VAST Cluster 5.3.5-SP4 Release Notes

  • Updated on Mar 25, 2026
  • Published on Mar 19, 2026
  • 28 minute(s) read
Prev Next

VAST Cluster 5.3.5-SP4 is released to General Availability as of March 2026.

To access this release, contact the VAST Customer Success team via a support ticket, Slack, or by sending an email to support@vastdata.com.

Upgrade to VAST Cluster 5.3.5-SP4 is supported from the following releases:

  • 5.3.5 - 5.3.5-SP3

  • 5.3.4 - 5.3.4-SP5

  • 5.3.3 - 5.3.3-SP7

  • 5.3.2 - 5.3.2-SP7

  • 5.3.1 - 5.3.1-SP3

  • 5.3.0 - 5.3.0-SP8

  • 5.2.2 - 5.2.2-SP12

  • 5.2.1 - 5.2.1-SP6

  • 5.2.0 - 5.2.0-SP22

Note that direct upgrade may not be supported from hotfix builds. Consult VAST Support regarding upgrade if your cluster is running a hotfix build.

Enhancements in 5.3.5-SP4

  • ORION-288456: Added an ability to monitor CNode CPU utilization using new metrics that can be accessed through VAST analytic reports and through VAST Prometheus Exporter. For details, see Measure and Monitor CPU Utilization.

Resolved Issues in 5.3.5-SP4

Install and Upgrade

  • ORION-208634: Made updates to enforce use of default batch sizes (percentages of CNodes or DNodes to upgrade in parallel in one batch) if no batch size is specified for an upgrade. Prior to this change, a batch size from the previous upgrade was used in this case.

Networking

  • ORION-297180: Updated IB link monitoring to resolve an issue where after an NDU, the cluster did not raise alerts on multiple spine links that were down since before the upgrade.

  • ORION-241079: Made updates to prevent “port_rcv_switch_relay_errors" increased during the run alerts from appearing in the VMS log.

  • ORION-206535: Made updates so that an attempt to manually enable the OpenSM service does not fail in case some of the cluster nodes are inaccessible.

Element Store

  • ORION-318274: Resolved an issue that could cause view deletion operations to take longer than expected.

Quotas

  • ORION-294612: Added a new event definition, SOFT_EXCEEDED_LIST_CHANGED, to enable the cluster to send webhook or email notifications for exceeding a quota not only for the first occurrence of the alarm (e.g. the quota exceeded by one user), but also for each subsequent occurrence (the quota exceeded by more users). Prior to this change, webhook and email notifications were sent for the first exceeding user only, while other exceeding users triggered a VMS alert without sending notifications.

SMB

  • ORION-323152: Resolved an issue that could cause an intermittent RPC struct is bad error when moving, deleting or renaming files via SMB from macOS clients.

S3

  • ORION-318035: Resolved an issue where an attempt to abort a multipart upload could occasionally return NoSuchUpload while the upload continued to appear in response to subsequent ListMultipartUploads requests.

VMS

  • ORION-293496: Made updates to prevent a flow that could cause a discrepancy in auxiliary space reporting.

  • ORION-272971: Added an alert to be raised when the VMS restarts unexpectedly.

  • ORION-248680: Updated scheduler metrics to include metrics reporting CPU window runtime (as a percentage or in microseconds) for normal silos and for ingest-only silos.

  • ORION-243387: Made updates to avoid raising persistent threshold-based alarms if the corresponding event definition is disabled.

  • ORION-235514: Resolved an issue that could in some cases cause discrepancies in the numbers VMS reports for bandwidth consumption in Data Flow diagrams and in the cluster dashboard.

  • ORION-214870: The available stripe percentage metrics can now be exported with VAST Prometheus Exporter.

VAST Web UI

  • ORION-209993: Updated the CNode Replication Bandwidth Limit field (Settings -> Cluster -> General) so that it always displays the value in effect.

VAST REST API

  • ORION-193392: Resolved an issue due to which the /api and /docs endpoints could be intermittently unreachable.

Platform and Control

  • ORION-333473: Updated deduplication-related routines to eliminate a flow that could cause continuously high latency on the CNodes due to the bloom filter returned false for hash while it exists in tables error.

  • ORION-322917: Resolved an issue that could result in reporting unexpected serial numbers for CascadeLake CNodes after some maintenance operations such as removing a CNode and then adding another CNode.

