Microsoft alternatives – migration to open source technologies
We are developing a migration strategy from Microsoft 365 to open source technologies for a large German research company. On the one hand, it’s a question of regaining cyber souvereignty and, on the other hand, of meeting increased security requirements. This is to be achieved by using free and open source software (FLOSS). Overall, the project is similar to the Microsoft Alternatives Project (MAlt) at CERN and the Project Phoenix of Dataport.
The principles of the project are:
- The same service should be offered to all employees
- Vendor lock-ins should be avoided in order to reduce the risk of dependency
- Most of the data should be owned by the research company
We evaluate alternative solutions for many services, implement prototypes and pilot projects.
| Product group | Service | Product to evaluate | Status |
|---|---|---|---|
| Identity and access management | LDAP | OpenLDAP | 🏭 Production |
| Personal Information Management | Zimbra | 🚦 Evaluation | |
| Calendar | Zimbra | 🚦 Evaluation | |
| Contacts | Zimbra | 🚦 Evaluation | |
| Collaboration | File sharing | NextCloud | 🏭 Production |
| Office integration | NextCloud | 🚦 Evaluation | |
| Direct mails/chat | Mattermost | 🏭 Production | |
| Video conferences | Jitsi Meet | 🏭 Production | |
| Search | Search engine | OpenSearch | 🚦 Evaluation |
| Frontend/ Visualisierung | OpenSearch Dashboards | 🚦 Evaluation | |
| Authentication/ Access control | Open Distro Security | 🚦 Evaluation | |
| k-nearest neighbors | Open Distro KNN | 🚦 Evaluation | |
| Project management | Issues/Milestones | GitLab | 🚦 Evaluation |
| Time tracking | gitlabtime | 🚦 Evaluation | |
| Documentation | GitLab Wiki | 🚦 Evaluation | |
| Research software [1], [2] | Package manager | Spack | 🏭 Production |
| IDE | JupyterHub | 🏭 Production | |
| Development environments | Jupyter Kernels | 🏭 Production | |
| Software versioning | Git | 🏭 Production | |
| Data versioning | DVC | 🏭 Production | |
| Gathering and storing data | Intake | 🛫 Pilot | |
| Spreadsheet | ipysheet | 🏭 Production | |
| Geospatial data | PostGIS | 🏭 Production | |
| Map creation | OpenStreetMap | 🏭 Production | |
| DevOps | GitLab CI/CD Pipeline | 🛫 Pilot | |
| Documentation | Sphinx | 🏭 Production |
Hosting strategy
There are essentially three different hosting variants within the research company:
- Society-wide infrastructure
- Infrastructure, which is used by most of the research projects and administrations across the institutes, is to be provided by the research company’s central IT.
- Institute-wide infrastructure
- Infrastructure that is required for the special research areas of one institute or that needs IT support on site should be provided by the IT of the respective institute.
- Operational and geo-redundancy
- These are mainly produced through institute cooperation or through cooperation between individual institutes and the IT of the research society. In terms of technology, floating IPs and the Virtual Router Redundancy Protocol (VRRP) are used for this, with decisions being made on the basis of BGP announcements.
| [1] | There is extensive German documentation for the infrastructure on which the research software is developed, which is published under the BSD 3 Clause license: |
| [2] | The planned uniform API represents a significant simplification here; see also Announcing the Consortium for Python Data API Standards. |
