# MinIO AIStor EDGE.2026-01-05T22-35-24Z Released: 2026-01-05 This release focuses on operational excellence and Tables API maturity. Key operational improvements include zero-downtime pool hot-reload, thread pressure monitoring with automatic load shedding, S.M.A.R.T. disk health monitoring, and expanded declarative configuration support. The Tables API received significant attention with hierarchical namespace support, unified transaction recovery framework, and approximately 15 stability fixes covering authentication, multi-table operations, and catalog compatibility. Additional improvements include multiple performance optimizations across the request path, replication SLA monitoring via S3 RTC events, and Windows/macOS IAM compatibility. ## New Features ### Operational Excellence **Zero-Downtime Pool Hot-Reload** (#2302) Add or remove storage pools without server restart by updating config.yaml and sending SIGHUP to the server process. Pool changes are validated across all nodes before application, and S3PeerSys state automatically synchronizes after infrastructure changes (#2635). Enables dynamic infrastructure scaling and decommissioned pool removal without downtime - a critical capability for production environments managing growing storage capacity. **Thread Pressure Monitoring with Automatic Load Shedding** (#2631) Monitors OS thread count against kernel `threads-max` limit and returns HTTP 429 on health endpoints when critical pressure is detected (≥85%). Load balancers and orchestrators automatically route traffic away from overloaded nodes before thread exhaustion causes kernel OOM kills. Includes configurable warning (50%) and critical (85%) thresholds, Prometheus metrics (`minio_process_threads_total`, `minio_process_threads_max`, `minio_process_thread_pressure`), and dynamic configuration. Prevents node crashes from thread exhaustion in high-concurrency scenarios. **S.M.A.R.T. Disk Health Monitoring with Failure Prediction** (#2629) Pure Go implementation monitoring NVMe and SATA drives with failure prediction based on Backblaze's empirical data. Exposes metrics at `/minio/metrics/v3/system/drive/smart`: health status, temperature, power-on hours, power cycles, annual failure rate, available spare (NVMe), media errors (NVMe), reallocated sectors (SATA), pending sectors (SATA). Enables proactive drive replacement before failure, reducing unplanned downtime and data loss risk. Requires root or `CAP_SYS_ADMIN` + `CAP_DAC_OVERRIDE` capabilities. **Expanded Declarative Configuration Support** (#2597) Comprehensive config.yaml support for nearly all server startup flags: rootUser, API settings, object naming mode, bootstrap leader, network timeouts, logging configuration, and pool definitions. Enables complete declarative deployment without command-line arguments, simplifying GitOps workflows and container orchestration. Dynamic configuration updates now supported during subsystem reset where possible (#2645), reducing reconfiguration downtime. **Extended Build Information** (#2603) New `--build-info` flag provides version, commit, build date, and compiler details for debugging and support scenarios. ### Tables API and Iceberg Catalogs **Multi-Level Hierarchical Namespaces** (#2491) Support for up to 10-level deep namespace hierarchies (e.g., `org.dept.team.project.table`) in Iceberg REST Catalog. Includes parent filtering, deletion protection, and optimized performance for nested namespace operations. Critical for large organizations requiring structured table organization across organizational boundaries. **Unified Transaction Recovery Framework** (#2548) Refactored all transaction types (single-table, multi-table) to unified `Recoverable` interface. Eliminates ~200 lines of legacy pending transaction code, provides atomic lock acquisition for multi-table rollbacks, caches recovery state for efficiency, and re-evaluates state with locks held for accurate zombie transaction detection. Reduces duplicate I/O (saves up to 4 disk reads per operation) and improves transaction reliability through consistent recovery logic across all transaction types. **Reserved System Namespaces** (#2385) Prevents users from creating tables in system-reserved namespaces, protecting internal system integrity and preventing accidental conflicts with system operations. **Inventory