DAOS enhancements

This topic describes the enhancements to the Domino Attachment and Object Service (DAOS).

Note: For usability, the complete documentation on DAOS is included in the Attachment Consolidation section. Many of these topics have not changed for HCL Domino® 12.

Improved DAOS encryption security

DAOS object encryption now offers more secure encryption algorithms and the ability for Domino cluster mates to share encryption keys so that encrypted DAOS objects can be shared across servers. When you encrypt objects with the server ID file, you can now choose AES-128 or AES-256 bit encryption.

For more flexibility, you can create a shared AES-128 key in a credential store and configure DAOS to use the shared key to encrypt DAOS objects. Encrypting objects with a shared encryption key allows greater flexibility in backup and restore scenarios and it allows any DAOS objects stored in tier 2 to be shared across servers.

If you anticipate needing to revert a Domino 12 server to a pre-11.0.1 version, before upgrading the server to Domino 12, add the following notes.ini setting to force Domino to use the legacy encryption:

Sharing DAOS tier 2 objects across servers

Beginning with Domino 12, you can conserve storage space by sharing DAOS tier 2 objects across servers within a cluster. When tier 2 object sharing is enabled, each unique DAOS attachment object resolves to a single object in tier 2 storage that all servers in the cluster share.

Improved DAOS container management

DAOS has changed the way that it fills subdirectories. It now backfills existing sub-directories (e.g. 0001, 0002) continuously. This change eliminates the partially filled or empty subdirectories that could occur in previous versions of Domino.

The previous subdirectory tracking file, daos.cfg, from earlier releases is replaced with the file daos.cf2. The .cf2 file uses a simpler CSV format. A new console command, tell daosmgr containers, can be used to display the total number of objects and the total size of objects in each subdirectory. This command is useful if you need to work with Support to troubleshoot an issue.