A few days ago, the post Upcoming Changes to the AWX Project came across my feed. An innocuous title, but sometimes community-impacting changes are buried in posts like this. So, as an interested Ansible user, I read through the post.
In 1,610 words, almost nothing of substance was written.
A lot about how it's not 2014 anymore, so 2014-era architecture doesn't suit AWX. Then a big bold disclaimer at the bottom:
Before we conclude, we should be clear about what will not happen.
- We are not changing the Ansible project
- We are not adjusting our OSS license structure
Ultimately, we need to make some changes to the way our systems work and our projects are structured. Not a rewrite but a refactoring and restructuring of how some of the core components connect and communicate with each other.
The only references to the blog post I can find—anywhere—are a bunch of LinkedIn reposts, mostly parroting bits of the article like "Red Hat continues to innovate to drive the platform forward" and "it's not 2014 any more, so things need to change."
Disclaimer: I don't use the community AWX automation platform, or Ansible Automation Platform (AAP) which uses AWX at its heart. I'm just an Ansible community member who used to work on AWX a little, and built the initial version of the AWX Kubernetes Operator.
I even asked on a couple posts—as an interested member of the Ansible community (Ansible is a core part of the AWX/AAP platforms)—if anyone had an idea of what kind of changes could be coming. So far I haven't heard a response.
One post from a Red Hat Solutions Architect may offer a clue:
The open source AWX project will begin making significant changes to the way they develop and release updates. Although these changes will allow for faster innovation, it could impact future stability making AWX a less attractive option for production environments. [Emphasis mine]
The above statement, in tandem with the specific mention of not changing the OSS licensing structure, could point to AWX's releases not being quite as easy to run stably for production purposes. Not that a ton of people do that—I tried a couple years ago and realized maintaining Jenkins (of all things) was easier for my small-business-sized Ansible automation needs.
This post isn't about the utility of AWX or AAP though. It's about figuring out what Red Hat means. I still don't know, but one commenter who replied to my question on LinkedIn might be on to something:
Could this be related to CIQ's Ascender Automation product which is based on AWX, potentially pulling the rug from under their feet?
I honestly have never looked at Ascender but it looks like it's a productized version of AWX, likely intended to compete with AAP, similar to how CIQ offers paid support for Rocky Linux, which competes with Red Hat Enterprise Linux. (That fact stirred up quite a brouhaha last year...)
I've had zero confirmation about any of this, so it's entirely speculation... but I do wonder now, if CIQ is triggering another shift in Red Hat's product/community focus.
I don't think AWX has even a fraction of the adoption CentOS used to, so I don't expect radical changes to the packaging/release will make as many waves. But it is something I'm intently following, since I rely on Ansible for a lot of my infrastructure—hopefully there are no ripple effects there!
It's also important to note Ansible (pre-buyout) maintained AWX née Ansible Tower as a proprietary product for many years, and after Red Hat purchased Ansible, they eventually open sourced AWX—which I wrote about in 2017.
Comments
You know nothing they do at this point will be good-intentioned. This likely means they're inserting a fee per transaction ultimately, or as much as they can lube the community prior to penetration. Monetize that a**.
Big blue wants to maximize their investment, problem is they're too short sighted. I tried Semaphore UI and am genuinely impressed, it may not be as Enterprise ready but the basic functionality is there.
On reddit, they posted the article, but only in the /ansible not in /awx. When someone called them out about not actually saying anything. Ben replied with
What will change
- Shorter time to security fixes.
- Reduced barrier to entry for new contributors.
- Nightly builds that will use calendar versioning.
- Components in AWX will overtime be placed in different projects to ease development and foster release velocity.
What will not change:
- Ansible core.
- OSS licensing.
- AWX will remain the dev branch.
So basically they are moving to nightly releases and will break up the components into multiple repos, which is where things have been going for a while now (separation of UI, etc...). Looking at Oracle and CIQs offerings, I doubt this will slow them down any.
That doesn't seem so bad; not sure why they didn't just put that in the blog post?
I would garner that they didn't want to be on official record of saying that that was the only things that would change. This is BlueHat after all. Their track record up to this point guarantees they will try something to increase sells at the expense of the Open Source community.
Hi Jeff, I’m a huge fan of your work in all mediums but am slightly disappointed in your attitude toward all things Red Hat. Releasing an article with pure speculation and an obvious thesis of spreading FUD around Ansible is not something I view to be in the best interest of the Open Source communities you often strive to protect and enable. I understand your frustration with Red Hat’s handling of CentOS, but I feel that pieces like this are not written in good faith, and that saddens me a bit. I am still a fan and will remain an ardent consumer of your content I just wanted to provide what I feel is potentially constructive feedback from the prospective of a random person existing in the Open Source orbit.
Best Wishes,
A Fan
The only reason I wrote this blog post is I've asked around via LinkedIn and Twitter, and nobody from Red Hat will respond (even to say "stay tuned" or "we have nothing more to say")... so giving a little more visibility hopefully will incentivize someone internally to make an actual announcement and quell any concerns the community has demonstrated.
