Upcoming licensing changes to Elasticsearch and Kibana
We are moving our Apache 2.0-licensed source code in Elasticsearch and Kibana to be dual licensed under Server Side Public License (SSPL) and the Elastic License, giving users the choice of which license to apply. This license change ensures our community and customers have free and open access to use, modify, redistribute, and collaborate on the code. It also protects our continued investment in developing products that we distribute for free and in the open by restricting cloud service providers from offering Elasticsearch and Kibana as a service without contributing back. This will apply to all maintained branches of these two products and will take place before our upcoming 7.11 release. Our releases will continue to be under the Elastic License as they have been for the last three years.
This change in source code licensing has no impact on the overwhelming majority of our user community who use our default distribution for free. It also has no impact on our cloud customers or self-managed software customers.
In recent years, the market has evolved, and the community has come to appreciate that open source companies need to better protect their software to continue to innovate and make the investments required. As companies continue the shift to SaaS offerings, some cloud service providers have taken open source products and provided them as a service without investing back into the community. Moving to the dual license strategy with SSPL or the Elastic License is a natural next step for us after opening our commercial code and creating a free tier, all under the Elastic License, nearly 3 years ago. It is similar to those made by many other open source companies over these years, including MongoDB, which developed the SSPL. The SSPL allows free and unrestricted use, as well as modification, with the simple requirement that if you provide the product as a service, you must also publicly release any modifications as well as the source code of your management layers under SSPL.
Our open origins
My personal journey with open source goes a long way back. In 2005, I open sourced my first project, Compass, to provide a Java framework on top of Apache Lucene while I was building a recipe app for my wife. In the following five years, I invested many weekends and nights working on it, from writing code to helping users with bugs, features, and questions.
I had no idea what I was signing up for, especially with a day job “on the side,” but I fell in love with the opportunity to make such a positive impact — trying to build a great product, but more importantly, a great community around it, through the power of open source.
In 2009, I decided to do it again, and started to write a brand new project called Elasticsearch. I spent many nights and weekends building it, and in 2010 open sourced it. I even quit my job and decided to dedicate my full attention to it. To be there for the users, through writing code, and engaging on GitHub, mailing lists, and IRC.
And when we founded Elastic as a company in 2012, we brought the same spirit to our company. We invested heavily in our free and open products, and supported the rapid growth of our community of users. We expanded from just Elasticsearch to Kibana, Logstash, Beats, and now a complete set of solutions built into the Elastic Stack: Elastic Enterprise Search, Observability, and Security.
We have matured the products, fostered vibrant communities around them, and focused on providing the greatest amount of value to our users. Today, we have hundreds of engineers who wake up every day and work to make our products even better. And we have hundreds of thousands of community members who engage with us and contribute to our shared success.
I am proud of the company we built, and humbled by the level of trust that we have earned with our user base. This starts by being open and transparent, and continues with being true to our community and user base in our choices.
Free and open FTW
Back in 2018, we opened the code of our free and paid proprietary features under the Elastic License, a source-available license, and we changed our default distribution to include all of our features, with all free features enabled by default.
We did this for a few reasons. It allowed us to engage with our paying customers in the same way we engage with our community: in the open. It also allowed us to build free features that empower our users without providing those capabilities to companies that take our products and provide them as a service, like Amazon Elasticsearch Service, and profit from our open source software without contributing back.
This approach was well received — today, over 90% of new downloads choose this distribution — and has allowed us to make so much of our work available for free while also building a successful company.
The list of improvements under this new free and open, yet proprietary, license, is overwhelming. I am humbled by the amazing progress our team and community has made across all our products, so much so that I would love to share some of them:
We’ve dramatically improved the speed, scalability, and reliability of Elasticsearch, with a new distributed consensus algorithm and significantly reduced memory usage, in addition to new data storage and compression approaches that have reduced the typical index size by nearly 40% while improving indexing and query throughput. We added new field types for geospatial analysis, and more efficient ways to store and search logs and perform fast, case-insensitive search on security data. In Kibana, we cut load time by 80% and eliminated whole-page refreshes thanks to a multiyear replatforming project, while at the same time introducing an intuitive drag-and-drop data visualization experience with Kibana Lens, key capabilities like dashboard drill-downs, and so much more.
Over the last three years, we also built first-class experiences around our most common use cases. In the security area, we created a free and open SIEM right inside Kibana, with a powerful detection engine that supports simple rules as well as complex correlations via a new query language called EQL in Elasticsearch. We include hundreds of detection rules, which we develop publicly, in collaboration with our community. And we joined forces with Endgame, a leading endpoint security company, and have released powerful malware protection for free as part of the Elastic Agent, our unified, centrally managed observability and security agent for servers and endpoints, with more to come.
In observability, the story is similar. We’ve built an entire observability suite right inside Kibana — from a live-tail logging UI to an intuitive infrastructure-level view of the key metrics and alerts across your hosts, pods, and containers. And we now have a fully featured APM product with open source data collectors and agents, supporting OpenTelemetry, real user monitoring (RUM), synthetic monitoring, and the recent addition of user experience monitoring.
