Key features of StorageOS V2.4 include the provision of Encryption at Rest, a capability designed for organisations that are dependent on encrypted data as a requirement for Kubernetes workloads using persistent storage. This includes users of Kubernetes as a cloud managed service and those with strict data compliance regulations, such as the Payment Card Industry standard (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPAA).
When using encryption with StorageOS, encryption and decryption keys are fully under the control and management of the consumer as Kubernetes Secrets. The use of a native Kubernetes construct for key secret management provides the benefit of native Kubernetes integration with KMS providers such as HashiCorp Vault, providing further compliance and regulation as desired.
“These platform enhancements serve as important differentiators between StorageOS and other persistent storage services offered by cloud providers,” said Alex Chircop, founder and CEO, StorageOS. “They also demonstrate our commitment to innovation and have been designed as a result of close collaboration between our engineering team, customers and partners to ensure we are meeting the needs of both existing and potential users.”
In addition, StorageOS now delivers Rapid Application Recovery via enhanced fencing awareness, bringing an improvement of up to 500% for failover and recovery. When deploying a stateful application within the recommended Kubernetes StatefulSet controller, a failed pod has a default eviction timeout of five minutes, allowing up to five minutes of downtime to pass before recovery is actioned.
Rapid Application Recovery allows StorageOS to utilise its background node awareness to intervene and, where applicable, allow pods to be scheduled on different nodes with full access to their required persistent storage. This feature significantly improves recovery time and allows a StatefulSet time to recover within 30-60 seconds.
StorageOS v2.4 also provides Intelligent Thin Provisioning with the addition of Trim support, allowing the operating system to inform StorageOS that data is no longer in use and can be wiped internally. The StorageOS Dataplane can detect Trim/Unmap events and can transparently recover storage pool capacity at the point of deletion, therefore freeing storage from a Thinly provisioned pool without manual intervention.