This article is converted by SimpRead 简悦, original source vonng.com
MinIO announces entering maintenance mode, the dragon slayer becomes the new dragon — How MinIO transformed from an open-source S3 alternative to an ordinary commercial software company.
December 3, 2025, is a day worth noting in the history of open-source software. The MinIO official updated the project status on GitHub, announcing that the MinIO open-source project has entered “maintenance mode.” This basically declares the death of MinIO as an open-source project.
The company MinIO has finally completed a magnificent transformation from “dragon-slaying youth” to “the dragon.”
From Dragon Slayer to New Dragon#
The Era of Democratization (2014–2019): Apache for Object Storage#
MinIO was founded in 2014 with a highly idealistic vision— to be “the Apache of object storage.” In that era when AWS S3 dominated cloud storage, MinIO quickly gained developers’ favor with its extremely lightweight (a single static binary) and 100% compatibility with the S3 API.
During this phase, MinIO used the permissive Apache 2.0 license, encouraging developers to integrate it into various applications. Its core value proposition was “to turn any hardware into AWS S3.” This open strategy was highly successful; MinIO officially claimed its Docker image downloads exceeded 1 billion, becoming the most widely deployed object storage service globally. At that time, MinIO was a darling of the cloud-native tech stack and the standard storage backend in Kubernetes environments.
License Weaponization (2019-2025): AGPL Offensive and Defensive Battle#
The first major rift in community relations appeared between 2019 and 2021. MinIO announced changing its core license from Apache 2.0 to GNU AGPLv3.
Although the official explanation was to prevent cloud providers (like AWS, Azure) from “freeloading” the code and packaging it as proprietary services— a common defensive measure in the open-source world. During this period, MinIO shifted from being a community guardian to an aggressive defender of intellectual property. In 2022, MinIO publicly accused Nutanix Objects of license infringement and revoked Nutanix’s usage rights; in 2023, MinIO filed a lawsuit against high-performance filesystem vendor Weka for similar reasons. Although these legal actions are controversial in legal terms, they sent a clear message: MinIO no longer welcomes unpaid commercial integrations. This laid the legal and psychological groundwork for full lockdown in 2025.
Castration of Control Plane (May 2025)#
In May 2025, MinIO decided to remove MinIO Console—a crucial graphical user interface (GUI) integrating bucket management, identity and access management (IAM), monitoring, and audit logging—from the community edition code. After this removal, the open-source version of MinIO was left with only a basic “object browser” capable of viewing and downloading files.
Core operational functions such as identity policy management, site replication configuration, and lifecycle management were completely moved to the commercial enterprise edition. This change downgraded the community edition of MinIO from a fully functional storage management system to merely a data plane component, stripping it of the control plane capabilities necessary for use as an independent product in production environments.
Interruption of Binary Distribution (October 2025)#
On October 15, 2025, coinciding with the disclosure of a critical security vulnerability (CVE-2025-10-15T17-29-55Z / GHSA-jjjj-jwhf-8rgr), MinIO stopped publishing updated Docker images to Docker Hub and Quay.io. This timing had strong strategic implications. Cutting off binary distribution during a major security issue essentially turned security into a “ransom” chip.
This decision directly severed the automated deployment pipelines for the vast majority of enterprise users, rendering standard CI/CD workflows relying on docker pull minio/minio or helm install instantly broken. For teams lacking Go language compilation environments or internal container image repository maintenance abilities, this was effectively equivalent to unavailability.
Maintenance Mode (December 2025)#
On December 3, 2025, MinIO, Inc. officially updated the project status on its official channels and GitHub repository, announcing that the MinIO open-source project had entered “maintenance mode.” The README stated: no further feature updates or improvements, no review of issues or PRs, critical security issues will be addressed on a case-by-case basis. No more RPM/DEB packages or Docker images will be provided, and no new features will be added. Enterprise users requiring maintenance are advised to switch to the commercial version AIStor.
Technical Impact: Damage to the Open Source Ecosystem#
MinIO entering maintenance mode has caused immediate and profound disruption to existing technology stacks.
CI/CD Pipeline Breakage and Automation Crisis#
Thousands of Helm charts, Ansible playbooks, and Terraform scripts depend on minio/minio or bitnami/minio images. With the official cessation of image releases, third-party packagers like Bitnami have also been forced to stop updates due to lack of stable upstream code.
- Chain reaction: Deployment of new environments will fail directly; auto-scaling groups will hang when pulling new nodes because images cannot be found.
- Repair costs: Enterprises must rewrite all deployment scripts to point to private image registries and establish internal build processes to compile MinIO from source.
Security Vacuum: Privatization of CVE Management#
The most fatal consequence of stopping binary releases is delay in security patches. Taking the October 2025 vulnerability as an example, MinIO effectively withheld the binary patch.
- Risk exposure: Small and medium enterprises lacking dedicated security teams will be forced to continue using vulnerable, outdated versions.
