MinIO AIStor RELEASE.2025-07-30T15-53-03Z focuses on enhancing performance diagnostics and operational efficiency through improved request tracing, zero-downtime license management, and critical fixes for SSO authentication methods.
Answer
This release delivers practical operational improvements for enterprise deployments. The TTFB trace filtering capability enables rapid identification of performance bottlenecks, while zero-downtime license updates eliminate maintenance windows for license renewals. Organizations using Kubernetes or certificate-based SSO should upgrade immediately to resolve an authentication regression.
New Features
Zero-Downtime License Updates
What
Administrators can now reload a new license via a SIGHUP signal, eliminating the need for a server restart. The system provides immediate log validation of the new license.
Availability
Available in this release.
Why
License updates previously required server restarts, creating maintenance windows and potential service disruptions. For high-availability deployments, coordinating rolling restarts across nodes added operational complexity. Signal-based license reload enables seamless updates during normal operations.
What This Means for Customers
- No downtime for license renewals or upgrades
- Immediate validation with clear log confirmation
- Simplified operations without restart coordination
- Continuous availability during license management
TTFB Trace Filtering
What
Time To First Byte (TTFB) filtering for server-side traces allows rapid identification of performance bottlenecks and slow-responding requests.
Availability
Available in this release.
Why
Performance issues often manifest as slow individual requests rather than overall degradation. Without TTFB filtering, identifying slow requests requires analyzing massive trace logs. TTFB filtering surfaces performance outliers directly, dramatically reducing troubleshooting time.
What This Means for Customers
- Rapid performance diagnosis by isolating slow requests
- Reduced troubleshooting time with targeted filtering
- Better SLA management through bottleneck identification
- Proactive optimization by identifying slow operations before user impact
Bug Fixes
Kubernetes and Certificate SSO Authentication
What
Fixed a regression preventing successful login through Kubernetes and Certificate-based Single Sign-On methods, restoring proper authentication behavior.
Availability
Available in this release.
Why
SSO authentication is critical for enterprise deployments. The regression in the previous release blocked users from authenticating via Kubernetes service accounts or client certificates, disrupting automated workflows and user access.
What This Means for Customers
- Restored SSO functionality for Kubernetes deployments
- Working certificate authentication for enterprise environments
- Unblocked automated workflows dependent on service account auth
- Resolved user access issues from the regression
ILM Metrics Reporting
What
Corrected Information Lifecycle Management (ILM) scan metrics that were incorrectly showing zero values in Prometheus, now providing accurate ILM policy visibility.
Availability
Available in this release.
Why
Accurate ILM metrics are essential for monitoring lifecycle policy execution and capacity planning. Zero-value metrics prevented operations teams from understanding actual ILM activity, making it impossible to verify policy execution or plan for lifecycle transitions.
What This Means for Customers
- Accurate lifecycle monitoring in Prometheus dashboards
- Verified policy execution with real metrics
- Better capacity planning with visibility into ILM activity
- Restored observability for lifecycle management
Replication Rule Management
What
Resolved an issue blocking administrators from disabling the final replication rule on a bucket, enabling complete replication configuration control.
Availability
Available in this release.
Why
Administrators need full control over replication configurations, including the ability to completely disable replication when decommissioning targets or changing architectures. The inability to remove the last rule forced workarounds or left orphaned configurations.
What This Means for Customers
- Complete replication control including full disablement
- Clean decommissioning of replication targets
- Flexible architecture changes without configuration artifacts
Resource Optimization
What
Reduced default background healing worker threads to prevent excessive CPU and memory consumption on high-core-count systems.
Availability
Available in this release.
Why
Modern servers with high core counts would spawn proportionally many healing threads, consuming excessive resources during background operations. This adjustment provides better default behavior while still allowing configuration overrides for specific workloads.
What This Means for Customers
- Lower baseline resource usage on high-core servers
- Better resource availability for production workloads
- Configurable if more healing parallelism is needed
- Improved default behavior without manual tuning
Upgrade Recommendations
| Environment | Recommendation |
|---|---|
| Using Kubernetes or Certificate SSO | Upgrade immediately to fix auth regression |
| Need zero-downtime license updates | Upgrade for SIGHUP license reload |
| Performance troubleshooting needs | Upgrade for TTFB trace filtering |
| Production deployments | Upgrade at next maintenance window |
| Development/Test environments | Upgrade when convenient |
References
For upgrade assistance, contact your MinIO support team.