Quick answers to frequently asked questions about migrating to CleanStart.
General Questions
Q: Is CleanStart compatible with my existing Dockerfiles?
A: Mostly yes! CleanStart images use the same language ecosystems (npm, pip, Maven, etc.). However, you may need to adjust the base image name (bitnami/node becomes cleanstart/node), environment variables for databases (POSTGRESQL_PASSWORD becomes POSTGRES_PASSWORD), and build commands (which are usually identical). See language-specific guides for exact compatibility details.
Q: Will my application run faster with CleanStart?
A: Typically yes, but it depends on your workload. Smaller images mean faster pulls and startup with approximately 30-50% improvement. The reduced footprint provides lower memory usage with 10-20% improvement. The same runtime means language runtime performance is identical. You get bandwidth savings on image transfers. You can measure performance with: docker build -t app . && time docker run app.
Q: Do I need to update my entire stack at once?
A: No! Migrate services gradually by starting with stateless services (web apps, workers), moving to supporting services (caches, message queues), and finally migrating databases (which are more critical). You can mix Bitnami and CleanStart during the transition since they're compatible.
Q: Will I lose data during migration?
A: No, if you follow the proper backup procedures. Before switching, run docker exec old-database pg_dump > backup.sql. After starting CleanStart, run docker exec new-database psql < backup.sql. See migration overview for detailed procedures.
Q: Can I rollback if something breaks?
A: Yes, immediately. Keep the old container running and stop the new one with docker stop new-db and docker start old-db. With Kubernetes, use kubectl rollout undo deployment/myservice. No data loss since you backed up first.
Q: How long does migration take?
A: Migration time depends on complexity. A simple app (Node.js, Python) takes 1-2 days. A medium service (PostgreSQL, with testing) takes 1 week. A complex system (multiple databases, replication) takes 2-3 weeks. See the migration overview for detailed timeline examples.
Technical Questions
Q: Are CleanStart images compatible with ARM64 (Apple Silicon)?
A: Yes! CleanStart supports multiple architectures. CleanStart provides multi-arch images that work on ARM64, AMD64, and other architectures. You can check available architectures with the docker manifest inspect command.
Q: Do I need to change my environment variables?
A: For most services, yes—update to standard conventions. PostgreSQL changes from POSTGRESQL_PASSWORD to POSTGRES_PASSWORD. MySQL stays the same. Redis changes from REDIS_PASSWORD to requirepass in config. Node.js and Python use the same environment variables. Check the application guides for exact mappings.
Q: Will my volumes still work?
A: Yes, volumes are compatible. Old container with Bitnami uses the same volume as new container with CleanStart. Data format is identical. Test in staging first with backup.
Q: What about permission issues?
A: Both Bitnami and CleanStart run as non-root. Check if permissions match. If you encounter permission issues, check the UID in Bitnami (usually UID 1001) and in CleanStart (usually UID 65532), then fix volume ownership if needed using docker run --rm -v my-data:/data cleanstart/postgresql:16 chown -R 1000:1000 /data.
Q: Do I need to update my Dockerfile?
A: Minimally. Replace the FROM line from FROM bitnami/node:18 to FROM cleanstart/node:20. Most build logic stays the same. Test locally first.
Q: Are health checks different?
A: CleanStart images include pre-configured health checks. CleanStart health checks are built-in (e.g., redis-cli ping), while Bitnami might require you to define them. You can override health checks if needed using the HEALTHCHECK instruction in a Dockerfile.
Q: What about TLS/SSL certificates?
A: CleanStart doesn't change certificate handling. Copy certs the same way as before with docker cp server.crt postgres:/etc/certs/ or mount volumes. Configuration files use standard location paths.
Q: Do I need a commercial support plan?
A: No! CleanStart is open-source and free. Community support is available through Slack and GitHub issues. Commercial support is optional. Self-support is possible with excellent documentation (this guide!).
Performance Questions
Q: Will my database be slower?
A: Same runtime, might be faster. Database performance is engine-dependent (PostgreSQL, MySQL, etc.). CleanStart vs Bitnami performance difference is less than 5%. Test yourself with docker exec cleanstart-db psql -c "EXPLAIN ANALYZE SELECT * FROM large_table;".
Q: How much disk space can I save?
A: Typically 30-50%. Check image size with docker inspect bitnami/postgresql:15 | jq '.[0].Size' (384 MB) versus docker inspect cleanstart/postgresql:16 | jq '.[0].Size' (230 MB). Savings: 154 MB per image times number of images and replicas.
Q: Does migration affect startup time?
A: Usually improves it. Time container startup with time docker run --rm cleanstart/node:20 node -v. Result: ~0.5s (faster than Bitnami). Smaller images mean faster downloads during container creation.
Q: Will my app use less memory?
