Snapshot Backup and Point-in-Time Recovery¶

The Host Server 3.7 supports Snapshot Backups and Point-in-Time (PIT) Recovery. PIT Recovery involves rolling back the complete state of a Space to a previous point in time. When this is done, all data (files and versions) and meta-data (for example, invited users and access rights) are restored to the state at the specified point in time.

In particular, all files that were deleted subsequently to the point in time, will be undeleted, and all changes to files after the point in time will be removed.

Note

Snapshot Backups are not a substitute for regular backups of the Host Server data. In other words, the Snapshot Backup functionality does not guarantee the durability of data on the Host Server. This must be assured by using an Object Store, RAID storage and/or other methods of guaranteeing data persistance (see Backups and Monitoring).

The purpose of Snapshot Backups is to allow PIT recovery on the TeamDrive Client.

Snapshot Backups¶

In order to restore a Space to a previous point in time, Snapshot Backups must be enabled for the Space. When Snapshot Backups are enabled, the Host Server periodically makes a “Snapshot” of the state of a Space. This is done by the “Create Snapshots Task” (see Create Snapshots Task).

A Snapshot contains the data required to restore a space to the point in time at which the Snapshot was made.

The storage requirement of a Snapshot is minimal and will be stored in the host server database, so frequent (for example, every 30 minutes) snapshots are possible. However, when Snapshot Backups are enabled, the files of the Space will not be actually deleted, although they will be reported as deleted by the TeamDrive Client. Deleted files are associated with a particular Snapshot, and are only removed when the Snapshot is deleted.

A maximum Snapshot age may be specified for a Space. Snapshots that reach this age are automatically deleted, and the associated deleted files as well.

Because file data is not deleted until the Snapshot Backup is deleted, the Space requires additional storage proportional to the maximum age of Snapshots in the Space.

Enabling and Disabling Snapshots¶

Snapshot Backups are enabled at the Space level. This setting may be changed by the TeamDrive Client or in the Host Server Admin Console.

If not specified when creating a Space, the setting EnableSnapshotsByDefault determines whether Snapshot Backups are enabled for the Space or not (see EnableSnapshotsByDefault for details).

When the global setting, SnapshotsEnabled, (see SnapshotsEnabled) is set to False, the Host Server will not create Snapshot Backups for any Spaces. This means that if SnapshotsEnabled is set to False then the Space level setting is ignored.

When Snapshot Backups are disabled at the Space level, all existing Snapshot Backups are deleted. This does not occur immediately, but is scheduled to by done in the background by the “Delete Snapshots Task” ( see Delete Snapshots Task)

Setting SnapshotsEnabled to False does not delete existing Snapshots.

Snapshot Settings¶

The Snapshot Backup frequency and the Maximum Snapshot Age are both set at the Space level. This can be done using the TeamDrive Client or the in the Host Server Admin Console.

If these values are not set, or are set to zero, at the Space level, then the global defaults apply (see DefaultSnapshotFrequency and DefaultSnapshotMaximumAge, for details).

Snapshot Consolidation¶

Snapshots are automatically consolidated after a certain time. The process of consolidation combines several Snapshot Backups into one. Consolidation is performed in order to decrease the total number of Snapshots per Space.

By default, all Snapshots on a day are consolidated into a single Snapshot after 30 days, and all Snapshots in a month are consolidated into a single Snapshot after 365 days.

The first threshold of 30 days can be modified by changing the ConsolidatePerDayAfter global setting. The second threshold of 365 days can be modified by changing the ConsolidatePerMonthAfter setting (see ConsolidatePerDayAfter and ConsolidatePerMonthAfter).

Consolidation is done by the “Consolidate Snapshots Task” (see Consolidate Snapshots Task).

Restoring a Snapshot¶

Restoring a Snapshot is initiated by the TeamDrive Client. When a user wishes to restore a Space to a previous point in time, the TeamDrive Client displays a list of available Snapshots specified by the time the Snapshot was made.

After the user selects a time, the TeamDrive Client “rewinds” the local copy of the Space to the specified point in time. The user can then check the contents of the Space to confirm if the correct point in time has been found. If necessary, the user can move forward or backward in time, depending on which other Snapshots are available.

During this process the local copy of the Space is in “read-only” mode. This means that data can be copied out of the Space, but no changes may be made to the Space.

When the user is satisfied with the selected Snapshot he/she may “commit” the Snapshot which causes the restore of the Space to the selected point in time to become permanent for all users. Alternatively the user can cancel the process and return the local copy of the Space to the present time.

Note

Once a Snapshot restore is committed a Space can no longer be returned to a later point in time. The data in the Space after the select recover point in time is no longer accessable and will be permanently deleted (see Cleanup File Data below).

The restore process can be used to retrieve a previous copy of a file or directory in a Space. Since the restore process involves changes only to the local copy of the Space, if the restore is not committed, other users in the Space will not be effected in any way.

After a Snapshot restore has been committed, other users in the Space will be required to perform a Restore on the Space before they can continue using the Space. The TeamDrive Client indicates when a restore is pending for the Space.

Cleanup File Data¶

Cleanup File Data is a process that is triggered after a Snapshot restore. The process removes file data no longer referenced by a Space due to the restore. This process runs in the background, but may prevent a second Snapshot restore from being performed immediately after a previous restore. If this occurs you are required to wait until the Cleanup Process is complete.

The Cleanup Process is initiated by the TeamDrive Client that performed the Snapshot restore. Because the data of a Space is encrypted on the Host Server, the server cannot tell which files and versions are still in use after a restore. As a result, the TeamDrive Client builds a list of the data that is still in use and sends this to the server.

Once the server receives the list, the deletion process proceeds automatically in the background (see Cleanup File Data Task) without any further client interaction. However, if the TeamDrive Client that performed the restore, is shutdown by the user before it can deliver the list of data in use, then Cleanup Process cannot be completed.

In this case unused file data on the server will not be deleted and the Space disk usage on the server will remain at an inflated level. In order to repair this situation it will be possible to initiate a Cleanup File Data process manually in a future version of the TeamDrive Client.