Most active commenters
  • ntqz(3)
  • chuckadams(3)
  • gchamonlive(3)
  • remram(3)
  • EdwardDiego(3)
  • jauntywundrkind(3)

Broadcom to discontinue free Bitnami Helm charts

(github.com)
132 points mmoogle | 78 comments | 18 Jul 25 19:29 UTC | HN request time: 2.319s | source | bottom
1. ntqz ◴[18 Jul 25 19:39 UTC] No.44608949[source]
I could see the writing on the wall with this.

On that note, I'm already looking at migrating my codebase off of Spring. Just testing the waters with Quarkus, Helidon, Micronaut, Pekko, Vert.x, and plain Jakarta EE right now.

replies(3): >>44609703 #>>44610521 #>>44611297 #
2. _1tan ◴[18 Jul 25 20:52 UTC] No.44609703[source]
Are there any indications or just a feel?
replies(1): >>44609844 #
3. bags43 ◴[18 Jul 25 21:07 UTC] No.44609844{3}[source]
Company where I work had huge risk audit.

The second highest risk is using USA based cloud with 66/100.

The first one was using Spring Boot everywhere 77/100. Till the end of 2025 we need to have migration path to something else with 2 PoCs done.

replies(4): >>44609971 #>>44610952 #>>44611105 #>>44611548 #
4. js4ever ◴[18 Jul 25 21:18 UTC] No.44609941[source]
Great more enshitification! Broadcom is destroying everything they touch
replies(1): >>44610167 #
5. jchmbrln ◴[18 Jul 25 21:21 UTC] No.44609971{4}[source]
I’m completely out of the loop. What’s going on with Spring Boot?
replies(2): >>44610003 #>>44610074 #
6. radicalbyte ◴[18 Jul 25 21:24 UTC] No.44610003{5}[source]
The VMware apocalypse.
replies(1): >>44610028 #
7. heisenbit ◴[18 Jul 25 21:27 UTC] No.44610028{6}[source]
One does not need VMware for SpringBoot so?
replies(3): >>44610087 #>>44610088 #>>44610090 #
8. xienze ◴[18 Jul 25 21:33 UTC] No.44610074{5}[source]
Probably a bit of overreaction given that Broadcom is now in charge of Spring. At the end of the day it’s a wildly popular open source project — it has a path forward if Broadcom pulls shenanigans.

That said, I have noticed that the free support window for any given version is super short these days. I.e. if you’re not on top of constantly upgrading you’re looking at paid support if you want security patches.

9. xienze ◴[18 Jul 25 21:34 UTC] No.44610087{7}[source]
Spring’s corporate steward is VMWare, and Broadcom bought VMWare, ergo Spring is subject to Broadcom’s whims.
10. TYMorningCoffee ◴[18 Jul 25 21:35 UTC] No.44610088{7}[source]
VMware owns Spring Boot https://en.m.wikipedia.org/wiki/Spring_Boot
11. loloquwowndueo ◴[18 Jul 25 21:35 UTC] No.44610090{7}[source]
Not spring boot, but spring, is owned by VMware. Sure spring is under a free license but if upstream enshittifies, community forks would be required.
replies(1): >>44611037 #
12. jacquesm ◴[18 Jul 25 21:46 UTC] No.44610167[source]
That's nonsense. RPi would not exist if not for Broadcom.
replies(3): >>44610357 #>>44611157 #>>44612093 #
13. sseveran ◴[18 Jul 25 22:06 UTC] No.44610310[source]
This is going to cause some disruptions. What are the alternatives out there to bitnami charts?
replies(5): >>44610547 #>>44610564 #>>44610638 #>>44610828 #>>44612361 #
14. okanat ◴[18 Jul 25 22:14 UTC] No.44610357{3}[source]
RPi doesn't exist due to Broadcom. It exists despite Broadcom.

Using RPis can be a huge PITA, if you'd like to do something a bit more complex with the hardware. HDMI, the video decoders are all behind closed doors with blobs on top of blobs and NDAs.

RPi SoCs are some of the weirdest out there. It boots from the GPU ffs.

