TL;DR

• Aug 28, 2025: Bitnami’s free catalog narrows to a limited, hardened subset that’s “latest” only. Most versioned tags move out of the free tier.

• Brownouts (10 images unavailable for 24h each) to surface hidden pulls: Aug 28–29, Sept 2–3, Sept 17–18. 

• Public catalog deletion is planned for Sept 29, 2025: Prepare now: repoint, mirror, test during brownouts, and put guardrails in place. 

What is Bitnami?

Bitnami is a popular open-source project that provides pre-packaged, ready-to-use application containers, Helm charts, and virtual machine images. It simplifies the deployment of complex software stacks by maintaining curated, secure, and easy-to-consume builds for Kubernetes, Docker, and cloud platforms.

What’s Changing on August 28, 2025?

Bitnami is fundamentally altering the availability and maintenance of its container images and Helm charts. This move is tied to Broadcom’s shift towards a paid "Bitnami Secure" subscription model.

Here's a breakdown of the critical changes:

• From bitnami to a Split Catalog: Bitnami is moving away from freely available images under the Docker Hub username bitnami. Instead, images will be split into two main categories:
  
  • docker.io/bitnamisecure: This repository lists the free, hardened community images (latest-only). The full commercial catalog is delivered via private registries with a Bitnami Secure Images subscription.
  • docker.io/bitnamilegacy: Most existing container images, including older or versioned tags (e.g., postgresql:13.7.0), will be moved to this legacy repository. Crucially, images in this repository will receive no further updates, fixes, or support and are intended only for temporary migration purposes.
• Main docker.io/bitnami Repository: After August 28th, the main Bitnami Docker Hub repository will only contain the limited community-tier subset of hardened images, exclusively with "latest" tags.
• Bitnami Helm Charts: While the open-source code for Helm charts on GitHub will continue to be maintained under the Apache 2 license, the already packaged OCI Helm charts at docker.io/bitnamicharts will stop receiving updates.
• End of Version Pinning for Free Users: If you're relying on stable tags like postgresql:13.7.0 or redis:7.0.5, you will effectively lose access to them in the free tier, being left with "latest" tags or the unsupported legacy repo.

Timeline You Can Plan Around

• Aug 28, 2025 – Public catalog switches to the limited community subset; legacy versions archived to bitnamilegacy.
  
  
• Brownouts (10 images unavailable for 24h each):
  
  
  • Aug 28 08:00 UTC → Aug 29 08:00 UTC
    
    
  • Sept 2 08:00 UTC → Sept 3 08:00 UTC
    
    
  • Sept 17 08:00 UTC → Sept 18 08:00 UTC
    
    
• Sept 29, 2025 – Deletion of the old public catalog planned.

Use these windows to validate cluster readiness and surface any hidden pulls. 

Why This Matters: Impact on Your Deployments

• Image pulls will fail. Any Deployment/StatefulSet/Job that pulls a versioned Bitnami image from docker.io/bitnami after the deadline will likely hit ErrImagePull / ImagePullBackOff.
• Failures may be “silent.” Running pods keep working, but scaling, rescheduling, node drain, or rollouts trigger new image pulls—and then failures.
• Security risk grows. Legacy images freeze as of Aug 28, 2025 and will accumulate unfixed CVEs.
• Charts will drift. Packaged OCI charts won’t update, and defaults may still point to old image locations—causing pull errors unless you override image settings.

What Happens If You Do Nothing

Your deployments will eventually fail. You might not see an immediate explosion on that exact day, but the next time Kubernetes tries to pull a Bitnami image that isn’t in the new limited set, it won’t find it – resulting in ImagePullBackOff or ErrImagePull errors. 

What to Do Now: Step‑by‑Step Migration Checklist

Identify All Bitnami Usage

• Run the following command to list all Bitnami images currently running in your clusters:
  

kubectl get pods --all-namespaces -o jsonpath='{.items[*].spec.containers[*].image}' | grep bitnami

• Check your Helm releases with:

helm list --all-namespaces

• Review all your CI/CD pipelines, Dockerfiles, and Helm charts for references to docker.io/bitnami images.

Update Image References to bitnamilegacy (Temporary Workaround)

• This is the quickest way to prevent immediate deployment failures. For Bitnami Helm charts, you'll need to update your values.yaml files or use --set flags during helm upgrade to point to the bitnamilegacy repository.
• Remember to update all components within a chart, as many charts reference multiple images.
• Check bitnamisecure first: Before defaulting to bitnamilegacy, verify if your specific application is one of the few that will receive updated images in bitnamisecure. Note that these are typically "latest" tags and often intended for development only.

Test During Brownouts

Use the scheduled brownouts to simulate downtime and confirm that CI/CD, autoscaling, and rescheduling don’t break with your new image sources.

Temporary Fix: Point to docker.io/bitnamilegacy (Know the Risks)

Using Bitnami Legacy can prevent immediate breakage, but it does not receive security updates or fixes; Bitnami also notes it’s not planned to be kept around for long. Mirror anything you need and move to a supported path. 

FAQs

Will Bitnami Helm charts continue to be maintained publicly?

Yes. Source code for Helm charts remains OSS on GitHub. Packaged OCI charts in docker.io/bitnamicharts remain available but stop receiving updates after Aug 28, 2025; you must override bundled image repositories to valid ones (e.g., Legacy or Secure).

How much does Bitnami Secure cost?

On AWS Marketplace it’s $6,000/month for a 12‑month term.

Are any projects unaffected?

Yes: Sealed Secrets, charts‑syncer, and minideb continue on docker.io/bitnami without change.

How do I move existing charts to my registry?

Use charts‑syncer to relocate OCI charts and rewrite image locations; Bitnami provides this tool openly.

Preparing for the Transition

The community is actively debating new charts and migration strategies—there’s no consensus yet. In the meantime, you should lock down your plan: inventory all Bitnami usage, repoint or mirror critical images, test during brownouts, and enforce registry policies to prevent regressions. Set dates, communicate the change, and track official updates so new pulls don’t turn into ImagePullBackOff on the wrong day.