Sponsored By

Red Hat CEO Jim Whitehurst: How Open Source Stopped Being 'Scary'Red Hat CEO Jim Whitehurst: How Open Source Stopped Being 'Scary'

Red Hat's boss on how open source enables innovation and the cloud, disrupts IT, and might make the world better. Also: Will the IBM acquisition threaten Red Hat's unique culture?

Mitch Wagner

February 13, 2019

18 Min Read
Red Hat CEO Jim Whitehurst: How Open Source Stopped Being 'Scary'

Jim Whitehurst had a nice job as chief operating officer of Delta Airlines in 2008, when he switched career tracks to take a position as CEO of Red Hat. Since then, he's been at the forefront of a historical shift in the technology industry, as open source has made the transition from maverick and dangerous -- a "scary, cult-like thing," in Whitehurst's own words -- to mainstream.

Nothing makes mainstream business sit up and take notice like money, and by that measure, Red Hat Inc. (NYSE: RHT) has turned the business world upside down not once but at least twice. The company went public in 1999 for a market cap of nearly $5 billion a day after its debut.

Last year, IBM Corp. (NYSE: IBM) announced its pending acquisition of Red Hat for $34 billion, which would see Red Hat continue to operate as an independent business unit under the Red Hat umbrella, with Whitehurst remaining in charge. (See How Red Hat Could Give IBM's Telco Strategy a New Lease of Life and IBM-Red Hat: A Crazy Plan That Might Work.)

We talked with Whitehurst one-on-one about how open source became mainstream, what that means to organizations that adopt it, and the future of Red Hat's open source mission under IBM's stewardship.

Continue on to see what Whitehurst had to say, edited lightly for readability.

I kicked off the discussion by asking how open source moved from outsider to the mainstream of software development...

Whitehurst: The nexus of innovation has moved from proprietary software to open source. There are a lot of things that led to that. A large part is that the big Web 2.0 companies, which are on the leading edge of a lot of innovation, developed their infrastructure in open source. If you look at big data, if you look at AI and machine learning, if you look at anything around DevOps, all those innovations are happening in open source.

Google and Facebook and Amazon and LinkedIn etc., solve problems for themselves. They're not building software with a sale in mind, and so they're happy to give it away and have other people help, because it makes their construction run better, or gets features out on timeline faster.

Figure 1: Red Hat's Jim Whitehurst Red Hat's Jim Whitehurst

Light Reading is bringing together all of the key players in the automation revolution in a NEW location! Don't miss the Telco Automation Everywhere event on April 2 in New York City. Join us as we tackle the business and technology challenges behind building autonomous networks. This event is free for communications service providers -- register today!

Hadoop and all this stuff around big data started off with Google having had this problem of indexing the World Wide Web. Google developed Bigtable, and wrote an article about it. Yahoo said, "Wow, we have a similar problem," and started Hadoop. Yahoo open sourced it, and out of that built this whole big data movement.

It started off with a problem a web company had, and then vendors have swooped in and said, "How do we apply that to other use cases?" And now you have banks using Hadoop for fraud detection.

Similarly, Kubernetes was developed solving a Google problem of container management, and now vendors have swept in and said, "Well, that's relevant to other people."

Also, open source has become important to recruitment. I hear over and over again from our large customers, "You have to help me convince my legal department that our developers need to be able to contribute to open source projects, because if they can't, I can't hire them."

Your GitHub account and your contributions to open source projects become core parts of your resume.

Ten years ago, open source was about creating open source alternatives to traditional pieces of software. Linux looks a lot like Unix. The JBoss application server looks a lot like WebSphere and WebLogic. MySQL and PostgreSQL take on a traditional database. LibreOffice looks like Microsoft Office. We used to call it "commoditization of technology." We were trying to make open source alternatives to traditional software.

Then open source went from, "Let me make an open source alternative" to actually driving the pace of innovation. There are not proprietary alternatives to Hadoop that Hadoop was copying. That was new functionality that was needed.

