🚨Nation-scale Matrix deployments will fail if built on the community version of Synapse.
The community version of Synapse is not designed or intended for use by commercial Matrix hosting providers to serve huge nation-scale deployments. Just as a suspension bridge has a weight limit and will collapse if you exceed it - the same goes for community Synapse.
Deployments supporting millions of users need Synapse Pro.
https://element.io/blog/scaling-to-millions-of-users-requires-synapse-pro/
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element As a tax payer I want my government to use open source. Since Synapse Pro isn't, it's simply not usable for such cases.
Thank you for detailing the need for doing the same development to the open source Synapse as you have already done on Synapse Pro. I hope you do agree, it would be a pity to have to fork.
=> More informations about this toot | More toots from troed@ioc.exchange
@troed We'd also like everything to be open source. But the reality is that even with AGPL, we're still stuck in the pattern that enormous deployments use FOSS Synapse without contributing to its dev/maintenance costs.
Every time an opportunity that we're counting on to fund the team turns around and says "oh, FOSS Synapse is good enough, and we can use it for free, bye" we find ourselves needing to provide a very concrete reason not to freeride - hence Synapse Pro.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element Do you know of any successful open source businesses that have used this particular method?
"How to make money from FOSS" is an age old problem - but "the free version has a sucky implementation" is, afaik, not the most successful one.
=> More informations about this toot | More toots from troed@ioc.exchange
@troed we're not remotely trying to do "the free version has a sucky implementation". FOSS Synapse will keep improving, including perf (but not scalability) work. The model is more like MySQL Enterprise (back int he day). "If you want a massive cluster with a guaranteed SLA, here's our paid clustering product".
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element Right, so let me make a quick rewrite:
"Scaling is hard!
We're seeing many successful Matrix deployments using Synapse for which we are extremely proud and happy. We're also seeing some running into scaling problems as they approach hundreds of thousands of users.
Element is here to help. We're the biggest contributor to the open source Synapse community, and as such we have unparalleled expertise when it comes to optimizing very large deployments. With our performance libraries, that are specifically crafted for Synapse deployments that can reach millions of users, we can get the performance of massive - and costly - server solutions down to something that's much more manageable.
If this is a good fit for your deployment plans, please reach out!"
=> More informations about this toot | More toots from troed@ioc.exchange
@troed that is a great pitch - and is fairly close to the original Synapse Pro announcement from https://element.io/blog/synapse-pro-slashes-costs-for-running-nation-scale-matrix-deployments/. The only problem is that then a bunch of big deployments said "that's nice, we'll risk it anyway". Hence the harsher "seriously, you will fail if you try to wing it" wording here.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element Ok so now I'll need to preface the next part: I am a former Head of SaaS that built a commercial product on top of a FOSS stack. We took the decision, multiple times, which parts to use as-is, which to pay for commercial support and what that cost/benefit looked like.
I'm sorry, you cannot scare potential customers into choosing your Pro product* over the FOSS offering. If they have the budget and their mission is clear, they will pay. If they don't, they'll need to miss their internal targets before they're able to acquire that budget.
The only thing you can do is to wish such a customer good luck, and then sneakily have your sales personnel check in every now and then. If your Pro product is cheaper for their use case, they will come back and pay you once they've figured out they weren't as smart as they hoped.
Now, I asterisked "your Pro product" - because the big difference between your original product announcement and my rewrite is how you phrase Synapse Pro as a different product and not just as paid consultancy/contract to optimize a Synapse deployment. That way you're basically telling your customer they have a one time choice between Pro and Community, and if they choose Community there's no easy "come help us!" path forwards once they run into scaling issues.
I do understand from this communication that things are tight though, and I truly hope that the EU, or individual governments, can finally understand that this is the area in which they should spend money. But, back the original post. As a dev, and former head of blabla, that post really came out as "we made the FOSS version sucky and put the good code into our proprietary product".
fwiw
=> More informations about this toot | More toots from troed@ioc.exchange
@troed yup your point makes sense - especially as Synapse Pro very much is designed to be dropped into speed up FOSS Synapse when needed. Well, we can always do a 3rd blog post with spin to see how it lands... :)
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element @troed
Sell that product to private companies then, not to public institutions.