15. dpkirchner ◴[18 Jul 25 22:16 UTC] No.44610377[source]
Maybe this will finally break me of my habit of using helm charts, period.
replies(4): >>44610605 #>>44610877 #>>44610954 #>>44612370 #
16. chuckadams ◴[18 Jul 25 22:24 UTC] No.44610443[source]
Broadcom gonna Broadcom. Don't anthropomorphize the lawnmower.
replies(1): >>44610915 #
17. lapusta ◴[18 Jul 25 22:34 UTC] No.44610521[source]
Red Hat effectively killed their JBoss/Middleware team and the rest of it moved to IBM https://www.redhat.com/en/blog/evolving-our-middleware-strat... Quarkus and other tools were pushed to CommonHaus/Apache. I believe Vert.X was also mostly developer by RH team, although moved to Eclispe Foundation a decade ago.

Oracle also ended up somehow sponsoring 2 frameworks: Helidon & Micronaut.

I'd bet Spring is still the safest choice next to Jakarta EE standards that all are built on top of nowadays.

replies(2): >>44611133 #>>44611305 #
18. chrisandchris ◴[18 Jul 25 22:37 UTC] No.44610547[source]
They're all open source - fork the repo and start collectively maintain them.
replies(1): >>44610560 #
19. gchamonlive ◴[18 Jul 25 22:38 UTC] No.44610560{3}[source]
That doesn't really answer the question, does it?
replies(1): >>44611021 #
20. gchamonlive ◴[18 Jul 25 22:39 UTC] No.44610564[source]
My first thought was Linuxcontainers but I think they just maintain docker images, not helm charts
21. cheshire_cat ◴[18 Jul 25 22:42 UTC] No.44610605[source]
Why do you want to stop using helm charts? Genuine question, as I'm new to Kubernetes and helm.
replies(4): >>44610615 #>>44610658 #>>44610858 #>>44611287 #
22. chuckadams ◴[18 Jul 25 22:44 UTC] No.44610615{3}[source]
Write a few Helm charts and you'll understand why people want to stop using it. `nindent` will become a curse word in your vocabulary. It's a fine tool at the user level, but the DX is an atrocity.
replies(2): >>44610629 #>>44610659 #
23. bigstrat2003 ◴[18 Jul 25 22:46 UTC] No.44610629{4}[source]
I mean, I have written a few (like 5-10?) and I don't understand either. I find that Helm is quite a nice tool which does its job very well.
24. iotapi322 ◴[18 Jul 25 22:47 UTC] No.44610636[source]
That's fine , their repmgr postgres repository was a joke.
replies(1): >>44610757 #
25. ethan_smith ◴[18 Jul 25 22:47 UTC] No.44610638[source]
Check out Artifact Hub, the CNCF-hosted charts from projects like Prometheus/Grafana, or the official k8s-at-home charts as solid alternatives to Bitnami.
26. NewJazz ◴[18 Jul 25 22:51 UTC] No.44610658{3}[source]
Consuming one that is well written isn't too much pain, IME. But writing or modifying one can be really annoying. Aiui the values.yaml has no type schema, just vibes. The whole thing is powered off using text templating with yaml (a whitespace sensitive language), which is error prone and often hard to read. That's basically the main issues in a nutshell, it may not sound like much, but helm doesn't exactly do a whole lot and it does that limited set of stuff poorly.
replies(1): >>44610785 #
27. cbzbc ◴[18 Jul 25 22:51 UTC] No.44610659{4}[source]
What are you planning on moving to ?
replies(2): >>44611445 #>>44611736 #
28. remram ◴[18 Jul 25 23:04 UTC] No.44610757[source]
"Discontinuing this library of 120 things for everyone is fine, *I* didn't like *one of them* I won't say why"
29. remram ◴[18 Jul 25 23:07 UTC] No.44610785{4}[source]
I share your dislike of Helm, but FYI there are schemas for values, see for example https://github.com/bitnami/charts/blob/main/bitnami/postgres... and docs https://helm.sh/docs/topics/charts/#schema-files
replies(1): >>44611394 #
30. carrodher ◴[18 Jul 25 23:11 UTC] No.44610828[source]
The source code for Bitnami containers and Helm charts remains publicly available on GitHub and continues to be licensed under Apache 2.