  • ORION-220665: Updated the logic used for forced CNode removal so that the removal does not fail due to the No route to host SSH error.

Limitations in 5.3.5-SP4

Install & Upgrade

  • ORION-280966: Having imported a JSON configuration file in VAST Cluster Install, you need to manually verify that all the populated fields have expected values. Sometimes, depending on the cluster configuration and environment, some of the fields are not populated as expected during the import.

  • ORION-242658: BMC firmware upgrades are not supported for Supermicro Genoa CNodes.

  • ORION-242331: VAST Web UI lets you set the BMC Firmware and Force options for an upgrade at the same time, although forced BMC upgrades are not allowed. If the Force flag is set, BMC upgrade is not performed.

  • ORION-222648: NDU that includes automatic adjustment of CNode CPU isolation settings (isolcpus) is not supported for EBoxes.

  • ORION-214559: A BMC upgrade cannot be performed with an inactive CNode that has been powered off.

Networking

  • (RESOLVED IN 5.4.0) ORION-244837: The cluster networking configuration script (configure_network.py) does not support configuring CNode Port Affinity for Dell EBoxes.

  • The following limitations apply when implementing L3 networking:

    • After enabling L3 access for a virtual IP pool, it cannot be disabled.

    • L3 access is not supported on virtual IP pools for which CNode Port Affinity is configured.

    • ORION-333743: L3 access is not supported on virtual IP pools that include more than one range of virtual IPs.

    • L3 networking is not supported on IB clusters.

    • L3 networking is not available for VAST on Cloud.

    • MD5 authentication is not supported.

    • (RESOLVED IN 5.4.0) Numbered BGP is not supported.

    • (RESOLVED IN 5.4.0) Learning of the default route advertised by the peer ASN is not supported.

    • (RESOLVED IN 5.4.0) A VAST cluster can be peered to one ASN only.

    • Reverting an L3-configured cluster to L2 through VMS is not supported. If you need to revert, contact VAST Support.

Encryption of Data at Rest

  • ORION-208004: Enabling VAST OS boot drive encryption requires that the node is inactive. Enabling the encryption on an active node may cause a long reboot sequence.

Quotas

  • The following rules and limitations apply when using quota groups:

    • A quota group can contain up to 1K quotas.

    • A quota can be added to up to 4 quota groups.

    • Nesting of quota groups is not allowed.

    • ORION-316351: Changes in quota group membership can only be done by overwriting the entire list of member quotas. It's not possible to append an existing quota group, or to remove a quota from a quota group.

    • ORION-314856: Grouping of user quotas is not supported.

  • Quotas are not enforced on replication destination directories under a protected path. For example, if the protected path is /ppath, a quota on /ppath/yourdir is not enforced.

Lifecycle Rules

  • ORION-287739: Tag-based lifecycle rules cannot be used to abort incomplete multipart uploads even when the uploads have a matching tag on them.

Quality of Service (QoS)

  • The prioritization flag is supported for view QoS policies. It cannot be set for user QoS policies.

  • S3 (including Kafka and VAST Database) and block storage I/Os are not calculated as part of the cluster-wide maximum write bandwidth limit.

  • Some high-priority optimizations are applied to NFSv3 only.

  • When the cluster-wide maximum write bandwidth is set, the actual performance may be ±15% of the expected performance.

  • Use of QoS with RDMA is not supported.

NFS

  • ORION-115336: If one creates an NFSv4.1-only view and mounts it, and then creates its parent view with NFSv3 only, IO operations on the NFSv4.1-only view succeed but mounts are not allowed.

NFSv3

  • In rare cases with large numbers of files and directories, the existence of a view with Global Synchronization enabled under a protected path can block the removal of the protected path.

SMB

  • The following limitations apply when handling SMB open files:

    • In VAST Global Namespace, operations on open file handles are only supported for the current cluster.

    • ORION-289428: SMB open file queries do not show open SMB hardlink destination files.

    • ORION-288057: When listing files on a path where there is an open ADS stream (path\file:stream), the stream is shown as if the file is a folder (\path\file\stream).

  • ORION-169707: When the Hyper-V management tool tries to list VAST Hyper-V SMB shares on an SMB server, the The RPC server is not available error can occur if the SMB server is specified using its FQDN. To avoid this error, specify the IP address of the SMB server instead of the FQDN.

