[OSPO Book] Start Developments & Outlook CH with curated content from OSPOlogylive Notes #445
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,105 @@ | ||
| --- | ||
| title: "Recent Developments and Outlook" | ||
| status: Completed | ||
| weight: 60 | ||
| --- | ||
| Both organizations and the open source ecosystem are confronted with new challenges and opportunities, driven by regulatory changes, evolving licensing models, and increased public sector engagement. This chapter delves into the open source aspects of these challenges, shedding light on common situations and pain points that are shaping the future of how organizations integrate open source in their operations and technology stack. | ||
|
|
||
| ## Sustainability of Stewards in OSS | ||
|
|
||
| Content has been curated from the [OSPOlogyLive Apeldoorn Roundtable Discussion](https://github.com/todogroup/ospology/discussions/438#discussioncomment-8619964) and based on the CRA (Cyber Resilience Act) definition of Steward. | ||
|
|
||
| ### Government Funding Challenges | ||
| `🏛 Social-Gov-Oriented` | ||
|
|
||
| An ongoing challenge in governments is the inherent difficulty governments face in allocating funds for resources that are available for free. There is a strategic interest from governments to support open source software, but hurdles exist, including the potential complications arising from direct financial requests. This underscores the need for exploring alternative support infrastructures for stewardship organizations without directly soliciting government funding. | ||
|
|
||
| ### The Commons Dilemma | ||
| `🏛 Social-Gov-Oriented` | ||
|
|
||
| The tragedy of the commons is notably present in the open source world, where disproportionate consumption by certain users exacerbates sustainability issues. Discussions suggested the need to strengthen infrastructure support to mitigate these disparities and ensure a more balanced contribution and consumption model within the open source community. | ||
|
|
||
| ### Community Norms and Funding Strategies | ||
| `🏛 Social-Gov-Oriented` | ||
|
|
||
| Establishing community norms around the costs associated with SBOM delivery and compliance has been proposed as an idea. This could involve suggesting a donation model based on organization size to account for the rising costs of compliance. Additionally, the role of risk mitigation as a motivation for organizations to invest in open source was discussed, alongside the potential for government agencies to contribute indirectly to open source projects through third parties. | ||
|
|
||
| ### Policy and Funding Initiatives | ||
| `🏛 Social-Gov-Oriented` | ||
|
|
||
| The possibility of the EU mandating open source as a requirement for Horizon Europe funding suggests a growing recognition of the value of open source at the policy level. There is an ongoing discussion on strategic funding models, like the German sovereign tech fund, and the potential for government roles in supporting open source. | ||
|
|
||
| Note: Horizon Europe is the EU’s key funding programme for research and innovation. | ||
|
|
||
| ### Challenges in Open Source Sustainability | ||
| `📈 Business-Oriented` | ||
|
|
||
| The underfunding of crucial projects like the Python package, Django, and the broader issue of maintainers being underpaid or volunteering, underscores the sustainability challenges within the open source ecosystem. The critical role of vulnerability management and the need for corporate contributions to open source have been highlighted as areas requiring attention and action. | ||
|
|
||
| ### Training and Education as Funding Avenues | ||
| `🏛 Social-Gov-Oriented` | ||
|
|
||
| The potential for integrating training about open source within government contracts is seen as a means to provide both funding for open source organizations and valuable training for employees. This represents an approach to leveraging existing procurement processes to support open source sustainability. | ||
|
|
||
|
|
||
| ## OSPOs for Container Capabilities | ||
|
There was a problem hiding this comment. I think Kubernetes and platforms are only an example of open source used. We should somehow indicate that this is only one example. There was a problem hiding this comment. Agreed, it's unclear why containers are singled out as an example. We should make it clear why it's profiled here or make it more generic. |
||
|
|
||
| Content has been curated from the [OSPOlogyLive Apeldoorn Roundtable Discussion](https://github.com/todogroup/ospology/discussions/438#discussioncomment-8620412) and based on the adoption of open source software (OSS) for container orchestration, particularly Kubernetes, and its implications for IT strategy in organizations. | ||
|
|
||
| ### OSPOs working with Container Hosting Infrastructure Teams | ||
|
|
||
| Teams dedicated to this infrastructure, focusing on aspects such as image repositories and platform enablement, collaborate closely with OSPOs to support container infrastructure and capabilities. Initiatives like [Container Platform Enable Team (CPET), a team at the Dutch Tax Administration's Generieke Facilities unit](https://striive.com/nl/opdrachten/capgemini-nederland-bv---yf/lead-transformatie/capgemini-nederland-bv---yf/senior-openshift-engineer---belastingdienst/31e003f6-1a1a-4321-961b-5a1c217c8930), have been highlighted for their efforts in publishing self-built operators, such as the [Project as a Service (PaaS) Operator](https://tweakers.net/plan/4002/de-belastingdienst-als-it-werkgever-cloud-native-wordt-de-standaard.html), which automates tasks like initiating namespaces or projects on Kubernetes platforms. | ||
