Most Enterprises Believe in Open Source. Almost None Can Operate It.
Most enterprises already believe in open source. What they cannot do is operationalize it. Red Hat's Open Source and AI Program Office targets that execution gap with governance frameworks, contribution models, and executive alignment tools meant to convert open-source values into repeatable workflows.
Red Hat Enterprise Linux (RHEL) is foundational infrastructure for a significant portion of the internet. This matters more now than it did a decade ago because the stack got deeper. A decade ago, a Linux distribution decision affected web servers and databases. Today it sits beneath inference pipelines, model training frameworks, and agentic tool chains that companies are already routing revenue through, so fragility at the foundation propagates up through every layer above it. That is what makes the health of the open-source communities maintaining RHEL a current business risk rather than a long-term philosophical concern.
Red Hat's Open Source and AI Program Office, known internally as OSAIPO, ran an analyst briefing in April 2026 focused on the question “how do enterprises actually make open source work inside their organizations?” The answer, according to the briefing, is that most of them are not managing it at all.
Most Enterprises Are Stuck at Philosophy, Not Practice
Organizations understand open source in the abstract. They cannot execute it in practice. The briefing surfaced three challenges that explain why: ownership, executive translation, and a contribution model under strain from AI. It also surfaced one practice, InnerSource, that organizations are using to work through all three.
Challenge 1: No single team owns the strategy. Responsibility falls between Engineering, Legal, and IT with no clear accountability and no one empowered to resolve the gaps. OSAIPO exists specifically to close that distance, turning principles into governance structures, contribution models, and step-by-step workflows that get adopted.
Challenge 2: Business leadership is not opposed to open source. They just cannot see the return on investment. OSAIPO's approach is to connect open-source activity to business metrics: reduced technical debt, faster problem-solving, and measurable code reuse across teams. The briefing cited a 90-minute executive session with a customer that extended to three hours of collaborative strategy work once open source was framed in language leadership recognized. Red Hat frames this as a repeatable method rather than a one-off.
Challenge 3: AI tools are flooding open-source projects with pull requests, many from early-career developers using platforms like GitHub to build professional credibility. Projects that once received one or two contributions a week now see dozens daily. That volume matters because review capacity is the bottleneck that determines whether quality holds. Every unreviewed pull request is either a security risk merged in haste or a contributor lost to a queue that never clears. Maintainers, the industry-standard term for the contributors who hold commit rights to an open-source project, are typically volunteers or employer-sponsored individuals. They review incoming code, catch bugs, enforce quality standards, and decide what gets merged. The review process is human and finite, but the volume of contributions is not.
Fedora, the community-driven Linux distribution Red Hat sponsors as the upstream testing ground for Red Hat Enterprise Linux, has already published an AI contribution policy. Red Hat is exploring agentic tooling to classify and triage contributions at scale. The emerging playbook is directional, not settled: Label AI-assisted contributions, treat them differently in review, and weight karma systems by contribution complexity rather than volume.
The solution is InnerSource. InnerSource is the practice of applying open-source collaboration methods (shared contribution models, transparent communication, community governance) inside a single organization before engaging with external communities. It works on all three challenges at once: It forces a single team to own the practice, it produces the kind of internal artifacts (reuse metrics, shared review queues) that translate to executives, and it builds the review muscle that external projects increasingly need. Red Hat once viewed InnerSource as a detour from the real goal. Now organizations are treating it as a necessary first step. Teams that practice open collaboration internally are far more likely to contribute effectively to external communities. The cultural shift must start somewhere, and InnerSource provides a lower-stakes environment to build the habits.
Open Source in the Age of AI: Why Red Hat Must Keep Leading
Open source, and more specifically Red Hat Enterprise Linux, is no longer a development philosophy. It is the substrate on which enterprise AI is being built. The frameworks powering generative AI models, the orchestration layers for agentic systems, and the observability tools enterprises need to run AI in production are mostly open-source projects. The health of those communities is now a business continuity question.
Red Hat's investment in upstream communities does double work. For IBM, it protects the long-term value of an acquisition premised on open-source leadership. For the broader ecosystem, it provides a commercially funded steward willing to do governance work that volunteer-driven projects cannot sustain alone.
If maintainers burn out and projects stagnate, the infrastructure enterprises are building AI on top of becomes less reliable. Red Hat is one of the few organizations with both the credibility and the commercial incentive to address that at the ecosystem level. The question is whether they move fast enough.
Our Take
Red Hat's open-source model has proven durable through a major acquisition, and OSAIPO represents a genuine organizational commitment to making that model work for customers. That said, a few questions remain open.
Red Hat's independence inside IBM has held so far. Whether it holds as IBM faces revenue pressure and portfolio rationalization is a fair question with no clean answer. Open-source credibility accumulates slowly and erodes fast. HashiCorp is the recent proof: It was acquired, relicensed, and absorbed. Red Hat has not gone that route, but the structural incentives that produce that outcome are present. The commercial interest and the ecosystem interest are aligned today. They are not guaranteed to stay that way. If Red Hat ever needs to prioritize near-term IBM revenue over upstream investment, the communities lose their best-funded steward and enterprises lose the assurance that someone is doing the unglamorous governance work at scale. A wide gap between the commercial and open-source versions of a platform is how trust leaves a community before the vendor notices it is gone.
OSAIPO's frameworks and playbooks are valuable, but the outcomes cited in the briefing (faster problem-solving, reduced technical debt, and increased code reuse) are vendor-reported and unaudited. Independent verification of those results would strengthen the case considerably.
The AI contribution policy work is early. Fedora has a policy. Red Hat is exploring agentic tooling. Neither is a solved problem. Enterprises should watch whether Red Hat moves from exploration to execution on this, because the maintainer crisis is accelerating faster than the solutions.
The bottom line: Maintaining and supporting the open-source foundation is a real gap most organizations have not solved, and Red Hat is one of the few vendors with the commercial incentive to keep investing in it. The investment in upstream community health and enterprise-grade open-source governance is worth noting. How it performs under sustained AI pressure and IBM's commercial priorities is what organizations and technology leaders should track next.
Want to Know More?
Any Model, Any Hardware, Any Cloud: Red Hat & Cisco’s Vision for Open, Flexible AI