Posts

At organizations of all types, launching and maintaining successful open source programs has become a business priority. A strong open source program office helps to ensure that open source is supported, nurtured, shared, explained, and leveraged. With such an office, organizations can establish and execute on their open source strategies in clear terms.

With all this in mind, The Linux Foundation and The TODO Group (Talk Openly Develop Openly) have published a free collection of detailed open source guides to aid companies developing open source programs. The guides are available to you now, and this is the first in a series of articles that can introduce you to the value of the guides.

How to Create an Open Source Program is the first of the guides, and it explores everything from the role of the open source program office to how successful open source programs at companies like Google function. The guide also includes insights and advice from open source experts, including John Mark Walker, Founder of the Open Source Entrepreneur Network, and Will Norris, Open Source Office Manager at Google.

“The open source program office is an essential part of any modern company with a reasonably ambitious plan to influence various sectors of software ecosystems,” notes Walker, in the guide. “If a company wants to increase its influence, clarify its open source messaging, maximize the clout of its projects, or increase the efficiency of its product development, a multifaceted approach to open source programs is essential.”

The How to Create an Open Source Program guide makes clear that there is not a one-size-fits-all approach to creating a successful program. In fact, Google’s Norris notes that stakeholders from individual business units play a key role in how open source projects advance at Google.

“We allow the various business units around the company to make the decision on whether it makes sense to open source a given project from a business perspective, because there’s a lot of different reasons why you might open source a project or a piece of code,” he notes. “We’re comfortable with allowing projects to take the approach that works for them given their goals. We play more of a role of facilitating and advising.”

The first guide lays out recommendations for how to include stakeholders ranging from Legal to Engineering in the maintenance of a program office. It also delves into the importance of setting clear program policies and observing compliance guidelines.

“Having a well-defined policy in place, that’s great, but it’s got to be a well-defined minimal policy,” said Jeff Mcaffer, director of the Open Source Programs Office at Microsoft, who was interviewed for the first guide. “Otherwise you get lawyers, security folks, business folks, all piling in their concerns and constraints. Soon you end up with a straitjacket full of policy that basically means that nobody can do anything.”

These free guides are extremely valuable for any organization setting up an open source program. Notably, the guides were not produced in a vacuum. Far from it. The advice you will find in them grew organically out of many interviews with some of the world’s leading open source experts. We strongly encourage you to check out the guides, and stay tuned to this space for more articles in this series.

 

The upcoming APIStrat conference – Oct. 31-Nov. 2 in Portland – features three days of technical sessions, keynotes, and workshops.

The API Strategy & Practice conference (APIStrat) – taking place Oct. 31 through Nov. 2 in Portland – features three days of technical sessions, keynotes, and more, including several workshops providing hands-on learning opportunities. These sessions cover topics such as RESTful API integration, OpenID Connect, API security, and REST API testing.

Check out the following workshops happening at APIStrat:

Connect Your RESTful API to Hundreds of Others in Minutes (Zapier and other Integration Platforms) – Sean Matthews, Left Hook Digital

In this workshop, the Left Hook team will show how to connect your app to hundreds of others on Zapier’s platform in a matter of minutes. We’ll walk you through a quick integration, and then talk about the pros and cons of 30+ different integration platforms out there, as well as highlighting platforms upon which developers can build out their own API connectors today.

Creating Communication Applications using the Asterisk RESTFul Interface (ARI) – Chris Howard, Digium

The Asterisk RESTFul Interface (ARI) is an asynchronous API that lets developers build communications applications by exposing the raw primitive objects in Asterisk – channels, bridges, endpoints, media, etc. This presentation will provide information on getting started using ARI and provide a working demonstration of using the ARI to create a telephone application.

From 0 to  000s – Starting and Growing your Developer Program – Caroline Lewko, WIP

Learn the basics of starting a developer program from segmentation and polishing your personas, along with the seven most important onboarding activities. We will also include some extra special super sensory developer experience techniques.   

