attribution term (section 14) of the CPAL is reasonable (the good), as a "powered by FaceBook Platform" lends for the creation of high order, trademark protected forms such as "FaceBook Partner Platform" or "FaceBook Enterprise Platform". Such trademarks can provide end users with useful information on the service provider.

However, I find it unlikely that FaceBook is even thinking in those terms because the CPAL suffers (the bad) from the same flaw as AGPL. Section 15 in effect removes the equivalent "SaaS loophole" which undermines any possible competition or service improvement as well as increasing barriers to adoption by serious providers.

Section 15 .... You must treat any External Deployment by You of the Original Code or Modifications as a distribution under section 3.1 and make Source Code available under Section 3.2.

Though the article states that fbOpen is only asking for attribution, it is in effect asking for a lot more. Under the license, any competitive provider would have to return any operational improvements that they might make in the code.

The "SaaS loophole" is an essential part of competition in a service world.²

Additional Notes:

1.The original phrasing included "tirade against", this was incorrect as I have misunderstood the author's intention - please see comments.

2.The original posting included "and Linux Magazine, in my opinion, is just plain wrong on this matter". I have removed this as my opinion was based upon my misunderstanding of the tone of the original article.

The service war begins ...

Whilst Google have fired a tentative shot and Bungee Labs might still be working out the best sort of ammo, Facebook has just thrown a small grenade into the platform as a service world.

Rather than a set of agreed APIs that need to be implemented, such as opensocial, Facebook is providing a functioning platform. The move towards open source not only attacks some of the issues around portability but provides the fastest way for other providers to adopt this platform as an emerging standard.

Though this move is bold it is far from perfect. The platform is not complete and the licenses suffer from the same issues as AGPL.

Nevertheless, this move takes us closer to the day that open sourcing the entire platform and trying to forge a competitive marketplace becomes the norm. This is what we should expect as we move from a product to a service based economy.

In the service world, reputation is everything. Unfortunately many companies who have strong reputations today will not make the transition as they will find it difficult to change to a new value network.

The one company which has the most to gain and yet the most to lose from this transition is probably Microsoft. The key to its future success is its once mortal enemy, open source.

If Microsoft fully embraced open source and the service world whilst providing support to the community and potential competitors, then Microsoft would dominate this space. Even Google and Amazon's foray into the service world would be trampled by such a move. Microsoft has the ability to own this space, not through IP but through reputation and trademarks.

However, as with all things, the first fight is always with yourself.

Whilst the path may be obvious to a few and the company has certainly made moves in that direction, the question is whether the rest of the organisation could ever accept that its greatest success is likely to come from its former foe. Can such a company ever embrace the new value networks? Could such a company ever let go of its most valued products?

It would be irony indeed if Microsoft turned out to be Microsoft's greatest enemy and Open Source its greatest ally.

Time will tell.

I know I don't make predictions but I thought I'd just say, that in my opinion:

"By 2025 either Microsoft will be one of the largest contributors to open source software or it will have become tomorrow's Polaroid / SCO / Commodore / ...".

Bar a desperate attempt to introduce some monstrous lock-in nightmare that spirals us quickly down the route of government intervention, the end of the open source war is starting and a new war is just beginning.

[Addition: I was asked for some clarification on my "prediction". First thing I'd like to note, is that I don't make predictions. In my view, by 2025, the most significant IT market will consist of utility computing services based upon open sourced standards. In my view, Microsoft will have a major position in this service market. Hence, in my view, Microsoft will be one of the largest contributors to open source software by 2025. As far as I am concerned, the likelihood of Microsoft not having a major position in such a market is about the same as it becoming the next Polaroid / SCO / Commodore etc. ]

Data Portability, Radioactive AGPL and all that jazz.

I thought I'd cover some old ground for hopefully one last time - portability.

In the software as a service and cloud computing world, portability depends upon having access to ALL of the necessary data and an alternative provider. The are however three main issues to be considered with any alternative provider. First such a provider has to exist, secondly it has to interpret ALL the code and data you provide from the original service in the same way (interoperability) and lastly the process of switching has to be useable. Without all of this, portability is practically worthless to the vast majority of people.

