VAST Cluster 5.3.5 is released to General Availability as of February 2025.
To access this release, contact the VAST Customer Success team via a support ticket, Slack, or by sending an email to support@vastdata.com.
Upgrade to VAST Cluster 5.3.5 is supported from the following releases:
5.3.4 - 5.3.4-SP5
5.3.3 - 5.3.3-SP7
5.3.2 - 5.3.2-SP7
5.3.1 - 5.3.1-SP3
5.3.0 - 5.3.0-SP8
5.2.2 - 5.2.2-SP12
5.2.1 - 5.2.1-SP6
5.2.0 - 5.2.0-SP22
Note that direct upgrade may not be supported from hotfix builds. Consult VAST Support regarding upgrade if your cluster is running a hotfix build.
New Features in 5.3.5
QUOTAS
SMB
AUTHENTICATION AND AUTHORIZATION
Quota Groups
VAST Cluster 5.3.5 provides support for quota grouping.
You can create a quota group (a group of directory quota) and configure quota group limits that will apply to directories of all directory quotas included in the quota group. Limits defined at the quota group level apply to the set of member directories as a whole (not to each individual directory).
Limits that can be set per quota group include soft and hard limits on capacity usage and on the number of files and directories, as well as the grace period. In addition, a quota group can enforce raising VMS alarms on reaching a limit, and also querying providers for user email addresses.
Quota group limits are imposed in addition to and on top of the limits imposed by its member quotas. The most restrictive limit applies.
The following user controls have been added to manage groups of quotas:
In VAST Web UI: a new Quota Groups page (Element Store -> Quota Groups) that lists existing quota groups and provides the functionality for managing quota groups.
A new Quota Groups page (Element Store -> Quota Groups) that lists existing quota groups and provides the functionality for managing quota groups.
The Quota Group -> Add to existing and Quota Group -> Create new group options in the right-click menu for a quota listed in the Element Store -> Quotas page.
A new field named Quota Groups in quota settings (Element Store -> Quotas -> choose to create or edit a quota -> Quota Rules tab) that lets you create an association between a quota and a quota group.
In VAST CLI:
A set of
quotagroup *commands to manage quota groupsThe
--quota-groups-idsand--detach-all-quota-groupsoptions on the quota modify command.
The following rules and limitations apply:
A quota group can contain up to 1K quotas.
A quota can be added to up to 4 quota groups.
Nesting of quota groups is not allowed.
ORION-316351: Changes in quota group membership can only be done by overwriting the entire list of member quotas. It's not possible to append an existing quota group, or to remove a quota from a quota group.
ORION-314856: Grouping of user quotas is not supported.
The following known issue can be encountered:
ORION-331929: When adding quotas to a quota group, VAST Web UI does not let you select a range of quotas by clicking the first and the last quota in the range. If your set of quotas is too large to click each quota in the list, use VAST CLI or VAST REST API as a workaround.
Managing Open SMB Files
VAST Cluster 5.3.5 offers enhanced functionality that helps you manage SMB open file handles and byte-range locks. You can:
List all open files and directories under a certain path
Close selected files or folders (will close all open handles on files)
Unlock all SMB byte-range locks on selected files
List all open handles of a single chosen file or folder
Release selected open handles of a single chosen file or folder
The following user controls are provided:
In VAST Web UI:
Right-click a view in the Views page (Element Store -> Views) and choose Open SMB Files -> SMB Locks & Open Handles to open the SMB Locks & Open Handles dialog. This dialog lets you query the cluster for all SMB byte-range locks and open handles that exist for a certain directory.
The query returns a list of paths with indication of whether the files or folders are opened. In addition, an indication of whether SMB byte-range locks exist is provided. For each path, you can run a subsequent query for open handles, providing further details such as the client IP, access type, username, session ID. You can right-click a path in the list and display a list of open handles, release SMB byte-range locks, or close all handles and locks.
In VAST CLI:
There is a new set of commands,
openfilesquery *, that let you create and manage queries for listing and closing SMB open files.A new cluster close-open-files command lets you close specific open files by specifying a file path and a tenant.
In addition to the above, the pre-existed lock management functionality in VAST Web UI (available through the Locks context menu option per view) has been improved as follows:
The option name has been changed from Locks to Multi-Protocol File State.
The two suboptions bring you to the File Handles and Byte-Range Locks on a File dialog with one of the following tabs open:
Byte-Range Locks - to list and release byte-range locks for a certain full path on a specific tenant,
Open Protocol Handles - to list and close open protocol handles for a certain full path on a specific tenant.
As previously, there is an option to release all locks for the specified directory and its subdirectories.
The following limitations apply:
In VAST Global Namespace, operations on open file handles are only supported for the current cluster.
ORION-289428: SMB open file queries do not show open SMB hardlink destination files.
ORION-288057: When listing files on a path where there is an open ADS stream (
path\file:stream), the stream is shown as if the file is a folder (\path\file\stream).
Specifying Active Directory DCs and GCs for LDAP Queries
You can optionally configure a list of Active Directory domain controllers and/or global catalogs to be used for LDAP queries in addition to those found during domain auto-discovery. This is useful in situations where not all of the discovered DCs or GCs are accessible by the VAST cluster.
The configured list will only be used when directing LDAP queries when checking permissions on user access. It does not affect authentication flows, for which all of the discovered DCs are used.
The VMS raises an alert if one of DCs/GCs in the list becomes unreachable.
The following user controls are intended for this feature:
In VAST Web UI, the Enable Allowlist of DCs for LDAP Queries option in Active Directory settings (User Management -> Providers -> choose co create or edit an Active Directory provider) opens a pane where you can manage DCs and/or GCs in the list.
In VAST CLI, the existing
--urlsoption on theactivedirectory createandactivedirectory modifycommand has been updated to allow for managing the list entries.
The following rules and limitations apply:
When enabled, the list must include DCs or GCs from all supported domains. Querying a user from a domain not included in the list, is expected to fail. For example, if you want to allow queries from both the root domain and its child domain, both root and child must be listed.
The list must include at least one Global Catalog.
The list can contain up to 10 entries.
The Active Directory provider must have multi-forest authentication disabled.
The following known issue may be encountered:
ORION-324090: When trying to configure a list that does not contain a GC, the VAST cluster responds with LDAP sanity check result: Unknown error error instead of referring to the absence of the GC in the list.
Enhancements in 5.3.5
Install and Upgrade
ORION-297024: Introduced internal optimizations to reduce disk space requirements for VAST software bundles.
ORION-288957: Added a validation that runs when deploying Dell Turin CNodes to ensure that the VAST OS partition has been encrypted before starting the VAST Cluster Install process.
Networking
ORION-290049: Exposed an alarm that VMS raises when a low link speed condition is detected for a NIC. This alarm will be displayed in VAST Web UI similar to other VMS alarms.
ORION-287792: Enhanced the cluster's networking configuration script (
configure_network.py) to provide an ability to configure internal interfaces without a VLAN tag.ORION-154702: Blocked access to TCP port 5000 from outside the cluster's internal network.
NFS
ORION-324346: Support for NFS aliases in VAST implementation of Remote Quota Protocol (rquota) has been deprecated.
