Articles in this section

Managing Protection Policies

Sara Levy
  • Updated
Follow

Note

Protection policies are used in local backup, in backup to S3 and in native replication.

Overview of Protection Policies

A protection policy is a reusable configuration that defines a schedule for taking snapshots and optionally replicating them to a specified native replication peer or S3 replication peer. It defines how long to retain local snapshots. If the purpose of a protection policy is remote backup to either S3 or a native replication peer without local snapshot retention, then this is achieved by defining no retention for local snapshots.

Once defined, a protection policy can be specified in the configuration of a protected path which protects a specific data path using the specified protection policy.

For example, you could set snapshots and S3 backup to be done on July 1st, 2020 at midnight and then once every day. Snapshots would be taken every day at midnight beginning July 1st and replicated to an S3 replication peer.

Creating a Protection Policy via VAST Web UI

  1. From the left navigation menu, select Data Protection and then Protection Policies.

  2. Click + Create Protection Policy.

  3. In the Add Protection Policy dialog, complete the fields:

    Field

    Description

    Policy name

    Enter a name for the protection policy.

    Peer

    Optionally select eipher a replication peer or an S3 replication peer from the dropdown. This defines the peer as a target to which snapshots are copied.

    To create a new native replication peer, see Managing Replication Peers.

    To create a new S3 replication peer, see Managing S3 Replication Peers.

    Snapshot prefix

    Enter a prefix for the snapshot names.

    The name of each snapshot will be <prefix>_<timestamp>, where <prefix> is the prefix specified here and <timestamp> is the time the snapshot is created, in the format yyyy-mm-ddTHH:MM:SS.SSSSSSzzz (T denotes time and doesn't represent a value, zzz is the timezone, and the time is accurate to the microsecond). For example, if the prefix is dev, a snapshot taken at 8:15 pm UTC on 20th November 2024 would be named dev_2024-11-20T20:15:06.144783UTC.

  4. If you want to make the protection policy indestructible, enable the Indestructible setting. This setting protects the policy and its snapshots from accidental or malicious deletion. For more information about indestructibility, see Keeping Indestructible Backups.

    Caution

    After saving the protection policy, you won't be able to delete the policy or disable its indestructibility without performing a procedure for authorized unlocking of the cluster's indestructibility mechanism.

    Note

    If a replication peer is configured, the indestructibility setting will be replicated to the peer.

  5. Set up one or more replication schedules:

    Note

    If you want to set up multiple schedules, click the Add Schedule button to display more scheduling fields in the dialog.

    • To set the start time, click in the Start at field. In the calendar that appears, click the start date you want and adjust the start time:

      Set_start_time.png

      Note

      When a protected path is active, it performs an initial data sync to the replication peer or S3 replication peer (if applicable) immediately after being created. The initial sync creates the first restore point. Therefore, the restore point created on the start date is in fact the second restore point.

    • To set a period, select a time unit from the Period dropdown and enter the number of time units in the Every field.

      Note

      The minimum interval is 15 seconds.

  6. Configure local snapshot retention:

    • If you want to retain local snapshots, set the Keep local copy for period. This is the amount of time for which local snapshots are retained on the local cluster.

      Select a time unit from the Period dropdown and enter the number of time units in the Keep local copy for field.

    • If you do not want to keep local snapshots, leave the Keep local copy for field blank. Snapshots will be deleted immediately after they are replicated to the destination peer.

  7. If a replication peer is selected, set the Keep remote copy for period. This is the amount of time restore points are retained on the replication peer.

    Select a time unit from the Period dropdown and enter the number of time units in the Keep remote copy for field.

    Note

    This setting applies only to replication peers and not to replication S3 peers. Restore points are not deleted from replication S3 peers.

  8. Click Create.

    The protection policy is created and listed in the Protection Policies page.

Modifying a Protection Policy via VAST Web UI

To modify the configuration of a protection policy, click ActionsButtonGUI2.png to open the Actions menu for the policy and select Edit. Make your changes and then click Update.

Note

You cannot add a replication peer to an existing protection policy that has no replication peer.

Note

Modifying a protection policy that has the indestructible setting enabled requires that the indestructibility mechanism is unlocked on the cluster.

Removing a Protection Policy via the VAST Web UI

To remove a protection policy, click ActionsButtonGUI2.png to open the Actions menu for the policy and select Remove. Click Yes to confirm the removal.

Note

Removal of an indestructible protection policy requires first unlocking the cluster's indestructibility mechanism.

Managing Protection Policies via VAST CLI

To manage protection policies via the VAST CLI, use the following commands.

Task

Command 

Display protection policies

protectionpolicy list

Display details of a specific protection policy

protectionpolicy show

Create a protection policy

protectionpolicy create

Modify a protection policy

protectionpolicy modify

Delete a protection policy

protectionpolicy delete

Related articles

Comments

0 comments

Article is closed for comments.