How Mature are You? A Developer Experience Maturity Model – Jenny Wanger, Arity, founded by Allstate

At Arity, we developed a maturity model for API programs to help you focus your time and effort on the areas that will provide the greatest value for your customers. We’ll go through the model together so you can score your company’s program. You’ll leave the session with a score and roadmap of how this can help you influence your stakeholders.

OpenID Connect Done the Right Way – Vinay Bhalerao, Red Hat

With the rise of mobile applications, OpenID Connect adoption has increased in the API market and is the preferred choice in API security. This workshop will help people to understand the differences between OAuth, JWT, and openID Connect and when to use the respective flows.

OWASP’s Latest Category – API Underprotection – Skip Hovsmith, CriticalBlue

In this workshop, you’ll learn about potential threats resulting from undersecured web APIs. You should gain a good understanding of the underprotected API problem, learn practical tips to improve your API security posture, and gain a sense of emerging tools and technologies that enable a significant step change in API security.

Simplify and Scale Your Connections To Data – William Broza, BitScoop Labs

The BitScoop platform radically simplifies data integration and streamlines the data and services development process with unified access to APIs, microservices, and more. Learn how to unify all internal and external data in your ecosystem under one API or SDK using our powerful and feature-rich iPaaS.

Starting with GTK – Julita Inca, UNI

GTK is a toolkit to create GUIs based on C program language. Glib and clutter are other technologies involved with GTK, and in this workshop, we’ll look at interactions with databases that support Linux (Fedora 25), such as SQLite or PostgreSQL. We can achieve at least four forms with an interaction of a database to build a system to register people in an event.

Super-Powered REST API Testing – James Messinger, Postman

In this workshop, I’ll show you just how easy – and dare I say, fun – it can be to test REST APIs. Whether you prefer the command line, a text editor, or a GUI, there are tools that will fit nicely into your workflow. Plus, you’ll leave with sample code and a working demo to get you started.

See the full APIStrat schedule here and register now!

The Linux operating system was created some 26 years ago by a young Finnish engineer, and it now powers the global economy. Not only has Linux survived for more than quarter of a century, it continues to grow its influence and dominance.

Not all open source software projects thrive, however; many promising projects die untimely deaths. So, what’s unique about projects like Linux that thrive where others fail? What’s the secret sauce that sustains one project over others? Is it the community? The license? The code? The organizations backing it?

We talked to open source veteran Brian Behlendorf, co-founder of the Apache Software Foundation (ASF) and current Executive Director of the Hyperledger project, for some answers to these questions. Here is an edited version of the interview conducted at Open Source Summit North America in Los Angeles.

What are the core components of sustainable open source projects?

Brian Behlendorf: By definition, any open source project that is still alive needs some critical mass of developers contributing to it.  The Linux kernel is 25+ years old, and it still sees 5,000 new lines of code every day. It’s still such an incredibly active project.

In my book, that means you need this body of maintainers and contributors who are willing to continue to nurture the project even as it goes into adolescence and later life.

For me, the only way to more or less guarantee that happens is to see that there are companies out there who are making money off of open source software. They have embedded it at the core of their business. And even if it’s not what they do as a business, it’s still something that they need. So they’ll provide feedback, contribute, and continue to invest in shepherding it forward.

So, having companies use and contribute to your project and in return inject resources does help. What role do non-profit organizations like The Linux Foundation and ASF play?

Behlendorf: What The Linux Foundation, I think, has figured out, is how to identify these technology spaces, bring companies together around them, and then help them make money from it and profit from it.

But it’s not the only viable model. The Apache Software Foundation model is entirely volunteer driven, with developers even doing things like running the books or doing marketing.

There’s an incredibly empowering side to that, but it doesn’t always work. There weren’t enough developers who showed up around OpenOffice, for example, for that to work for the Apache OpenOffice community.

It’s almost hard to say if any model is better than the others. They’re all very unique for the kind of software being built and the developers who are attracted to that software.

You talked about commercialization of open source, yet we have seen that some open source communities are averse to the idea of any commercial or corporate links.

Behlendorf: I don’t think there was really ever a truly long tradition of a battle between open source developers and commercial interests. I think many of the people I know who were contributing to open source even before me were building businesses on top of it. Michael Tiemann built Cygnus on top of the GNU compiler suite. So this template, and every ISP, every web business is building on top of open source web components.

