I founded OSS Capital, a new kind of investment platform firm which exclusively invests in, accelerates and starts commercial OSS (COSS) startup companies. We were the lead investor in the DEV seed round back in the fall and have been partnering with the team here to grow as a leading COSS company.
I also founded KubeCon and have been involved in the Kubernetes project since the early days and open source software in a variety of roles.
Ask me anything.
Top comments (44)
Hi Joseph, thanks so much for doing this AMA! Do you have any advice for a developer who's new to open source? I've wondered often how OSS teams manage pull requests, roadmaps, and sourcing contributors, but the furthest I've gone into OSS myself is a single pull request.
Hi Anna! The wonderful team at GitHub (a COSS company) put together this resource: opensource.guide/starting-a-project/
Hope this helps you on your journey into the exciting world of OSS!
IMHO it's ironic that GitHub preaches about the superiority of FLOSS but then ... doesn't make GitHub itself FLOSS. Like wth.
movedtogitlab
I'm curious about your thoughts on a couple failures in commercial open source that come to mind for me:
RethinkDB
rethinkdb.com/blog/rethinkdb-shutd...
Famo.us
deprecated.famous.org/
It is never fun to reflect on the failure cases, but they do exist. I think failure in the case of open source really boils down to adoption: if no one uses the project it is "dead". This does not mean that the code ceases to be executable, hosted, available and even perhaps depended on by some other library or service or system or application.. somewhere.. out there in the ether.
On COSS side, a given COSS company can "fail" by running out of capital, ceasing to find a business model that works, dysfunctional teams, executing in a bad market.. many of the same reasons proprietary / closed core companies fail.
In the more nuanced context, I think COSS companies in failure happen because the lack of developer communities. COSS largely thrives in areas where the developer ecosystem around a given platform/product/layer in the stack is developer friendly/active/vibrant... where it is not, there is a higher likelihood of failure, IMHO. There are many exceptions to this, but in general, I'd say this is largely the case.
Hi Joseph!
Do you work with many companies that are not yet COSS, but intend to open-source their software? I feel like the discussions involved in making a company COSS from the beginning are different from the discussions about transitioning into making their existing products open source.
I'm wondering if you have any thoughts on the differences between the two situations, and if you have any tips on how to more effectively dissolve friction from people who are feeling like they'll lose existing value if the code is made open-source?
I have spoken with a large number of founders who have or are or might be seriously considering evolving into COSS from an existing proprietary company.
The primary considerations/drivers for this are:
In almost all these cases, if you think about the tradeoffs long enough in a given context, open source of a core technology becomes quite compelling.
Hi Joseph! I know commercial open source ventures tend to center a lot on SaaS and web/devops frameworks, but have you seen anything commercially viable or interesting outside of web-developer-targeted open source software, or any movement towards commercial open source hardware?
YES! Commercial open source hardware is an exciting area.
Here are two companies in the RISC-V ecosystem: en.wikipedia.org/wiki/RISC-V -- that we are thrilled about:
en.wikipedia.org/wiki/SiFive
hex-five.com/
Hi Joseph,
Thank you for doing this AMA! How do you see the Kubernetes landscape evolving in 2019? Last year seemed to be about Kubes-as-a-Service offering from multiple cloud providers. Do you think eventually the easiest play will be to not roll your own cluster, and use the hosted offerings?
K8s is simultaneously becoming harder to learn, easier to run and more complex. Fun times!
Hosted offerings are maturing, but as are installers, products and many embedded offerings.
I expect more adoption exponentially across the board and K8s continuing to be abstracted away by higher level Operator tooling APIs, control planes, functions called via code itself/compilers and product centric services that totally hide the complexity.
K8s will become the replacement for EC2 style computing, but create far more efficiency and benefits than the cost of its complexity demands.
Hi Joseph, thanks for doing this AMA and KubeCon! I'm curious as to what criteria you use to evaluate the feasibility of COSS startup. Are there specific attributes you look for as an indicator for success?
Absolutely. We plan to write specifically about this soon. Much of the data we look at that influences thinking here is: oss.cash/
Stay tuned for a blog / podcast here soon.
Hey JJ, thanks for taking the time to join us. My question—
How do you explain how/why "open source software eats everything" to someone who is not very tech savvy?
I spent plenty of time over the holidays talking with friends/family about DEV being open-source, so I'd love to hear your approach and major talking points when talking about the opportunity of COSS.
What do you think about the new Firecracker tech announced at re:Invent? github.com/firecracker-microvm/fir...
Hi Joseph, thanks for doing the AMA. I'm curious what makes a potential COSS a good investment for your company? I can think of stuff like solid tech, community involvement/popularity perhaps, but I'm sure the list is longer than that 😉
Hey Joseph, I'm curious about your thoughts on the relationship of security and OSS. On the one hand, the "many eyes" philosophy suggests that OSS is a boon to security, while incidents like the Equifax breach suggest we are still faced with problems in this space. I'm personally hopeful for more sophisticated vulnerability scanning technology as a solution, but I'm curious what you think.
I believe the Open Source paradigm holds the potential to unearthing some of the best kinds of potential solutions to the worlds security problems.. on many levels. Network security: en.wikipedia.org/wiki/Snort_(softw... .. Data security. Hardware security: en.wikipedia.org/wiki/RISC-V ... Password security. Vulz/app-level security and more.