What’s changing is that Bitnami will no longer publish the full catalog of container images to DockerHub. If you need any image, you can still build/package it yourself from the open-source GitHub repositories.

31. zer00eyz ◴[18 Jul 25 23:15 UTC] No.44610858{3}[source]
I will leave it to others: https://noyaml.com
32. remram ◴[18 Jul 25 23:15 UTC] No.44610860[source]
This announcement is a little hard to read. They make it seem that the current images under docker.io/bitnami/* get deleted on August 28? But individual chart READMEs seem to say that images will move during a period starting on August 28 and ending two weeks later? But looking at https://hub.docker.com/u/bitnamilegacy images have been copied already?

From ticket https://github.com/bitnami/charts/issues/35164:

> Now – August 28th, 2025: Plan your migration: Update CI/CD pipelines, Helm repos, and image references

> August 28th, 2025: Legacy assets are archived in the Bitnami Legacy repository.

From README https://github.com/bitnami/charts/blob/4973fd08dd7e95398ddcc...:

> Starting August 28th, over two weeks, all existing container images, including older or versioned tags (e.g., 2.50.0, 10.6), will be migrated from the public catalog (docker.io/bitnami) to the “Bitnami Legacy” repository (docker.io/bitnamilegacy), where they will no longer receive updates.

What are users expected to do exactly?

replies(2): >>44610985 #>>44612047 #
33. ntqz ◴[18 Jul 25 23:16 UTC] No.44610877[source]
Grafana's Tanka is a very underappreciated tool if you have to do something similar to Helm.
34. vibbix ◴[18 Jul 25 23:21 UTC] No.44610915[source]
The source of this great quote, from the wonderful Bryan Cantrell: https://youtu.be/-zRN7XLCRhc
replies(2): >>44612220 #>>44612295 #
35. ◴[18 Jul 25 23:25 UTC] No.44610944[source]
36. jcrben ◴[18 Jul 25 23:26 UTC] No.44610952{4}[source]
What was the actual risk of using SpringBoot tho?
replies(1): >>44611817 #
37. skissane ◴[18 Jul 25 23:26 UTC] No.44610954[source]
I’ve never used Helm charts. I learned K8S in a shop in which kustomize is the standard and helm is a permitted exception to the standard, but I just never felt any reason to learn helm. Am I missing out?

Sometimes the limitations of kustomize annoy me, but we find ways to live with them

replies(6): >>44611081 #>>44611452 #>>44611555 #>>44611784 #>>44612267 #>>44612326 #
38. carrodher ◴[18 Jul 25 23:30 UTC] No.44610985[source]
The complete history of Bitnami container images has been copied to the "bitnamilegacy" repository. New tags will continue to be synced there until August 28th. After that date, "bitnamilegacy" will no longer receive updates, and images in the mainline "bitnami" repository will begin to be removed over a period that may take up to two weeks.

Once the cleanup is complete, the mainline "bitnami" repository on DockerHub will contain only a limited subset of Bitnami Secure Images (at this moment available at "bitnamisecure"). These are hardened, security-enhanced containers intended for development or trial use, providing a preview of the full feature set available in the paid offering.

- Bitnami: https://hub.docker.com/u/bitnami - Bitnami Legacy: https://hub.docker.com/u/bitnamilegacy - Bitnami Secure Images: https://hub.docker.com/u/bitnamisecure

