Luke Kanies, the creator of Puppet, commented in his last entry about open source business models, specifically the idea of an open core and what that means. As an open source company, do you have an open version of your product crippled? Or do you have an open version of your product that is truly useful?
This was the crux of the questions I asked all the Sonatype CEO candidates, and this turned out to be the reason it took me almost 8 months to interview 17 candidates to ferret out the right person. It was a grueling process to find Mark de Visser, but I was adamant, and our VCs, Hummer Winblad and Morgenthaler, were patient and let me take my time to find the exact right match. I got pretty ornery at one point. I thought I would never find the right person in Silly Valley.
The open source product you provide to users must be great: the open core should stand on its own as something truly useful, without any additional commercial add-ons. The software must perform well in a production environment.
The open source product you provide should undergo ungodly testing and QA. Testing and QA on the open core are the cornerstone of quality and should not be reserved for commercial versions of your product.
The open source product you provide should be architected so that all commercial features are plug-ins to the open core.
The open source product you sell should have completely open pricing. If someone cannot clearly see what your pricing is and what the difference is between your open and commercial versions, you likely have a predatory and opportunistic pricing model.
At Sonatype, I can say that I feel internally consistent about our process and our products. I'm satisfied that we have achieved the right balance between our open core and the commercial plugins. I feel internally consistent about the way we have participated as individuals in the community. While I've spent a decade contributing to open source software, I'm also aware that I occasionally need to eat.
The open source version of Sonatype Nexus Repository is good and stands on its own. People can use it in production environments. We have an enormous amount of integration tests with coverage reporting. We have dedicated QA staff, and we'll be taking the next step with help from Patrick Lightbody to setup completely automated, x-browser, Selenium testing in mid-March.
We have a modular platform where the commercial features are a clear superset of the Sonatype Nexus Repository core. We have no special branches for the Sonatype Nexus Repository core for the commercial version. All of our QA and testing for the core happen in the open. Our commercial SCM contains nothing but plug-ins, and our build simply drops those plug-ins into the core structure where they are detected on startup and activated.
In a Sonatype Nexus Repository plugin, core functionality can be added, UI features, REST services, and security capabilities. When a plugin is detected, all these capabilities contribute to well defined extension points in the core and are automatically wired in. We have no additional code for the core in the commercial version of Sonatype Nexus Repository. We don't need to. We are still working through our APIs, but users in the community have already contributed plug-ins (the first was a plugin to integrate Sonatype Nexus Repository with Atlassian's Crowd product) and everyone can extend Sonatype Nexus Repository in the same way Sonatype does. That does mean we have to make sure that we provide a lot of value in the commercial version, and that's fine with us.
Our pricing model is also completely open. I think Atlassian has this right without question. Atlassian is more like an open source company than most open source companies. If you show everyone the same thing, you don't have to remember the variations that will get you in trouble. If you don't have a clear pricing model driven by channels and inside sales, you're just dead as a company. The days of enterprise elephant hunting are over. Potential customers who start as your open core users need to see exactly what they get and how much it costs. If they can make all the decisions by easily trying your commercial product and comparing features, then you have a viable company. It's all about being truly open.