ORION-246695: Added an ability to configure the cluster so that it returns a POSIX-compliant subdirectory count (nlink) for NFS directories, which is calculated as follows: <number of child directories> + 1 (link from parent) + 1 (link from '.'). To enable the new behavior on your cluster, contact VAST Support. By default, the cluster returns nlink = <number of child directories> + 1.
SMB
ORION-285313: Added an ability to control whether the cluster returns a file's absolute path as part of the SMB request's FILE_NAME_INFORMATION structure (within the FILE_ALL_INFORMATION element). By default, the cluster does not return the absolute path, including the file name, in FILE_NAME_INFORMATION, which corresponds to the server behavior of more recent Windows versions. To configure the cluster so that it returns the absolute path, which mimics the behavior of older Windows versions, contact VAST Support.
ORION-268049: Updated SMB lease management logic so that accessing a file with READ_CONTROL permissions does not break an existing write lease. The new behavior is enabled by default. To revert to the old behavior where an existing write lease would be revoked upon READ_CONTROL access, contact VAST Support.
Data Protection
ORION-143808: Added support for using global snapshot clones with S3 versioned buckets.
VMS
ORION-312832: Added metrics to help detect scenarios where S3 requests are blocked due to reaching the maximum allowed number of active requests:
s3_alloc_active_request_latencyreports the latency when waiting for active request allocation.s3_alloc_active_request_blocked_cntcounts the requests that were blocked due to reaching the maximum.
ORION-298733: Introduced a caching mechanism that helps reduce the response time of the
/api/prometheusmetrics/allendpoint. By default, the caching is disabled. To enable it, contact VAST Support.ORION-298387: VAST Prometheus Exporter offers a new endpoint,
prometheusmetrics/host_view, that lets you export performance metrics per client IP address accessing a certain view.ORION-298364: VAST Prometheus Exporter offers a new endpoint,
prometheusmetrics/volumes, that lets you export block volume metrics.ORION-292530: VAST Prometheus Exporter is now capable of exporting the two VMS metrics:
query_avg_timeandcpu.ORION-291854: Added logic to allow for exporting the VAST Prometheus Exporter
vast_vms_alarmsmetric when there are no active alarms on the cluster.ORION-291106: A new VAST Prometheus Exporter endpoint,
prometheusmetrics/vms_state, lets you export a metric that shows the overall operational state of the VMS (Clustered or Degraded).ORION-276931: Added a new category of predefined analytics reports, Volume, that lets you display predefined analytics on block volumes.
ORION-237600: VAST Prometheus Exporter can export the following metrics related to S3 bucket monitoring:
Counts of GET, PUT, DELETE, HEAD, POST requests per view
Count of client error responses per view
VAST Web UI
ORION-275663: The cluster settings tabs (Settings -> Cluster) have been redesigned to improve user experience.
VAST CLI
Added a new set of commands to manage EBoxes:
ebox add,ebox replaceebox modifyebox list,ebox showebox led
ORION-328403: The
vms listcommand output now includes fields related to using IPv6 virtual IPs for management data.
Resolved Issues in 5.3.5
Install and Upgrade
ORION-303306: Resolved an issue where the IP address set for the file server during an upgrade could not be reached by other nodes in the cluster, causing the bundle upload process to fail with the
failed running curlerror.ORION-300528: Resolved an issue where an attempt to upgrade the cluster could not succeed due to the
not enough values to unpack (expected 4, got 1)error.ORION-296381: Resolved an issue where a
session req failederror occurred when trying to start the SFTP client during a VAST OS upgrade.ORION-295804: Made updates to reset the Force flag following an upgrade so that the flag does not persist across cluster maintenance operations.
ORION-289010: Improved handling of GPG keys during upgrades to resolve a issue where an upgrade could not be completed due to old keys still present in the OS.
ORION-282988: Resolved an issue where after starting an upgrade procedure, view-level metrics could not be obtained from the cluster.
ORION-275659: Re-enabled the Automatic Upgrade Of Drive Firmware functionality.
ORION-265551: Resolved an issue where a VAST Cluster Install task could not complete due to the
failed running curl: Process exited with non-zero exit status 6error.ORION-263448: Resolved an issue where an upgrade procedure that included VAST OS, firmware and BMC upgrades, could not proceed because the BMC was unresponsive following the upgrade.
Cluster Expansion
ORION-317833: Made updates to allow cluster expansion that involves the change from the CERES_SIXTY_TB_DRIVES or CERES_SIXTY_TB_DRIVES_SINGLE_DBOX SCM section layout to the THIRTY_TB_DRIVES layout.
ORION-253462: Resolved an issue where during cluster expansion by running the
dbox addcommand of VAST CLI, a DBox with a failed SSD was allowed to be added in INIT state without any indication of the fault present.
Node Replacement
ORION-257837: Improved FRU procedures to prevent a flow where a dual NIC node could be automatically detected as a single-NIC node, causing incorrect assignment of virtual IPs.
Networking
ORION-315962: Improved virtual IP balanding routines to resolve an issue that could cause high load on switch CPUs during CNode activation.
ORION-305190: The cluster networking configuration script (
configure_network.py) now supports configuring external inband interfaces with external VLAN tags.ORION-298832: Added an ability to choose the type of the GARP packet sent by the VAST cluster to the switch each time when a virtual IP moves to a different cluster node. By default, a GARP reply packet is sent, which is not sufficient with some switches having a long ARP cache timeout. To configure the cluster to send a GARP request, contact VAST Support.
ORION-298538: Resolved an issue where unexpected cross-subnet traffic was encountered in the cluster's L3 network.
ORION-293813: Implemented support for the intra-node failover of the virtual IP used for VMS management data in L3 environments. If the virtual IP's bound interface goes down, the virtual IP is moved to another interface on the same CNode and remains reachable. Prior to this change, the virtual IP was kept reachable only in case of the VMS moving to a different CNode.
ORION-293151: Enhanced the cluster networking configuration script (
configure_network.py) to avoid setting incorrect netmasks for internal IPs when using L3 access to CNodes.ORION-290303: Updated the validation that VMS runs on attempts to configure BGP for an InfiniBand (IB) cluster so that BGP configuration is blocked if the cluster's external network is IB. Prior to this change, the blocking could be applied to clusters with internal IB networking.
ORION-290104: Improved the way VMS accomplishes a restart of the OpenSM service on the cluster nodes after updating the OpenSM configuration file (
opensm.conf), to prevent a flow that could occur after node removal and result in temporary service disruption.ORION-284716: Added a validation to disallow enabling BGP on a cluster where one of the CNodes is configured with a single NIC.
ORION-279550: For L3 environments, made updates to avoid prioritizing BGP-learned routes to the VMS virtual IP over the default gateway route, so that the VMS virtual IP always remains reachable from outside the cluster.
ORION-263458: Resolved an issue that could cause the cluster networking configuration script (
configure_network.py) to fail with aport_locations and external_interfaces_left_to_right mismatcherror when trying to configure left and right-port virtual IP pools for two separate IB networks.ORION-263453: Made updates to ensure that HPE Ice Lake NIC port layouts in Infrastructure pages of VAST Web UI include correct indication of whether a port is left or right.
