Don't confuse AWS's Open Distro for Elasticsearch with altruism
I just read the recent announcements from AWS on their fresh "Open Distro" of Elasticsearch. Statements like "Keeping Open Source Open" and "it has created uncertainty about the longevity of the open source project as it is getting less innovation focus" drew my attention. We should all be happy someone as big as AWS is caring for Open-Source so much, shouldn't we?
As an Elasticsearch consultant with 8+ years experience with the technology and familiarity with the team behind it, I would suggest some skeptism here.
This is a retalitory move by AWS, because of a recent move by Elastic to put X-Pack (the "enterprise" additions to Elasticsearch) under a license which restricts Amazon from using it. Since AWS Elasticsearch is famously known for being AWS's fastest growing service, Amazon being Amazon would not want to lose their customer base or stay behind with important features, so they opted for writing their X-Pack replacement. And they also decided to release it under the Apache 2 license - which is great!
But it's not the first time AWS are pulling it. Just 2 months ago they did a similar move to Mongo and as TechCrunch have quoted - "giving open source the middle finger". Many of AWS's services are far from being open-source - e.g. RedShift, Timestream and Kinesis - are all commonly used services that are secretly guarded closed-source projects which directly compete with offerings that are available as open-source.
Showing great care for Open-Source is a dangerous trend lately. Some people and businesses really do care about open-source and I can testify to the people behind Elastic for being that way. But some will use this as excuse to grow their business - which is a 100% legit, but just don't fall for it.
OpenDistro for Elasticsearch is just a way for AWS to keep some AWS Elasticsearch clusters and not lose them to Elastic's X-Pack.
AWS's claim for altruism in this case is nothing short of hypocrisy.
I didn't want to publish this piece without first having a look at the release, so I did play around with it a bit. The whole "open distro" additions look amateurishly done - definitely not something I'd put as a security layer for my data. Not at this stage anyway - I'd want it to mature a bit, and it's code properly audited.
To be honest, I kind of expected that. I posted my piece on the AWS Service, Why you shouldn't use AWS Elasticsearch Service, over a year ago. While some of my points there got fixed, some weren't and I still consider AWS Elasticsearch to be a subpar service. Upgrading a cluster still requires launching a new one and no in-place upgrades; no hourly backups just daily; very poor monitoring (though it did improve from terrible to poor); no control over imprortant configs that we frequently use for fine tuning; and more.
I'm happy to see more developments around Elasticsearch, especially in the open-source space. It validates our consulting business around Elastic, among other things. I just wished they could have been released as yet another contribution, without all those bad vibes.