Recently I discussed how primary storage, thanks to the use of replication and snapshots, can take a larger role in the data protection and application recovery process. We call this the “Primary Storage Data Protection Strategy”. But, to be effective, this strategy requires three storage systems: two locally and (at least) one remote system in a Disaster Recovery site. Thanks to software-defined storage and the commoditization of storage hardware, an increasing number of companies can now afford this protection strategy. But no company should consider this a complete data protection strategy.
Snapshots Can’t Last Forever
Most modern storage systems use redirected snapshots instead of copy-on-write snapshots. Redirection adds almost no overhead to the snapshot process and allows for a much higher number of snapshots to be active on a storage system. These types of snapshots are also very space efficient, only consuming capacity as old data is updated. New data also consumes storage space but that consumption would have occurred with or without the snapshot.
The real capacity impact of a snapshot is felt when data under snapshot protection is changed. For the snapshot to be valid the old version of that data has to be maintained. As a result, the more snapshots that a system has active and the longer those snapshots remain so, the more of a storage system’s capacity will have to be allocated to snapshots.
Eventually, the storage manager will want to retire older snapshots to free up capacity. But the question is when and where?
When to Retire a Snapshot
The good news, again thanks to the declining cost of storage, is that snapshots can be held for a much longer period of time than in the past. Considering that the large majority of restores are from the most recent protected copy of data, the actual need for snapshotted data could be less than 24 hours. To be safe, an organization may want to keep 48 hours to a week’s worth of snapshots.
Where To Retire a Snapshot
Once data ages beyond this 48 hour window, speed of restoration becomes less of an issue, replaced by a need for cost effective storage and data integrity. Here tape from companies like FujiFilm becomes a much more viable data protection strategy. We suggest that after a snapshot is taken that it be mounted to a backup application and copied to tape. That tape should then be copied again for off-site data placement. Then, in a few days time, the snapshot can be released and capacity returned to the storage system.
Redundancy is Not a Backup
The IT team at Google believes that data is not backed up until it lands on tape, multiple tapes actually. At the FujiFilm Global IT Executive Summit the Google team described a data protection infrastructure that was similar in design to Storage Switzerland’s Primary Storage Data Protection Strategy. They had similar concerns about counting on primary storage redundancy.
The first concern is that corruption and deletions replicate very well. If the corruption is not caught within the 48 hour window that we suggest above, then data loss can result. Also, in the above design, all the storage devices will typically run the same storage software stack, a process that can lead to the same latent bugs in the code.
While the chances of everything going wrong at once are very slim, the consequences if they do are great enough that another layer of protection is needed. We think tape is ideal for this role. It is cost effective so multiple copies can be made and consumes no power and almost no space while at rest. Tape is also a different form of media all together, providing a measure of protection in its diversity.
Finally, reliability of tape is actually higher than that of disk, as long as it’s not damaged in transport. As we will discuss in our next column, transport issues can be addressed by creating a touch-less tape environment, something that the Primary Storage Data Protection Strategy enables quite nicely.
The Primary Storage Data Protection Strategy combined with a solid secondary device like tape can provide robust data protection, meeting both short-term data protection objectives and long-term data retention needs. The two compliment each other quite well and make data protection a more simple, more reliable and more cost effective task than ever before.