39. jahsome ◴[18 Jul 25 23:35 UTC] No.44611021{4}[source]
You asked for an alternative and that seems like an alternative to me.
replies(1): >>44611207 #
40. mindcrime ◴[18 Jul 25 23:36 UTC] No.44611037{8}[source]
And as popular and widely used as Spring is, that would 100% happen. To me at least, I wouldn't count this as a particularly huge risk. But in an enterprise setting, with mandatory auditing and stuff, I can understand why there would be a requirement to at least pre-identify alternative(s).
41. bigstrat2003 ◴[18 Jul 25 23:42 UTC] No.44611081{3}[source]
I wouldn't say you're missing out. If kustomize works for you, keep using it. I personally use helm because I cannot for the life of me wrap my head around kustomize. I've looked at tutorials, read the docs, and it just doesn't make sense to me. Helm, on the other hand, immediately clicked and I was able to pretty effortlessly write charts for our use. It's just a case of different preference in tools, imo.
replies(1): >>44611527 #
42. ◴[18 Jul 25 23:46 UTC] No.44611105{4}[source]
43. latchkey ◴[18 Jul 25 23:50 UTC] No.44611133{3}[source]
I still see Gavin working on JEE.
44. wpm ◴[18 Jul 25 23:54 UTC] No.44611157{3}[source]
Yeah Broadcom had a load of unsellable SOCs they needed to off load
45. gchamonlive ◴[19 Jul 25 00:02 UTC] No.44611207{5}[source]
It's not and I wasn't the one who asked
replies(1): >>44611338 #
46. ridruejo ◴[19 Jul 25 00:13 UTC] No.44611282[source]
Hi, former cofounder of Bitnami here. I left VMware quite a while ago, so not involved with this. The technical team at Bitnami is still top notch and great people. I am quite baffled at this business decision.
replies(3): >>44612111 #>>44612261 #>>44612673 #
47. EdwardDiego ◴[19 Jul 25 00:14 UTC] No.44611287{3}[source]
Golang string templating in a whitespace sensitive config language suuuuucks.

I might use Helm charts for initial deploys of operators, but that's about it.

Kustomize is, IMO, a better approach if you need to dynamically modify the YAML of your resources and tools like ArgoCD support it.

48. EdwardDiego ◴[19 Jul 25 00:17 UTC] No.44611297[source]
I quite like Micronaut, especially the ability to use its compile time DI as a standalone library in a non-Micronaut app.

Quarkus is pretty similar, but is built on top of Vert.x so a lot of the fun of Vert.x (don't block the event loop!) is still present. It also does compile time DI.

49. EdwardDiego ◴[19 Jul 25 00:18 UTC] No.44611305{3}[source]
Yeah my old colleagues who work on Kroxylicious are now IBM. I keep asking them if they're wearing a blue tie to the office yet, they still don't think it's funny.
50. jahsome ◴[19 Jul 25 00:24 UTC] No.44611338{6}[source]
K
51. NewJazz ◴[19 Jul 25 00:31 UTC] No.44611394{5}[source]
Ah, I must have met some lazy charts then. Thanks for the correction. Still, it seems like that schema would end up a little inconvenient to integrate into your editor for writing the templates...
52. sbstp ◴[19 Jul 25 00:32 UTC] No.44611402[source]
RabbitMQ next?
53. chuckadams ◴[19 Jul 25 00:39 UTC] No.44611445{5}[source]
Probably kustomize, as my needs are simple. If I care to get fancy, I’m pondering giving Yoke a try.
replies(1): >>44611556 #
54. CBLT ◴[19 Jul 25 00:40 UTC] No.44611452{3}[source]
Helm gives you more than enough rope to hang yourself with. At $dayjob we barely use 3rd party helm charts, and when we do we eventually run into problems with clever code.

We do package our own helm charts, not in the least because we sign contracts with our customers that we will help them run the software we're selling them. So we use package docker and helm artifacts that we sell in addition to running locally.

So we write some charts that don't use most helm features. The one useful thing about Helm that I don't want to live without is the packaging story. We seem to be the only people in the ecosystem that "burn in" the Docker image sha into the Helm chart we package, and set our v1.2.3 version only on the chart. This means we don't have to consider a version matrix between our config and application. Instead we just change the code and config in the same git sha and it just works.