  • ORION-160323: After updating permissions for an SMB share in Windows Explorer, a duplicate SMB share can be displayed. The duplicate SMB share disappears upon a refresh (F5).

  • ORION-134730: An attempt to restore a file can fail if after the restore has started, a quota is set on the path where the file resides.

S3

  • An object to be uploaded via a S3 presigned POST request must have only ASCII characters in its name.

  • A POST policy (used for S3 presigned POST requests) can be up to 4800 bytes.

  • S3 with proxy clients is not supported.

  • ORION-197281: VAST Cluster disables bucket logging set on a bucket from which data is synchronously replicated to another bucket once you set up bucket logging on the replication destination bucket and configure it to use a different logging destination bucket.

  • ORION-190674: Once created, an S3 bucket cannot be renamed or moved to a different path. Thus, for example, if you try to change the bucket’s path when modifying a view in VAST Web UI, the change does not take effect and the view will still be listed with the old path.

  • The following limitations apply when using S3 Indestructible Object Mode:

    • An S3 Bucket view with Indestructible Object Mode cannot have other protocols enabled.

    • Indestructible Object Mode cannot be set for a view that points to / (root directory).

    • It is not allowed to have views under the view in Indestructible Object Mode, or at the same path as the Indestructible Object Mode view.

    • Indestructible Object Mode cannot be used together with S3 Object Locking or S3 Object Versioning.

    • Indestructible Object Mode cannot be set for a view that exposes the protocol audit log directory.

    • Views in Indestructible Object Mode are not subject to replication or Global Access.

Block

  • For Rocky Linux-based clients, VAST recommends that the client uses Rocky Linux 9.4 or later.

  • If a host defined on the VAST cluster does not have any volumes mapped to it, NVMe auto-discovery does not show this subsystem.

  • A view that is used to expose block storage cannot have other storage protocols enabled.

  • You cannot enable or disable block storage support on an existing view. Block storage support can only be enabled for a view during view creation and cannot be disabled afterwards.

  • Block devices can be created on empty directories only.

  • Nesting of a block view inside an existing block view is not allowed.

  • The host NQN cannot be modified. To change the NQN, you need to remove the host and then add and map it anew.

  • When using the VAST Web UI or CLI options to bulk create volumes or hosts, the number of items to be created cannot exceed 256. When mapping hosts to volumes, up to 256 items can be mapped at a time.

  • The following VAST capabilities are not available with block views:

    • Access control features (such as ABE, ABAC, WORM)

    • VAST Audit Log

    • Replication to a remote peer

    • Global Access

    • Remote global snapshot clones

  • Snapshots on local protected paths are allowed but replication on non-local protected paths is not supported.

  • An attempt to remove a volume that has snapshots may cause errors for volume objects of snapshots of that volume, if they exist.

  • The maximum IO block size is limited to 1MB (4GB for unmap).

Protocol Auditing

  • ORION-216379: When VAST protocol auditing is enabled on a user-impersonated view, only UID of the original user is included in the log. The user's login name and SID are not included.

Attribute-Based Access Control (ABAC)

  • ABAC is supported on views controlled with SMB, S3 Native and Mixed Last Wins security flavors. ABAC is not supported with NFS flavor.

  • ABAC is not supported with NFSv3.

  • ABAC tags cannot be set on the cluster’s root directory (/).

  • Once assigned, you cannot edit or remove the ABAC tags of a view. Assigning new ABAC tags to an existing view or directory (storage path) is not allowed.

  • After a child view inherits ABAC tags from the parent view, you cannot update or remove the ABAC tags on the child view.

  • If you create a view for a directory that already exists, ABAC tags from the existing directory are assigned to the newly created view. In this case, there can be a delay between the view creation time and the time when the view's ABAC tags can be displayed.

  • If a user does not have any ABAC permissions, the user still can mount an NFSv4 export or map a SMB share to a local drive, but the user is not allowed to perform any operations on the files or directories.

  • ORION-163697: When an SMB user accesses a file for which the user has ABAC set to read-only, a lock is placed on the file although the user does not have read/write permissions for the file.

The following features and capabilities cannot be used together with ABAC-tagged views:

  • If a tenant has ABAC-tagged views, you cannot change or remove the Active Directory provider configured for the tenant.

  • When using NFSv4, it is not allowed to create hardlinks in views that have ABAC tags.

  • When using S3:

    • ABAC cannot be used with anonymous S3 access. You cannot set ABAC tags for views that have anonymous S3 access enabled.

