Opus-devel July 2010

opus-devel@lists.fedorahosted.org

5 participants
5 discussions

Re: [Opus-devel] Opus Licensing Discussion
by John Bass 28 Jul '10

28 Jul '10

Comments below... John Bass ITng Services (919) 515-0154 On Wed, Jul 28, 2010 at 1:14 PM, Brian Bouterse <bmbouter(a)gmail.com> wrote: > Opus needs to have a licensing applied on its source code, and > documentation. This e-mail is a summarization of a discussion that happened > at the ITng Services lab this morning regarding our licensing options. One > thing to remember through all of this is that end-users really don't care > very much about the license, this decision mainly affects ITng, Opus' > long-term viability, and the ability for Opus to support commercial > opportunities. > > There are sooooo many licenses to choose from, it can get complicated > pretty quickly, but we really liked this article<http://google-opensource.blogspot.com/2008/05/standing-against-license-prol…>discussing the licensing options google code makes available for projects > hosted on code.google.com. Basically, code.google.com supports 7 > licenses: Apache License v2.0, (New) BSD, MIT, GPLv2, GPLv3, LGPL, and MPL > 1.1 This list was what we started from, eliminating licenses we didn't > like along the way. Chris DeBona said very recently that GPLv3 now > represents over 50%<http://blog.internetnews.com/skerner/2010/07/gplv3-now-dominates-at-google.…>of the code on > code.google.com > > Of all the GPL licenses, we liked GPLv3 the best, over GPLv2 and LGPL. > Since Opus is almost entirely interpreted code (both python and javascript) > the LGPL isn't very useful to us versus GPLv3. Also, GPLv3 prevents nasty > things like tivoization <http://en.wikipedia.org/wiki/Tivoization>, making > it in practice perform closer to the philosophy it tried to embody, software > should be free to consume, modify, and share. > > We did not like the "do whatever you want with this" attitude embodied in > both the BSD and MIT licenses. We also agree with Google<http://google-opensource.blogspot.com/2008/05/standing-against-license-prol…>that the Mozilla Public License 1.1 (MPL1.1) is too community specific and > also has almost no adoption outside of those specific communities. AKA, if > you don't work at Mozilla, you don't use this license. We weren't > comfortable with the risk of Opus being one of the only non-mozilla backed > projects using MPL1.1 > > Through this dialogue, we have narrowed down our license options to a > choice between Apache License Version 2.0<http://www.apache.org/licenses/LICENSE-2.0.html> (APLv2) > and the GPLv3 <http://www.gnu.org/licenses/gpl-3.0.html>. For those of > you who aren't software licensing and/or legal experts, here is a guide to > the APLv2<http://www.apache.org/foundation/licence-FAQ.html#WhatDoesItMEAN> and > a guide to GPLv3 <http://www.gnu.org/licenses/quick-guide-gplv3.html>. > > We feel these two licenses are usable version of what they attempt to > embody philosophically, but what they are trying to accomplish is very > different. I will now argue on both sides why it should be the license for > Opus ... > > GPLv3 is well suited for Opus because it will promote the creation of a > community which will serve and protect the "ubiquitously open" code base. > Anytime any improvement, anywhere (public or private) is made to Opus and > then distributed (ie: sold or given away), the core platform will benefit. > This is the "rising tide raises all boats argument." Opus is essentially > middleware (living on top of an OS and underneath applications), and can be > bundled with code licensed differently (proprietary or otherwise) that lives > above or below Opus while Opus still would be licensed with GPLv3. The > source would also be required to be distributed with any such bundling, but > a company could create a bundled product, they just would also have to > distribute the Opus source along with it. Given that Opus is mainly python > and javascript, that's really not saying much though. ITng might not be > able to retain control of major decisions in the future, considering "the > community" should really be deciding. Also proprietary forks are not > possible. > > APLv2 is well suited to drive Opus adoption because companies can modify > the core Opus platform without being bound to contribute back their code to > the community which could become an enabler for competitors to reuse the > Opus extensions in their own product. Moreover, companies can distribute a > product with Opus as a component without including its source code, which > will make companies *much* more inclined to work with Opus. As ITng looks > to get further development funded by corporations, this license would work > well for us. I think that is what Google had in mind when they applied > the APLv2 to Android over GPL<http://arstechnica.com/old/content/2007/11/why-google-chose-the-apache-soft…>. > It also allows ITng to control the development of Opus, instead of putting > major decisions to a strict community vote. The down-side is that anyone > could fork this project at anytime, which could be unproductive long-term. > > That being said, I vote for APLv2 since it would allow us to seek corporate > funding more easily, will increase adoption and interest around Opus, and > would allow us to join ASF <http://www.apache.org/> someday if we want to. > So my take in all this is that individuals won't care if the license is GPLv3 or APL whether they commit code or use the s/w. However, companies will care. Coin operated companies will want as few restrictions as possible to mod/use/distribute/sell the s/w. The license allowing the largest potential audience is therefore APL. The risk is that someone could take Opus, call it something else, and steal our thunder. I think this risk is minimal since companies large enough to do this will most likely understand that the value is in the developer community, not the s/w. I vote for APL. We also need to discuss documentation and content licenses, but I don't have > the energy at this time. If you are thinking about these issues though, > make sure the licensing is compatible with the fedorahosted requirements<http://fedoraproject.org/wiki/Licensing:Main> > . > Of the fedora vetted content and documentation licenses, I vote for CC-BY (not CC-BY-SA or CC-BY-ND). CC-BY conveys the right to 'remix' the content/docs with proper attribution and no requirement to maintain the same license in the derivative. This best fits APL for the code (assuming we pick APL). CC-BY-SA requires the same license for all derivatives (unlike APL). CC-BY-ND doesn't allow derivatives (unlike APL). Best, > Brian > > -- > Brian Bouterse > ITng Services > > _______________________________________________ > Opus-devel mailing list > Opus-devel(a)lists.fedorahosted.org > https://fedorahosted.org/mailman/listinfo/opus-devel > >

