OceanStor Dorado 6.1.x HyperLock Feature Guide
Uploaded by
jarekscribd23OceanStor Dorado 6.1.x HyperLock Feature Guide
Uploaded by
jarekscribd23OceanStor Dorado
6.1.x
HyperLock Feature Guide
Issue 06
Date 2023-10-31
HUAWEI TECHNOLOGIES CO., LTD.
Copyright © Huawei Technologies Co., Ltd. 2023. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior
written consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees
or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute a warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.
Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: https://e.huawei.com
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. i
Security Declaration
Product Life Cycle
Huawei's regulations on product life cycle are subject to the Product End of Life Policy. For details about
the policy, see the following website:https://support.huawei.com/ecolumnsweb/en/warranty-policy
Vulnerability
Huawei's regulations on product vulnerability management are subject to "Vul. Response Process". For
details about the policy, see the following website:https://www.huawei.com/en/psirt/vul-response-process
For enterprise customers who need to obtain vulnerability information, visit:https://
securitybulletin.huawei.com/enterprise/en/security-advisory
Preconfigured Digital Certificate
Huawei has released the Huawei Preset Digital Certificate Disclaimer for the preconfigured digital
certificates delivered with devices. For details about the disclaimer, visit the following website:https://
support.huawei.com/enterprise/en/bulletins-service/ENEWS2000015789
Life Cycle of Product Documentation
Huawei released the Huawei Product Documentation Lifecycle Policy for after-sales customer
documentation. For details about this policy, see the website of Huawei's official website:https://
support.huawei.com/enterprise/en/bulletins-website/ENEWS2000017761
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. ii
OceanStor Dorado
HyperLock Feature Guide About This Document
About This Document
Purpose
This document describes the file system HyperLock feature of storage systems,
including its working principle, application scenarios, configuration process, and
reference information.
NOTE
HyperLock is the WORM feature developed by Huawei. This feature applies to storage
systems of 6.1.3 and later versions.
The following table lists the product models.
Product Model Product Version
OceanStor Dorado 3000 (96 GB memory per 6.1.2
controller) 6.1.3
6.1.5
OceanStor Dorado 3000 6.1.6
6.1.7
OceanStor Dorado 5000 6.1.0
6.1.2
OceanStor Dorado 6000
6.1.3
OceanStor Dorado 8000 6.1.5
OceanStor Dorado 18000 6.1.6
6.1.7
NOTICE
This document is updated periodically with the software version. The operations
described in this document use the latest version as an example. Note that the
supported functions and features vary according to the software version. The
content in this document is for reference only.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. iii
OceanStor Dorado
HyperLock Feature Guide About This Document
Intended Audience
This document is intended for:
● Technical support engineers
● Maintenance engineers
● System administrators
● Users
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Indicates a hazard with a high level of risk which, if not
avoided, will result in death or serious injury.
Indicates a hazard with a medium level of risk which, if not
avoided, could result in death or serious injury.
Indicates a hazard with a low level of risk which, if not
avoided, could result in minor or moderate injury.
Indicates a potentially hazardous situation which, if not
avoided, could result in equipment damage, data loss,
performance deterioration, or unanticipated results.
NOTICE is used to address practices not related to personal
injury.
Supplements the important information in the main text.
NOTE is used to address information not related to personal
injury, equipment damage, and environment deterioration.
Change History
Changes between document issues are cumulative. The latest document issue
contains all the changes made in earlier issues.
Issue 06 (2023-10-31)
This issue is the sixth official release.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. iv
OceanStor Dorado
HyperLock Feature Guide About This Document
Issue 05 (2023-04-20)
This issue is the fifth official release.
Issue 04 (2022-11-15)
This issue is the fourth official release. The updates are as follows:
Updated the section "Configuring and Managing WORM Using CLI Commands".
Issue 03 (2022-08-25)
This issue is the third official release. The updates are as follows:
Updated the description in "Creating a WORM File System".
Issue 02 (2022-01-25)
This issue is the second official release. The updates are as follows:
Optimized descriptions about some operations.
Issue 01 (2021-12-30)
This issue is the first official release.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. v
OceanStor Dorado
HyperLock Feature Guide Contents
Contents
About This Document............................................................................................................... iii
1 Feature Description................................................................................................................. 1
1.1 Overview.................................................................................................................................................................................... 1
1.2 License Requirements and Compatible Products......................................................................................................... 2
1.3 Working Principle.................................................................................................................................................................... 3
1.4 Impact and Restrictions.........................................................................................................................................................9
1.5 Application Scenarios.......................................................................................................................................................... 10
2 Configuring and Managing a WORM File System (System User).............................12
2.1 Configuring a WORM File System.................................................................................................................................. 12
2.1.1 Configuration Process...................................................................................................................................................... 12
2.1.2 Checking the License File of the WORM Feature...................................................................................................13
2.1.3 Creating a WORM File System..................................................................................................................................... 14
2.1.4 Sharing a WORM File System....................................................................................................................................... 33
2.1.5 Setting a File to Enter the Protection State............................................................................................................. 34
2.2 Managing a WORM File System..................................................................................................................................... 37
2.2.1 Viewing the WORM Compliance Clock......................................................................................................................37
2.2.2 Viewing the Properties of a WORM File System.................................................................................................... 38
2.2.3 Modifying the Properties of a WORM File System................................................................................................ 41
2.2.4 Deleting a WORM File System..................................................................................................................................... 52
2.2.5 Viewing File Status............................................................................................................................................................53
2.2.6 Extending the Protection Period of a File................................................................................................................. 54
2.2.7 Manually Deleting an Expired File from a WORM File System.........................................................................54
2.2.8 Creating a Litigation Hold Task.................................................................................................................................... 55
2.2.9 Verifying the File Signature........................................................................................................................................... 57
3 Configuring and Managing a WORM File System (vStore User).............................. 59
3.1 Configuring a WORM File System.................................................................................................................................. 59
3.1.1 Checking the Environment Before the Configuration........................................................................................... 59
3.1.2 Creating a WORM File System..................................................................................................................................... 59
3.1.3 Sharing a WORM File System....................................................................................................................................... 76
3.1.4 Setting a File to Enter the Protection State............................................................................................................. 76
3.2 Managing a WORM File System..................................................................................................................................... 79
3.2.1 Viewing the WORM Compliance Clock......................................................................................................................79
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. vi
OceanStor Dorado
HyperLock Feature Guide Contents
3.2.2 Viewing the Properties of a WORM File System.................................................................................................... 80
3.2.3 Modifying the Properties of a WORM File System................................................................................................ 82
3.2.4 Deleting a WORM File System..................................................................................................................................... 88
3.2.5 Viewing File Status............................................................................................................................................................88
3.2.6 Extending the Protection Period of a File................................................................................................................. 89
3.2.7 Manually Deleting an Expired File from a WORM File System.........................................................................90
3.2.8 Creating a Litigation Hold Task.................................................................................................................................... 91
3.2.9 Verifying the File Signature........................................................................................................................................... 93
A Configuring and Managing WORM Using CLI Commands......................................... 95
B How to Obtain Help............................................................................................................. 97
B.1 Preparations for Contacting Huawei.............................................................................................................................. 97
B.1.1 Collecting Troubleshooting Information....................................................................................................................97
B.1.2 Making Debugging Preparations................................................................................................................................. 97
B.2 How to Use the Document............................................................................................................................................... 98
B.3 How to Obtain Help from Website................................................................................................................................ 98
B.4 Ways to Contact Huawei................................................................................................................................................... 98
C Glossary................................................................................................................................... 99
D Acronyms and Abbreviations........................................................................................... 115
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. vii
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
1 Feature Description
The Write Once Read Many (WORM) feature developed by Huawei is called
HyperLock. It protects the integrity, confidentiality, and accessibility of data,
meeting secure storage requirements.
1.1 Overview
1.2 License Requirements and Compatible Products
1.3 Working Principle
1.4 Impact and Restrictions
1.5 Application Scenarios
1.1 Overview
This section describes the background, definition, and benefits of the WORM
feature.
Background
With the development of technologies and society and explosive increase of
information, secure access and application of data are attached great importance.
As required by laws and regulations, important data such as case documents of
courts, medical records, and financial documents can only be read but cannot be
written within a specific period. Therefore, measures must be taken to prevent
such data from being tampered with. In the storage industry, WORM is the most
common method used to archive and back up data, ensure secure data access,
and prevent data tampering.
Definition
A file protected by WORM enters the read-only state immediately after data is
written to it. In read-only state, the file can be read, but cannot be deleted,
modified, or renamed. The WORM feature can prevent data from being tampered
with, meeting data security requirements of enterprises and organizations.
File systems with the WORM feature configured are called WORM file systems.
WORM can only be configured by administrators. There are two WORM modes:
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 1
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
Regulatory Compliance WORM (WORM-C for short) and Enterprise WORM
(WORM-E). For details about the two modes, see Table 1-1.
Table 1-1 WORM modes
Mode Major Application Scenario
WORM-C This mode applies to archive scenarios where data protection
mechanisms are implemented as required by laws and
regulations.
WORM-E This mode is mainly used by enterprises to implement
internal control.
NOTE
In 6.1.3 and later versions, WORM supports the regulatory compliance mode.
In 6.1.7 and later versions, WORM supports the enterprise compliance mode.
Benefits
Table 1-2 describes the benefits provided by the WORM feature for customers.
Table 1-2 Benefits
Benefit Description
Data tampering Archiving and protecting critical data from being tampered
proof with, the WORM feature helps enterprises and organizations
avoid legal risks in confidential file archiving and reduce
economic loss caused by information leak.
Archive The WORM feature can protect files archived by third-party
protection for software such as CommVault Simpana and Symantec
important data EnterpriseVault authenticated by Huawei. In this way, the
by working with WORM feature can effectively manage and protect important
third-party data of enterprises and organizations.
archive
software
1.2 License Requirements and Compatible Products
This section describes license requirements and specifications of WORM.
License Requirements
WORM is a value-added feature that requires a license.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 2
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
NOTE
To obtain the license, contact your local Huawei representative office or Huawei authorized
distributor.
Specifications
The WORM specifications depend on the product model. For detailed
specifications, refer to the Specifications Query (https://
info.support.huawei.com/storage/spec/#/home).
1.3 Working Principle
This section introduces concepts related to the WORM feature and describes the
working principle.
Basic Concepts
● WORM compliance clock
To prevent users from changing protection periods of files by changing the
system time, storage systems maintain a WORM compliance clock. The
WORM compliance clock includes a global security compliance clock and a
WORM file system compliance clock.
Table 1-3 WORM compliance clock
Clock Type Function Description
Global The storage system When creating a WORM file
security maintains a global security system for the first time, the
regulatory regulatory clock that serves system administrator must
clock as the clock source for all initialize the global security
WORM file systems. regulatory clock. The time of
the global security regulatory
clock cannot be changed
after initialization.
WORM file Each WORM file system The system will automatically
system maintains a regulatory clock. use the global security
regulatory The protection periods of regulation clock to initialize
clock files are based on the the WORM file system
regulatory clock. compliance clock upon the
creation of a WORM file
system. You do not need to
manually initialize the
WORM file system
compliance clock.
The WORM file system compliance clock is calibrated by using the global
security compliance clock per hour. The calibration rules are as follows:
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 3
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
– If the time of the WORM file system compliance clock exceeds that of the
global security compliance clock, set the time value of the WORM file
system compliance clock to that of the global security compliance clock.
– If the time of the WORM file system compliance clock does not reach
that of the global security compliance clock and the time difference
between the two clocks is not larger than 138 seconds, set the time value
of the WORM file system compliance clock to that of the global security
compliance clock. If the time difference between the two clocks exceeds
138 seconds, add 138 seconds to the time value of the WORM file system
compliance clock.
● File states
There are four file states in a WORM file system, as described in Table 1-4.
Table 1-4 File states
State Description
Initial All newly created files are in the initial state. Files in the initial
state can be read, written, and modified by all users.
Locked Files in the locked state cannot be modified, deleted, or
renamed by all users. These files can only be read and their
properties can be viewed.
● In regulatory compliance mode, common users and
administrators cannot delete files in the locked state.
● In enterprise compliance mode, common users cannot
delete files in the locked state, but super administrators
can.
Expired Files in the expired state can be deleted and read and their
properties can be viewed. However, these files cannot be
modified or renamed..
Appending Data can be added to the end of files in the appending state
and these files cannot be deleted, truncated, or renamed.
● File signature
The signature is used to verify the file integrity. The file signature in a WORM
file system refers to the file fingerprint that is automatically calculated when
the file is entering the protection state. For example, if a disk of a WORM file
system malfunctions, you can verify file signatures to ensure that files in the
WORM file system are not damaged after the disk recovery. For details about
the operations, see 2.2.9 Verifying the File Signature.
● WORM properties of a file system
After the WORM feature is configured for a file system, the file system has
the WORM properties. The WORM properties apply to files in the WORM file
system. You can view the WORM properties to determine the lock time and
overdue time of a file. Table 1-5 lists WORM properties of a file system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 4
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
Table 1-5 WORM properties
Property Description
Mode The system supports only the compliance mode.
Min. Protection Minimum retention period supported by the WORM file
Period system. The retention period of a file in the WORM file
system cannot be shorter than this value.
Max. Protection Maximum retention period supported by the WORM file
Period system. The retention period of a file in the WORM file
system cannot be larger than the maximum retention
period.
Default Default retention period supported by the WORM file
Protection system. The retention period of a file in the WORM file
Period system is the default value of the parameter if you do not
set a retention period for the file.
Automatic After the automatic lock function is enabled, files in the
Lockout WORM file system automatically enter the locked state a
specific period of time after data or metadata in the files
is modified.
Lockout Wait Indicates how long files will enter the locked state by
Time default after being modified. This parameter is valid only
when Automatic Lockout is enabled.
Automatic After this function is enabled, a storage system
Deletion automatically deletes expired files.
NOTE
Before enabling this function, ensure that files do not need
protection and can be automatically deleted by the system after
they expire.
● Approaches to sending files to the locked state
Locked files are protected and can be read only. It cannot be modified,
deleted, or renamed. You can use two approaches to enable files in a WORM
file system to enter the locked state.
– Automatic submission for protection
Files in a WORM file system automatically enter the locked state in the
specified period of time (Lockout Wait Time (hours) after the files are
modified.
– Manual submission for protection
Manually remove the write permission of files in a WORM file system or
set files to read-only, and then the files enter the locked state
immediately.
● Overdue time
Each file has the atime property that indicates the point in time of the last
access to the file. For a WORM file, atime indicates the time when the file is
no longer protected by WORM. After a file enters the locked state, atime is
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 5
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
not changed as the file is accessed. The value of atime is calculated in the
following two types of scenarios:
– Automatic submission for protection
No matter whether you set the atime property or not: atime = WORM file
system compliance clock's value after files are modified + Lockout wait
time + Default retention period
– Manual submission for protection
▪ If no atime is set: atime = Current value of the WORM file system
compliance clock + Default retention period
▪ If atime is set but is ≤ Current system clock, atime = Current value of
the WORM file system compliance clock + Default retention period.
▪ If atime is set and Current system clock < atime < Current value of
the WORM file system compliance clock + Minimum retention
period, atime = Current value of the WORM file system compliance
clock + Minimum retention period.
▪ If atime is set but atime > Current value of the WORM file system
compliance clock + Maximum retention period: atime = Current value
of the WORM file system compliance clock + Maximum retention
period
NOTE
For some Linux operating systems, atime set by touch -a -t time file is
regarded as illegal and is truncated by the system. You can run stat file to
check whether the value of atime is the same as the set value. If they are
not the same, the value is truncated by the system. Run chmod ugo-w file
to set the file to locked. atime = Current value of the WORM file system
compliance clock + Default retention period.
▪ If atime is set and Current value of the WORM file system
compliance clock + Minimum retention period ≤ atime ≤ Current
value of the WORM file system compliance clock + Maximum
retention period, atime = Value that you set.
A WORM file system also has the overdue time. The overdue time of the
WORM file system is the time when all files in the WORM file system expire.
Working Principle
With the WORM technology, data can be written to files once only, and cannot be
rewritten, modified, deleted, or renamed. If a common file system is protected by
the WORM feature, files in the file system can be read only within the protection
period. After a WORM file system is created, you need to map it to application
servers using the NFS or CIFS protocol.
WORM enables files in the WORM file system to be shifted between initial state,
locked state, appending state, and expired state, preventing important data from
being incorrectly or maliciously tampered within a specified period. Figure 1-1
shows how a file shifts from one state to another.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 6
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
Figure 1-1 File state shifting
1
Initial state Locked state Expired state
3
5
6
7
Appending
state
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 7
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
1. Initial to locked: You can shift a file from the initial state to the locked state
using the following methods:
– If the automatic lock mode is enabled, the file automatically enters the
locked state a specific period after a change.
– Manually set the file to the locked state. Before locking the file, you can
specify a protection period for the file or use the default protection
period.
2. Locked to locked: In the locked state, you can manually extend the protection
periods of files. Protection periods cannot be shortened.
3. Locked to expired: After the WORM file system compliance clock reaches the
file overdue time, files shift from the locked state to the expired state.
4. Expired to locked: You can extend the protection periods of files to shift them
from the expired state to the locked state.
5. Locked to appending: You can delete the read-only permission of files to shift
the files from the locked state to the appending state.
NOTE
● Only files of 0 bytes can shift from the locked state to the appending state.
● Files in the appending state are protected. When the protection period expires,
data can be added to the end of the files and the files can be deleted.
6. Appending to locked: You can manually set files in the appending state to the
locked state to ensure that files cannot be modified.
7. Expired to appending: You can manually set files in the expired state to the
appending state.
NOTE
Only files of 0 bytes can shift from the locked state to the appending state.
Users can save files to a WORM file system and set the WORM properties of the
files to the locked state based on service requirements. Figure 1-2 shows the read
and write permissions of files in the different states in a WORM file system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 8
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
Figure 1-2 Read and write permissions of WORM files in different states
Initial Readability
WORM file system
The files can
File A be deleted,
modified, and
renamed. Application
File B server
Read
File C
Locked
WORM file system
The files cannot
File A be deleted,
modified, or
renamed. Application
File B server
Read
File C
Appending
WORM file system The files cannot be
deleted, modified, or
File A renamed, but data
can be added to the
Application
end of the files.
server
File B
Read
File C
Expired
WORM file system
The files cannot
File A be modified or
renamed, but can Application
be deleted. server
File B
Read
File C
Write operation
Read operation
File status
1.4 Impact and Restrictions
This section describes the complied standards of the WORM feature.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 9
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
Supported Standards
The WORM feature complies with the Securities and Exchange Commission (SEC)
Rule 17a-4(f) standard.
NOTE
SEC Rule 17a-4(f) is a regulation issued by the SEC in the U.S.A on February 12, 1997. This
regulation specifies data protection features that electronic storage devices must provide to
ensure the reliability of financial securities transaction data.
1.5 Application Scenarios
The WORM feature implements read-only protection for important data in
archived documents to prevent data tampering, meeting regulatory compliance
requirements.
WORM is used to protect important data in archived documents that cannot be
tampered with or damaged, for example, case documents of courts, medical
records, and financial documents.
For example, a large number of litigation files are generated in courts. According
to laws and regulations, the protection periods of litigation files can be set to
permanent, long-term, and short-term based on the characteristics of the files.
Table 1-6 uses litigation files in Chinese courts as an example.
Table 1-6 Protection periods for a variety of files
Characteristics Protection Period
Litigation files that are always Permanent
needed by the court
Litigation files that are needed by the 60 years
court for a long time
Litigation files that are needed by the 30 years
court for a short time
Three WORM file systems can be established to create three WORM file systems
with different file protection periods for the three types of litigation files.
● Permanent: A WORM file system is created for litigation files that are always
needed by the court. Litigation files stored in the file system can be
permanently protected, preventing the files from being accidentally or
maliciously tampered with.
● 60 years: A WORM file system is created for litigation files that are needed by
the court for a long time. Litigation files stored in the file system can be
protected for 60 years, during which litigation files can only be viewed, but
cannot be modified, deleted, or renamed.
● 30 years: A WORM file system is created for litigation files that are needed by
the court for a short time. Litigation files stored in the file system can be
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 10
OceanStor Dorado
HyperLock Feature Guide 1 Feature Description
protected for 30 years, during which litigation files can only be viewed, but
cannot be modified, deleted, or renamed.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 11
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
2 Configuring and Managing a WORM File
System (System User)
2.1 Configuring a WORM File System
2.2 Managing a WORM File System
2.1 Configuring a WORM File System
The process of configuring a WORM file system is similar to that of configuring a
common file system. You just need to set WORM properties when creating the file
system.
2.1.1 Configuration Process
This section describes how to configure a WORM file system.
Figure 2-1 shows the configuration process.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 12
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Figure 2-1 Process of configuring a WORM file system
Start
Check the license file.
Create a WORM file When you create a WORM file system for the first time, you need to
system. initialize the global WORM regulatory clock of the storage system.
Share and access the
WORM file system.
Set a file to enter the
protected state.
End
2.1.2 Checking the License File of the WORM Feature
A license file grants the permission to use a specific value-added feature. Before
configuring a value-added feature, ensure that the license file of the feature is
valid.
Context
● On the DeviceManager interface, WORM is displayed in Feature of
HyperLock.
● To use CIFS/NFS to share WORM file systems, check that the NAS
Foundation license is available.
● To configure the WORM feature for a vStore, check that the SmartMulti-
Tenant license is available.
Procedure
Step 1 Choose Settings > License Management.
Step 2 In the middle function pane, verify that HyperLock is displayed in the feature list.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 13
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTICE
● If no license file has been imported, import a license file by referring to the
initialization guide.
● If HyperLock is not displayed in the feature list, contact technical support
engineers.
----End
2.1.3 Creating a WORM File System
By creating a WORM file system, you can enable the file system to share storage
resources using the file directory.
