Monday, 27 June 2016

Highlights from the ONTAP 9.0 RC1 Release Notes

New and changed features in the ONTAP 9.0 release family

Manageability enhancements

- FIPS 140-2 support for cluster-wide control plane web service interfaces
- Support for enhanced Storage QoS limits
-- up to 12’000 policy groups per cluster
-- can specify a combination of IOPs and MB/s
- Changes in audit configuration operation
- Support for SHA-2 password hash function
- Password security enhancements
-- password complexity enforcement
-- delay after failed login attempt
-- define the account inactive limit
-- expire a user password
-- display password expiry warning
-- send invalid login notifications to audit.log & EMS
- Enhancement for audit log management
- Support for non-English characters in qtree names
- Support for Storage Encryption onboard key management
- Support for cache-retention policies on Flash Pool aggregates
- Support for root-data partitioning enhancement
-- root-data partitioning is supported on AFF platforms
- Support for headroom functionality
-- Assists workflow provisioning and balance
-- Helps you prevent overloading a node

MetroCluster configuration enhancements

- Implementation of node-level QoS
-- reduces node outage by prioritizing the I/O operations needed to complete a disaster recovery (DR) operation
- Support for reestablishing SnapMirror or SnapVault relationships
- Support for eight-node MetroCluster configurations
-- where using the NAS protocol
- Support for unmirrored aggregates in MetroCluster configurations

Networking and security protocol enhancements

- IPv6 support for DDNS
- Increased limits for maximum LIFs per node
-- in clusters where all nodes have at least 20 GB of memory, you can create up to 256 NAS LIFs or 512 SAN LIFs per node
- Automatic detection and isolation of network port failures
- Support for LLDP
-- Link Layer Discovery Protocol - an alternative to CDP
- Support for UC compliance with DSCP marking
-- Differentiated Services Code Point (DSCP) marking is a mechanism for classifying and managing network traffic and is a component of Unified Capability (UC) compliance

Storage resource management enhancements

- Support for inline data compaction
-- Inline data compaction stores multiple user data blocks and files within a single 4 KB block on a system running ONTAP
-- Inline data compaction is enabled by default on AFF, and you can optionally enable it on volumes on FAS systems
-- You can run inline data compaction independently or together with data compression or deduplication
- Support for automated SAN and NAS storage provisioning
-- The following new templates are accessible under the Application Provisioning tab in OCSM:
--- NFS Oracle
--- NFS Oracle RAC
--- SAN Oracle Single
--- SAN Oracle RAC
--- SMB SQL Server
--- SAN SQL Server
--- NAS Virtual Server Infrastructure
--- SAN Virtual Server Infrastructure
--- SAN Virtual Desktop
- Support for relocating root volumes to new aggregates
- Support for rehosting a volume from one SVM to another SVM
- Supported security styles for Infinite Volumes
-- unix, ntfs, mixed, or unified

FlexArray Virtualization (V-Series) enhancements

- Support for 16 TB array LUNs
- FlexArray Virtualization resiliency enhancements

File access protocol enhancements

- Enhanced support for SMB protocols
-- The following enhancements are now supported in SMB 2.0 and later:
--- LDAP signing and sealing
--- Workgroup authentication
--- Large MTU
--- SMB null user and IP qualifiers
-- The following SMB enhancements are now supported in SMB 3.0 and later:
--- Accelerated AES-NI encryption
- Support for CIFS server in workgroup mode
- Enhancements for Kerberos 5
-- Kerberos 5 authentication with privacy service (krb5p) is supported
- Support for LDAP signing and sealing
- LDAP support for SHA2 hashed passwords
- Multiple client match specifications in NFS export rules
-- “provides comparable functionality to standard /etc/exports files in 7-Mode”
- NFS export access cache enhancements
- FPolicy enhancements
-- This release includes the following FPolicy enhancements:
--- Filtering controls
--- Async resiliency
- Support for new CIFS auditing events
-- The new auditing events are as follows:
--- file-share
--- audit-policy-change
--- user-account
--- security-group
--- authorization-policy-change

SAN enhancements

- ODX LUN copy is now supported between clusters
- iSCSI target support for an FQDN response

Data protection enhancements

- Support for triple parity RAID protection (RAID-TEC)
- Support for SnapLock technology
- Support for cloning data protection volumes
-- in an SVM-DR relation, the cluster administrator can clone data protection (DP) volumes from the destination SVM to another SVM in the destination cluster for development testing
- Support for excluding volumes from replication
-- in an SVM-DR relation…
- Support for excluding LIFs from replication
-- in an SVM-DR relation…
- Support for converting volume-level SnapMirror relationships to an SVM disaster recovery relationship
- Support for using a SnapMirror license to enable SnapVault
- Support for NDMP extension
-- NDMP extension 0x2050, which enables Snapshot copy management and backup restart extensions, is supported
- Support for intercluster SVM peer relationships between SVMs with the same name
- Support for SnapMirror and SnapVault global throttling
-- These options are enforced on all nodes in the cluster:
--- Enabling and disabling the node-level throttle
--- Setting the maximum bandwidth for outgoing transfers
--- Setting the maximum bandwidth for incoming transfers
- Support for secondary SnapVault Snapshot copies
-- you can create Snapshot copies on a SnapMirror SnapVault destination for longer term retention without having to create and maintain a corresponding longer term Snapshot copy at the primary destination
- Support for renaming SnapVault Snapshot copies
- Support for all SnapMirror and SnapVault cascade configurations

Antivirus enhancements

- Support for Vscan on-demand scanning
- Support for FQDN configuration of Vscan servers

Upgrade enhancements

- Expanded support for automated nondisruptive upgrades
-- to include major upgrades from Data ONTAP 8.3.x to ONTAP 9.0

Transition enhancements

- Support for transitioning SnapLock volumes
- Support for transitioning a disaster recovery relationship between vFiler units
- Support for transitioning peering networks from IPv4 to IPv6

Unsupported features for ONTAP 9.0 RC1

- LDAP over SSL replaced with LDAP over TLS
- Remote Support Agent (RSA) replaced with AutoSupport On Demand


  1. This is a great summary. Any insight on the provisioning templates for non-AFF systems. I understand they are only available with AFF.