DAOS enhancements
This topic describes the enhancements to the Domino Attachment and Object Service (DAOS).
Improved DAOS encryption security
DAOS object encryption now offers more secure encryption algorithms and the ability for Domino cluster mates to share encryption keys so that encrypted DAOS objects can be shared across servers. When you encrypt objects with the server ID file, you can now choose AES-128 or AES-256 bit encryption.
For more flexibility, you can create a shared AES-128 key in a credential store and configure DAOS to use the shared key to encrypt DAOS objects. Encrypting objects with a shared encryption key allows greater flexibility in backup and restore scenarios and it allows any DAOS objects stored in tier 2 to be shared across servers.
DAOS_NLO_ENCRYPTION_METHOD=0
Sharing DAOS tier 2 objects across servers
Beginning with Domino 12, you can conserve storage space by sharing DAOS tier 2 objects across servers within a cluster. When tier 2 object sharing is enabled, each unique DAOS attachment object resolves to a single object in tier 2 storage that all servers in the cluster share.
Improved DAOS container management
DAOS has changed the way that it fills subdirectories. It now backfills existing sub-directories (e.g. 0001, 0002) continuously. This change eliminates the partially filled or empty subdirectories that could occur in previous versions of Domino.
The previous subdirectory tracking file, daos.cfg, from earlier releases is replaced
with the file daos.cf2. The .cf2 file uses a simpler CSV format. A new console
command, tell daosmgr containers
, can be used to display the total
number of objects and the total size of objects in each subdirectory. This command
is useful if you need to work with Support to troubleshoot an issue.