This release introduces multi-node deployment capabilities for enhanced scalability and resilience, alongside significant improvements to data integrity, drive healing, and cluster management. Administrators gain greater control with new options for SSE-KMS key replication and detailed tracing for drive formatting operations. ### New Features * **Multi-Node Deployments**: Introduces support for distributed, multi-node configurations to enhance storage availability and capacity. This release also adds the ability to generate self-signed SSL certificates, streamlining secure setup for non-production environments. (#362) * **Control SSE-KMS Key Replication**: Administrators can now prevent the replication of source Key IDs for SSE-KMS objects via the `MINIO_KMS_REPLICATE_KEYID` environment variable. This allows a replica site to apply its local KMS key, ensuring continuous SSE-KMS protection in multi-site environments with distinct KMS requirements. (#320) * **Trace Drive Formatting Events**: Provides administrators with detailed, real-time tracing for drive formatting and verification events. This improves observability into storage initialization, aiding in diagnostics and capacity planning. (#329) * **Automated Empty Folder Scanning**: The system now automatically scans apparently empty folders to identify and resolve unhealed data or stray directories. This background process improves overall data consistency and integrity. (#319) * **Foundation for Bucket Event Queue**: Implemented the foundational framework for a new Bucket Event Queue subsystem. This is a preparatory step for future enhancements to event notification and automation. (#313) ### Performance Improvements * **Optimized Drive Formatting**: Significantly accelerated the drive formatting and verification process, reducing cluster startup and initialization times, especially in large-scale deployments. (#190) * **Reduced Memory Usage for Tiering Scanner**: Optimized the background scanner for storage tiering to lower memory consumption by eliminating redundant configuration loading. (#309) * **Efficient Pool Decommissioning**: Prevented healing operations on new drives within a storage pool that is being decommissioned. This conserves I/O resources and ensures a more efficient decommissioning process. (#315) * **Optimized IAM Import API**: Reduced memory usage for the `IAMImport` API by avoiding unnecessary buffer allocations. This also hardens the system against excessively large inputs. (#343) * **Throttled Cluster Metadata Saves**: Updated the process for saving cluster data usage to prevent rapid, successive writes. This reduces I/O load and improves performance in high-latency environments. (#327) ### Improvements * **Enhanced Kafka Event Queuing**: Overhauled the Kafka event queue system for greater throughput in high-volume scenarios. Audit event queues can now be configured with a disk directory to persist event batches for replay, improving data resilience for audit trails. (#366) * **Strengthened Data Integrity on Writes**: Enforced consistent data block sizes during write operations to prevent potential data corruption. Applications attempting to write inconsistent block sizes will now receive an error, guiding developers toward correct usage. (#304) * **Prioritized Drive Healing**: Drive healing within the same erasure set is now prioritized by which drive initiated the process first. This ensures older pending healing operations are addressed more quickly for more predictable data recovery. (#266) * **Automatic LDAP Policy Cleanup**: Stale LDAP user and group policy mappings are now automatically removed on server startup if the Base DN configuration has changed, preventing access inconsistencies. (#345) * **Flexible Drive Formatting Quorum**: Drive formatting operations can now proceed with a reduced quorum, providing greater operational flexibility during disk management, especially in partially degraded cluster states. (#337) * **Simplified Command Output**: Removed the URL scheme from server addresses in `serverInfo`, `netPerf`, and `speedTest` command outputs for a cleaner, more readable display. (#344) * **Improved License Flag Guidance**: The server now provides a helpful hint and usage examples if the `--license` flag is missing or incorrect at startup, simplifying error resolution. (#356) * **Simplified Profile Naming**: The endpoint scheme (e.g., `http://`) is no longer required when creating profile names, allowing for shorter, more user-friendly identifiers. (#308) * **Refined Retry Logging**: The retry mechanism for drive formatting now provides more accurate retry counts in event logs, improving clarity during storage initialization. (#335) * **Comprehensive Dependency Updates**: Refreshed all core system dependencies to their latest versions to incorporate performance enhancements and fixes from underlying components. (#317, #324) ### Bug Fixes * **Resumed Drive Healing After Restart**: Resolved an issue where the automatic drive healing process would not resume after a storage node was restarted, ensuring data redundancy is properly restored. (#310) * **Robust Cluster Startup**: Clusters can now reliably start and initialize even with a high number of unformatted drives (less than 50% formatted in an erasure set), improving deployment and recovery times. (#341) * **Reliable Batch Deletes**: Corrected the behavior of `DeleteObjects` operations for versioned objects and delete markers, ensuring predictable outcomes in complex scenarios. (#342) * **Heal Objects in Suspended Pools**: Administrators can now run heal operations on individual objects within a suspended storage pool, facilitating targeted data recovery without reactivating the entire pool. (#296) * **Guaranteed Root User Access**: Ensured root user access remains available even if the `site-replicator-0` service account is temporarily missing in a site replication setup. (#350) * **Accurate Drive Healing Status**: The system health check report now accurately reflects when a drive has completed its healing process, preventing misleading reports. (#325) * **Force Delete Buckets with Policies**: The 'Force Delete Bucket' operation now correctly removes empty buckets that have object locking or replication rules configured. (#336) * **Reliable Batch Jobs on Single-Core CPUs**: Ensured batch jobs execute successfully on instances with a single CPU core by guaranteeing at least one worker is allocated. (#361) * **Corrected Batch SSE Key Rotation**: Batch operations now correctly support server-side encryption key rotation between SSE-S3 and SSE-KMS. (#322) * **Synchronized Bucket Deletion in Replication**: Fixed an issue where bucket deletions were not consistently synchronized across sites in a replication setup. (#352) * **Accurate Audit Logging for Auth Failures**: Corrected audit logging for signed requests to ensure authentication failures generate a single, accurate log entry, simplifying security monitoring. (#364) * **Proxy Support for Batch Operations**: Ensured batch operations correctly use configured proxy settings and report an appropriate error if the proxy server is unreachable. (#353) * **Corrected Webhook Trigger Logic**: Resolved an issue where webhook processing could be incorrectly triggered by an unrelated environment variable. (#360) * **Reliable Network Performance Tests**: Fixed an issue that prevented `netperf` and `speedtest` from running correctly via the `mc support perf net local` command. (#339) * **Improved Kafka Integration**: Addressed configuration issues to improve compatibility with newer Kafka packages and resolved problems with importing older disk queue files. (#333) * **Accurate Client Disconnection Errors**: Error reporting for client disconnections (HTTP 499) is now more precise, preventing other errors from being misclassified. (#340) * **Restored Diagnostic Data Collection**: Resolved an issue that prevented the system from correctly capturing diagnostic information required for troubleshooting. (#321) * **Current Disk Status for Healing**: Enhanced the drive healing process to always use the most current disk status, preventing drives from being overlooked due to cached information. (#365) * **Resolved Internal Communication Timeouts**: Adjusted internal timeouts to prevent operations from failing prematurely during certain communication errors. (#323) * **Prevented Crashes on File Operations**: Improved handling of file-not-found situations and ensured event-related files are properly closed to prevent application crashes. (#371) ### Security Updates * **Redacted Credentials in Batch Job Details**: The `DescribeBatchJob` operation now automatically redacts sensitive information such as replication secret keys and session tokens to prevent accidental disclosure. (#368) ### Deprecations * **`max_duration` for Audit Event Queue**: The `max_duration` configuration option for the `audit_event_queue` subsystem is now deprecated and will be removed in a future release. Users should leverage the new disk-based persistence capabilities for audit event resilience. (#366)