Prerequisites
Before creating a WORM file system, ensure that:
● The device is working correctly.
● The license file of the WORM feature is valid.
Context
When you create a WORM file system for the first time, the super administrator
must initialize the global WORM regulatory clock of the storage system. There are
two methods to initialize the global regulatory clock:
● Method 1: When creating a WORM file system on DeviceManager for the first
time, enable Global WORM Regulatory Clock to initialize the global
regulatory clock to the current system time and time zone. This section
describes the method.
● Method 2: Run the change system secure_compliance_clock date=?
command on the CLI to initialize the global regulatory clock. For details about
the command, visit Command/Event/Error Code Query.
In the preceding command, you can set the date field in either of the
following ways:
– Enter the time manually in the format year-month-day/
hour:minute:second.
– Use the string now to set the system time of the current device.
You can view the current device time using the Time field in the
command output of the show system general command.
Procedure
Step 1 Choose Services > File Service > File Systems.
Step 2 In the vStore drop-down list in the upper left corner, select the vStore for which
you want to create a file system.
Step 3 Click Create.
The Create File System page is displayed on the right.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 14
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTE
The screenshot is for reference only and the actual displayed information may vary.
For some device models, you can click in the upper right corner of the page to enable
SmartGUI. SmartGUI mines users' historical operation data and builds a configuration
parameter recommendation model based on user profiles to recommend configuration
parameters for the block service and file service. After SmartGUI is enabled, the system
presets parameters based on recommendations when you create a file system. You can click
Modify in the upper right corner to modify the parameters or directly click OK to create a
file system.
Step 4 Set the basic information about the file system.
Table 2-1 describes the parameters.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 15
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Table 2-1 File system parameters
Parameter Description
Name Name of the file system.
[Value range]
● The name must be unique.
● The name can contain only letters, digits, periods (.),
underscores (_), hyphens (-), and characters of different
languages.
● The name contains 1 to 255 characters.
Owning vStore vStore to which the file system belongs.
NOTE
This parameter is mandatory when vStore is set to All vStores in
Step 2.
Description Description of the file system.
NOTE
Description is hidden. To display hidden parameters, select
Advanced.
[Value range]
The description can be left blank or contain up to 255
characters.
Owning Storage Owning storage pool of the file system.
Pool
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 16
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Security Style Select a security style based on service requirements. It is
used to set the access control style of a file system in multi-
protocol mode.
● Mixed
Allows users of both CIFS and NFS clients to access and
control file systems. The last configured permissions
prevail.
NOTE
– If Mixed is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– You are advised to configure a default UNIX user for the CIFS
service in Services > File Service > Authentication Users >
User Mappings > Set Mapping Parameter. The UNIX user
must be an existing local authentication user, NIS domain
user, or LDAP domain user.
– You are advised to configure a default Windows user for the
NFS service in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter. The
Windows user must be an existing local authentication user
or AD domain user.
– Only 6.1.5 and later versions support the Mixed security
style.
● Native
Controls CIFS users' permissions with Windows NT ACLs
and NFS users' permissions with UNIX permissions (UNIX
mode bits, POSIX ACLs, and NFSv4 ACLs). Windows NT
ACLs and UNIX permissions will neither affect nor
synchronize with each other.
– For CIFS share access, Windows NT ACLs determine
whether Windows users have access permission.
NOTE
If Windows NT ACLs do not exist, UNIX mode bits determine
whether Windows users have access permission.
– For NFS share access, access permission of UNIX users
is determined by UNIX permissions.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 17
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
NOTE
– If Native is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– You are advised to configure a default UNIX user for the CIFS
service in Services > File Service > Authentication Users >
User Mappings > Set Mapping Parameter. The UNIX user
must be an existing local authentication user, NIS domain
user, or LDAP domain user.
– You are advised to configure a default Windows user for the
NFS service in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter. The
Windows user must be an existing local authentication user
or AD domain user.
– Only 6.1.5 and later versions support the Native security
style.
● NTFS
Controls CIFS users' permissions with Windows NT ACLs.
NOTE
– If NTFS is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– In addition, you are advised to configure a default Windows
user for the NFS service in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter. The default Windows user must be an existing
local authentication user or AD domain user.
● UNIX
Controls NFS users' permissions with UNIX mode bits or
NFSv4 ACLs.
NOTE
– If UNIX is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– In addition, you are advised to configure a default UNIX user
for the CIFS service in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter. The UNIX user must be an existing local
authentication user, NIS domain user, or LDAP domain user.
– In this mode, the default UNIX permission of the file system
root directory is 755. To change the value, run the change
file_system general file_system_id=? unix_permissions=?
command. For details about the command, visit Command/
Event/Error Code Query.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 18
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
NAS Lock Policy NAS Lock Policy includes Mandatory Lock and Advisory
Lock.
● Mandatory Lock is recommended if clients using
different protocols simultaneously access the same file or
directory.
● Advisory Lock is recommended if high read and write
performance is required and clients using different
protocols do not access the same file or directory
simultaneously.
NOTE
– This parameter is available only when Security Style is set to
Native.
– Only 6.1.5 and later versions support this parameter.
VAAI Indicates whether to enable VAAI. VMware Storage APIs for
Array Integration (VAAI) are a set of APIs that allow ESXi
hosts to offload specific file operations to the storage array.
This enables vSphere to quickly implement key operations
and reduces the usage of the host CPU, memory, and
storage bandwidth for higher efficiency and lower O&M
costs.
● Enabled: The host offloads file operations to the storage
array. Once it is enabled, it cannot be disabled.
● Disabled: VAAI is not used.
NOTE
– Only 6.1.5 and later versions support this parameter.
Step 5 Set the capacity and tuning information of the file system.
Table 2-2 describes the parameters.
Table 2-2 Capacity and tuning parameters
Parameter Description
Capacity Capacity of the file system, which indicates the maximum
capacity allocated to the thin file system. That is, the total
capacity dynamically allocated to the thin file system
cannot exceed this value.
NOTE
● The maximum capacity of the file system cannot exceed the
system specifications. For details about the specifications, see
the Specifications Query tool.
● The storage system uses the following capacity algorithms
defined by Windows: 1 PB = 1,024 TB, 1 TB = 1,024 GB, 1 GB =
1,024 MB, 1 MB = 1,024 KB, and 1 KB = 1,024 bytes.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 19
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Capacity Alarm Alarm threshold of the file system capacity. An alarm will be
Threshold (%) generated when the threshold is reached.
NOTE
● Capacity Alarm Threshold (%) is hidden. To display hidden
parameters, select Advanced.
● Capacity threshold = File system capacity x (1 - Reserved
snapshot space ratio (%)) x Capacity alarm threshold (%)
● The alarm is cleared only when the used capacity of the file
system is smaller than Max {90% of the threshold capacity,
threshold capacity - 1 GB}.
Reserved Percentage of the file system snapshot space to the file
Snapshot Space system capacity.
Ratio (%) NOTE
● The file system space must not occupy the space reserved for
snapshots. For example, if the capacity of a file system is 100 GB
and the reserved snapshot space ratio is 20%, the used capacity
of the file system cannot exceed 80 GB.
● Snapshots can be created when the file system space is full but
the space reserved for snapshots is not full.
● Only 6.1.5 and later versions support this parameter.
Delete Obsolete Indicates whether to delete obsolete read-only snapshots. If
Read-Only used space of the file system reaches the capacity alarm
Snapshot threshold and used space of snapshots is larger than space
reserved for snapshots (source file system capacity x
reserved snapshot space ratio), the system automatically
deletes the oldest non-secure read-only snapshots.
NOTE
● Delete Obsolete Read-Only Snapshot is a hidden parameter.
To display hidden parameters, select Advanced.
● If both Delete Obsolete Read-Only Snapshot and Capacity
Auto-negotiation Policy are enabled, the capacity auto-
negotiation policy is executed first.
● Only 6.1.5 and later versions support this parameter.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 20
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Capacity Auto- The available capacity autonegotiation policies are as
negotiation follows:
Policy ● Not used: The storage capacity used by a file system is
fixed and is not flexibly adjusted by the storage system.
● Auto expansion: The file system capacity is
automatically increased to meet user needs for more
data writes, when the available space of a file system is
about to run out and the storage pool has available
space.
● Auto expansion/reduction: The storage system
automatically adjusts the file system capacity based on
file system space usage. When the available space of a
file system is about to run out and the storage pool has
available space, automatic capacity expansion will be
used to increase file system capacity. When the file
system's storage space is released, it can be reclaimed
into a storage pool and used by other file systems in
data write requests.
NOTE
● Capacity Auto-negotiation Policy is a hidden parameter. To
display hidden parameters, select Advanced.
● If both Delete Obsolete Read-Only Snapshot and Capacity
Auto-negotiation Policy are enabled, the capacity auto-
negotiation policy is executed first.
● Only 6.1.5 and later versions support this parameter.
Auto Expansion When the ratio of the used capacity to the total capacity of
Trigger Threshold a file system is greater than this threshold, the storage
(%) system automatically triggers file system capacity
expansion.
NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion or Auto
expansion/reduction.
● The value of Auto Expansion Trigger Threshold (%) must be
greater than that of Auto Reduction Trigger Threshold (%).
● Only 6.1.5 and later versions support this parameter.
Auto Reduction When the ratio of the used capacity to the total capacity of
Trigger Threshold a file system is smaller than this threshold, the storage
(%) system automatically triggers space reclamation to reduce
the file system capacity.
NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 21
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Auto Expansion Upper limit of automatic capacity expansion.
Upper Limit NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion or Auto
expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Auto Reduction Lower limit of automatic capacity reduction.
Lower Limit NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Application Type Application type of the file system. Preset application types
are provided for typical applications. In file service scenarios,
possible options are NAS_Default, NAS_Virtual_Machine,
NAS_Database, NAS_Large_File, Office_Automation,
NAS_Others, and NAS_EDA.
NOTE
● The Application Request Size and File System Distribution
Algorithm parameters are set for preset application types. The
value of Application Request Size is 16 KB for NAS_Default,
NAS_Virtual_Machine, Office_Automation, NAS_Others, and
NAS_EDA, 8 KB for NAS_Database, and 32 KB for
NAS_Large_File. If Application Type is set to NAS_Default,
NAS_Large_File, Office_Automation, NAS_Others, or
NAS_EDA, File System Distribution Algorithm is Directory
balance mode. In this mode, directories are evenly allocated to
each controller by quantity. If Application Type is set to
NAS_Virtual_Machine or NAS_Database, File System
Distribution Algorithm is Performance mode. In this mode,
directories are preferentially allocated to the controller to which
the shared IP address belongs, improving access performance of
directories and files.
● When SmartCompression and SmartDedupe licenses are
imported to the system, the preset application types also display
whether SmartCompression and SmartDedupe are enabled.
For details, see SmartDedupe and SmartCompression Feature
Guide for File of the desired product model and version.
● Application Type cannot be changed once being configured.
You are advised to set the value based on the service I/O model.
● To create an application type, run the create workload_type
general name=? io_size=? command. For details, visit
Command/Event/Error Code Query.
● You can also run the create file_system general or change
file_system general command to create or modify a file system
respectively. For details, visit Command/Event/Error Code
Query.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 22
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
SmartCache Indicates whether to add the file system to a SmartCache
Partition partition. Adding a file system to a SmartCache partition
shortens the response time for reading the file system.
NOTE
● SmartCache Partition is hidden. To display hidden parameters,
select Advanced.
● This parameter is available only when SCM drives have been
added to the controller enclosure where the file system resides
and a SmartCache partition has been created. For details, see
SmartCache Feature Guide of the desired model and version.
Step 6 If a HyperMetro vStore pair has been created for the selected vStore, you need to
configure HyperMetro for the newly created file system.
Specify Remote Storage Pool for creating a remote file system. The system will
create a remote file system on the remote device of the HyperMetro vStore pair
and add the local and remote file systems to a HyperMetro pair.
For details about HyperMetro, see the HyperMetro Feature Guide for File of the
desired version.
Step 7 Configure shares for the file system.
● Set NFS shares for the file system.
a. Enable NFS.
b. Set Create From. Possible values are Template or New.
▪ Template
Select a share template from the drop-down list box. The system
presets the description and permission of the created share based on
the selected template. You can click Modify on the right of Share to
modify the share information.
▪ New
The read/write permission of all clients is preset in the system, and
the default root permission of clients is root_squash. You can click
Modify on the right of Share to modify the share information.
● Set CIFS shares for the file system.
a. Enable CIFS.
b. Set Create From. Possible values are Template or New.
▪ Template
Select a share template from the drop-down list box. The system
presets the description and permission of the created share based on
the selected template. You can click Modify on the right of Share to
modify the share information.
▪ New
The system presets the full control permission for everyone. You can
click Modify on the right of Share to modify the share information.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 23
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Step 8 Set a quota for the file system.
NOTE
Quota is a hidden parameter. To display hidden parameters, select Advanced.
1. Enable Quota.
NOTE
– The quota switch is disabled by default.
– When the Quota function is disabled, the system does not collect statistics on
quota usage. In this case, hard and soft quotas do not take effect.
2. Click Create.
The Create Quota page is displayed on the right.
3. Specify Quota Type. Possible options are Directory quota, User quota, and
User group quota.
– Directory quota
The directory quota of a file system limits the space usage or file quantity
used by all dtrees in the file system.
NOTE
The directory quota of a file system takes effect only for dtrees whose quota
function is enabled. In addition, the quota of each dtree is limited separately.
– User quota
User quota: limits the space usage or file quantity used by a single user.
i. Click Select.
The Select User page is displayed.
ii. Select the users for which you want to create a quota.
○ If you select All users, the quota limits the space usage or file
quantity of each user in the system.
○ If you select Specified users, click Add. On the Add User page
that is displayed, select the UNIX Users or Windows Users tab,
and select one or more desired users. Then click OK.
NOTE
If you set User Type to Local authentication user, select the desired
users in the list below.
If you set User Type to LDAP domain user, NIS domain user, or AD
domain user, enter the user names in the Name text box.
To remove added users, click Remove on the right of a desired user, or
select one or more desired users and click Remove.
○ If you select Specified user groups, the quota limits the space
usage or file quantity of each specified user group. To add a user
group, click Add. On the Add User Group page that is displayed,
select a user group type and select the desired user groups. Then
click OK.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 24
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTE
If you set User Group Type to Local authentication user group,
select the desired user groups in the list below.
If you set User Group Type to LDAP domain user group or NIS
domain user group, enter the user group names in the Name text
box.
To remove added user groups, click Remove on the right of a desired
user group, or select one or more desired user groups and click
Remove.
iii. Click OK.
– User group quota
User group quota: limits the space usage or file quantity used by a single
user group.
i. Click Select.
The Select User Group page is displayed.
ii. Select the user groups for which you want to create a quota.
○ If you select All user groups, the quota limits the space usage
or file quantity of each user group in the system.
○ If you select Specified user groups, the quota limits the space
usage or file quantity of each specified user group. To add a user
group, click Add. On the Add User Group page that is displayed,
select a user group type and select the desired user groups. Then
click OK.
NOTE
If you set User Group Type to Local authentication user group,
select the desired user groups in the list below.
If you set User Group Type to LDAP domain user group or NIS
domain user group, enter the user group names in the Name text
box.
To remove added user groups, click Remove on the right of a desired
user group, or select one or more desired user groups and click
Remove.
iii. Click OK.
4. Set space quotas.
Table 2-3 describes the parameters.
Table 2-3 Space quota parameters
Parameter Description
Hard Quota Space hard quota. If the quota is reached, the system
immediately forbids writes.
[Value range]
1 KB to 256 PB
The value must be larger than that of Soft Quota.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 25
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Soft Quota Space soft quota. If the quota is reached, the system
generates an alarm but still allows writes. After the hard
quota is reached, the system immediately forbids writes.
[Value range]
1 KB to 256 PB
The value must be smaller than that of Hard Quota.
5. Set file quantity quotas.
Table 2-4 describes the parameters.
Table 2-4 File quantity quota parameters
Parameter Description
Hard Quota File quantity hard quota. If the quota is reached, new
files cannot be added. Operations on existing files are
not affected.
[Value range]
1 to 2 billion
The value must be larger than that of Soft Quota.
Soft Quota File quantity soft quota. If the quota is reached, the
system generates an alarm but new files can still be
added. After the hard quota is reached, new files cannot
be added.
[Value range]
1 to 2 billion
The value must be smaller than that of Hard Quota.
NOTE
– If you do not set the space quota or file quantity quota, the storage system only
collects statistics on but does not control the space usage or file quantity. To view
the statistics about used space quota and used file quantity quota, choose Services
> File Service > Quotas > Quota Reports, and select the desired file system.
– To modify a quota, click More on the right of the quota and choose Modify.
– To delete a quota, select the quota and click Delete above the list or click More on
the right of the quota.
– The parameters for creating a quota are preset. A quota is created for a file system
only after the file system has been created.
Step 9 Configure data protection for the file system.
1. Enable Add to HyperCDP Schedule.
2. Select a HyperCDP schedule to create a HyperCDP object for the file system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 26
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTE
● HyperCDP is a high-density snapshot technology that provides continuous data
protection for file systems. For details about the HyperCDP feature, see HyperCDP
Feature Guide for File of the desired version.
● The system has a built-in HyperCDP schedule NAS_DEFAULT_BUILDIN. The schedule is
executed once an hour (retains the latest three copies), once at 00:05 every day (retains
the latest two copies), and once at 00:10 every Sunday (retains the latest two copies).
● When you create a file system, the system selects the built-in HyperCDP schedule
NAS_DEFAULT_BUILDIN by default.
● A file system can be added to only one HyperCDP schedule. For a file system that has
been added to a HyperCDP schedule, if you want to change its owning HyperCDP
schedule, you need to remove the file system from the original HyperCDP schedule first.
● If a file system has not been added to a HyperCDP schedule during the file system
creation, you can add it to a HyperCDP schedule after the file system is created.
Step 10 (Applicable to 6.1.6 and later versions) If an antivirus server has been configured
for the vStore you selected, you can configure the antivirus service for the file
system.
NOTE
You can choose Settings > File Service > Antivirus Service to check whether the antivirus
server has been configured. If you need to configure the antivirus server, see section
"Configuring Antivirus Servers" in the Security Configuration Guide specific to your product
model and version.
The antivirus server scans the file system based on the preset scan policy. After a
scan policy is configured for the file system, the system automatically creates a
scan task for the file system. You can choose Settings > File Service > Antivirus
Service to manage the task.
1. Enable On-Demand Scan and select an on-demand scan policy.
Select or deselect Scan Now as required. After Scan Now is selected, the
system immediately scans the file system based on the selected on-demand
scan policy. You must set the scan duration.
NOTE
If no on-demand scan policy exists, click Create to customize one.
2. Enable On-Access Scan and select an on-access scan policy.
NOTE
You can click Create to customize a scan policy.
Step 11 Select Advanced in the upper right corner and set the audit log items of the file
system. The system records audit logs of operations on the file system. The audit
log items include Create, Delete, Read, Write, Open, Close, Rename, List
folders, Obtain properties, Set properties, Obtain security properties, Set
security properties, Obtain extension properties, and Set extension properties.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 27
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTE
● To ensure that the selected audit log items take effect, choose Settings > File Service >
Audit Log to enable the audit log function.
● If too many audit logs are generated and the audit log collection speed is lower than
the audit log writing speed, the temporary buffer space may be insufficient, causing
service interruption risks. You are advised to properly configure the items to be audited.
For example, configure only Create, Delete, and Write for a file system.
Step 12 Set advanced attributes of the file system.
Table 2-5 describes the parameters.
Table 2-5 Advanced file system parameters
Parameter Description
Snapshot Indicates whether to visualize the directory of the file
Directory system snapshots.
Visibility
Auto Atime Indicates whether to enable Auto Atime Update. Atime
Update indicates the last file system access time. After this function
is enabled, the system updates the file system access time
based on Update Frequency.
NOTE
Enabling Auto Atime Update compromises the system
performance.
Atime Update Indicates the Atime update frequency. The options can be
Frequency Hourly and Daily.
Snapshot This function is to obtain differential data between file
Comparison system snapshots during incremental backup by backup
software. After it is enabled, file system snapshot
comparison is provided.
NOTE
● Before enabling this function, you are advised to set Snapshot
Directory Visibility to Visible. Otherwise, certain backup
software may be unable to access snapshots.
● Only 6.1.6 and later versions support this parameter.
Step 13 Set the WORM (Write Once Read Many) properties of the file system. The WORM
file system ensures that a file enters the protected state after being written. In this
case, the file cannot be modified, moved, or deleted, but can be read for multiple
times.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 28
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTE
Only 6.1.3 and later versions support the WORM feature.
Due to the sensitivity of a WORM file system to data security, the following configuration
operations on file systems are restricted:
● Only read-only snapshots can be created for the WORM file system. The snapshot file
systems created for the WORM file system also have the WORM feature.
● When configuring the remote replication function:
– If Pair Creation is set to Manual, ensure that the WORM file system modes at
both ends are the same. Otherwise, the primary/secondary relationship cannot be
established.
– If Pair Creation is set to Automatic, ensure that the global WORM regulatory
clock has been initialized on the remote end.
– If the primary file system is a WORM audit log file system, primary/secondary
switchover and disabling protection for the secondary resource are not supported.
Table 2-6 describes the parameters.
NOTE
The WORM properties are hidden. To display hidden parameters, select Advanced.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 29
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Table 2-6 WORM properties of a file system
Parameter Description
Mode Compliance mode of WORM protection.
● Compliance
– Files within the protection period cannot be modified,
renamed, or deleted by super administrators,
administrators, or common users.
– Files whose protection period expires can be deleted
but cannot be modified or renamed by super
administrators, administrators, or common users.
– A file system that contains files within the protection
period cannot be deleted by super administrators or
administrators.
– A file system, in which the protection period of all files
expires, can be deleted by super administrators and
administrators.