LastUpdate Timestamp** (#2512) Populates LastUpdate timestamp in inventory job status, enabling stale job detection and progress monitoring. **Inventory Iceberg Format Support** (e395408) Restores createTablesAdapter for inventory reports in Iceberg format. ### Monitoring and Observability **Per-Peer Internode Metrics** (#2610) Detailed per-node internode communication metrics for monitoring cluster health at individual peer level, providing visibility into node performance and connectivity issues within distributed deployments. **S3 Replication Time Control (RTC) Events** (#2606) Implements `ObjectReplicationMissedThreshold` and `ObjectReplicationReplicatedAfterThreshold` events per AWS S3 RTC specification. Configurable threshold via `MINIO_REPLICATION_EVENT_THRESHOLD` (default 15m) with Prometheus metrics (`minio_replication_missed_threshold_total`, `minio_replication_replicated_after_threshold_total`) for replication SLA monitoring and alerting. **Prometheus Metrics for Table Catalogs** (#2614, #2541) TTFB (Time To First Byte) and request count metrics for Iceberg and Delta Sharing endpoints, plus Delta Sharing Prometheus v3 metrics support. Enables performance monitoring and troubleshooting of catalog operations. **Missing Prometheus Metric Descriptors** (#2622) Adds missing metric descriptors for comprehensive observability coverage across all subsystems. ### IAM and Authentication **Case-Insensitive IAM for Windows and macOS** (#2618) Standardizes all IAM assets (policies, access credentials) into case-insensitive maps, aligning with Windows and macOS filesystem semantics. Prevents duplicate entries with different casing that previously caused authentication and authorization inconsistencies on these platforms. ## Improvements ### Performance Optimizations **Request Path Optimizations** (#2638) Comprehensive optimizations reducing memory allocations by 76% (148 GB → 35 GB) and mutex contention by 33% (227s → 151s wait time). Optimized s3ChunkedReader reduces allocations by 94% (17.6 GB → 965 MB). In high-throughput scenarios (400G network, 64 MiB objects, EC 2+2), PUT performance improved from 22.6 to 28.9 GiB/s (+28%). Underlying techniques (allocation reduction, mutex optimization, improved chunked reader) benefit all request types across typical deployments. **Grid RPC Migration for DeleteVersions** (#2640) Migrates storage.DeleteVersions from HTTP REST to Grid RPC, providing persistent connections, binary protocol efficiency, and reduced network overhead for internal cluster communication. **Heap-Based K-Way Merge for ListObjects** (#2544) Replaces O(n*k) linear scan with O(n log k) heap-based merge when combining entries from multiple erasure sets. Significantly improves ListObjects performance for large namespaces, particularly with paginated listing across many erasure sets. **Reduced Heap Allocations** (#2596) Eliminates ~1,600 heap allocations via escape analysis optimization: replaces `fmt.Sprintf("part.%d", n)` with `"part."+strconv.Itoa(n)` to avoid integer boxing, adds package-level empty slice variables, pre-allocates known-capacity slices. Reduces GC pressure in ReadVersion, GetObject, PutObjectPart, CompleteMultipartUpload, and healing operations. **Memory and I/O Optimizations** (#2646, #2650, #2558, #2566, #2567, #2557, #2577, #2438, #2571) Multiple targeted optimizations: - Tables registry single-read (#2646) - reduces metadata I/O - Precompiled regex for validation (#2650) - eliminates 1,200ns/op + 17 allocs/op per table name validation - Abandoned healing moved to MRF (#2558) - reduces scanner overhead - Pooled erasure buffers (#2566) and decompressors (#2567) - reduces allocation churn - Reduced read allocations (#2557) across storage operations - Sharded PutObject temp directories (#2577) - reduces directory lock contention - Reduced disk operations (#2438) for DeleteObject/DeleteVersions/DeleteBulk - SIO buffer recycling (#2571) - prevents memory leaks in encrypted paths ### API and Configuration **API Version Cleanup** (#2623) Named API versions referencing features instead of bare numbers, unexported atomic version to prevent misuse, comprehensive documentation. Returns API version on all Grid calls for compatibility tracking. **io.ReadFull Usage Review** (#2595) Comprehensive review ensuring proper error handling and preventing short read