Most services could be built by combining an open source / Free Software (eg. MariaDB) together with a service lifecycle automation (SLM) platform (eg. SlapOS). With one notable exception, this goal has not yet been reached by the Open Source / Free Software community because most projects are still focusing on some kind of virtualisation (eg. virtual machines, containers) or orchestration (eg. Kuberneres) which only represent 10% to 20% of what is necessary to implement a public cloud service.

This may leave SlapOS as the only open source / Free Software project that could possibly match leading public cloud services (AWS, Azure, Alicloud), as the following comparison table highlights:

SlapOS OpenStack Kubernetes Jupyter NixOS AWS IaaS ✔ ✔ ✔ PaaS ✔ ✔ ✔ ✔ ✔ Service App Store ✔ ✔ ✔ Orchestration ✔ ✔ ✔ ✔ Virtualisation ✔ ✔ ✔ Network management ✔ ✔ ✔ Resilient networking ✔ ✔ Bare metal encapsulation ✔ ✔ ✔ ✔ Portability ✔ limited ? Multi-tenant services (eg. CDN) ✔ ✔ Edge computing ✔ ✔ Continuous integration ✔ ✔ Self-monitoring ✔ ✔ Autonomous convergence ✔ ? Automated DR ✔ ✔ Accounting & Billing ✔ ✔ Nexedi stack: less is more

Nexedi develops and operates complex, scalable applications with less than 15 software: the Nexedi Freee Software stack.

Out of those 15 software, developers actually focus on four of them:

ERP5 for enterprise records management (including CRM, MRP, MES) OfficeJS for Progressive Web Application (PWA) development; SlapOS for IT infrastructure automation (on the cloud, at the edge or in the workshop); Wendelin for data collection and processing (including AI and conversion).

Since both SlapOS, Wendelin and OfficeJS are just variations of ERP5, Nexedi developers actually only need to learn a single framework (ERP5) and a single language (python). By relying on less tools, Nexedi developers have more time to learn ERP5 in depth. They can reuse their ERP5 knowledge with SlapOS and Wendelin. And thanks to the huge size of python , most problems that are not already covered by ERP5, SlapOS, Wendelin or OfficeJS can be solved quickly. AWS vs. Rapid.Space

Amazon AWS provides more than 200 cloud services.

The table below provides a comparison between Amazon AWS cloud services and technologies of the Nexedi Free Software stack which can be used to build simlar services deployed with SlapOS on Rapid.Space high performance, low cost cloud platform. For each AWS category and product, we provide a possible alternative in Nexedi Free Software stack either as a SlapOS profile (server based) or as Progressive Web App (browser based). We also provide open source / Free Software alternatives we are aware of.

Category Product Description Nexedi or partner SlapOS PWA FLOSS Alternative Query data in S3 using Athena Wendelin ✔ SQL Managed search CloudSearch Wendelin ✔ Searx service Elasticsearch Run and scale Wendelin ✔ Elasticsearch Service Elasticsearch clusters Hosted Hadoop EMR Wendelin ✔ Hadoop framework Analyze real-time video Category KinesPirsoduct and dDateas sctrriepatmiosn WNenxdeedlii nor partner Sla✔pOS PW A FLOSS Alternative Managed Fully managed Apache Streaming for Wendelin (fluentd) ✔ Kafka Kafka service Analytics Fast, simple, cost- Redshift effective data Wendelin ✔ warehousing Fast business analytics QuickSight Wendelin (iodide) ✔ Superset or Metabase service Find, subscribe to, and Data Exchange use third-party data in Wendelin (ebulk) ✔ the cloud Orchestration service Data Pipeline for periodic, data- Wendelin ✔ Airflow or Activeeon driven workflows Wendelin AWS Glue Prepare and load data ✔ Talend (CONNECT) AWS Lake Build a secure data Wendelin (ebulk) ✔ Formation lake in days AWS Step Coordination for Wendelin (activate) ✔ Airflow or Activeeon Functions distributed applications Serverless event bus EventBridge for SaaS apps & AWS Wendelin (activate) ✔ Airflow or Activeeon services Managed message MQ JIO ✔ open62541 or RabbiitMQ broker for ActiveMQ Application Simple Integration Managed message Notification JIO ✔ open62541 or DPS topics for pub/sub Service (SNS) Simple Queue Managed message Wendelin (activate) ✔ Airflow or Activeeon Service (SQS) queues Power your apps with AWS AppSync the right data from JIO ✔ many sources, at scale Build and run VR and RenderJS + VR and AR Sumerian ✔ AR applications BabylonJS AWS Cost Analyze your AWS SlapOS (UI) ✔ Explorer cost and usage Set custom cost and AWS Budgets usage budgets Access comprehensive AWS Cost & cost and usage SlapOS (Monitor) ✔ AWS Cost Usage Report information Management Reserved Dive deeper into your Instance reserved instances SlapOS (Monitor) ✔ Reporting (RIs) Save up to 72% on Savings Plans compute usage with flexible pricing Amazon Create and manage Managed scalable blockchain Blockchain networks Blockchain Amazon Quantum Ledger Fully managed ledger