1 0

Opus Licensing Discussion
by Brian Bouterse 28 Jul '10

28 Jul '10

Opus needs to have a licensing applied on its source code, and documentation. This e-mail is a summarization of a discussion that happened at the ITng Services lab this morning regarding our licensing options. One thing to remember through all of this is that end-users really don't care very much about the license, this decision mainly affects ITng, Opus' long-term viability, and the ability for Opus to support commercial opportunities. There are sooooo many licenses to choose from, it can get complicated pretty quickly, but we really liked this article<http://google-opensource.blogspot.com/2008/05/standing-against-license-prol…>discussing the licensing options google code makes available for projects hosted on code.google.com. Basically, code.google.com supports 7 licenses: Apache License v2.0, (New) BSD, MIT, GPLv2, GPLv3, LGPL, and MPL 1.1 This list was what we started from, eliminating licenses we didn't like along the way. Chris DeBona said very recently that GPLv3 now represents over 50%<http://blog.internetnews.com/skerner/2010/07/gplv3-now-dominates-at-google.…>of the code on code.google.com Of all the GPL licenses, we liked GPLv3 the best, over GPLv2 and LGPL. Since Opus is almost entirely interpreted code (both python and javascript) the LGPL isn't very useful to us versus GPLv3. Also, GPLv3 prevents nasty things like tivoization <http://en.wikipedia.org/wiki/Tivoization>, making it in practice perform closer to the philosophy it tried to embody, software should be free to consume, modify, and share. We did not like the "do whatever you want with this" attitude embodied in both the BSD and MIT licenses. We also agree with Google<http://google-opensource.blogspot.com/2008/05/standing-against-license-prol…>that the Mozilla Public License 1.1 (MPL1.1) is too community specific and also has almost no adoption outside of those specific communities. AKA, if you don't work at Mozilla, you don't use this license. We weren't comfortable with the risk of Opus being one of the only non-mozilla backed projects using MPL1.1 Through this dialogue, we have narrowed down our license options to a choice between Apache License Version 2.0<http://www.apache.org/licenses/LICENSE-2.0.html> (APLv2) and the GPLv3 <http://www.gnu.org/licenses/gpl-3.0.html>. For those of you who aren't software licensing and/or legal experts, here is a guide to the APLv2 <http://www.apache.org/foundation/licence-FAQ.html#WhatDoesItMEAN> and a guide to GPLv3 <http://www.gnu.org/licenses/quick-guide-gplv3.html>. We feel these two licenses are usable version of what they attempt to embody philosophically, but what they are trying to accomplish is very different. I will now argue on both sides why it should be the license for Opus ... GPLv3 is well suited for Opus because it will promote the creation of a community which will serve and protect the "ubiquitously open" code base. Anytime any improvement, anywhere (public or private) is made to Opus and then distributed (ie: sold or given away), the core platform will benefit. This is the "rising tide raises all boats argument." Opus is essentially middleware (living on top of an OS and underneath applications), and can be bundled with code licensed differently (proprietary or otherwise) that lives above or below Opus while Opus still would be licensed with GPLv3. The source would also be required to be distributed with any such bundling, but a company could create a bundled product, they just would also have to distribute the Opus source along with it. Given that Opus is mainly python and javascript, that's really not saying much though. ITng might not be able to retain control of major decisions in the future, considering "the community" should really be deciding. Also proprietary forks are not possible. APLv2 is well suited to drive Opus adoption because companies can modify the core Opus platform without being bound to contribute back their code to the community which could become an enabler for competitors to reuse the Opus extensions in their own product. Moreover, companies can distribute a product with Opus as a component without including its source code, which will make companies *much* more inclined to work with Opus. As ITng looks to get further development funded by corporations, this license would work well for us. I think that is what Google had in mind when they applied the APLv2 to Android over GPL<http://arstechnica.com/old/content/2007/11/why-google-chose-the-apache-soft…>. It also allows ITng to control the development of Opus, instead of putting major decisions to a strict community vote. The down-side is that anyone could fork this project at anytime, which could be unproductive long-term. That being said, I vote for APLv2 since it would allow us to seek corporate funding more easily, will increase adoption and interest around Opus, and would allow us to join ASF <http://www.apache.org/> someday if we want to. We also need to discuss documentation and content licenses, but I don't have the energy at this time. If you are thinking about these issues though, make sure the licensing is compatible with the fedorahosted requirements<http://fedoraproject.org/wiki/Licensing:Main> . Best, Brian -- Brian Bouterse ITng Services