    • It is not allowed to set ABAC tags on a view that is a target for S3 bucket logging.

    • Requests from S3 superusers are handled in the same way as for regular users. This means that an S3 superuser is not granted access if the ABAC access check denies access for this user.

  • A directory under which an ABAC-tagged view exists, cannot be moved to the Trash folder.

  • Bulk permission updates are not available for ABAC-tagged views.

  • Lifecycle rules cannot be set for files or directories with ABAC tags.

Event Publishing

  • The following limitations apply when using VAST Event Broker:

    • Producer API:

      • Messages are limited to 1MB.

      • In the event record, the key is limited to 126KB and the value is limited to 126KB.

      • Access to topics by UUID is not supported.

      • Idempotent producing is not supported.

      • Automatic creation of topics is not supported.

    • Consumer API:

      • No more than 256 consumer groups per view (broker)

      • The following is not supported:

        • Consumer group stickiness parameters (such as group.instance.id)

        • READ UNCOMMITTED isolation level

        • Cooperative rebalancing

        • Client rack awareness

        • Fetch sessions (only full fetch will be applied), delayed fetch parameters

        • Seek by time

    • Admin API:

      • Supported APIs include the APIs to create topics, delete topics, and to delete groups.

      • Only the following topic parameters are supported:

        • Number of partitions

        • Topic retention period

    • The following Kafka capabilities are not supported:

      • Over-the-wire compression of messages

      • Tip

      • VAST compression of data is supported.

      • (RESOLVED IN 5.4.0) Topic compaction

      • Automatic creation of topics

      • (RESOLVED IN 5.4.0) Authentication and authorization

      • (RESOLVED IN 5.4.0) SSL

      • Transactions

    • Only one virtual IP pool can be associated with a Kafka-enabled view, providing at least one virtual IP per CNode. Once the view has been created, the virtual IP pool cannot be replaced by another one (but it can be modified if needed).

    • A topic can have up to 1000 partitions. The number of partitions in a topic cannot be changed after the topic has been created.

    • Event queries based on the topic partition are not supported.

    • When listing consumer groups, the response is limited to 256 groups per Kafka-enabled view.

    • VAST replication of consumer groups is not supported.

    • Event publishing and consuming operations, as well as topic management operations are not subject to VAST Protocol Auditing or Quality of Service (QoS).

VAST Catalog

  • The maximum path length supported by VAST Catalog is 1024 characters.

  • (RESOLVED IN 5.4.0) When VAST Catalog is enabled, replication is limited to two peers (group replication is not supported with VAST Catalog). 

  • (RESOLVED IN 5.4.0) VAST Catalog must be disabled before a protected path can be deleted. 

  • ORION-197741: VAST Catalog cannot be enabled on a cluster that uses encryption keys managed through EKM, including per-tenant and per-path encryption keys.

VAST Database

  • View properties are not supported.

  • Queries to a view must include full table names.

  • Redefining a view is supported for Spark clients only.

  • User-defined column names and comments are lost if the schema of the query changes when redefining a view.

  • Nested data types are not supported.

Replication

  • ORION-208123: Local user accounts are not subject to replication.

  • The following limitation applies to VAST Database asynchronous replication:

    • (RESOLVED IN 5.4.0) ORION-179909: VAST Database asynchronous replication cannot be used together with Global Access or synchronous replication on the same path.

  • The following limitations apply to synchronous replication for S3:

    • Synchronous replication is supported for S3 buckets only.

    • It is not allowed to configure local snapshots, asynchronous replication or Global Access on the protected path for which synchronous replication is configured.

    • Up to 250 replication streams are supported.

    • S3 lifecycle rules are not replicated.

    • S3 keys are replicated asynchronously.

    • Synchronously replicated directories are not subject to bulk permission updates.

Global Access

  • NFSv3, SMB and S3 access protocols are supported. NFSv4 is not supported.

  • If a view is configured with both NFSv4 and SMB, it must be controlled with the NFS security flavor.

  • VAST Database is not supported.

  • Lease expiration time can only be set when creating a global access protected path. You cannot change lease expiration time when you modify a global access path.

  • VAST Catalog does not provide information on the cached data on the remote cluster.

  • ORION-194805: Applications that use SMB2 Byte Range Locks are not supported when the SMB client is connected via a remote Global Access protected path. Examples of such applications are Microsoft Office suite on macOS, Microsoft Hyper-V, AutoDesk 3ds Max and some Adobe Premiere plugins.

