The Cloud Native Computing Foundation came to Shanghai again to host the first Kubecon conference after the pandemic. Jim Zemlin, executive director of the Linux Foundation, switched languages ​​several times during the keynote, demonstrating the challenges that AI and human translators face in keeping up.

In terms of statistics, Zemlin joked that the Linux Foundation is probably the largest software company in the world. He pointed out that if you multiply the average software developer salary (which he puts at $40,000 globally) by the number of developers who contribute to the foundation, the total salary would be about $26 billion, exceeding Microsoft's $24 billion R&D payroll.

Zemlin pointed out that none of the developers working on Linux Foundation projects actually work for the Linux Foundation, so this statistic is somewhat skewed.

Still, the sheer number of engineers involved highlights another problem Zemlin points out: the "paradox of choice" that arises when choosing the right open source project for a particular purpose when the number of open source projects on offer reaches hundreds, thousands, or more.

He also highlighted the opportunities for businesses to increase revenue and profits through the use of open source, reflecting the growing sophistication of certain elements in the open source world. WeChat, Alibaba and Huawei all get credit for this - no surprise given the location - and Zemlin points to a virtuous cycle in which improved products flow back into projects, which means better profits, which means more improvements, and so on.

This all sounds very utopian, but OpenTofu is added to the list of projects that Zemlin is keen to tout, including open source efforts around large-scale language models.

OpenTofu, announced by the Linux Foundation on September 20, is a direct response to HashiCorp's decision to move from Mozilla Public License 2.0 (MPLv2) to Business Source License 1.1. OpenTofu, formerly OpenTF, is a fork of HashiCorp's Terraform infrastructure-as-code tool, which is open source, community-driven, and managed by the Linux Foundation.

HashiCorp's decision and other moves, such as the changes Red Hat has made around its Enterprise Linux product, highlight the challenges faced by companies seeking to make money from open source. Zemlin is keen to highlight the profit opportunities in the open source world, while other companies try to protect their investments with increasingly restrictive licensing models.

Security challenges are also prominent. Robin Ginn, executive director of OpenJS, pointed to the rapid growth of software supply chain attacks. The risk posed by cross-dependencies—actually dependencies within dependencies—has risen sharply in recent years, she said. Take the OpenJS project, for example, which has hundreds of dependencies, all of which need to be considered.

However, Robert Reeves, vice president of strategic cooperation at the Linux Foundation, pointed out the big problem of holding an open source conference in China. As projects become increasingly global, with developers spread across the world, ensuring engineers have access to the same services can be a challenge.

For example, Huawei's products are often wary of some Western governments, while Google's services have aroused the wrath of the Chinese government.

Reeves believes that in addition to showing commitment by physically attending events in regions such as China, organizations including the Linux Foundation should facilitate communication among developers to ensure that the tools and platforms chosen are suitable for everyone involved, even if this may result in some people being unable to use their first choice.

Chris Aniszczyk, chief technology officer of the Cloud Native Computing Foundation, echoed the sentiment while extolling the virtues of WebAssembly (actually a lightweight version of containers in this case).

After all, China’s contribution rate ranks second only to the United States. India and Germany ranked third and fourth respectively.

Aniszczyk sees the disparity in service availability around the world as more of an opportunity than a challenge. "It took us a long time to figure it out, but we did it. It sucks. But that's the reality of the world... [dealing with regional restrictions] is a great way to improve a project. I firmly believe that open source is like a common goal for humanity to share knowledge and development... Open source is global. It is for everyone, everyone should contribute to it... and there should be innovation without permission."