Superna Eyeglass® DR Edition Feature list

Release 2.5.6 update 2 2.5.6 build 20258

  1. RBAC 2.0 - Validates AD groups and users when saving a role change, if the AD group or user cannot be resolved an error is returned and it will not be saved.   If the user or group is resolved the SID of the user or group is saved in the configuration.    This will ensure that the login process can easily match the user or group SIDS versus the names of the user or group. 

    1. Adding users or groups with any case will now be supported​

    2. adding groups with <group name>@domain name syntax will be supported in addition to domain\group name

    3. Login will correctly identify the user group using SID or user and groups and will avoid needing to rely on the UPN login syntax.

    4. After upgrade the users and groups in the current configuration will be converted to support SID and GID 

  2. SPN AD Delegation Logging is enhanced to detect new failures in the AD delegation to computer objects.  This new logging is only visible to support and will assist in root cause of some SPN management scenarios that were not covered in previous releases.​

  3. Phone Home Logging - A new log tracks phone home issues to allow support to root cause issues faster.

  4. Easy Auditor

    1. The cluster zone audit settings will now be collected in the support backup to assist in misconfiguration scenarios.

    2. Stale NFS mount or network issues is the #1 cause of audit data ingestion failure. This release will monitor the NFS mount and automatically remount to repair stale NFS mount caused by network issues between the ECA and the Isilon cluster.

    3. OVF file will allow a 6, or 9 VM deployment to avoid the requirement to deploy the 3 VM OVF multiple times to simplify deployment.

  5. Dual DNS Delegation - This will no longer ping Pool ip to validate reachability since this was not required.

    1. Additional logging to root cause issues with DNS delegations for failover.  Support will be able to assist to root cause with this new logging.​

  6. OneFS 9.0 and 9.1 Support​

  7. Cluster Storage Monitor - Unlock my files Major upgrade.

 

 

 

General:

  1. Alarm emails are now basic html, no images included - subject of email includes application name and user name if relevant to the alarm.

    1. Alarm codes now visible in the UI​

    2. Email subject includes the application name that created the alarm for alarm filtering

  2. igls command to change the severity of any alarm type, example sync jobs can generate a lot of alarms and are sent as critical. igls command can change this alarm code to major or warning on a per alarm code basis. This allows customers to lower severity of alarms without changing the global alarm severity filter settings. 

DR Edition Overview:

  1. Overlapping Access Zone Failover support (see documentation for limitations)

    1. Overlapping means 2 access zones that share the same base path with at least 1 SyncIQ policy at or below the access zone path.

  2. Major Enhancements to Quota syncing for large quota count customers

    1. Option to remove quota collection from normal share/export syncing. This is for large quota count customers to speed up the config sync and move quota inventory detection to a separate job. "Quota Sync Job"​

      1. This new job for Quota inventory can be scheduled independently fo config sync and defaults to once per day to collect quota's and detect quota changes.​

      2. Recommended for customers with > 1000 quotas

    2. DR Quota Sync

      1. Onefs 8.x required. Allow pre-staging of quotas on the DR cluster and avoid quota scan being triggered during failover. Once this feature is enabled. Quota failover checkbox in DR assistant is automatically disabled.

  3. DR Automation Enhancements:

    1. Faster Failover!!!! Configuration sync will no longer run during a failover, that will remove this time to complete from the failover.

    2. Faster Failback!!!! Eyeglass jobs now automatically get enabled without any manual steps after a failover so that tailback readiness can be assessed faster and the jobs are in the correct state in Eyeglass.

    3. New policy alerts notifies administrator an action is required to enable DR on new policies.

    4. New job type default of none requires newly detected policies to be set to sync mode or DFS mode by the administrator before they can be enabled.  This work flow ensures policies do not get enabled in the wrong mode.

    5. Copy and paste of Failover logs from DR Assistant to simplify getting logs to support.

    6. DR Rehearsal Mode: Failover, Test, Throw away the changes. Complete DR Tests in much less time.

    7. Failover to DR make the target data writeable​

    8. Complete DR mount and write access testing

    9. Throw away changes to DR data

    10. Production copy on source cluster is online at all times

    11. Combine with networking bubble , cloned AD, DNS to complete DR testing with mirror of production  

    12. REST API support for DR Test Mode, IP Pool failover

    13. Full API support to retrieve all DR Dashboard validations for all failover modes​

    14. Auto Add all missing SPN's detected by Isilon.  Enables Eyeglass to check missing SPN's and insert them to ensure none are missing AND insert igls hint SPN's to suppress Isilon Alarms​ for missing SPN's

    15. Any SPN Failover support Now any sun type can be failed over. Example NFS, HDFS, CIFS can be failed over in addition to the host spn used for SMB authentication.  This will allow HDFS Big data failover and support kerberoized NFS failover of SPN's.  

    16. Concurrent Failover - This release will switch all installations to this default mode.  This allows several failovers to run in parallel of any type.  ​​​​The concurrent failover limit will increase from 4 to 5 and can be configured for 50 (open a support case if needed).  This applies to GUI failovers or API failovers.

    17. New Validations For DR Readiness

    18. SPN AD Delegation is now automatically tested for correct delegation in AD for SPN failover​

    19. DNS Dual delegation validation check that all smartconnect names are correctly setup for DNS auto failover. Checks that 2 name servers are setup, verifies an A record correctly points to Isilon SSIP, validates the SSIP is the correct subnet for the pools that are failing over.

    20. Domain mark - Check if this has been run and raise warning in DR Dashboard 

    21. Mismatched SPN cases between AD and Isilon

    22. GUI​

    23. Disable twitter release notification on login page​

    24. ​Access Zone Migration New Dedicated Icon "Data Config Migration":

    25. Ability to copy only configuration data from one zone to another without need a synciq policy to exist.  This can be used by entering any source path and any target path with auto access zone detection.  NOTE:  The paths must exist.  This new job type can stay and run during normal configuration task to keep config data in sync during a migration.  New check box: "Migrate only configuration" 

    26. Ability to auto detect existing syncIQ policies on the source and target path and use them to sync configuration data.  This allows the copy policy to be setup and migration of configuration can use the existing policies in place.

  4. Security Enhancements:

    1. IGLS cli command to automate changing eyeglass service account password and restarting the process to take affect.  Useful for customers with a lot of clusters and regular password change policy can now automate this task