minio
Secure by Design, Built for Speed, Hardened Container Images on a minimal base CleanStart OS.
50K+
CleanStart Container for MinIO
MinIO is a high-performance, Kubernetes-native object storage solution. This container provides a production-ready MinIO server implementation, compatible with Amazon S3 APIs. It features distributed mode capabilities, encryption-at-rest, identity management, and ransomware protection. Designed for cloud-native applications, it supports both small-scale development environments and large enterprise deployments with petabyte-scale storage requirements.
📌 CleanStart Foundation: Security-hardened, minimal base OS designed for enterprise containerized environments.
Key Features
Common Use Cases
Quick Start
Pull Latest Image Download the container image from the registry
docker pull cleanstart/minio:latest
docker pull cleanstart/minio:latest-dev
Basic Run Run the container with basic configuration
docker run -d -p 9000:9000 -p 9001:9001 --name minio-test cleanstart/minio:latest server /data --console-address ':9001'
Production Deployment Deploy with production security settings
docker run -d --name minio-prod \
--read-only \
--security-opt=no-new-privileges \
--user 1000:1000 \
-p 9000:9000 -p 9001:9001 \
-v /mnt/data:/data \
-e MINIO_ROOT_USER=admin \
-e MINIO_ROOT_PASSWORD=strongpassword \
cleanstart/minio:latest server /data --console-address ':9001'
Volume Mount Mount local directory for persistent data
docker run -v $(pwd)/data:/data cleanstart/minio:latest server /data
Port Forwarding Run with custom port mappings
docker run -p 9000:9000 -p 9001:9001 cleanstart/minio:latest server /data --console-address ':9001'
Configuration
Environment Variables
| Variable | Default | Description |
|---|---|---|
| PATH | /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin | System PATH configuration |
| MINIO_ROOT_USER | minioadmin | MinIO root user for initial setup |
| MINIO_ROOT_PASSWORD | minioadmin | MinIO root password for initial setup |
| MINIO_REGION_NAME | us-east-1 | MinIO server region name |
Security & Best Practices
Recommended Security Context
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
capabilities:
drop: ['ALL']
Best Practices
Architecture Support
Multi-Platform Images
docker pull --platform linux/amd64 cleanstart/minio:latest
docker pull --platform linux/arm64 cleanstart/minio:latest
CleanStart Images: https://images.cleanstart.com/
Community Images:
Docker Hub: https://hub.docker.com/u/cleanstart
GitHub: https://github.com/cleanstart-containers
AWS ECR Public Gallery: https://gallery.ecr.aws/cleanstart/
Presence on Social Media:
Community: https://www.linkedin.com/groups/18324021/
YouTube: https://www.youtube.com/@CleanStartOfficial
Contribute to Container Use Cases: https://github.com/cleanstart-dev/cleanstart-use-cases/
CleanStart offers Docker images that include third-party open-source libraries and packages maintained by independent contributors. While CleanStart maintains these images and applies industry-standard security practices, it cannot guarantee the security or integrity of upstream components beyond its control.
Users acknowledge and agree that open-source software may contain undiscovered vulnerabilities or introduce new risks through updates. CleanStart shall not be liable for security issues originating from third-party libraries, including but not limited to zero-day exploits, supply chain attacks, or contributor-introduced risks.
Security remains a shared responsibility: CleanStart provides updated images and guidance where possible, while users are responsible for evaluating deployments and implementing appropriate controls.
Content type
Image
Digest
sha256:1790272eb…
Size
63.2 MB
Last updated
about 10 hours ago
docker pull cleanstart/minio:0.20260330.001845-amd64