With Elastic Enterprise Search, we introduced App Search, a layer on top of Elasticsearch that simplifies building rich applications and provides powerful management interfaces for relevance tuning, as well as analytics on how it’s being used. We also provide a free Workplace Search product that makes it easy to integrate and search the content sources that you use to run your life or company, like Google Workplace, Microsoft 365, Atlassian Jira and Confluence, and Salesforce.
It is simply amazing that we’ve been able to build all of these capabilities and provide them for free to our community. It has been humbling to see the level of engagement and adoption around our products and how these new features have helped so many people and businesses succeed. And this was possible because the overwhelming majority of our community chose our default distribution under the Elastic License, where all these features are free and open.
As previously mentioned, over the last three years, the market has evolved and the community has come to appreciate that open source companies need to better protect their software in order to maintain a high level of investment and innovation. With the shift to SaaS as a delivery model, some cloud service providers have taken advantage of open source products by providing them as a service, without contributing back. This diverts funds that would have been reinvested into the product and hurts users and the community.
Similar to our open source peers, we have lived this experience firsthand, from our trademarks being misused to outright attempts to splinter our community with “open” repackaging of our OSS products or even taking “inspiration” from our proprietary code. While each open source company has taken a slightly different approach to address this issue, they have generally modified their open source license in order to protect their investment in free software, while trying to preserve the principles of openness, transparency, and collaboration. Similarly, we are taking the natural next step of making a targeted change to how we license our source code. This change won’t affect the vast majority of our users, but it will restrict cloud service providers from offering our software as a service.
We expect that a few of our competitors will attempt to spread all kinds of FUD around this change. Let me be clear to any naysayers. We believe deeply in the principles of free and open products, and of transparency with the community. Our track record speaks to this commitment, and we will continue to build upon it.
Starting with the upcoming Elastic 7.11 release, we will be moving the Apache 2.0-licensed code of Elasticsearch and Kibana to be dual licensed under SSPL and the Elastic License, giving users the choice of which license to apply. SSPL is a source-available license created by MongoDB to embody the principles of open source while providing protection against public cloud providers offering open source products as a service without contributing back. The SSPL allows free and unrestricted use and modification, with the simple requirement that if you provide the product as a service to others, you must also publicly release any modifications as well as the source code of your management layers under SSPL.
We chose this path because it gives us the opportunity to be as open as possible, while protecting our community and company. In some ways, this change allows us to be even more open. As a follow-up to this change, we will begin moving our free proprietary features from the Elastic License to be dual-licensed under the SSPL as well, which is more permissive and better aligned with our goals of making our products as free and open as possible.
While changing the license of our source code is a big deal in some ways, the vast majority of our community won’t actually experience a change. If you are a customer of ours, either in Elastic Cloud or on premises, nothing changes. And if you’ve been downloading and using our default distribution, it’s still free and open under the same Elastic License. If you’ve been contributing to Elasticsearch or Kibana (thank you!) nothing changes for you either.
We will continue to develop our code in the open, engage with our community, and publish our releases for free under the Elastic License as we have done for the last three years. We remain committed to keeping all of our free features free — we are not making any changes to which features are free and which are available in a paid subscription.
Our belief in the importance of a unified community has never been stronger. This change sets us up to continue to demonstrate our commitment and earn your trust in the future as we have done over the last 10 years.
This post contains forward-looking statements that involve substantial risk and uncertainties, which include, but are not limited to, statements concerning the licensing of the company’s code, the market opportunity for software as a service and open source server side software, the benefits of open source innovation, the impact of the licensing model used by the company, our future investment in research and development, and our assessments of the strength of our solutions and products. These forward-looking statements are subject to the safe harbor provisions under the Private Securities Litigation Reform Act of 1995. These forward-looking statements reflect our current views about its plans, intentions, expectations, strategies and prospects, which are based on the information currently available to us and on assumptions we have made. Although we believe that our plans, intentions, expectations, strategies and prospects as reflected in or suggested by those forward-looking statements are reasonable, we can give no assurance that the plans, intentions, expectations or strategies will be attained or achieved. Actual outcomes and results may differ materially from those contemplated by these forward-looking statements due to uncertainties, risks, and changes in circumstances, including but not limited to those related to: our ability to timely and successfully implement and achieve the benefits of the new dual licensing model; acceptance of the new licensing model by customers and our user community; our ability to continue to build and maintain credibility with the developer community; the effects of competing SaaS services; our ability to maintain, protect, enforce and enhance our intellectual property; the impact of the expansion and adoption of SaaS offerings on open source licensing models; and our beliefs and objectives for future operations. Additional risks and uncertainties that could cause actual outcomes and results to differ materially are included in our filings with the Securities and Exchange Commission (the “SEC”), including our Annual Report on Form 10-K for the fiscal year ended April 30, 2020 and any subsequent reports filed with the SEC. SEC filings are available on the Investor Relations section of Elastic’s website at ir.elastic.co and the SEC’s website at www.sec.gov. Elastic assumes no obligation to, and does not currently intend to, update any such forward-looking statements, except as required by law.