=> More informations about this toot | More toots from alxlg@mastodon.social
@element Would you be able to name a price if one such "nation-scale deployment" wanted to pay you to switch Synapse Pro to AGPL and maintain it as such for, say, 5 years?
=> More informations about this toot | More toots from nemobis
@nemobis the funding gap we're try to plug for Synapse and associated Matrix dev is very roughly around $5M/y. So over 5 years, that'd be $25M.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element Thanks! A very reasonable price if you ask me. Italy is planning to spend billions to supposedly secure their insecure military messaging at the network layer.
=> More informations about this toot | More toots from nemobis
@nemobis yup, and be vendor-locked to SpaceX in doing so: https://www.bloomberg.com/news/articles/2025-01-05/italy-plans-1-5-billion-spacex-telecom-security-services-deal.
Another solution here could be if governments decided to actually support FOSS by funding its maintenance & dev by subscribing to the paid product, rather than freeriding. ZenDiS in Germany is a great example of this. But unfortunately, they're almost unique in this, hence Synapse Pro.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element @nemobis oi, you cant do that. Either you complain about vendor lock in, or you can create vendor lock in yourself. You clearly chose to be the type of company that wants their customers locked to their product, so you really can't now complain that your competitors do the same.
=> More informations about this toot | More toots from mvgorcum@chaos.social
@element @nemobis 5 MEUR/yr for 5 years sounds small on the EU scale. One possibility would be to convince one of the ERICs, arguing that EU-scale-FOSS-Synapse is crucial to EU research infrastructure [1]. Another would be to convince EOSC that EU-scale-FOSS-Synapse satisfies "seamless access" and #FAIR in supporting research and justifies a 25 MEUR/5 yrs budget [2].
[1] https://research-and-innovation.ec.europa.eu/strategy/strategy-research-and-innovation/our-digital-future/european-research-infrastructures/eric/eric-landscape_en
[2] https://research-and-innovation.ec.europa.eu/strategy/strategy-research-and-innovation/our-digital-future/open-science/european-open-science-cloud-eosc_en
=> More informations about this toot | More toots from boud@framapiaf.org
@boud @nemobis Interesting. @matrix tried to pitch for EDIC funding about a year ago, but it went nowhere - it looks EDIC is focused on funnelling money from EU->Govts rather than to projects. Meanwhile €5M/y is too big for NGI. Hadn't come across ERICs; will check. If we'd had baseline funding for Synapse dev we wouldn't be in this position.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element You probably need to get help from an existing Matrix user who's involved in Horizon funding, otherwise this is impossibly hard. What about German healthcare?
The website https://gaia-x.eu/ got confusing, might still be worth joining.
Any project needs padding to cover the academic partners' fixed costs. Only GÉANT gets significant money for infrastructure https://cordis.europa.eu/project/id/101194278; in https://cordis.europa.eu/project/id/101147319 , https://cordis.europa.eu/project/id/101129751 the main suppliers get 2-10% of the pie.
@boud
=> More informations about this toot | More toots from nemobis
@element It would make sense to try coordinating with @edri for looking for EU-level or EU-national-member-level financing. The case for supporting matrix software development is strong, but administrative-political coordination is needed. EDRI should have some good ideas and practical knowledge.
@nemobis @ilumium
=> More informations about this toot | More toots from boud@framapiaf.org
@boud Well... https://edri.org/our-work/european-commission-cuts-funding-support-for-free-software-projects/
=> More informations about this toot | More toots from nemobis
@boud @element @edri @nemobis At EDRi we indeed advocate for much more EU funding for free and open source software that is part of the digital commons.
Just this week: https://edri.org/our-work/meta-and-x-are-going-rogue-here-is-what-europe-should-do-now/
We would love projects like the #Matrix Foundation to be on the receiving end of this. There is unfortunately heavy political resistance despite all the talk about #DigitalSovereignty.