55. cmckn ◴[19 Jul 25 00:52 UTC] No.44611527{4}[source]
Kustomize feels like less of a hack to me, without the gotpl madness, but it’s way more painful to get something done in my experience. I’ve landed on just writing real code to craft the objects I want (using the actual types, not text), if I absolutely can’t get by with static manifests.
56. somehnguy ◴[19 Jul 25 00:58 UTC] No.44611548{4}[source]
What's the actual risk though? Just saying it's the riskiest at 77/100 doesn't mean anything.
57. letmeinhere ◴[19 Jul 25 01:00 UTC] No.44611555{3}[source]
Would you like to count the number of spaces that various items in your manifests are indented and then pass that as an argument to a structure-unaware text file templating engine? Would you like to discover your inevitable yaml file templating errors after submitting those manifests to the cluster? Then yes, you are really missing out!
replies(1): >>44612348 #
58. theteapot ◴[19 Jul 25 01:00 UTC] No.44611556{6}[source]
What's wrong with `kubectl apply -f xxx.yaml`?
replies(1): >>44611973 #
59. moorow ◴[19 Jul 25 01:23 UTC] No.44611680[source]
Bitnami images have been problematic for a little while, especially given their core focus on security but still resulting in a CVE 9.4 in PgPool recently that ended up being used in the underlying infrastructure for a bunch of cloud hosts:

[pgpool] Unauthenticated access to postgres through pgpool · Advisory · bitnami/charts https://share.google/JcgDCtktG8dE2TZY8

60. dpkirchner ◴[19 Jul 25 01:34 UTC] No.44611736{5}[source]
I'm using either opentofu(terraform) or plain yaml. I'm not a huge fan of HCL but at least it is structured and easily manipulated without worrying about whitespace.
61. simmerup ◴[19 Jul 25 01:43 UTC] No.44611784{3}[source]
The main advantage of helm in my experience is:

1. having the ability to create a release artefact helm chart for a version, and store that artefact easily in OCI repositories. 2. being able to uninstall and install a chart and not have to worry about extra state. Generally in Kustomize people just keep applying the yaml and you end up in a state where there’s more deployed than there is in the kustomize config

62. ntqz ◴[19 Jul 25 01:48 UTC] No.44611817{5}[source]
License changes - BSL or closing the source

If there's no money in it for them - reduction of staff or funding leading to slower releases and bugfixes

Moving some features like Spring Cloud / Spring Integration, or new development behind a paywall (think RHEL)

Big users (like Netflix, Walmart, JPMorgan, LinkedIn/Microsoft, etc) would likely be able to pay for it (until they moved off), but smaller companies and individual developers not so much

63. physicles ◴[19 Jul 25 02:17 UTC] No.44611973{7}[source]
We use kustomize because we have four environments that run basically the same stuff (dev with k3s, test, and two cloud regions). If we didn’t use kustomize, we’d be forced to reinvent it to avoid duplicating so much yaml.
64. gangstead ◴[19 Jul 25 02:31 UTC] No.44612047[source]
> What are users expected to do exactly?

From the bottom of the post I know what they are hoping users will do:

> Suppose your deployed Helm chart is failing to pull images from docker.io/bitnami. In that case, you can resolve this by subscribing to Bitnami Secure Images, ensuring that the Helm charts receive continued support and security updates.

They don't want to give instructions that are too helpful. They want your company CC to be the easiest way to fix the problem they created.

replies(1): >>44612811 #
65. happycube ◴[19 Jul 25 02:40 UTC] No.44612093{3}[source]
The current Broadcom (Avago) is literally not the Broadcom that RPi came from. Not that old-Broadcom was great, but...
66. burnt-resistor ◴[19 Jul 25 02:45 UTC] No.44612111[source]
I was a service provider of Zimbra and had great relations with VMware folks on Page Mill many moons ago. One my friends helped move VMware HQs within PA just out of college.

Fuck Wall St. greedy morons at Broadcom. Hubris will educate them the hard way as they fade in relevance.

67. throwaway984393 ◴[19 Jul 25 03:08 UTC] No.44612220{3}[source]
38:28 https://m.youtube.com/watch?v=-zRN7XLCRhc&t=2308s&pp=0gcJCTA...
68. jauntywundrkind ◴[19 Jul 25 03:15 UTC] No.44612261[source]
Is there a company more "Take what you can, give nothing back" than Broadcom? Probably not.