|
|
||
| #### Commercial vs. Open Source for Kubernetes Deployment | ||
|
There was a problem hiding this comment. Same comment applies - can we be clearer about why we are profiling k8s ecosystem? |
||
|
|
||
| A central point of debate was the choice between adhering to premium advisors' recommendations for using commercial services for Kubernetes deployment versus exploring open source alternatives. Given the wide array of Kubernetes distributions, this decision involves complex considerations. The discussion emphasized the importance of finding a middle ground that appreciates the advantages of OSS while also recognizing the ethical imperative to contribute to its sustainability. | ||
|
|
||
| ### Choosing Additional OSS Capabilities | ||
| `🏛 Social-Gov-Oriented` | ||
|
|
||
| The criteria for integrating additional OSS capabilities into commercial Kubernetes platforms include the popularity of the OSS, the contributor community's size, vendor support, adherence to standards such as OpenTelemetry, and alignment with the Cloud Native Computing Foundation (CNCF) ecosystem. Concerns are raised about copyright control and the potential pitfalls of centralized code ownership. | ||
|
|
||
| ### Maturity and Reliability of OSS for Enterprise Use | ||
| `📈 Business-Oriented` | ||
|
|
||
| Ongoing discussion on the maturity and reliability of OSS for meeting enterprise needs for speed, robustness, and reliability. It has been acknowledged that while commercial vendors might offer support, success is not guaranteed. The necessity for organizations to have skilled teams capable of navigating the complexities of container orchestration and Kubernetes to maintain operational resilience was stressed. | ||
|
|
||
|
|
||
| ## Sustainable IT | ||
anajsana marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| `🏛 Social-Gov-Oriented` | ||
| `📈 Business-Oriented` | ||
| Content has been curated from the [OSPOlogyLive Apeldoorn Roundtable Discussion](https://github.com/todogroup/ospology/discussions/439#discussioncomment-8630343) and based on what constitutes sustainability, especially in terms of its impact on the climate. | ||
|
|
||
| The concept of sustainable IT has recently surged to the forefront of strategic discussions within governments and enterprises, emphasizing the need for a cohesive understanding and implementation of sustainable practices within information technology systems. | ||
anajsana marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| A core challenge highlighted was the difficulty in defining what precisely constitutes sustainability in the IT domain, particularly concerning its impact on the climate. Key issues discussed included: | ||
|
|
||
| - The environmental footprint left by IT systems and the critical need for sustainable resource utilization. | ||
| - The potential of optimizing code and power usage, alongside fostering collaboration, to significantly advance sustainability goals. | ||
| - The invaluable role of open source software in facilitating the sharing of algorithms and knowledge, thereby improving the efficiency of resource use. | ||
|
|
||
| To address these challenges, the participants from the roundtable proposed several key strategies for enhancing sustainability in IT: | ||
|
|
||
| - Recognizing and rewarding government efforts that promote sustainability. | ||
| - Advocating for the standardization of sustainable hardware use across governmental bodies. | ||
| - Stressing the importance of embedding sustainability into policy frameworks and accountability measures to ensure long-term commitment and integration. | ||
|
|
||
| ### Recommendations | ||
|
|
||
| - Addressing the lack of concrete data: | ||
| - Implement continuous monitoring of power usage and workload distribution to reduce idle time for machines. | ||
| - Improve reporting and feedback mechanisms focused on energy consumption to support informed policy-making. | ||
|
|
||
| - Elevating sustainability as a policy objective: | ||
| - Embed sustainability considerations into annual reports and accountability frameworks to underscore its significance. | ||
| - Champion sustainability as a critical agenda item for government officials and agencies. | ||
|
|
||
| - Overcoming resistance to change: | ||
| - Set clear sustainability benchmarks for agencies to encourage the adoption of green practices by simplifying the transition. | ||
| - Advocate for a reevaluation of the current demand for computing power to identify areas where reductions are feasible and beneficial. | ||
| - Implement dashboarding and raise awareness at all organizational levels to foster a culture of sustainability. | ||
|
|
||
|
|
||
| ## Resources | ||
|
|
||
| - [OSPOlogyLive Apeldoorn Knowledge Archive](https://github.com/todogroup/ospology/tree/main/ospology-live/2024-february-apeldoorn) | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we be clearer about how trainings contribute to funding open-source organizations? Is it expected that the organization would sell training as a service?