Was heißt denn "sicherer" Speicher?


Protections against data loss

The LRZ Cloud storage is located in the computer cube of the Leibniz Computing Center. This computer building is designed as a "dark center", which means that people do not normally have access to it.

Cloud storage data is first stored on a primary storage system and replicated within 60 minutes to a replication system in a separate fire protected area. In addition, tape copies of all data are created.

Both the primary and replication systems are protected against the simultaneous failure of at least two disks per RAID group. The file system has built-in checksums that provide unique detection of both defective and misplaced data blocks, guaranteeing data integrity.

An automatic, regular so-called scrubbing of all data finds and repairs defective data blocks even in rarely used files. In addition, users can restore damaged or deleted files at any time, even from snapshots going back several weeks.

The automatic data backup of the cloud storage is described here.


For long-term archiving of data, the archive and backup service offered by the LRZ can also be used. Here, the data is stored twice in two physically separate data centers on magnetic tapes (shelf life: approx. 25 years) and regularly copied over to current tape technology. Terms for usage have to be agreed separately.

Protection against unauthorized access

The data on the central storage is protected by access rights and is generally as secure as your own password. To further protect your data (e.g. from access by administrators, spying in transit), you can additionally encrypt your data.

Was sind und wie funktionieren Snapshots?


Snapshots provide an easy way to reconstruct accidentally deleted, modified or damaged files or directories. Any user can find and restore older versions themselves (user-controlled recovery) without having to contact an administrator, service desk, etc.

How do snapshots work? The storage system automatically and regularly takes snapshots of all files and directories that exist in a file store at the time of the snapshot. Thus, snapshots are not a type of backup copy of every version of a file or directory that has ever existed, but only specific versions at defined points in time.

Snapshots created by the storage system can only be read (read only). However, files or directories restored from these snapshots can be edited again as normal. The space used by snapshots on the file server is not counted against the quota set for the area (=usable space). For snapshots, an additional storage area (default 5% of the volume size) is reserved when a storage volume is created. However, in special cases (e.g., infrequent, very large changes to the entire dataset), snapshots may consume more disk space than is allocated for them. In this case, snapshots reduce the storage space on the file server and the snapshot area is partially resized.

A fixed number of snapshots is always kept: when a new snapshot is created, the file server automatically deletes the oldest snapshot of the same type and rotates the numbering of all other snapshots. There are three different types of snapshots, which are summarized in the following table.

snapshot category

Schedule for creation and storage

hourly

Each x hours, e.g. um 4, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18 and 20 o'clock

The last 42 snapshots are kept.

(„hourly.JJJJ-MM-DD-TTTT“)

daily

Daily at midnight

The last 14 snapshots are kept

(„daily.JJJJ-MM-DD-TTTT“)

weekly

Every week on Sunday at midnight

The last 9 snapshots are kept.

(„weekly.JJJJ-MM-DD-TTTT“)


Restoring data from a snapshot is easy. Here, individual users can restore the data from the snapshots on their own. For example, one can copy an older version of a currently corrupted file to the current directory. It is important to remember that a file must have been present in the file store at the time the snapshot was taken for it to be preserved in the snapshot.

The following figure shows different scenarios of how files are kept in snapshots. For simplicity, only daily snapshots are shown.

File A was created "the day before yesterday" and was captured for the first time in snapshot "daily.1". It is the same with file B, where it was deleted "yesterday" - that is, between daily.1 and daily.0. However, it can be retrieved from the daily.1 snapshot.

File C was created between the snapshots daily.1 and daily.0 and immediately deleted again. Thus it is not present in any of the snapshots and thus cannot be recovered (in reality it would probably be preserved in one of the "hourly" snapshots created "every 4 hours").

File D has been edited and saved several times. So the snapshot "daily.2" contains the state of "Saved 0", daily.1 the state of "Saved 1" but daily.0 only the state of "Saved 3". So these three versions could be retrieved



Zugriff auf Snapshots unter Windows


With Windows, accessing these snapshots is very simple: right-click on the file → "Restore previous versions" → select version → click "OK".





By pressing the "Open", "Copy" or "Restore" buttons you can get an older version of the file or file directory (= folder).


Caution!

A restore will irreversibly overwrite your current version of the document or a directory.


Unfortunately, since the enabling of the SMB2 protocol, appending "~snapshot" in the explorer navigation bar does not work anymore to access the snapshots. There are several solutions to access the snapshots:

  1. You can right-click the folder or file and use the "Previous Version" feature to access the snapshot data, as described above.
  2. You mount the snapshot area on a new drive letter e. g. "\\nas.ads.mwn.de\<identifier>\~snapshot" to access the files in the snapshots of the personal home directory.
  3. You specify in a command line window the path you want to access and append to it a "~snapshot", e.g.: "cd \\nas.ads.mwn.de\<identifier>\~snapshot".

Zugriff auf Snapshots unter Linux


On Linux, you can find the snapshots by mounting as follows:

mount -t cifs //nas.ads.mwn.de/<share_name>/~snapshot <mountpoint> -o username=<lrz-kennung>,domain=ADS


The snapshots can also be found by mounting //nas.ads.mwn.de/<share_name>. Within the mounted directory, you can then change to the directory with the snapshots, for example, by the use of 'cd ~snapshot' (or: cd .snapshot).


Example:

sudo mount -t cifs //nas.ads.mwn.de/tuxy/abc/~snapshot /home/ne23mek/online_dateien -o username=<lrz-kennung>,domain=ADS


The figure shows how a list of snapshot folders can look on Linux.

Zugriff auf Snapshots unter Mac OS


On macOS, in addition to using a terminal, you can also use the Finder to go directly to the Snapshot folder. To do this, select "Go to ..."/"Go to folder ..." in the Finder.


Zugriff auf Snapshots über die WebDisk


The access via webdisk requires a workaround. In the webdisk, select the folder where the desired file is located. With a right click select "View and edit", subitem "Link to file / folder".



This will first give you a direct link to the folder. Type this link in the address bar of a new browser window and add "/~snapshot" to the end:



Then a directory opens that lists all snapshots in a folder structure:






  • No labels