ONTAP Discussions

Snaplock Compliance Clock

jon_presti
5,889 Views

Straight forward question I can't seem to find an answer to in the blogs here.

If I have a snaplock compliance volume running and have to take it offline and literally move it somewhere else, where power will be lost.  Or I simply lose power to the server room.  What happens with the compliance clock...  Can I still resync it when the power is reapplied, say a week later?

Thanks in advance

Presti

1 ACCEPTED SOLUTION

netappgeek
5,889 Views

Yes, the ComplianceClock is separate from the system clock.

The only catch here is bounded drift correction (can only change by one week per year) -- so if the system is shut down for a very long period (like a month), it will take several years for the ComplianceClock to catch up to "real" time. This means that if the customer has a disastrous outage, at the end of the retention period, the customer may need to wait slightly longer to delete expired files. However, this is a safe implementation from a compliance perspective, assuring that files under SnapLock protection can never be prematurely deleted.

Read TR-3618 for more details:  http://media.netapp.com/documents/tr-3618.pdf

-Brian

Geek ONTAP: www.netappgeek.com

View solution in original post

4 REPLIES 4

netappgeek
5,889 Views

There is no way to manually resync it.  The ComplianceClock is a software clock (independent from the system clock), so it will not run during the outage, but its last state will be persistently stored before shutdown.  The ComplianceClock will drift forward to the system clock at the rate of one week per year. This prevents any tampering with the retention date.

Answer your question?

-Brian

Geek ONTAP: www.netappgeek.com

jon_presti
5,891 Views

Then phase two of the question is, are there any ramifications if the clock is off by lets say a month?  Does it care, since there is a seperate clock running there?

netappgeek
5,890 Views

Yes, the ComplianceClock is separate from the system clock.

The only catch here is bounded drift correction (can only change by one week per year) -- so if the system is shut down for a very long period (like a month), it will take several years for the ComplianceClock to catch up to "real" time. This means that if the customer has a disastrous outage, at the end of the retention period, the customer may need to wait slightly longer to delete expired files. However, this is a safe implementation from a compliance perspective, assuring that files under SnapLock protection can never be prematurely deleted.

Read TR-3618 for more details:  http://media.netapp.com/documents/tr-3618.pdf

-Brian

Geek ONTAP: www.netappgeek.com

jon_presti
5,891 Views

Thank you for the information.

All the best,

Presti

Public