=> More informations about this toot | More toots from ilumium@eupolicy.social
@ilumium @boud @element @edri @nemobis Performance propriety can only work if it's protected by obscurity. I like neither side of that equation. Open-source with open funding is the way to go.
=> More informations about this toot | More toots from promovicz@chaos.social
@element Virkkunen just (re)announced an "action plan to protect the health sector from cyberattacks".
https://digital-strategy.ec.europa.eu/en/news/commission-unveils-action-plan-protect-health-sector-cyberattacks
Involves ENISA and Horizon, proposes a new "pan-European Cybersecurity Support Centre" and of course produces a consultation. I hope "cybersecurity maturity assessments" and "procurement guidelines" will cover whether doctors swap patient data in plain text from gmail (I've seen the best hospitals in Milan do it with cancer patients).
@ilumium @boud
[#]EU #HealthCare
=> More informations about this toot | More toots from nemobis
@element @troed oh yes, very sad there is not a single working, widely deployed open source project used by nations all over the world.
=> More informations about this toot | More toots from merlin@kif.rocks
@element @troed tldr greed
=> More informations about this toot | More toots from teto@cawfee.club
@teto @troed tl;dr is more "need to be able to keep paying people to work on this".
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element @troed donations seem to work for KDE just fine
=> More informations about this toot | More toots from teto@cawfee.club
@teto @troed KDE get 350K EUR/y according to their annual report, which is barely enough to pay for the matrix.org hardware costs, let alone anyone to work on Matrix, unfortunately.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element @troed you could've done the obvious and sell matrix as a service or sell support for enterprise customers like Canonical. A "pro" version will just make the project look laughable to the open source community. Simple as.
=> More informations about this toot | More toots from teto@cawfee.club
@teto @troed @element Canonical is actually selling "Pro" edition of Ubuntu
=> More informations about this toot | More toots from kdecherf@n.kdecherf.com
@teto @troed @element "here's our paid software but i guess you can use the crummy old version with scalability problems for free" is not a good argument for why people should use your software
everyone who sees this knows what that means will happen over the coming months and years
sorry that feature is no longer available in the free version, would you like to buy the pro version?
haha whoops we've intentionally crippled this functionality of the free version, would you like to buy the pro version?
you're only allowed to have 10 users on the free version now, would you like to buy the pro version?
we've deliberately broken compatibility with this in the free version, would you like to buy the pro version?
the free version now has ads in all channels, would you like to buy the pro version?
offering enterprise support + managed cloud hosting is the industry norm, not this
=> More informations about this toot | More toots from skylar@misskey.yandere.love
@skylar @teto @troed @element Also wondering how exactly a paid pro version with extra features isn't a violation of the AGPL without those very features being freely available on someone else's public repo
=> More informations about this toot | More toots from Tadano@amala.schwartzwelt.xyz
@Tadano @troed @element @skylar I don't know the soft nor the details, so take it with big salt because details matter in these things.
AGPLv3 and GPLv3 can grant some permission thanks to section 7, like allowing binding with third party code (like a plugin) without changing its license. The whole program has network properties of AGPL, including the soft in a bigger one triggers the (A)GPL, but you can have non (A)GPL modules.
This is the same section allowing a compiler to produce non-AGPL code for ex.
Still, it means that you can't put arbitrary barriers in the AGPL code without people being angry and removing them, or remove features without people putting them back in a fork, as in any free software.
And for the company doing that, I would look at their governance model: if they are VC funded/part of Big Corp, the whole floss part is likely just public relations in any case, and that model ir a pure AGPL is not a very strong clue: there's a lot of cases where it happened in the last years, with whole code base going dark. See for example the recent case for Puppet.
Well actually, whatever the governance, a company doing that is not a free software good citizen.