Database database (QLDB) Alexa for Empower your

Business organization with Alexa Frustration-free Amazon Chime meetings, video calls, SlapOS (Nextalk) ✔ and chat Business Secure enterprise Applications Amazon document storage and ERP5 (DMS) ✔ SlapOS (Nextcloud) WorkDocs sharing Amazon Secure email and Category WorkPMroadil uct calendDaersincgription SNlaepxOedSi (oNre pxatcrltonuedr) Sla✔pOS PW A FLOSS Alternative Virtual servers in the Amazon EC2 SlapOS (kvm) ✔ Proxmox cloud Scale compute Amazon EC2 capacity to meet SlapOS (buildout) ✔ Auto Scaling demand Amazon Elastic Store and retrieve Container SlapOS (buildout) ✔ docker images Registry Amazon Elastic Run and manage Container SlapOS (buildout) ✔ Proxmox docker containers Service Amazon Elastic Run managed Kubernetes SlapOS (buildout) ✔ Kubernetes Kubernetes on AWS Service Launch and manage Amazon Lightsail SlapOS ✔ virtual private servers Run batch jobs at any AWS Batch Wendelin scale Compute AWS Elastic Run and manage web SlapOS (buildout) ✔ Beanstalk apps Run containers without AWS Fargate managing servers or SlapOS (buildout) clusters Run code without AWS Lambda Wendelin ✔ thinking about servers Run AWS AWS Outposts infrastructure on- Rapid.Space Node ✔ premises AWS Serverless Discover, deploy, and Application publish serverless Repository applications Deliver ultra-low AWS Wavelength latency applications for 5G devices Build a hybrid cloud VMware Cloud without custom SlapOS ✔ on AWS hardware Cloud-based contact Amazon Connect ERP5 ✔ center service Personalized user Amazon Pinpoint engagement across channels Customer Amazon Simple Engagement Email sending and Email Service receiving (SES) Contact center Contact Lens for analytics powered by ERP5/Wendelin ✔ Amazon Connect ML High performance Amazon Aurora managed relational MariaDB + Repman ✔ database Amazon Managed NoSQL NEO ✔ DynamoDB database Amazon DocumentDB Fully managed NEO ✔ (with MongoDB document database compatibility) Amazon In-memory caching ✔ Kumofs ElastiCache system Amazon Managed Managed Cassandra- MariaDB Apache compatible database (CASSANDRA) Cassandra Service Fully managed graph MariaDB Category AmaPzoron dNuecpttune databDasees csreirpvtiicoen (NOeQxGeRdiA oPrH p)artner Sla✔pOS PW A FLOSS Alternative Database Amazon Quantum Ledger Fully managed ledger NEO ✔ Database database (QLDB) Managed relational database service for Amazon RDS MySQL, PostgreSQL, MariaDB ✔ Oracle, SQL Server, and MariaDB Amazon RDS on Automate on-premises SlapOS ✔ VMware database management Fast, simple, cost- Amazon Redshift effective data Wendelin ✔ warehousing Amazon Fully managed time MariaDB ✔ InfluxDB Timestream series database (COLUMNSTORE) AWS Database Migrate databases with MariaDB ✔ Migration Service minimal downtime (CONNECT) Production-ready Amazon Corretto distribution of OpenJDK AWS Cloud Model cloud Development Kit infrastructure using WebRunner ✔ (CDK) code Write, run, and debug AWS Cloud9 WebRunner ✔ code on a cloud IDE AWS CodeBuild Build and test code WebRunner ✔ AWS Store code in private WebRunner ✔ CodeCommit Git repositories AWS Automate code WebRunner ✔ CodeDeploy deployment Developer AWS Release software using ERP5 (Test Tools ✔ CodePipeline continuous delivery Runner) Develop and deploy AWS CodeStar WebRunner ✔ AWS applications AWS Command Unified tool to manage SlapOS (console) ✔ Line Interface AWS services Test Android, iOS, and AWS Device web apps on real

