Open source software companies like MongoDB are making drastic moves to protect their intellectual property from cloud giants like Amazon or Alibaba — but a clash between MongoDB and $31 billion software giant Red Hat highlights the potential pitfalls of that strategy.
Fedora, a Red Hat-sponsored open source operating system, has dropped support for the very popular MongoDB database. Although Fedora is sponsored by Red Hat, and has project leaders who work at Red Hat, it’s technically a separately-run open source project. Fedora cited concerns over the company’s controversial new licensing agreement, and indeed, Fedora has tacked MongoDB’s SSPL onto its “bad license” list.
This comes months after Red Hat, which is on the cusp of being acquired by IBM, removed MongoDB support from its Red Hat Enterprise Linux OS in November.
Late last year, MongoDB announced the Server Side Public License, or SSPL. Under the terms of the SSPL, any cloud provider who wants to take the free MongoDB database and package it up as service for their own customers has to also release their code as open source, free for anybody to see and use…or else pay MongoDB for a license. It’s intended to make it harder for cloud providers to make money from MongoDB without paying up.
The problem, in Red Hat’s view, is that the SSPL violates a core principle of open source, which states that anybody should be able to use this free software any way that they want to, without restrictions, even if they’re using it to turn a profit — a line of thinking that echoes many critics of MongoDB’s SSPL and licenses like it.
“It is the belief of Fedora that the SSPL is intentionally crafted to be aggressively discriminatory towards a specific class of users,” Tom Callaway, a technical and community outreach program manager at Red Hat, wrote in a blog post. “Additionally, it seems clear that the intent of the license author is to cause Fear, Uncertainty, and Doubt towards commercial users of software under that license.”
For its part, MongoDB has disputed the characterization that the SSPL disqualifies the platform as open source. Indeed, MongoDB has submitted a redrafted second version of the SSPL to the Open Source Initiative, an industry body, to win the right to call it an open source license.
Read more:Two software companies, fed up with Amazon, Alibaba and other big cloud players, have a controversial new plan to fight back
“We continue to work with the OSI as they deliberate on the SSPL and we still strongly believe that the SSPL meets the tenets of open source,” Eliot Horowitz, CTO and co-founder of MongoDB, said in a statement.
However, Red Hat itself isn’t so bullish about MongoDB’s chances, here. Richard Fontana, senior commercial counsel at Red Hat and himself a member of the OSI board, calls SSPL the “most controversial license the OSI has received in years,” and admonished MongoDB for breaking from the open source community.
“Here’s a major community project that looks carefully at the license and says, ‘look, it doesn’t need community standards on what a free software license is,'” Fontana said. “It’s a strong statement and that may have an impact on the debate as it goes forward.”
Bradley M. Kuhn, the president of the Software Freedom Conservancy, says that he consulted with Red Hat on this situation, and isn’t surprised that the company is moving away from MongoDB.
“MongoDB released this license with no discussion with the community. This frustrated all of us, and I sense that frustration with Red Hat as well,” says Kuhn.
‘A burdensome requirement’
Beyond Fedora and Red Hat Enterprise Linux, Red Hat is looking at other places where it might have to take action over MongoDB’s move towards the SSPL, says Fontana.
The general feeling at Red Hat, says Fontana, is that the SSPL adds a potential legal headache for customers and users of its products. There’s no precedent for something like the SSPL, and that could make problems for any company who wanted to ensure they were in full legal compliance while using MongoDB, he says.
“Our customers really appreciate the fact that we are very careful about the licenses that we say are open source products. They look to us for guidance. If they found this unusual license with an unprecedented restriction, I think some customers might be legitimately concerned,” says Fontana.
Read more:Startups are taking on Amazon’s cloud with a controversial new plan, but experts warn it could undermine the foundations of open source
More than anything, SSPL essentially requires users that are offering MongoDB’s database server as a service to make much of their own, potentially proprietary code, available for free. Fontana says this goes far beyond what any other free software license requires.
“That’s actually such a burdensome requirement that I would say it’s impossible to comply with,” Fontana said.
Moving forward with the license
While MongoDB awaits a verdict on the second version of the SSPL, it’s still using the first. Other companies, like Confluent and Redis Labs have also made similar license changes, for similar ends, though they haven’t submitted them to the OSI.
Ultimately, the SSPL didn’t stop Amazon Web Services from creating its own MongoDB-compatible database service called DocumentDB, though MongoDB has said that the two aren’t directly competitive.
While Fontana gives MongoDB credit for going through the approval process, and calls MongoDB’s issues with cloud providers “a legitimate concern,” he believes MongoDB should not have started using SSPL before it was vetted by the open source community.
“I would encourage MongoDB to go back to using an accepted and approved license for an open source license. They should wait for OSI to make a decision about SSPL,” Fontana said. “That would be a preferable way to proceed.”