When open source cloud development doesn’t play nice

Open source is a polarizing topic in IT and has been for most of my career. More emotions exist around using open source than any other technology. This could get worse with the rise of generative AI-based applications.

Using open source software for cloud-based development has become increasingly popular due to its cost, flexibility, and active community involvement. However, it’s essential to understand that using open source has potential downsides. There, I said it. Enterprises often end up with grossly underoptimized systems that cost way more than they should to operate. This is often hidden in overinflated budgets, and from the CIO to the board of directors, no one is the wiser.

Would you pay as much as 10 million dollars for a system that should cost $3 million to build? Worse, many of these systems cost 50% more in operational costs, largely due to poor architectural choices, such as pushing a specific cloud provider or pushing open source when other solutions would have returned more value to the business.

Those days could be coming to an end. As cloud spending is both criticized and analyzed from the top down, businesses are becoming savvier in how to build and run cloud computing solutions more efficiently.

By no means am I saying that open source is not the right solution. In many cases, it’s pushed onto solutions stacks for the wrong reasons. So, before you go back on me too hard, keep that in mind.

An open mind

One substantial concern related to open source software is the need for more professional or dedicated support than traditional software solutions or even many cloud services offer.

Remember that the cloud provider is merely “providing” the open source software. They are not typically supporting it beyond that. For more, you’ll need to look internally or in other places. 

Open source users, whether in the cloud or not, often have to rely on community resources, typically provided through forums or message boards, which takes time. This can impede cloud development progress in urgent, time-sensitive scenarios or complex issues. A developer told me once that she needed to attend a meeting of the open source community before she could have a resolution to a specific problem—a meeting that was five weeks out. That won’t work.

From a security standpoint, open source software can pose specific challenges. Although a community of developers regularly reviews such software, it can still harbor undetected vulnerabilities, primarily because its code is openly accessible.

For instance, some open source supply chain issues arose a few years ago. These vulnerabilities can become severe security threats without stringent security measures and frequent updates. These issues are not unsolvable; for the most part, you need to rely on yourself and not some proprietary software provider.


Open source software may also lack features or integrations that specific proprietary counterparts offer. Community-led updates or improvements might not prioritize features that could benefit a user or an enterprise. This could strain scalability and the software’s overall utility in cloud development.

Of course, some argue that open source systems are… well, open. You can get in there and add and fix features as needed. Those of us who have done that, me included, understand the amount of skill, time, and expertise it takes. Such a time delay won’t be looked upon kindly by the project managers just looking to complete and deploy a project. 

Another crucial element to consider is intellectual property. Although free to use, open source software still has licenses and must adhere to copyright laws. This could lead to legal hassles or damage an organization’s reputation if not handled wisely. I’ve been bitten in the butt a few times when something was not disclosed to me as a CTO, and it became an issue during the sale of the company and the intellectual property. In one case, it stopped the sale.

Lastly, employing open source software for cloud-based development demands more technical proficiency. I’m always very impressed by those who can leverage this software, given its DIY nature. It offers greater customization, but this flexibility can be a double-edged sword for users without the technological know-how. Try implementing some of this yourself; it’s an engineering project at best without a supporting open source company.

The trade-off

Of course, some open-source software providers do an excellent job of assisting users with installation and support. These days, I would only consider using open source with their involvement, no matter what. There is just too much that can go wrong, and in a sense, you’re getting the value of a proprietary solution, including support, etc., albeit at an additional cost, which can make many proprietary alternatives just as compelling.

It’s best to keep an open mind about open source (see what I did there?). Push the emotions out, including the fact that open source has been more polarizing than other technologies. Either I hear, “We’re an open-source-first company,” or “No open source here.” That really means, “We don’t like to think about what we’re doing, and we’re choosing to be partially underoptimized when leveraging cloud platforms that are not the right solution.”

It all comes down to looking at the actual business value of any technology, open source or not, cloud or not. All things must be considered in light of the value returned to the business, both hard and soft. Seems simple to me.

Copyright © 2023 IDG Communications, Inc.


This website uses cookies. By continuing to use this site, you accept our use of cookies.