Open source software powers the modern internet. Linux runs the majority of servers. Kubernetes orchestrates the majority of containerized workloads. PostgreSQL, Redis, and Kafka handle petabytes of data for the world's largest companies. Yet a persistent question remains: if the software is free, how do the companies behind it make money?
The answer is more varied and sophisticated than most people realize. Over the past two decades, the open source business model has evolved from a curiosity into a proven approach that has produced dozens of companies valued at over a billion dollars. This article examines the most successful models, their trade-offs, and the tensions they create within open source communities.
The Support and Services Model
The oldest open source business model is straightforward: give the software away for free and charge for support, consulting, and training. Red Hat pioneered this approach with Linux in the late 1990s and built it into a company that IBM acquired for $34 billion in 2019.
How It Works
Companies offer enterprise support contracts that include guaranteed response times, security patches, long-term support for specific versions, and access to certified, tested configurations. Customers pay not for the code itself but for the assurance that someone will help when things break.
Strengths and Weaknesses
The support model aligns well with open source values because the entire codebase remains fully open. However, it scales poorly. Revenue grows linearly with headcount because support is fundamentally a human-intensive business. It also requires the software to be complex enough that organizations need professional help to run it.
The Open Core Model
The open core model is currently the most popular approach among venture-backed open source companies. The core product is open source, but additional features, often focused on enterprise needs like security, compliance, and administration, are proprietary and require a paid license.
Examples in Practice
- GitLab: The Community Edition is open source under MIT. The Enterprise Edition adds features like advanced CI/CD, security scanning, and compliance management.
- Grafana Labs: Grafana is open source under AGPL. Grafana Cloud and Grafana Enterprise add features like enterprise plugins, enhanced access control, and dedicated support.
- HashiCorp: Terraform, Vault, and Consul have open source community editions alongside paid enterprise versions with governance, collaboration, and audit features.
The Feature Line Challenge
The central tension in open core is deciding where to draw the line between free and paid features. Draw it too aggressively (making the free version barely functional), and the community will not adopt the project. Draw it too generously (giving away everything enterprises need), and there is no revenue. The best open core companies place the line at features that matter primarily to large organizations: single sign-on, audit logging, role-based access control, and multi-tenancy.
The Managed Service (Cloud) Model
As software moves to the cloud, many open source companies have shifted to offering hosted, managed versions of their software. Instead of downloading and running PostgreSQL yourself, you pay someone to run it for you with high availability, automated backups, and seamless upgrades.
The Cloud Provider Threat
This model has a significant vulnerability: cloud providers can take open source software and offer it as a managed service themselves, often with deeper integration into their platforms. Amazon's offerings of managed Elasticsearch, Redis, and Kafka generated controversy because the original companies invested heavily in developing the software while Amazon captured a large share of the commercial value.
The License Response
Several companies responded by changing their licenses to restrict cloud providers from offering competing managed services. MongoDB switched from AGPL to the Server Side Public License (SSPL). Elastic switched from Apache 2.0 to SSPL and the Elastic License. Redis Labs added the Commons Clause and later the Redis Source Available License. These license changes are controversial because the new licenses do not meet the Open Source Initiative's definition of open source.
Dual Licensing
Dual licensing offers the software under two licenses simultaneously: an open source license (often AGPL or GPL) and a commercial license. Users who can comply with the open source license's terms use it for free. Users who cannot or do not want to comply, typically because they want to embed the software in a proprietary product, purchase a commercial license.
Examples
- MySQL: Available under GPLv2 and a commercial license from Oracle.
- Qt: Available under LGPL/GPL and a commercial license for proprietary applications.
- MongoDB (historically): Used AGPL plus a commercial license before switching to SSPL.
Requirements for Dual Licensing
Dual licensing requires that the company own the copyright to the entire codebase, which typically means requiring contributor license agreements (CLAs) from all external contributors. This can discourage community contributions because contributors must sign over rights to their code.
The Marketplace and Extensions Model
Some open source projects generate revenue through marketplaces for extensions, plugins, or themes. WordPress is the most prominent example: the core software is free under GPLv2, but a massive ecosystem of premium themes, plugins, and hosting providers generates billions in annual revenue across the WordPress economy.
The Freemium SaaS Model
Companies like Sentry (error tracking) and Plausible (analytics) offer their software as open source but run a hosted SaaS version with a free tier and paid plans. Users can self-host for free or pay for the convenience and reliability of the managed service. This model works best when the operational burden of running the software is significant enough that many users prefer to pay rather than manage it themselves.
Emerging Models
Fair Source and Functional Source
New licensing categories are emerging that sit between fully open source and fully proprietary. Fair Source licenses allow source code access and limited free use while restricting large-scale commercial exploitation. The Business Source License (BSL), used by MariaDB and CockroachDB, makes code available under a restrictive license that automatically converts to a permissive open source license after a specified period.
Open Source Foundations
Some projects are funded through foundations that collect membership dues from companies that depend on the software. The Linux Foundation, Apache Software Foundation, and Cloud Native Computing Foundation collectively manage hundreds of projects and receive tens of millions in annual funding from corporate members.
What Works Best
No single business model is universally superior. The best choice depends on the nature of the software, the target market, and the competitive landscape. Infrastructure software that is complex to operate tends to work well with managed service models. Developer tools often succeed with open core or freemium SaaS. Libraries and frameworks are hardest to monetize directly and often rely on adjacent services like consulting, training, or hosted platforms.
What is clear is that the era of open source as a purely altruistic endeavor is over. Open source has become a viable, even preferred, approach to building commercial software products. The challenge for the next generation of open source companies is finding models that generate sustainable revenue while preserving the community trust and collaborative development that make open source valuable in the first place.