Farm devices in the AWS cloud AWS Tools and Tools and SDKs for SlapOS ✔ SDKs AWS Analyze and debug AWS X-Ray WebRunner ✔ your applications Amazon Virtual desktops in the SlapOS (kvm) ✔ WorkSpaces cloud Stream desktop End User Amazon applications securely to SlapOS (kvm) ✔ Computing AppStream 2.0 a browser Amazon Enable mobile access SlapOS (CDN) ✔ WorkLink to internal websites Simple, fast, cost- Amazon effective dedicated Rapid.Space ✔ GameLift game server hosting Game Tech A free cross-platform Amazon 3D game engine, with BabylonJS ✔ Lumberyard Full Source, integrated with AWS and Twitch Connect devices to the AWS IoT Core Wendelin ✔ cloud Amazon IoT Nuttx FreeRTOS for microcontrollers Category AWSP Groredeuncgtrass Local Dcoemscpruipteti,on SNlaepxOedSi or partner Sla✔pOS PW A FLOSS Alternative messaging, and sync for devices One click creation of an AWS IoT 1-Click SlapOS (token) ✔ AWS Lambda trigger AWS IoT Analytics for IoT Wendelin ✔ Analytics devices Cloud programmable AWS IoT Button dash button Internet of AWS IoT Device Security management Things Defender for IoT devices Onboard, organize, AWS IoT Device and remotely manage SlapOS (Master) ✔ Mender UpKit Management IoT devices IoT event detection and AWS IoT Events Wendelin (windea) ✔ response AWS IoT IoT data collector and Wendelin ✔ SiteWise interpreter AWS IoT Things Easily connect devices Node-RED Graph and web services Curated catalog of AWS Partner AWS-compatible IoT OCP Olimex OSHWA Device Catalog hardware Build, train, and deploy Amazon OfficeJS Notebook ✔ Jupyter-lab SageMaker models at scale Easily implement Amazon human review of ML Augmented AI predictions Amazon Automate code reviews CodeGuru and identify expensive (Preview) lines of code Amazon Discover insights and OfficeJS Notebook ✔ Jupyter-lab Comprehend relationships in text (NLP) Amazon Elastic Wendelin () ✔ Inference inference acceleration Increase forecast Amazon OfficeJS Notebook accuracy using ✔ Forecast (scikit-learn) machine learning Amazon Fraud Detect more online

Detector fraud faster Reinvent enterprise Amazon Kendra viky.ai spaCy search with ML Build voice and text OfficeJS Notebook Amazon Lex ✔ Linto chatbots (spaCy) Build real-time Amazon Wendelin (scikit- recommendations into ✔ Personalize learn) your applications Turn text into life-like meSpeak.js espeak-ng picotts Amazon Polly speech marytts Amazon Analyze image and

Machine Rekognition video Learning Amazon Build accurate ML SageMaker training datasets Ground Truth Extract text and data Cloudooo Amazon Textract ✔ from documents (tesseract) Amazon Natural and fluent OpenNMT Texar Translate language translation Amazon Automatic speech Linto