  • ORION-194613: If some files have additional hardlinks, the amount of bytes reported as prefetched can be higher than the actual amount prefetched.

  • The following limitations apply when using Global Access for S3 buckets:

    • Identity policies must be enabled at the cluster to which they get replicated.

    • The following VAST capabilities are not supported on destination buckets:

      • S3 event notifications

      • S3 Indestructible Object Mode

      • Lifecycle policies

      • Write Once Ready Many (WORM)

    • Bucket logging is only supported if both the source and destination buckets are in the same protected path.

    • Bucket replication between two clusters is only supported when the bucket is associated with the default S3 view policy.

    • S3 endpoints are not replicated.

VAST on Cloud

  • ORION-145141: Creating a tenant with EKM encryption is not supported on VoC clusters.

  • ORION-113036: After you reregister the same VoC cluster in Uplink, information about the previously registered instance of this cluster is no longer available in Uplink.

VAST DataSpace

  • VAST DataSpace requires that each cluster participating in the inter-connection is running VAST Cluster 5.0 or later.

  • ORION-135966: The inter-connecting clusters must have connectivity to each other through the clusters' management networks.

  • VAST clusters with IPv6 management IPs cannot be added to VAST DataSpace. Only IPv4 is supported.

  • ORION-132073: When you remove a VoC cluster from a Multi-Cluster Manager cloud service instance (using the removal button on the cluster's card ( )), the VoC cluster is terminated. There is no option to remove a VoC cluster from Multi-Cluster Manager without also terminating it. (In the VAST DataSpace page in the VAST Web UI, the button removes the VoC cluster from VAST DataSpace and does not terminate it.)

Authentication & Authorization

  • The following limitations apply when specifying Active Directory DCs and GCs for LDAP queries (the allow-list):

    • When enabled, the allow-list must include DCs or GCs from all supported domains. Querying a user from a domain not included in the list, is expected to fail. For example, if you want to allow queries from both the root domain and its child domain, both root and child must be listed.

    • The list must include at least one Global Catalog.

    • The list can contain up to 10 entries.

    • The Active Directory provider must have multi-forest authentication disabled.

  • ORION-202335: If the cluster has Active Directory domain auto-discovery enabled, the discovered domains are kept in cache for quite a long time. If you modify an existing provider's configuration while auto-discovery is on, VMS may still report the old cached entries. To avoid this, rerun auto-discovery or remove and re-add the provider.

  • ORION-195524: Following a cluster recovery and while the Active Directory provider is still inaccessible, VAST Cluster can resume IO of provider users if they use NFSv3 or NFSv.4.1 with NTLM authentication. IO of provider users accessing through SMB or NFSv4.1 with Kerberos authentication is not resumed during this period.

  • ORION-187136: Identity policies are replicated as disabled to the destination peer, where if needed, they can be enabled manually.

  • ORION-187936: Joining/leaving an Active Directory domain may take longer compared to previous versions.

  • ORION-152475: An access denied error is returned for NFSv3 or NFSv4 requests if they are checked against an identity or bucket policy with an s3:ExistingObjectTag condition statement in it.

  • ORION-143944: When using Kerberos/NTLM Authentication to authorize SMB users from non-trusting domains, the DOMAIN\username format cannot be used to specify users of remote domains. The username@domain format must be used instead.

  • ORION-134299: When the tenant is set to use Kerberos/NTLM authentication to authorize SMB users from non-trusting domains, both NFS and SMB must use the native SMB authentication (Kerberos), and not Unix-style UID/GIDs.

  • ORION-141763: Before enabling or disabling NTLM authentication, you need to leave the cluster's joined Active Directory domain. After NTLM authentication is enabled or disabled, rejoin the domain.

  • The following limitations apply to Multi-Forest Authentication:

    • VAST Cluster does not allow adding two different Active Directory configuration records with the same domain name but different settings for multi-forest authentication and/or auto-discovery.

    • Names of users' domains are not displayed in data flow analytics.

    • If a trusted domain becomes unavailable and then recovers, SMB clients can use it to connect to the VAST cluster only after a period of time, but not immediately upon domain recovery.

    • Clients cannot establish SMB sessions immediately after a trusted domain recovers from a domain failure.