I think the real battle might have been between proprietary software and free software. And the real question was, did we need to vanquish proprietary software in order for free software to flourish?

Do licenses play any role in sustainability of open source projects?

Behlendorf: I tend to think of companies that have played games with licensing. There’s not a lot of successful examples out there. Why don’t we just put these kind of games to the side? Let’s build the software we need together, and go out and build great applications and great websites and great other things on top of that.

And this is what we carried forward in the Hyperledger project as well. All the Hyperledger code is under an Apache license. All of it is designed to be embedded inside of other people’s products and services.

We want to see lots of cloud hosts running Hyperledger technology. We want to see a lot of application developers embedding this inside and, say, putting it inside of cars or IoT sensors or those sorts of things. The less time that we have to spend with lawyers and with MBAs explaining to them how and why they can make money with this code, the better off we all are.

Diversity is necessary for the survival of organisms, can the same be said for open source projects?

Behlendorf: If your community doesn’t look like the global community, then something’s wrong. 

The blockchain movement is a great example of diversity. India and China and Europe have been running as fast with this technology as anybody in the United States. We are constantly looking at what countries are we visiting. Where are our companies based? How do we go and empower those companies in a country like China or a country like India, to go and be champions of what they’re doing, of the technology that they’re building?

What about culture?

Behlendorf: I’d say the final thing I’d throw out about sustainability is if your project isn’t comprised of people who are nice to each other, it’s not going to be very sustainable. Even the smartest people, even the most enthusiastic people will burn out if the dynamic in the community is very harsh, or if every time a good idea is brought up you hear crickets or somebody talks it down. You need to be nice to each other on an open source project in order to have any hope of being sustainable.

The Call For Papers (CFP) for MesosCon Europe is closing soon! Submit your proposal by July 28 for consideration.

MesosCon is an annual conference that brings together users and developers to share and learn about the project and its growing ecosystem. The conference will feature two days of sessions to learn more about the Apache Mesos core and related technologies. The program will include workshops to get started with Apache Mesos, keynote addresses from industry leaders, and sessions led by adopters and contributors.

Dates to Remember

  • CFP Close: July 28, 2017

  • CFP Notifications: August 28, 2017

  • Schedule Announced: August 30, 2017

Submit a proposal to speak at MesosCon Europe »

Suggested Topics

Here are a few examples of topics we would like to see:

  • Best practices and lessons on deploying and running Mesos at scale

  • Deep dives and tutorials into Mesos

  • Interesting extensions to Mesos (e.g., new communication models, support for new containerizers, new resource types and allocation models, etc.)

  • Improvements/additions to the Mesos ecosystem (packaging systems, monitoring, log aggregation, load balancing, service discovery, etc.)

  • New frameworks

  • Microservice design

  • Continuous delivery / DevOps (automating into production)

If you’re unsure about your proposal, or want some feedback or general advice, please don’t hesitate to reach out to us. We’ll be happy to help!

Our events are working conferences intended for professional networking and collaboration in the Linux community and we work closely with our attendees, sponsors, and speakers to help keep The Linux Foundation events professional, welcoming, and friendly.

Not interested in speaking but want to attend? Linux.com readers receive 5% off the “attendee” registration with code LINUXRD5.

Register for MesosCon North America »

Register for MesosCon Europe »

This week in Linux and open source headlines, ONAP leads the way in the automation trend, Mozilla launches new, open source speech recognition project, and more! Get up to speed with the handy Linux.com weekly digest!

1) With automation being one of the top virtualization trends of 2017, The Linux Foundation’s ONAP is credited with moving the industry forward

Top Five Virtualization Trends of 2017– RCRWireless

2) Mozilla has launched a new open source project speech recognition system that relies on online volunteers to submit voice samples and validate them.

Common Voice: Mozilla Is Creating An Open Source Speech Recognition System– Fossbytes

3)In addition to membership growth, EdgeX Foundry has launched a series of technical training sessions to help developers get up to speed on the project.

