CI/CD / Culture / Development / Sponsored / Contributed

Open Source Tools: The Good, the Bad and the Truth in Between

6 Nov 2019 3:10pm, by

KubeCon + CloudNativeCon sponsored this post, in anticipation of KubeCon + CloudNativeCon NA, Nov. 18-21 in San Diego.

Kara de la Marck
Kara is CloudBees Open Source Community Manager. Previously, Kara worked as a web developer for a Fortune 500 company, as a freelancer, and for charities. As part of Mozilla’s Open Leaders program, she is building People in Open Source Software and Engineering, a peer mentorship program that empowers OSS practitioners with knowledge and tools to build healthy, sustainable open source communities. As a board director of codebar.io, Kara works to increase diversity in the tech industry. In her free time, she likes to hike and travel.

Developed by developers for their own use, open source application development and delivery tools have certainly proved their merit by meeting needs commercial products often fail to fill. While open source tools have a plethora of functions, they can’t do it all. Even the best open source tools have functional and support gaps that have created opportunities that companies offering commercial support extensions have stepped in to fill. By combining the potential of open source delivery tooling with the support of commercial extensions, developers can help their organizations create high-quality applications faster.

In conducting in-depth surveys of 150 U.S. application development and IT professionals responsible for software development life-cycle tools at their organizations, Forrester found that while open source tools play a significant and important role in most organizations’ software delivery pipelines, they are not a magic bullet. Their research found:

  • Open source application delivery tools are essential to organizational success.
  • Open source tools can suffer from serious security vulnerabilities.
  • Commercial open source extensions fill open source functionality gaps.

In this post, we describe when relying on open source tools makes the most sense — that is, most of the time — and when proprietary alternatives should be considered.

Application delivery is an essential component of organizational success across all industries. In today’s age of digital disruption, every company is a digital business — demanding fast delivery of high-quality applications that delight customers and innovate their business. It is no surprise that the people at these organizations responsible for selecting software development tools understand the importance of their role in choosing tools that help their organizations speed delivery while also improving quality. What may surprise people is that more often than not, that solution is open source.

Open source development tools play a central role in many organizations’ software delivery pipelines. To close functionality and security gaps in these tools, savvy buyers leverage commercial offerings built on top of open source development tools that improve the quality and supportability of the tool. Many developers think that commercial offerings built on top of open source software development tools add significant value to the open source tool.

Open source application delivery tools are popular because they meet needs unfulfilled by commercial offerings. Developers contributing to open source projects build tools that they want to use and that solve problems they uniquely understand. Despite the value they provide, the tools are often not sufficient enough to meet the needs of large enterprises that value security, stability, scalability, and low overall support cost. Commercial support offerings and product extensions fill these gaps.

Enterprises that want to blend the best aspects of open source and commercial software should augment their application delivery tools portfolios by considering the following:

  • Ensure that your open source tools are adequately supported. Open source projects are supported by their communities, but the responsiveness of these communities to fixing defects and security vulnerabilities can vary widely. Choosing a commercial partner for open source product support can help close the response-time gap.
  • Ensure that your open source tools provide the features that you need. Open source tools often have a single-developer or small-team focus; they work fine in smaller contexts but can lack the features that large enterprises need to support a rollout at scale. Commercial offerings can ease administrative burdens and provide multi-project and large program support that the base open source software lacks.
  • Ensure that your open source tools integrate well with the rest of your toolchain. No single tool in a modern application delivery organization’s pipeline can do it all, so solid, stable integrations between tools are essential for success. Commercial offerings can fill this gap by delivering reliable integrations between tools that are up to date with the latest versions.

Open source development tools are often perceived as delivering features with similar or better quality than existing commercial offerings, all at a lower cost. However, this does not mean that open source tools are without their flaws and challenges, or that every open source tool will have a low total cost of ownership (TCO) just because there is no upfront cost. While risks and costs will vary from tool to tool, organizations looking to adopt open source tools into their software delivery pipeline should be wary of potential pitfalls such as open source security vulnerabilities, costly customization and scaling concerns.

Open source tools have widespread value in the software delivery process. They offer capabilities that enable speed and efficiency in developing and delivering applications. No tool may be able to do it all, but open source offerings today sure can do a whole lot of good.

CloudBees is a sponsor of The New Stack.

Feature image by from Pixabay.

A newsletter digest of the week’s most important stories & analyses.

View / Add Comments

Please stay on topic and be respectful of others. Review our Terms of Use.