● Enterprise
– Common users or administrators cannot modify,
delete, or rename files within the protection period,
but privileged users can delete these files.
– Files whose protection period expires can be deleted
but cannot be modified or renamed by super
administrators, administrators, or common users.
– Administrators cannot delete a file system that
contains files within the protection period, but
privileged users can delete the file system.
– A file system, in which the protection period of all files
expires, can be deleted by super administrators and
administrators.
NOTE
Only 6.1.7 and later versions support the Enterprise mode.
NOTE
● Enterprise WORM file systems can be renamed, but Compliance
WORM file systems cannot.
● Enterprise WORM file systems can be rolled back using a
snapshot, but Compliance WORM file systems cannot.
● Primary/secondary switchover and disabling protection for the
secondary resource are supported if the primary and secondary
file systems of the remote replication are Enterprise WORM file
systems, but not supported if they are Compliance WORM file
systems.
● Enterprise WORM file systems cannot be configured as WORM
audit log file systems.
[Default value]
Compliance
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 30
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Min. Protection Minimum protection period supported by the WORM file
Period system. The protection period of a file in the WORM file
system cannot be smaller than the value of this parameter.
[Value range]
0 to 70 years or Indefinite.
NOTE
The value of Min. Protection Period must be less than or equal to
that of Max. Protection Period.
[Default value]
3 years
Max. Protection Maximum protection period supported by the WORM file
Period system. The protection period of a file in the WORM file
system cannot be longer than the value of this parameter.
[Value range]
1 day to 70 years or Indefinite.
NOTE
The value of Max. Protection Period cannot be 0.
[Default value]
70 years
Default Default protection period supported by the WORM file
Protection Period system. The protection period of a file in the WORM file
system is the default value of the parameter if you do not
set a protection period for the file.
[Value range]
● If the value of Max. Protection Period ranges from 1 day
to 70 years, Default Protection Period is a value from
Min. Protection Period to Max. Protection Period.
● If Max. Protection Period is set to Indefinite, Default
Protection Period is a value from Min. Protection
Period to 70 years or is Indefinite.
NOTE
To set Default Protection Period to Indefinite, you must set
Max. Protection Period to Indefinite. Otherwise, the setting
fails.
[Default value]
70 years
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 31
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Automatic After this function is enabled, a file automatically enters the
Lockout locked state if not being modified within Lockout Wait
Time (hours). The file in the locked state is protected. You
can only read the file, but cannot modify, rename, or delete
it.
NOTE
Modification operations include file data change and metadata
change.
[Default value]
Disabled
Lockout Wait Indicates the wait time before a file automatically enters the
Time locked state. This parameter is displayed only when
Automatic Lockout is enabled.
[Value range]
1 minute to 10 years.
[Default value]
If Automatic Lockout is enabled, the default value is 2
hours.
Automatic After this function is enabled, the system automatically
Deletion deletes files whose protection periods have expired.
NOTE
Before enabling this function, ensure that files do not need
protection and can be automatically deleted by the system after
they expire.
[Default value]
Disabled
WORM Audit Log After WORM Audit Log File System is enabled, the system
File System records operation logs of the WORM file system, including
Add a litigation, Remove a litigation, and privileged
deletion of Enterprise WORM file systems.
NOTE
This parameter is available only when Mode is set to Compliance.
[Default value]
Disabled
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 32
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Global WORM Before creating a WORM file system for the first time, you
Regulatory Clock need to initialize the WORM regulatory clock. After this
parameter is enabled, the global security regulatory clock is
initialized to the current system time and time zone.
The WORM regulatory clock prevents modification to file
protection periods caused by system time tampering
attacks. The WORM regulatory clock includes a global
WORM regulatory clock and a file system WORM regulatory
clock. To initialize the WORM regulatory clock, you only
need to initialize the global WORM regulatory clock. The file
system WORM regulatory clock will be automatically
initialized using the global WORM regulatory clock when a
WORM file system is created.
NOTICE
● The global WORM regulatory clock cannot be modified after
being initialized. Before the setting, ensure that the system time
and time zone are correct.
● Only super administrators can initialize the global WORM
regulatory clock.
Step 14 Click OK.
Confirm your operation as prompted.
NOTE
After the task is created successfully, the Execution Result page is displayed. You can view
details about the current task on this page.
----End
Follow-up Procedure
● If automatic lockout is disabled for the WORM file system, you must manually
set files to enter the protection state. If automatic lockout is enabled for the
WORM file system, you can also manually set the files to enter the protection
state within the Lockout Wait Time (hours) after a modification. For details,
see 2.1.5 Setting a File to Enter the Protection State.
● If automatic deletion is disabled for the WORM file system, you must
manually delete files that have expired. For details, see 2.2.7 Manually
Deleting an Expired File from a WORM File System.
2.1.4 Sharing a WORM File System
After creating a WORM file system, you need to share it with clients. Users can
store files that need to be protected in the WORM file system to prevent data
tampering.
For operations on sharing file systems, see Basic Storage Service Configuration
Guide for File.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 33
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
2.1.5 Setting a File to Enter the Protection State
After a WORM file system is created, you may need to enable files in the WORM
file system to enter the protection state manually. The protection state includes
locked and appending states.
Windows-based Client
Step 1 Access a WORM file system shared in CIFS mode.
Step 2 Set a file in the WORM file system to the locked state.
1. Right-click the file that you want to set to the locked state.
The shortcut menu is displayed.
2. Choose Properties from the shortcut menu that is displayed.
The Properties dialog box is displayed.
3. In the Properties dialog box that is displayed, click the General tab and select
Read-only. Then click Apply.
After the file enters the locked state, Accessed of the file indicates the
overdue time of the file, as shown in Figure 2-2.
Figure 2-2 File properties
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 34
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTE
In Windows, you cannot set a protection period for a file. You can only use the default
protection period of the WORM file system, which is 70 years.
4. Click OK.
NOTE
If the size of the file is not 0 bytes, skip the following steps.
Step 3 (Optional) Shift the file whose size is 0 bytes from the locked state to the
appending state.
1. Right-click the desired file.
The shortcut menu is displayed.
2. Choose Properties from the shortcut menu that is displayed.
The Properties dialog box is displayed.
3. In the Properties dialog box that is displayed, click the General tab and
deselect Read-only. Then click Apply.
4. Click OK.
Step 4 (Optional) Add contents to the end of the file.
1. Right-click the desired file.
The shortcut menu is displayed.
2. Choose Open from the shortcut menu that is displayed.
The page for editing files is displayed.
3. Add contents that need to be protected to the end of the file.
4. Click Close.
Step 5 (Optional) Set a file in the appending state to the locked state.
1. Right-click the desired file.
The shortcut menu is displayed.
2. Choose Properties from the shortcut menu that is displayed.
The Properties dialog box is displayed.
3. In the Properties dialog box that is displayed, click the General tab and select
Read-only. Then click Apply.
4. Click OK.
----End
Linux-based Client
Step 1 Access a WORM file system shared in NFS mode.
Step 2 (Optional) Run the touch -a -t time file command to set the protection period of
a file.
● time indicates the overdue time of the file.
● file indicates the name of the file for which you want to set the overdue time.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 35
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTE
If you have not run the touch -a -t time file command to set the protection period of the
file, the protection period of the newly created file is the default protection period of the
WORM file system.
Step 3 Run the chmod ugo-w file command to set the file to the locked state.
file indicates the name of the file that you want to set to the locked state.
NOTE
If the size of the file is not 0 bytes, skip the following steps.
Step 4 (Optional) Run the chmod ugo+w file command to set the file of 0 bytes to the
appending state.
file indicates the name of the file that you want to set to the appending state.
Step 5 (Optional) Run the echo content >>file command to add contents that need to be
protected to the end of the file.
● content indicates the contents to be added.
● file indicates the name of the file to which you want to add contents.
Step 6 Run the cat file command to read the file.
file indicates the name of the file that you want to read.
Step 7 (Optional) Run the chmod ugo-w file command to set a file in the appending
state to the locked state.
file indicates the name of the file that you want to set to the locked state.
linux-11:/mnt/fs1 # touch -a -t 202010100600 demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:51:25.000000000 +0800
Change: 2014-11-29 11:52:11.000000000 +0800
linux-11:/mnt/fs1 # chmod u-w demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0444/-r--r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:51:25.000000000 +0800
Change: 2014-11-29 11:54:11.000000000 +0800
linux-11:/mnt/fs1 # chmod u+w demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:51:25.000000000 +0800
Change: 2014-11-29 11:56:17.000000000 +0800
linux-11:/mnt/fs1 # echo hello world>>demo
linux-11:/mnt/fs1 # cat demo
hello world
linux-11:/mnt/fs1 # chmod u-w demo
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 36
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 12 Blocks: 8 IO Block: 4096 regular file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0444/-r--r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:57:10.000000000 +0800
Change: 2014-11-29 11:57:55.000000000 +0800
linux-11:/mnt/fs1 # echo 123>>demo
linux-11:/mnt/fs1 # cat demo
hello world
linux-11:/mnt/fs1 #
----End
2.2 Managing a WORM File System
This operation allows you to manage WORM file systems and files in them.
2.2.1 Viewing the WORM Compliance Clock
This operation allows you to view the initialized WORM compliance clock.
Prerequisites
● The WORM compliance clock has been initialized.
● At least one WORM file system has been created in the storage system.
● You have the permission to view the WORM compliance clock.
Context
Only a super administrator or vStore WORM administrator can query the WORM
compliance clock.
Procedure
Step 1 Log in to the CLI of the storage system.
Step 2 View the WORM compliance clock.
● Run the show system secure_compliance_clock command to view the
current global security compliance clock.
admin:/>show system secure_compliance_clock
Secure Compliance Clock : 2021-10-15/17:44:57 UTC+08:00
● Run the show file_system worm file_system_id=? command to view the
current WORM file system compliance clock.
admin:/>show file_system worm file_system_id=2
ID :2
Name : testfs2
Capacity : 100.000GB
Type : Thin
Worm Type : Compliance
Auto Lock : No
Auto Del : No
Max Protect Period : 70 Year(s)
Min Protect Period : 3 Year(s)
Default Protect Period : 70 Year(s)
Auto Lock Time : 2 Hour(s)
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 37
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Expired Time : --
Worm Clock : 2021-10-15/17:53:28 UTC+08:00
Is Worm Audit Log Fs : No
Litigation Num :0
NOTE
For details about the command, visit Command/Event/Error Code Query.
----End
2.2.2 Viewing the Properties of a WORM File System
This operation allows you to view the properties of a WORM file system.
Prerequisites
● A WORM file system has been created.
● You have the permission to view the properties of the WORM file system.
Context
● On the file system management page, you can click to refresh file system
information.
● On the file system management page, you can click or next to a
parameter and enter a keyword or select a parameter value to search for the
desired file systems.
● On the file system management page, you can click and select the file
system parameters you want to view.
● On the file system management page, you can click or next to a
parameter to change the display order of file systems.
● On the file system management page, you can click to export file system
information to your local PC.
Procedure
Step 1 Choose Services > File Service > File Systems.
Step 2 Select a vStore from the vStore drop-down list in the upper left corner.
Step 3 In the function pane, view file system information about the vStore.
Table 2-7 describes the parameters.
Table 2-7 File system parameters
Parameter Description
Name Name of a file system.
NOTE
You can click the name of a file system to view its details and
manage it.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 38
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
ID ID of a file system.
Owning vStore Name of the vStore to which a file system belongs.
NOTE
This parameter is available only when vStore is set to All vStores
in Step 2.
vStore ID ID of the vStore to which a file system belongs.
NOTE
This parameter is available only when vStore is set to All vStores
in Step 2.
Capacity Capacity information of a file system, including the total
file system capacity and the ratio of the used capacity
(allocated capacity) to the total capacity.
NOTE
You can hover your mouse over Capacity of a file system to view
its total capacity, allocated capacity, data protection capacity, and
capacity alarm threshold.
Total Capacity configured for the file system.
Allocated Capacity Amount of user data written to the file system.
NOTE
If the file system is a clone file system, the allocated capacity does
not include the data volume inherited from the parent file system.
Data Protection Capacity used for data protection on the file system.
Available Amount of user data that can be written to the file system.
Used Ratio of the used capacity (allocated capacity) to the total
capacity of a file system.
Health Status Health status of a file system.
Running Status Running status of a file system.
Created Time when a file system was created.
WORM WORM mode of a file system.
Data Protection Data protection information of a file system.
Shares Share information of a file system.
Quotas Check whether a quota has been configured for a file
system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 39
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Quota Status Quota status of a file system. The value can be:
● Disabled: The quota statistics function is disabled for
the file system. The system does not collect statistics on
the quota usage of the file system. In this case, hard
and soft quotas do not take effect.
● Initializing: The system is scanning the space usage or
file quantity in the file system.
● Enabled: The quota statistics function has been enabled
for the file system. The system collects statistics on the
space usage or file quantity used by the file system.
Dtrees Number of dtrees in a file system.
Owning Storage Owning storage pool of a file system.
Pool
Clone File System Indicates whether this is a clone file system.
Security Style It is used to set the access control style of a file system in
multi-protocol mode.
NOTE
Only 6.1.5 and later versions support Mixed and Native.
● Mixed
Allows users of both CIFS and NFS clients to access and
control file systems. The last configured permissions
prevail.
● Native
Controls CIFS users' permissions with Windows NT ACLs
and NFS users' permissions with UNIX permissions
(UNIX mode bits, POSIX ACLs, and NFSv4 ACLs).
Windows NT ACLs and UNIX permissions will neither
affect nor synchronize with each other.
– For CIFS share access, Windows NT ACLs determine
whether Windows users have access permission.
NOTE
If Windows NT ACLs do not exist, UNIX mode bits
determine whether Windows users have access permission.
– For NFS share access, access permission of UNIX
users is determined by UNIX permissions.
● NTFS
Controls CIFS users' permissions with Windows NT
ACLs.
● UNIX
Controls NFS users' permissions with UNIX mode bits or
NFSv4 ACLs.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 40
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
NAS Lock Policy NAS Lock Policy includes Mandatory Lock and Advisory
Lock.
● Mandatory Lock is recommended if clients using
different protocols simultaneously access the same file
or directory.
● Advisory Lock is recommended if high read and write
performance is required and clients using different
protocols do not access the same file or directory
simultaneously.
NOTE
– This parameter is available only when Security Style is set
to Native.
– Only 6.1.5 and later versions support this parameter.
Audit Log Indicates whether this is an audit log file system.
Step 4 (Optional) Click the name of a file system to view its summary, share, quota, and
protection information. If the WORM function is enabled for a file system, you can
click Advanced to view the WORM information of the file system.
NOTE
You can select Only show shares of the file system or Only show quotas of the file
system to filter the data. If you do not select these options, the system displays the data of
the file system and dtrees in the file system.
----End
2.2.3 Modifying the Properties of a WORM File System
This section describes how to modify WORM properties of a WORM file system.
New WORM properties take effect on the files put in the WORM file system after
the modification.
Prerequisites
A WORM file system has been created.
Procedure
Step 1 Choose Services > File Service > File Systems.
Step 2 Select the vStore to which the desired file system belongs from the vStore drop-
down list in the upper left corner.
Step 3 Click More on the right of the desired file system and select Modify.
The Modify File System page is displayed on the right.
NOTE
You can also click the name of the desired file system. In the upper right corner of the page
that is displayed, select Modify from the Operation drop-down list.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 41
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Step 4 Modify the attributes of the file system.
Table 2-8 describes the parameters.
Table 2-8 File system parameters
Parameter Description
Name Name of the file system.
[Value range]
● The name must be unique.
● The name can contain only letters, digits, periods (.),
underscores (_), hyphens (-), and characters of different
languages.
● The name contains 1 to 255 characters.
Description Description of the file system.
[Value range]
The description can be left blank or contain up to 255
characters.
Capacity Alarm Alarm threshold of the file system capacity. An alarm will
Threshold (%) be generated when the threshold is reached.
NOTE
● Capacity Alarm Threshold (%) is hidden. To display hidden
parameters, select Advanced.
● Capacity threshold = File system capacity x (1 - Reserved
snapshot space ratio (%)) x Capacity alarm threshold (%)
● The alarm is cleared only when the used capacity of the file
system is smaller than Max {90% of the threshold capacity,
threshold capacity - 1 GB}.
Reserved Percentage of the file system snapshot space to the file
Snapshot Space system capacity.
Ratio (%) NOTE
● When you modify the reserved snapshot space ratio, make sure
the reserved space after modification do not exceed the
remaining space of the file system.
● The file system space must not occupy the space reserved for
snapshots. For example, if the capacity of a file system is 100
GB and the reserved snapshot space ratio is 20%, the used
capacity of the file system cannot exceed 80 GB.
● Snapshots can be created when the file system space is full but
the space reserved for snapshots is not full.
● Only 6.1.5 and later versions support this parameter.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 42
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Delete Obsolete Indicates whether to delete obsolete read-only snapshots. If
Read-Only used space of the file system reaches the capacity alarm
Snapshot threshold and used space of snapshots is larger than space
reserved for snapshots (source file system capacity x
reserved snapshot space ratio), the system automatically
deletes the oldest non-secure read-only snapshots.
NOTE
● Delete Obsolete Read-Only Snapshot is a hidden parameter.
To display hidden parameters, select Advanced.
● If both Delete Obsolete Read-Only Snapshot and Capacity
Auto-negotiation Policy are enabled, the capacity auto-
negotiation policy is executed first.
● Only 6.1.5 and later versions support this parameter.
Capacity Auto- The available capacity autonegotiation policies are as
negotiation Policy follows:
● Not used: The storage capacity used by a file system is
fixed and is not flexibly adjusted by the storage system.
● Auto expansion: The file system capacity is
automatically increased to meet user needs for more
data writes, when the available space of a file system is
about to run out and the storage pool has available
space.
● Auto expansion/reduction: The storage system
automatically adjusts the file system capacity based on
file system space usage. When the available space of a
file system is about to run out and the storage pool has
available space, automatic capacity expansion will be
used to increase file system capacity. When the file
system's storage space is released, it can be reclaimed
into a storage pool and used by other file systems in
data write requests.
NOTE
● Capacity Auto-negotiation Policy is a hidden parameter. To
display hidden parameters, select Advanced.
● If both Delete Obsolete Read-Only Snapshot and Capacity
Auto-negotiation Policy are enabled, the capacity auto-
negotiation policy is executed first.
● Only 6.1.5 and later versions support this parameter.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 43
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Auto Expansion When the ratio of the used capacity to the total capacity of
Trigger Threshold a file system is greater than this threshold, the storage
(%) system automatically triggers file system capacity
expansion.
NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion or Auto
expansion/reduction.
● The value of Auto Expansion Trigger Threshold (%) must be
greater than that of Auto Reduction Trigger Threshold (%).
● Only 6.1.5 and later versions support this parameter.
Auto Reduction When the ratio of the used capacity to the total capacity of
Trigger Threshold a file system is smaller than this threshold, the storage
(%) system automatically triggers space reclamation to reduce
the file system capacity.
NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Auto Expansion Upper limit of automatic capacity expansion.
Upper Limit NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion or Auto
expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
● It is recommended that you set Auto Expansion Upper Limit to
a value greater than the file system capacity to avoid deviation
caused by rounding up during unit conversion. Otherwise,
operation failure may occur.
Auto Reduction Lower limit of automatic capacity reduction.
Lower Limit NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Snapshot Indicates whether to visualize the directory of the file
Directory Visibility system snapshots.
Auto Atime Indicates whether to enable Auto Atime Update. Atime
Update indicates the last file system access time. After this function
is enabled, Atime is updated every time data in the file
system is accessed.
NOTE
Enabling Auto Atime Update compromises the system
performance.
Atime Update Indicates the Atime update frequency. The options can be
Frequency Hourly and Daily.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 44
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Snapshot This function is to obtain differential data between file
Comparison system snapshots during incremental backup by backup
software. After it is enabled, file system snapshot
comparison is provided.
NOTE
● Before enabling this function, you are advised to set Snapshot
Directory Visibility to Visible. Otherwise, certain backup
software may be unable to access snapshots.
● Only 6.1.6 and later versions support this parameter.
Quota Determine whether to enable the quota function of a file
system based on service requirements.
When the Quota function is disabled, the system does not
collect statistics on quota usage. In this case, hard and soft
quotas do not take effect.
VAAI Indicates whether to enable VAAI. VMware Storage APIs for
Array Integration (VAAI) are a set of APIs that allow ESXi
hosts to offload specific file operations to the storage array.
This enables vSphere to quickly implement key operations
and reduces the usage of the host CPU, memory, and
storage bandwidth for higher efficiency and lower O&M
costs.
● Enabled: The host offloads file operations to the storage
array. Once it is enabled, it cannot be disabled.
● Disabled: VAAI is not used.
NOTE
Only 6.1.5 and later versions support this parameter.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 45
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Security Style Select a security style based on service requirements. It is
used to set the access control style of a file system in multi-
protocol mode.
● Mixed
Allows users of both CIFS and NFS clients to access and
control file systems. The last configured permissions
prevail.
NOTE
– If Mixed is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– You are advised to configure a default UNIX user for the
CIFS service in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter. The
UNIX user must be an existing local authentication user, NIS
domain user, or LDAP domain user.
– You are advised to configure a default Windows user for the
NFS service in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter. The
Windows user must be an existing local authentication user
or AD domain user.
– Only 6.1.5 and later versions support the Mixed security
style.
● Native
Controls CIFS users' permissions with Windows NT ACLs
and NFS users' permissions with UNIX permissions (UNIX
mode bits, POSIX ACLs, and NFSv4 ACLs). Windows NT
ACLs and UNIX permissions will neither affect nor
synchronize with each other.
– For CIFS share access, Windows NT ACLs determine
whether Windows users have access permission.
NOTE
If Windows NT ACLs do not exist, UNIX mode bits determine
whether Windows users have access permission.
