StorageOS 1.2 Released!

megaphone StorageOS 1.2 Released!

We are pleased to announce the release of StorageOS 1.2, the latest version of our software-defined, persistent storage for containers solution. 1.2 includes several new features to highlight that improve security and performance and provide rapid failover.

Encryption at Rest

Many customers are concerned about the security of their data at remote locations, particularly when deploying to cloud environments. Many cloud providers offer encryption, but retain access to the encryption keys.

StorageOS delivers encryption at rest by encrypting volumes. It uses the industry standard AES symmetric encryption algorithm. Keys are stored as Kubernetes Secrets.

Rapid Failover

The Kubernetes StatefulSet controller is the standard controller for running stateful workloads on Kubernetes. It provides volume templating, strong guarantees about pod creation order, and enforces serialization of mounts and unmounts such that a given volume can never be mounted twice.

To provide these guarantees, the StatefulSet controller is highly conservative with respect to restarting pods – specifically it tries hard to ensure that a given pod is completely dead with its volume unmounted before scheduling a replacement. Manual intervention is normally required before a StatefulSet will failover to another node.

When enabled for a volume, Rapid Failover will use StorageOS’ awareness of node health to influence StatefulSet pod failover. In cases where we know a node is dead and have scheduled a volume to failover, we offer the option to also kill the consuming pod and force it to restart elsewhere in the cluster.

For certain workloads this provides faster failover behavior than the StatefulSet controller alone.

mTLS for etcd

This release brings support for the first part of our encryption on the wire offering. Mutual TLS support for etcd enables authentication and encryption of all traffic to the StorageOS backend store. We recommend this is enabled for production workloads where possible.

Future releases will add TLS support for all StorageOS endpoints to provide further authentication and encryption guarantees.

Improved Dataplane

The StorageOS dataplane is at the heart of our product. Written in highly optimized C/C++, it is a complete storage engine, providing all of the compression, replication and storage services we offer.

For this release, we have upgraded the dataplane to significantly improve performance, provide more deterministic latency, and have less impact on the host machine.

We’re very proud of this release. We recommend that existing customers upgrade where operational circumstances permit (please see ourĀ upgrade documentation for more details). For those looking to try out the product, now is a good opportunity! Try it for free.

mm

Author: Paul Sobey

Paul Sobey is Head of Product at StorageOS. Paul has worked as a systems and infrastructure engineer for over 15 years, responsible for deploying cloud and on-premises infrastructure as well as deploying Kubernetes and containers in production.

Try for free