What's new in StorageGRID 11.3

StorageGRID 11.3 introduces a new Load Balancer service, support for high availability node groups, new alerts functionality, improvements to Cloud Storage Pools, enhancements to object ingest and delete processing, new StorageGRID appliances, and more.

New Load Balancer service

A new Load Balancer service is included on Gateway Nodes and on all Admin Nodes. This service provides Layer 7 load balancing of S3 and Swift traffic from clients to Storage Nodes. The legacy Connection Load Balancer (CLB) service on Gateway Nodes is still supported; however, configuring endpoints for the new Load Balancer service is recommended (Configuration > Load Balancer Endpoints).

Administering StorageGRID

High availability groups

You can now create high availability (HA) groups of Admin Nodes and Gateway Nodes (Configuration > High Availability Groups). HA groups use virtual IP addresses to provide active-backup access to Gateway Node or Admin Node services. For example, you can create an HA group of Gateway Nodes and Admin Nodes to provide highly available data connections for S3 and Swift clients. Or, you can create an HA group of Admin Nodes to provide highly available connections to the Grid Manager and the Tenant Manager.

If required, you can achieve an active-active configuration by using round-robin DNS or a third-party load balancer and multiple HA groups.

Administering StorageGRID

Untrusted Client Network feature

You can use the Untrusted Client Network feature to secure the StorageGRID nodes on the Client Network from hostile attacks. The new feature allows you to specify that a given node only accept inbound connections on ports explicitly configured as load balancer endpoints (Configuration > Untrusted Client Network).

For example, you might want a Gateway Node to refuse all inbound traffic on the Client Network except for HTTPS S3 requests. Or, you might want to enable outbound S3 platform service traffic from a Storage Node, while preventing any inbound connections to that Storage Node on the Client Network.

Administering StorageGRID

New alerts functionality

A new alerts system is available to preview in StorageGRID 11.3. The alerts system is designed to be easier to use and more powerful than the legacy alarms system.

Attention: For StorageGRID 11.3, consider the alerts system to be a supplement to the alarms system, not a replacement for it. You must continue to use the alarms system as your primary tool for detecting and resolving any issues with your system.
Some of the benefits of the new alerts system include the following:
  • Multiple alerts of the same type are reported in one email notification to reduce the number of emails received.
  • The Alerts page provides a user friendly interface for viewing current problems across your StorageGRID system. You can expand and collapse groups of alerts and sort the listing by severity, location, or time triggered.
  • Alerts use intuitive names and descriptions to help you understand quickly what the problem is, and they provide the recommended actions for resolving the alert.
  • If you need to temporarily suppress the notifications at one or more severity levels, you can easily silence a specific alert rule for the entire grid, a single site, or a single node.
  • You can create custom alert rules to target the specific conditions that are relevant to your situation and provide your own recommended actions. To define the conditions for different alert severities, you create expressions using the Prometheus metrics listed in the Metrics section of the Grid Management API.
Note: As part of this enhancement, the existing alarms and monitoring information was moved from the instructions for administering StorageGRID to the new instructions for monitoring and troubleshooting StorageGRID.

Monitoring and troubleshooting StorageGRID

Enhancements to Cloud Storage Pools

In addition to using a Cloud Storage Pool to tier object data from StorageGRID to an external location, you can now use Cloud Storage Pools for backup. You can also configure more than one Cloud Storage Pool endpoint. Specifically:

Administering StorageGRID

Enhancements to object ingest

When creating an ILM rule, you can now indicate whether you want the rule's placement instructions to be satisfied when the objects are ingested. Previously, StorageGRID used dual commit—it made two interim copies during ingest and evaluated ILM later.

On upgrade, existing ILM rules continue to use dual commit. After upgrade is complete, you can configure ILM rules to use the new ingest behavior by selecting one of these options: Balanced (which attempts to make all required copies during ingest and performs dual commit if that is not possible) or Strict (which fails ingest if StorageGRID cannot immediately make all required copies).

The Balanced and Strict options cannot be used for some types of object placements. In addition, these options are not recommended for use with erasure-coded objects when objects are larger than 4 MB or if the erasure-coding scheme creates more than seven fragments. (That is, only the 2+1, 4+1, 4+2, and 6+1 erasure coding schemes are recommended.)

Administering StorageGRID

Enhancements to object deletion

StorageGRID 11.3 improves delete performance and introduces synchronous deletion, which enables content to be removed from the grid more quickly in response to client requests.

In previous releases, StorageGRID always provided an immediate response to client delete requests and queued object copies for deletion later. With synchronous deletion, StorageGRID attempts to remove all object copies before providing a client response. This change means that clients might sometimes receive a slower response, even though objects are generally being removed more quickly than they were in the past.

In addition, when an S3 versioned object is deleted, StorageGRID now creates a delete marker as the current version of the object. This behavior matches AWS S3 behavior.

Administering StorageGRID

Enhancements to object capacity

StorageGRID 11.3 optimizes database operations and metadata space allocations to increase the grid’s object capacity. These changes significantly increase the number of objects per node that a StorageGRID deployment can support in many circumstances. The exact number depends on factors such as how many times ILM rules change object placements and how much user metadata and tags are stored per object.

As part of these changes, more space is now reserved for metadata on volume 0 of Storage Nodes that have 128 GB or more of RAM. When you upgrade, the size of the metadata reservation is automatically increased to 4 TB for these larger Storage Nodes, unless the Metadata Reserved Space (CAWM) setting has been changed from its default value of 3 TB (Configuration > Storage Options > Overview).

Administering StorageGRID

Changes to metadata usage reporting

StorageGRID 11.2 and earlier under-reported the amount of metadata used by approximately 10%. After upgrade to StorageGRID 11.3, the reported metadata usage will increase and reflect the actual value. To see the value for used metadata, select Nodes > Storage Node > Storage, and hover over the Storage Used – Object Metadata graph. A pop-up displays Used (%), Used, and Total (allowed) values.

Monitoring and troubleshooting StorageGRID

Changes to ILM processing for Last Access Time

Changing the Last Access Time for an object no longer adds the object to an ILM queue for immediate processing. Instead, the object's placements are re-evaluated during background ILM processing. If you use Last Access Time as a reference time for an ILM rule, you should check and update the time periods you have specified for object placements. Placements should typically last for more than one month.

Administering StorageGRID

Enhancements to the Grid Manager

Administering StorageGRID

Expanding a StorageGRID system

Monitoring and troubleshooting StorageGRID

Enhancements to the Tenant Manager

Using tenant accounts

Enhancements to S3 REST API support

Implementing S3 client applications

Administering StorageGRID

Enhancements to Swift REST API support

Implementing Swift client applications

Audit message changes

Understanding audit messages

Changes to the internal firewall

The firewall service inside of StorageGRID has changed from UFW to nftables, and it has moved to inside the Docker container. This change allows for some firewall ports to be opened only when configured, such as the ports used by the new Load Balancer service. During the upgrade to StorageGRID 11.3, the open ports are reset to the default set.

Note: During the upgrade precheck process, any custom firewall ports that you might have opened are flagged. You must contact technical support before proceeding with the upgrade.

New StorageGRID appliances

SG1000 appliance installation and maintenance

SG6000 appliance installation and maintenance

NAS Bridge enhancements

Administering NAS Bridge

Using the NAS Bridge Management API