A: Slightly, due to smaller base. Monitor memory usage with docker run -d --memory 512m cleanstart/redis:7.2 and docker stats. Memory baseline: 50-80 MB (vs ~100-120 MB with Bitnami). Savings: ~20-30% baseline memory usage.
Security Questions
Q: Are CleanStart images more secure?
A: Yes, CleanStart images are more secure in multiple ways. CVE patching is fixed in 1-3 days compared to 7-14 days with other providers. The smaller surface area means fewer packages and thus fewer vulnerabilities. They provide transparent provenance for supply chain security. All images are pre-scanned before release. CleanStart containers already run as non-root for improved security. Scan for vulnerabilities with docker run --rm aquasec/trivy image cleanstart/postgresql:16 showing no known vulnerabilities.
Q: What about FIPS compliance?
A: CleanStart offers FIPS variants. Standard image: docker pull cleanstart/postgresql:16. FIPS-compliant image (for regulated industries): docker pull cleanstart/postgresql:16-fips. FIPS images use FIPS-certified OpenSSL and cryptography.
Q: Are images signed?
A: Yes, all CleanStart images are signed. Signature verification is automatic when pulling images. Signatures prevent tampering and ensure authenticity.
Q: Do I need to scan CleanStart images?
A: Recommended but rarely needed. Optional additional scanning with docker run --rm aquasec/trivy image cleanstart/node:20 shows no vulnerabilities found. CleanStart images are pre-scanned, but additional scanning doesn't hurt.
Cost Questions
Q: How much will I save?
A: Typically $1,000+ per year, plus significant resource savings. Direct savings include license costs eliminated (Bitnami costs $1,000-5,000/year become free with CleanStart), storage reduction of 30-50% for container images, and bandwidth savings from smaller image pulls. Indirect savings include CPU reduction of 5-10%, memory baseline reduction of 20-30%, and disk storage savings of 50% for image replicas.
Q: Are there hidden costs?
A: No. CleanStart images are free, no licensing is required, no support contracts are mandatory, and they are open source with community maintenance.
Q: What about support costs?
A: Support is optional. Community support is free through Slack and GitHub. Commercial support is available from providers if needed. Most migrations can be self-supported using the provided guide.
Integration Questions
Q: Do my Kubernetes manifests need changes?
A: Minimal. You only need to change the image name from bitnami/postgresql:15 to cleanstart/postgresql:16. Everything else in your Kubernetes manifests stays the same.
Q: Can I use Helm charts?
A: Yes! Both Bitnami and CleanStart work with Helm. Helm charts are image-agnostic, so you just need to update the image in values.yaml when upgrading.
Q: What about CI/CD pipelines?
A: You need to update image references in your CI/CD configuration to use CleanStart images instead of Bitnami images.
Q: Do I need to update my registry mirrors?
A: If using a private registry, you can pull from the public CleanStart registry and mirror the images locally if needed. Then use the internal registry URL in your manifests.
Troubleshooting Questions
Q: My application won't start after migration. What do I do?
A: Follow this troubleshooting process. First, check the logs to see what error occurred. Second, verify that environment variables are correctly set. Third, test connectivity to dependencies to ensure the container can reach required services. Fourth, compare configurations between the old Bitnami and new CleanStart containers. Fifth, check for any differences in the filesystem structure. Finally, if issues persist, rollback immediately to the old container.
Q: Performance is degraded after migration. Why?
A: Debug step-by-step by checking resource limits with docker stats. Check the logs for errors. Monitor metrics to see if there are performance issues. Compare configurations between Bitnami and CleanStart to identify differences. Verify data integrity to ensure nothing was corrupted during migration. See troubleshooting guide for detailed solutions.
Q: How do I roll back from CleanStart to Bitnami?
A: Quick rollback involves stopping the CleanStart container and restarting the Bitnami backup container. Alternatively, remove the new container and restart with the old Bitnami image. As long as you backed up your data first, there will be no data loss.
Version Upgrade Questions
Q: Should I upgrade to the latest CleanStart version?
A: Usually yes because the latest version includes security patches, performance improvements, new features, and official support. Test in staging first before upgrading production.
Q: What about long-term support (LTS)?
A: CleanStart provides active support for current and previous major versions. Security patches are provided for 5 years minimum. Node/Python/Java follow upstream LTS schedules. For example, cleanstart/python:3.12 is supported until October 2028.
Q: Can I stay on an old version forever?
A: Not recommended. Security updates stop after 5 years, so you should plan upgrades every 2-3 years. Staying on old versions leaves your systems without security patches and support.
Still Have Questions?
Community Slack: cleanstart.community/slack. GitHub Issues: github.com/cleanstart/images. Email Support: support@cleanstart.community. Docs: Full documentation index.
Next Steps
- Review migration overview
- Choose your first service
- Follow the language getting-started guide
- Execute migration following the framework
- Share your story in the community!