It's time to add Terraform, the massively popular infrastructure-as-code tool created by HashiCorp, to the list of major open source products whose licensing terms have produced deep rifts within the realm of open source.
On Aug. 10, HashiCorp announced that future releases of Terraform will be governed by the Business Source License, or BSL. And a lot of folks are not happy about it.
Here's what the Terraform licensing changes entail, why some people are upset, and what this incident says about ongoing upheaval in the world of open source.
The Terraform Licensing Change in a Nutshell
Engineers use Terraform to automate the provisioning and management of infrastructure. Until now, Terraform was released under the Mozilla Public License, or MPL, version 2.0. The MPL is a widely used "copyleft" license. It ensured, among other things, that anyone who wanted to use the Terraform code — including companies that compete with HashiCorp — could do so.
The switch to the BSL license allows HashiCorp to restrict what competitors can do with Terraform. Henceforth, companies that want to include Terraform code in their own products will need permission from HashiCorp, which will likely charge fees, if it considers them to be "competitive."
Terraform's switch to the BSL license doesn't prevent public access to the Terraform source code or stop anyone from downloading and running the code. In that sense, Terraform will still be fully open source. But the BSL license introduces more restrictions surrounding the integration of Terraform source code into other products or platforms by organizations that HashiCorp deems competitive with its own business.
Backlash From the Open Source Community
HashiCorp's decision has prompted a swift reaction from some segments of the open source community. A group of individuals and companies coordinated to release the OpenTF Manifesto, which calls the BSL licensing change a "poison pill" that will cause the open source ecosystem surrounding Terraform to "dwindle and wither."
The group's main concern seems to be the lack of a clear definition surrounding what HashiCorp considers a competitive organization, as well as the risk that HashiCorp could make further changes to the licensing terms surrounding Terraform.
More broadly, they complain that the adoption of the BSL license could harm the open source community as a whole by setting a precedent that other open source projects could potentially follow (although none has indicated that it plans to do so). "Imagine if the creators of Linux or Kubernetes suddenly switched to a non-open-source license that only permitted non-competitive usage," the authors of the OpenTF Manifesto state.
So far, the manifesto has been signed by more than 80 organizations and several hundred individuals.
Just the Latest Open Source Licensing Crisis
The OpenTF Manifesto is arguably wrong when it implies that BSL is a "non-open-source license." If you interpret "open source" to mean that anyone can view the source code, then Terraform is still open source. (On the other hand, if you believe open source requires source code to be freely reusable for any purpose, including ones that compete with the organization that helps develop open source code, then you could say that BSL is not an open source license.)
But the authors of the OpenTF Manifesto have a point when they suggest that the licensing change could raise doubts about the future licensing status of other open source projects. In fact, similar changes have already occurred elsewhere in the open source community.
The Terraform incident is pretty similar to licensing changes that Elastic announced in 2021 in a bid to limit the ability of businesses to resell its software as a software-as-as-service (SaaS) product. That move also spawned a fierce backlash from some corners of the open source community, and it prompted Amazon to launch its own variant of Elastic's software, called OpenSearch. The Elastic affair ended up straining the open source community and making Amazon — which is not exactly the poster child of an open source-friendly company — a major player in the open source ecosystem that once centered on Elastic's code.
The changes to the Terraform license also bring to mind Red Hat's decision earlier this summer to make some of its source code available only to paying customers — a move that infuriated some members of the open source community, and whose full impact is still playing out.
So, the OpenTF folks have a reason to worry that the terms of use surrounding major open source projects could change. It was already happening elsewhere before HashiCorp decided to switch Terraform to a new license, and so far, the net impact of changes like these has not been good for the world of open source.
The Future of Terraform — and Open Source as a Whole
Do the new Terraform licensing terms mean that Terraform as we know it is about to die? I doubt it. Like Red Hat Enterprise Linux, Terraform is too widely used for it to disappear quickly. The people who care deeply about the licensing change are probably a vocal minority; I suspect many folks will continue to use Terraform, and support integrations for it, without worrying much about the differences between the MPL and BSL licenses.
But I do think that this is the latest incident that underscores deep uncertainty about the future of open source software as a whole. Ironically, the claim that many opponents of open source made decades ago — that you can't trust open source due to uncertainties about where and how it can be used — is looking like it's actually valid these days. Multiple precedents now exist for the owners of major open source codebases to change licensing terms with no warning, sowing real fear, uncertainty, and doubt for some individuals and companies that depend on open source code.
In other words, the open source community, or at least some corners of it, is becoming its own enemy. Until open source developers and the businesses that support them establish a stronger consensus about what's acceptable surrounding the use of their code, the future of open source has the potential to be bleak.
About the author
Christopher Tozzi is a technology analyst with subject matter expertise in cloud computing, application development, open source software, virtualization, containers and more. He also lectures at a major university in the Albany, New York, area. His book, “For Fun and Profit: A History of the Free and Open Source Software Revolution,” was published by MIT Press.
