If the CNCF are the Sith, we are the Jedi.
OK, maybe that’s not the greatest reference, I’m not saying enterprise software is straight up evil, but let’s run with it a bit and see where it goes. This is an opinion piece, obviously inspired by the devops manifesto. I’m trying to make it a fun read, and set some context, more than I’m trying to be technically correct.
As enterprise software consumed the world, ever since Adobe revolutionized P&L for software firms by going all in on making customers rent not buy, the center of gravity was shifted towards cloud hosted and SaaS solutions. After all, since it’s OpEx instead of CapEx, the budget is easier to approve, and there are all these great benefits to not running things yourself.
Great benefits like not owning your data, having it leaked on your behalf, not controlling your own destiny when it comes to meeting SLO’s, not having any control over if or when new features are released to your environment, oh and my personal favorites, not knowing when large swaths of the internet will fail due to centrailized points of failure, and everything you want is another bill. Just ask any one who has ever had to think about the AWS bill of a unicorn or two, the egress costs alone force you into asking vendors to they support AWS private link at some point, and evaluating it right up there with other required features.
While this has been great for P&L for a lot of companies, it actually kinda sucks from basically every operational perspective.
Under the surface, academia has largely shunned the enterprise software revolution. In this economy, nobody can afford all that, and even in the age of ZIRP, and when AWS was still subsidizing it’s growth to buy marketshare, if you wanted truly high performance compute (ahem, CERN and OpenStack), you didn’t go to AWS, you racked and stacked hardware suited for use. AFAIK and can research, the compute under one of the worlds most advanced k8s clusters is still OpenStack, and at least the storage at CERN is still on ceph/OpenStack.
I don’t actually care for the blockchain/crypto space much based on my limited exposure to it, but it’s worth mentioning in the context of resistance to the subscription based cloud hosted and SaaS serviced normal operating model, and trying to resist centralization, at least in theory.
I’m not saying that if you’re trying to build Netflix or Uber or Doordash or your webstore or whatever app that operates at millions of users scale, CNCF is wrong. If you’re operating an app at scale, and building a single user experience which costs hundreds of thousands of dollars a minute or hour to have down, absolutely build you hybrid cloud EK8S platform and do all your scrum ceremonies and ship your helm charts with maximum release velocity. I’m not saying that’s the wrong approach, for that use case. BUT THAT IS NOT EVERYONE. It’s not even the majority of use cases, and it doesn’t have to become the future where it is.
There are the use cases of running a business, which probably at least needs humans to agree to pay it something, and may even still require humans to do work. Disgusting meatbags who have to be trained and learn and sleep and make mistakes and forget things. So gross, those little human dependencies are, to the enterprise software SAFe 6 operational model. At least there’s the pagerduty abstracton layer to wake those gross meatbags up when they have to fix things, or to find another when one won’t wake up or is hit by a school bus.
Neither of those use cases, actually running a business, or being a human, continue to be best served by the enterprise software subscription models. These use cases have a lot of user stories, like having some way to store knowledge, train people (or your MCP agents), and having some way to riff on or share something with your internal team, without needing to wrestle with IT for access to an account to provision a resource checked by a security policy to OMG I just wanna test this new tool and now that workstations are all locked down, I can’t locally, so I think I’ll just quiet quit.
Photos is perhaps the best use case for something that doesn’t fit as well into the modern SaaS/cloud model. I just wanna be able to put my pictures somewhere, and not have them degrade faster than a 70’s polarioid. No, seriously, my 20’s were on myspace. Maybe they are still there, maybe they aren’t, but they might as well be gone. At least photobucket has warned me daily for months that it’s going to delete things, or is that phishing? I don’t even remember putting anything there.
Perhaps I shouldn’t date myself, but I have more memorabilia from high school, before the digital age, than I do remnants of my life during the early digital age. I had an external hard drive and the computer I had most of my stuff on stolen out of a storage unit while I was moving. There’s no question that having some sort of strategy around offsite replication is critical, but who says we have to be cloud native for everything? Why can’t the cloud be the offsite backup, the cold storage, and the DR/failover solution, instead of the default for everything?
Do I want to pay Adobe or Apple or Google or Microsoft or few hundred bucks a year for cloud storage, just to backup photos? Can I get away with just one, if I have photos from both a phone and traditional cameras? Do I prefer to trust that facebook won’t go the way of myspace, and let them mine my metadata so they can market to me more effectively, and worry about my privacy settings and audience?
Or do I maybe just want to buy a consumer NAS for about the same price as 2-3 years subscription, and find a friend or two who I can setup offsite backup routines with, optionally archiving some stuff to a cloud provider if it’s worth it, and setup plex or immich on that nas, to share with exactly who I want? I won’t question consumer behavior, because these alternatives to self host things weren’t always there. Surely and steadily, though, we find more and more self-hosted alternatives to subscription based cloud and saas services, and with radically improved and simplified tools to host things locally, manage them with infrastructure as code, and follow all the other modern best practices. All while retaining data ownership, having the ability to share photo data between your darktable container and wordpress container, so you don’t need a bunch of egress fees or to replicate data across platforms, having a platform I can play around with whatever flavor of the month, mining some coin, hosting my own open source LLM’s and MCP on, building skills and knowledge critical to operating at scale, etc.
So going back to the original analogy, maybe not such a bad fit with the Sith and Jedi? Do we want giant monolithic solutions designed to maximize P&L, or do we want to control our own destiny and use the same hosting strategy we do to operate and analyze the data from the most complex tools humanity has ever created that humanity as a collective uses to understand the fundamental nature of reality?
After all, if you own the hardware, at least you’ll know if or when your gpus are melting, and be in control of how much to spend, and if/when to spend it, instead of being called in to explain why your monthly budget is off plan again.
A CACF would focus on the majority of computing use cases that aren’t operating some app that’s changing the world through the sheer will of it’s ego. It would focus on projects that had the prospect to meaningfully improve on the ability to locally store or process large amounts of data, or on the ability to simply, securely, and reliably share specific types of data, across the myriad of network environments and presence or lack of available namespaces. It would focus not on building apps that can sale to serve serve millions or billions of humans, but on building apps that actually serve most humans in more real scenarios day to day, without making those humans the product by scraping their data when they aren’t paying.
Now that we have robust tooling for handling IP dynamism, automatically creating DNS records for SSL validation, etc, we have the tools to control our own destiny. What we don’t have, is a great way of knowing which of these open source projects are the most trustworthy, or sets of defaults that are designed to work together. It seems like the forces of time already pushing the pendulum back towards data ownership. GDPR was a watershed moment in terms of pushing back against allowing corporations to just pile everyone’s data into one big juicy honeypot. A decade plus on, we’re ready for a new default operating model for most businesses and humans, one that preserves data ownership, and shifts the conversation away from outright dependence, to thoughtful use, of subscription and cloud based offerings.