=> More informations about this toot | More toots from fanf42@treehouse.systems
@fanf42 @Tadano @troed @skylar the situation here is that Element releases its FOSS as AGPL, but retains the right to dual-lic as proprietary (in order to raise $ to fund FOSS dev) via a CLA, which has the term that any AGPL contribs must be released as FOSS (to avoid rights ratcheting). Yes, Element is VC funded, but the last 10y of releasing almost everything as FOSS may give some confidence that we aren’t bad actors.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element @troed From my experience large scale deployers of software (also FOSS) always want an enterprise SLA, in case problems pop up they can't handle. Wondering who those large deployment orgs are that feel they can go without enterprise support.
=> More informations about this toot | More toots from sunweaver@fosstodon.org
@sunweaver @troed the problem is mainly that system integrators turn up saying they can provide that support and sla by using the foss project, and then try to save costs by not working with us as the upstream - meaning the upstream isn’t funded, undermining the underlying project, and increasing the chances of the delivery going wrong without expert support (and with a weakened upstream).
=> More informations about this toot | More toots from element@mastodon.matrix.org
@sunweaver @troed https://www.heise.de/news/Probleme-mit-Open-Source-Videokonferenz-Tool-Hessen-fuehrt-kurzfristig-Webex-ein-10217839.html is one concrete example, which contributed directly to layoffs at Element in 2022 and 2023 as mentioned in https://matrix.org/blog/2022/12/25/the-matrix-holiday-update-2022/. Synapse Pro is an attempt at us giving SIs a much more valuable reason to work with us as the upstream rather than trying to cut us out.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element @troed The company mentioned in that Heise post is well-known for scrounging in OSS and not giving back much. Been there, seen that.
=> More informations about this toot | More toots from sunweaver@fosstodon.org
@element@mastodon.matrix.org @troed@ioc.exchange Stop developing proprietary software!
If not Ejabberd is free, we will install this instead.
:gnujihad:
=> More informations about this toot | More toots from SuperDicq@minidisc.tokyo
@element @troed
Who cares if someone profits without giving back when you are supposed to be funded by governaments to power sovereign infrastructures.
=> More informations about this toot | More toots from alxlg@mastodon.social
@alxlg @troed we care, because if the govt’s money goes to an SI rather than us, we can’t pay people to improve or indeed maintain our software…?
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element @troed
Contact the institutions and explain that they need to support your work in addition to their suppliers? It's not like adopters of an innovative decentralized protocol can't understand how much important it is to support its development.
Or adopt Open Nitrate Model? https://www.youtube.com/watch?v=STNomD9GUJY
Going proprietary for the public sector totally defeats the purpose of tech sovereignty and you will have a hard time trying to sell the only viable implementation of a (open) protocol.
=> More informations about this toot | More toots from alxlg@mastodon.social
@alxlg @troed Ironically, we already were doing something like the Open Nitrate Model. https://element.io/server-suite is the proprietary product which lets organiations lock down how the FOSS products work. However, in practice that hasn't been enough.
And yes, we do contact the institutions and explain they need to support the upstream - but if they don't have budget (because why would they have budget to support something that's free-as-in-beer?) then it's a problem.
=> More informations about this toot | More toots from element@mastodon.matrix.org
@element
You're absolutely correct. The large SIs also don't care if the total cost turns out to be larger since they're not the ones that pays. They only care about their profit.
@landgren has exposed such behaviour in Sweden, as an example. We also have Jens Nylander (don't think he's on Mastodon) who has been documenting public sector waste of money.
This needs to be solved through general awareness at the public sector level - and it is an interesting topic.
@alxlg
=> More informations about this toot | More toots from troed@ioc.exchange
@element @troed synapse pro is assuredly based on other open source software, potentially even existing community matrix protocol libraries like ruma
how are you ensuring that you yourself are not freeriding on these community projects? there is not much of a difference between selling server software while not giving back to open source devs and people selling your service without giving you money.
=> More informations about this toot | More toots from charlotte@akko.chir.rs This content has been proxied by September (3851b).Proxy Information
text/gemini