Transcribe recognition CommonVoice Pocketsphinx.js AWS Deep Deep learning on Wendelin (keras) ✔ Learning AMIs Amazon EC2 AWS Deep Docker images for Learning SlapOS (keras) ✔ deep learning Category ContPairnoedrusct Description Nexedi or partner SlapOS PWA FLOSS Alternative AWS ML enabled musical DeepComposer keyboard Deep learning enabled AWS DeepLens Olimex AI Camera video camera Autonomous 1/18th AWS DeepRacer scale race car, driven by ML Machine learning AWS Inferentia Olimex inference chip Scalable, open-source Apache MXNet deep learning Wendelin (keras) ✔ on AWS framework TensorFlow on Open-source machine Wendelin (keras) ✔ AWS intelligence library Amazon Monitor resources and SlapOS (promise) ✔ ✔ CloudWatch applications Scale multiple AWS Auto resources to meet SlapOS (buildout) ✔ Scaling demand Wendelin (fluent- AWS Chatbot ChatOps for AWS ✔ slack) Create and manage AWS resources with SlapOS (buildout) ✔ CloudFormation templates Track user activity and SlapOS (workflow AWS CloudTrail API usage history) AWS Command Unified tool to manage SlapOS (console) Line Interface AWS services AWS Compute Identify optimal AWS

Optimizer Compute resources Track resources AWS Config SlapOS (history) inventory and changes Set-up and govern a AWS Control secure, compliant SlapOS (Master) ✔ Tower multi-account environment AWS Console Access resources on Mobile SlapOS (UI) ✔ Management the go & Application Governance AWS License Track, manage, and

Manager control licenses AWS Web-based user Management SlapOS (UI) ✔ interface Console Infrastructure AWS Managed Rapid.Space operations Services partners management for AWS Automate operations AWS OpsWorks SlapOS (ansible) with Chef and Puppet Central governance AWS and management SlapOS (Master) ✔ Organizations across AWS accounts AWS Personal Personalized view of Health SlapOS (Master) ✔ AWS service health Dashboard AWS Service Create and use SlapOS (Master) ✔ Catalog standardized products AWS Systems Gain operational SlapOS (Master) ✔ Manager insights and take action AWS Trusted Optimize performance SlapOS (Monitor) ✔ Advisor and security AWS Well- Review and improve Rapid.Space

Architected Tool your workloads partners Amazon Elastic Easy-to-use scalable Wendelin ✔ Transcoder media transcoding (OpenCV) Category AmaPzoron dKuincet sis ProceDsse sacnrdip atnioanlyze WNenxdeedlii nor partner Sla✔pOS PW A FLOSS Alternative Video Streams video streams (OpenCV) AWS Elemental Reliable and secure SlapOS (CDN) ✔ MediaConnect live video transport AWS Elemental Convert file-based Wendelin (ffmpeg) ✔ MediaConvert video content AWS Elemental Convert live video Media Wendelin (ffmpeg) ✔ Services MediaLive content AWS Elemental Video origination and

MediaPackage packaging AWS Elemental Media storage and Wendelin ✔ MediaStore simple http origin AWS Elemental Video personalization

MediaTailor and monetization AWS Elemental On-premises media Appliances & Rapid.Space Node solutions Software AWS Migration Track migrations from a

Hub single place AWS Application Discover on-premises Open-AudIT Discovery applications to OCSING FusionInventory Service streamline migration AWS Database Migrate databases with MariaDB ✔ Migration Service minimal downtime (CONNECT) Simple, fast, online AWS DataSync Wendelin (embulk) data transfer Migration & AWS Server Migrate on-premises Transfer libguestfs Migration Service servers to AWS Physical devices to AWS Snow migrate data into and OCP (Crystal Lake) Family out of AWS AWS Transfer for Fully managed SFTP Wendelin (embulk) SFTP service Automate your mass CloudEndure migration to the AWS Migration cloud Build and deploy AWS Amplify mobile and web OfficeJS ✔ applications Amazon API Build, deploy, and JIO ✔ Gateway manage API's Personalized user Amazon Pinpoint engagement across Mobile channels Power your apps with AWS AppSync the right data from JIO ✔ many sources, at scale Test Android, iOS, and AWS Device web apps on real

