Docker apologizes for alarming open-source community
Getting your Trinity Audio player ready...
|
The fact that open-source software (OSS) has been adopted so widely, featuring in a broad range of digital tools and applications, and being used by governments and industry should be cause for celebration. And on many fronts, it is. Joining an open-source project is a great way for developers to hone their skills and forge a path in the IT sector. Government support for OSS can be found on almost every continent, with hundreds of policies introduced worldwide – a fact highlighted by the US-based Center for Strategic and International Studies (CSIS) in its January 2023 report. OSS can spearhead digitization and enable interoperability – echoed by the CSIS findings – but the model can throw up some issues too, particularly where OSS and commercial operations intersect. And there are lessons to be learned, as Docker’s sunsetting of its Free Team subscription tier highlights.
Relationship issues
In Docker’s case, the biggest takeaway is the need for clear communications, which goes beyond OSS. But failure to acknowledge, or temporarily overlooking, the spirit of open-source development can quickly put companies at odds with the OSS community. With paid-for software, the relationship is clear – there are users and vendors. Developers are paid by their employers, the vendors, and the customers are the users. But those developers may choose to create OSS for free, in their own time, and users could be vendors, governments, students, teachers, any citizen running a web browser or mobile app – the list is long. Some OSS developers may have no association with vendors, but can find themselves becoming entangled in corporate operations when libraries break.
Surprises are a good thing if it’s your birthday. But because so many of today’s applications are built using reusable code, including OSS projects and libraries, removing any of those key elements can have major implications. Events need to be planned for and it’s good practice to give developers notice of upcoming changes, which gets to the heart of the Docker issue.
Docker is keen to encourage members of its Free Team tier to move across to a paid-for plan or apply to join its Docker-Sponsored Open-Source Program. According to Docker, this option better serves the open-source audience and includes benefits that exceed the depreciated Free Team plan. But the sign-up process isn’t instantaneous. Also, applications must satisfy a range of criteria, such as the project being in active development (defined as having image updates being pushed regularly within the past six months or featuring dependencies that are updated regularly, even if the project source code is stable).
Unexpected news from Docker
Having received an unexpected email from Docker announcing the sunsetting of its Free Team subscriptions, some projects are now scrambling to make sure that images remain available to the community. It’s unclear why Docker – which provides developers with the means to package and deploy applications in a consistent and portable way, using containers – thought that the OSS community would react well to the message. Perhaps the small number of affected users caused the firm to dismiss the prospect of negative feedback? But whatever the reason, Docker quickly moved to clarify its decision and published a more detailed explanation on its blog. Note – that the company isn’t rolling back on its sunsetting announcement. Instead, it offered an apology. “We did a terrible job announcing the end of Docker Free Teams,” wrote Docker in the blog post’s headline.
If you’re wanting evidence of the alarm shown by the open-source community, it’s worth tuning into episode 502 of Linux Unplugged. And Docker’s blog post, which includes 12 FAQ style entries, still leaves users with key questions unanswered. For example, if you visit the issues thread on the company’s docker/hub-feedback github page it’s clear that user concerns remain, even with the clarification that Docker won’t be deleting images. Docker users point out that abandoned images could lead to security holes, if bugs are no longer fixed due to frozen maintenance. Also, there are concerns about signposting. If teams transfer their images elsewhere, how will they let users that may depend on the project know? For example, if the hub pages no longer remain, what happens to the documentation?
The Linux Unplugged team points out that this isn’t the first time that Docker has dialed down on the capabilities of its free category of services. In 2020, Docker announced pull rate limits on its subscription offerings – 100 pulls per 6 hours (or 200 pulls per 6 hours, for authenticated users) on the free tier, and 50,000 pulls in 24 hours on Pro and Team plans. But in this case, the changes to the terms of service took effect on the 1st of November, 2020, with notice being given much earlier in the year.
Docker containers are popular tools for developers and Docker Hub is a useful repository for images that support open-source projects. But Docker would do well to note that developers don’t like being wrong-footed and well-planned announcements will trump sunsetting surprises every time.