bugs across the codebase. **Ringbuffer Deprecation** (#2505) Removes deprecated non-blocking ringbuffer mode causing edge case issues. **Dependency Updates** (#2621, #2530, #2466) Upgraded all dependencies including madmin-go and Iceberg Go library for latest features, bug fixes, and security patches. **Container Registry Update** (#2513) Replaces proxy-registry.min.dev with registry.min.dev for improved availability. ## Bug Fixes ### Tables API **Multi-Table Share Policy Generation** (#2627) Fixed critical bug where tables sharing the same bucket were skipped after the first table, causing presigned URL access denied errors for tables 2-N in multi-table Delta Sharing shares. Now properly tracks per-table object resources and per-bucket list statements separately. **Transaction Atomicity and Recovery** - Atomic log validation ordering (#2625) - Moves validation before transaction log write to prevent orphaned logs on optimistic concurrency failures - Orphaned log prevention (#2641) - Prevents staged-to-live logs from hiding live table metadata during recovery - Recovery rollback protection (#2636) - Prevents rollback when participant table is dropped - Transaction conflict status codes (#2500) - Returns proper HTTP 409 instead of 500 for client retry logic **Catalog Compatibility and Operations** - Delta Sharing pagination tokens (#2607) - Validates page tokens to prevent errors - Databricks Delta Sharing (#2583) - Fixes endStreamAction inclusion for proper stream termination - LoadTable 404 during recovery (#2617) - Returns proper status instead of internal error - DeleteTable purge and grants (#2510) - Fixes default behavior and adds implicit s3:DeleteObject grant - RCK view conflict detection (#2517) - Detects view conflicts for REST Catalog Kotlin compatibility - View/staged table coexistence (#2393) - Allows view creation when staged table exists with same name - Create* auth filtering (#2519) - Proper permission enforcement for Create operations - Batch catalog operations (#2452) - Fixes record counting and file splitting in large operations - Namespace registry errors (#2573) - Silences spurious errors for empty warehouses - Warehouse tag persistence (#2644) - Persists bucket tags across restarts ### Replication **Race Conditions and State Management** - Site replication races (#2608) - Fixes peer info access without locking in metrics and concDo() - Invalid checksum filtering (#2509) - Prevents corrupted data propagation across sites ### IAM and Authentication - Normalized group members (#2633) - Prevents duplicate/incorrect group membership - OpenID access key operations (#2620) - Fixes listing and info retrieval bugs - LDAP import/export (#2533) - Resolves integration issues - Delta Sharing IAM docs (19d587b) - Updates documentation and fixes IAM action typos ### Server Stability - Unavailable certs directory (#2632) - Graceful handling allows TLS-less start when certs unavailable - Version format panic (#2600) - Graceful degradation for unknown version formats - Storage consistency (#2590) - Improved consistency checks and error handling for edge cases ### Tiering **Free-Version Cleanup** (#2599) When tiered objects are deleted and tier config subsequently removed, cleanup would fail with "tier not found" errors, accumulating markers indefinitely. Now ignores errTierNotFound allowing cleanup, and adds errTierNotInitialized to prevent premature deletion on config loading failures. ### Healing and Maintenance - Distributed maintenance health checks (#2508) - Proper coordination across cluster nodes - Heal metrics count (#2459) - Fixes missing `minio_heal_objects_heal_total` metric updates ### Build and Deployment **GoReleaser ldflags** (#2602) Fixes three bugs: 1. Version: Uses CommitDate directly for RFC3339 format 2. Release: Dynamically extracts RELEASE/EDGE prefix 3. ShortCommitID: Consistent 12-character hash **Package Management** - Rocky Linux URLs (#2612) - Uses stable URLs instead of vault URLs - Missing block configuration (f6beea4) - Fixes r.block and deprecated SetBlocking usage - ClusterCheck signature (339f96e) - Fixes type compatibility ## Security Updates **Dependency Vulnerabilities** (#2621) Comprehensive dependency upgrade addressing govulncheck-identified vulnerabilities across entire dependency tree, including security fixes in transitive