ORION-204316: Enhanced the cluster networking configuration script (
configure_network.py) to ensure that it properly configures CNodes on HPE IceLake clusters when CNode Port Affinity is used.
Element Store
ORION-337258: Resolved an issue that could cause multiple CNode containers to restart with the
assertion failed: ((__left) != (__right)) (0 != nullptr)error when applying a view policy where the hosts' DNS names (specified in host access rules) could not be resolved.ORION-321874: Updated quota processing to resolve an issue that could cause a CNode container restart with a
timeout expired for @life_type=16,life_gen=73543180 (TRAVIS)error.ORION-303873: Resolved an issue that could cause allocated 90% of mooktze buffers! top consumer is MD_FLASH_BUFFERS alerts on CNodes when processing many large sparse files.
ORION-301041: Resolved an issue that could cause increased consumption of cluster's auxiliary capacity by snapshots.
ORION-296391: Resolved an issue that could cause a CNode container to restart due to an
allocated 90% of mooktze buffers! top consumer is ESTORE_DFS_TRAVERSAL_CTXerror when moving a path with an extremely large amount of subdirectories to the trash folder.ORION-288947: Resolved an issue that could cause CNode containers to restart with the
assertion failed: (snap_line.equal(MAX_SNAP_LINE))error.ORION-286281: Resolved an issue that could cause multiple CNode containers to restart with the
assertion failed: (index > 0)error, followed by ESTORE:TREE_UNLINKER denylist alert on the cluster.ORION-265986: Made updates to prevent CNode container restarts when running snapshot deletion or defragmentation routines with DATA_INPLACE_ENTRIES_COLLAPSER.
ORION-250931: Updated VAST Catalog-related optimizations to resolved an issue that could cause multiple CNode containers to restart due to
timeout expired <...> (TRAVIS) and spinlock lock takes too longerrors.
Quotas
ORION-283140: Eliminated a flow that could occur during an upgrade and cause the VMS to report some used quota for an empty directory.
ORION-276063: Resolved an issue that could cause a
"time_to_block": ["This field may not be null."]error when trying to modify a quota on an upgraded cluster.ORION-229223: Improved synchronization of quota state information between quota tasks to resolve an issue where QUOTA_BLOCKED_USERS alerts did not provide information on the names of blocked users, although other quota alerts included user information as appropriate.
Lifecycle Rules
ORION-285683: Made updates so that deletion of a lifecycle rule tag in VAST Web UI does not cause unintended deletion of other tags in the rule.
NFSv4
ORION-293007: Updated handling of the SGID bit to avoid a flow where the SGID could get overwritten when the file owner user modified the file from a different client.
SMB
ORION-303919: Improved handling of invalid characters in SMB CREATE requests so that they do not cause session disconnections.
ORION-285894: Optimized handling of a specific SMB read workload to reduce latency.
ORION-283516: Updated handling of SMB2 LOCK requests to avoid unnecessary waiting for a Lease Break Acknowledgment (ACK) before granting the lock. This update resolves an issue where during processing of a specific SMB workload, increased latency could be encountered when the number of simultaneously connected clients exceeded a certain threshold.
ORION-276447: Made updates to prevent SMB processing from building up delays upon LDAP connectivity issues, which could cause occasional timeouts on SMB connections.
S3
ORION-310618: Made updates to prevent a race condition that could cause a GetObject request to return incorrect
x-amz-meta-filenamelength if the request was processed immediately after a PutObject request for the same object.ORION-306240: Resolved an issue that could occur when processing an S3 request to delete a versioned object and cause the CNode container to restart with the
((fiber->get_state()) == (expected_state))error.ORION-304591: Improved handling of requests where the number of slashes in the path exceeds the allowed maximum to avoid a flow that could cause the CNode container to restart with the
(((size_t)used) < (*left)) (1045 < 959)error.ORION-303970: Added handling of response-content-type and response-content-disposition query parameters in GET and HEAD requests to avoid failing the requests due to the Unknown header name error.
ORION-298092: Made updates to rule out an edge case where a GetObject request for a non-existent object in a versioned bucket could incorrectly return the 403 Access Denied error (instead of 404 Not Found/NoSuchKey).
ORION-287465: Updated the internal logic responsible for producing VAST S3 error responses to properly clear the response error string from the error message buffer so that it never leaks to subsequent responses. Prior to this change, VAST response to an S3 request could, in some cases, include random parts of the original request.
ORION-284685: Resolved an issue that could cause connection timeouts when processing S3 PutObject requests with larger TLS record sizes (such as those initiated with Boto3 1.40.42 and later) in high-load network environments.
ORION-270881: Improved handling of a specific scenario that involved repeated PutObject attempts to prevent an outcome where the resulting object had an incorrect ACL.
ORION-261852: Enhanced S3 connection establishment routines to resolve an issue that could cause occasional CNode container restarts when processing S3 workloads.
Block
ORION-315889: Resolved an issue where an attempt to perform bulk mapping of block hosts to volumes returned
Error 409 Client Error: Conflict for url: <...> Try to create block object that already existwhile the VMS was not reporting any existing mappings for the affected volumes.
VAST Audit Log
ORION-315379: Added indication of the RPC subtype when logging an NFSv4 OPEN request so that you can tell whether a new or an existing file was opened.
Event Publishing
ORION-287250: Resolved an issue where a FAILED_TO_ACQUIRE_METADATA error occurred when trying to write to an event topic using VAST Event Broker.
VAST Database
ORION-296966: Changed the severity of an alert that is raised in case of a very long user transaction from alert to notification.
ORION-286881: Made updates to prevent a race condition that could occur when reading a table layout from a Parquet file into a VAST Database, causing a
Failed reading existing table layout <...>error during the import.
Managed Applications
ORION-297223: Resolved an issue where a Spark managed application was stuck in Partially Active state due to a permission denied error that occurred when the Spark History Server attempted to mount an external NFS export, preventing the server from starting.
Replication
ORION-289735: Resolved an issue where an attempt to remove a destination peer immediately after it was created, resulted in the peer getting stuck in the Deleting state.
ORION-285866: Resolved an issue that could occur in synchronous replication environment where one peer is running VAST Cluster 5.3.x and the other peer is being upgraded from 5.2.x to 5.3.x, and cause temporary service disruption of the peer that was not being upgraded.
ORION-280206: Added an alarm to be raised when a replication stream fails to create the snapshots or misses its snapshot schedule (as stipulated by the protection policy). In addition, made updates to avoid raising alarms on replicated streams that have been suspended.
ORION-284392: Removed extra alerts that could be raised in case of a replication stream state and health change.
ORION-267046: Resolved an issue where an attempt to delete a protected path with a replication stream in a CREATE_FAILED state resulted in a DELETE_FAILURE_OBJ_IS_BEING_USED error.
VAST Dataspace
ORION-288073: Improved token refreshment routines to prevent specific flows that could result in VAST Dataspace tasks getting stuck in pending state.
