New Features in 5.2.2

VMS automatically checks the firmware on newly discovered QLC drives in DBoxes and EBoxes and upgrades it so that all drives in the cluster have their firmware versions aligned. The upgrade is performed prior to activating the drives as part of cluster deployment, expansion or field replacement procedures.

Automatic firmware upgrade is supported for the following drives:

Note

The firmware version installed as a result of the automatic upgrade may be not the latest firmware version available at the drive manufacturer.

The following limitation applies:

This feature is enabled by default. You can alter its status as follows:

The progress and outcome of automatic driver firmware upgrade can be monitored in the Activities page of VAST Web UI.

VAST Cluster 5.2.2 offers new metrics, alarms and analytics for cluster's network and switch monitoring. The monitoring is based on Open Telemetry (OTel) metrics collected from the cluster switches, such as:

VMS automatically discovers connected switches that have OTel configured (e.g. are sending telemetry data over gRPC to the VMS IP address using port 4317). A newly discovered OTel-enabled switch appears in the Switches page of VAST Web UI with the Unknown state. The cluster admin must right-click the switch entry and supply the username and password configured on the switch, after which VMS displays the switch state and other details.

To access the network monitoring analytics in VAST Web UI, go to Analytics -> Analytics and in the Predefined Analytics tab, click Switch and select one of the predefined reports. It is recommended to enable Intersampling mode when viewing the analytics.

Alarms are raised in case the switch metrics exceed the thresholds. Note that VMS reports rate-type switch alarms at every 10 minutes. This means that the underlying event could have occurred any time within the 10-minute period prior to the rate-type alarm raised.

Switch metrics can be exported using the /api/prometheusmetrics/switches endpoint of VAST Prometheus Exporter.

The following requirements and limitations apply:

VAST Cluster 5.2.2 can restrict use of TLS ciphers based on the cluster's configuration settings. The restriction can be applied to VAST Web UI access, as well as to S3 and NFS workloads.

As a prerequisite, the cluster must be configured to have TLS v1.3 enforced.

When the cipher restriction is in force, only the TLS_AES_256_GCM_SHA384 cipher suite is accepted for S3 and NFS workloads, and also for VAST Web UI access.

To configure the cluster for cipher restriction:

VMS can report the current number of open S3 connections for each user that has a QoS policy with an S3 connection limit set.

A user query returns a new field that indicates the amount of open S3 connections for the user. To access this field:

The VAST Prometheus Exporter offers a new endpoint, /api/prometheusmetrics/user_connections, that lets you list top N users with largest number of open S3 connections (up to 100 users).

VAST Cluster 5.2.2 adds support for RPC over TLS, a protocol that enables encryption of in-transit Remote Procedure Call (RPC) transactions through the use of TLS. NFSv3 and NFSv4 clients can establish RPC-over-TLS sessions against the VAST NFS server by using the xprtsec=tls mount option.

To enable RPC-over-TLS support on your VAST cluster, contact VAST Support.

The following requirements apply:

To allow for smooth use of RPC-over-TLS with the existing view policy option that sets the cluster to require TLS for all NFS connections, the following setting has been added to skip TLS enforcement in case the NFS connection is established using one of auxiliary NFSv3 protocols (such as MOUNT, NLM, NSM, RQUOTA, NFSACL):