– For NFS share access, access permission of UNIX users
is determined by UNIX permissions.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 46
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
NOTE
– If Native is selected, you are advised to enable user
mapping and set Mapping Mode to Support only user
mapping of this system in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter.
– You are advised to configure a default UNIX user for the
CIFS service in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter. The
UNIX user must be an existing local authentication user, NIS
domain user, or LDAP domain user.
– You are advised to configure a default Windows user for the
NFS service in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter. The
Windows user must be an existing local authentication user
or AD domain user.
– Only 6.1.5 and later versions support the Native security
style.
● NTFS
Controls CIFS users' permissions with Windows NT ACLs.
NOTE
– If NTFS is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– In addition, you are advised to configure a default Windows
user for the NFS service in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter. The default Windows user must be an existing
local authentication user or AD domain user.
● UNIX
Controls NFS users' permissions with UNIX mode bits or
NFSv4 ACLs.
NOTE
– If UNIX is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– In addition, you are advised to configure a default UNIX user
for the CIFS service in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter. The UNIX user must be an existing local
authentication user, NIS domain user, or LDAP domain user.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 47
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
NAS Lock Policy NAS Lock Policy includes Mandatory Lock and Advisory
Lock.
● Mandatory Lock is recommended if clients using
different protocols simultaneously access the same file
or directory.
● Advisory Lock is recommended if high read and write
performance is required and clients using different
protocols do not access the same file or directory
simultaneously.
NOTE
– This parameter is available only when Security Style is set
to Native.
– Only 6.1.5 and later versions support this parameter.
SmartCache Indicates whether to add the file system to a SmartCache
Partition partition. Adding a file system to a SmartCache partition
shortens the response time for reading the file system.
NOTE
This parameter is available only when SCM drives have been added
to the controller enclosure where the file system resides and a
SmartCache partition has been created. For details, see SmartCache
Feature Guide of the desired model and version.
Data Reduction Indicates whether to enable data reduction. After this
function is enabled, the system performs deduplication and
compression on the file system to save storage space.
NOTE
The data reduction switch can be modified only after
SmartDedupe & SmartCompression Software License Basic is
imported to the system.
Step 5 Set the audit log items of the file system. The system records audit logs of
operations on the file system. The audit log items include Create, Delete, Read,
Write, Open, Close, Rename, List folders, Obtain properties, Set properties,
Obtain security properties, Set security properties, Obtain extension
properties, and Set extension properties.
NOTE
● To ensure that the selected audit log items take effect, choose Settings > File Service >
Audit Log to enable the audit log function.
● If too many audit logs are generated and the audit log collection speed is lower than
the audit log writing speed, the temporary buffer space may be insufficient, causing
service interruption risks. You are advised to properly configure the items to be audited.
For example, configure only Create, Delete, and Write for a file system.
Step 6 Set the WORM properties of the file system. The WORM file system ensures that a
file enters the protected state after being written. In this case, the file cannot be
modified, moved, or deleted, but can be read for multiple times.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 48
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
NOTE
Due to the sensitivity of a WORM file system to data security, the following configuration
operations on file systems are restricted:
● Only read-only snapshots can be created for the WORM file system. The snapshot file
systems created for the WORM file system also have the WORM feature.
● When configuring the remote replication function:
– If Pair Creation is set to Manual, ensure that the WORM file system modes at
both ends are the same. Otherwise, the primary/secondary relationship cannot be
established.
– If Pair Creation is set to Automatic, ensure that the global WORM regulatory
clock has been initialized on the remote end.
– If the primary file system is a WORM audit log file system, primary/secondary
switchover and disabling protection for the secondary resource are not supported.
Table 2-9 describes the parameters.
NOTE
This parameter is available only when WORM is enabled for the file system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 49
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Table 2-9 WORM properties of a file system
Parameter Description
Mode Compliance mode of WORM protection.
● Compliance
– Files within the protection period cannot be modified,
renamed, or deleted by super administrators,
administrators, or common users.
– Files whose protection period expires can be deleted
but cannot be modified or renamed by super
administrators, administrators, or common users.
– A file system that contains files within the protection
period cannot be deleted by super administrators or
administrators.
– A file system, in which the protection period of all files
expires, can be deleted by super administrators and
administrators.
● Enterprise
– Common users or administrators cannot modify,
delete, or rename files within the protection period,
but privileged users can delete these files.
– Files whose protection period expires can be deleted
but cannot be modified or renamed by super
administrators, administrators, or common users.
– Administrators cannot delete a file system that
contains files within the protection period, but
privileged users can delete the file system.
– A file system, in which the protection period of all files
expires, can be deleted by super administrators and
administrators.
NOTE
Only 6.1.7 and later versions support the Enterprise mode.
NOTE
● Enterprise WORM file systems can be renamed, but Compliance
WORM file systems cannot.
● Enterprise WORM file systems can be rolled back using a
snapshot, but Compliance WORM file systems cannot.
● Primary/secondary switchover and disabling protection for the
secondary resource are supported if the primary and secondary
file systems of the remote replication are Enterprise WORM file
systems, but not supported if they are Compliance WORM file
systems.
● Enterprise WORM file systems cannot be configured as WORM
audit log file systems.
[Default value]
Compliance
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 50
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Min. Protection Minimum protection period supported by the WORM file
Period system. The protection period of a file in the WORM file
system cannot be smaller than the value of this parameter.
[Value range]
0 to 70 years or Indefinite.
NOTE
The value of Min. Protection Period must be less than or equal to
that of Max. Protection Period.
Max. Protection Maximum protection period supported by the WORM file
Period system. The protection period of a file in the WORM file
system cannot be longer than the value of this parameter.
[Value range]
1 day to 70 years or Indefinite.
NOTE
The value of Max. Protection Period cannot be 0.
Default Default protection period supported by the WORM file
Protection Period system. The protection period of a file in the WORM file
system is the default value of the parameter if you do not
set a protection period for the file.
[Value range]
● If the value of Max. Protection Period ranges from 1 day
to 70 years, Default Protection Period is a value from
Min. Protection Period to Max. Protection Period.
● If Max. Protection Period is set to Indefinite, Default
Protection Period is a value from Min. Protection
Period to 70 years or is Indefinite.
NOTE
To set Default Protection Period to Indefinite, you must set
Max. Protection Period to Indefinite. Otherwise, the setting
fails.
Automatic After this function is enabled, a file automatically enters the
Lockout locked state if not being modified within Lockout Wait
Time (hours). The file in the locked state is protected. You
can only read the file, but cannot modify, rename, or delete
it.
NOTE
Modification operations include file data change and metadata
change.
Lockout Wait Indicates the wait time before a file automatically enters the
Time locked state.
[Value range]
1 minute to 10 years.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 51
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Parameter Description
Automatic After this function is enabled, the system automatically
Deletion deletes files whose protection periods have expired.
NOTE
Before enabling this function, ensure that files do not need
protection and can be automatically deleted by the system after
they expire.
WORM Audit Log After WORM Audit Log File System is enabled, the system
File System records operation logs of the WORM file system, including
Add a litigation, Remove a litigation, and privileged
deletion of Enterprise WORM file systems.
NOTE
This parameter is available only when Mode is set to Compliance.
Step 7 Click OK.
Confirm your operation as prompted.
----End
2.2.4 Deleting a WORM File System
This operation allows you to delete a WORM file system that is no longer
necessary.
Prerequisites
● Files in the WORM file system to be deleted are not in the protection state.
● You have the permission to delete the WORM file system.
● The WORM file system to be deleted has not been shared in NFS or CIFS
mode.
Procedure
Step 1 Choose Services > File Service > File Systems.
Step 2 Select the vStore to which the desired file systems belong from the vStore drop-
down list in the upper left corner.
Step 3 Select one or more desired file systems and click Delete.
NOTE
Alternatively, perform either of the following operations to delete a file system:
● Click More on the right of a desired file system and choose Delete.
● Click the name of the desired file system. In the upper right corner of the page that is
displayed, select Delete from the Operation drop-down list.
Step 4 Confirm your operation as prompted.
----End
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 52
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
2.2.5 Viewing File Status
This operation allows you to view the status of files in a WORM file system.
Windows-based Client
Step 1 Access a WORM file system shared in CIFS mode.
Step 2 Select the file whose status you want to view.
1. Right-click the file whose status you want to view.
The shortcut menu is displayed.
2. Choose Properties from the shortcut menu that is displayed.
The Properties dialog box is displayed.
Step 3 View the status of the file. Table 2-10 describes related parameters.
Table 2-10 File parameters
Parameter Description Value
Access time Time when the file expires. [Example]
The parameter value is the 2084-11-26, 21:45:42
total of the regulation time
when the file enters the
locked state and the
protection period.
Property File status identifier. If there [Example]
is no write permission for the Read-only
file and the file has not
expired, the file is in the
protection state.
----End
Linux-based Client
Step 1 Access a WORM file system shared in NFS mode.
Step 2 Run the stat file command to view the status of a file.
file indicates the name of the file whose status you want to view.
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 12 Blocks: 8 IO Block: 4096 regular file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0444/-r--r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:57:10.000000000 +0800
Change: 2014-11-29 11:57:55.000000000 +0800
----End
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 53
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
2.2.6 Extending the Protection Period of a File
This operation allows you to extend the protection period of a file in a WORM file
system.
Prerequisites
● Protection periods cannot be shortened. The protection period of a file after
accumulative extensions cannot be longer than the maximum protection
period.
● CIFS users can use a third-party tool (such as the Far Manager graphical tool)
to change atime to extend the protection period of locked, appended, or
expired files.
Procedure
Step 1 Access a WORM file system shared in NFS mode.
Step 2 Run the touch -a -t time file command to extend the protection period of a file.
● time indicates the overdue time of the file.
● file indicates the name of the file.
Step 3 Run the stat file command to query the extended protection period.
linux-11:/mnt/fs1 # touch -a -t 203010100600 demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 12 Blocks: 8 IO Block: 4096 regular file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0444/-r--r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2030-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:57:10.000000000 +0800
Change: 2014-11-29 23:55:41.000000000 +0800
----End
2.2.7 Manually Deleting an Expired File from a WORM File
System
This operation allows you to delete an expired file from a WORM file system to
release storage space.
Windows-based Client
Step 1 Access a WORM file system shared in CIFS mode.
Step 2 Select the expired file that you want to delete.
1. Right-click the file that you want to delete.
2. Choose Delete from the shortcut menu that is displayed.
The Delete File dialog box is displayed.
Step 3 Confirm your operation.
Click OK.
----End
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 54
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
Linux-based Client
Step 1 Access a WORM file system shared in NFS mode.
Step 2 Run the rm -f file command to delete an expired file.
file indicates the name of the expired file that you want to delete.
Step 3 Run the stat file command to check whether the expired file is deleted.
file indicates the name of the expired file that you have deleted.
linux-11:/mnt/fs1 # rm -f demo
linux-11:/mnt/fs1 # stat demo
stat: cannot stat `demo': No such file or directory
----End
2.2.8 Creating a Litigation Hold Task
When a file is set to the litigation hold state, the file cannot be modified or
deleted until the state is cleared. This function can be used to save files about
subpoenas, litigation, regulatory investigations, and other special cases.
Prerequisites
Before performing this operation, ensure that:
● You have created a WORM file system.
● You have the permission to perform this operation.
● A WORM audit log file system has been enabled for the current vStore.
Context
Only the super administrator or the vStore WORM administrator can create
litigation hold tasks.
Procedure
Step 1 Log in to the CLI of the storage system.
Step 2 Query the list and details about litigation hold tasks in the WORM file system.
Run the show worm_file legal_hold file_system_id=? [ task_id=? ] command to
query the signature of the WORM file.
● file_system_id indicates the ID of the WORM file system. To obtain its value,
run the show file_system worm command without parameters.
● task_id indicates the ID of the litigation hold task.
Example:
Query the list of litigation hold tasks in the file system whose ID is 60.
admin:/>show worm_file legal_hold file_system_id=60
Task ID File System ID File System Name Litigation Name Operation Status Deal Ok File Num
Deal Fail File Num Path
------------ -------------- ---------------- --------------- --------- ------ ---------------- ------------------
-----
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 55
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
257698038272 60 worm_fs_1 dddd Set 0 0 0 /
file
257698038017 60 worm_fs_1 fffff Set 0 0
0 /ddd
257698038019 60 worm_fs_1 fs001 Set 0 0
0 /ddd
257698038276 60 worm_fs_1 fs001 Set 0 0
0 /ddd
257698038277 60 worm_fs_1 sss Set 0 0 0 /
file
Query the details about the litigation hold task whose ID is 257698038272 in the
file system whose ID is 60.
admin:/>show worm_file legal_hold file_system_id=60 task_id=257698038272
Task ID : 257698038272
File System ID : 60
File System Name : worm_fs_1
Litigation Name : dddd
Operation : Set
Status :0
Deal Ok File Num : 0
Deal Fail File Num : 0
Path : /file
Status Details : No Error
Step 3 Create a litigation hold task.
Run the create worm_file legal_hold operation=? litigation_name=?
file_system_id=? path=? command to create a litigation hold task.
● operation indicates the operation for a litigation hold task. Its values are as
follows:
– set: Set a litigation hold task.
– unset: Cancel a litigation hold task.
● litigation_name indicates the litigation name. The value contains 1 to 255
ASCII characters, including digits, letters, underscores (_), hyphens (-), and
periods (.).
● file_system_id indicates the ID of the WORM file system. To obtain its value,
run the show file_system worm command without parameters.
● path indicates the file or path for setting or canceling the litigation hold task.
Example:
Set a litigation hold task for the file system whose ID is 1 and file path is /. The
litigation name is litigation1.
admin:/>create worm_file legal_hold operation=set litigation_name=litigation1 file_system_id=1
path=/
Command executed successfully.
Cancel a litigation hold task for the file system whose ID is 1, path is /, and
litigation name is litigation1.
admin:/>create worm_file legal_hold operation=unset litigation_name=litigation1 file_system_id=1 path=/
Command executed successfully.
NOTE
To delete a litigation hold task, run the delete worm_file legal_hold file_system_id=?
task_id=? command.
----End
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 56
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
2.2.9 Verifying the File Signature
You can check whether data is modified by verifying the file signature.
Prerequisites
Before performing this operation, ensure that:
● You have created a WORM file system.
● You have the permission to perform this operation.
Context
● Only the super administrator or the vStore WORM administrator can verify
the file signature.
● After the WORM file is locked, a signature is automatically generated and
saved for signature query and verification. If a file is modified, the verification
fails. In case of no modification, if the file size is 0, a message is displayed
indicating that no fingerprints exist. If the file size is not 0, the verification is
successful.
Procedure
Step 1 Log in to the CLI of the storage system.
Step 2 Query the file signature.
Run the show worm_file fingerprint file_system_id=? [task_id=?] command to
query the signature of the WORM file.
● file_system_id indicates the ID of the WORM file system where the WORM
file resides. To obtain its value, run the show file_system worm command
without parameters.
● task_id indicates the ID of the file signature task.
Example:
Query information about all file signature tasks whose file system ID is 1.
admin:/>show worm_file fingerprint file_system_id=1
Task ID File System ID File System Name Fingerprint Scope Algorithm Task Status Path
------- -------------- ---------------- ----------------- --------- ----------- ----
6553600 1 fs_worm0000 Data And Metadata SHA-256 Finish /123
6553792 1 fs_worm0000 Data And Metadata SHA-256 Finish /456
Query information about the file signature task whose file system ID is 1 and task
ID is 6553600.
admin:/>show worm_file fingerprint file_system_id=1 task_id=6553600
Task ID : 6553600
File System ID :1
File System Name : fs_worm0000
Fingerprint Scope : Data And Metadata
Algorithm : SHA-256
Task Status : Finish
Data Fingerprint : a15d44de70edc791acc2e3547f831852c29a0c2a2fe27280b2cbc9db214b4b9a
Metadata Fingerprint : 4aa16040547b73f66250983bad6b0973f76ac652e071931ba6f4e172bf0c2f60
Start Time : 2021-08-21/09:18:37 UTC+08:00
Finish Time : 2021-08-21/09:18:37 UTC+08:00
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 57
OceanStor Dorado 2 Configuring and Managing a WORM File System
HyperLock Feature Guide (System User)
File Type : Regular
File Size : 9.000B
File User ID :0
File Group ID :0
File Change Time : 2021-08-20/23:01:05 UTC+08:00
File Modification Time : 2021-08-20/23:01:05 UTC+08:00
File Create Time : 2021-08-20/23:01:01 UTC+08:00
File Access Time : 2021-08-20/23:01:01 UTC+08:00
Path : /123
NOTE
If the WORM file does not have a signature, -- is returned.
Step 3 Verify the file signature.
Run the create worm_file fingerprint file_system_id=? path=?
fingerprint_scope=? algorithm=? command to verify the signature of the WORM
file.
● file_system_id indicates the ID of the WORM file system where the WORM
file resides. To obtain its value, run the show file_system worm command
without parameters.
● path indicates the full path of the WORM file.
● fingerprint_scope indicates the file fingerprint range. The values are as
follows:
– data and metadata: file data and file metadata
– data: file data
– metadata: file metadata
● algorithm indicates the file fingerprint algorithm. The value can only be
SHA-256.
Example:
Calculate the signature of the file whose file system ID is 1 and file path is /file1.
The calculation content is metadata and data.
admin:/>create worm_file fingerprint file_system_id=1 path=/file1 algorithm=SHA-256
fingerprint_scope=data_and_metadata
Command executed successfully.
NOTE
● If the file to be verified does not have a signature and the file size is 0, a message is
displayed indicating that the file is empty. If the file size is not 0, the verification is
successful.
● To stop a file signature task, run the delete worm_file fingerprint file_system_id=?
task_id=? command.
----End
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 58
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
3 Configuring and Managing a WORM File
System (vStore User)
3.1 Configuring a WORM File System
3.2 Managing a WORM File System
3.1 Configuring a WORM File System
The process of configuring a WORM file system is similar to that of configuring a
common file system. You just need to set WORM properties when creating the file
system.
3.1.1 Checking the Environment Before the Configuration
Before creating a WORM file system, the vStore administrator needs to confirm
with the system administrator to verify that the storage system allows the
operation.
A vStore administrator can only manage owning vStores and other configuration
operations can only be performed by the system administrator in system view.
Before creating a WORM file system, ensure that the following conditions are met:
● The HyperLock license, NAS Foundation license, and SmartMulti-Tenant
license have been imported and activated.
● The global WORM regulatory clock has been initialized.
If any condition cannot be met, contact the system administrator.
3.1.2 Creating a WORM File System
By creating a WORM file system, you can enable the file system to share storage
resources using the file directory.
Prerequisites
Before creating a WORM file system, ensure that:
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 59
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
● The device is working correctly.
● The license file of the WORM feature is valid.
● The global WORM regulatory clock has been initialized in the system view.
For details, see Context.
Procedure
Step 1 Choose Services > File Service > File Systems.
Step 2 Click Create.
The Create File System page is displayed on the right.
NOTE
The screenshot is for reference only and the actual displayed information may vary.
Step 3 Set the basic information about the file system.
Table 3-1 describes the parameters.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 60
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Table 3-1 File system parameters
Parameter Description
Name Name of the file system.
[Value range]
● The name must be unique.
● The name can contain only letters, digits, periods (.),
underscores (_), hyphens (-), and characters of different
languages.
● The name contains 1 to 255 characters.
Description Description of the file system.
NOTE
Description is hidden. To display hidden parameters, click
Advanced.
[Value range]
The description can be left blank or contain up to 255
characters.
Owning Storage Owning storage pool of the file system.
Pool
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 61
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Security Style Select a security style based on service requirements. It is
used to set the access control style of a file system in multi-
protocol mode.
NOTE
Only 6.1.5 and later versions support Mixed and Native.
● Mixed
Allows users of both CIFS and NFS clients to access and
control file systems. The last configured permissions
prevail.
● Native
Controls CIFS users' permissions with Windows NT ACLs
and NFS users' permissions with UNIX permissions (UNIX
mode bits, POSIX ACLs, and NFSv4 ACLs). Windows NT
ACLs and UNIX permissions will neither affect nor
synchronize with each other.
– For CIFS share access, Windows NT ACLs determine
whether Windows users have access permission.
NOTE
If Windows NT ACLs do not exist, UNIX mode bits determine
whether Windows users have access permission.
– For NFS share access, access permission of UNIX users
is determined by UNIX permissions.
● NTFS
Controls CIFS users' permissions with Windows NT ACLs.
NOTE
– If NTFS is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– In addition, you are advised to configure a default Windows
user for the NFS service in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter. The default Windows user must be an existing
local authentication user or AD domain user.
● UNIX
Controls NFS users' permissions with UNIX mode bits or
NFSv4 ACLs.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 62
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
NOTE
– If UNIX is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– In addition, you are advised to configure a default UNIX user
for the CIFS service in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter. The default UNIX user must be an existing local
authentication user or NIS/LDAP domain user.
– In this mode, the default UNIX permission of the file system
root directory is 755. To change the value, run the change
file_system general file_system_id=? unix_permissions=?
command. For details about the command, visit Command/
Event/Error Code Query.
NAS Lock Policy NAS Lock Policy includes Mandatory Lock and Advisory
Lock.
● Mandatory Lock is recommended if clients using
different protocols simultaneously access the same file or
directory.
● Advisory Lock is recommended if high read and write
performance is required and clients using different
protocols do not access the same file or directory
simultaneously.
NOTE
– This parameter is available only when Security Style is set to
Native.
– Only 6.1.5 and later versions support this parameter.
VAAI Indicates whether to enable VAAI. VMware Storage APIs for
Array Integration (VAAI) are a set of APIs that allow ESXi
hosts to offload specific file operations to the storage array.
This enables vSphere to quickly implement key operations
and reduces the usage of the host CPU, memory, and
storage bandwidth for higher efficiency and lower O&M
costs.