Authentication and Authorization
ORION-315025: Added support for NIS groups with an empty password field (
mygroup::GID:user). Prior to this change, NIS groups with an empty password field were not taken into account when processing queries for their member users, which could cause user authorization failures.ORION-304679: Resolved an issue where in an environment with many DCs in DNS configuration, the Active Directory discovery process took longer than expected because of extra steps performed upon reaching the maximum required number of discovered healthy servers.
ORION-304588: Reinstated the option to enable Active Directory multi-forest authentication in VAST Web UI: User Management -> VAST Providers -> Active Directory -> open a provider -> Advanced tab -> Enable trusted domains on other forests.
ORION-289680: Updated the logic used to block access by users that have been locked out in the authentication provider to resolve an issue where a regular (not locked out) user could not gain access due to a
user has lockout time use_auth_provider=1error.ORION-283539: Improved handling of a case when the cluster cannot connect to any LDAP server to resolve an issue where S3 clients sporadically encountered a
user not found (deleted) for access key=<...>error.ORION-279873: Resolved an issue where the cluster was unable to discover an Active Directory GC that was configured on the top-level domain.
ORION-279600: Made updates to reduce the number of Active Directory discovery processes that could be triggered automatically when querying users during SMB access checks to prevent intermittent SMB connection errors due to high load on the DNS and the DC.
ORION-278284: Made updates to prevent the cluster from incorrectly setting the LDAP state to DEGRADED in case DNS resolution times out during a periodic health check.
VMS
ORION-328358: Optimized verbose tracing to reduce space consumption.
ORION-311777: Resolved an issue that could prevent VMS from presenting virtual IP pool metrics when the user clicks the Get Latest Data button on an analytics page that is set to display metrics for a single object.
ORION-307550: Enhanced processing of very large OpenSM logs to prevent a flow that could cause the VMS to restart due to workers being stuck.
ORION-306021: Restricted VAST Prometheus Exporter's
/api/prometheusmetrics/alarmsquery results to alarms intended for admin users only. Prior to this change, the results could also include alarms intended for root and support users.ORION-301114: Improved management of metrics collection tasks to avoid a flow that could result in inability to obtain the metrics during an upgrade.
ORION-291686: Updated calculations for the read and write latency shown in the Analytics -> Data Flow page of VAST Web UI to ensure that the values represent a weighted average across all the nodes.
ORION-288647: Updated the logic used to refresh dataflow hostnames (the Refresh data flow hosts now button in the Settings -> Dataflow Settings dialog of VAST We UI) to avoid showing the
Failed to update hostnameerror for hosts that have not been running IO for more than one hour.ORION-286895: Made updates to improve memory consumption by the VMS.
ORION-286823: Changed the default value for the Timeframe field in rate-type event definitions from 5m to 10m.
ORION-285168: Disabled the
CNode <cnode> packets pruned due to buffer overrun increased by <rate> within <timeframe>alarm.ORION-283527: Made updates to prevent timeouts when performing bulk deletion of snapshots.
ORION-280480: Adjusted the logic that VAST Prometheus Exporter uses for collecting user quota metrics to resolve an issue where not all of user quotas were appearing in
/api/prometheusmetrics/quotasquery results.ORION-279229: Resolved an issue that could cause an intermittent
'NumberInFilter' object has no attribute 'lookup_expr'error when trying to list CNodes in VAST Web UI or VAST CLI.ORION-239453: Resolved an issue where following a VMS HA event, an attempt to log in to VMS through SSO failed with a Server Error (500).
ORION-180216: Improved capacity estimation caching to eliminate a flow that could lead to occasional VMS restarts.
VAST Web UI
ORION-321995: Updated cluster protocol auditing settings (Settings -> Auditing) so that auditing can be enabled only after selecting one or more protocols and types of operations to be audited.
ORION-321149: Resolved an issue where after adding the NFSv4 and S3 protocols in the Auditing tab of a view policy (Element Store -> View Policies -> choose to create or edit a view policy), the NFSv4 value could disappear from the field shortly after saving the changes.
ORION-321202: Made updates to ensure that file paths with non-ASCII characters are displayed correctly when managing SMB open files in VAST Web UI.
ORION-298824: Updated the logic behind the Protocols field in Auditing settings of a view policy (Element Store -> View Policies -> choose to create or edit a view policy -> Auditing tab) to avoid displaying undefined in place of the NFSv4 protocol name for view policies that had been configured to audit NFSv4 prior to the cluster's upgrade to version 5.3.
ORION-294287: Updated the tooltips for the various certificate upload panes in cluster settings to provide clear guidance on the types of items that can be uploaded using each pane.
ORION-285272: Resolved an issue where after configuring BGP for the cluster, the configuration was not shown in the BGP Configuration column in the Network Access -> DNS page of VAST Web UI.
VAST CLI
ORION-264038: Made updates to the
vms set_certificatecommand so that it accepts the same types of certificates as VAST Web UI.
VAST REST API
ORION-307030: Improved response returned when trying to delete a folder using the
/api/folders/delete_folder/API and the specified path does not exist, to clearly indicate the reason for the error.
Call Home and Support
ORION-286152: Improved handling of callhome tasks to eliminate a flow that could result in inability to send some of callhome bundles as appropriate.
ORION-273215: Improved parsing of non-alphanumeric strings in callhome bundle parameters to resolve an issue that could prevent the cluster from sending callhome bundles.
ORION-272527: Made updates to avoid a flow that could prevent the cluster from sending callhome bundles.
Platform and Control
ORION-317259: Updated write buffer migration routines to eliminate a flow that could cause multiple CNode containers to restart with a
((from) <= (std::numeric_limits<To>::max())) (65651 <= 65535)error.ORION-305831: Resolved an issue that caused a CNode container to restart with the
Fiber=<...> group=W_NATIVE_REPLICATION had a suspension timeouterror.ORION-294182: Made updates to ensure that SuperMicro CNode BMC time is getting synchronized with the node's system clock.
ORION-288491: Resolved an issue where the cluster encountered latency spikes, typically after a write burst.
ORION-287744: Resolved an issue where the cluster's leading node container restarted with an
assertion failed: ((__left) != (__right)) (0 != nullptr)error.ORION-287596: Resolved an issue where the leading node restarted multiple CNodes due to an RPC timeout.
ORION-287248: Resolved an issue where a CNode container was restarted due to a
Not enough space in bt buffererror.ORION-287318: Improved the mechanism of alerting on reception of an unsupported S3 header to eliminate a flow that could result in a subsequent CNode container restart.
ORION-285267: Enhanced handling of BMC and IPMI usernames and passwords to properly manage scenarios where some of the cluster nodes have default credentials that are different from those on other nodes.
ORION-279505: Resolved an RDMA-related issue that could cause the cluster's leading node to go down with an
Address not mapped to objecterror, followed by automatic cluster recovery.ORION-279195: Resolved an issue where a CNode container restarted with an
Address not mapped to objecterror following some RDMA-related issues.ORION-277364: Resolved an issue where a REPLICATION_STREAM denylist alert was raised following a
UDBTranslate::convert_vid_to_user_identity failed to translate viderror on the CNode.ORION-273639: Resolved an issue where a CNode container restarted due to a
W_MIGRATE had a suspension timeout!error.ORION-241079: Made updates to prevent
"port_rcv_switch_relay_errors" increased during the runalerts from appearing in the VMS log.ORION-240717: Resolved an issue where a
Failed to decompress LZ4 block: incorrect block headererror occurred while trying to restore Veeam backups stored on the VAST cluster.
