Re: [zfs-discuss] On-write Automatic Snapshot

Mon, 22 May 2006 08:47:12 -0700 

Alex Barclay wrote:

Apologies if this has been addressed, but looking at some of the sun
blogs and google searches I have not been able to find an answer.

Does ZFS support on write automatic snapshots?

For example, according to defined policy, every time a file is written
a snapshot is created with the diff stored. I can see this being
useful in high security environments and companies that have extreme
regulatory requirements.


I don't think you really want every write, do you ?

Do you really want a snapshot taken very time some application does this:

        buf_size = 1 byte.
        while (some_condition)
                write(fd, buf, buf_size);
        
What if you have 2 such apps or 10 or 100 ?
Those snapshots wouldn't really be that useful plus it would be very difficult to know which of them are actually useful - if any. What if the app is making the disk run at full speed 1 byte at time, thats a lot of snapshots in a second!
I claim to be a security person and I don't see how that amount of snapshots is actually good from a security view point. If you really do want to know about all the writes we can already do that using Solaris BSM Audit. I believe this is actually better info than taking snapshots since the audit trail will tell you exactly who did what to what where they came from and down to a nanosecond (IIRC) when it happened.
Now if what you really mean is snapshot on file closure I think you might well be on to something useful. Whats more NTFS has some cool stuff in this area for consolidating identical files. The hooks that would need to be put into ZFS to do snapshot on file close could be used for other things like single instance storage (though isn't that the opposite of ditto blocks on user data hmn whats the opposite of ditto :-)).
> If not, would there be a way besides scripts/programs to emulate this feature? 

Why not scripts and programs how else would we do it ?
You could do this with a very simple dtrace script that uses system() to do the zfs snapshot.
You can also use dtrace to simulate the every single write case and see for yourself the massive explosion of snapshots that would occur as a result. 

--
Darren J Moffat
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss

Reply via email to