    • If a group exists on an Active Directory domain in a trusted forest and the group scope is defined as DomainLocal, VAST Cluster does not retrieve such a group when querying Active Directory, so members of such a group are denied access despite any share-level ACLs that can rule otherwise.

    • If TLS is enabled, the SSL certificate has to be a CA-signed certificate that is valid for all of the domain controllers in all trusted forests. If the certificate is not valid for a domain controller, this domain controller is not recognized.

    • ORION-156168: In a multi-forest environment, after migrating a group account from the forest of the cluster’s joined domain to another forest, information about historical group membership is not kept, so users in the migrated group might not be able to access resources to which they used to have access prior to the migration.

VMS

  • ORION-212118: If a wrong VMS authentication token is passed, the cluster responds with 403 FORBIDDEN but not with 401 UNAUTHORIZED.

  • Tenant client metrics can only be collected for NFSv3 and NFSv4.

  • ORION-187584: An empty realm (which does not contain any objects) cannot be assigned to a role.

  • ORION-131386: When there is a parent directory that has a very large number of child directories, a total of children’s capacity values displayed in the Capacity page can exceed the capacity value shown for the parent directory.

Platform & Control

  • The DBox HA feature cannot be enabled on new installations of VAST Cluster 5.3.

  • ORION-201807: P5316 QLC SSDs running a firmware version of ACV10200 may cause performance degradation if used together with the Flash Write Buffers functionality. To avoid performance impact, upgrade the firmware to version ACV10203.

  • ORION-169078: VMS does not provide an indication of the link state of the external management port on a CERES DTray.

  • The following limitations apply to EBoxes:

    • ORION-193794: Power cycling of an EBox where the leader was running may result in significant IOPS degradation until the EBox is up again. Contact VAST Support for a workaround.

    • DBox migration is not available for EBoxes.

  • The following limitations apply to conversion to write buffer RAID:

    • Conversion from VAST releases prior to 3.4 is not supported.

    • This capability is not supported for clusters with TLC drives, and also for VAST on Cloud clusters.

    • The cluster must include the following minimum number of DBoxes:

DBox Type

DBox HA enabled

DBox HA disabled

Ceres

15

4

Mavericks

22

4

Known Issues in 5.3.5-SP4

Install & Upgrade

  • ORION-145815: In some cases, the VAST cluster does not raise an alert on a wrong NIC firmware version during a cluster upgrade.

Cluster Expansion

  • ORION-220738: In some cases, VMS does not provide any alerts or other status indication when a drive gets disabled while the newly added DBox is being initialized.

  • ORION-175762: In some cases, a DBox expansion procedure run on a cluster with similarity-based data reduction enabled can take longer than expected.

  • ORION-173816: The VAST cluster does not block expansion from CERES 15TB to CERES 60TB, although such expansion is not supported.

Networking

  • ORION-228412: When running the cluster networking configuration script (configure_network.py) with both auto_ports_ext_iface=northband and auto_ports_skip_nic=ext options specified, no error is raised although this combination of options may result in incorrect network configuration.

  • (RESOLVED IN 5.4.0) ORION-185008: Modifying a subnet in an existing virtual IP pool may result in the pool being not accessible by clients. To work around the issue, delete the existing pool and create a new one with the subnet you want.

  • ORION-155530: Sometimes after you run the cluster networking configuration script (configure_network.py) and then rebooted the CNode, the eb1 interface can still be down with the Device ib1 has different MAC address than expected, ignoring error. In this case, rerun the script after the reboot to bring the interface up.

Quotas

  • ORION-331929: When adding quotas to a quota group, VAST Web UI does not let you select a range of quotas by clicking the first and the last quota in the range. If your set of quotas is too large to click each quota in the list, use VAST CLI or VAST REST API as a workaround.

Quality of Service (QoS)

  • (RESOLVED IN 5.4.0) ORION-243368: Prioritization of workloads based on the QoS policy prioritization flag is not supported if the policy also has burst and/or total limits defined.

  • ORION-236122: Intense read workloads may impact performance on views controlled with a QoS policy with the prioritization flag set.

  • (RESOLVED IN 5.4.0) ORION-231253: When the cluster-wide write bandwidth limit is set, the actual performance can be up to 10% off from the limit specified. For example, if the limit is set to 7.5GB, the actual performance would be about 6.6GB.

  • ORION-139913: When applying a QoS policy to NFSv3 access, both data and metadata are taken into account in QoS limit calculations, while with NFSv4.1, only data are considered.

