Impact to system after enabling Container Mode
- Enabling Container Mode is an irreversible process. A system in Container Mode cannot be converted back into Vault Mode.
- All end user accounts must be managed through the Service APIs on the Accesser devices. There is no visibility to user accounts on the Manager, including storage accounts and AWS credentials.
- Any user or application using the Service APIs must have a new role assigned (service account role) to have permissions to manage storage accounts and credentials.
- If the system administer chooses to enforce DNS compliant container names, all new bucket names must be DNS compliant. Any existing bucket names that are non-DNS compliant will continue to be accessible.
- A storage account can have at least 1000 containers by default, but the maximum number of supported containers can vary. The S3 API’s container listing command does not support pagination, meaning that having more than 1000 containers results in some containers not being listable by end users.
- Service vault availability and reliability is critical for the system to continue to operate in Container Mode and serve all user requests.
- Enabling Container Mode triggers additional fields to get logged in the access logs and enables new internal structures and flows that could impact performance negatively.