Call Home and Support
ORION-270214: Made updates to avoid failing callhome bundle collection on a node where an
Exception during node harvest: time data '<timestamp>' does not match format '%H:%M %Y%m%doccurred when the VMS attempted to read the node's atop logs.ORION-241285: Resolved an issue where an automatic support bundle could not be uploaded for one of the CNodes.
Limitations in 5.3.5
Install & Upgrade
ORION-280966: Having imported a JSON configuration file in VAST Cluster Install, you need to manually verify that all the populated fields have expected values. Sometimes, depending on the cluster configuration and environment, some of the fields are not populated as expected during the import.
ORION-242658: BMC firmware upgrades are not supported for Supermicro Genoa CNodes.
ORION-242331: VAST Web UI lets you set the BMC Firmware and Force options for an upgrade at the same time, although forced BMC upgrades are not allowed. If the Force flag is set, BMC upgrade is not performed.
ORION-222648: NDU that includes automatic adjustment of CNode CPU isolation settings (
isolcpus) is not supported for EBoxes.ORION-214559: A BMC upgrade cannot be performed with an inactive CNode that has been powered off.
Networking
(RESOLVED IN 5.4.0) ORION-244837: The cluster networking configuration script (
configure_network.py) does not support configuring CNode Port Affinity for Dell EBoxes.The following limitations apply when implementing L3 networking:
After enabling L3 access for a virtual IP pool, it cannot be disabled.
L3 access is not supported on virtual IP pools for which CNode Port Affinity is configured.
ORION-333743: L3 access is not supported on virtual IP pools that include more than one range of virtual IPs.
L3 networking is not supported on IB clusters.
L3 networking is not available for VAST on Cloud.
MD5 authentication is not supported.
(RESOLVED IN 5.4.0) Numbered BGP is not supported.
(RESOLVED IN 5.4.0) Learning of the default route advertised by the peer ASN is not supported.
(RESOLVED IN 5.4.0) A VAST cluster can be peered to one ASN only.
Reverting an L3-configured cluster to L2 through VMS is not supported. If you need to revert, contact VAST Support.
Encryption of Data at Rest
ORION-208004: Enabling VAST OS boot drive encryption requires that the node is inactive. Enabling the encryption on an active node may cause a long reboot sequence.
Quotas
(RESOLVED IN 5.3.5-SP4) ORION-294612: Webhook and email notifications for exceeding a quota (SOFT_EXCEEDED) are sent for the first occurrence of the alarm only (e.g. the quota exceeded by one user), but not for each subsequent occurrence (the quota exceeded by more users).
Quotas are not enforced on replication destination directories under a protected path. For example, if the protected path is
/ppath, a quota on/ppath/yourdiris not enforced.
Lifecycle Rules
ORION-287739: Tag-based lifecycle rules cannot be used to abort incomplete multipart uploads even when the uploads have a matching tag on them.
Quality of Service (QoS)
The prioritization flag is supported for view QoS policies. It cannot be set for user QoS policies.
S3 (including Kafka and VAST Database) and block storage I/Os are not calculated as part of the cluster-wide maximum write bandwidth limit.
Some high-priority optimizations are applied to NFSv3 only.
When the cluster-wide maximum write bandwidth is set, the actual performance may be ±15% of the expected performance.
Use of QoS with RDMA is not supported.
NFS
ORION-115336: If one creates an NFSv4.1-only view and mounts it, and then creates its parent view with NFSv3 only, IO operations on the NFSv4.1-only view succeed but mounts are not allowed.
NFSv3
In rare cases with large numbers of files and directories, the existence of a view with Global Synchronization enabled under a protected path can block the removal of the protected path.
SMB
ORION-169707: When the Hyper-V management tool tries to list VAST Hyper-V SMB shares on an SMB server, the
The RPC server is not availableerror can occur if the SMB server is specified using its FQDN. To avoid this error, specify the IP address of the SMB server instead of the FQDN.ORION-160323: After updating permissions for an SMB share in Windows Explorer, a duplicate SMB share can be displayed. The duplicate SMB share disappears upon a refresh (F5).
ORION-134730: An attempt to restore a file can fail if after the restore has started, a quota is set on the path where the file resides.
S3
An object to be uploaded via a S3 presigned POST request must have only ASCII characters in its name.
A POST policy (used for S3 presigned POST requests) can be up to 4800 bytes.
S3 with proxy clients is not supported.
ORION-197281: VAST Cluster disables bucket logging set on a bucket from which data is synchronously replicated to another bucket once you set up bucket logging on the replication destination bucket and configure it to use a different logging destination bucket.
ORION-190674: Once created, an S3 bucket cannot be renamed or moved to a different path. Thus, for example, if you try to change the bucket’s path when modifying a view in VAST Web UI, the change does not take effect and the view will still be listed with the old path.
The following limitations apply when using S3 Indestructible Object Mode:
An S3 Bucket view with Indestructible Object Mode cannot have other protocols enabled.
Indestructible Object Mode cannot be set for a view that points to / (root directory).
It is not allowed to have views under the view in Indestructible Object Mode, or at the same path as the Indestructible Object Mode view.
Indestructible Object Mode cannot be used together with S3 Object Locking or S3 Object Versioning.
Indestructible Object Mode cannot be set for a view that exposes the protocol audit log directory.
Views in Indestructible Object Mode are not subject to replication or Global Access.
Block
For Rocky Linux-based clients, VAST recommends that the client uses Rocky Linux 9.4 or later.
If a host defined on the VAST cluster does not have any volumes mapped to it, NVMe auto-discovery does not show this subsystem.
A view that is used to expose block storage cannot have other storage protocols enabled.
You cannot enable or disable block storage support on an existing view. Block storage support can only be enabled for a view during view creation and cannot be disabled afterwards.
Block devices can be created on empty directories only.
Nesting of a block view inside an existing block view is not allowed.
The host NQN cannot be modified. To change the NQN, you need to remove the host and then add and map it anew.
When using the VAST Web UI or CLI options to bulk create volumes or hosts, the number of items to be created cannot exceed 256. When mapping hosts to volumes, up to 256 items can be mapped at a time.
The following VAST capabilities are not available with block views:
Access control features (such as ABE, ABAC, WORM)
VAST Audit Log
Replication to a remote peer
Global Access
Remote global snapshot clones
Snapshots on local protected paths are allowed but replication on non-local protected paths is not supported.
An attempt to remove a volume that has snapshots may cause errors for volume objects of snapshots of that volume, if they exist.
The maximum IO block size is limited to 1MB (4GB for unmap).
Protocol Auditing
ORION-216379: When VAST protocol auditing is enabled on a user-impersonated view, only UID of the original user is included in the log. The user's login name and SID are not included.
Attribute-Based Access Control (ABAC)
ABAC is supported on views controlled with SMB, S3 Native and Mixed Last Wins security flavors. ABAC is not supported with NFS flavor.
