Choosing the right open-source project to use can be quite challenging – not knowing if it’s going to be the right fit, how it will behave, and if you end up wasting time trying to make it all work. We’ve all been there. But what if I told you there’s a practical way to have a clear understanding of how to incorporate an OSS project in your environment? In this talk, I’m going to speak about the DevOps perspective on open-source and the challenges Infra-focused engineers have with choosing the right project for their environment. As a DevOps Engineer, I’ve seen a lot of things, stumbled upon a lot of non-based decisions, and so will present practical advice on how to choose an OSS project for your dev/prod environment and will talk about the business mindset you should have to evaluate the key indicators based on your needs and specific pain points.
OSCamp Kubernetes 2024 | SRE Challenges in Monolith to Microservices Shift at...
stackconf 2023 | Open-Source: Open Choice – A DevOps Guide for OSS Adoption by Hila Fish
1. Open Source:
Open Choice
A DevOps Guide for OSS Adoption
LinkedIn: Hila Fish twitter: @Hilafish1
Hila Fish
Senior DevOps / Infrastructure Engineer / SRE @ Wix.com
2. Open Source: Open Choice
Senior DevOps Engineer / SRE @ Wix.com
15 years experience in tech
AWS Community Builder, Hashicorp Ambassador
DevOpsDays TLV core organizer
Mentor @ courses, communities
DevOps culture fan
Lead singer in a cover band
🎤
Hi! I’m Hila Fish
7. Today
A rich developer community
1. Based on knowledge
2. Relies on
communication
& collaboration
Open Source: Open Choice
8. “Open-source is an enabler of
innovation, giving
organizations access to a
global pool of talent and the
tools to develop secure,
reliable and scalable software
– fast.”
Maneesh Sharma,
General Manager of GitHub India
Open Source: Open Choice
9. “The organizations that are
most effectively speeding up
business transformation are
those who have turned to
open-source software
development to succeed in a
fast-changing, digital world.”
Open Source: Open Choice
Maneesh Sharma,
General Manager of GitHub India
10. Open Source Contributions Index
Aug 2023:
Open Source
Boosts Your:
1. Code Quality &
Security
Open Source: Open Choice
11. Photo by yuvi's picworld from Pexels
Open Source
Boosts Your:
1. Code Quality & Security
2. Adaptivity
Open Source: Open Choice
12. Photo by Joel Filipe on Unsplash
Open Source
Boosts Your:
1. Code Quality & Security
2. Adaptivity
3. Agility
Interesting read by Ben Balter about Open-
Source adoption
Open Source: Open Choice
14. Open Source
library
Will it get
integrated in
my code
properly?
Open Source: Open Choice
Developers
Functionality
What efforts
are needed to
do so?
refactoring?
15. Open Source
library / project
Will it get
integrated in
my code
properly?
Maintenance
...?
How well will it get
integrated into the
environment?
Security
...?
Open Source: Open Choice
DevOps
Environment
Developers
Functionality
What efforts
are needed to
do so?
refactoring?
16. When it comes to Challenges,
collaboration leads to better conclusions and
solutions.
Developers
DevOps
Open Source: Open Choice
17. Treat OSS as Tools
and ask: do you want
to introduce it to
your system?
Automate
this ...
Help me
deliver
code...
Introduce a
capability ...
Open Source: Open Choice
Developers
DevOps
28. Disadvantages:
Adopting Open Source
1. Security by obscurity – Not Applied
2. Prone to abuse
3. Compliance
4. Not always entirely free
Open Source: Open Choice
29. Disadvantages:
Adopting Open Source
1. Security by obscurity – Not Applied
2. Prone to abuse
3. Compliance
4. Not always entirely free
5. Discontinued projects
Open Source: Open Choice
30. Disadvantages:
Adopting Open Source
1. Security by obscurity – Not Applied
2. Prone to abuse
3. Compliance
4. Not always entirely free
5. Discontinued projects
6. Support Not guaranteed. ”Assume good faith”
Open Source: Open Choice
31. Disadvantages:
Adopting Open Source
1. Security by obscurity – Not Applied
2. Prone to abuse
3. Compliance
4. Not always entirely free
5. Discontinued projects
6. Support Not guaranteed. ”Assume good faith”
7. * SaaS Alternatives
Open Source: Open Choice
32. Conclusions:
Adopting Open Source
1. There’s no right or wrong, it’s a matter of perspective.
2. There are multiple factors to consider.
Choose what’s best for your needs.
I ❤ OSS
Open Source: Open Choice
33. How Do We Choose
an Open-Source
Project?
I ❤ OSS
Open Source: Open Choice
34. 1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
Choose an Open-Source
project that’s right for
YOU.
Open Source: Open Choice
35. 1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
❏ GitHub Stars
❏ Part of CNCF / Incubator?
❏ Google it alone, check for
online presence
❏ Google it vs similar products,
check for reviews
Open Source: Open Choice
36. ❏ Commits rate - daily/weekly/monthly?
❏ Number of issues
❏ Number of releases
❏ Is it maintained by one developer or more/sponsors?
1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
Open Source: Open Choice
37. 1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
❏ Known vulnerabilities?
❏ Supply chain considerations
Open Source: Open Choice
Tools for checking security risk open
source dependencies
38. 1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
❏ Is the project declared as
production ready?
❏ Are the current features
enough to sustain usage?
❏ Is my use case covered fully in
the current state, and if not –
am I ok with it?
Open Source: Open Choice
39. 1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
❏ Is the documentation clear?
❏ Does it cover most aspects?
how to integrate
known issues
explanations about features
Open Source: Open Choice
40. 1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
❏ Are users engaged on GitHub?
❏ Does it have a dedicated
community channel?
(Slack/Telegram/Discord/Other)
Open Source: Open Choice
41. 1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
❏ POC satisfaction
Ratio - amount of time to implement <>
integration is done)
❏ Issues on GitHub are about
features or “how do I do x?”
Open Source: Open Choice
42. 1. Is it Popular?
2. Is it Active?
3. Is it Secured?
4. Is it Ready?
5. Is it Documented?
6. Does it have an
Ecosystem?
7. Is it Easy to Use?
8. Roadmap?
❏ Is the project defined as an
open-source, or is it planned
to go towards monetization?
❏ Features planning
Open Source: Open Choice
43. How To Choose an OSS Project
1. Ask the general questions – cover the basics
I ❤ OSS
➔ Is the project in a ready-enough state?
Basic metrics
Open Source: Open Choice
44. How To Choose an OSS Project
1. Ask the general questions – cover the basics
2. Ask the tailored-specific questions – cover your use case and pain points
I ❤ OSS
➔ Is the project in a ready-enough state?
Basic metrics
➔ Heavy use case?
Focus on Documentation + Ecosystem metrics
➔ No capacity for maintenance?
Focus on Readiness & Ease of Use metrics
Specifically, to meet your use case/pain points
Open Source: Open Choice
45. I ❤ OSS
How To Choose an OSS Project
3. POC
4. Rely on your research –
Ecosystem to the rescue
Engage in GitHub - raise issues/
contribute for its (and your) success
Open Source: Open Choice
46. I ❤ OSS
How To Contribute Without Writing
Code
1. Open Issues - bug Fixes / Feature requests
2. Modify documentation
3. Share your use case – write blog posts (i.e. Script-Server)
4. Share tools you’ve found with colleagues and techy friends
5. Company/individuals sponsorship
6. Hold an open-source mindset
7. Spread the word on Open-Source at conferences 😃
Open Source: Open Choice