● Enabled: The host offloads file operations to the storage
array. Once it is enabled, it cannot be disabled.
● Disabled: VAAI is not used.
NOTE
Only 6.1.5 and later versions support this parameter.
Step 4 Set the capacity and tuning information of the file system.
Table 3-2 describes the parameters.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 63
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Table 3-2 Capacity and tuning parameters
Parameter Description
Capacity Capacity of the file system, which indicates the maximum
capacity allocated to the thin file system. That is, the total
capacity dynamically allocated to the thin file system
cannot exceed this value.
NOTE
● The maximum capacity of the file system cannot exceed the
system specifications. For details about the specifications, see
the Specifications Query tool.
● The storage system uses the following capacity algorithms
defined by Windows: 1 PB = 1,024 TB, 1 TB = 1,024 GB, 1 GB =
1,024 MB, 1 MB = 1,024 KB, and 1 KB = 1,024 bytes.
Capacity Alarm Alarm threshold of the file system capacity. An alarm will be
Threshold (%) generated when the threshold is reached.
NOTE
● Capacity Alarm Threshold (%) is hidden. To display hidden
parameters, click Advanced.
● Capacity threshold = File system capacity x (1 – Reserved
snapshot space ratio (%)) x Capacity alarm threshold (%)
● The alarm is cleared only when the used capacity of the file
system is smaller than 90% of the capacity threshold or the
capacity threshold minus 1 GB (whichever is larger).
Reserved Percentage of the file system snapshot space to the file
Snapshot Space system capacity.
Ratio (%) NOTE
● The file system space must not occupy the space reserved for
snapshots. For example, if the capacity of a file system is 100 GB
and the reserved snapshot space ratio is 20%, the used capacity
of the file system cannot exceed 80 GB.
● Snapshots can be created when the file system space is full but
the space reserved for snapshots is not full.
● Only 6.1.5 and later versions support this parameter.
Delete Obsolete Indicates whether to delete obsolete read-only snapshots. If
Read-Only used space of the file system reaches the capacity alarm
Snapshot threshold and used space of snapshots is larger than space
reserved for snapshots (source file system capacity x
reserved snapshot space ratio), the system automatically
deletes the oldest non-secure read-only snapshots.
NOTE
● Delete Obsolete Read-Only Snapshot is a hidden parameter.
To display hidden parameters, click Advanced.
● If both Delete Obsolete Read-Only Snapshot and Capacity
Auto-negotiation Policy are enabled, the capacity auto-
negotiation policy is executed first.
● Only 6.1.5 and later versions support this parameter.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 64
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Capacity Auto- The available capacity autonegotiation policies are as
negotiation follows:
Policy ● Not used: The storage capacity used by a file system is
fixed and is not flexibly adjusted by the storage system.
● Auto expansion: The file system capacity is
automatically increased to meet user needs for more
data writes, when the available space of a file system is
about to run out and the storage pool has available
space.
● Auto expansion/reduction: The storage system
automatically adjusts the file system capacity based on
file system space usage. When the available space of a
file system is about to run out and the storage pool has
available space, automatic capacity expansion will be
used to increase file system capacity. When the file
system's storage space is released, it can be reclaimed
into a storage pool and used by other file systems in
data write requests.
NOTE
● Capacity Auto-negotiation Policy is a hidden parameter. To
display hidden parameters, click Advanced.
● If both Delete Obsolete Read-Only Snapshot and Capacity
Auto-negotiation Policy are enabled, the capacity auto-
negotiation policy is executed first.
● Only 6.1.5 and later versions support this parameter.
Auto Expansion When the ratio of the used capacity to the total capacity of
Trigger Threshold a file system is greater than this threshold, the storage
(%) system automatically triggers file system capacity
expansion.
NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion or Auto
expansion/reduction.
● The value of Auto Expansion Trigger Threshold (%) must be
greater than that of Auto Reduction Trigger Threshold (%).
● Only 6.1.5 and later versions support this parameter.
Auto Reduction When the ratio of the used capacity to the total capacity of
Trigger Threshold a file system is smaller than this threshold, the storage
(%) system automatically triggers space reclamation to reduce
the file system capacity.
NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 65
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Auto Expansion Upper limit of automatic capacity expansion.
Upper Limit NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion or Auto
expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Auto Reduction Lower limit of automatic capacity reduction.
Lower Limit NOTE
● This parameter is displayed only when Capacity Auto-
negotiation Policy is set to Auto expansion/reduction.
● Only 6.1.5 and later versions support this parameter.
Application Type Application type of the file system. Preset application types
are provided for typical applications. In file service scenarios,
possible options are NAS_Default, NAS_Virtual_Machine,
NAS_Database, NAS_Large_File, Office_Automation, and
NAS_EDA.
NOTE
● The Application Request Size and File System Distribution
Algorithm parameters are set for preset application types. The
value of Application Request Size is 16 KB for NAS_Default,
NAS_Virtual_Machine, Office_Automation, and NAS_EDA, 8
KB for NAS_Database, and 32 KB for NAS_Large_File. If
Application Type is set to NAS_Default, NAS_Large_File,
Office_Automation, or NAS_EDA, File System Distribution
Algorithm is Directory balance mode. In this mode, directories
are evenly allocated to each controller by quantity. If
Application Type is set to NAS_Virtual_Machine or
NAS_Database, File System Distribution Algorithm is
Performance mode. In this mode, directories are preferentially
allocated to the controller to which the shared IP address
belongs, improving access performance of directories and files.
● When SmartCompression and SmartDedupe licenses are
imported to the system, the preset application types also display
whether SmartCompression and SmartDedupe are enabled. For
details, see SmartDedupe and SmartCompression Feature Guide
for File of the desired product model and version.
● Application Type cannot be changed once being configured.
You are advised to set the value based on the service I/O model.
● To create an application type, run the create workload_type
general name=? io_size=? command. For details, visit
Command/Event/Error Code Query.
● You can also run the create file_system general or change
file_system general command to create or modify a file system
respectively. For details, visit Command/Event/Error Code
Query.
Step 5 If a HyperMetro vStore pair has been created for the vStore, you need to configure
a HyperMetro pair for the newly created file system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 66
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Specify Remote Storage Pool for creating a remote file system. The system will
create a remote file system on the remote device of the HyperMetro vStore pair
and add the local and remote file systems to a HyperMetro pair.
For details about HyperMetro, see the HyperMetro Feature Guide for File of the
desired version.
Step 6 Configure shares for the file system.
● Set NFS shares for the file system.
a. Enable NFS.
b. Set Create From. Possible values are Template or New.
▪ Template
Select a share template from the drop-down list box. The system
presets the description and permission of the created share based on
the selected template. You can click Modify on the right of Share to
modify the share information.
▪ New
The system presets the read and write permissions of all clients. You
can click Modify on the right of Share to modify the share
information.
● Set CIFS shares for the file system.
a. Enable CIFS.
b. Set Create From. Possible values are Template or New.
▪ Template
Select a share template from the drop-down list box. The system
presets the description and permission of the created share based on
the selected template. You can click Modify on the right of Share to
modify the share information.
▪ New
The system presets the full control permission for everyone. You can
click Modify on the right of Share to modify the share information.
Step 7 Set a quota for the file system.
NOTE
Quota is a hidden option. To display hidden parameters, click Advanced.
1. Enable Quota.
NOTE
– The quota switch is disabled by default.
– When the Quota function is disabled, the system does not collect statistics on
quota usage. In this case, hard and soft quotas do not take effect.
2. Click Create.
The Create Quota page is displayed on the right.
3. Specify Quota Type. Possible options are Directory quota, User quota, and
User group quota.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 67
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
– Directory quota
The directory quota of a file system limits the space usage or file quantity
used by all dtrees in the file system.
NOTE
The directory quota of a file system takes effect only for dtrees whose quota
function is enabled. In addition, the quota of each dtree is limited separately.
– User quota
User quota: limits the space usage or file quantity used by a single user.
i. Click Select.
The Select User page is displayed.
ii. Select the users for which you want to create a quota.
○ If you select All users, the quota limits the space usage or file
quantity of each user in the system.
○ If you select Specified users, click Add. On the Add User page
that is displayed, select the UNIX Users or Windows Users tab,
and select one or more desired users. Then click OK.
NOTE
If you set User Type to Local authentication user, select the desired
users in the list below.
If you set User Type to LDAP domain user, NIS domain user, or AD
domain user, enter the user names in the Name text box.
To remove added users, click Remove on the right of a desired user, or
select one or more desired users and click Remove.
○ If you select Specified user groups, the quota limits the space
usage or file quantity of each specified user group. To add a user
group, click Add. On the Add User Group page that is displayed,
select a user group type and select the desired user groups. Then
click OK.
NOTE
If you set User Group Type to Local authentication user group,
select the desired user groups in the list below.
If you set User Group Type to LDAP domain user group or NIS
domain user group, enter the user group names in the Name text
box.
To remove added user groups, click Remove on the right of a desired
user group, or select one or more desired user groups and click
Remove.
iii. Click OK.
– User group quota
User group quota: limits the space usage or file quantity used by a single
user group.
i. Click Select.
The Select User Group page is displayed.
ii. Select the user groups for which you want to create a quota.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 68
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
○ If you select All user groups, the quota limits the space usage
or file quantity of each user group in the system.
○ If you select Specified user groups, the quota limits the space
usage or file quantity of each specified user group. To add a user
group, click Add. On the Add User Group page that is displayed,
select a user group type and select the desired user groups. Then
click OK.
NOTE
If you set User Group Type to Local authentication user group,
select the desired user groups in the list below.
If you set User Group Type to LDAP domain user group or NIS
domain user group, enter the user group names in the Name text
box.
To remove added user groups, click Remove on the right of a desired
user group, or select one or more desired user groups and click
Remove.
iii. Click OK.
4. Set space quotas.
Table 3-3 describes the parameters.
Table 3-3 Space quota parameters
Parameter Description
Hard Quota Space hard quota. If the quota is reached, the system
immediately forbids writes.
[Value range]
1 KB to 256 PB
The value must be larger than that of Soft Quota.
Soft Quota Space soft quota. If the quota is reached, the system
generates an alarm but still allows writes. After the hard
quota is reached, the system immediately forbids writes.
[Value range]
1 KB to 256 PB
The value must be smaller than that of Hard Quota.
5. Set file quantity quotas.
Table 3-4 describes the parameters.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 69
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Table 3-4 File quantity quota parameters
Parameter Description
Hard Quota File quantity hard quota. If the quota is reached, new
files cannot be added. Operations on existing files are
not affected.
[Value range]
1 file to 2 billion files
The value must be larger than that of Soft Quota.
Soft Quota File quantity soft quota. If the quota is reached, the
system generates an alarm but new files can still be
added. After the hard quota is reached, new files cannot
be added.
[Value range]
1 file to 2 billion files
The value must be smaller than that of Hard Quota.
NOTE
– If you do not set the space quota or file quantity quota, the storage system only
collects statistics on but does not control the space usage or file quantity. To view
the statistics about used space quota and used file quantity quota, choose Services
> File Service > Quotas > Quota Reports, and select the desired file system.
– To modify a quota, click More on the right of the quota and select Modify.
– To delete a quota, select the quota and click Delete above the list or click More on
the right of the quota.
– The parameters for creating a quota are preset. A quota is created for a file system
only after the file system has been created.
Step 8 Configure data protection for the file system.
1. Enable Add to HyperCDP Schedule.
2. Select a HyperCDP schedule to create a HyperCDP object for the file system.
NOTE
● HyperCDP is a high-density snapshot technology that provides continuous data
protection for file systems. For details about the HyperCDP feature, see HyperCDP
Feature Guide for File of the desired version.
● The system has a built-in HyperCDP schedule NAS_DEFAULT_BUILDIN. The schedule is
executed once an hour (retains the latest three copies), once at 00:05 every day (retains
the latest two copies), and once at 00:10 every Sunday (retains the latest two copies).
● When you create a file system, the system selects the built-in HyperCDP schedule
NAS_DEFAULT_BUILDIN by default.
● A file system can be added to only one HyperCDP schedule. For a file system that has
been added to a HyperCDP schedule, if you want to change its owning HyperCDP
schedule, you need to remove the file system from the original HyperCDP schedule first.
● If a file system has not been added to a HyperCDP schedule during the file system
creation, you can add it to a HyperCDP schedule after the file system is created.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 70
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Step 9 Select Advanced in the upper right corner and set the audit log items of the file
system. The system records audit logs of operations on the file system. The audit
log items include Create, Delete, Read, Write, Open, Close, Rename, List
folders, Obtain properties, Set properties, Obtain security properties, Set
security properties, Obtain extension properties, and Set extension properties.
NOTE
To ensure that the selected audit log items take effect, choose Settings > File Service >
Audit Log to enable the audit log function.
Step 10 Set advanced attributes of the file system.
Table 3-5 describes the parameters.
Table 3-5 Advanced file system parameters
Parameter Description
Snapshot Indicates whether to visualize the directory of the file
Directory system snapshots.
Visibility
Auto Atime Indicates whether to enable the function of automatically
Update updating the Atime. Atime indicates the time when a
namespace is accessed. After this function is enabled, the
system updates the Atime based on the value of Atime
Update Frequency.
NOTE
Enabling Auto Atime Update compromises the system
performance.
Atime Update Indicates the Atime update frequency. The options can be
Frequency Hourly and Daily.
Snapshot This function is to obtain differential data between file
Comparison system snapshots during incremental backup by backup
software. After it is enabled, file system snapshot
comparison is provided.
NOTE
● To use this function, you are advised to set Snapshot Directory
Visibility to Visible. Otherwise, some backup software may fail
to access snapshots.
● Only 6.1.6 and later versions support this parameter.
Step 11 Set the Write Once Read Many (WORM) properties of the file system. The WORM
file system ensures that a file enters the protected state after being written. In this
case, the file cannot be modified, moved, or deleted, but can be read for multiple
times.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 71
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
NOTE
Only 6.1.3 and later versions support the WORM feature.
Before setting the WORM properties of a file system, you need to initialize the global
WORM regulatory clock in the system view.
Due to the sensitivity of a WORM file system to data security, the following configuration
operations on file systems are restricted:
● Only read-only snapshots can be created for the WORM file system. The snapshot file
systems created for the WORM file system also have the WORM feature.
● When configured the remote replication function:
– If Pair Creation is set to Manual, ensure that the WORM file system modes at
both ends are the same. Otherwise, the primary/secondary relationship cannot be
established.
– If Pair Creation is set to Automatic, ensure that the global WORM regulatory
clock has been initialized on the remote end.
– If the primary file system is a WORM audit log file system, primary/secondary
switchover and disabling protection for the secondary resource are not supported.
Table 3-6 describes the parameters.
NOTE
The WORM properties are hidden. To display hidden parameters, click Advanced.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 72
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Table 3-6 WORM properties of a file system
Parameter Description
Mode Indicates the compliance mode of WORM protection.
● Regulatory compliance
– Files within the protection period cannot be modified,
renamed, or deleted by super administrators,
administrators, or common users.
– Files whose protection period expires can be deleted
but cannot be modified or renamed by super
administrators, administrators, or common users.
– A file system that contains files within the protection
period cannot be deleted by super administrators or
administrators.
– A file system, in which the protection period of all files
expires, can be deleted by super administrators and
administrators.
● Enterprise compliance
– Common users or administrators cannot modify,
delete, or rename files within the protection period,
but privileged users can delete these files.
– Files whose protection period expires can be deleted
but cannot be modified or renamed by super
administrators, administrators, or common users.
– Administrators cannot delete a file system that
contains files within the protection period, but
privileged users can delete the file system.
– A file system, in which the protection period of all files
expires, can be deleted by super administrators and
administrators.
NOTE
● Enterprise WORM file systems can be renamed, but Regulatory
Compliance WORM file systems cannot.
● Enterprise WORM file systems can be rolled back using a
snapshot, but Regulatory Compliance WORM file systems
cannot.
● Primary/secondary switchover and disabling protection for the
secondary resource are supported if the WORM mode of the
primary and secondary file systems of the remote replication is
enterprise compliance, but not supported if the WORM mode of
the primary and secondary file systems is regulatory compliance.
● Enterprise file systems cannot be configured as WORM audit log
file systems.
[Default value]
Regulatory compliance
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 73
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Min. Protection Minimum protection period supported by the WORM file
Period system. The protection period of a file in the WORM file
system cannot be smaller than the value of this parameter.
[Value range]
0 to 70 years or Indefinite.
NOTE
The value of Min. Protection Period must be less than or equal to
that of Max. Protection Period.
[Default value]
3 years
Max. Protection Maximum protection period supported by the WORM file
Period system. The protection period of a file in the WORM file
system cannot be longer than the value of this parameter.
[Value range]
1 day to 70 years or Indefinite.
NOTE
The value of Max. Protection Period cannot be 0.
[Default value]
70 years
Default Default protection period supported by the WORM file
Protection Period system. The protection period of a file in the WORM file
system is the default value of the parameter if you do not
set a protection period for the file.
[Value range]
● If the value of Max. Protection Period ranges from 1 day
to 70 years, Default Protection Period is a value from
Min. Protection Period to Max. Protection Period.
● If Max. Protection Period is set to Indefinite, Default
Protection Period is a value from Min. Protection
Period to 70 years or is Indefinite.
NOTE
To set Default Protection Period to Indefinite, you must set
Max. Protection Period to Indefinite. Otherwise, the setting
fails.
[Default value]
70 years
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 74
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Automatic After this function is enabled, a file automatically enters the
Lockout locked state if not being modified within Lockout Wait
Time (hours). The file in the locked state is protected. You
can only read the file, but cannot modify, rename, or delete
it.
NOTE
Modification operations include file data change and metadata
change.
[Default value]
Disabled
Lockout Wait Indicates the wait time before a file automatically enters the
Time locked state. This parameter is displayed only when
Automatic Lockout is enabled.
[Value range]
1 minute to 10 years.
[Default value]
If Automatic Lockout is enabled, the default value is 2
hours.
Automatic After this function is enabled, the system automatically
Deletion deletes files whose protection periods have expired.
NOTE
Before enabling this function, ensure that files do not need
protection and can be automatically deleted by the system after
they expire.
[Default value]
Disabled
WORM Audit Log After the WORM audit log file system is enabled, the system
File System records operation logs of the WORM file system, including
Add a litigation, Remove a litigation, and privileged
deletion of Enterprise WORM file systems.
NOTE
This parameter is available only when Mode is set to Regulatory
compliance.
[Default value]
Disabled
Step 12 Click OK.
Confirm your operation as prompted.
NOTE
After the task is created successfully, the Execution Result page is displayed. You can view
details about the current task on this page.
----End
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 75
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Follow-up Procedure
● If automatic lockout is disabled for the WORM file system, you must manually
set files to enter the protection state. If automatic lockout is enabled for the
WORM file system, you can also manually set the files to enter the protection
state within the Lockout Wait Time (hours) after a modification. For details,
see 3.1.4 Setting a File to Enter the Protection State.
● If automatic deletion is disabled for the WORM file system, you must
manually delete files that have expired. For details, see 3.2.7 Manually
Deleting an Expired File from a WORM File System.
3.1.3 Sharing a WORM File System
After creating a WORM file system, you need to share it with clients. Users can
store files that need to be protected in the WORM file system to prevent data
tampering.
For operations on sharing file systems, see SmartMulti-Tenant Feature Guide for
File.
3.1.4 Setting a File to Enter the Protection State
After a WORM file system is created, you may need to enable files in the WORM
file system to enter the protection state manually. The protection state includes
locked and appending states.
Windows-based Client
Step 1 Access a WORM file system shared in CIFS mode.
Step 2 Set a file in the WORM file system to the locked state.
1. Right-click the file that you want to set to the locked state.
The shortcut menu is displayed.
2. Choose Properties from the shortcut menu that is displayed.
The Properties dialog box is displayed.
3. In the Properties dialog box that is displayed, click the General tab and select
Read-only. Then click Apply.
After the file enters the locked state, Accessed of the file indicates the
overdue time of the file, as shown in Figure 3-1.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 76
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Figure 3-1 File properties
NOTE
In Windows, you cannot set a protection period for a file. You can only use the default
protection period of the WORM file system, which is 70 years.
4. Click OK.
NOTE
If the size of the file is not 0 bytes, skip the following steps.
Step 3 (Optional) Shift the file whose size is 0 bytes from the locked state to the
appending state.
1. Right-click the desired file.
The shortcut menu is displayed.
2. Choose Properties from the shortcut menu that is displayed.
The Properties dialog box is displayed.
3. In the Properties dialog box that is displayed, click the General tab and
deselect Read-only. Then click Apply.
4. Click OK.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 77
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Step 4 (Optional) Add contents to the end of the file.
1. Right-click the desired file.
The shortcut menu is displayed.
2. Choose Open from the shortcut menu that is displayed.
The page for editing files is displayed.
3. Add contents that need to be protected to the end of the file.
4. Click Close.
Step 5 (Optional) Set a file in the appending state to the locked state.
1. Right-click the desired file.
The shortcut menu is displayed.
2. Choose Properties from the shortcut menu that is displayed.
The Properties dialog box is displayed.
3. In the Properties dialog box that is displayed, click the General tab and select
Read-only. Then click Apply.
4. Click OK.
----End
Linux-based Client
Step 1 Access a WORM file system shared in NFS mode.
Step 2 (Optional) Run the touch -a -t time file command to set the protection period of
a file.
● time indicates the overdue time of the file.
● file indicates the name of the file for which you want to set the overdue time.
NOTE
If you have not run the touch -a -t time file command to set the protection period of the
file, the protection period of the newly created file is the default protection period of the
WORM file system.
Step 3 Run the chmod ugo-w file command to set the file to the locked state.
file indicates the name of the file that you want to set to the locked state.
NOTE
If the size of the file is not 0 bytes, skip the following steps.