1 0

A test message for new mailman settings
by bmbouter＠ncsu.edu 19 Jul '10

19 Jul '10

This is a test; please disregard...

2 1

Opus Roadmap
by brownan＠gmail.com 12 Jul '10

12 Jul '10

Hi everyone, The components of Opus we're currently working on seem to be wrapping up. I'd like to get everyone's input on where to go from here. First, here's what we've accomplished so far: * Opus can create and deploy a project with applications from any git repository. This involves creating the project package itself, creating a system user and locking down permissions on sensitive files, configuring and syncing the database, generating self-signed SSL cert, setting various project settings for the deployment, writing out the apache and wsgi configs, and finally restarting apache. All fully automated. * Opus can reverse the above procedure to delete a project. * Opus can add applications to a live project, including all the necessary configuration changes, and database syncs. * Opus can update an application in a live project. This involves running a git fetch operation, followed by a git reset operation for git repositories. * Opus can remove an application from a live project. * All of the above is fully functional on our simple html interface. We currently have a mostly functional GWT interface which is almost done. So, enough of what's done, what's next? There are several items that I can think of, which we want to eventually have. * Celery Integration. We want to have Opus make us of, and provide to applications, an asynchronous message passing interface. This is a bit more than just putting Celery on the list of dependencies, it will involve having Opus set up an exchange for each project and configuring the projects to use it automatically. We also have to figure out how to handle starting and stopping individual project's celeryd daemons. * Provisioning Integration. This has been started, I know, but I wanted to put it on this list anyways. Not only do we want Opus to have control of a provisioning engine, and provide an interface for deployments, but also we want Opus use the provisioning engine to power on nodes to serve the deployments. This will be quite a challenge, I suspect, but since it was one of the original reasons we started Opus, perhaps this should be a priority. * Community integration. This is also started, as it comes along with the GWT interface. We're going to stand up and host a community directory of applications. This isn't a small task, though. * And finally, I can think of a few smaller improvements to the existing components that we (I) could work on. * Auto-gen databases. So far we've been doing most of our development testing with sqlite databases. This is easy, since on deployment we can just create a new sqlite database and secure it with the same file permissions as the other sensitive files. However, if someone wants a real database, they have to create and manage it themselves. I'd like to add a layer to automatically create users and databases for a real DBMS when a project is created. Problem is, do we want to hard code this for a particular DBMS? Mysql? Postgresql? * A more robust user permission model? Right now, projects are created by a user, and only that user has access to see or modify a project. Unless you're a super-user, you can't access any projects but the one you've created. It may be useful to have a more flexible ACL type of model, where a project admin (the creator) can give access to other users. Perhaps when we have more options and parameters to control over a project, the permissions can be even more fine grained. * An overall dashboard controlling parameters to all projects. Once provisioning is in place, we'd like one central place to go for admins to tweak how much resources Opus as a whole can use, any any other parameters that apply to the Opus installation as a whole. This isn't something that I imagine will have any options to set right now, but as we get the provisioning layer done, we'll need this. Anything I've forgotten? So, I'd like some feedback on where we should focus our efforts. In particular, I'd like to know what I should do, but I also wanted to take this opportunity to summarize the state of the project. The celery integration is something that I don't think would be too hard right now, doesn't depend on any other components, and would come in handy very soon. What does everyone think? -Andrew Brown