This ideal of portability will only be practically achieved when multiple providers comply to a standard that is an open sourced implementation of the application or service to be provided. If we want to have competitive markets, avoidance of monopoly, portability between providers, minimisation of adoption fears, second sourcing options and limitation of risks then open source is the only answer.

Open standards (as in "open" APIs - a questionable term - and open formats) might be extremely helpful in providing access to data but they don't provide portability. As history teaches us, it's a delusion to believe they will. In the world of SaaS (Software as a Service), open standards could actually limit portability by enabling companies to describe themselves as being open without actually being so.

If you want portability in this future world of software services, then you need the service to be open sourced. This is what needs to be the standard.

However this isn't a problem because we're talking about a world where competition is based upon service rather than product. Such a world is based around thriving ecosystems of providers with portability between them. If you wish to build such an ecosystem, then you will need to minimise the barriers to participation, ensure portability between providers and at the same time maximum competition and the freedom for providers to make service improvements. Fortunately we have the perfect software license designed to do just that, it's called GPLv3.

GPLv3 allows for providers to take an open sourced environment, provide it as a service and modify it without releasing the improvements back to the community, hence allowing maximum competition or freedom for improvement. However the modified version cannot be released as a product which should minimise branching. By combining GPLv3 with trademarks and a compliance / assurance authority, it is also possible to ensure that this maximised freedom does not interfere with portability. You can achieve similar effects with more permissive licenses (Apache) by use of a compliance / assurance authority but the license, whilst good enough, is not ideal.

GPLv3 is the ideal license when mixed with a trademarked compliance / assurance authority for such services because it contains the "SaaS loophole" and hence allows for :-

• Competition through operational efficiency on service (hence encouraging competition in the market)

• Limits differentiation on function through the compliance authority (hence maintaining portability)

• Limits alternative products (hence minimising forking to different standards)

If you want to create a competitive utility computing market of providers, you can't get much better.

An alternative to this approach is to use AGPL. It is often cited as fixing the "SaaS Loophole" as though that was something beneficial but in reality it has little or no relevance in this world. The license misguidedly enforces the release of all improvements back to the community which is likely to stop potential providers ever adopting and providing a service under this license. AGPL severely limits competition in return for little or no benefit. In my view it's a hangover from a product centric world.

It seems I'm not alone in this viewpoint. Ted and I both agree that the "SaaS Loophole" is a good thing. Ted asks a question of whether you could use trademarks and reputation in place of IP protectionism. In the software as a service world, the short answer is no. Trademarks and reputation could be used to ensure portability between providers but not IP protection of the code itself.

Is there a need for another license other than than AGPL or GPLv3? Personally, I believe the GPLv3 is the only license we need in this world. What we need more of today is a service mindset rather than a product one. I suspect that leap is one which will be too far for many companies.

-- additional note [27th Feb 2013]

It's five years on and I've changed my view ever so slightly on the above. The use of permissive licenses such as Apache can make it less problematic for some companies to adopt and hence it can be seen as more reasonable or pragmatic. It does run a greater risk of forking of the codebase and community with alternative proprietary versions.

Forking of the codebase is no bad thing when the changes are contributed back as it allows for experimentation. Forking of the community is what you want to avoid. In many cases a project which contains many contributing forks does appear less likely to fragment as a community and so this is beneficial. Hence the balance of power between less and more permissive licenses rests in whether this helps maintain or destabilise the community.

In practice I've seen permissive licenses run the risk of a collective prisoner dilema with different companies attempting to differentiate to the disadvantage of the whole. At the same time I've seen companies more willing to get  involved with permissive licenses. Hence I tend to side with GPLv3 as the ideal license but accept a compromise of a more permissive license with a strong compliance / assurance group.

However, whilst I accept it, the reasoning above still stands for me. The dual nature of GPLv3 being permissive with services but restrictive on products was why I originally commented to Eben on the benefits of keeping the SaaS loophole. That hasn't changed.