For years, Bitnami was the “go to solution” for Kubernetes applications. But the landscape has shifted. With the Bitnami “Free” (Community) charts now deprecated and no longer receiving security updates, staying on that path isn’t just an inconvenience—it’s a liability. If you aren’t paying for their enterprise tier, you are running unpatched CVEs on outdated infrastructure.
Migration to official Docker Hub WordPress Images
To reclaim control, we’ve migrated to the Slybase WordPress Helm Chart. This isn’t just about updates; it’s about moving to a leaner, “Kubernetes-native” architecture. Unlike the heavily opinionated Bitnami logic, the Slybase setup leverages the official Docker Hub images, ensuring you get the latest PHP and WordPress versions without the proprietary bloat.
A “Clean Slate” Migration
One of the main hurdles in migrating is the Persistent Volume Claim (PVC). Instead of “fiddling” with re-using old, Bitnami-formatted volumes, the most reliable path is the Clean Slate Strategy:
- Spin up the new Helm chart with a fresh PVC.
- Restore a standard WordPress backup (like UpdraftPlus or All-in-One WP Migration).
- Decommission the old Bitnami chart once the data is verified.
The “Hidden” Boss: Mandatory TLS for External DBs
The biggest technical shift you’ll face—especially if your MariaDB is hosted externally—is the strictness of modern MariaDB clients.
The clients bundled with PHP 8.3+ have moved to a “Secure by Default” posture. If your database is not deployed within the local scope of the chart, the client will demand a secure, verified TLS handshake.
- Identity Matters: Your database needs a valid FQDN that matches its certificate.
- Trust is Built-In: By using a publicly trusted certificate (via Let’s Encrypt and DNS-01), your WordPress pods gain native trust without the need for custom CA injection or “bricking” other HTTPS connections.