Details

We’ve already talked in deep about the features and the advantages of FreeNAS as storage resource: in this article we focus on how to create, use and restore snapshots in a very easy and practical ways.

A snapshot can be described as a “photography” of the storage state in a certain point in time that allows the so called “roll-back” to a previous situation. Thanks to the Copy-on-Write method of ZFS, described in the a previous article, snapshot operations are quick and take a few space. Starting from a functioning FreeNAS installation with a configured storage, the most common situation we encounter is a ZFS volume which is mapped to one or more shared network folders. Such shares can be attacked by a ransomware or can be simply accidentally or partially deleted. In a situation like this, the presence of properly configured snapshots can be a life-saving solution.

We’ll first analyse the required steps with FreeNAS, then we’ll cover the activities on the Windows client. First of all, we must enable the sharing service (CIFS) and create the folder to share: for the sake of simplicity in our example we’ll use just one folder that corresponds the entire storage available for this test.

Activating sharing services
From the “Services” menu voice you can activate NFS, CIFS and AFP (for the Apple world) sharing protocols
Creating network shares
From the “Sharing” menu voice you can decide the typology of shared folder (AFP, NFS, WebDAV, CIFS, iSCSI) and go on with the creation based on the available volumes
Shared folders management
For each type of share you can consult a list of the active ones, modify and -if needed- delete them

After a share is created, we can enable the automated snapshot creation which can be planned by defining an execution window, how long they can be kept in memory, days of the week to run and the interval between failed attempts. From the list of performed snapshots we can choose, for each one, three main operations: cloning, deleting or doing the roll-back. This last option is the one we are interested in: it allows to restore storage exactly at the state it was when the snapshot was taken.

Creating a snapshot
From the “Storage” menu item you can access to the creation of snapshots, and you can also set some functioning parameters
Controlling tasks
Once the operation is completed, from the “Periodic Snapshot Task” you can control the list of active snapshot processes that can be modified or deleted
Control available snapshots
From the “Snapshots” sub-menu you can consult a list of available snapshots and do operations like delete, clone and roll-back

At this point we can go to the Windows client and verify the proper access to the network folders. We can directly observe the functioning of snapshots: after removing some folders we have performed a roll-back and in slide 5 we can note how the restore went on very well.
Controlling access privileges
Once the sharing is activated, it’s fundamental to verify that you can access to the shared folder from the Windows client with proper writing and reading privileges
Restoring files and folders states - 1
Initial state: the shared folder is working and correctly contains files and folders
Restoring files and folders states - 2
As a result of an user’s mistake or a ransomware attack, the folder is compromised or part of the content is deleted (in the example, folder test2)
Restoring files and folders states - 3
From the snapshot management panel you can do roll-back the storage up to the interested point
Restoring files and folders states - 4
The state of the folder comes back to the starting point and the “test2” subfolder is correctly restored with its content

The example we’ve covered refers to a testing situation that is extremely simplified, but it’s a starting point for the setup in real production conditions with all the related difficulties. It’s important to specify that the management of permissions, folders, sub-folders and related snapshots can be way more granular that the one described in this article. FreeNAS allows the creation of Dataset and dedicated volumes (which can be used to create network shares with a total management of access privileges), each one with snapshot task and restore options.

About the Author

Lorenzo Bedin

Lorenzo graduated in Telecommunication Engineering and works as freelance IT consultant, after a period of training as systems analyst. Currently he provides hardware solutions, virtualized infrastructures and websites.

More articles from this author