Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[OSPO Book] Start Developments & Outlook CH with curated content from OSPOlogylive Notes #445

Open
wants to merge 25 commits into
base: main
Choose a base branch
from
Open
Changes from 23 commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
0ae7df6
[OSPO Book] initiate Developments & Outlook chapter with OSPOlogylive…
anajsana Mar 7, 2024
eb50e60
Update 06-chapter.md
anajsana Mar 7, 2024
3875649
Update 06-chapter.md
anajsana Mar 7, 2024
d8a3402
Update 06-chapter.md
anajsana Mar 7, 2024
c8de10f
Update 06-chapter.md
anajsana Mar 7, 2024
f0d39e2
Update 06-chapter.md
anajsana Mar 7, 2024
dfea53e
Update ospo-book/content/en/06-chapter.md
Mar 25, 2024
97f7ba7
Update ospo-book/content/en/06-chapter.md
Mar 25, 2024
dea375d
Update ospo-book/content/en/06-chapter.md
Mar 25, 2024
6d63cd2
Update ospo-book/content/en/06-chapter.md
Mar 25, 2024
744e1d7
Update ospo-book/content/en/06-chapter.md
Mar 25, 2024
2f9714d
Update ospo-book/content/en/06-chapter.md
Mar 25, 2024
91ee3c8
Update ospo-book/content/en/06-chapter.md
Mar 25, 2024
9767f2e
Update ospo-book/content/en/06-chapter.md
Mar 25, 2024
49955ce
Update ospo-book/content/en/06-chapter.md
anajsana Mar 25, 2024
5967e99
Update ospo-book/content/en/06-chapter.md
anajsana Mar 25, 2024
d89f53a
Update ospo-book/content/en/06-chapter.md
anajsana Mar 25, 2024
47dfd41
Update ospo-book/content/en/06-chapter.md
anajsana Mar 25, 2024
b2297df
Update ospo-book/content/en/06-chapter.md
anajsana Mar 25, 2024
5880dd1
Update ospo-book/content/en/06-chapter.md
anajsana Mar 25, 2024
12233bd
Update ospo-book/content/en/06-chapter.md
anajsana Mar 25, 2024
0684e63
Update ospo-book/content/en/06-chapter.md
anajsana Mar 25, 2024
8e57c13
Update ospo-book/content/en/06-chapter.md
anajsana Apr 2, 2024
06b17c4
Update ospo-book/content/en/06-chapter.md
anajsana Apr 2, 2024
6a1849a
Update ospo-book/content/en/06-chapter.md
anajsana Apr 2, 2024
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
106 changes: 102 additions & 4 deletions ospo-book/content/en/06-chapter.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,105 @@
---
title: "Chapter 6"
status: To be Done
weight: 80
title: "Recent Developments and Outlook"
status: Completed
weight: 60
---
Both organizations and the open source ecosystem are confronted with new challenges and opportunities, driven by regulatory changes, evolving licensing models, and increased public sector engagement. This chapter delves into the open source aspects of these challenges, shedding light on common situations and pain points that are shaping the future of how organizations integrate open source in their operations and technology stack.

# TBD
## Sustainability of Stewards in OSS

Content has been curated from the [OSPOlogyLive Apeldoorn Roundtable Discussion](https://github.com/todogroup/ospology/discussions/438#discussioncomment-8619964) and based on the CRA (Cyber Resilience Act) definition of Steward.

Check failure on line 10 in ospo-book/content/en/06-chapter.md

View workflow job for this annotation

GitHub Actions / Review docs

"Vale.Spelling"

Did you really mean 'Roundtable'?

Check failure on line 10 in ospo-book/content/en/06-chapter.md

View workflow job for this annotation

GitHub Actions / Review docs

"Vale.Spelling"

Did you really mean 'Cyber'?