Trust is a fundamental element of security. The worlds largest "on-demand hack me network" for companies (HackerOne) reverse engineers many elements of Open Source in terms of disaggregating a unit of work across anyone on earth in service of connecting the best hackers with the top companies who want to be hacked.. to identify the best vulnerability solutions. Incentivizing them with bounties. HackerOne is doing extremely well. I think a purely commercial open source version of HackerOne (where the core infra/runtime was an open source project) could be very successful. Interestingly, the CEO of HackerOne is a friend and an incredible Open Source veteran: en.wikipedia.org/wiki/M%C3%A5rten_...
Hey JJ! Thanks for doing this AMA. What advice would you give to a newer software developer about getting involved in commercial open source?
Hey Ali! Getting involved effectively depends on what your goal is, but diving into the exciting and hyper-growth world of COSS as a new software engineer could be helped by a couple things, I think:
1) Learn about some of the largest and most successful COSS companies that build large software product businesses fundamentally on specific exciting OSS projects! This can serve to offer perspective on the business side of things and the general magnitude of the space at least at the higher end. To support this, I'd encourage folks to look at this spreadsheet: oss.cash/
2) Read Heather Meeker's book "Open (Source) for business": amazon.com/Open-Source-Business-Pr... -- we are deeply honored to have Heather as our founding partner at OSS Capital.
Oh awesome! Thank you so much -- great resources!
I am the founder of OpenDomain - we have donated domains worth millions to Open Source projects over the last 20 years. Domains including Drupal.com, OsCon.com, Xmpp.Org, Ecmascript.Org, FosDem.com, Schema.Org to Google, and WebPlatform.Org to the W3C. Unfortunately, we have not gotten a lot of love from OSS, so we are thinking about ending the project. We would love your opinion if we should continue. I am considering selling all my current domains (NoSql.Com, Free.TV, Xg.Org, 4NY.com, and more) to fund a new open source project: CharityCoin. CharityCoin is a 'Better bitcoin', where part of the mining goes towards charities. We won the techstart blockchain hackathon becuase we have a better PoW, but I am concerned about creating another altcoin because of the recent drop. Is there still room to create a new Coin? We also have a great idea on how to do an ICO without all the headaches.
Thanks for doing this JJ.
Has your thesis or expectations changed at all since you officially started OSS Cap?
What has gone as expected and what has surprised you?
Hi Ben! Thanks for having me.
Our thesis has remained the same: OSS Capital focuses exclusively on investing in and helping COSS companies.
I have, however, learned a few things over the past few months in our infancy:
1) The world is still far from understanding the magnitude and profoundness of COSS as a highly categorizable thing. We have a lot of educating to do, even with $70B+ in COSS M&A/IPOs/PE events in 2018 alone.
2) The world is still far from looking at COSS from a data-driven perspective and making conclusions from that data. A lot more people need to see this spreadsheet: oss.cash/
3) The COSS category is likely to be $10T+ (trillion) over the next 15 or so years. I originally thought it would be somewhere around $3-5T, but it is much bigger than that. I plan to blog soon on (conservative) data projections to support this.
4) There are far more COSS startups out there than we can invest in (even the absolute best ones at the earliest stages). :-( ... This is only true because we do not yet have billions of dollars to directly invest ourselves (this is a function of how large the COSS space is and our age), but stay tuned over the coming future! Constraints breed innovation!
5) Our thesis has only gotten broader and more expansive: software ate the world, OSS is eating software, OSS is then eating everything else: cloud (Kubernetes), hardware (RISC-V), etc... It is even more exciting on a daily basis to have the privilege to help founders build and grow the next leading COSS companies!
Looking at the chart, I see clearly RedHat dominating the market, generating half of the outcome. Why should I - as an investor - put my money in other companies than RedHat?
Don't get me wrong on that: I love to see more money being put into Open Source companies - I even work at a OSS Shop (we built among other things GPG4Win, the windows integration for GnuPG). But I see, that being Open Source comes more with a price, than it helps.
From our perspective, commercial open source has become more interesting and viable in the market in the past year or so.
It's hard to say if the right people are finding us now, or the macro trends have shifted, but it's easier to get people excited about the open source component of our future. But still hard to tell if that's sample bias based on things that have changed in our world.
I get the sense that the slowing down of blockchain mania has helped.
Hi JJ, is there a "why now" reason for open source, or has major investment in commercial open source always been feasible?
I believe the "Why now" can be answered in the context of Open Source 20 ~ years "in", since the creation of the definition Bruce Perens wrote in 1998...and even 35+ years "in" if we factor against the founding of Richard Stallman's Free Software as a movement before Open Source (read more about that history here: coss.media/five-decades-of-permiss...) ...
Here are the major changes over the last 15 ~ years that have made Open Source arguably the most significant movement in technology and, in particular, COSS (Commercial Open Source Software) a new kind of powerful and, I believe, the fastest growing category:
the rise of Git networks and developer populations globally: GitLab and GitHub did not exist and now they serve 40M+ developers, and DEV (this site) serves 5M+ developers, and growing exponentially
cloud computing: cloud basically did not exist and now it is huge
successful COSS examples: COSSI has grown from less than 5 companies to 44+ in half this time and from $10B~ to $145B+ in 6 years or so
the continued growth of developers globally: 40M developers globally today, and that number could be growing by 50% YOY over the coming decade, compounding ... this will be hundreds of millions of developers in a pretty short period ... the implications of this are profound
Hey JJ!
What are the main things to consider re: licensing when one intends to start a commercial oss project?
Have you seen big licensing issues arise when a side project ends up becoming a commercial project?
Hey Jess! My partner Heather Meeker is the world's foremost COSS licensing expert. She has written about some of the more exciting developments around the PolyForm project here: coss.media/polyform-open-core-lice...