Skip to main content

Configuring SnapLock

You must install the SnapLock license, initialize the ComplianceClock, create and configure a SnapLock aggregate and volume, and mount the volume before you can commit files to WORM.

  1. Installing the license
    A SnapLock license entitles you to use both SnapLock Compliance mode and SnapLock Enterprise mode. SnapLock licenses are issued on a per-node basis. You must install a license for each node that hosts a SnapLock aggregate.
  2. Initializing the ComplianceClock
    The SnapLock ComplianceClock ensures against tampering that might alter the retention period for WORM files. You must initialize the system ComplianceClock on each node that hosts a SnapLock aggregate. Once you initialize the ComplianceClock on a node, you cannot initialize it again.
  3. Creating a SnapLock aggregate
    You must create a SnapLock aggregate before creating a SnapLock volume. The Compliance or Enterprise SnapLock mode for the aggregate is inherited by the volumes in the aggregate.
  4. Creating a SnapLock volume
    You must create a SnapLock volume for the files or Snapshot copies that you want to commit to the WORM state. The volume inherits the SnapLock mode—Compliance or Enterprise—from the SnapLock aggregate, and the ComplianceClock time from the node.
  5. Mounting a SnapLock volume
    You can mount a SnapLock volume to a junction path in the SVM namespace for NAS client access.
  6. Setting the retention time
    You can set the retention time for a file explicitly, or you can use the default retention period for the volume to derive the retention time. Unless you set the retention time explicitly, SnapLock uses the default retention period to calculate the retention time.
  7. Verifying SnapLock settings
    You can use the volume file fingerprint start and volume file fingerprint dump commands to view key information about files and volumes, including the file type (regular, WORM, or WORM appendable), the volume expiration date, and so forth.
  8. Resetting the ComplianceClock for an NTP-configured system
    When the SnapLock secure clock daemon detects a skew beyond the threshold, the system time is used to reset both the system and volume ComplianceClocks.