### Government Funding Challenges
`🏛 Social-Gov-Oriented`

An ongoing challenge in governments is the inherent difficulty governments face in allocating funds for resources that are available for free. There is a strategic interest from governments to support open source software, but hurdles exist, including the potential complications arising from direct financial requests. This underscores the need for exploring alternative support infrastructures for stewardship organizations without directly soliciting government funding.

Check failure on line 15 in ospo-book/content/en/06-chapter.md

View workflow job for this annotation

GitHub Actions / Review docs

"proselint.Cliches"

'for free' is a cliche.

### The Commons Dilemma
`🏛 Social-Gov-Oriented`

The tragedy of the commons is notably present in the open source world, where disproportionate consumption by certain users exacerbates sustainability issues. Discussions suggested the need to strengthen infrastructure support to mitigate these disparities and ensure a more balanced contribution and consumption model within the open source community.

### Community Norms and Funding Strategies
`🏛 Social-Gov-Oriented`

Establishing community norms around the costs associated with SBOM delivery and compliance has been proposed as an idea. This could involve suggesting a donation model based on organization size to account for the rising costs of compliance. Additionally, the role of risk mitigation as a motivation for organizations to invest in open source was discussed, alongside the potential for government agencies to contribute indirectly to open source projects through third parties.

### Policy and Funding Initiatives
`🏛 Social-Gov-Oriented`

The possibility of the EU mandating open source as a requirement for Horizon Europe funding suggests a growing recognition of the value of open source at the policy level. There is an ongoing discussion on strategic funding models, like the German sovereign tech fund, and the potential for government roles in supporting open source.

Note: Horizon Europe is the EU’s key funding programme for research and innovation.

### Challenges in Open Source Sustainability
`📈 Business-Oriented`

The underfunding of crucial projects like Django, and the broader issue of maintainers being underpaid or volunteering, underscores the sustainability challenges within the open source ecosystem. The critical role of vulnerability management and the need for corporate contributions to open source have been highlighted as areas requiring attention and action.
anajsana marked this conversation as resolved.
Show resolved Hide resolved

### Training and Education as Funding Avenues
`🏛 Social-Gov-Oriented`

The potential for integrating training about open source within government contracts is seen as a means to provide both funding for open source organizations and valuable training for employees. This represents an approach to leveraging existing procurement processes to support open source sustainability.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we be clearer about how trainings contribute to funding open-source organizations? Is it expected that the organization would sell training as a service?



## OSPOs for Container Capabilities
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think Kubernetes and platforms are only an example of open source used. We should somehow indicate that this is only one example.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, it's unclear why containers are singled out as an example. We should make it clear why it's profiled here or make it more generic.


Content has been curated from the [OSPOlogyLive Apeldoorn Roundtable Discussion](https://github.com/todogroup/ospology/discussions/438#discussioncomment-8620412) and based on the adoption of open source software (OSS) for container orchestration, particularly Kubernetes, and its implications for IT strategy in organizations.

Check failure on line 47 in ospo-book/content/en/06-chapter.md

View workflow job for this annotation

GitHub Actions / Review docs

"Vale.Spelling"

Did you really mean 'Roundtable'?

### OSPOs working with Container Hosting Infrastructure Teams

Teams dedicated to this infrastructure, focusing on aspects such as image repositories and platform enablement, collaborate closely with OSPOs to support container infrastructure and capabilities. Initiatives like the Cloud Platform Engineering Team (CPET) has been highlighted for their efforts in publishing self-built operators, such as the Platform as a Service (PaaS) Operator, which automates tasks like initiating namespaces or projects on Kubernetes platforms.

Check failure on line 51 in ospo-book/content/en/06-chapter.md

View workflow job for this annotation

GitHub Actions / Review docs

"Vale.Spelling"

Did you really mean 'enablement'?