Linux’s EdgeX IoT Group Adds Members, Forms Governing Team– SDxCentral

4) Multicore Association announces availability of an enhanced implementation of its Multicore Task Management API (MTAPI.)

Open Source Tools Set to Help Parallel Programming of Multicores– ElectronicsWeekly.com

5) “OCI 1.0 will ensure consistency at the lowest levels of infrastructure, and push the container wars battlefront up the stack.”

OCI 1.0 Container Image Spec Finds Common Ground Among Open Source Foes– TechTarget

Community manager and author Jono Bacon will provide tips for building and managing open source communities in a free webinar on Monday, July 24 at 9:30am Pacific.

In this webinar, Bacon will answer questions about community strategy and share an in-depth look at this exciting new conference held in conjunction with this year’s Open Source Summit North America, happening Sept. 11-14 in Los Angeles.

The Open Community Conference provides presentations, panels, and Birds-of-a-Feather sessions with practical guidance for building and engaging productive communities and is an ideal place to learn how to evolve your community strategy. The webinar will provide event details as well as highlights from the conference schedule, which includes such talks as:

  • Building Open Source Project Infrastructures – Elizabeth K. Joseph, Mesosphere

  • Scaling Open Source – Lessons Learned at the Apache Software Foundation – Phil Steitz, Apache Software Foundation

  • Why I Forked My Own Project and My Own Company – Frank Karlitschek, ownCloud

  • So You Have a Code of Conduct… Now What? – Sarah Sharp, Otter Tech

  • Fora, Q&A, Mailing Lists, Chat…Oh My! – Jeremy Garcia, LinuxQuestions.org / Datadog

Also, if you post questions on Twitter with the #AskJono hashtag about community strategy, leadership, open source, or the conference, you’ll get a chance to win a free ticket to the event (including all the sessions, networking events, and more).

Join us July 24, 2017 at 9:30am Pacific to learn more about community strategy from Jono Bacon. Sign Up Now »

This week in Linux and open source, the ‘Big 4″ accounting firms are becoming power players in blockchain, Oracle expands open source container efforts, and more in this weekly digest!

1) The four largest accounting firms in the world are active members of the blockchain revolution– Including Deloitte, which joined the Hyperledger Project.

‘Big 4’ Accounting Firms Are Experimenting With Blockchain And Bitcoin– Nasdaq

2) Oracle to expand container efforts with three new open-source utilities to help improve container security.

Oracle Debuts Three New Open-Source Container Tools– eWeek

3) Hyperledger’s Indy “is all about giving identity owners independent control of their personal data and relationships.” Explains Doc Searls in his op-ed about the availability of Linux for all users.

Linux for Everyone–All 7.5 Billion of Us– LinuxJournal

4) Regarding commits is “probably, it’s the second biggest kernel release.”

Linux Kernel 4.12 Released — These Are The 5 Biggest Features– Fossbytes

5) WatchGuard CTO Corey Nachreiner explains that Linux attacks and malware are on the rise.

IoT Fuels Growth of Linux Malware– IoTInside

This week in open source and Linux news, GitHub takes their Friday enthusiasm beyond casual Friday in creating a weekly “Open Source Day”, a new Linux Foundation Project was announced, and much more! Read on, stay open-source-informed.

1) GitHub encourages companies to devote time every Friday for their employees to work on open source projects. 

GitHub Declares Every Friday Open Source Day– VentureBeat

2) New Linux Foundation Project focuses on centralizing security services orchestration for multi-cloud environments.

Open Security Controller: Security Service Orchestration for Multi-Cloud Environments– HelpNetSecurity

3) Linux Foundation Projects top list of open source networking projects

10 Most Important Open Source Networking Projects– NetworkWorld

4) “Dan Cauchy, Executive Director of Automotive Grade Linux explains how open source can be key to establishing future industry standards.”

The Linux Foundation Explains the Importance of Open Source in Autonomous, Connected Cars– Digit

5) Hackers have turned their attention towards attacking IoT devices running open-source operating systems.

