Can a LAMP Shine at your Agency?

Once upon a time, I was working with the CIO’s Architecture Division of a major cabinet level department. We had a major discussion as to why LAMP should be allowed in our Architecture. There were lots of discussions around security and the reliability of Open Source application stack. In the end, it was not approved for use.

LAMP is the Linux Apache MySQL PHP (Perl or Python) application stack. It is open source and therefore pretty much free. In addition to being free, resources are abundant. Go to any University’s Computer Science Department you can find many developers. PHP has MVC (Model View Control) frameworks such as CAKEand Zend. Frameworks can be found in many non-open source languages such as SPRINGand Eclipse J2EE JAVA. JAVAwhile free can be hosted on platforms such as JBoss, WebSphere, and Weblogic—which are very expensive. Furthermore, resources such as experienced Websphere/JBoss/Weblogic developers, product platform engineers, and project managers are often expensive and scarce.

In these days of doing more with less, maybe it is time for the government to consider LAMP and other Open Source stacks.

Hey GovLoop, what do you think of Open Source application stacks? Did you know GovLoop is built on a LAMP stack?

Leave a Comment


Leave a Reply

Matthew Micene

The technologies in the stack are mature and capable. There are open source vendors that provide secure and reliable distributions, either of an integrated stack or individual components. Given the enterprise uses of LAMP applications, I would ask the opposite question.

Why was it not approved for use? Was it a specific technology in the stack (pitching PHP to a Java shop is never a good move) or was it not a fit for the use case (Tomcat for a full JEE app)? Not approving LAMP into an architecture sounds like disallowing certain kinds of development patterns. Without more details of the process it’s hard to comment well.

Jerry Rhoads

Matthew, I agree with you that LAMP is a mature stack. The issue we faced was the open source stereotype. The CIO was looking at a stack, they didn’t have any type of stack –no pro JAVA camp and etc. It was shut down by a few folks who don’t trust open source.

Matthew Micene

Open source software (OSS) definitely still has a tough row to hoe in the Fed space. There have been a lot of cycles spent raising awareness around OSS now versus where it was 4-5 years ago, the commercial OSS vendors, the fact that OSS is COTS from a FARs/DFARs perspective. I’m part of a group called Mil-OSS ( that is looking to address OSS use and adoption in the DoD, both as commercially sourced software and as a development paradigm. David Wheeler ( is a great speaker and a great web resource around OSS and acquistions. Gunnar Hellekson from Red Hat is another great one to talk to about Federal OSS. Even FedScoop has been dropping interviews with various folks around OSS, like Maj Gen Nick Justice.

I’m guessing this may all be after your adventures based on your “once upon a time” opening. We are all actively trying to educate folks that there is a low risk way to adopt OSS that “feels” like “typical” COTS software via the commercialized OSS offerings. OSS is COTS. Red Hat, Zenoss, EnterpriseDB, the list goes on. All we can do is keep beating the drum and educating the end users.

Daniel Risacher

I’d be curious to know how long ago your discussion was. As you may know, the DoD CIO published a memo in 2009 which laid out the legal rationale why OSS is COTS from a FAR/DFARS perspective, and therefore should be considered, and also what some of the benefits (cost, agility, security) are of OSS. (Full disclosure: I was the action officer who drafted the memo.)

It got a lot of trade press… From what I can tell, it was highlighted in essentially every IT trade pub, and most gov’t trade pubs. From the feedback I’ve gotten, it’s been pretty influential in Defense, but I don’t know how much sway it’s had in other federal agencies.