I see this all the time with customers. We used to go in and talk about the feeds and speeds of our products versus proprietary ones. Now the conversations are very much about future technology, "How am I going to run big data workloads in a hybrid cloud? "What's the roadmap for Kubernetes to ultimately be able to help me do that?"

Open source, in CIOs' minds, has gone from being "Oh, this is something my purchasing people and engineers do to save money or because they like it," to, "Oh my God, I cannot innovate without open source. I certainly can't build a developer toolchain that's going to be effective, efficient and fast without using open source. I can't do big data or analytics or machine learning, any of that, without using open source."

Open source has now gone from being this kind of scary, cult-like thing, to the only way to do innovation in a whole bunch of categories. As soon as that happened, that's the blip when all of a sudden it became truly mainstream, because it was no longer, "Oh, this is interesting to my developers, and they can go play around with it," to, "This is mission critical to the business, because if I go to my CIO and say, 'I don't have a big data strategy or an AI strategy,' I'll lose my job, and I can't have an AI strategy without contributing to open source."

LR: How does the prevalence of open source change how business and IT is done?

Whitehurst: It pretty radically disrupts the traditional IT model in multiple ways. If you thought about a CIO 20 years ago, much of what you were doing is you were picking partners and you were integrating these boxed package solutions. So, a lot of what you had to do was say, "Well, am I picking the right partner, and am I going to trust that they're going to be able to support me?" If you look to how most markets developed then, you would have two or three significant players in a category. (See Not Business as Usual: Open Source Changes IT Operations.)

So, let's look at databases. You had Oracle, you had [IBM] DB2. Look at ERP systems. You had SAP, you have the Siebel stuff that Oracle bought.

Next page: Where's the throat you can choke?

In open source, it's unclear where the vendors are. So it's not about, "Let me choose vendors that I trust and trust them to make technology decisions." A lot of these things are not built with an enterprise sale in mind, so you're not just in the business of building and maintaining a set of partnerships. You actually have to wade into the technology itself. Also, you need to be careful what technologies you pick, because open source at a technology level tends to have a winner take all outcome. Yes, there's BSD out there, but when you think about an open source operating system, it's Linux.

If you look at some of the big data systems out there, it's Hadoop and the Hadoop ecosystem. If you look now at orchestration, three years ago there was Mesos and and Kubernetes and Docker Swarm. Now it's just Kubernetes.

You typically have single category winners. It's no longer like it was, where you could say, "Oh, I'm going to buy from IBM, and even if it didn't work well I'd be able to get them to support me for ten years because that's part of the relationship. And that's why I buy from IBM -- or Microsoft or Oracle." Now you're a little bit more out there. IT requires getting more involved in the technology.

For vendors it's pretty daunting. You are in the business of figuring out where the world is going, writing intellectual property to get there, and then selling that IP. Now you start seeing more and more of the IP is open, you have to get much more thoughtful around what is the appropriate business model is, depending on where you are in the stack. Do you embrace open source? Do you say, "Well, I'm going to take open source in these areas, but proprietary makes sense in these areas"? If you're going to do open source, what does that look like? What does that mean? Most of the software is not written for an enterprise and an enterprise lifecycle in mind. This leads to downstream questions about long-term support, security and all these other things. It really does pretty significantly upend the traditional software model.

This is an assertion without a lot of proof behind it, but I would argue public cloud in its current form only exists because of open source. (See How Open Source Has Turned the Software Industry Upside-Down.)

Look at most of what Amazon does. They're delivering open source software to enterprises and they package it in different ways. If Amazon was just standing up something, say Microsoft Windows and Oracle databases, it's unclear if the value proposition would be particularly compelling.

I pick on Amazon, but this is true of Google and Microsoft, too. What they've done is they expose a whole lot of open source functionality in a pretty easy way. So, when you go to Amazon, you're generally spinning up some version of Linux. If you're using a database with Amazon, you may be using RDS, which is based on open source components.

Imagine a public cloud where all the software was just proprietary components. It's hard to imagine how that would look and work.

