Skip to main content

What's new in StorageGRID 11.9

Contributors netapp-lhalbert netapp-pcarriga netapp-perveilerk

This release of StorageGRID introduces the following features and functional changes.

Scalability

Data-only Storage Nodes

To allow for more granular scaling, you can now install data-only Storage Nodes. Where metadata processing isn't critical, you can optimize your infrastructure cost-effectively. This flexibility helps accommodate varying workloads and growth patterns.

Cloud Storage Pool enhancements

IAM Roles Anywhere

StorageGRID now supports short term credentials using IAM Roles Anywhere in Amazon S3 for Cloud Storage Pools.

Using long-term credentials to access S3 buckets poses security risks if these credentials are compromised. Short-term credentials have a limited lifespan, which reduces the risk of unauthorized access.

S3 Object Lock buckets

You can now configure a Cloud Storage Pool using an Amazon S3 endpoint. S3 Object Lock helps prevent accidental or malicious deletion of objects. If you tier data from StorageGRID to Amazon S3, having object lock enabled on both systems enhances data protection across the data's lifecycle.

Multi-tenancy

Bucket limits

By setting limits on S3 buckets, you can prevent tenants from monopolizing capacity. Additionally, uncontrolled growth can result in unexpected costs. By having defined limits, you can better estimate tenant storage expenses.

5,000 buckets per tenant

To enhance scalability, StorageGRID now supports up to 5,000 S3 buckets per tenant. Each grid can have a maximum of 100,000 buckets.

To support 5,000 buckets, each Storage Node in the grid must have a minimum of 64 GB of RAM.

S3 Object Lock improvements

Per-tenant configuration capabilities provide the appropriate balance of flexibility and data security. You can now configure per-tenant retention settings to:

  • Allow or disallow compliance mode

  • Set a maximum retention period

Refer to:

S3 compatibility

x-amz-checksum-sha256 checksum

  • The S3 REST API now provides support for x-amz-checksum-sha256 checksum.

  • StorageGRID now provides SHA-256 checksum support for PUT, GET and HEAD operations. These checksums enhance data integrity.

Changes to S3 protocol support

  • Added support for Mountpoint for Amazon S3, which allows applications to connect directly to S3 buckets as if they were local file systems. You can now use StorageGRID with more applications and more use cases.

  • As part of adding support for Mountpoint, StorageGRID 11.9 contains additional changes to S3 protocol support.

Maintenance and Supportability

AutoSupport

AutoSupport now automatically creates hardware failure cases for legacy appliances.

Expanded node clone operations

Node clone usability has been expanded to support larger storage nodes.

Improved ILM handling of expired delete markers

ILM ingest time rules with a time period of Days now also remove expired object delete markers. Delete markers are only removed when a time period of Days has passed and the current delete maker has become expired (there are no non-current versions).

Improved node decommissioning

To provide a smooth and efficient transition to StorageGRID next-generation hardware, node decommissioning has been improved.

Syslog for load balancer endpoints

Load balancer endpoint access logs contain troubleshooting information, such as HTTP status codes. StorageGRID now supports exporting these logs to an external syslog server. This enhancement allows for more efficient log management and integration with existing monitoring and alerting systems.

Additional enhancements for maintenance and supportability

  • Metrics UI update

  • New operating system qualifications

  • Support for new third-party components

Security

SSH access keys rotation

Grid administrators can now update and rotate SSH keys. The ability to rotate SSH keys is a security best practice and a proactive defense mechanism.

Alerts for root logins

When an unknown entity signs in to the Grid Manager as root, an alert is triggered. Monitoring root SSH logins is a proactive step toward safeguarding your infrastructure.

Grid Manager enhancements

Erasure-coding profiles page moved

The Erasure-coding profiles page is now located at CONFIGURATION > System > Erasure coding. It used to be in the ILM menu.

Search enhancements

The search field in the Grid Manager now includes better matching logic, allowing you to find pages by searching for common abbreviations and by the names of certain settings within a page. You can also search for more types of items, like nodes, users, and tenant accounts.