Navigating the open source journey: When free is awesome, and why commercial solutions have their place
Open source Published on •5 mins Last updatedNavigating the choice between freely available open source software, and enterprise solutions can be confusing. Here we examine each solution in turn and ask whether one solution might make more sense than another at certain stages of organizational growth.
Open source
Changing the world for the better
At Loadbalancer.org, our heroes are open source. And for good reason. Open source software plays an intrinsic part in our company, products, and services, bringing with it a number of clear benefits:
- Innovation - Being part of the open source community is the equivalent to supercharging your technology, by collaborating with thousands of developers all over the world to modify and enhance your solution. As Loadbalancer.org CTO, Miles Martin explained, new open source features emerge all the time, driven by the inventiveness and collaboration of thousands of like-minded and forward-looking developers within communities: "Take containerization, for example. Proprietary solutions vendors were slow to capitalize on this new way of virtualizing operating systems, while the open source community moved incredibly fast to extend and exploit open source technologies in this field, including Kubernetes".
- Flexibility - Open source load balancers such as HAProxy already have the inherent flexibility to adapt easily to different requirements, which is why our Founder Malcolm Turnbull, describes it as: "One of the most flexible and powerful load balancers available". Malcolm Turnbull, Co-Founder, Loadbalancer.org. In contrast, proprietary software (by its very nature) is often very complex and based on aging technologies. As a result, proprietary platforms can be cumbersome to adapt, so consequently, vendors don’t have the flexibility to easily adjust their products to meet changes in customer requirements.
- Security - As open source champion HackerOne CEO, Marten Mickos so eloquently put it: "Together we hit harder". More eyes on the code mean the community is able to spot vulnerabilities faster and build fixes for the community before these vulnerabilities are even made public. In fact, our own Technical Author/ Architect and open source wizard, Andrew Howe, recently identified a request body bypass vulnerability in the OWASP ModSecurity Core Rule Set (CRS).
For more on open source, and why we love it, check out our round table discussion on this very topic:
The state of open source load balancing software
Luckily there are several excellent open source load balancing software developers out there. In fact, many of the commercial vendors, including ourselves, make heavy use of the existing open source stack.
Loadbalancer.org thinks HAProxy is by far the best open source reverse proxy, especially when combined with LVS for layer 4 load balancing — but there are many others to choose from!
In our humble opinion, the 5 best open source load balancers are:
1. HAProxy (Mature, fast, and feature-rich)
2. LVS (Solid as a rock, and lighting fast but limited features)
3. Envoy (Flexible, mature and fast, made with love by Lyft)
4. Traefik (Mature and great for microservices)
5. Nginx (Solid, but pretty basic — unless you go for the commercial version)
Open source load balancers are great, but when running mission-critical commercial applications it's not always the promised land
If you're a technically competent end user, building your own in-house system in a small company, then an open source solution is often a fantastic option.
However, unsurprisingly (it's free remember?!) there can be drawbacks to running open source variants in a commercial environment that will potentially limit what you're able to achieve. And these potential pitfalls are magnified if you're a vendor selling a product and integrating open source load balancing with it. Some of the more common challenges we see are:
- Open source software doesn't come with commercial support, so if there's a problem, you'll need to be on call 24/7, or have an in-house team of solid engineers around you to fix it.
- You (and anyone else maintaining it) will need to be comfortable at the command line. Open source solutions won't always come with a fancy GUI to make your life easy. This can result in cumbersome deployment and maintenance with manual changes potentially causing the very thing the load balancer is there to avoid... downtime!
- The impact of relatively simple 'issues' can be significant due to the potential complexity of the deployment and the familiarity of the person working with it. I've lost track of the number of times I've heard the story of an in-house guru building an amazing solution, only to leave the organization and leave the rest of the company left scratching their heads wondering what on earth to do with it.
- It's not scalable as a packaged solution. If you're a product manager integrating open source load balancers and selling it on as a solution to your customers then you'll very quickly have professional services and customer support screaming down the phone at you. Whilst an excellent solution for a few installs, the rest of your business is simply not going to cope when rolling this out to hundreds of customers.
Commercial solutions
Paid-for software comes in different shapes and sizes
If you're already familiar with open source solutions such as HAProxy, the obvious path would be to find a commercial version of the software that you already know and trust — with the logical starting point being HAProxy Enterprise:
Source: HAProxy.com
The moment you start exploring the world of commercial load balancers, a common misconception is that a feature and/or performance war is inevitable. With the capability of modern load balancers, this really needn't be the case. Any reputable vendor can handle the vast majority of requirements, so perhaps your questioning should focus more on how you can work with the organization. For a deeper dive into our thoughts on this, check out our blog "How to Compare Load Balancers".
So what does working with Loadbalancer.org look like?
Surely we're just another profit-driven capitalist organization out to bleed you for every cent imaginable? Not entirely true ;-) OK, we don't mind making money, but we're far more passionate about fixing problems and helping people build rock-solid applications. Here are a few reasons why customers have enjoyed transitioning from free open source to Loadbalancer.org...
- Our product isn't built on just one open source project. Yes, HAProxy is a major component, but the product is effectively a swiss army knife of additional open source tools, packaged purely to keep your applications running 24/7.
- We will always offer a no lock-in guarantee and an easy path back to the free variants. If you ever want to revert back to the open source version then you can simply copy the full open source config files directly from our GUI — and keep all that knowledge that we've shared along the way!
- Many of our global team of open source advocates work directly on the open source projects that are utilized in the product. This not only enables truly excellent support but also ensures we're creating patches for any security vulnerabilities before they're even announced.
- We have the ability to take the pain of supporting your open source deployments away — without necessarily buying our software. If you have an estate of open source load balancers and you need someone to help, then just ask.
- We have deep-rooted relationships with the open source community and give back through outreach whenever we can.
While you may need a bells and whistles load balancer, you also may not. Our load balancers are designed to be clever, but not complex to use — so if you want to skip the learning curve, self-serve, and avoid costly extras, you might want to reach out.