  • ORION-137986: Enabling a QoS policy for a view on which a mixed (read and write) workload runs, can result in decreased performance for the workload.

Lifecycle Rules

  • ORION-287195: Lifecycle rules may delete objects in a bucket for which Indestructible Object Mode is enabled and retention period has not expired.

NFS

  • ORION-318379: When creating subdirectories through NFS, some of the subdirectories may sporadically fail to inherit the default ACL from the parent directory.

NFSv4

  • ORION-238708: In some cases, an NFSv4.1 client attempting to move files to the trash folder may get a Permission denied error due to an issue that may cause the trash folder to use a more restricting policy than expected.

SMB

  • ORION-323152: macOS clients may occasionally encounter an RPC struct is bad error when moving, deleting or renaming files via SMB, although the operation completes successfully.

  • ORION-142968: If a quota is exceeded during the process of coping a file to the VAST cluster, the copying process is stopped with a misleading error message: A device attached to the system is not functioning.

S3

  • ORION-324233: The VAST cluster can encounter a flow where CompleteMultipartUpload requests can get stuck, causing the CNodes to reject new S3 connections with an IO is stuck - should close connection alert raised.

  • (RESOLVED IN 5.4.0) ORION-188749: The view policy option that restricts S3 read/write access based on client IP addresses (in VAST Web UI: Element Store -> View Policies -> choose to create or edit a view policy -> Host-Based Access -> S3 pane -> Read/Write) does not work for bucket-level operations, such as creating or deleting a bucket.

ABAC

  • ORION-196170: When a parent and child NFSv4.1 view both have same ABAC tags on them, an attempt to mount the child view may result in a Permission denied error. If this occurs, try setting the ABAC tags for the machine account that the client uses to mount the view.

VAST Database

  • (RESOLVED IN 5.4.0) ORION-163038: When importing data into a VAST Database table and there is a type mismatch between the column and the data being imported, VAST Cluster produces an ambiguous error message (Failed to get column) instead of pointing to the expected data type.

Replication

  • (RESOLVED IN 5.4.0) ORION-233749: VAST Cluster does not automatically delete access keys associated with a replication destination tenant which has been deleted.

  • ORION-140894: When attempting to delete a protected path from the destination peer after an ungraceful failover, a Failed to delete following streams or a similar error occurs. The workaround is to manually change the destination peer's role to STANDALONE and retry the deletion.

Global Access

  • ORION-145307: Bulk permission updates are not supported for files and directories on satellite clusters.

VAST on Cloud

  • (RESOLVED IN 5.4.0) ORION-230479: A false Periodic readiness check failed for OS upgrade alarm may be raised on a VoC on GCP cluster. This alarm can be ignored; it occurs due to OS upgrade validation which is not relevant for VoC clusters.

Authentication & Authorization

  • ORION-324090: When trying to configure a Active Directory allow-list that does not contain a GC, the VAST cluster responds with the LDAP sanity check result: Unknown error error instead of referring to the absence of the GC in the list.

  • ORION-25479: Latin characters are not supported with LDAP. If you attempt to pass, for example, a username encoded with a Latin character set, the LDAP sanity check res: Invalid credentials error is returned.

VMS

  • ORION-332874: Cluster's attempts to send email notifications through SMTP may fail with a certificate verify failed: self-signed certificate (_ssl.c:1006) error. If you encounter this issue, contact VAST Support for a workaround.

  • ORION-329549: In some cases after a cluster upgrade or expansion, the Analytics -> Data Flow and Analytics -> Top Actors pages of VAST Web UI may show the No data to display error instead of actual workload data. If you encounter this issue, contact VAST Support for a workaround.

  • ORION-292325: When creating a customized analytics report for block volumes or hosts, some metrics intended to reflect a maximum latency are set to a fixed value when there are no block volumes on the cluster.

  • ORION-282603: User-made changes to the csi role (one of default administrative roles on the cluster) are not preserved during an upgrade.

  • (RESOLVED IN 5.4.1) ORION-225432: Some metrics listed under Analytics -> Predefined Analytics in VAST Web UI may be unavailable for EBoxes.

  • ORION-175334: When creating a managed application (Data Engine -> Applications -> choose to create an application), VMS does not block attempts to set port membership for CNodes on a cluster that does not support CNode Port Affinity.

