VMware Cloud Director Object Storage Extension 2.2 Release Notes

VMware Cloud Director Object Storage Extension 2.2 \| 17 NOV 2022 \| Build 20771300 Check for additions and updates to these release notes.

VMware Cloud Director Object Storage Extension 2.2 | 17 NOV 2022 | Build 20771300

Check for additions and updates to these release notes.

What's New

VMware Cloud Director Object Storage Extension version 2.2 includes the following new features:

Kubernetes backup

VMware Cloud Director Object Storage Extension 2.2 supports the backup and restore for Kubernetes clusters up the latest version.
Short path style of S3

VMware Cloud Director Object Extension now supports short path of S3 endpoint. Specifically, the root path / and full path /api/v1/s3 both represent the S3 URI entry point.
Cloudian storage policy management

VMware Cloud Director Object Storage Extension allows providers to control whether to expose Cloudian storage policy configuration to tenants, and which storage policies to expose to tenants. It also supports multi-region storage policy management.
Bucket Replication

VMware Cloud Director Object Storage Extension allows bucket owners to configure bucket replication rules to replicate the bucket content to destination buckets.
Multi-region S3 for Cloudian

VMware Cloud Director Object Storage Extension 2.2 introduces multi-region S3 support for Cloudian. With multi-region Cloudian HyperStore clusters, providers can now configure multi region S3 for a single VMware Cloud Director site, or for multi-VMware Cloud Director sites. Providers can also manage multi-region S3 access points for different tenants.

Upgrade

You can upgrade directly to VMware Cloud Director Object Storage Extension 2.2 from versions 2.1.x and 2.0.x. See Upgrading VMware Cloud Director Object Storage Extension.

Caveats and Limitations

S3 API requests authenticated with application credentials do not support the following use cases:
- Accessing a shared bucket if another user grants you permissions for the bucket.
- Deleting multiple objects simultaneously with a single API request.
- Copying objects from buckets that you own.
If you are using ECS storage, you cannot remove object tags.

When you try to remove an object tag, the operation fails with an error.
VMware Cloud Director and the underlying storage systems have different limitations on user names. To use VMware Cloud Director Object Storage Extension, user names must comply with both the requirements of VMware Cloud Director and the underlying storage system. A best practice is to use short user names (under 50 bytes) and to use alphanumeric characters.
- If you are using Cloudian storage, the maximum length of user IDs is 255 bytes.
- If you are using Dell ECS 3.4 or earlier, the maximum length of user IDs is 91 bytes.
- If you are using Dell ECS 3.6, the maximum length of user IDs is 64 bytes.
Bucket synchronization supports up to 10 million objects per a single synchronization job

When the cloud provider enables bucket synchronization for a tenant in the provider portal, the synchronization can support up to 10 million objects for the tenant. VMware Cloud Director Object Storage Extension 2.1 does not support the synchronization for more than 10 million objects per a single bucket synchronization job.
If you are using ECS storage, S3 API, or the Find a Bucket feature, you cannot visit a bucket that belongs to a different tenant organization in the ECS platform.

Product Documentation

All documentation is available on the VMware Cloud Director Object Storage Extension Documentation page.

Known Issues

You cannot log in to VMware Cloud Director Object Storage Extension as a service administrator

When you try to log in to VMware Cloud Director Object Storage Extension as a service administrator, the login is unsuccessful. The problem is observed on a random basis and it occurs if you have multiple groups which are mapped to multiple VMware Cloud Director roles.

Workaround: Log in to VMware Cloud Director Object Storage Extension with a user that has a single group, mapped to their VMware Cloud Director role.
Bucket synchronization does not synchronize all objects when object paths contain special symbols

VMware Cloud Director Object Storage Extension synchronizes the first 1,000 objects to the database. Special symbols include characters that might be encoded in the URL.

Workaround: None.
You cannot push images to the VMware Harbor Registry

When you try to push an image to the VMware Harbor Registry and the VMware Harbor Registry server uses VMware Cloud Director Object Storage Extension S3 as a backend storage, the process fails. The problem is observed when VMware Harbor Registry is configured with VMware Cloud Director Object Storage Extension S3 endpoint and credentials.

Workaround: Request a hotfix from VMware.
You cannot create a bucket policy with a UI-generated service instance ID

When you try to create a bucket policy and use the UI to generate the service instance ID, the process fails.

Workaround: Create the service instance ID manually and ensure it does not include the hyphen symbol (-) .
The S3 service of VMware Cloud Object Storage Extension is unavailable

When you start or view VMware Cloud Object Storage Extension, the VMware Cloud Object Storage Extension service is active, but the S3 service is unavailable, with the following error message in the log file:

S3_TOKEN_AUTH_ERROR

The issue is observed if the time gap between the S3 client and the VMware Cloud Object Storage Extension VM is over 20 seconds.

Workaround 1: Change the gap time between the S3 client and the VMware Cloud Object Storage Extension VM to less than 20 seconds, for example, NTP for the VMware Cloud Object Storage Extension VM.

Workaround 2: Run the command oss.s3.request-expire-time=3600 and restart the VMware Cloud Object Storage Extension service.
VMware Cloud Director Object Storage Extension fails to start

If you manually change the endpoint of VMware Cloud Director Object Storage Extension by using the command ose endpoint set, VMware Cloud Director Object Storage Extension might fail to start due to the following error:

Unsatisfied dependency expressed through field 'regionMgmtService'
Workaround:
1. In the VMware Cloud Director Object Storage Extension database, delete the table row region_endpoint_info , which contains the endpoint value.
2. Restart VMware Cloud Director Object Storage Extension.
You cannot delete Kubernetes clusters, which are in fatal state

When a tenant user tries to remove a Kubernetes cluster which is in fatal state, the process fails. The problem is observed only with Kubernetes clusters, which are added to Object Storage Extension 2.1.

Workaround: Delete the relevant records in the VMware Cloud Director Object Storage Extension database tables external_cluster_info and cluster_protection_info.
You cannot onboard a tenant organization for the Cloudian platform

When a cloud provider tries to enable a tenant organizatioin for Cloudian object storage, the process fails. The problem is observed for new organizations, which have not been previously onboarded and have no custom storage mapping.

Workaround:

1. Open the Cloudian CMC portal.

2. Create a group with the VMware Cloud Director organization UUID.

3. Open VMware Cloud Director Object Storage Extension to complete the tenant onboarding process.
Region metrics on the provider portal's tenant onboarding page does not distinguish region specific metrics data

With multi-region deployment, when multiple regions are activated for a tenant organization, active region cards show the global consumption metrics, not region-specific data. The problem is observed, because region specific metrics is not supported yet.

Workaround: None.
Synchronization tasks of buckets with more than 60,000 objects fail with a timeout error

When you try to sync a bucket that contains more than 60,000 objects, the synchronization task expires after 24 hours.

Workaround: Click the Sync Now button repeatedly until the synchronization task completes successfully.