Synopsis: A server-side request forgery (SSRF) vulnerability against the MinIO server was discovered and has been fixed in RELEASE.2021-01-30T00-20-58Z [https://github.com/minio/minio/releases/tag/RELEASE.2021-01-30T00-20-58Z]. Severity: Medium Who is affected: All users of the MinIO server version RELEASE.2019-12-17T23-16-33Z or newer are affected. Users that have disabled the MinIO browser UI are not affected. Recommended Action
Read more
As we said in our opening, we love Storage Field Day because it is a chance for us to reflect on our accomplishments while forcing us to confront our future. We say confront because the delegates at SFD are among the brightest, politest group of skeptics you are likely to encounter. They push you for answers, they challenge you for
Read more
Kubernetes seems to be the answer to a lot of questions these days. It should be—it is the dominant way to deliver compute, networking and storage to applications. Its dominance is surprising in a tech world where there is generally room for several players. This was a winner take all market and Kubernetes took it all. As we note
Read more
This is going to be a relatively short post because the good stuff is really in the video, courtesy of Daniel Valdivia and AB. The summary is that MinIO has a ridiculously talented engineering team that has been together for more than a decade. Many of them were part of the Gluster team and have forgotten more about file systems
Read more
We got crunched for time at the end of our SFD slot. Given how important the hybrid cloud story is to our future, I probably shouldn’t have left it for last. Too many great questions threw us off our schedule and we arrived at the start of the section with not enough time to do it justice. So what
Read more
We just wrapped Storage Field Day 2021 [https://www.youtube.com/watch?v=ARmIhJsWK8w] and during our session we generated a particular amount of interest around our hybrid strategy. At the end, we were a little compressed on time, but the message resonated and was the primary subject of the breakout room discussion with the delegates after the cameras stopped
Read more
Cassandra is a popular, tried-and-true NoSQL database that supports key-value wide-column tables. Like any powerful tool, Cassandra has its ideal use cases - in particular, Cassandra excels at supporting write-heavy workloads, while having limitations when supporting read-heavy workloads. Cassandra's eventual consistency model and lack of transactions, multi-table support like joins, subqueries can also limit its usefulness. However, using
Read more
Introduction Document management is a core requirement for all sorts of regulated institutions - finance, telecom, healthcare, government and others. These institutions need to manage and retain an ever growing number of documents and regulatory guidelines often require these documents to be stored for a very long term (7-10 years). Take for example, KYC (Know Your Customer) documents. Anyone starting
Read more
Over the last decade or so, object storage use cases have evolved considerably as they replace traditional file and block use cases. Specifically the need to work with small data objects is becoming commonplace. Yes, there’s still plenty of large objects but small objects are becoming more prevalent than large for specific workloads and application environments. Traditional object storage
Read more
The MinIO Subscription Network is unique. A blend of commercial license and direct-to-engineering support it also offers access to the panic button, architectural and security reviews and a host of other features and technologies that ensure our customers never lose data or suffer a security breach. We recently asked our customer base to participate in a flash survey to tell
Read more
Kubecon went virtual this year and let’s be honest, it wasn’t the same – on any level. It lacked the electricity, the enthusiasm and interaction that makes this a geek version of the holiday season. Still, the content was outstanding and continues to serve as the engine of this amazing event. Each Kubecon is a major milestone – an opportunity
Read more
The Hybrid Cloud is a hot term these days. It should be. Ultimately it will represent the vast majority of enterprise cloud architectures (Gartner is saying 90%+). The public cloud will continue to grow. The private cloud will continue to grow. The edge will continue to grow. All fueled by the data that continues to grow. While the hybrid cloud
Read more
At the beginning of the decade, the total data in the world added up to 2 zettabytes. It has grown to 59 zettabytes today. In a matter of 10 years, it has grown 30-fold. Unstructured data The majority of data that exists today are photos, videos or some kind of point-in-time events. These kinds of data do not have an
Read more
The promise/allure of the public cloud is based on the concept that it is elastic. One can, with little effort, scale up workloads and, if desired, scale down those same workloads. We have written on this subject before - from the perspective of what workloads to consider as you evaluate what to take to the public cloud and what
Read more
MinIO was designed in the same fashion that the hyper-scalers were – with simple building blocks that limit failure domains but can grow infinitely. Still there are some features that you really need to have in order to go galactic in size. They are: 1. Server Side Replication: With MinIO’s server side replication capabilities, organizations can create active-active replication across
Read more
One of the key requirements driving enterprises towards cloud-native object storage platforms is the ability to consume storage in a multi-data center setup. Multiple data centers provide resilient, highly available storage clusters, capable of withstanding the complete failure of one or more of those data centers. Multi-data center support brings private and hybrid cloud infrastructure closer to how the public
Read more
With the introduction of Apache Arrow, language-independent columnar memory format for flat and hierarchical data, organized for efficient analytic operations, MinIO data lakes can be much more powerful. This article explains how to make use of Apache Arrow by using ArrowRDD.
Read more
Today we are pleased to announce [https://www.businesswire.com/news/home/20200915005471/en/MinIO-and-VMware-Extend-Their-Partnership-Through-vSAN-Persistent-Data-Platform-Interoperability] a significant expansion of our partnership [https://min.io/solutions/vmware] with VMware. This next phase represents a deeper collaboration from our award winning work [https://www.businesswire.com/news/home/20180924005328/en/Minio-Receives-Rising-Star-Partner-Award-Pivotal#:~:text=%2D%2D(BUSINESS%20WIRE)%2
Read more
Two days ago, on Sep. 08, research teams from Germany and Israel published a joint research paper [https://raccoon-attack.com/RacoonAttack.pdf] describing another TLS timing attack - called Raccoon. This attack targets all TLS versions up to 1.2. The new attack [https://raccoon-attack.com/] exploits a timing side-channel during the TLS handshake when the Diffie-Hellman (DH) key exchange
Read more
While MinIO is known for being a high-performance, cloud-native object store, the security of the system and the resilience of the data have always been paramount. From erasure coding [https://docs.minio.io/docs/minio-erasure-code-quickstart-guide.html], bitrot protection, object healing, WORM and sophisticated, performant encryption - ensuring data is safe - across a number a different vectors has always guided
Read more