Linux Malware Gaining Favor Among Cybercriminals– SCMagazine

Check out the session highlights for the new Diversity Empowerment Summit (DES), which will take place Sept. 14, 2017, in Los Angeles as part of Open Source Summit North America.

Featured sessions and speakers for DES include:

  • Chaos Theory + Civil Liberties = 21st Century Corporate Practices – Kate Ertmann, GO

  • Open Your Arms to Open Source – Solutions to Bring in Social Innovation to All Walks of Life All Over the World – Arpana Durgaprasad, IBM

  • You’re Not a *Real* Software Engineer – Amy Chen, Rancher Labs

  • CO.LAB: A Collaborative, Mobile Learning Experience – John Adams, Red Hat

Other diversity and inclusion activities at Open Source Summit North America include:

Note that registration for DES is included in Open Source Summit registration fees at no additional cost.  Anyone in open source who wants to learn more about furthering diversity and inclusion in the community, as well as the broader technology industry, is encouraged to attend.

Onsite resources to increase accessibility to the event include:

  • Nursing room

  • Complimentary child care

  • Wheelchair & medical equipment rental from One Stop Mobility

  • Quiet room where conversation and interaction are not allowed

  • Communication stickers to indicate an attendee’s requested level of interaction

  • Non-binary restrooms

  • Strictly enforced Code of Conduct

The full lineup of all Open Source Summit North America sessions, including those at the DES, features more than 200 sessions covering everything from Cloud and Containers, to Security and Networking, to Linux and Kernel Development. Register now & Save $150!

At the recent Open Networking Summit, the SDN/NFV community convened in Santa Clara to share, learn, collaborate, and network about one of the most pervasive industry transformations of our time.

This year’s theme at ONS was “Harmonize, Harness, and Consume,” representing a significant turning point as network operators spanning telecommunications, cable, enterprise, cloud, and the research community renew their efforts to redefine the network architecture.

Widespread new technology adoption takes years to succeed, and requires close collaboration among those producing network technology and those consuming it. Traditionally, standards development organizations (SDOs) have played a critical role in offering a forum for discussion and debate, and well-established processes for systematically standardizing and verifying new technologies.

Introduction of largely software (vs. hardware) functionality necessitates a rethinking of the conventional technology adoption lifecycle. In a software driven world, it is infeasible to define a priori complex reference architectures and software platforms without a more iterative approach. As a result, industry has been increasingly turning to open source communities for implementation expertise and feedback.

In this new world order, closer collaboration among the SDOs, industry groups, and open source projects is needed to capitalize upon each constituent’s strengths:

  • SDOs provide operational expertise and well-defined processes for technology definition, standardization, and validation
  • Industry groups offer innovative partnerships between network operators and their vendors to establish open reference architectures that are guiding the future of the industry
  • Open source projects provide technology development expertise and infrastructure that are guided by end-user use cases, priorities, and requirements

Traditionally each of these groups operates relatively autonomously, liaising formally and informally primarily for knowledge sharing.

Moving ahead, close coordination is essential to better align individual organizations objectives, priorities, and plans. SDN/NFV are far too pervasive for any single group to own or drive. As a result, the goal is to capitalize upon the unique strengths of each to accelerate technology adoption.

It is in the spirit of such harmonization that The Linux Foundation is pleased to unveil an industry-wide call to action to achieve this goal.

As a first step, we are issuing a white paper, “Harmonizing Open Source and Standards in the Telecom World,” to outline the key concepts, and invite an unprecedented collaboration among the SDOs, open source projects, and industry groups that each play a vital role in the establishment of a sustainable ecosystem which is essential for success.

The introduction of The Linux Foundation Open Network Automation Platform (ONAP) is a tangible step in the direction of harmonization, not only merging OPEN-O and the open source ECOMP communities, but also establishing a platform that by its nature as an orchestration and automation platform, must inherently integrate with a diverse set of standards, open source projects, and reference architectures.

We invite all in the community to participate in the process, in a neutral environment, where the incentives for all are to work together vs. pursue their own paths.

Join us to usher in a new era of collaboration and convergence to reshape the future.

Download the Whitepaper