Features
Core Object Storage Capabilities
| Feature | Description |
|---|---|
| S3 compatibility | S3-compatible API: PUT, GET, DELETE, LIST, HEAD, versioning, multipart, and tagging. |
| Scale-out object storage | Disaggregated, erasure-coded object store; 40-80 PB usable per cluster, and beyond through federation. |
| Erasure coding | Erasure coding across nodes and drives, with configurable node- and drive-level resilience. |
| Durability | Designed for >12 nines object durability. |
| Versioning | Full object versioning with listing and rollback. |
| Object locking | Compliance and Governance mode locking for immutability and retention. |
| Object capacity | Bounded by metadata-drive capacity - each object consumes a fixed metadata footprint, so provision metadata drives to your expected object count. See Hardware Sizing. |
| Space limits | Effectively unlimited through multi-cluster federation; constrained only by physical resources. |
Operations & Management
| Feature | Description |
|---|---|
| High availability | Multi-node active/active clusters (three or more nodes) with no single point of failure; survives node, drive, and rack failures. |
| Cluster management | Add and remove nodes, auto-discovery, and background rebalancing. |
| Power-failure resilience | Tested for data integrity under sudden full power loss. |
| Monitoring & metrics | Built-in dashboards and alerting, plus an OpenMetrics-compatible metrics endpoint for your own tooling. |
| Remote monitoring | Optional managed monitoring of your clusters via one.exaba.com. |
| Usage & billing | Per-tenant usage tracking and metering, with reporting for billing. |
| Web console / UI | Console or web-based UI for management and observability. |
| Ecosystem integrations | Certified for Veeam Ready; works with Commvault, Acronis, rclone, and other S3-compatible backup and data tools. |
| Certificate management | Built-in certificate issuance and renewal for TLS endpoints. |
Security & Compliance
| Feature | Description |
|---|---|
| Encryption | RSA 2048/3072/4096, AES-256, SSE-S3 / SSE-KMS / BYOK, FIPS-aware (runs under FIPS-mode Linux kernels). |
| Zero trust | Mutual TLS on every internal service-to-service call. |
| Tenant isolation | Strong cryptographic and network isolation per tenant. |
| Auditable binaries | Reproducible builds, signed and auditable crates. |
| Remote syslog / SIEM | Log forwarding to SIEM and central log platforms. |
| Reduced attack surface | Userspace data path reduces exposure to kernel-level vulnerabilities. |
Performance & Scale
| Feature | Description |
|---|---|
| Networking | NVMe-oF data path over RDMA (RoCEv2 or iWARP), or TCP for sites without an RDMA fabric; 10/25/100/200 GbE Ethernet. |
| Throughput | 10+ GB/s of object throughput per node; aggregate throughput scales as nodes are added. |
| Streaming | Upload and download streams with low RAM usage. |
| NVMe / flash | Write patterns optimized for flash and NVMe endurance. |
| Hybrid arrays | NVMe metadata with SATA/SAS bulk HDD configurations. |
| Node limits | Clusters start at three nodes (five or more recommended) and scale to around 20 per cluster; larger footprints via multi-cluster federation. |
| Metadata mirroring | Metadata replicated across multiple drives and nodes. |
Extensibility & Developer Features
| Feature | Description |
|---|---|
| Management APIs | REST APIs for programmatic control of the entire system: clusters, nodes, tenants, buckets, keys, and policies, alongside the S3 data API. |
| Client SDKs | Native Rust SDK and RESTful HTTP; more languages planned. |
| Written in Rust | Memory-safe, async-enabled, and built on SPDK for performance. |
Platforms & Multi-Tenancy
| Feature | Description |
|---|---|
| Multi-platform | x86_64, ARM, and Power; Docker for evaluation only. |
| Multi-tenant | IAM with JWT and OAuth 2.0 / OIDC login compatibility. |
| Global namespace | Centralized namespace management for accounts and buckets. |
| Cluster peering | Join clusters globally via namespace peering. |
| Air-gap mode | Pull-only, outbound-only mode with no exposed listeners. |
| KMS integration | Built-in KMS with TPM 2.0 / YubiKey / customer-HSM vault custody and TLS certificate management. |