A.J. Brown is a principal engineer, Spring Boot enthusiast, and advocate for open source software (OSS).
As part of our ongoing series for World Open Source Day, we had a conversation with A.J. about his journey in OSS development so far.
Let's dive into his story where he talks about observability, Netflix engineering, and open source versus proprietary code.
What do you think is the most important aspect of open source?
The most important aspect of open source is the value that the world gets out of it.
What I mean by that is, most of the applications on your phone, on your computer, everything we use every single day are comprised largely of open source. In modern application development, there are very few applications that are mostly proprietary code. If you consider all the execution paths in an application, most of them probably go through something open source. The reason for that is that it helps developers build software faster, because they don’t have to think about the concerns that other people have already thought of for them. It’s almost like you don’t have to understand how square roots in math work — you just have to know they exist and when to use them. Open source software is kind of the same way.
The other part is it reduces the amount of knowledge developers need to have on something in order to effectively use it. As an example, I use AI/ML tools every day. I have no clue how that works, but if I can pull in a library to do it for me, I can now leverage that thing that someone else spent a lot of time, energy, and research doing.
It’s a boon of generalizing knowledge and getting rid of the mundane stuff so that, as developers, we can focus on the things that drive value in our own context, in our own businesses, or with whatever customer we are trying to serve.
How did you start becoming more involved with open source?
My original interest started with just being a software developer and then realizing, “Oh wow, I can just pull in this library,” and “instead of learning how to build an application from scratch, I can just use Spring Boot.”
Then contrasting that with how, for a little while, I was a developer for Elastic Path, an e-commerce platform. It’s not open source. You have to get a license and be a certified developer, and then you get their code. Once you go through all the commercial steps, it’s almost like using open source, but it’s not. So, when you do that for a while and switch over to something that is open, you’re like, “There’s a lot more functionality here for free, so why were we ever paying so much money to get someone else’s code?”
Over time, since the mid-2000s, big-name companies have poured a lot of time, energy, and resources into open source. Netflix is really good about developing their own software to help themselves. Spinnaker, for example, is their build-and-deploy system. They could have built it in-house and kept it internal to solve their own problems, but instead they opened it up as open source. An advantage of doing that is they get other developers to help out essentially for free. So, we could spin up a team, build this thing, and maintain it forever. Or, we could build it enough to open source it and then the community will help build it.
So, seeing companies put their own time, energy, and money into open source piqued my interest where I felt there’s a lot of opportunity out there. Then the pattern you see a lot is “I built this awesome open source thing, but then I built a company around it to make it better.” I thought that was a pretty fascinating model to put something valuable out into the world, but then also be able to do the capitalism thing and make money from it.
If you were teaching a beginner about open source, what is one piece of advice you would give them?
I would say start with the things that you are using today. So, if you are using Spring Boot, you’ve probably run across a problem that you’ve had to solve with it that isn’t in Spring Boot itself. You had to build something on it, so think of how you can contribute back with that. Maybe even go into individual components in Spring Boot and look at the bug list. There’s a good chance you might come across the problem you’re encountering and can help fix that.
It’s easier to figure out how to help with something that you’re familiar with than it is to try and go into a new interest or bigger-name project and try to jump right in. If you continue to do that over time, you’ll find new opportunities and go from there. It’s almost like if you want more friends you’ve got to go out to the bar or go play a sport, and eventually you start to find friends you like, hang out with them, and then find other things to do together. It’s almost the same thing with starting in open source. Start somewhere that’s familiar and see where that takes you.
Also, it’s easy these days, if you just have an idea, to create a library and put it out there. Unless you build one of those really awesome things, people are probably not going to find it. So, if you really want to get involved, you’ve got to go where people already are.
Is there a tool, community, or area of open source you feel should receive more attention?
Observability, as in tracing your applications, application performance management, and things of that nature. I know there are some tools coming out that are good and open source, such as OpenTelemetry. That vertical within software development tooling is extremely useful. These solutions can be extremely expensive to buy and really tough to implement yourself but very valuable as developers want to build performance things. I’d love to see more focus in that area even though in the last couple of years it’s grown.
It’s hard not to say security tooling while working for Sonatype. But I think inevitably once someone has commercialized something, and it becomes more of a commodity, it then becomes more open source. That’s been the natural evolution of many things that’ve been invented. So, I think we are headed there with security and licensing stuff as well.
Who has helped you in your journey through open source?
I think Netflix does a really good job. With their Netflix engineering blog, they share what they are doing, why they are building these things, and what you can use them for. These are all things that are solving their own internal engineering or operations problems that they are putting out there for others to leverage.
And of course, working at Sonatype and our visibility into the software supply chain, the open source within it, and all of the products we’re developing to help others understand it. It’s like we’re trying to manage the wild wild west. More and more people are jumping on the open source train, trying to use more of it, and embrace it. Even the government is starting to embrace open source. With Sonatype’s focus on making sense of everything open source — these “wild” components out there — I think we are making a big difference.