Step 4 (Optional) Run the chmod ugo+w file command to set the file of 0 bytes to the
appending state.
file indicates the name of the file that you want to set to the appending state.
Step 5 (Optional) Run the echo content >>file command to add contents that need to be
protected to the end of the file.
● content indicates the contents to be added.
● file indicates the name of the file to which you want to add contents.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 78
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Step 6 Run the cat file command to read the file.
file indicates the name of the file that you want to read.
Step 7 (Optional) Run the chmod ugo-w file command to set a file in the appending
state to the locked state.
file indicates the name of the file that you want to set to the locked state.
linux-11:/mnt/fs1 # touch -a -t 202010100600 demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:51:25.000000000 +0800
Change: 2014-11-29 11:52:11.000000000 +0800
linux-11:/mnt/fs1 # chmod u-w demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0444/-r--r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:51:25.000000000 +0800
Change: 2014-11-29 11:54:11.000000000 +0800
linux-11:/mnt/fs1 # chmod u+w demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0644/-rw-r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:51:25.000000000 +0800
Change: 2014-11-29 11:56:17.000000000 +0800
linux-11:/mnt/fs1 # echo hello world>>demo
linux-11:/mnt/fs1 # cat demo
hello world
linux-11:/mnt/fs1 # chmod u-w demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 12 Blocks: 8 IO Block: 4096 regular file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0444/-r--r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:57:10.000000000 +0800
Change: 2014-11-29 11:57:55.000000000 +0800
linux-11:/mnt/fs1 # echo 123>>demo
linux-11:/mnt/fs1 # cat demo
hello world
linux-11:/mnt/fs1 #
----End
3.2 Managing a WORM File System
This operation allows you to manage WORM file systems and files in them.
3.2.1 Viewing the WORM Compliance Clock
This operation allows you to view the initialized WORM compliance clock.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 79
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Prerequisites
● The WORM compliance clock has been initialized.
● At least one WORM file system has been created in the storage system.
● You have the permission to view the WORM compliance clock.
Context
Only a super administrator or vStore WORM administrator can query the WORM
compliance clock.
Procedure
Step 1 Log in to the CLI of the storage system.
Step 2 View the WORM compliance clock.
● Run the show system secure_compliance_clock command to view the
current global security compliance clock.
admin:/>show system secure_compliance_clock
Secure Compliance Clock : 2021-10-15/17:44:57 UTC+08:00
● Run the show file_system worm file_system_id=? command to view the
current WORM file system compliance clock.
admin:/>show file_system worm file_system_id=2
ID :2
Name : testfs2
Capacity : 100.000GB
Type : Thin
Worm Type : Compliance
Auto Lock : No
Auto Del : No
Max Protect Period : 70 Year(s)
Min Protect Period : 3 Year(s)
Default Protect Period : 70 Year(s)
Auto Lock Time : 2 Hour(s)
Expired Time : --
Worm Clock : 2021-10-15/17:53:28 UTC+08:00
Is Worm Audit Log Fs : No
Litigation Num :0
NOTE
For details about the command, visit Command/Event/Error Code Query.
----End
3.2.2 Viewing the Properties of a WORM File System
This operation allows you to view the properties of a WORM file system.
Prerequisites
● A WORM file system has been created.
● You have the permission to view the properties of the WORM file system.
Context
● On the file system management page, you can click to refresh file system
information.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 80
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
● On the file system management page, you can click or next to a
parameter and enter a keyword or select a parameter value to search for the
desired file systems.
● On the file system management page, you can click and select the file
system parameters you want to view.
● On the file system management page, you can click or next to a
parameter to change the display order of file systems.
● On the file system management page, you can click to export file system
information to your local PC.
Procedure
Step 1 Choose Services > File Service > File Systems.
Step 2 In the function pane, view file system information about the vStore.
Table 3-7 describes the parameters.
Table 3-7 File system parameters
Parameter Description
Name Name of a file system.
NOTE
You can click the name of a file system to view its details and
manage it.
ID ID of a file system.
Capacity Capacity information of a file system, including the total
file system capacity and the ratio of the used capacity
(allocated capacity) to the total capacity.
NOTE
You can hover your mouse over Capacity of a file system to view
its total capacity, allocated capacity, data protection capacity, and
capacity alarm threshold.
Total Capacity configured for the file system.
Allocated Capacity Amount of user data written to the file system.
NOTE
If the file system is a clone file system, the allocated capacity does
not include the data volume inherited from the parent file system.
Data Protection Capacity used for data protection on the file system.
Available Amount of user data that can be written to the file system.
Used Ratio of the used capacity (allocated capacity) to the total
capacity of a file system.
Health Status Health status of a file system.
Running Status Running status of a file system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 81
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Created Time when a file system was created.
WORM WORM mode of a file system.
Data Protection Data protection information of a file system.
Shares Share information of a file system.
Quotas Quota information of a file system.
Dtrees Number of dtrees in a file system.
Owning Storage Owning storage pool of a file system.
Pool
Clone File System Indicates whether this is a clone file system.
Security Style Used to set the access control style of a file system in
multi-protocol mode.
Audit Log Indicates whether this is an audit log file system.
Step 3 (Optional) Click the name of a file system to view its summary, share, quota, and
protection information. If the WORM function is enabled for a file system, you can
click Advanced to view the WORM information of the file system.
NOTE
You can select Only show shares of the file system or Only show quotas of the file
system to filter the data. If you do not select these options, the system displays the data of
the file system and dtrees in the file system.
----End
3.2.3 Modifying the Properties of a WORM File System
This section describes how to modify WORM properties of a WORM file system.
New WORM properties take effect on the files put in the WORM file system after
the modification.
Prerequisites
A WORM file system has been created.
Procedure
Step 1 Choose Services > File Service > File Systems.
Step 2 Click More on the right of the desired file system and select Modify.
The Modify File System page is displayed on the right.
NOTE
You can also click the name of the desired file system. In the upper right corner of the page
that is displayed, click Modify from the Operation drop-down list.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 82
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Step 3 Modify the attributes of the file system.
Table 3-8 describes the parameters.
Table 3-8 File system parameters
Parameter Description
Name Name of the file system.
[Value range]
● The name must be unique.
● The name can contain only letters, digits, periods (.),
underscores (_), hyphens (-), and characters of different
languages.
● The name contains 1 to 255 characters.
Description Description of the file system.
[Value range]
The description can be left blank or contain up to 255
characters.
Capacity Alarm Alarm threshold of the file system capacity. An alarm will
Threshold (%) be generated when the threshold is reached.
Snapshot Indicates whether to visualize the directory of the file
Directory Visibility system snapshots.
Auto Atime Indicates whether to enable Auto Atime Update. Atime
Update indicates the last file system access time. After this function
is enabled, Atime is updated every time data in the file
system is accessed.
NOTE
Enabling Auto Atime Update compromises the system
performance.
Atime Update Indicates the Atime update frequency. The options can be
Frequency Hourly and Daily.
Snapshot This function is to obtain differential data between file
Comparison system snapshots during incremental backup by backup
software. After it is enabled, file system snapshot
comparison is provided.
NOTE
● To use this function, you are advised to set Snapshot Directory
Visibility to Visible. Otherwise, some backup software may fail
to access snapshots.
● Only 6.1.6 and later versions support this parameter.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 83
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Security Style Select a security style based on service requirements. It is
used to set the access control style of a file system in multi-
protocol mode.
● Mixed
Allows users of both CIFS and NFS clients to access and
control file systems. The last configured permissions
prevail.
● Native
Controls CIFS users' permissions with Windows NT ACLs
and NFS users' permissions with UNIX permissions (UNIX
mode bits, POSIX ACLs, and NFSv4 ACLs). Windows NT
ACLs and UNIX permissions will neither affect nor
synchronize with each other.
– For CIFS share access, Windows NT ACLs determine
whether Windows users have access permission.
NOTE
If Windows NT ACLs do not exist, UNIX mode bits determine
whether Windows users have access permission.
– For NFS share access, access permission of UNIX users
is determined by UNIX permissions.
● NTFS
Controls CIFS users' permissions with Windows NT ACLs.
NOTE
– If NTFS is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– In addition, you are advised to configure a default Windows
user for the NFS service in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter. The default Windows user must be an existing
local authentication user or AD domain user.
● UNIX
Controls NFS users' permissions with UNIX mode bits or
NFSv4 ACLs.
NOTE
– If UNIX is selected, you are advised to enable user mapping
and set Mapping Mode to Support only user mapping of
this system in Services > File Service > Authentication
Users > User Mappings > Set Mapping Parameter.
– In addition, you are advised to configure a default UNIX user
for the CIFS service in Services > File Service >
Authentication Users > User Mappings > Set Mapping
Parameter. The default UNIX user must be an existing local
authentication user or NIS/LDAP domain user.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 84
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
NAS Lock Policy NAS Lock Policy includes Mandatory Lock and Advisory
Lock.
Mandatory Lock is recommended if clients using different
protocols simultaneously access the same file or directory.
Advisory Lock is recommended if high read and write
performance is required and clients using different
protocols do not access the same file or directory
simultaneously.
NOTE
This parameter is available only when Security Style is set to
Native.
Data Reduction Indicates whether to enable data reduction. After this
function is enabled, the system performs deduplication and
compression on LUNs to save storage space.
NOTE
The data reduction switch can be modified only after
SmartDedupe & SmartCompression Software License Basic is
imported to the system.
Step 4 Set the WORM properties of the file system. The WORM file system ensures that a
file enters the protected state after being written. In this case, the file cannot be
modified, moved, or deleted, but can be read for multiple times.
NOTE
Due to the sensitivity of a WORM file system to data security, the following configuration
operations on file systems are restricted:
● Only read-only snapshots can be created for the WORM file system. The snapshot file
systems created for the WORM file system also have the WORM feature.
● When configured the remote replication function:
– If Pair Creation is set to Manual, ensure that the WORM file system modes at
both ends are the same. Otherwise, the primary/secondary relationship cannot be
established.
– If Pair Creation is set to Automatic, ensure that the global WORM regulatory
clock has been initialized on the remote end.
– If the primary file system is a WORM audit log file system, primary/secondary
switchover and disabling protection for the secondary resource are not supported.
Table 3-9 describes the parameters.
NOTE
This parameter is available only when WORM is enabled for the file system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 85
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Table 3-9 WORM properties of a file system
Parameter Description
Mode Indicates the compliance mode of WORM protection.
● Regulatory compliance
– Files within the protection period cannot be modified,
renamed, or deleted by super administrators,
administrators, or common users.
– Files whose protection period expires can be deleted
but cannot be modified or renamed by super
administrators, administrators, or common users.
– A file system that contains files within the protection
period cannot be deleted by super administrators or
administrators.
– A file system, in which the protection period of all files
expires, can be deleted by super administrators and
administrators.
● Enterprise compliance
– Common users or super administrators cannot modify,
delete, or rename files within the protection period,
but privileged users can delete these files.
– Files whose protection period expires can be deleted
but cannot be modified or renamed by super
administrators, administrators, or common users.
– Administrators cannot delete a file system that
contains files within the protection period, but
privileged users can delete the file system.
– A file system, in which the protection period of all files
expires, can be deleted by super administrators and
administrators.
NOTE
● Enterprise WORM file systems can be renamed, but Regulatory
Compliance WORM file systems cannot.
● Enterprise WORM file systems can be rolled back using a
snapshot, but Regulatory Compliance WORM file systems
cannot.
● Primary/secondary switchover and disabling protection for the
secondary resource are supported if the WORM mode of the
primary and secondary file systems of the remote replication is
enterprise compliance, but not supported if the WORM mode of
the primary and secondary file systems is regulatory compliance.
● Enterprise file systems cannot be configured as WORM audit log
file systems.
[Default value]
Regulatory compliance
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 86
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Min. Protection Minimum protection period supported by the WORM file
Period system. The protection period of a file in the WORM file
system cannot be smaller than the value of this parameter.
[Value range]
0 to 70 years or Indefinite.
NOTE
The value of Min. Protection Period must be less than or equal to
that of Max. Protection Period.
Max. Protection Maximum protection period supported by the WORM file
Period system. The protection period of a file in the WORM file
system cannot be longer than the value of this parameter.
[Value range]
1 day to 70 years or Indefinite.
NOTE
The value of Max. Protection Period cannot be 0.
Default Default protection period supported by the WORM file
Protection Period system. The protection period of a file in the WORM file
system is the default value of the parameter if you do not
set a protection period for the file.
[Value range]
● If the value of Max. Protection Period ranges from 1 day
to 70 years, Default Protection Period is a value from
Min. Protection Period to Max. Protection Period.
● If Max. Protection Period is set to Indefinite, Default
Protection Period is a value from Min. Protection
Period to 70 years or is Indefinite.
NOTE
To set Default Protection Period to Indefinite, you must set
Max. Protection Period to Indefinite. Otherwise, the setting
fails.
Automatic After this function is enabled, a file automatically enters the
Lockout locked state if not being modified within Lockout Wait
Time (hours). The file in the locked state is protected. You
can only read the file, but cannot modify, rename, or delete
it.
NOTE
Modification operations include file data change and metadata
change.
Lockout Wait Indicates the wait time before a file automatically enters the
Time locked state.
[Value range]
1 minute to 10 years.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 87
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Parameter Description
Automatic After this function is enabled, the system automatically
Deletion deletes files whose protection periods have expired.
NOTE
Before enabling this function, ensure that files do not need
protection and can be automatically deleted by the system after
they expire.
WORM Audit Log After the WORM audit log file system is enabled, the system
File System records operation logs of the WORM file system, including
Add a litigation, Remove a litigation, and privileged
deletion of Enterprise WORM file systems.
NOTE
This parameter is available only when Mode is set to Regulatory
compliance.
Step 5 Click OK.
Confirm your operation as prompted.
----End
3.2.4 Deleting a WORM File System
This operation allows you to delete a WORM file system that is no longer
necessary.
Prerequisites
● Files in the WORM file system to be deleted are not in the protection state.
● You have the permission to delete the WORM file system.
● The WORM file system to be deleted has not been shared in NFS or CIFS
mode.
Procedure
Step 1 Choose Services > File Service > File Systems.
Step 2 Select one or more desired file systems and click Delete.
NOTE
Alternatively, perform either of the following operations to delete a file system:
● Click More on the right of a desired file system and select Delete.
● Click the name of the desired file system. In the upper right corner of the page that is
displayed, click Delete from the Operation drop-down list.
Step 3 Confirm your operation as prompted.
----End
3.2.5 Viewing File Status
This operation allows you to view the status of files in a WORM file system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 88
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Windows-based Client
Step 1 Access a WORM file system shared in CIFS mode.
Step 2 Select the file whose status you want to view.
1. Right-click the file whose status you want to view.
The shortcut menu is displayed.
2. Choose Properties from the shortcut menu that is displayed.
The Properties dialog box is displayed.
Step 3 View the status of the file. Table 3-10 describes related parameters.
Table 3-10 File parameters
Parameter Description Value
Access time Time when the file expires. [Example]
The parameter value is the 2084-11-26, 21:45:42
total of the regulation time
when the file enters the
locked state and the
protection period.
Property File status identifier. If there [Example]
is no write permission for the Read-only
file and the file has not
expired, the file is in the
protection state.
----End
Linux-based Client
Step 1 Access a WORM file system shared in NFS mode.
Step 2 Run the stat file command to view the status of a file.
file indicates the name of the file whose status you want to view.
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 12 Blocks: 8 IO Block: 4096 regular file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0444/-r--r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2020-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:57:10.000000000 +0800
Change: 2014-11-29 11:57:55.000000000 +0800
----End
3.2.6 Extending the Protection Period of a File
This operation allows you to extend the protection period of a file in a WORM file
system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 89
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Prerequisites
● Protection periods cannot be shortened. The protection period of a file after
accumulative extensions cannot be longer than the maximum protection
period.
● CIFS users can use a third-party tool (such as the Far Manager graphical tool)
to change atime to extend the protection period of locked, appended, or
expired files.
Procedure
Step 1 Access a WORM file system shared in NFS mode.
Step 2 Run the touch -a -t time file command to extend the protection period of a file.
● time indicates the overdue time of the file.
● file indicates the name of the file.
Step 3 Run the stat file command to query the extended protection period.
linux-11:/mnt/fs1 # touch -a -t 203010100600 demo
linux-11:/mnt/fs1 # stat demo
File: `demo'
Size: 12 Blocks: 8 IO Block: 4096 regular file
Device: 802h/2050dInode: 3760144 Links: 1
Access: (0444/-r--r--r--) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2030-10-10 06:00:00.000000000 +0800
Modify: 2014-11-29 11:57:10.000000000 +0800
Change: 2014-11-29 23:55:41.000000000 +0800
----End
3.2.7 Manually Deleting an Expired File from a WORM File
System
This operation allows you to delete an expired file from a WORM file system to
release storage space.
Windows-based Client
Step 1 Access a WORM file system shared in CIFS mode.
Step 2 Select the expired file that you want to delete.
1. Right-click the file that you want to delete.
2. Choose Delete from the shortcut menu that is displayed.
The Delete File dialog box is displayed.
Step 3 Confirm your operation.
Click OK.
----End
Linux-based Client
Step 1 Access a WORM file system shared in NFS mode.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 90
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
Step 2 Run the rm -f file command to delete an expired file.
file indicates the name of the expired file that you want to delete.
Step 3 Run the stat file command to check whether the expired file is deleted.
file indicates the name of the expired file that you have deleted.
linux-11:/mnt/fs1 # rm -f demo
linux-11:/mnt/fs1 # stat demo
stat: cannot stat `demo': No such file or directory
----End
3.2.8 Creating a Litigation Hold Task
When a file is set to the litigation hold state, the file cannot be modified or
deleted until the state is cleared. This function can be used to save files about
subpoenas, litigation, regulatory investigations, and other special cases.
Prerequisites
Before performing this operation, ensure that:
● You have created a WORM file system.
● You have the permission to perform this operation.
● A WORM audit log file system has been enabled for the current vStore.
Context
Only the super administrator or the vStore WORM administrator can create
litigation hold tasks.
Procedure
Step 1 Log in to the CLI of the storage system.
Step 2 Query the list and details about litigation hold tasks in the WORM file system.
Run the show worm_file legal_hold file_system_id=? [ task_id=? ] command to
query the signature of the WORM file.
● file_system_id indicates the ID of the WORM file system. To obtain its value,
run the show file_system worm command without parameters.
● task_id indicates the ID of the litigation hold task.
Example:
Query the list of litigation hold tasks in the file system whose ID is 60.
admin:/>show worm_file legal_hold file_system_id=60
Task ID File System ID File System Name Litigation Name Operation Status Deal Ok File Num
Deal Fail File Num Path
------------ -------------- ---------------- --------------- --------- ------ ---------------- ------------------
-----
257698038272 60 worm_fs_1 dddd Set 0 0 0 /
file
257698038017 60 worm_fs_1 fffff Set 0 0
0 /ddd
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 91
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
257698038019 60 worm_fs_1 fs001 Set 0 0
0 /ddd
257698038276 60 worm_fs_1 fs001 Set 0 0
0 /ddd
257698038277 60 worm_fs_1 sss Set 0 0 0 /
file
Query the details about the litigation hold task whose ID is 257698038272 in the
file system whose ID is 60.
admin:/>show worm_file legal_hold file_system_id=60 task_id=257698038272
Task ID : 257698038272
File System ID : 60
File System Name : worm_fs_1
Litigation Name : dddd
Operation : Set
Status :0
Deal Ok File Num : 0
Deal Fail File Num : 0
Path : /file
Status Details : No Error
Step 3 Create a litigation hold task.
Run the create worm_file legal_hold operation=? litigation_name=?
file_system_id=? path=? command to create a litigation hold task.
● operation indicates the operation for a litigation hold task. Its values are as
follows:
– set: Set a litigation hold task.
– unset: Cancel a litigation hold task.
● litigation_name indicates the litigation name. The value contains 1 to 255
ASCII characters, including digits, letters, underscores (_), hyphens (-), and
periods (.).
● file_system_id indicates the ID of the WORM file system. To obtain its value,
run the show file_system worm command without parameters.
● path indicates the file or path for setting or canceling the litigation hold task.
Example:
Set a litigation hold task for the file system whose ID is 1 and file path is /. The
litigation name is litigation1.
admin:/>create worm_file legal_hold operation=set litigation_name=litigation1 file_system_id=1
path=/
Command executed successfully.
Cancel a litigation hold task for the file system whose ID is 1, path is /, and
litigation name is litigation1.
admin:/>create worm_file legal_hold operation=unset litigation_name=litigation1 file_system_id=1 path=/
Command executed successfully.
NOTE
To delete a litigation hold task, run the delete worm_file legal_hold file_system_id=?
task_id=? command.
----End
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 92
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
3.2.9 Verifying the File Signature
You can check whether data is modified by verifying the file signature.
Prerequisites
Before performing this operation, ensure that:
● You have created a WORM file system.
● You have the permission to perform this operation.
Context
● Only the super administrator or the vStore WORM administrator can verify
the file signature.
● After the WORM file is locked, a signature is automatically generated and
saved for signature query and verification. If a file is modified, the verification
fails. In case of no modification, if the file size is 0, a message is displayed
indicating that no fingerprints exist. If the file size is not 0, the verification is
successful.
Procedure
Step 1 Log in to the CLI of the storage system.
Step 2 Query the file signature.
Run the show worm_file fingerprint file_system_id=? [task_id=?] command to
query the signature of the WORM file.
● file_system_id indicates the ID of the WORM file system where the WORM
file resides. To obtain its value, run the show file_system worm command
without parameters.
● task_id indicates the ID of the file signature task.
