Open source is here to stay—but it’s also continually changing. At New Relic, we’ve been keeping up with the latest open source trends. Here are a few that we’re most excited about.
Increasing software complexity
Software teams are relying on open source to build increasingly complex software. At the same time, developers and end users want better online experiences. Frequently, open source solutions best enable complex software creation that helps the digital world run with more simplicity and speed.
To create this simplicity and speed, software engineers embrace complexity. We do this at New Relic by using the GNU Compiler Collection (GCC), the most popular C Compiler. GCC, an open source tool created by the GNU project and distributed by the nonprofit Free Software Foundation, does sophisticated work, such as compiling multiple programs and working out tough bugs that are often time-intensive. GCC is one of the open source pioneers; since 1987, it’s played an important role in the growth of open source software. It helped engineers do cool things then, and it allows engineers to do even cooler things now.
Open source has been the internet’s foundation for decades, making it easier and less expensive to build internet applications. With the shift to cloud native technologies, the open source tradition has continued. Many cloud native technologies (and the observability tools to support them) are open source projects. So having your head in the clouds makes sense here.
One useful open-sourced tool is Terraform: it lets engineers create and change infrastructure in the cloud—even with multiple clouds. This guide will show you how to set up New Relic entities using Terraform.
Big data and analytics
Many organizations rely on open source tools for big data analytics. Some examples include Apache Hadoop, a framework that can be used with an existing data center or run completely in the cloud; Apache Kafka, which creates high-performance data pipelines; and R, which enables statistical computing.
And with big data comes the need for automation. Our engineers employ Mocha (both the chocolatey drink and the testing framework hosted on GitHub). You can declare your tests, and Mocha will run them and figure out if they’re passing or not. Open source tools like Mocha make creating and monitoring great software easier (and more fun). Additional open source testing options include Jest and Node Tap.
Observability tool proliferation
There are tons of different tools and agents for collecting, ingesting, and analyzing telemetry data. These specialized open source observability tools, such as Prometheus, Grafana, and Zipkin have come to prominence because they are often the right tool for the job.
This breadth, however, can create data silos and blind spots. Consolidation involves reducing and standardizing tooling so that fewer disparate data formats exist in your observability ecosystem.
And our opinion is that modern observability is powered by instrumentation that is largely vendor-agnostic and open. That’s why we built our Telemetry Data Platform with an increasing number of out-of-the-box integrations for open source tools.
Vulnerabilities in open source software can make personal information available to outsiders. This is no different from proprietary software, except that those vulnerabilities are public. This is a double-edged sword because contributors can find and fix security issues quickly, but it also exposes some level of risk that a vulnerability will be discovered and exploited by a nefarious party. In practice, open source software is generally as secure or more secure than proprietary software, but some still harbor these security fears around open source.
Research shows that it’s better to be open and in the cloud, and our own experience reflects this truth. Not only is it just as safe as proprietary software, but it also enables continual growth and innovation from software engineers working together to solve tough problems. Many engineers benefit from tools that search for potential security vulnerabilities: some use Brakeman, an open-sourced vulnerability scanner specifically designed for Ruby on Rails applications. At New Relic, we also use Rusty Hog, a secret vulnerability scanner we built based off of truffleHog but in Rust instead of Python for maximum performance.
It’s time for everyone to open their doors. For us, this means open-sourcing the software that we develop and encouraging external contributions.
In some places, this demand for transparency isn’t just a trend or request—it’s actual legislation. Take the European Union’s General Data Protection Regulation (GDPR). For example, GDPR ensures people know what data applications and websites collect about them and how that personal information is used. And, in California, a similar law was just enacted. As of January 2020, the California Consumer Privacy Act enhances state residents’ rights to digital privacy. Similar laws promoting transparency have been proposed in states across the United States, from New York to North Dakota. People are increasingly enabled to delete, access, protect, and even correct their personal data.
While many corporations are fearful of providing this type of transparency in terms of data, this level of transparency is embraced in open source software. This transparency creates a feedback loop that increases the speed of innovation and efficacy. We believe it makes the world better. That’s why we’re on GitHub, along with 50 million other developers and organizations. Feel free to submit your commits and issues, or fork whatever repositories would benefit you. New Relic team members are excited to respond to them.
Now that you’ve delved into some key open source trends—and learned how our engineers at New Relic use them—it’s time for you to get involved. Visit New Relic Open Source to learn more about our open source projects and contributions.