I am far from the first person to raise any concern, like another prominent community member jpmens posted about it on Mastodon three days ago.
In the absence of information, speculation fills the void. In this case, I still stand by 'better to not say anything than to say nothing in 1,600 words.'
The game theory on this is essentially lose-lose.
If Red Hat says nothing, then Red Hat loses any trust they may still have in the community because they lack transparency on the decision making process, but if Red Hat doesn't have a clear idea of what their changes look like yet, then the message sounds hollow (which, honestly, it does) when they DO say something in the interest of transparency.
I think it's pretty clear in what they DID say that the basic Ansible that isn't the big enterprise thing is not where this is focused. They know pretty well that the free command line tool is evangelism to get organizations to adopt the paid stuff. Sounds like the issue is more around enterprises that want the enterprise features at scale and refuse to pay.
It could be worse, they could just not say anything and then magically break Ansible just to spite those enterprises. Seems like they care about the community but have to be practical about abusive competitors and customers.
Just wanted to add a +1 to this.
That is not fair. Finding information on AWX developments isn't easy or fun. His tone is more then reasonably neutral about the whole thing.
Curious what your thoughts are on CiQ and their business model. Seems as if your entire shtick is "copy the exact code and undercut the provider on price because you don't bear any of the engineering costs and provide zero value add", then you're just racing open source to the bottom. No wonder RH felt they needed to do something about it.
If every commercial open source project had the level of contributionless competition that RHEL had, there would be no commercial open source at all.
Remember that "freeloader" thing that bothered you so much during Red Hat's Linux source code debacle? This is what they meant, not community users. Open Source takes a level of risk from the vendor's part to ensure that they get to compete fairly against differentiated solutions, and if a company compromises that risk, then a business is going to do what it has to do.
I have absolutely zero affiliation with CIQ, and had never even heard of the company until all the firestorms ignited last year over CentOS and Rocky Linux. My 'shtick' is I love open source communities—it is how I was introduced to the entire concept of free software and open source development—and anyone (Red Hat, Hashicorp, CIQ, etc.) who tosses hand grenades into their user community deserves to be called out for it.
I honestly have never interacted with CIQ and probably never will. For a brief time I used Rocky Linux (which I found out was backed by CIQ) when the CentOS 8 rugpull happened, and also had some early plans to use Rocky Linux 9 for some of my servers, but have since moved everything to Debian and Ubuntu.
You can still have an opinion of what they are doing without affiliation, though.
"If every commercial open source project had the level of contributionless competition that RHEL had, there would be no commercial open source at all."
This was really well stated. As someone who loves open source communities, I would have assumed Jeff would lean on the side of putting contributionless competition on blast. THAT is what caused the hand grenade and who deserves to be called out. If the contributionless contributors actually contributed, there wouldn't be an issue here.
Looks like that poster probably meant to say "their" and not "your".
Curious what you like about Debian over something a little more finegrained like Arch.
Regarding Debian, it's mostly familiarity. I've never tried Arch and the whole 'btw I use Arch' thing turned me off a little, a long time ago (the meme has some basis in reality), just like with Nix ;)
I don't hate it (and in fact the Arch wiki is an immeasurably helpful tool for all Linux users), I just haven't used it. I also mostly run Linux on servers, and Debian and Ubuntu (and formerly CentOS) were quite stable through the course of 5-10 years (even with a point to point rebuild).
Also not affiliated with CIQ but we've had a few conversations with them about Ascender, Rocky Linux support, and their Bridge product which extends security patching support for CentOS 7. Ascender itself is released under Apache 2.0 licensing, and the primary difference between that and AWX is that CIQ puts the AWX code through vetting and testing, taking that burden off our plate. The main difference is with their installer. A shell script prompts for details such as k8s platform, namespace, FQDN to use for the UI, image pull policy for execution environment images, etc. It uses this to build out playbooks and roles to perform the actual deployment via Ansible. The other useful difference is their Ledger product which has an OSS and paid version, with the latter having more features and paid support. Even the OSS version is nice as a logging and reporting tool for all things configured and automated via Ascender. Again, not affiliated but we're doing a POC of AWX and Ascender, and I'm really liking the latter.
This is why I went Semaphore (semui.co). It's not perfect, but it works and I don't have to worry about IBM, err I mean, RedHat. The core author is active and receptive. Just like a proper OSS should be.
It begins. They started moving things around heavily.
2 months ago the recommended way of installation was awx-operator, ideally deployed with Helm.
Now not only they changed all the docs to ose **make** but also completely removed all mentions on helm operator. Goolging points to 404 pages in first page of results. The fact that they moved the helm code to awx-community showed on docs just recently, as probably more people had issues with it. And that helm thing is described here https://forum.ansible.com/t/upcoming-changes-to-awx-operator-installati… I wonder how long will it take to close down AWX completely, as one must say they loose many customers for AAP in favour of AWX