First things first

If there's an overarching theme to today's newsletter, it's the growing impact the cloud computing on every facet of IT. Companies rely on it, consumers rely on it, and some think the open source movement is being suffocated by it. Read on.

Spotify's big bet on Google Cloud

Last week, while latching onto Spotify's focus on artificial intelligence and machine learning in its IPO paperwork, I overlooked another interesting nugget: the company is a heavy user of the Google Cloud Platform for computing and storage. How big?

We rely upon the Google Cloud Platform to operate certain aspects of our business and to store all of our data, and any disruption of or interference with our use of the Google Cloud Platform could have a material adverse effect on our business, operating results, and financial condition.

Google Cloud Platform (“GCP”) provides a distributed computing infrastructure platform for business operations, or what is commonly referred to as a cloud computing service. We have designed our software and computer systems to utilize data processing, storage capabilities, and other services provided by GCP. Currently, we are in the process of transitioning all of our data storage (including personal data of Users and music data licensed from rights holders) and computing from our own servers to GCP. We cannot easily switch our GCP operations to another cloud provider, and any disruption of, or interference with, our use of GCP could have a material adverse effect on our business, operating results, and financial condition.

Thursday's issue also discussed Apple's use of GCP, as well as Amazon Web Services, for storing iCloud data. Some of those same competitive concerns certainly apply to Spotify -- something the company acknowledges in its filing -- but I would argue that music streaming is less strategically important to Google, Amazon and even Apple than are IaaS, hardware and AI. There are several reasons for this, but one of them is that music streaming is not necessarily a zero-sum game, whereas smart-home platforms very well might be. Keeping Spotify as a happy customer is probably more important to Google than is siphoning off a small percentage of its subscribers.

As an aside, I wonder what all this frenemy activity says about Microsoft Azure. It's almost certainly the cloud provider least competitive with potential customers in the smart home, media and retail spaces, but it appears to be largely absent from these conversations. I don't doubt Azure has huge potential or is already making money for Microsoft, but it definitely seems to be dealing with a different type of customer and offering a different type of UX than are GCP and AWS.

As a segue into the next section, it's also worth noting that while Spotify is a developer and user of open source software, it's also utilizing a number of managed GCP services around data processing and analysis. It stands to reason (and I think this blog post suggests) that embracing GCP's data services means Spotify is significantly (if not entirely) cutting back on its use of Hadoop and, likely, its customer relationship with Hortonworks.

There's a common argument that although cloud providers often offer managed versions of popular open source projects, and also their own homemade alternatives to popular projects, many large IaaS users will opt to do business with open source vendors that reduce their cloud-provider lock-in. Apparently, that's not always the case.

Are large vendors and cloud providers killing or saving open source?

So, on a very related note, you should also read this piece from GeekWire's Tom Krazit on the changing nature of open source economics. He spoke to some smart and very experienced folks about the nature of the open source business, all of whom note how open source development on many projects is now very much a top-down model driven by well-funded companies. And with cloud providers, especially, there's the issue that they're able to take advantage of open source technologies without necessarily giving much back to the projects or the companies that drive them.

Whether or not you think this is a big deal depends on how you view the role of open source and the importance of true community-driven development. At any rate, Krazit's piece suggests some interesting ideas for expanding the role of and financial rewards for open source communities, including new OSS license models and trickle-down payment plans. It's very much worth reading.

If you're keen on open source discussions, you can also check out some of my podcast interviews and Q&As on this topic over the past year. It's a groups that includes Jay Kreps (Confluent), Mike Olson (Cloudera), Shay Banon (Elastic), Eric Brewer (Google, Brendan Burns (Microsoft), Sam Lambert (GitHub) and many more smart folks.

AWS had an outage this week ...

... and it appears to have knocked Alexa devices offline, as well as services from Atlassian, Twilio, MongoDB and others. The part of AWS responsible was its Direct Connect service, which connects AWS resources with those housed data centers managed by companies such as Equinix. I've read a few stories on this and it's unclear exactly what the cause was, although high winds and a power outage affecting Direct Connect partners were suggested.

Whatever the cause, any cloud-provider-related outage serves as another reminder that there are pros and cons of centralizing so many workloads and applications with such a small number of providers. Generally speaking, cloud providers do a great job keeping their stuff up and running, and offer all sorts of economic and innovation advantages. But every now and then something happens, and we feel the cascade across business applications and, increasingly, consumer devices.

I suspect that latter will be solved in part by porting more computing to the devices themselves and by adding increased reliability via edge networks. It seems almost necessary if we're going to rely seriously on smart homes, cars and public infrastructure in the years to come.

GitHub's 1.3 Tbps DDos attack

Finally, I also linked last week to a warning from CloudFlare about a newly discovered Memcached bug that's powering some serious DDoS attacks. Well, in the past few days it became clear just how powerful those attacks have the potential to be, as GitHub servers were hit with 1.3 terabits per second of traffic stemming from such an attack. The effects were fairly limited, but still ...

Derrick Harris

AI and machine learning

Cloud and infrastructure

Sponsor: Replicated

Data and analytics