The open question

Say open-source software and most people instantly think of Linux. And that's for good reason ' the operating system, licensed under the GNU Project's GNU Public License (GPL), is the largest and most visible open-source project.

Linux, or GNU/Linux as free-software advocates prefer to call it, is an operating system coded by a community of contributors, rather than by any single commercial entity. Part of its strength is the size and breadth of its community of users and contributors, who help to test, fix and extend the various projects that make up each Linux distribution. Commercial Linux vendors such as Red Hat profit from the packaging and support of those distributions, rather than from traditional software licensing.

Linux's rise has led to the decline or slowed growth of most commercial Unix operating systems, especially those for servers. In response, IBM, Hewlett-Packard and Sun Microsystems have started selling Linux-based systems with their commercial Unix products. And all have made major contributions to open source.

New terrain

Sun has pushed itself even further. Chief Executive Officer Jonathan Schwartz committed to moving the company's software to the open-source model. But can Sun build an open community around products that it has tightly controlled for years?

In 2005, Sun released the networking and kernel source code for its Solaris operating system under its own Community Development and Distribution License (CDDL). And in November 2006, after years of internal and external debate, the company announced that it would release its Java Developer Kit (JDK) under the GPL license, allowing it to be bundled with Linux.

But company executives are quick to point out that Sun is hardly new to open source.

'Sun was already the largest contributor to open source before we started on Open JDK or Open Solaris,' said Simon Phipps, Sun's chief open-source officer.
'In the European Commission's survey on innovation and open source, if you look at the table of contributors [to open-source software], Sun comes in first by a factor of three, ahead of IBM.'

Phipps is responsible for coordinating Sun's open-source efforts, including OpenSolaris, OpenJDK (the open-source release of Java) and OpenSparc (the open-source hardware specification for Sun's Sparc processors), in addition to contributions to community projects such as the Gnome user interface used by some Linux distributions and Solaris.

'Sun is responsible for the Section 507 compliance in Gnome' and the internationalization code, Phipps said.

Aside from its contributions in the Unix world, Sun has been taking commercial code to open source for some time. In 1999, Sun acquired Star Division, the company that developed StarOffice, and NetBeans, the Java application development tool, and released the code for both products under open-source licenses.
The community version of StarOffice, now known as OpenOffice, competes with Microsoft Office as a standard worldwide, and its OpenDocument Format was made a standard by Massachusetts. However, the state has delayed moving from Microsoft Word.

Opening up

But now, Sun is trying its hand at creating a much larger community for its OpenSolaris project, and it is facing a transformation of the community process that had controlled the development of Java technology. How well it manages the new communities around its liberated code may determine the long-term health of Sun's business and its ability to provide software that matters to commercial and government customers.

Beyond the Linux distribution, many vendors, such as Red Hat ' which last year acquired JBoss, a Java Enterprise Edition open-source platform and tools vendor ' are commercializing open-source projects started by their founders. For example, database developers mySQL AB and intrusion-detection system vendor SourceFire have opened their code. Their revenues are derived from commercial licenses for the products, allowing others to incorporate their technology into products for resale. The companies also sell support subscriptions to users.

The advantages of open-source software for government users are fairly straightforward. 'It puts them back in control,' said Brian Stevens, Red Hat's chief technology officer. 'They can rely on software and not depend on the business model of a single vendor. And then there's the security model. They can build a more secure system now that they can directly influence rather than specify. They can influence the architecture and they can use the software cross-platform.'

For software vendors, there are advantages, too. A community-based approach speeds adoption by technical users, making it easier to evaluate products. It also speeds development because more people can find bugs quickly and submit fixes.

SourceFire's Snort, for example, was initially released in 1998 as an open-source project by Marty Roesch, said Mike Guiterman, director of open-source and compliance marketing at Sourcefire. 'In 2001, Snort was put in a comparison with the top nine commercial [intrusion-detection systems], and came in third. And it was a pure community effort at that point, before the product was even commercialized.'

But community development doesn't mean a reduction in commercial development costs. Although many open-source projects with commercial sponsors have outside committers ' developers outside the company who have the authority to put new code into the code base ' the majority of the development cost is still borne by the commercial side. And the leadership is still squarely with the commercial development team.

'There's been the misconception that communities are just about free development,' Stevens said, 'but it doesn't really change your costs to any great scale. It just shifts your day-to-day work. It's not like we've seen where, on an open-source project, we can just put half the developers on it. It really doesn't work that way, especially if you're going to bring it to market commercially.'