ABAC is not supported with NFSv3.
ABAC tags cannot be set on the cluster’s root directory (/).
Once assigned, you cannot edit or remove the ABAC tags of a view. Assigning new ABAC tags to an existing view or directory (storage path) is not allowed.
After a child view inherits ABAC tags from the parent view, you cannot update or remove the ABAC tags on the child view.
If you create a view for a directory that already exists, ABAC tags from the existing directory are assigned to the newly created view. In this case, there can be a delay between the view creation time and the time when the view's ABAC tags can be displayed.
If a user does not have any ABAC permissions, the user still can mount an NFSv4 export or map a SMB share to a local drive, but the user is not allowed to perform any operations on the files or directories.
ORION-163697: When an SMB user accesses a file for which the user has ABAC set to read-only, a lock is placed on the file although the user does not have read/write permissions for the file.
The following features and capabilities cannot be used together with ABAC-tagged views:
If a tenant has ABAC-tagged views, you cannot change or remove the Active Directory provider configured for the tenant.
When using NFSv4, it is not allowed to create hardlinks in views that have ABAC tags.
When using S3:
ABAC cannot be used with anonymous S3 access. You cannot set ABAC tags for views that have anonymous S3 access enabled.
It is not allowed to set ABAC tags on a view that is a target for S3 bucket logging.
Requests from S3 superusers are handled in the same way as for regular users. This means that an S3 superuser is not granted access if the ABAC access check denies access for this user.
A directory under which an ABAC-tagged view exists, cannot be moved to the Trash folder.
Bulk permission updates are not available for ABAC-tagged views.
Lifecycle rules cannot be set for files or directories with ABAC tags.
Event Publishing
The following limitations apply when using VAST Event Broker:
Producer API:
Messages are limited to 1MB.
In the event record, the key is limited to 126KB and the value is limited to 126KB.
Access to topics by UUID is not supported.
Idempotent producing is not supported.
Automatic creation of topics is not supported.
Consumer API:
No more than 256 consumer groups per view (broker)
The following is not supported:
Consumer group stickiness parameters (such as
group.instance.id)READ UNCOMMITTED isolation level
Cooperative rebalancing
Client rack awareness
Fetch sessions (only full fetch will be applied), delayed fetch parameters
Seek by time
Admin API:
Supported APIs include the APIs to create topics, delete topics, and to delete groups.
Only the following topic parameters are supported:
Number of partitions
Topic retention period
The following Kafka capabilities are not supported:
Over-the-wire compression of messages
NOTE: VAST compression of data is supported.(RESOLVED IN 5.4.0) Topic compaction
Automatic creation of topics
(RESOLVED IN 5.4.0) Authentication and authorization
(RESOLVED IN 5.4.0) SSL
Transactions
Only one virtual IP pool can be associated with a Kafka-enabled view, providing at least one virtual IP per CNode. Once the view has been created, the virtual IP pool cannot be replaced by another one (but it can be modified if needed).
A topic can have up to 1000 partitions. The number of partitions in a topic cannot be changed after the topic has been created.
Event queries based on the topic partition are not supported.
When listing consumer groups, the response is limited to 256 groups per Kafka-enabled view.
VAST replication of consumer groups is not supported.
Event publishing and consuming operations, as well as topic management operations are not subject to VAST Protocol Auditing or Quality of Service (QoS).
VAST Catalog
The maximum path length supported by VAST Catalog is 1024 characters.
(RESOLVED IN 5.4.0) When VAST Catalog is enabled, replication is limited to two peers (group replication is not supported with VAST Catalog).
(RESOLVED IN 5.4.0) VAST Catalog must be disabled before a protected path can be deleted.
ORION-197741: VAST Catalog cannot be enabled on a cluster that uses encryption keys managed through EKM, including per-tenant and per-path encryption keys.
VAST Database
View properties are not supported.
Queries to a view must include full table names.
Redefining a view is supported for Spark clients only.
User-defined column names and comments are lost if the schema of the query changes when redefining a view.
Nested data types are not supported.
Replication
ORION-208123: Local user accounts are not subject to replication.
The following limitation applies to VAST Database asynchronous replication:
(RESOLVED IN 5.4.0) ORION-179909: VAST Database asynchronous replication cannot be used together with Global Access or synchronous replication on the same path.
The following limitations apply to synchronous replication for S3:
Synchronous replication is supported for S3 buckets only.
It is not allowed to configure local snapshots, asynchronous replication or Global Access on the protected path for which synchronous replication is configured.
Up to 250 replication streams are supported.
S3 lifecycle rules are not replicated.
S3 keys are replicated asynchronously.
Synchronously replicated directories are not subject to bulk permission updates.
Global Access
NFSv3, SMB and S3 access protocols are supported. NFSv4 is not supported.
If a view is configured with both NFSv4 and SMB, it must be controlled with the NFS security flavor.
VAST Database is not supported.
Lease expiration time can only be set when creating a global access protected path. You cannot change lease expiration time when you modify a global access path.
VAST Catalog does not provide information on the cached data on the remote cluster.
ORION-194805: Applications that use SMB2 Byte Range Locks are not supported when the SMB client is connected via a remote Global Access protected path. Examples of such applications are Microsoft Office suite on macOS, Microsoft Hyper-V, AutoDesk 3ds Max and some Adobe Premiere plugins.
ORION-194613: If some files have additional hardlinks, the amount of bytes reported as prefetched can be higher than the actual amount prefetched.
The following limitations apply when using Global Access for S3 buckets:
Identity policies must be enabled at the cluster to which they get replicated.
The following VAST capabilities are not supported on destination buckets:
S3 event notifications
S3 Indestructible Object Mode
Lifecycle policies
Write Once Ready Many (WORM)
Bucket logging is only supported if both the source and destination buckets are in the same protected path.
Bucket replication between two clusters is only supported when the bucket is associated with the default S3 view policy.
S3 endpoints are not replicated.
VAST on Cloud
ORION-145141: Creating a tenant with EKM encryption is not supported on VoC clusters.
ORION-113036: After you reregister the same VoC cluster in Uplink, information about the previously registered instance of this cluster is no longer available in Uplink.
VAST DataSpace
VAST DataSpace requires that each cluster participating in the inter-connection is running VAST Cluster 5.0 or later.
ORION-135966: The inter-connecting clusters must have connectivity to each other through the clusters' management networks.
VAST clusters with IPv6 management IPs cannot be added to VAST DataSpace. Only IPv4 is supported.
ORION-132073: When you remove a VoC cluster from a Multi-Cluster Manager cloud service instance (using the removal button on the cluster's card (
)), the VoC cluster is terminated. There is no option to remove a VoC cluster from Multi-Cluster Manager without also terminating it. (In the VAST DataSpace page in the VAST Web UI, the button removes the VoC cluster from VAST DataSpace and does not terminate it.)
Authentication & Authorization
ORION-202335: If the cluster has Active Directory domain auto-discovery enabled, the discovered domains are kept in cache for quite a long time. If you modify an existing provider's configuration while auto-discovery is on, VMS may still report the old cached entries. To avoid this, rerun auto-discovery or remove and re-add the provider.