Check failure on line 51 in ospo-book/content/en/06-chapter.md

View workflow job for this annotation

GitHub Actions / Review docs

"Vale.Spelling"

Did you really mean 'namespaces'?
anajsana marked this conversation as resolved.
Show resolved Hide resolved
anajsana marked this conversation as resolved.
Show resolved Hide resolved

#### Commercial vs. Open Source for Kubernetes Deployment
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same comment applies - can we be clearer about why we are profiling k8s ecosystem?


A central point of debate was the choice between adhering to premium advisors' recommendations for using commercial services for Kubernetes deployment versus exploring open source alternatives. Given the wide array of Kubernetes distributions, this decision involves complex considerations. The discussion emphasized the importance of finding a middle ground that appreciates the advantages of OSS while also recognizing the ethical imperative to contribute to its sustainability.

### Choosing Additional OSS Capabilities
`🏛 Social-Gov-Oriented`

The criteria for integrating additional OSS capabilities into commercial Kubernetes platforms include the popularity of the OSS, the contributor community's size, vendor support, adherence to standards such as OpenTelemetry, and alignment with the Cloud Native Computing Foundation (CNCF) ecosystem. Concerns are raised about copyright control and the potential pitfalls of centralized code ownership.

### Maturity and Reliability of OSS for Enterprise Use
`📈 Business-Oriented`

Ongoing discussion on the maturity and reliability of OSS for meeting enterprise needs for speed, robustness, and reliability. It has been acknowledged that while commercial vendors might offer support, success is not guaranteed. The necessity for organizations to have skilled teams capable of navigating the complexities of container orchestration and Kubernetes to maintain operational resilience was stressed.


## Sustainable IT
anajsana marked this conversation as resolved.
Show resolved Hide resolved
`🏛 Social-Gov-Oriented`
`📈 Business-Oriented`
Content has been curated from the [OSPOlogyLive Apeldoorn Roundtable Discussion](https://github.com/todogroup/ospology/discussions/439#discussioncomment-8630343) and based on what constitutes sustainability, especially in terms of its impact on the climate.

The concept of sustainable IT has recently surged to the forefront of strategic discussions within governments and enterprises, emphasizing the need for a cohesive understanding and implementation of sustainable practices within information technology systems.
anajsana marked this conversation as resolved.
Show resolved Hide resolved

A core challenge highlighted was the difficulty in defining what precisely constitutes sustainability in the IT domain, particularly concerning its impact on the climate. Key issues discussed included:

- The environmental footprint left by IT systems and the critical need for sustainable resource utilization.
- The potential of optimizing code and power usage, alongside fostering collaboration, to significantly advance sustainability goals.
- The invaluable role of open source software in facilitating the sharing of algorithms and knowledge, thereby improving the efficiency of resource use.

To address these challenges, the participants from the roundtable proposed several key strategies for enhancing sustainability in IT:

- Recognizing and rewarding government efforts that promote sustainability.
- Advocating for the standardization of sustainable hardware use across governmental bodies.
- Stressing the importance of embedding sustainability into policy frameworks and accountability measures to ensure long-term commitment and integration.

### Recommendations

- Addressing the lack of concrete data:
- Implement continuous monitoring of power usage and workload distribution to reduce idle time for machines.
- Improve reporting and feedback mechanisms focused on energy consumption to support informed policy-making.

- Elevating sustainability as a policy objective:
- Embed sustainability considerations into annual reports and accountability frameworks to underscore its significance.
- Champion sustainability as a critical agenda item for government officials and agencies.

- Overcoming resistance to change:
- Set clear sustainability benchmarks for agencies to encourage the adoption of green practices by simplifying the transition.
- Advocate for a reevaluation of the current demand for computing power to identify areas where reductions are feasible and beneficial.
- Implement dashboarding and raise awareness at all organizational levels to foster a culture of sustainability.


## Resources

- [OSPOlogyLive Apeldoorn Knowledge Archive](https://github.com/todogroup/ospology/tree/main/ospology-live/2024-february-apeldoorn)
Loading