- Compliance nightmare: For enterprises regulated by PCI-DSS, HIPAA, or SOC2, inability to obtain vendor-signed security updates means compliance failure.
Exponential Increase in Operational Complexity#
The removal of the UI is not only a regression in user experience but also an increase in operational costs. Tasks that used to be accomplished with a few clicks inside the Console, like bucket policy configuration and user permission assignment, now require operators to master the mc command-line tool or write complex JSON policy files. This invisibly raises the usage threshold, making MinIO no longer suitable as a lightweight internal tool.
Behind the Reasons: Capital and Commercialization Pressure#
The fundamental driver of MinIO’s technical decisions comes from the capital market’s valuation logic. By 2025, MinIO has raised a total of $126 million. The most decisive funding round was the Series B in January 2022, raising $103 million, led by Intel Capital, SoftBank Vision Fund 2, and General Catalyst. This round crowned MinIO as a “unicorn” valued at $1 billion.
In the venture capital logic, a $1 billion valuation means the company must show a clear path to IPO, usually requiring annual recurring revenue (ARR) exceeding $100 million and maintaining high growth. In February 2025, MinIO announced its ARR grew 149% over the past two years. While growth is considerable, relying only on organic conversion is insufficient to support such a high valuation.
Stopping open-source support is the most direct way to forcibly convert a huge user base into paying customers.
In 2025, MinIO underwent a comprehensive brand revamp, launching “MinIO AIStor,” positioning itself as “the data cornerstone for enterprise AI.” The management realized that the general object storage market (used for backup, personal cloud drives) is a red ocean with thin profits; while generative AI’s needs for high-performance data throughput (Exascale AI) is the next growth explosion point. By optimizing AI workloads and focusing on serving Fortune 500 companies, MinIO actually decided to shed the low-value open-source user base. The start of maintenance mode marks MinIO’s formal transformation from a broad open-source project into a vertical software provider serving high-end AI customers.
MinIO is no longer a geek’s toy built in a garage; it is a commercial company with $126 million raised and valued at over $1 billion. Behind it stand Intel Capital and SoftBank Vision Fund. When you take that much venture capital, your boss is no longer the users but the investors. What do investors want? It’s ARR (annual recurring revenue), growth rates, and IPO. When you tell investors, “I have 1 billion Docker downloads!” They ask, “Did those 1 billion downloads pay you a dime?”
Reality is this cruel. Those small and medium enterprises and individual developers using the free version of MinIO are considered low-value assets in the eyes of capital. You open issues, report bugs, ask questions in groups, consuming costly engineering hours, bandwidth, and server resources while you will never convert into paying customers. MinIO’s management clearly knows their real patrons are those 500 Fortune AI mega-model companies. Those training GPT, running autonomous driving data need AIStor, extreme performance, and 7x24 SLA.
So, launching “maintenance mode” is essentially an asset divestiture. MinIO decided to cut off this “bad meat” (free users) and concentrate all resources on the “cash cows” (enterprise AI clients) that can produce milk. From a business strategy perspective, this is called focus. From the perspective of explaining to investors, this is called responsible. But from the open-source point of view, this is called immoral.
Old Feng’s Thoughts#
Old Feng roughly started using MinIO in 2018, when it was still under the Apache license. We deployed several PB-scale object storage clusters to store videos, images, and backups — probably one of the largest deployment practices in China at that time. Old Feng also wrote MinIO deployment monitoring and autoscaling playbooks, contributing somewhat — which are still open-sourced in Pigsty now.
As an open-source entrepreneur, Old Feng can understand the motivation behind such changes. But from the standpoint of open-source contributors and users — Old Feng also knows many folks now harbor only one thought: “I have never seen such shameless people.”
Open-source licenses are not contracts of servitude, but they are a social contract. Developers contribute code, users provide testing scenarios and word-of-mouth, and everyone jointly builds up the project. MinIO enjoyed a decade of community dividends, leveraging the vanity metric of “world’s number one download count” to get funding, only to turn around and tell the users who lifted it up: “You are freeloaders, get lost.” Such behavior destroys the fundamental trust of the open-source community.
This “raise and kill” tactic is even more disgusting than the crypto Rug Pull. Crypto scams take money; MinIO is slicing through the technology stacks of tens of thousands of enterprises worldwide — user choice is not just a binary but a software ecosystem and design philosophy. Once everyone is onboard, raising migration costs to unbearable levels, then suddenly pulling away the ladder. This model was thoroughly discussed by open-source expert Tison in the article “Deceptive Direction Pseudo Open Source Strategy.”
The core problem with this deceptive direction is betrayal. Since MinIO has betrayed the community, the community will abandon it. Alternatives like Garage, SeaweedFS, and even RustFS abound. The tech world is vast, and farewells uncertain. If Old Feng’s thoughts must be summed up, he borrows the dolphin’s words before departure in The Hitchhiker’s Guide to the Galaxy: “So long, and thanks for all the fish.” — Goodbye, and thanks for all the fish.