ORION-195524: Following a cluster recovery and while the Active Directory provider is still inaccessible, VAST Cluster can resume IO of provider users if they use NFSv3 or NFSv.4.1 with NTLM authentication. IO of provider users accessing through SMB or NFSv4.1 with Kerberos authentication is not resumed during this period.
ORION-187136: Identity policies are replicated as disabled to the destination peer, where if needed, they can be enabled manually.
ORION-187936: Joining/leaving an Active Directory domain may take longer compared to previous versions.
ORION-152475: An access denied error is returned for NFSv3 or NFSv4 requests if they are checked against an identity or bucket policy with an
s3:ExistingObjectTagcondition statement in it.ORION-143944: When using Kerberos/NTLM Authentication to authorize SMB users from non-trusting domains, the DOMAIN\username format cannot be used to specify users of remote domains. The username@domain format must be used instead.
ORION-134299: When the tenant is set to use Kerberos/NTLM authentication to authorize SMB users from non-trusting domains, both NFS and SMB must use the native SMB authentication (Kerberos), and not Unix-style UID/GIDs.
ORION-141763: Before enabling or disabling NTLM authentication, you need to leave the cluster's joined Active Directory domain. After NTLM authentication is enabled or disabled, rejoin the domain.
The following limitations apply to Multi-Forest Authentication:
VAST Cluster does not allow adding two different Active Directory configuration records with the same domain name but different settings for multi-forest authentication and/or auto-discovery.
Names of users' domains are not displayed in data flow analytics.
If a trusted domain becomes unavailable and then recovers, SMB clients can use it to connect to the VAST cluster only after a period of time, but not immediately upon domain recovery.
Clients cannot establish SMB sessions immediately after a trusted domain recovers from a domain failure.
If a group exists on an Active Directory domain in a trusted forest and the group scope is defined as DomainLocal, VAST Cluster does not retrieve such a group when querying Active Directory, so members of such a group are denied access despite any share-level ACLs that can rule otherwise.
If TLS is enabled, the SSL certificate has to be a CA-signed certificate that is valid for all of the domain controllers in all trusted forests. If the certificate is not valid for a domain controller, this domain controller is not recognized.
ORION-156168: In a multi-forest environment, after migrating a group account from the forest of the cluster’s joined domain to another forest, information about historical group membership is not kept, so users in the migrated group might not be able to access resources to which they used to have access prior to the migration.
VMS
ORION-212118: If a wrong VMS authentication token is passed, the cluster responds with 403 FORBIDDEN but not with 401 UNAUTHORIZED.
Tenant client metrics can only be collected for NFSv3 and NFSv4.
ORION-187584: An empty realm (which does not contain any objects) cannot be assigned to a role.
ORION-131386: When there is a parent directory that has a very large number of child directories, a total of children’s capacity values displayed in the Capacity page can exceed the capacity value shown for the parent directory.
Platform & Control
The DBox HA feature cannot be enabled on new installations of VAST Cluster 5.3.
ORION-201807: P5316 QLC SSDs running a firmware version of ACV10200 may cause performance degradation if used together with the Flash Write Buffers functionality. To avoid performance impact, upgrade the firmware to version ACV10203.
ORION-169078: VMS does not provide an indication of the link state of the external management port on a CERES DTray.
The following limitations apply to EBoxes:
ORION-193794: Power cycling of an EBox where the leader was running may result in significant IOPS degradation until the EBox is up again. Contact VAST Support for a workaround.
DBox migration is not available for EBoxes.
The following limitations apply to conversion to write buffer RAID:
Conversion from VAST releases prior to 3.4 is not supported.
This capability is not supported for clusters with TLC drives, and also for VAST on Cloud clusters.
The cluster must include the following minimum number of DBoxes:
DBox Type | DBox HA enabled | DBox HA disabled |
|---|---|---|
Ceres | 15 | 4 |
Mavericks | 22 | 4 |
Known Issues in 5.3.5
Install & Upgrade
ORION-145815: In some cases, the VAST cluster does not raise an alert on a wrong NIC firmware version during a cluster upgrade.
Cluster Expansion
ORION-220738: In some cases, VMS does not provide any alerts or other status indication when a drive gets disabled while the newly added DBox is being initialized.
ORION-175762: In some cases, a DBox expansion procedure run on a cluster with similarity-based data reduction enabled can take longer than expected.
ORION-173816: VAST Cluster does not block expansion from CERES 15TB to CERES 60TB, although such expansion is not supported.
Networking
ORION-228412: When running the cluster networking configuration script (
configure_network.py) with bothauto_ports_ext_iface=northbandandauto_ports_skip_nic=extoptions specified, no error is raised although this combination of options may result in incorrect network configuration.(RESOLVED IN 5.4.0) ORION-185008: Modifying a subnet in an existing virtual IP pool may result in the pool being not accessible by clients. To work around the issue, delete the existing pool and create a new one with the subnet you want.
ORION-155530: Sometimes after you run the cluster networking configuration script (
configure_network.py) and then rebooted the CNode, theeb1interface can still be down with theDevice ib1 has different MAC address than expected, ignoringerror. In this case, rerun the script after the reboot to bring the interface up.
Quality of Service (QoS)
(RESOLVED IN 5.4.0) ORION-243368: Prioritization of workloads based on the QoS policy prioritization flag is not supported if the policy also has burst and/or total limits defined.
ORION-236122: Intense read workloads may impact performance on views controlled with a QoS policy with the prioritization flag set.
(RESOLVED IN 5.4.0) ORION-231253: When the cluster-wide write bandwidth limit is set, the actual performance can be up to 10% off from the limit specified. For example, if the limit is set to 7.5GB, the actual performance would be about 6.6GB.
ORION-139913: When applying a QoS policy to NFSv3 access, both data and metadata are taken into account in QoS limit calculations, while with NFSv4.1, only data are considered.
ORION-137986: Enabling a QoS policy for a view on which a mixed (read and write) workload runs, can result in decreased performance for the workload.
Lifecycle Rules
ORION-287195: Lifecycle rules may delete objects in a bucket for which Indestructible Object Mode is enabled and retention period has not expired.
NFS
ORION-318379: When creating subdirectories through NFS, some of the subdirectories may sporadically fail to inherit the default ACL from the parent directory.
NFSv4
ORION-238708: In some cases, an NFSv4.1 client attempting to move files to the trash folder may get a Permission denied error due to an issue that may cause the trash folder to use a more restricting policy than expected.
SMB
ORION-323152: macOS clients may occasionally encounter an
RPC struct is bad error when moving, deleting or renaming files via SMB, although the operation completes successfully.ORION-142968: If a quota is exceeded during the process of coping a file to the VAST cluster, the copying process is stopped with a misleading error message:
A device attached to the system is not functioning.
S3
(RESOLVED IN 5.3.5-SP1) ORION-338771: Processing S3 presigned POST requests with specific contents may occasionally cause a CNode container restart. If you encounter this issue, contact VAST Support for a workaround.
