Introduction:
SnapLock is an alternative to the traditional optical
"write once, read many" (WORM) data. SnapLock is used for
the storage of read-only WORM data.
SnapLock is a license-based, disk-based, open-protocol
feature that works with application software to administer non-rewritable
storage of data. The primary objective of this Data ONTAP feature is
to provide storage-enforced WORM and retention functionality by using open file
protocols such as CIFS and NFS. SnapLock can be deployed for protecting
data in strict regulatory environments in such a way that even the storage
administrator is considered an untrusted party.
SnapLock provides special purpose volumes in which files can
be stored and committed to a non-erasable, non-rewritable state either forever
or for a designated retention period. SnapLock allows this retention
to be performed at the granularity of individual files through standard open
file protocols such as CIFS and NFS.
NetApp SnapLock compliance software
helps you meet strict data retention regulations and internal IT governance
rules.
SnapLock is available in tow version:
SnapLock compliance for strict regulatory environment, and SnapLock Enterprise,
for more flexible environments.
SnapLock can integrates with the snap
Mirror and snap vault, and snap mirror allows the SnapLock volumes to be
replicated to another storage system and Lock vault backs up SnapLock volumes
to a secondary storage system to ensure that if the original data is destroyed
than the data can be restored or accessed from another location.
Once the data is created in the
SnapLock volume they comes under the retention period and these files get
treated as WORM, so that nobody can delete or modify the data until and unless
it reach to its retention period, the SnapLock volumes cannot be deleted by the
user, administrator nor by the application, the retention date on a WORM file
is set when the file is committed to WORM state, but it can be extended at any
time. The retention period can never be shortened for any WORM file.
SnapLock Compliance
SnapLock Compliance is used in
strictly regulated environment, where data is retained for longer period of
time and these data are accessed frequently only for readable purpose.
SnapLock Compliance even does not
allow the storage administrator’s to perform any operations that might modify
the file, it uses the feature called “ComplianceClock” to enforce the retention
periods. SnapLock Compliance requires the SnapLock license to enable the
SnapLock features and to restrict the administration access to the file.
SnapLock Enterprise
SnapLock Enterprise allows the
administrator to destroy the SnapLock volume before all the file on the volume
reach their expiration date. However no one else can delete or modify the
files.
It requires the SnapLock _enterprise
license
Configuration Steps:
Check the licenses or else add the snaplock licenses.
Here both snaplock licenses are installed.
Check the snaplock clock status.
If it is not initialized, initialize the snaplocl clock using the following command.
snaplock clock initialize.
Check the status, it was initialized successfully.
Now you can create an aggregate with snaplock.
Check the aggregate status, it was created with snaplock enterprise option.
Now you can create a flex volume, that volume also automatically comes with snaplock option.
You can list the retention period by using the following command.
You can change the retention period also using the following command.
Now i am exporting this volume.
Login to the linux server and mount the volume.
I am creating few files in the snaplock volume.
I can able to list and read that files.
But i can't able to delete that file.
Same as i am mounting another volume which doesn't have snaplock option.
In this volume i can able to create a new files.
Same time i can able to delete the files also.