Broadcom's continued ability to perform well while only serving ever more upmarket areas, & cutting everyone else loose (& generally giving no figs) is fantastically impressive.

69. 0xbadcafebee ◴[19 Jul 25 03:17 UTC] No.44612267{3}[source]
Some people like that Helm:

- Makes it possible to go from zero to fully running k8s integrated components in 5 seconds by just running 'helm install --repo https://example.com/charts/ mynginx nginx' (very useful: https://artifacthub.io/)

- Gives the ability to transactionally apply k8s configs, and un-apply them if there is a failure along the way (atomic rollbacks)

- Stores copies/versions/etc of each installation in the server so you have metadata for troubleshooting/operations/etc without having to keep it in some external system in a custom way.

- Allows a user who doesn't know anything about K8s to provide some simple variables to customize the installation of a bunch of K8s resources.

- Is composeable, has templates, etc.

So basically Helm has a lot of features, while Kustomize has... one. Very different purposes I think. You can also use both at the same time.

Personally I think Helm's atomic deployment feature is well worth it. I also love how easy it is to install charts. It feels a bit like magic.

70. jauntywundrkind ◴[19 Jul 25 03:21 UTC] No.44612295{3}[source]
Said about Larry Ellison (who recently gave $6B to his son to buy CBS, and likely turn it into another ultra-wealthy right-wing mouthpiece rag).

But damn oh damn does Broadcom feel like a good fit for this statement.

71. jauntywundrkind ◴[19 Jul 25 03:26 UTC] No.44612326{3}[source]
One thing I haven't seen mentioned in comment. Dunno if Kustomize has something here. But: Helm is a shit but at least some kind of composition tool. Some way to have resource of various types associated to some top level idea.

Very very little else seems to bring this basic sense to Kubernetes. Metacontroller kind of could do that. Crossplane's whole business is this, but it's been infra-specialized: but the Crossplane v2.0 release is trying to be much more generally useful. https://docs.crossplane.io/v2.0-preview/whats-new/ . Would love other examples of what does composition in Kube.

72. thayne ◴[19 Jul 25 03:31 UTC] No.44612348{4}[source]
I really, really, wish we could move away from yaml for tools like this.
73. 0xbadcafebee ◴[19 Jul 25 03:34 UTC] No.44612361[source]
https://artifacthub.io/

I don't know why but Artifact Hub never shows up in Google search when you search for "web site with helm charts". Hopefully this gives it a boost.

74. notanaverageman ◴[19 Jul 25 03:36 UTC] No.44612370[source]
I suggest checking out Anemos (https://github.com/ohayocorp/anemos), the new boy in the town. It is an open source single-binary tool written in Go and allows you to use JavaScript/TypeScript to define your manifests using templates, object oriented approach, and YAML node manipulation.

You can read a comparison with Helm here: https://www.ohayocorp.com/anemos/docs/comparison/helm

P.S. I am the author of the tool.

75. whoIsYou ◴[19 Jul 25 04:47 UTC] No.44612673[source]
nobody familiar with broadcom or how they are run should be even remotely surprised by this decision
76. gangstead ◴[19 Jul 25 05:26 UTC] No.44612811{3}[source]
Looks like it's $5k/month, minimum 12 months for "secure" images.

https://aws.amazon.com/marketplace/pp/prodview-pwqgz3mnvxvok...

You can always follow the "contact sales" form and see if they give you a higher or lower number than that.

77. janjongboom ◴[19 Jul 25 06:05 UTC] No.44612968[source]
The removal (or moving) of the Bitnami images from Docker Hub is going to break a ton of systems that depend on them. I helped set up https://www.stablebuild.com/ some years ago to counter these types of issues, it provides (among other things) a transparent cache to Docker Hub which automatically caches image tags and makes them immutable - underlying tag might be deleted or modified, but you’ll get the exact same original image back.