ORION-324233: The VAST cluster can encounter a flow where CompleteMultipartUpload requests can get stuck, causing the CNodes to reject new S3 connections with an
IO is stuck - should close connection alert raised.(RESOLVED IN 5.4.0) ORION-188749: The view policy option that restricts S3 read/write access based on client IP addresses (in VAST Web UI: Element Store -> View Policies -> choose to create or edit a view policy -> Host-Based Access -> S3 pane -> Read/Write) does not work for bucket-level operations, such as creating or deleting a bucket.
ABAC
ORION-196170: When a parent and child NFSv4.1 view both have same ABAC tags on them, an attempt to mount the child view may result in a Permission denied error. If this occurs, try setting the ABAC tags for the machine account that the client uses to mount the view.
VAST Database
(RESOLVED IN 5.4.0) ORION-163038: When importing data into a VAST Database table and there is a type mismatch between the column and the data being imported, VAST Cluster produces an ambiguous error message
(Failed to get column) instead of pointing to the expected data type.
Replication
(RESOLVED IN 5.4.0) ORION-233749: VAST Cluster does not automatically delete access keys associated with a replication destination tenant which has been deleted.
ORION-140894: When attempting to delete a protected path from the destination peer after an ungraceful failover, a
Failed to delete following streamsor a similar error occurs. The workaround is to manually change the destination peer's role to STANDALONE and retry the deletion.
Global Access
ORION-145307: Bulk permission updates are not supported for files and directories on satellite clusters.
VAST on Cloud
(RESOLVED IN 5.4.0) ORION-230479: A false
Periodic readiness check failed for OS upgradealarm may be raised on a VoC on GCP cluster. This alarm can be ignored; it occurs due to OS upgrade validation which is not relevant for VoC clusters.
Authentication & Authorization
ORION-25479: Latin characters are not supported with LDAP. If you attempt to pass, for example, a username encoded with a Latin character set, the
LDAP sanity check res: Invalid credentialserror is returned.
VMS
ORION-332874: Cluster's attempts to send email notifications through SMTP may fail with a
certificate verify failed: self-signed certificate (_ssl.c:1006)error. If you encounter this issue, contact VAST Support for a workaround.ORION-329549: In some cases after a cluster upgrade or expansion, the Analytics -> Data Flow and Analytics -> Top Actors pages of VAST Web UI may show the
No data to displayerror instead of actual workload data. If you encounter this issue, contact VAST Support for a workaround.ORION-292325: When creating a customized analytics report for block volumes or hosts, some metrics intended to reflect a maximum latency are set to a fixed value when there are no block volumes on the cluster.
ORION-282603: User-made changes to the
csi role (one of default administrative roles on the cluster) are not preserved during an upgrade.(RESOLVED IN 5.4.1) ORION-225432: Some metrics listed under Analytics -> Predefined Analytics in VAST Web UI may be unavailable for EBoxes.
ORION-175334: When creating a managed application (Data Engine -> Applications -> choose to create an application), VMS does not block attempts to set port membership for CNodes on a cluster that does not support CNode Port Affinity.
ORION-143717: On a cluster with CNode Port Affinity configured, there is no way to expose the VAST DNS IP on a specific port (left or right).
ORION-131386: When there is a parent directory that has a very large number of child directories, a total of children’s capacity values displayed in the Capacity page can exceed the capacity value shown for the parent directory.
ORION-89570: In some cases, capacity analytics for subdirectories cannot be reported due to an internal timeout. This issue occurs when there is an extremely large number of subdirectories to be estimated.
VAST Web UI
ORION-317973: Usernames of users from child domains are not handled as such by VAST Web UI. The impact may vary. For example, querying a child domain user from VAST Web UI may return details for same-named users in the parent domain. Also, it may be impossible to create S3 keys for the correct child domain user. To work around this issue, use VAST CLI or VAST REST API.
ORION-246284: When entering a value in the Capacity field in the Quota Rules tab in quota settings (Element Store -> Quotas -> choose to create or edit a quota), the UI can unexpectedly alter the value when the user is backspacing or trying to add a decimal point.
ORION-260502: The Capacity Estimation page (Analytics -> Capacity), which is designed to display capacity for directories or, in case of a VAST Database, for its schema, sometimes also includes VAST Database tables in capacity estimations.
ORION-246972: The Add Volumes manually option in the Map Volumes dialog (Data Protection -> Snapshots -> right-click a snapshot and choose Map Snapshot Volumes) does not start the volume mapping process.
ORION-239505: The VAST Web UI toggles for selecting operations to be logged in the syslog (Settings -> Notifications -> Syslog Setup) do not enforce logging of the selected operation types as expected. If you encounter this issue, contact VAST Support for a workaround.
ORION-234835: Some VAST Web UI pages might not allow for proper filtering or sorting by column where value presentation differs from that in the VAST internal database.
(RESOLVED IN 5.4.0) ORION-207301: When you open an existing lifecycle rule for viewing or editing (Element Store -> Lifecycle Rules -> choose to view or edit a rule), the field for setting the unit of measure for the Minimum object size and Maximum object size filters may show KB although the values supplied and used are in bytes.
(RESOLVED IN 5.4.0) ORION-203737: The value filter in the Box column in the Infrastructure -> CNodes and DNodes pages does not work as expected.
ORION-203189: The External Netmask field in cluster networking settings (Settings -> Configure Network) does not accept alphabetic characters.
ORION-175189: When querying a local user using the Aggregated context, the Leading GID and Primary group SID fields in the User Details dialog have a value of -1 instead of an empty string.
VAST CLI
ORION-322120: When displaying path names in VAST CLI, the names written in right-to-left languages may appear spelled from left to right.
ORION-282853: In some cases, changing the view path by using the
view modify --path <new path>command does not work as expected. The command may seem to succeed initially but automatically revert back to the original path within minutes.ORION-269350: An illegal argument error occurs when trying to run the
protectedpath listcommand with the--protection-policy-nameoption specified.ORION-156628: An attempt to run the
viewpolicy show --auditcommand results in a‘ViewPolicyProtocolsAudit' object has no attribute 'get'error.
VAST REST API
ORION-178569: The
/users/namesendpoint always returns only the first 50 entries, regardless of the page size parameter or the total amount of entries to be returned.
Platform & Control
ORION-255054: Once a DNode replacement operation is complete, the old node may still be listed in the Infrastructure -> DNodes page of VAST Web UI for some minutes.
(RESOLVED IN 5.4.0) ORION-232944: When clicking the Power off option in the CNode page of VAST Web UI (Infrastructure -> CNodes -> right-click a node), the node gets deactivated but not powered off. To power it off, click Power off one more time.
(RESOLVED IN 5.4.0) ORION-173461: Slot numbers displayed in the Slot column of the Infrastructure -> SCMs page in VAST Web UI are not aligned with slot numbers displayed in the Hardware Layout page.
Call Home & Support
ORION-269349: When obfuscating a support bundle, the obfuscation is not applied to files that have already been zipped.
ORION-239170: When obfuscating a support bundle, the CNode hostname may not get obfuscated in some of the logs included in the bundle.
(RESOLVED IN 5.4.0) ORION-238168: If you try to delete a support bundle that is still in the process of being created, the creation process does not stop and the bundle does not get deleted immediately.