  • ORION-143717: On a cluster with CNode Port Affinity configured, there is no way to expose the VAST DNS IP on a specific port (left or right).

  • ORION-131386: When there is a parent directory that has a very large number of child directories, a total of children’s capacity values displayed in the Capacity page can exceed the capacity value shown for the parent directory.

  • ORION-89570: In some cases, capacity analytics for subdirectories cannot be reported due to an internal timeout. This issue occurs when there is an extremely large number of subdirectories to be estimated.

VAST Web UI

  • ORION-317973: Usernames of users from child domains are not handled as such by VAST Web UI. The impact may vary. For example, querying a child domain user from VAST Web UI may return details for same-named users in the parent domain. Also, it may be impossible to create S3 keys for the correct child domain user. To work around this issue, use VAST CLI or VAST REST API.

  • ORION-246284: When entering a value in the Capacity field in the Quota Rules tab in quota settings (Element Store -> Quotas -> choose to create or edit a quota), the UI can unexpectedly alter the value when the user is backspacing or trying to add a decimal point.

  • ORION-260502: The Capacity Estimation page (Analytics -> Capacity), which is designed to display capacity for directories or, in case of a VAST Database, for its schema, sometimes also includes VAST Database tables in capacity estimations.

  • ORION-246972: The Add Volumes manually option in the Map Volumes dialog (Data Protection -> Snapshots -> right-click a snapshot and choose Map Snapshot Volumes) does not start the volume mapping process.

  • ORION-239505: The VAST Web UI toggles for selecting operations to be logged in the syslog (Settings -> Notifications -> Syslog Setup) do not enforce logging of the selected operation types as expected. If you encounter this issue, contact VAST Support for a workaround.

  • ORION-234835: Some VAST Web UI pages might not allow for proper filtering or sorting by column where value presentation differs from that in the VAST internal database.

  • (RESOLVED IN 5.4.0) ORION-207301: When you open an existing lifecycle rule for viewing or editing (Element Store -> Lifecycle Rules -> choose to view or edit a rule), the field for setting the unit of measure for the Minimum object size and Maximum object size filters may show KB although the values supplied and used are in bytes.

  • (RESOLVED IN 5.4.0) ORION-203737: The value filter in the Box column in the Infrastructure -> CNodes and DNodes pages does not work as expected.

  • ORION-203189: The External Netmask field in cluster networking settings (Settings -> Configure Network) does not accept alphabetic characters.

  • ORION-175189: When querying a local user using the Aggregated context, the Leading GID and Primary group SID fields in the User Details dialog have a value of -1 instead of an empty string.

VAST CLI

  • ORION-322120: When displaying path names in VAST CLI, the names written in right-to-left languages may appear spelled from left to right.

  • ORION-282853: In some cases, changing the view path by using the view modify --path <new path> command does not work as expected. The command may seem to succeed initially but automatically revert back to the original path within minutes.

  • ORION-269350: An illegal argument error occurs when trying to run the protectedpath list command with the --protection-policy-name option specified.

  • ORION-156628: An attempt to run the viewpolicy show --audit command results in a 'ViewPolicyProtocolsAudit' object has no attribute 'get' error.

VAST REST API

  • ORION-178569: The /users/names endpoint always returns only the first 50 entries, regardless of the page size parameter or the total amount of entries to be returned.

Platform & Control

  • ORION-255054: Once a DNode replacement operation is complete, the old node may still be listed in the Infrastructure -> DNodes page of VAST Web UI for some minutes.

  • (RESOLVED IN 5.4.0) ORION-232944: When clicking the Power off option in the CNode page of VAST Web UI (Infrastructure -> CNodes -> right-click a node), the node gets deactivated but not powered off. To power it off, click Power off one more time.

  • (RESOLVED IN 5.4.0) ORION-173461: Slot numbers displayed in the Slot column of the Infrastructure -> SCMs page in VAST Web UI are not aligned with slot numbers displayed in the Hardware Layout page.

Call Home & Support

  • ORION-269349: When obfuscating a support bundle, the obfuscation is not applied to files that have already been zipped.

  • ORION-239170: When obfuscating a support bundle, the CNode hostname may not get obfuscated in some of the logs included in the bundle.

  • (RESOLVED IN 5.4.0) ORION-238168: If you try to delete a support bundle that is still in the process of being created, the creation process does not stop and the bundle does not get deleted immediately.

Related articles