LR: Why would that be problematic?

What value would Amazon be bringing if they were just delivering Windows and Office or whatever else to an enterprise? They are able to offer an economic infrastructure solution because they are using open source components. They're able to offer an economic database because they're not paying for Oracle licenses. They're basically using free software to do that. They're able to offer economic AI services or big data services because, again, they're cutting out the vendors. They're using open source projects to be able to do that.

A big part of Amazon's value proposition is that it distributes open source functionality in a relatively consumable, easy way.

LR: Can open source actually make business more humane, or even improve society?

Whitehurst: Yes, I think so in some ways.

We've had an economy for generations built on stuff, and stuff, by definition, is scarce. I have a pen, it costs money to make that pen. I will sell you that pen or not, or a desk, or whatever it is. When information was first developed or first contained into as a potential product, the fact that it could be freely copied was seen as a bug, and so we use copyright and patents to protect IP to make it scarce, with the logic that if it's not scarce, people won't have the incentive to make stuff. There is logic and value in that view if you are an individual writer of software. It's hard to see how you necessarily say, "Oh, I'm going to write this and give it away, and how do I make money on it?"

Getting people to realize that information can be abundant and figuring out the best way to more thoughtfully think about that can add a ton of value because you will see much more sharing.

Google and Facebook often have developers contributing to the same open source projects that help them do their infrastructure better, yet at the product market level, they fight like cats and dogs.

So in another industry, in pharmaceuticals for example, how do you decide as an industry, "Well, here's a set of things where we're going to fight like cats and dogs about, because that's where we are competitors and we patent this and we protect that. But on a different level, how do we share in a way that makes us all better off, in the same way that Google and Facebook are able to."

The mere fact that open source is acceptable is starting to get more businesses thinking about it. I've had these conversations in healthcare; I've had them in education, financial services, where I started thinking about the boundaries of IT.

I think there's a growing recognition that sharing has some values and there are some models to do it in a structured way that can really make sense.

Next page: Will IBM spoil Red Hat?

Historically, there was one area of IP that was not allowed to be patented or copyrighted and that's around legal opinions. You cannot patent a legal opinion. If you look at our legal system, it's really the first major open source initiative, where you have opinion built on opinion, referencing cases from judges to argument, etc. etc. All that's open for anybody to use and quote from and not pay for it. Our legal system in the US is a great example of the power and subtlety that you can build into a system when you say, "This stuff can't be locked down." We have an extraordinary legal system in terms of the subtlety and fine-grained ability of judges building on precedent, building on argument, etc., etc., but that's because that's totally open and can't be copyrightable or patentable.

Do we really think we're going to solve global warming with all those people are patenting their little slivers? Can you have the layered and modular innovation that is going to be required? One of the powerful pieces of open source is its modularity and the iteration that happens. It's hard to have this modularity and iteration if every time you want to do something you've got to go get permission or get this license or pay this fee.

It's allowing innovation to be liquid versus more a stepped programmatic approach. Innovation needs to be fluid, and it's hard to be fluid when you have gates or barriers, whether it's a developer or a scientist, and so a lot of the lessons in open source are around this.

Red Hat has a set of 20-minute type films, they're called "Open Source Stories," which talk about people working together on projects such as 3D printing robotic hands, or various efforts in education. There is this broader recognition that's really been led by open source, that information does have different dynamic around abundance versus scarcity.

I'm not saying everything should be open. There's need for intellectual property protections. But I'd be more pragmatic around not defaulting to everything being closed. We should default to open and then be very crisp about what and why we want to close things. It's likely to lead to a better outcome. There's a growing understanding of that. We're getting a lot of that. It has been led by the innovations on open source.

LR: What are the risks of open source becoming more prevalent? Could corporate culture harm open source or vice versa?

