Setting up IBM Spectrum Scale immutable filesets as WORM file volumes

You can configure IBM Spectrum® Protect to provide Write Once Read Many (WORM) protection for archived data by using IBM Spectrum Scale immutable filesets.

Before you begin

For the data retention protection server, that is, the IBM Spectrum Protect server that is enabled with data retention protection through IBM Spectrum Protect for Data Retention, ensure that the following prerequisites are met:
  • IBM Spectrum Protect for Data Retention is at Version 8.1.8 or later.
  • The IBM Spectrum Scale clustered file system that provides the immutable fileset is mounted on the server. In this configuration, the data retention protection server must be a member of the IBM Spectrum Scale cluster.

    Alternatively, the data retention protection server can be a member of a separate IBM Spectrum Scale cluster. In this case, the IBM Spectrum Scale file system with the immutable fileset can be mounted remotely through IBM Spectrum Scale remote or cross-cluster mount operations. For instructions, see the IBM Spectrum Scale documentation.

For the IBM Spectrum Scale file system, ensure that the following prerequisites are met:
  • The IBM Spectrum Scale file system is at V5.0.1 or later.
  • The IBM Spectrum Scale cluster is active.
  • The node that runs the data retention protection server is active and the IBM Spectrum Scale file system that provides the immutable fileset is mounted.

About this task

IBM Spectrum Scale immutability features can prevent files from being changed or deleted unexpectedly. You can integrate IBM Spectrum Protect for Data Retention together with IBM Spectrum Scale immutable filesets to provide WORM protection for archived data on your IBM Spectrum Protect server.

To enable this integration, you must connect to the IBM Spectrum Protect for Data Retention server through an application programming interface (API) to archive, retrieve, and query archived objects. During the archive operation, the retention period for the data object is configured in the IBM Spectrum Protect for Data Retention server and an application cannot modify or delete the data during the retention period. When the retention period expires, the application can delete the object, but not modify its content.

Figure 1. Architecture of solution that combines IBM Spectrum Protect for Data Retention with IBM Spectrum Scale immutable filesets
The image depicts the high-level architecture of a solution that combines IBM Spectrum Protect for Data Retention with IBM Spectrum Scale immutable filesets to provide WORM protection.

Procedure

To set up an IBM Spectrum Scale immutable fileset for use as an IBM Spectrum Protect WORM FILE volume, complete the following steps:

  1. On the IBM Spectrum Scale file system where storage pool data is stored, create an immutable fileset. For the immutable fileset, ensure that the integrated archive manager (IAM) mode is set to compliant-plus and that the data retention protection server has read and write access. For more information, see the Creating immutable filesets and files topic in IBM Spectrum Scale documentation.
  2. Install and configure an IBM Spectrum Protect server.
  3. Enable archive data retention protection by issuing the SET ARCHIVERETENTIONPROTECTION command: 
    set archiveretentionprotection on
  4. Set up policy by using the DEFINE COPYGROUP command. Select RETVER and RETMIN values in the archive copy group that meet your requirements for protecting this data in WORM storage. If the RETVER or RETMIN values are not specified, the default management classes values are used.
  5. On the IBM Spectrum Protect server, set up storage by using the DEFINE DEVCLASS command:
    • Specify the FILE device class.
    • Specify the DIRECTORY parameter to point to the directory or directories on the immutable fileset.
  6. Define a storage pool by using the device class that is defined in the previous step by issuing the DEFINE STGPOOL command and specifying the RECLAMATIONTYPE=SNAPLOCK parameter.
    Restriction:

    If you protect your data by using WORM-protected file volumes that are stored in an IBM Spectrum Scale immutable fileset, you must specify the DATAFORMAT parameter value as NONBLOCK. Otherwise, write errors will occur during write operations to these volumes.

  7. Create domain, management classes, and archive copy groups with the destination pool pointing to the storage pool. Specify either event-based retention or chronological-based retention.
    • If you data is managed by event-based retention, IBM Spectrum Protect initially sets the retention period to the greater of the RETVER and RETMIN values for the archive copy group. For more information, see Configuration of WORM-protected file volumes for event-based retention.
    • If data is managed by chronological-based retention, the expiration time for the data is fixed according to the RETVER copy group parameter. IBM Spectrum Protect initially sets the retention period to the greater of the RETVER and RETMIN values for the archive copy group.
  8. Assign a node to the created domain.
  9. Optional: Specify the RETENTIONEXTENSION server option to specify the number of days to extend the retention date of the storage pool volume. For example, specify: setopt retentionextension 10
    This step might be necessary if the retention period of the storage pool volume has expired but not all archived objects stored in the volume have expired. This situation can occur if archived objects are associated with event-based retention or subject to a legal hold.
  10. Update the copy group to point to the storage pool by issuing the UPDATE COPYGROUP command.
  11. Optional: Enable an expiration schedule or expire inventory manually by issuing the EXPIRE INVENTORY command.
  12. Use the IBM Spectrum Protect API to archive your objects into the SnapLock storage pool. This feature is not available on standard IBM Spectrum Protect backup-archive clients.

What to do next