Example:
Query information about all file signature tasks whose file system ID is 1.
admin:/>show worm_file fingerprint file_system_id=1
Task ID File System ID File System Name Fingerprint Scope Algorithm Task Status Path
------- -------------- ---------------- ----------------- --------- ----------- ----
6553600 1 fs_worm0000 Data And Metadata SHA-256 Finish /123
6553792 1 fs_worm0000 Data And Metadata SHA-256 Finish /456
Query information about the file signature task whose file system ID is 1 and task
ID is 6553600.
admin:/>show worm_file fingerprint file_system_id=1 task_id=6553600
Task ID : 6553600
File System ID :1
File System Name : fs_worm0000
Fingerprint Scope : Data And Metadata
Algorithm : SHA-256
Task Status : Finish
Data Fingerprint : a15d44de70edc791acc2e3547f831852c29a0c2a2fe27280b2cbc9db214b4b9a
Metadata Fingerprint : 4aa16040547b73f66250983bad6b0973f76ac652e071931ba6f4e172bf0c2f60
Start Time : 2021-08-21/09:18:37 UTC+08:00
Finish Time : 2021-08-21/09:18:37 UTC+08:00
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 93
OceanStor Dorado 3 Configuring and Managing a WORM File System
HyperLock Feature Guide (vStore User)
File Type : Regular
File Size : 9.000B
File User ID :0
File Group ID :0
File Change Time : 2021-08-20/23:01:05 UTC+08:00
File Modification Time : 2021-08-20/23:01:05 UTC+08:00
File Create Time : 2021-08-20/23:01:01 UTC+08:00
File Access Time : 2021-08-20/23:01:01 UTC+08:00
Path : /123
NOTE
If the WORM file does not have a signature, -- is returned.
Step 3 Verify the file signature.
Run the create worm_file fingerprint file_system_id=? path=?
fingerprint_scope=? algorithm=? command to verify the signature of the WORM
file.
● file_system_id indicates the ID of the WORM file system where the WORM
file resides. To obtain its value, run the show file_system worm command
without parameters.
● path indicates the full path of the WORM file.
● fingerprint_scope indicates the file fingerprint range. The values are as
follows:
– data and metadata: file data and file metadata
– data: file data
– metadata: file metadata
● algorithm indicates the file fingerprint algorithm. The value can only be
SHA-256.
Example:
Calculate the signature of the file whose file system ID is 1 and file path is /file1.
The calculation content is metadata and data.
admin:/>create worm_file fingerprint file_system_id=1 path=/file1 algorithm=SHA-256
fingerprint_scope=data_and_metadata
Command executed successfully.
NOTE
● If the file to be verified does not have a signature and the file size is 0, a message is
displayed indicating that the file is empty. If the file size is not 0, the verification is
successful.
● To stop a file signature task, run the delete worm_file fingerprint file_system_id=?
task_id=? command.
----End
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 94
OceanStor Dorado A Configuring and Managing WORM Using CLI
HyperLock Feature Guide Commands
A Configuring and Managing WORM
Using CLI Commands
This section provides some CLI commands for configuring and managing WORM
file systems.
NOTE
● The CLI commands supported by different models may vary.
● For more CLI commands and their description, refer to Command/Event/Error Code
Query.
Configuring WORM File Systems Using CLI Commands
Table A-1 Commands for configuring WORM file systems
Operation Command
Check the license file. show license
NOTE
Check whether HyperLock is supported.
Initialize the WORM change system secure_compliance_clock date=?
compliance clock.
Create a WORM file create file_system general name=? pool_id=? capacity=?
sub_type=worm worm_type=compliance default_protect_period=?
system. default_protect_period_unit=? min_protect_period=?
min_protect_period_unit=? max_protect_period=?
max_protect_period_unit=? auto_lock_enabled=? auto_lock_time=?
auto_lock_time_unit=?
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 95
OceanStor Dorado A Configuring and Managing WORM Using CLI
HyperLock Feature Guide Commands
Managing WORM File Systems Using CLI Commands
Table A-2 Commands for managing the WORM compliance clock
Operation Command
Query the global security show system secure_compliance_clock
compliance clock.
Query the WORM file show file_system worm file_system_id=?
system compliance clock.
Table A-3 Commands for managing WORM file systems
Operation Command
Query brief information show file_system general
about all file systems. NOTE
For a WORM file system, the value of Worm type in the
command output is Compliance.
Query brief information show file_system worm
about all WORM file
systems.
Query WORM properties show file_system worm file_system_id=?
of a specified file system.
Modify WORM properties change file_system worm file_system_id=? auto_lock_enabled=?
auto_delete_enabled=? auto_lock_time=? auto_lock_time_unit=?
of a specified file system. default_protect_period=? default_protect_period_unit=?
max_protect_period=? max_protect_period_unit=?
min_protect_period=? min_protect_period_unit=?
is_worm_auditlog_fs=?
NOTE
To modify other properties of a file system, run the
change file_system general command.
Delete a file system. delete file_system worm file_system_id_list=?
Or:
delete file_system general file_system_id_list=?
Perform privileged delete privdel general deltype=file_system file_system_id=?
deletion of an Enterprise
WORM file system.
Perform privileged delete privdel general deltype=dtree file_system_id=? dtree_id=?
deletion of a dtree in an
Enterprise WORM file
system.
Perform privileged delete privdel general deltype=file file_system_id=? path=?
deletion of a file in an
Enterprise WORM file
system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 96
OceanStor Dorado
HyperLock Feature Guide B How to Obtain Help
B How to Obtain Help
If a tough or critical problem persists in routine maintenance or troubleshooting,
contact Huawei technical support.
B.1 Preparations for Contacting Huawei
To better resolve the fault, you are advised to collect troubleshooting information
and make debugging preparations before contacting Huawei.
B.1.1 Collecting Troubleshooting Information
You need to collect troubleshooting information before troubleshooting.
You need to collect the following information:
● Name and address of the customer
● Contact person and telephone number
● Time when the fault occurred
● Description of the fault phenomena
● Device type and software version
● Measures taken after the fault occurs and the related results
● Troubleshooting level and required solution deadline
B.1.2 Making Debugging Preparations
When you contact Huawei for help, the technical support engineer of Huawei
might assist you to do certain operations to collect information about the fault or
rectify the fault directly.
Before contacting Huawei for help, you need to prepare the boards, port modules,
screwdrivers, screws, cables for serial ports, network cables, and other required
materials.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 97
OceanStor Dorado
HyperLock Feature Guide B How to Obtain Help
B.2 How to Use the Document
Huawei provides guide documents shipped with the device. The guide documents
can be used to handle the common problems occurring in daily maintenance or
troubleshooting.
To better solve the problems, use the documents before you contact Huawei for
technical support.
B.3 How to Obtain Help from Website
Huawei provides users with timely and efficient technical support through the
regional offices, secondary technical support system, telephone technical support,
remote technical support, and onsite technical support.
Contents of the Huawei technical support system are as follows:
● Huawei headquarters technical support department
● Regional office technical support center
● Customer service center
● Technical support website: https://support.huawei.com/enterprise/
You can query how to contact the regional offices at https://
support.huawei.com/enterprise/.
B.4 Ways to Contact Huawei
Huawei Technologies Co., Ltd. provides customers with comprehensive technical
support and service. For any assistance, contact our local office or company
headquarters.
Huawei Technologies Co., Ltd.
Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's
Republic of China
Website: https://e.huawei.com/
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 98
OceanStor Dorado
HyperLock Feature Guide C Glossary
C Glossary
A
AC power module The module that transfers the external AC power
supply into the power supply for internal use.
Application server A service processing node (a computer device) on the
network. Application programs of data services run
on the application server.
Asynchronous remote A kind of remote replication. When the data at the
replication primary site is updated, the data does not need to be
updated synchronously at the mirroring site to finish
the update. In this way, performance is not reduced
due to data mirroring.
Air baffle It optimizes the ventilation channels and improves
the heat dissipation capability of the system.
Audit log guarantee A mode for recording audit logs. This mode
mode preferentially ensures that the audit log function is
normal and no audit log is missing.
Audit log non- A mode for recording audit logs. In this mode,
guarantee mode services are running properly. Audit logs may be
missing.
B
Backup A collection of data stored on (usually removable)
non-volatile storage media for purposes of recovery
in case the original copy of data is lost or becomes
inaccessible; also called a backup copy. To be useful
for recovery, a backup must be made by copying the
source data image when it is in a consistent state.
The act of creating a backup.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 99
OceanStor Dorado
HyperLock Feature Guide C Glossary
Backup window An interval of time during which a set of data can be
backed up without seriously affecting applications
that use the data.
Bandwidth The numerical difference between the upper and
lower frequencies of a band of electromagnetic
radiation. A deprecated synonym for data transfer
capacity that is often incorrectly used to refer to
throughput.
Baud rate The maximum rate of signal state changes per
second on a communications circuit. If each signal
state change corresponds to a code bit, then the
baud rate and the bit rate are the same. It is also
possible for signal state changes to correspond to
more than one code bit, so the baud rate may be
lower than the code bit rate.
Bit error An incompatibility between a bit in a transmitted
digital signal and the corresponding bit in the
received digital signal.
Bit error rate The probability that a transmitted bit will be
erroneously received. The bit error rate (BER) is
measured by counting the number of bits in error at
the output of a receiver and dividing by the total
number of bits in the transmission. BER is typically
expressed as a negative power of 10.
Bonding Bonding of multiple independent physical network
ports into a logical port, which ensures the high
availability of server network connections and
improves network performance.
Boundary scan A test methodology that uses shift registers in the
output connections of integrated circuits (ICs). One IC
is often connected to the next IC. A data pattern is
passed through the chain and the observed returned
data stream affected by the circuit conditions gives
an indication of any faults present. The system is
defined under IEEE standard 1149.1 and is also
known as Joint Test Action Group (JTAG).
Browser/Server Architecture that defines the roles of the browser and
server. The browser is the service request party and
the server is the service provider.
Built-in FRU Alarm It indicates errors on the built-in FRUs of a controller,
indicator such as errors on fans or memory modules.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 100
OceanStor Dorado
HyperLock Feature Guide C Glossary
C
Cache hit ratio The ratio of the number of cache hits to the number
of all I/Os during a read task, usually expressed as a
percentage.
Captive screw Specially designed to lock into place on a parent
board or motherboard, allowing for easy installation
and removal of attached pieces without release of
the screw.
Challenge Handshake A password-based authentication protocol that uses a
Authentication challenge to verify that a user has access rights to a
Protocol system. A hash of the supplied password with the
challenge is sent for comparison so the cleartext
password is never sent over the connection.
Compliance mode A protection mode of WORM. In compliance mode,
files within their protection period cannot be changed
or deleted by either the file user or by the system
administrator. Files with expired protection periods
can be deleted but not changed by the file user or
the system administrator.
Controller The control logic in a disk or tape that performs
command decoding and execution, host data transfer,
serialization and deserialization of data, error
detection and correction, and overall management of
device operations. The control logic in a storage
subsystem that performs command transformation
and routing, aggregation (RAID, mirroring, striping, or
other), high-level error recovery, and performance
optimization for multiple storage devices.
Controller enclosure An enclosure that accommodates controllers and
provides storage services. It is the core component of
a storage system and generally consists of
components, such as controllers, power supplies, and
fans.
Copying A pair state. The state indicates that the source LUN
data is being synchronized to the target LUN.
Container root Space used to store the metadata for running
directory container images and container instances.
Container image An image is a special file system, which provides the
programs, libraries, resources, and configuration files
required for running containers. It also contains
configuration parameters, for example, for
anonymous disks, environment variables, and users.
The image does not contain dynamic data, and its
content will not be modified after construction.
Containerized An image can start multiple containers, and an
application application can contain one or a group of containers.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 101
OceanStor Dorado
HyperLock Feature Guide C Glossary
Container node Controller that runs the container service.
Configuration item list A series of modifiable configuration items defined in
the Helm chart of the container.
Container service Containerized application management service, which
manages the lifecycle of containerized applications.
CloudVxLAN CloudVxLAN is a feature that uses the Virtual
eXtensible Local Area Network (VxLAN) technology,
which allows storage systems to directly connect to
the VPC network and become a part of Huawei Cloud
Stack for unified management and maintenance,
greatly simplifying O&M.
D
Data compression The process of encoding data to reduce its size. Lossy
compression (i.e., compression using a technique in
which a portion of the original information is lost) is
acceptable for some forms of data (e.g., digital
images) in some applications, but for most IT
applications, lossless compression (i.e., compression
using a technique that preserves the entire content of
the original data, and from which the original data
can be reconstructed exactly) is required.
Data flow A process that involves processing data extracted
from the source system. These processes include:
filtering, integration, calculation, and summary,
finding and solving data inconsistency, and deleting
invalid data so that the processed data meets the
requirements of the destination system for the input
data.
Data migration A movement of data or information between
information systems, formats, or media. Migration is
performed for reasons such as possible decay of
storage media, obsolete hardware or software
(including obsolete data formats), changing
performance requirements, the need for cost
efficiencies etc.
Data source A system, database (database user; database
instance), or file that can make BOs persistent.
Deduplication The replacement of multiple copies of data — at
variable levels of granularity — with references to a
shared copy in order to save storage space and/or
bandwidth.
Dirty data Data that is stored temporarily on the cache and has
not been written onto disks.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 102
OceanStor Dorado
HyperLock Feature Guide C Glossary
Disaster recovery The recovery of data, access to data and associated
processing through a comprehensive process of
setting up a redundant site (equipment and work
space) with recovery of operational data to continue
business operations after a loss of use of all or part
of a data center. This involves not only an essential
set of data but also an essential set of all the
hardware and software to continue processing of that
data and business. Any disaster recovery may involve
some amount of down time.
Disk array A set of disks from one or more commonly accessible
disk subsystems, combined with a body of control
software. The control software presents the disks'
storage capacity to hosts as one or more virtual disks.
Control software is often called firmware or
microcode when it runs in a disk controller. Control
software that runs in a host computer is usually
called a volume manager.
Disk domain A disk domain consists of the same type or different
types of disks. Disk domains are isolated from each
other. Therefore, services carried by different disk
domains do not affect each other in terms of
performance and faults (if any).
Disk enclosure Consists of the following parts in redundancy:
expansion module, disk, power module, and fan
module. System capacity can be expanded by
cascading multiple disk enclosures.
Disk location The process of locating a disk in the storage system
by determining the enclosure ID and slot ID of the
disk.
Disk utilization The percentage of used capacity in the total available
capacity.
E
eDevLUN Logical storage array space created by a third-party
storage array.
Expansion module A component used for expansion.
Expansion Connects a storage system to more disk enclosures
through connection cables, expanding the capacity of
the storage system.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 103
OceanStor Dorado
HyperLock Feature Guide C Glossary
Enhanced Direct Enhanced Direct Connect automatically manages
Connect Huawei hardware switches and provides Layer 3
interconnection between private IP addresses in your
cloud and networks outside the cloud. The
networking type and data plane are optimized based
on the original hardware Direct Connect. You can
select the firewall interconnection mode and
networking type to suit your business needs in
different scenarios.
F
Field replaceable unit A unit or component of a system that is designed to
be replaced in the field, i.e., without returning the
system to a factory or repair depot. Field replaceable
units may either be customer-replaceable or their
replacement may require trained service personnel.
Firmware Low-level software for booting and operating an
intelligent device. Firmware generally resides in read-
only memory (ROM) on the device.
Flash Translation Layer Flash Translation Layer (FTL) organizes and manages
host data, enables host data to be allocated to NAND
flash chips of SSDs in an orderly manner, maintains
the mapping relationship between logical block
addresses (LBAs) and physical block addresses
(PBAs), and implements garbage collection, wear
leveling, and bad block management.
Front-end port The port that connects the controller enclosure to the
service side and transfers service data. Front-end port
types are Fibre Channel and iSCSI.
Front-end interconnect On a storage device, all controllers share the front-
I/O module (FIM) end interface modules.
G
Garbage collection The process of reclaiming resources that are no
longer in use. Garbage collection has uses in many
aspects of computing and storage. For example, in
flash storage, background garbage collection can
improve write performance by reducing the need to
perform whole block erasures prior to a write.
Gateway A device that receives data via one protocol and
transmits it via another.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 104
OceanStor Dorado
HyperLock Feature Guide C Glossary
Global garbage With a view to defragmentation of storage arrays
collection and garbage collection of disks, global garbage
collection reduces garbage of disks by enabling
storage arrays to inform disks of not implementing
invalid data relocation and of controlling space
release so that disks and controllers consume less
space, reducing costs and prolonging the useful life
of storage arrays.
Global system for The second-generation mobile networking standard
mobile defined by the European Telecommunications
communications Standards Institute (ETSI). It is aimed at designing a
standard for global mobile phone networks. GSM
consists of three main parts: mobile switching
subsystem (MSS), base station subsystem (BSS), and
mobile station (MS).
Global wear leveling With a view to individual characteristics of a single
disk, global wear leveling uses space allocation and
write algorithms to achieve wear leveling among
disks, preventing a disk from losing efficacy due to
excessive writes and prolonging the useful life of the
disk.
H
Hard disk tray The tray that bears the hard disk.
Heartbeat Heartbeat supports node communication, fault
diagnosis, and event triggering. Heartbeats are
protocols that require no acknowledgement. They are
transmitted between two devices. The device can
judge the validity status of the peer device.
Hit ratio The ratio of directly accessed I/Os from the cache to
all I/Os.
Hot swap The substitution of a replacement unit (RU) in a
system for a defective unit, where the substitution
can be performed while the system is performing its
normal functioning normally. Hot swaps are physical
operations typically performed by humans.
HyperMetro A value-added service of storage systems.
HyperMetro means two datasets (on two storage
systems) can provide storage services as one dataset
to achieve load balancing among applications and
failover without service interruption.
HyperMetro domain A HyperMetro configuration object generally; made
up of two storage arrays and one quorum server.
HyperMetro services can be created on a HyperMetro
domain.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 105
OceanStor Dorado
HyperLock Feature Guide C Glossary
HyperMetro vStore A HyperMetro vStore pair consists of two vStores,
pair that is, two tenants. After a HyperMetro relationship
is set up for a pair of vStores, the datasets in the two
vStores work in redundancy mode and provide
storage services in one dataset view, achieving hitless
service failover.
HyperMetro-Inner On an eight-controller network, with HyperMetro-
Inner, continuous mirroring, back-end global sharing,
and three-copy technologies, a storage system can
tolerate one-by-one failures of seven controllers
among eight controllers, concurrent failures of two
controllers, and failure of a controller enclosure.
HyperDetect HyperDetect is a feature that provides ransomware
detection.
Handle A handle resides on the structural part of a module. It
is used to insert or remove a module into or from a
chassis, not helpful in saving efforts.
Helm chart A Helm chart is in TAR format. It is similar to the deb
package of APT or the rpm package of Yum. It
contains a group of yaml files that define Kubernetes
resources.
I
In-band management The management control information of the network
and the carrier service information of the user
network are transferred through the same logical
channel. In-band management enables users to
manage storage arrays through commands.
Management commands are sent through service
channels, such as I/O write and read channels. The
advantages of in-band management include high
speed, stable transfer, and no additional
management network ports required.
Initiator The system component that originates an I/O
command over an I/O interconnect. The endpoint
that originates a SCSI I/O command sequence. I/O
adapters, network interface cards, and intelligent I/O
interconnect control ASICs are typical initiators.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 106
OceanStor Dorado
HyperLock Feature Guide C Glossary
I/O Shorthand for input/output. I/O is the process of
moving data between a computer system's main
memory and an external device or interface such as a
storage device, display, printer, or network connected
to other computer systems. This encompasses
reading, or moving data into a computer system's
memory, and writing, or moving data from a
computer system's memory to another location.
Intelligent ransomware The system detects known ransomware features to
detection identify whether the file systems are attacked by
ransomware. If no ransomware attack is identified,
the system analyzes and compares the changes in file
system snapshots, and uses machine learning
algorithms to further check whether the file systems
are infected by ransomware.
Interface module A replaceable field module that accommodates the
service or management ports.
L
Load balance A method of adjusting the system, application
components, and data to averagely distribute the
applied I/Os or computing requests to physical
resources of the system.
Logical unit The addressable entity within a SCSI target that
executes I/O commands.
Logical unit number The SCSI identifier of a logical unit within a target.
Industry shorthand, when phrased as "LUN", for the
logical unit indicated by the logical unit number.
LUN formatting The process of writing 0 bits in the data area of the
logical drive and generating related parity bits so that
the logical drive can be in the ready state.
LUN mapping A storage system maps LUNs to application servers
so that application servers can access storage
resources.
LUN migration A method for the LUN data to migrate between
different physical storage spaces while ensuring data
integrity and uninterrupted operation of host
services.
LUN snapshot A type of snapshot created for a LUN. This snapshot
is both readable and writable and is mainly used to
provide a snapshot LUN from point-in-time LUN
data.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 107
OceanStor Dorado
HyperLock Feature Guide C Glossary
Lever A lever resides on the structural part of a module. It
is used to insert or remove a module into or from a
chassis, saving efforts.
Local image repository A private repository used to store the container
images and Helm charts imported by users. It is
different from the standard image repository. The
imported images and Helm charts must meet the
compatibility requirements of the system.
M
Maintenance terminal A computer connected through a serial port or
management network port. It maintains the storage
system.
Management interface The module that integrates one or more
module management network ports.
Management network An entity that provides means to transmit and
process network management information.
Management network The network port on the controller enclosure
port connected to the maintenance terminal. It is provided
for the remote maintenance terminal. Its IP address
can be modified with the change of the customer's
environment.
N
NVM Express A host controller interface with a register interface
and command set designed for PCI Express-based
SSDs.
NVMe SSD A solid state disk (SSD) with a non-volatile memory
express (NVMe) interface. Compared with other
SSDs, such SSDs can deliver higher performance and
shorter latency.
O
Out-of-band A management mode used during out-of-band
management networking. The management and control
information of the network and the bearer service
information of the user network are transmitted
through different logical channels.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 108
OceanStor Dorado
HyperLock Feature Guide C Glossary
P
Power failure When an external power failure occurs, the AC PEM
protection depends on the battery for power supply. This
ensures the integrity of the dirty data in the cache.
