A strategic guide for affected users: What the transition means, what the risks are, and what alternatives you have now.The End of an Era for Developers: Bitnami Discontinues Free Container Images for the Most Part

Bitnami, one of the most popular platforms for pre-configured application containers and images, is largely discontinuing its previously free offering.

The cut-off date for the transition is September 29, 2025. This move, which comes under the new ownership of Broadcom, is forcing thousands of developers, DevOps teams, and companies to act. In this post, we analyze the background, highlight the consequences, and provide you with a clear roadmap for the upcoming migration.

1. Introduction: The Bombshell in the DevOps World

For years, Bitnami was the shortcut to production-ready stacks: a huge portfolio of images for popular applications like WordPress, PostgreSQL, Redis, NGINX, Keycloak, or Kafka - pre-configured, well-documented, and, until now, largely free. This mix of easy installation, a wide selection, and zero entry costs made Bitnami the de facto standard in many teams.

With the announcement of the transition on September 29, 2025, it is now clear: "Bitnami no longer free" is more than just a headline - it's a paradigm shift. Under Broadcom's direction, the product strategy is shifting more towards paying enterprise customers and the new "Bitnami Secure Images" offering. For the majority of the existing, versioned images, this means the end of regular, freely accessible updates.

2. Analysis of the Transition: What "No Longer Free" Actually Means

The "Legacy" Repository

• Versioned images will be moved to a legacy or archive repository and will no longer be updated.
• This affects virtually the entire range of tags - with the exception of a very limited selection of :latest images.
• Security risk: Without patches, vulnerabilities (CVEs) accumulate, compliance requirements are violated, and audits become more difficult.

The New "Bitnami Secure Images" Subscription

• Value proposition: continuous security updates, compatibility tests, SLA-driven support.
• Pricing: Publicly mentioned figures range from approximately $50,000 - $72,000 per year, depending on the package. For many startups, smaller companies, or non-profit teams, this is hardly affordable.

What Remains Free?

• A severely limited selection of :latest images.
• Why :latest is problematic in production: no version pinning, lack of reproducibility, difficult-to-track drift behavior - a no-go for stable CI/CD and deterministic releases.

3. The Consequences for Users: From Brittle Pipelines to Security Holes

• Broken Builds: CI/CD pipelines that reference fixed versions will fail when images disappear or are no longer updated. Build caching, SBOM generation, and vulnerability scans become unreliable.
• Security Nightmare: Unpatched vulnerabilities in production systems increase the risk of incidents, data breaches, and compliance violations (e.g., ISO 27001, SOC 2).
• Loss of Stability: Without version pinning, rollbacks, reproducible deployments, and deterministic tests are nearly impossible. Drift between staging and production increases.

Case Study: The Unprepared Team

A medium-sized SaaS company uses bitnami/postgresql:15.6 and bitnami/redis:7.2 in dozens of pipelines. After the transition, the versioned tags are no longer available or receive no patches. Builds break, SRE teams have to document security exceptions, and customer audits raise critical questions about the patch policy. The team improvises with :latest - which helps in the short term but introduces new instabilities and hard-to-reproduce errors. The cost: weeks of engineering time and an increased security risk.

4. Time to Act: Your Roadmap for Migration

Step 1: Analyze Your Own Infrastructure

• Take inventory of all Bitnami images in use (Container Registry, SBOMs, Deployment Manifests).
• Search for bitnami/* references in Dockerfile, docker-compose.yml, Helm charts, and Kustomize overlays.
• Create a prioritized list based on criticality (Production > Staging > Development) and exposure.

Step 2: Short-Term Transitional Solutions (Emergency Plan)

• Switching to the bitnamilegacy repository can save builds in the short term - but it's only a temporary bridge, as security updates are missing.
• In parallel: tighten security gates (scanners, Policy as Code), establish clear exception rules with expiration dates.

Step 3: Long-Term Strategies and Alternatives

• Define the target state: Official images, verified providers, or your own hardening pipeline?
• Adapt Infrastructure-as-Code (IaC) and CI/CD to make version pinning, SBOM generation, signatures (Sigstore/Cosign), and regular rebuilds the standard.

5. The Best Alternatives to Bitnami

Official Docker Images (Recommended Where Available)

• Advantages: Proximity to upstream, fast security updates, clear roadmaps, large community.
• Examples: Docker Hub - Official Images, PostgreSQL, NGINX, Redis.

Verified Providers

• Chainguard: Focus on "Wolfi"-based, minimalist, signed, and frequently updated images. Link: https://www.chainguard.dev/
• Iron Bank (DoD/Platform One): Hardened, audited images with a compliance focus. Link: https://repo1.dso.mil/
• Evaluate other enterprise offerings depending on the technology stack and compliance requirements.

The "Do-It-Yourself" Approach: Building Your Own Images

• Advantages: Full control, reproducible builds, maximum transparency (SBOM, signatures), coordinated patch management.
• Disadvantages: Higher initial effort, ongoing maintenance, and security backporting.
• Practical Tips:
  • Multi-stage builds, minimizing base images (Distroless, Wolfi, Alpine with caution), rootless containers.
  • Automated security scans (Trivy, Grype), signing with Cosign, policy enforcement (OPA/Gatekeeper, Kyverno).

Community Helm Charts and Initiatives

• Keep an eye on community projects that emerge in response to the Bitnami changes (forks, maintained charts, operators).
• Check maintainer activity, security policy, update frequency, and migration paths.

6. Conclusion: An Opportunity for More Resilience

The message "Bitnami no longer free" is a wake-up call. Relying too heavily on a single provider risks dependencies with security and stability consequences. Use this transition to modernize your container strategy: prefer official images, establish security-by-default, consistently enforce version pinning and signatures, and strengthen your own build pipelines.

Start the transition now, prioritize critical workloads, and document your security measures. This will increase the resilience of your platform - regardless of short-term market changes.

Frequently Asked Questions (FAQs)

1. How much does Bitnami cost now?

With "Bitnami Secure Images," Bitnami is targeting enterprise customers. The price ranges mentioned are roughly between $50,000 - $72,000 annually, depending on the package. Specific conditions vary based on scope, support level, and contract duration.

2. What are the alternatives to Bitnami?

• Official Docker images, where available.
• Verified providers like Chainguard or Iron Bank.
• Custom, hardened images with automated pipelines, signatures, and SBOMs.

3. Can I continue to use Bitnami images after August 2025?

In the short term, yes - often via legacy repositories or :latest. For production, this is not recommended due to a lack of patches and reproducibility. Plan a migration to alternative, maintained images.

What are your experiences with the Bitnami transition? Which Bitnami alternatives do you recommend, and how are you addressing the Bitnami prices in your budget? Share your approaches, lessons learned, and tool recommendations in the comments.