Outside help

Stevens said that having outside committers is more valuable as an indicator of a project's relevance. 'It's valuable to have outside committers, but basically what that really means is that it's more a testimony of relevance than it is a necessary criterion. When you start to get outside developers, [you know] you're on to something, you've reached that interest level, something that has broad-based applicability. And if you can't build a community of developers and users, you're probably wasting your time.'

The Open Solaris community has more than 70,000 members, most of whom are users, Phipps said. 'There are about 750 committers right now, and almost all of them are within Sun. We haven't quite finished the external version control system [for the community]. So the situation is a bit more complicated on OpenSolaris right now. To make a commit, you currently need an internal sponsor.'

That will change, Phipps said, when the version control system goes outside Sun's firewall. Nevertheless, he said, more than 350 code submissions have been committed to the source code of Solaris by outside contributors. Most of the attention to Open Solaris thus far has been to its kernel and networking code, which were the first elements Sun released as open source.

Linux style

The up-to-date open-source version of Solaris is distributed through SolarisExpress, a free quarterly release of OpenSolaris built from the code in the project repository. 'It gets updated every few weeks,' Phipps said.

There are also several variant distributions being built on top of the OpenSolaris code in early development, including NexentaOS ' a combination of OpenSolaris' kernel and the ZFS file system with GNU and other open-source utilities targeted at combining the best of what the Solaris and Linux platforms have to offer.

Most of these projects are aimed at server implementations. But also on the horizon is Project Indiana, which Phipps said is focused on delivering a Linux distribution-style Solaris. The goal is not to make Solaris similar to Linux but absorb the lessons of the Linux model into the OpenSolaris community and operating
system.

The goal of Project Indiana is to provide a binary distribution of OpenSolaris sometime in the fall, Phipps said.

Ian Murdock left the Linux Foundation in March to join Sun to direct the company's operating system platform strategy. Murdock described Project Indiana to an OpenSolaris e-mail list in May: 'While Solaris has compelling technology, that technology remains somewhat inaccessible to users that are familiar with the Linux environment. The goal is to make what Solaris has to offer available to the larger market that by and large is more familiar with Linux as things stand today.'

Decisions to make Sun's business model mirror those of companies such as Red Hat have gotten mixed reviews from some in the open-source world. Part of the controversy has been about Sun's choice of software license for Solaris ' the CDDL is approved as an open-source license by the Open Source Initiative, but its terms make it incompatible with the version of the GPL under which Linux is published.
The same is true of several technologies Sun released outside of the Open Solaris code, including its Dtrace application performance tuning technology and its ZFS files system.

'No one's going to fault Sun over their lack of contribution to open source,' Stevens said. 'They've done great things. I just think that in this case [with Solaris, Dtrace and ZFS], they could go farther, and not just have an impact on Linux, but also on their business.'

Stevens said the community that Sun has created for Open Solaris is something of a walled garden, which won't allow the free flow of development.

But parts of OpenSolaris, such as the ZFS file system, are already finding their way into other open-source and Unix operating systems. ZFS is now part of FreeBSD ' and Apple reportedly is considering including ZFS in some way in its next release of Mac OS X.

The licensing issues that block the sort of cross-pollination that currently can't happen between Linux and OpenSolaris could soon be resolved because some of the business and legal imperatives that prevented Sun from using the GPL for OpenSolaris may be going away.

Next steps

Sun executives have fueled speculation about whether Sun would move to the GPL for OpenSolaris. Sun licensed OpenJDK under GPL Version 2 to make sure it would be compatible with Linux's licensing, and Schwartz wrote in his official blog that 'we love where the [Free Software Foundation's] GPL3 is headed. For a variety of mechanical reasons, GPL2 is harder for us with OpenSolaris ' but not impossible, or even out of the question.' Why does open sourcing take so long? Because we're starting from products that exist, in which a diversity of contributors and licensors/licensees have rights we have to negotiate.'

Some of those negotiations may have become more simplified in recent weeks with a federal court's ruling on the ownership of the copyrights to Unix. The SCO Group's claim of ownership in its lawsuit against Novell was thrown out by a federal judge. Sun had previously negotiated rights with SCO to take Solaris open source. If those rights restricted the license that Sun could use to release the code under, that may no longer be an issue.

Nevertheless, the success of OpenSolaris, or its component parts, depends on the creation of a community to support it.

If technologies such as Dtrace and ZFS are allowed to become more widely used, that probably won't be a problem.