Farm devices in the AWS cloud Isolated cloud Rapid.Space (kvm- Amazon VPC ✔ resources cluster) Amazon API Build, deploy, and JIO ✔ Gateway manage Amazon Global content delivery SlapOS (CDN) ✔ CloudFront network Amazon Route Scalable domain name SlapOS ✔ 53 system (DNS) (PowerDNS) Securely access AWS PrivateLink services hosted on Caucase ✔ AWS Application-level Networking & AWS App Mesh networking for all your re6st ✔ Content services Delivery Category AWSP Croloduudc Mt ap ServicDee dsicsrciopvteioryn for SNlaepxOedSi (ohro psta.lrotncaelr) Sla✔pOS PW A FLOSS Alternative cloud resources AWS Direct Dedicated network re6st ✔ Connect connection to AWS Improve application AWS Global SlapOS (frontend- availability and ✔ Accelerator selector) performance AWS Transit Easily scale VPC and re6st ✔ Gateway account connections Distribute incoming Elastic Load traffic across multiple SlapOS (ha-proxy) ✔ Balancing (ELB) targets Explore and Quantum Amazon Braket experiment with Technologies quantum computing Develop, test, and Robotics AWS RoboMaker deploy robotics ROS applications AWS Ground Fully managed ground Satellite Station station as a service AWS Identity and Access Manage user access Caucase ✔ Management and encryption keys (IAM) Identity management Amazon Cognito ERP5 (Base) ✔ for your apps Amazon Investigate potential

Detective security issues Amazon Managed threat

GuardDuty detection service Amazon Analyze application

Inspector security Discover, classify, and Amazon Macie protect your data On-demand access to AWS Artifact AWS' compliance reports Provision, manage, AWS Certificate and deploy SSL/TLS Caucase ✔ Manager certificates Security, Hardware-based key Identity & AWS CloudHSM storage for regulatory Compliance compliance AWS Directory Host and manage ERP5 (Base) ✔ Service active directory AWS Firewall Central management SlapOS (firewalld) ✔ Manager of firewall rules AWS Key Managed creation and Management control of encryption Caucase ✔ Service keys Simple, secure service AWS Resource to share AWS SlapOS (Master) ✔ Access Manager resources AWS Secrets Rotate, manage, and

Manager retrieve secrets AWS Security Unified security and

Hub compliance center AWS Shield DDoS protection AWS Single Cloud single sign-on

Sign-On (SSO) service Filter malicious web AWS WAF SlapOS (CDN) ✔ traffic Amazon Simple Scalable storage in the Storage Service NEO ✔ cloud (S3) Category AmaPzoron dEulacsttic Description Nexedi or partner SlapOS PWA FLOSS Alternative Block Store EC2 block storage openio.io (not entirely Free) (EBS) volumes Amazon Elastic Fully managed file File System openio.io (not entirely Free) system for EC2 (EFS) High-performance file Amazon FSx for system integrated with openio.io (not entirely Free) Lustre S3 Amazon FSx for Fully managed Storage Windows File Windows native file openio.io (not entirely Free) Server system Amazon S3 Low-cost archive NEO ✔ Glacier storage in the cloud Centralized backup AWS Backup SlapOS (resiliency) ✔ across AWS services Physical devices to AWS Snow migrate data into and Familyw out of AWS AWS Storage Hybrid storage OCP (Crystal Lake) Gateway integration CloudEndure Highly automated Disaster SlapOS (resiliency) ✔ disaster recovery Recovery

Missing services

45 features out of the 209 AWS services are not yet covered by the combination of Nexedi stack and Rapid.Space. About 75% of AWS services are thus already covered by Nexedi stack and Rapid.Space, as long as developers accept to adopt Nexedi's tools:

python on the backend (incl. /C++/FORTRAN based libraries); buildout for cloud automation scripting; on the HTML5 frontend;

Out of the 45 missing services, Nexedi does not intend to cover 3 of them:

blockchain (2): because it has no practical use and can not scale (due toC AP theorem); quantum computing (1): because efficient qubit I/O can not exist with the levels of energy available on earth (due Maxwell's demon throught experiment).

12 features are actually already covered through existing Free Software that has not yet been integrated into SlapOS appstore.

Overall, only 30 services (less than 15%) are missing, mainly in relation to:

Threat detection; AI models powered by private or secret datasets; Windows/VMWare compatibility.

Based on this analysis, future SlapOS &D should consider how to encapsulate threat detection into the core of SlapOS design in a cost efficient manner. Key differences

Nexedi stack focuses on reliability and simplicity. Traditional vendors may prefer to focus on ease of sales, ease of adoption (which often relates to fashion) and complexity (which some executives analyse as completeness). In the context of the previous comparison with AWS stack, one should keep in mind that Nexedi may rely on quite different approaches:

SlapOS nano-containers instead of name-space based containers; content-centric APIs instead of event-centric APIs; libraries rather than APIs; less is more rather than more and more.

