What's new in StorageGRID 11.2

StorageGRID 11.2 introduces support for SAML-based single sign-on, Cloud Storage Pools that allow objects to be stored outside of StorageGRID, enhancements to the Nodes page, improved audit message processing, and other enhancements and new features.

Single sign-on (SSO) support using SAML

You can now require all StorageGRID users to use single sign-on (SSO) to access the Grid Manager, Tenant Manager, Grid Management API, or Tenant Management API. The new implementation uses the Security Assertion Markup Language 2.0 (SAML 2.0) standard to exchange authentication and authorization data between StorageGRID and Active Directory Federated Services (AD FS).

Administering StorageGRID

Cloud Storage Pools

Cloud Storage Pools allow you to use information lifecycle management (ILM) rules to store objects outside of the StorageGRID system. For example, you might want to move infrequently accessed objects to low-cost Amazon Glacier storage, or you might want to free up on-premise storage by storing older versions of objects externally.

From an ILM perspective, a Cloud Storage Pool is similar to a storage pool. However, while storage pools consist of Storage Nodes or Archive Nodes, a Cloud Storage Pool consists of an external S3 bucket.

As part of this enhancement, the user interface for storage pools has been redesigned.

Administering StorageGRID

Implementing S3 client applications

Enhancements to the Nodes page

Administering StorageGRID

Changes to audit message queuing

Audit message queues can grow over time if the rate at which Storage Nodes generate audit messages is faster than the rate at which the messages can be relayed and processed. In previous releases, if a node's audit message queue consumed the available disk space, the node became unresponsive, requiring manual intervention to resolve.

In this release, the audit message queuing process has been improved, as follows:
  • If the audit message volume for an Admin Node is full, the node is flagged as unavailable to new audit messages until the directory is no longer full. S3 and Swift client requests are not affected.
  • If the audit message volume for a Storage Node with the ADC service is more than 92% full, the node becomes unavailable to new audit messages. The node becomes available when the disk usage drops below 87%. S3 and Swift client requests to other nodes are not affected.
  • If the audit message volume for a Storage Node is more than 85% full, the node starts refusing S3 and Swift client requests.

To help you monitor the size of audit message queues over time, new thresholds control when the Audit Messages Queued (AMQS) alarm is triggered.

Understanding audit messages

Troubleshooting StorageGRID

New audit message categories

The Protocol audit message category (Configuration > Audit) has been replaced by two new categories: Client Reads and Client Writes. You can now set a different audit level for client read operations than for client write operations.

Understanding audit messages

Enhancements to Grid Manager

Administering StorageGRID

Enhancements to Tenant Manager

Using tenant accounts

Enhancements to S3 REST API support

Implementing S3 client applications

Changes to StorageGRID appliances

SG6000 appliance installation and maintenance

SG5700 appliance installation and maintenance

SG5600 appliance installation and maintenance

VMWare: Grid Network supports DHCP

The Grid Network now supports Dynamic Host Configuration Protocol (DHCP) addresses on VMware deployments.

VMware installation

NAS Bridge no longer FPVR

A variance request (FPVR) is no longer needed to access NAS Bridge installation and upgrade files. You can now download NAS Bridge files from the StorageGRID download site.

The supported workload (files 10 MB and larger) and use case (cold archive) for NAS Bridge remain the same even with the removal of the FPVR.

NAS Bridge installation and setup