1 1

Re: [Opus-devel] Opus Roadmap
by John Bass 08 Jul '10

08 Jul '10

Great summary - thanks! The only thing I would add is the user happiness metric. This is probably the best way to learn if the service is running better/worse/same as resource allocations are changed by an admin. I'm cool with your judgement as to what to do next... John Bass ITng Services (919) 515-0154 On Thu, Jul 8, 2010 at 12:09 PM, Andrew Brown <brownan(a)gmail.com> wrote: > Hi everyone, > The components of Opus we're currently working on seem to be wrapping up. > I'd like to get everyone's input on where to go from here. > > First, here's what we've accomplished so far: > > * Opus can create and deploy a project with applications from any git > repository. This involves creating the project package itself, creating a > system user and locking down permissions on sensitive files, configuring and > syncing the database, generating self-signed SSL cert, setting various > project settings for the deployment, writing out the apache and wsgi > configs, and finally restarting apache. All fully automated. > * Opus can reverse the above procedure to delete a project. > * Opus can add applications to a live project, including all the necessary > configuration changes, and database syncs. > * Opus can update an application in a live project. This involves running a > git fetch operation, followed by a git reset operation for git repositories. > * Opus can remove an application from a live project. > * All of the above is fully functional on our simple html interface. We > currently have a mostly functional GWT interface which is almost done. > > So, enough of what's done, what's next? There are several items that I can > think of, which we want to eventually have. > > * Celery Integration. We want to have Opus make us of, and provide to > applications, an asynchronous message passing interface. This is a bit more > than just putting Celery on the list of dependencies, it will involve having > Opus set up an exchange for each project and configuring the projects to use > it automatically. We also have to figure out how to handle starting and > stopping individual project's celeryd daemons. > > * Provisioning Integration. This has been started, I know, but I wanted to > put it on this list anyways. Not only do we want Opus to have control of a > provisioning engine, and provide an interface for deployments, but also we > want Opus use the provisioning engine to power on nodes to serve the > deployments. This will be quite a challenge, I suspect, but since it was one > of the original reasons we started Opus, perhaps this should be a priority. > > * Community integration. This is also started, as it comes along with the > GWT interface. We're going to stand up and host a community directory of > applications. This isn't a small task, though. > > * And finally, I can think of a few smaller improvements to the existing > components that we (I) could work on. > > * Auto-gen databases. So far we've been doing most of our development > testing with sqlite databases. This is easy, since on deployment we can just > create a new sqlite database and secure it with the same file permissions as > the other sensitive files. However, if someone wants a real database, they > have to create and manage it themselves. I'd like to add a layer to > automatically create users and databases for a real DBMS when a project is > created. Problem is, do we want to hard code this for a particular DBMS? > Mysql? Postgresql? > > * A more robust user permission model? Right now, projects are created by > a user, and only that user has access to see or modify a project. Unless > you're a super-user, you can't access any projects but the one you've > created. It may be useful to have a more flexible ACL type of model, where a > project admin (the creator) can give access to other users. Perhaps when we > have more options and parameters to control over a project, the permissions > can be even more fine grained. > > * An overall dashboard controlling parameters to all projects. Once > provisioning is in place, we'd like one central place to go for admins to > tweak how much resources Opus as a whole can use, any any other parameters > that apply to the Opus installation as a whole. This isn't something that I > imagine will have any options to set right now, but as we get the > provisioning layer done, we'll need this. > > Anything I've forgotten? > > So, I'd like some feedback on where we should focus our efforts. In > particular, I'd like to know what I should do, but I also wanted to take > this opportunity to summarize the state of the project. The celery > integration is something that I don't think would be too hard right now, > doesn't depend on any other components, and would come in handy very soon. > What does everyone think? > > -Andrew Brown > > _______________________________________________ > Opus-devel mailing list > Opus-devel(a)lists.fedorahosted.org > https://fedorahosted.org/mailman/listinfo/opus-devel > >

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Opus-devel July 2010