dependencies. **CSV DoS Prevention** (#2546) Limits CSV lines to 128KB preventing memory exhaustion via maliciously crafted files with extremely long lines in S3 Select queries. **Public Key Obfuscation** (#2529) Implements rolling key XOR obfuscation preventing plaintext key exposure in memory dumps, reducing key extraction risk from core dumps or memory forensics. --- ## Security & Compliance ### Software Bill of Materials (SBOM) This release includes comprehensive SBOM documentation in multiple formats: - [SPDX JSON](sbom-EDGE.2026-01-05T22-35-24Z.spdx.json) - Standard SBOM format - [CycloneDX JSON](sbom-EDGE.2026-01-05T22-35-24Z.cyclonedx.json) - Security scanner compatible - [Go Modules](go-modules-EDGE.2026-01-05T22-35-24Z.txt) - Human-readable dependency list SBOM files document all direct and transitive dependencies for security auditing and compliance requirements. --- ## Upgrade Instructions For detailed upgrade instructions, please read: https://docs.min.io/enterprise/aistor-object-store/upgrade-aistor-server/ Platform-specific upgrade guides: - **Linux/Bare Metal**: https://docs.min.io/enterprise/aistor-object-store/upgrade-aistor-server/upgrade-aistor-linux/ - **Kubernetes with Helm**: https://docs.min.io/enterprise/aistor-object-store/upgrade-aistor-server/upgrade-aistor-kubernetes-helm/ ### New Configuration Options **Thread Pressure Monitoring** (API subsystem): - `thread_pressure_check`: Enable/disable monitoring (default: on) - `thread_pressure_warning`: Warning threshold (default: 0.50) - `thread_pressure_critical`: Critical threshold (default: 0.85) **Replication SLA Monitoring**: - `MINIO_REPLICATION_EVENT_THRESHOLD`: RTC event threshold (default: 15m) ### Support For enterprise support: - SUBNET Support: https://subnet.min.io - Documentation: https://docs.min.io --- ## Container Images - `quay.io/minio/aistor/minio:EDGE.2026-01-05T22-35-24Z` - `quay.io/minio/aistor/minio:EDGE.2026-01-05T22-35-24Z.fips` ## Downloads ### darwin-arm64 - [minio](https://dl.min.io/aistor/minio/edge/darwin-arm64/archive/minio) - [minio.EDGE.2026-01-05T22-35-24Z](https://dl.min.io/aistor/minio/edge/darwin-arm64/archive/minio.EDGE.2026-01-05T22-35-24Z) - [minio.EDGE.2026-01-05T22-35-24Z.sha256sum](https://dl.min.io/aistor/minio/edge/darwin-arm64/archive/minio.EDGE.2026-01-05T22-35-24Z.sha256sum) - [minio.sha256sum](https://dl.min.io/aistor/minio/edge/darwin-arm64/archive/minio.sha256sum) - [minio.EDGE.2026-01-05T22-35-24Z.asc](https://dl.min.io/aistor/minio/edge/darwin-arm64/archive/minio.EDGE.2026-01-05T22-35-24Z.asc) - [minio.EDGE.2026-01-05T22-35-24Z.minisig](https://dl.min.io/aistor/minio/edge/darwin-arm64/archive/minio.EDGE.2026-01-05T22-35-24Z.minisig) - [minio.asc](https://dl.min.io/aistor/minio/edge/darwin-arm64/archive/minio.asc) - [minio.minisig](https://dl.min.io/aistor/minio/edge/darwin-arm64/archive/minio.minisig) ### linux-amd64 - [minio](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio) - [minio.EDGE.2026-01-05T22-35-24Z](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.EDGE.2026-01-05T22-35-24Z) - [minio-20260105223524.0.0-1.x86_64.rpm.sha256sum](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio-20260105223524.0.0-1.x86_64.rpm.sha256sum) - [minio.EDGE.2026-01-05T22-35-24Z.sha256sum](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.EDGE.2026-01-05T22-35-24Z.sha256sum) - [minio.sha256sum](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.sha256sum) - [minio_20260105223524.0.0_amd64.deb.sha256sum](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio_20260105223524.0.0_amd64.deb.sha256sum) - [minio_20260105223524.0.0_x86_64.apk.sha256sum](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio_20260105223524.0.0_x86_64.apk.sha256sum) - [minio.EDGE.2026-01-05T22-35-24Z.asc](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.EDGE.2026-01-05T22-35-24Z.asc) - [minio.EDGE.2026-01-05T22-35-24Z.minisig](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.EDGE.2026-01-05T22-35-24Z.minisig) - [minio.asc](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.asc) - [minio.minisig](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.minisig) - [minio-20260105223524.0.0-1.x86_64.rpm](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio-20260105223524.0.0-1.x86_64.rpm) - [minio.apk](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.apk) - [minio.deb](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.deb) - [minio.rpm](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.rpm) - [minio_20260105223524.0.0_amd64.deb](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio_20260105223524.0.0_amd64.deb) - [minio_20260105223524.0.0_x86_64.apk](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio_20260105223524.0.0_x86_64.apk) ### linux-amd64 (FIPS) - [minio.EDGE.2026-01-05T22-35-24Z.fips](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.EDGE.2026-01-05T22-35-24Z.fips) - [minio.fips](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.fips) - [minio.EDGE.2026-01-05T22-35-24Z.fips.sha256sum](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.EDGE.2026-01-05T22-35-24Z.fips.sha256sum) - [minio.fips.sha256sum](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.fips.sha256sum) - [minio.EDGE.2026-01-05T22-35-24Z.fips.asc](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.EDGE.2026-01-05T22-35-24Z.fips.asc) - [minio.EDGE.2026-01-05T22-35-24Z.fips.minisig](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.EDGE.2026-01-05T22-35-24Z.fips.minisig) - [minio.fips.asc](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.fips.asc) - [minio.fips.minisig](https://dl.min.io/aistor/minio/edge/linux-amd64/archive/minio.fips.minisig) ### linux-arm64 - [minio](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio) - [minio.EDGE.2026-01-05T22-35-24Z](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.EDGE.2026-01-05T22-35-24Z) - [minio-20260105223524.0.0-1.aarch64.rpm.sha256sum](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio-20260105223524.0.0-1.aarch64.rpm.sha256sum) - [minio.EDGE.2026-01-05T22-35-24Z.sha256sum](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.EDGE.2026-01-05T22-35-24Z.sha256sum) - [minio.sha256sum](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.sha256sum) - [minio_20260105223524.0.0_aarch64.apk.sha256sum](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio_20260105223524.0.0_aarch64.apk.sha256sum) - [minio_20260105223524.0.0_arm64.deb.sha256sum](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio_20260105223524.0.0_arm64.deb.sha256sum) - [minio.EDGE.2026-01-05T22-35-24Z.asc](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.EDGE.2026-01-05T22-35-24Z.asc) - [minio.EDGE.2026-01-05T22-35-24Z.minisig](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.EDGE.2026-01-05T22-35-24Z.minisig) - [minio.asc](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.asc) - [minio.minisig](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.minisig) - [minio-20260105223524.0.0-1.aarch64.rpm](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio-20260105223524.0.0-1.aarch64.rpm) - [minio.apk](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.apk) - [minio.deb](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.deb) - [minio.rpm](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio.rpm) - [minio_20260105223524.0.0_aarch64.apk](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio_20260105223524.0.0_aarch64.apk) - [minio_20260105223524.0.0_arm64.deb](https://dl.min.io/aistor/minio/edge/linux-arm64/archive/minio_20260105223524.0.0_arm64.deb) ### windows-amd64 - [minio.exe](https://dl.min.io/aistor/minio/edge/windows-amd64/archive/minio.exe) - [minio.exe.EDGE.2026-01-05T22-35-24Z](https://dl.min.io/aistor/minio/edge/windows-amd64/archive/minio.exe.EDGE.2026-01-05T22-35-24Z) - [minio.exe.EDGE.2026-01-05T22-35-24Z.sha256sum](https://dl.min.io/aistor/minio/edge/windows-amd64/archive/minio.exe.EDGE.2026-01-05T22-35-24Z.sha256sum) - [minio.exe.sha256sum](https://dl.min.io/aistor/minio/edge/windows-amd64/archive/minio.exe.sha256sum) - [minio.exe.EDGE.2026-01-05T22-35-24Z.asc](https://dl.min.io/aistor/minio/edge/windows-amd64/archive/minio.exe.EDGE.2026-01-05T22-35-24Z.asc) - [minio.exe.EDGE.2026-01-05T22-35-24Z.minisig](https://dl.min.io/aistor/minio/edge/windows-amd64/archive/minio.exe.EDGE.2026-01-05T22-35-24Z.minisig) - [minio.exe.asc](https://dl.min.io/aistor/minio/edge/windows-amd64/archive/minio.exe.asc) - [minio.exe.minisig](https://dl.min.io/aistor/minio/edge/windows-amd64/archive/minio.exe.minisig) ## Changelog [View changes since EDGE.2025-12-13T08-46-12Z](https://github.com/miniohq/eos/compare/EDGE.2025-12-13T08-46-12Z...EDGE.2026-01-05T22-35-24Z)