Whitehurst: Open source is a way to develop software, it is not a software lifecycle process. Red Hat will say, "We are an enterprise software company with an open source development model." You never fix bugs in open source, you fix it in the next release. And so I do worry there's this explosion of use of open source, and if you're not careful to recognize it's a development model, it's not a deployment and lifecycle model, you can really expose yourself. Look no further than Equifax, right? They had an open source component, didn't have a strategy for the lifecycle of this component. So I worry. You need to have a strategy around open source, understanding where it works well, what the risks are, and -- obviously self-serving for us -- partners to help work through that. That's a lot of why we exist, because open source is a development model, it's not a deployment lifecycle model. (See Right & Wrong Lessons From the Equifax Breach.)

LR: What are the risks here, and what are the things that enterprises have to be prepared for?

Whitehurst: The biggest one is security. Again, open source typically doesn't fix bugs. They fix it in the new release. So if you have a version of software, how do you know if it's getting patched? Who's doing the patching? Most people implicitly on the vendor supplying the software to do that. If you don't have a vendor, how are you doing that? Are you relying on an open source community that might say, "Well, I'm onto version two, I'm not worried about version one, I'm not patching version one. If you want those fixes, you can move to version two."

Where something will fall over, who do you call? You don't necessarily have the vendor. That developer, depending on the project, might have moved on. If it's a production application, that's a problem.

LR: How does Red Hat's open source culture play into IBM's decision to acquire Red Hat? How do you see Red Hat changing IBM's culture after the acquisition?

Whitehurst: So much of who we are at Red Hat is rooted in our open source culture, so I don't see that changing. Our ability to innovate comes from the way we work -- our culture -- and IBM recognizes that. We will operate as a distinct unit within IBM. This will enable us to scale and accelerate what Red Hat does best.

LR: How is culture at an open source vendor -- like Red Hat -- different from a proprietary vendor?

Whitehurst: We were founded on the idea that a community of people, working out in the open, can create better technology than a select few behind the walls of any one corporation. That community approach is apparent in the principles of transparency, collaboration, and inclusivity we celebrate and follow at Red Hat.

A lot of companies think that the way to be successful is to be more innovative. And the way to be more innovative is to put a group of creative people together in a room and tell them to innovate. But your most creative ideas are likely going to come from people on the frontlines who are doing the work every day. To be successful, you have to create vehicles for those ideas to be heard. We do that through our meritocracy.

Meritocracy to me has three basic notions: the best ideas can come from anywhere; the best ideas should always win, and contribution matters more than title.

Our associates have always expected this. They want to know why we're doing, what we're doing, and have a voice in the decision-making process. It's important to understand that having a voice doesn't mean you necessarily have decision rights. However, we've found that even if someone doesn't ultimately have a say in the decision that's made, being able to voice their opinion and be heard is critical in enabling more people to contribute and stay involved in our meritocracy.

Engaging people in how decisions are made means it can take longer to get decisions made. But once you make a decision, you tend to get flawless execution because everybody's been engaged in the process from the beginning. They know what you're doing and they know why you're doing it. And when you're running an open organization focused on enabling your people versus dedicating to them what to do, this is critical.

Whitehurst discussed the value of configuring for innovation in a one-minute video interview with Light Reading last year:

About the Author(s)

Mitch Wagner

Executive Editor, Light Reading

San Diego-based Mitch Wagner is many things. As well as being "our guy" on the West Coast (of the US, not Scotland, or anywhere else with indifferent meteorological conditions), he's a husband (to his wife), dissatisfied Democrat, American (so he could be President some day), nonobservant Jew, and science fiction fan. Not necessarily in that order.

He's also one half of a special duo, along with Minnie, who is the co-habitor of the West Coast Bureau and Light Reading's primary chewer of sticks, though she is not the only one on the team who regularly munches on bark.

Wagner, whose previous positions include Editor-in-Chief at Internet Evolution and Executive Editor at InformationWeek, will be responsible for tracking and reporting on developments in Silicon Valley and other US West Coast hotspots of communications technology innovation.

Beats: Software-defined networking (SDN), network functions virtualization (NFV), IP networking, and colored foods (such as 'green rice').

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like