Even though the end-result may be the same, the way it is achieved may be different.

For example, Nexedi considers that Linux name-space based containers are not stable enough for production and are not portable among different hosts with different distribution due to the kernel ABI mismatch problem [RD]. This is why we use SlapOS nano-containers which simply consist of running processes on a POSIX system with an unpriviledged user rather than with the root user. In terms of isolation, it makes no difference. In terms of security, it brings one benefit: some bad code which implies running a process as superuser has to be fixed. In terms of portability, it is superior: the same approach can be applied to FreeBSD or even possibly to embedded OS such as NuttX. It is also more reliable (no ABI mismatch risk) and simpler (no need to add the namespace layer). Yet, the current fashion in 2019 is to use containers, even though reliability problems are now acknowledged [RD] and fashion is fading away [RD].

We prefer in Nexedi to have a single SDK called JIO [RD] and develop all our code based on this SDK and its minimalist API. This API creates a unified abstraction of the world as a repository of contents. Each content has a precise schema, usually a JSON schema. Interacting with services is thus achieved with JIO in the same way as one would interact with a database or a filesystem but with some asynchronism and a wider range of possible operations or data types. Through JIO, we have eliminated most uses of event-based programming. We also stopped defining yet another API for each new problem that needs to be solved. Instead, we rather focus on defining yet another JSON content schema for each new problem that needs to be solved. We also made our code backend-independent and thus portable from one cloud to another in this way.

The difference between a content-based approach and an event-based approach is idempotence, that is the ability for a system to self-recover by repeating a process. Content-based approaches are idempotent by default whereas event-based approaches require extra processes which developers often forget to code. This is similar to the difference between declarative programming and imperative programming. In a distributed infrastructure with thousands of interconnected device, the risk of events is that they are sometimes lost. The advantage of content is that in case it was not accessed at some point, it can always be recovered later, which results in a much more resilient system. The idea of content-centric APIs is not new. It was deployed in military and aerospace in the 1990s with the Data Distribution Service (DDS) protocol [RD]. It can also be found in the OPC-UA PubSub protocol which release lead to an accelerated adoption of OPC-UA standard for Industry 4.0 [RD]. The importance of a concent-centric approach has been well understood in the industry for quite a long time (ex. process control of Japanese chemical factories in the 1990s based on a whiteboard architecture) and in telecommunication research with CCNx [RD]. This is why nearly all software in Nexedi are either content-centric or moving in that direction.

Nexedi also prefers to use a single integrated service (eg. Wendelin) with a single API and different libraries (eg. scikit-learn, scikit-image) to solve different problems (eg. machine learning, image analysis), rather than create multiple independent services with multiple APIs. Nexedi's direction is thus to base modularity on libraries rather than on services or APIs. We consider in particular that the approach called "serverless" can only lead to technical disasters if the meaning of "serverless" is to host on a cloud service hundreds of "single function code" which mutually interact by calling eachother asynchronously through the cloud service infrastructure. That form of "severless" approach can be close to impossible to debug, especially if one starts with a function, adds another which calls the first one and so forth until hundreds of functions are hosted and mutually call eachother asynchronously with no clear structure. It can also lead to latency issues if connection pooling has not be designed into the "serverless" infrastructure. Yet, if "serverless" means hosting code on the cloud and editing code through the Web on a system which is managed by the cloud provider, this is something that Nexedi has been doing since 2001. It has many advantages, especially in terms of efficiency and quality assurance.

Nexedi services which are equivalent to AWS are based on a much smaller list of base services (Wendelin, ERP5, etc.) yet cover a similar scope. It looks like less impressive to an executive than a list of more and more services. It has however the advantage of reducing the learning curve and simplifying integration. One developer can learn a single technology and use it for many different purpose. Less things to learn, more applications. References

Free Software and Open Hardware for Industrial Automation Top 10 Best Network Inventory Software for Linux Top 30 most popular AWS products (thanks to S. Fermigier)