Pre-copy When the system monitors a failing member disk in a
RAID group, the system copies the data from the disk
to a hot spare disk in advance.
Palm-sized NVMe SSD A palm-sized NVMe SSD is a type of NVMe SSD of
which the dimensions (H x W x D) are 160 mm x 79.8
mm x 9.5 mm (neither 3.5-inch nor 2.5-inch).
Q
Quorum server A server that can provide arbitration services for
clusters or HyperMetro to prevent the resource access
conflicts of multiple application servers.
Quorum Server Mode A HyperMetro arbitration mode. When a HyperMetro
arbitration occurs, the quorum server decides which
site wins the arbitration.
R
RAID level The application of different redundancy types to a
logical drive. A RAID level improves the fault
tolerance or performance of the logical drive but
reduces the available capacity of the logical drive.
You must specify a RAID level for each logical drive.
Ransomware file When launching attacks, ransomware usually
interception generates encrypted files with special file name
extensions. In light of this, the system intercepts the
write to files with specific file name extensions to
block the extortion from known ransomware and
protect file systems in the storage system.
Real-time ransomware Ransomware has similar I/O behavior characteristics.
detection By analyzing file I/O behavior characteristics, the
system quickly filters out abnormal files and
performs deep content analysis on the abnormal files
to detect files attacked by ransomware. Then, secure
snapshots are created for file systems where files
have been attacked, and alarms are reported to
notify the data protection administrator, limiting the
impact of ransomware and reducing losses.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 109
OceanStor Dorado
HyperLock Feature Guide C Glossary
Reconstruction The regeneration and writing onto one or more
replacement disks of all of the user data and check
data from a failed disk in a mirrored or RAID array. In
most arrays, a rebuild can occur while applications
are accessing data on the array's virtual disks.
Redundancy The inclusion of extra components of a given type in
a system (beyond those required by the system to
carry out its function) for the purpose of enabling
continued operation in the event of a component
failure.
Remote replication A core technology for disaster recovery and a
foundation that implements remote data
synchronization and disaster recovery. This
technology remotely maintains a set of data mirrors
through the remote data connection function of the
storage devices that are separated in different places.
Even when a disaster occurs, the data backup on the
remote storage device is not affected. Remote
replication can be divided into synchronous remote
replication and asynchronous remote replication.
Reverse The process of restoring data from the redundancy
synchronization machine (RM) when the services of the production
machine (PM) are recovering.
Route The path that network traffic takes from its source to
its destination. On a TCP/IP network, each IP packet
is routed independently. Routes can change
dynamically.
S
Script A parameterized list of primitive I/O interconnect
operations intended to be executed in sequence.
Often used with respect to ports, most of which are
able to execute scripts of I/O commands
autonomously (without policy processor assistance).
A sequence of instructions intended to be parsed and
carried out by a command line interpreter or other
scripting language. Perl, VBScript, JavaScript and Tcl
are all scripting languages.
Serial port An input/output location (channel) that sends and
receives data (one bit at a time) to and from the CPU
of a computer or a communications device. Serial
ports are used for serial data communication and as
interfaces for some peripheral devices, such as mouse
devices and printers.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 110
OceanStor Dorado
HyperLock Feature Guide C Glossary
Service data The user and/or network information required for the
normal functioning of services.
Service network port The network port that is used to store services.
Simple network An IETF protocol for monitoring and managing
management protocol systems and devices in a network. The data being
monitored and managed is defined by an MIB. The
functions supported by the protocol are the request
and retrieval of data, the setting or writing of data,
and traps that signal the occurrence of events.
Single point of failure One component or path in a system, the failure of
which would make the system inoperable.
Slot A position defined by an upper guide rail and the
corresponding lower guide rail in a frame. A slot
houses a board.
Small computer system A collection of ANSI standards and proposed
interface standards that define I/O interconnects primarily
intended for connecting storage subsystems or
devices to hosts through host bus adapters. Originally
intended primarily for use with small (desktop and
desk-side workstation) computers, SCSI has been
extended to serve most computing needs, and is
arguably the most widely implemented I/O
interconnect in use today.
Snapshot A point in time copy of a defined collection of data.
Clones and snapshots are full copies. Depending on
the system, snapshots may be of files, LUNs, file
systems, or any other type of container supported by
the system.
Snapshot copy A copy of a snapshot LUN.
Source LUN The LUN where the original data is located.
Static Priority Mode A HyperMetro arbitration mode. When a HyperMetro
arbitration occurs, the preferred site always wins the
arbitration.
Storage system An integrated system that consists of the following
parts: controller, storage array, host bus adapter,
physical connection between storage units, and all
control software.
Storage unit An abstract definition of backup storage media for
storing backup data. The storage unit is connected to
the actual storage media used to back up data.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 111
OceanStor Dorado
HyperLock Feature Guide C Glossary
Streaming media Streaming media is media continuously streamed
over the network. Combining technologies
concerning streaming media data collection,
compression, encoding, storage, transmission,
playback, and network communications, streaming
media can provide high-quality playback effects in
real time at low bandwidth.
Subnet A type of smaller network that forms a larger
network according to a rule, such as, forming a
network according to different districts. This
facilitates the management of a large network.
Smart disk enclosure Being compared with traditional disk enclosures, the
smart disk enclosures are equipped with Arm chips
and DDR memories or other computing modules to
achieve powerful computing capabilities. With such
capabilities, the smart disk enclosures can help
controllers to share some computing loads,
accelerating data processing.
Share authentication During vStore configuration synchronization, the
share authentication information (including the share
information and domain controller configuration) is
synchronized to the secondary end.
T
Target The endpoint that receives a SCSI I/O command
sequence.
Target LUN The LUN on which target data resides.
Thin LUN A logic disk that can be accessed by hosts. It
dynamically allocates storage resources from the thin
pool according to the actual capacity requirements of
users.
Topology The logical layout of the components of a computer
system or network and their interconnections.
Topology deals with questions of what components
are directly connected to other components from the
standpoint of being able to communicate. It does not
deal with questions of physical location of
components or interconnecting cables. The
communication infrastructure that provides Fibre
Channel communication among a set of PN_Ports
(e.g., a Fabric, an Arbitrated Loop, or a combination
of the two).
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 112
OceanStor Dorado
HyperLock Feature Guide C Glossary
Trim A method by which the host operating system may
inform a storage device of data blocks that are no
longer in use and can be reclaimed. Many storage
protocols support this functionality via various
names, e.g., ATA TRIM and SCSI UNMAP.
U
User interface The space where users interact with a machine.
U-shaped bracket It is an optional structural part like letter "U". It is
located between the mounting ear of a chassis and
the mounting bar of a cabinet or bay and is used to
adjust the locations of the chassis and mounting bar
of the cabinet or bay.
W
Wear leveling A set of algorithms utilized by a flash controller to
distribute writes and erases across the cells in a flash
device. Cells in flash devices have a limited ability to
survive write cycles. The purpose of wear leveling is
to delay cell wear out and prolong the useful life of
the overall flash device.
Write amplification Increase in the number of write operations by the
device beyond the number of write operations
requested by hosts.
Write amplification The ratio of the number of write operations on the
factor device to the number of write operations requested
by the host.
Write back A caching technology in which the completion of a
write request is signaled as soon as the data is in the
cache. Actual writing to non-volatile media occurs at
a later time. Write back includes inherent risks: an
application will take action predicated on the write
completion signal, and a system failure before the
data is written to non-volatile media will cause
media contents to be inconsistent with that
subsequent action. For these reasons, sufficient write
back implementations include mechanisms to
preserve cache contents across system failures
(including power failures) and a flushed cache at
system restart time.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 113
OceanStor Dorado
HyperLock Feature Guide C Glossary
Write Once Read Many A type of storage, designed for fixed content, that
preserves what is written to it in an immutable
fashion. Optical disks are an example of WORM
storage.
Write through A caching technology in which the completion of a
write request is not signaled until data is safely
stored on non-volatile media. Write performance
equipped with the write through technology is
approximately that of a non-cached system. However,
if the written data is also held in a cache, subsequent
read performance may be dramatically improved.
Z
Zone A collection of Fibre Channel N_Ports and/or
NL_Ports (i.e., device ports) that are permitted to
communicate with each other via the fabric. Any two
N_Ports and/or NL_Ports that are not members of at
least one common zone are not permitted to
communicate via the fabric. Zone membership may
be specified by: 1) port location on a switch, (i.e.,
Domain_ID and port number); or, 2) the device's
N_Port_Name; or, 3) the device's address identifier;
or, 4) the device's Node_Name. Well-known
addresses are implicitly included in every zone.
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 114
OceanStor Dorado
HyperLock Feature Guide D Acronyms and Abbreviations
D Acronyms and Abbreviations
Acronyms and Abbreviations
ACL Access Control List
AD Active Directory
CIFS Common Internet File System
CLI Command Line Interface
DN Distinguished Name
DNS Domain Name Server
FC Fibre Channel
FCoE Fibre Channel over Ethernet
GUI Graphical User Interface
IP Internet Protocol
IPv4 Internet Protocol version 4
IPv6 Internet Protocol version 6
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 115
OceanStor Dorado
HyperLock Feature Guide D Acronyms and Abbreviations
iSCSI Internet Small Computer Systems Interface
LACP Link Aggregation Control Protocol
LDAP Lightweight Directory Access Protocol
NFS Network File System
NIS Network Information Services
RAID Redundant Array of Independent Disks
RDN Relative Distinguished Name
SEC Securities and Exchange Commission
SMB Server Message Block
SSL Secure Sockets Layer
TOE TCP Offload Engine
TCP Transmission Control Protocol
VLAN Virtual Local Area Network
WORM Write Once Read Many
WORM-C Compliance WORM
WORM-E Enterprise WORM
Issue 06 (2023-10-31) Copyright © Huawei Technologies Co., Ltd. 116
You might also like
- Best Practices of OceanStor Dorado Oriented To Oracle Database Deploymen...No ratings yetBest Practices of OceanStor Dorado Oriented To Oracle Database Deploymen...81 pages
- OceanStor Dorado3000 V3, Dorado5000 V3, and Dorado6000 V3 V300R002 Installation Guide PDFNo ratings yetOceanStor Dorado3000 V3, Dorado5000 V3, and Dorado6000 V3 V300R002 Installation Guide PDF614 pages
- OceanStor Dorado 8000 V6 and Dorado 18000 V6 6.0.1 Product Description100% (2)OceanStor Dorado 8000 V6 and Dorado 18000 V6 6.0.1 Product Description219 pages
- OceanStor Dorado 6.1 Administrator GuideNo ratings yetOceanStor Dorado 6.1 Administrator Guide376 pages
- Dorado V6 Series 6.1.x Best Practices of OceanStor Dorado & OceanStor for NAS Microsoft Hyper-VNo ratings yetDorado V6 Series 6.1.x Best Practices of OceanStor Dorado & OceanStor for NAS Microsoft Hyper-V52 pages
- OceanStor Dorado 6.1 HyperLock Feature GuideNo ratings yetOceanStor Dorado 6.1 HyperLock Feature Guide104 pages
- Dorado V6 Series 6.1.x Basic Storage Service Configuration Guide for FileNo ratings yetDorado V6 Series 6.1.x Basic Storage Service Configuration Guide for File685 pages
- OceanStor Dorado 3000 6.x Installation GuideNo ratings yetOceanStor Dorado 3000 6.x Installation Guide155 pages
- OceanProtect Backup Storage 1.5.0 Acceptance Test GuideNo ratings yetOceanProtect Backup Storage 1.5.0 Acceptance Test Guide78 pages
- OceanStor 6.1.6 REST Interface ReferenceNo ratings yetOceanStor 6.1.6 REST Interface Reference3,690 pages
- OceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide for Red HatNo ratings yetOceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide for Red Hat104 pages
- OceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide for Connecting to Linux Hosts Using NFS over RDMANo ratings yetOceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide for Connecting to Linux Hosts Using NFS over RDMA51 pages
- OceanStor Dorado 6.1.x Initialization GuideNo ratings yetOceanStor Dorado 6.1.x Initialization Guide249 pages
- Huawei OceanStor Dorado V6 All Flash Storage Systems Technical White PaperNo ratings yetHuawei OceanStor Dorado V6 All Flash Storage Systems Technical White Paper199 pages
- OceanStor Dorado 6.1.3 Command ReferenceNo ratings yetOceanStor Dorado 6.1.3 Command Reference1,939 pages
- OceanStor Dorado 6.1 Disk Encryption User GuideNo ratings yetOceanStor Dorado 6.1 Disk Encryption User Guide114 pages
- OceanStor Dorado 6.0.0 SmartVirtualization Feature GuideNo ratings yetOceanStor Dorado 6.0.0 SmartVirtualization Feature Guide251 pages
- OceanStor Dorado 2000 6.1.6 Technical White PaperNo ratings yetOceanStor Dorado 2000 6.1.6 Technical White Paper133 pages
- OceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide For VMware ESXiNo ratings yetOceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide For VMware ESXi149 pages
- SD-WAN V100R023C10 Solution Technology ProposalNo ratings yetSD-WAN V100R023C10 Solution Technology Proposal174 pages
- OceanStor Dorado 8000&18000 All-Flash Storage Technical White PaperNo ratings yetOceanStor Dorado 8000&18000 All-Flash Storage Technical White Paper197 pages
- OceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide For WindowsNo ratings yetOceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide For Windows119 pages
- OceanStor Dorado 6.1.x Administrator GuideNo ratings yetOceanStor Dorado 6.1.x Administrator Guide422 pages
- OceanStor Dorado 6.1.2.SPH8 Patch NotesNo ratings yetOceanStor Dorado 6.1.2.SPH8 Patch Notes23 pages
- OceanStor Dorado 6.1.x Basic Storage Service Configuration Guide For BlockNo ratings yetOceanStor Dorado 6.1.x Basic Storage Service Configuration Guide For Block288 pages
- OceanStor Dorado 6.1 Initialization GuideNo ratings yetOceanStor Dorado 6.1 Initialization Guide246 pages
- OceanStor Dorado 6.1.3 Documentation IntroductionNo ratings yetOceanStor Dorado 6.1.3 Documentation Introduction35 pages
- 3. OceanStor Dorado V6 6.0.0 Initial ConfigurationNo ratings yet3. OceanStor Dorado V6 6.0.0 Initial Configuration33 pages
- NetEngine 8000 F1A V800R022C10 Product DescriptionNo ratings yetNetEngine 8000 F1A V800R022C10 Product Description21 pages
- OceanStor Dorado3000 V3 Storage Systems V300R002C10SPC100 Release Notes 01No ratings yetOceanStor Dorado3000 V3 Storage Systems V300R002C10SPC100 Release Notes 0126 pages
- 1. OceanStor Dorado V6 6.0.0 Documentation IntroductionNo ratings yet1. OceanStor Dorado V6 6.0.0 Documentation Introduction31 pages
- HCIA-Storage Scenario-Based Practice of Storage FundamentalsNo ratings yetHCIA-Storage Scenario-Based Practice of Storage Fundamentals19 pages
- ManageOne 6.5.1 Operation Portal Northbound API Reference 07No ratings yetManageOne 6.5.1 Operation Portal Northbound API Reference 071,444 pages
- OceanStor Dorado 6.1 HyperCDP Feature Guide for BlockNo ratings yetOceanStor Dorado 6.1 HyperCDP Feature Guide for Block116 pages
- OceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide for AIXNo ratings yetOceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide for AIX92 pages
- ESM-48100A6 V300R008C10 User Manual (1)No ratings yetESM-48100A6 V300R008C10 User Manual (1)96 pages
- Huawei OceanStor 2600 V3 Storage System Product Description100% (1)Huawei OceanStor 2600 V3 Storage System Product Description142 pages
- OceanStor SNS2124&SNS2224&SNS2248&SNS3096&SNS5192&SNS5384 V100R002C00SPC600 Upgrade Guide 01No ratings yetOceanStor SNS2124&SNS2224&SNS2248&SNS3096&SNS5192&SNS5384 V100R002C00SPC600 Upgrade Guide 0128 pages
- OceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide for HP-UXNo ratings yetOceanStor Dorado 6.x & OceanStor 6.x Host Connectivity Guide for HP-UX94 pages
- OceanStor Dorado 6.1 HyperClone Feature Guide for BlockNo ratings yetOceanStor Dorado 6.1 HyperClone Feature Guide for Block109 pages
- Huawei ONT Web Page Reference 09 (Enterprise)100% (1)Huawei ONT Web Page Reference 09 (Enterprise)1,452 pages
- OceanStor Dorado V3 Series V300R001 Documentation GuideNo ratings yetOceanStor Dorado V3 Series V300R001 Documentation Guide3 pages
- Higher Education Network Solution V100R024C00 Deployment and Maintenance GuideNo ratings yetHigher Education Network Solution V100R024C00 Deployment and Maintenance Guide211 pages
- OceanStor UltraPath For Linux 31.1.0 User GuideNo ratings yetOceanStor UltraPath For Linux 31.1.0 User Guide261 pages
- OceanStor S2600T&S5500T&S5600T&S5800T&S6800T Storage System V200R001 Command Reference 06No ratings yetOceanStor S2600T&S5500T&S5600T&S5800T&S6800T Storage System V200R001 Command Reference 06487 pages
- OceanStor BCManager 8.1.0 EBackup User Guide(Virtualization) 03No ratings yetOceanStor BCManager 8.1.0 EBackup User Guide(Virtualization) 03456 pages
- Huawei OceanStor Dorado V3 All Flash Storage Product Description PDFNo ratings yetHuawei OceanStor Dorado V3 All Flash Storage Product Description PDF100 pages
- Huawei Nip6000&Nip6800&Ips Module v500r001c50spc100 Upgrade GuideNo ratings yetHuawei Nip6000&Nip6800&Ips Module v500r001c50spc100 Upgrade Guide415 pages
- Huawei OceanStor Dorado All-Flash Storage 6.1.0 Technical White PaperNo ratings yetHuawei OceanStor Dorado All-Flash Storage 6.1.0 Technical White Paper186 pages
- 20230915_9665354_99-book_1929541_294551_0No ratings yet20230915_9665354_99-book_1929541_294551_0239 pages
- 20230914_9656726_99-book_1928315_294551_0No ratings yet20230914_9656726_99-book_1928315_294551_03 pages
- OceanStor Dorado Backup Features Comparison (HyperSnap, HyperClone, And HyperCDP)No ratings yetOceanStor Dorado Backup Features Comparison (HyperSnap, HyperClone, And HyperCDP)6 pages
- 20220105_6539979_99-book_1523038_294551_0No ratings yet20220105_6539979_99-book_1523038_294551_029 pages
- OceanStor Dorado 6.1.x SmartDedupe and SmartCompression Feature Guide for BlockNo ratings yetOceanStor Dorado 6.1.x SmartDedupe and SmartCompression Feature Guide for Block51 pages
- 20220306_6897583_99-book_1567073_294551_0No ratings yet20220306_6897583_99-book_1567073_294551_019 pages
- 20210713_5899438_99-book_1425412_294551_0No ratings yet20210713_5899438_99-book_1425412_294551_016 pages
- 20230811_9509796_99-book_1906555_294551_0No ratings yet20230811_9509796_99-book_1906555_294551_065 pages
- OceanStor Dorado and OceanStor 6.1.6 Deep DiveNo ratings yetOceanStor Dorado and OceanStor 6.1.6 Deep Dive27 pages
- Huawei OceanStor Dorado 6.1.6 Storage Simplified Interoperability Matrix for FileNo ratings yetHuawei OceanStor Dorado 6.1.6 Storage Simplified Interoperability Matrix for File11 pages
- OceanStor Dorado 6.1.x HyperClone Feature Guide for FileNo ratings yetOceanStor Dorado 6.1.x HyperClone Feature Guide for File64 pages
- OceanStor Dorado 6.1.x SmartDedupe and SmartCompression Feature Guide for FileNo ratings yetOceanStor Dorado 6.1.x SmartDedupe and SmartCompression Feature Guide for File46 pages
- OceanStor Dorado 6.x & OceanStor 6.x DM-Multipath Configuration Guide for Red Hat RHV 4.xNo ratings yetOceanStor Dorado 6.x & OceanStor 6.x DM-Multipath Configuration Guide for Red Hat RHV 4.x10 pages
- OceanStor Dorado 6.1.x HyperCDP Feature Guide for FileNo ratings yetOceanStor Dorado 6.1.x HyperCDP Feature Guide for File100 pages
- OceanStor Dorado 6.0.0 Basic Storage Service Configuration GuideNo ratings yetOceanStor Dorado 6.0.0 Basic Storage Service Configuration Guide140 pages
- OceanStor Dorado 6.1.x CloudBackup Feature GuideNo ratings yetOceanStor Dorado 6.1.x CloudBackup Feature Guide120 pages
- Owning Controllers of Interface Module Ports on OceanStor Dorado 4 U Controller EnclosureNo ratings yetOwning Controllers of Interface Module Ports on OceanStor Dorado 4 U Controller Enclosure13 pages
- OceanStor Dorado Disk Health Prediction PrinciplesNo ratings yetOceanStor Dorado Disk Health Prediction Principles6 pages
- OceanStor Dorado 6.1.x SmartMove Feature GuideNo ratings yetOceanStor Dorado 6.1.x SmartMove Feature Guide56 pages
- ESDK Enterprise Storage Plugins 2.6.RC2 User Guide (SRA) 02No ratings yetESDK Enterprise Storage Plugins 2.6.RC2 User Guide (SRA) 0257 pages
- OceanStor Dorado 6.1.x SmartMigration Feature Guide for BlockNo ratings yetOceanStor Dorado 6.1.x SmartMigration Feature Guide for Block96 pages
- OceanStor Dorado 6.1.x Container User GuideNo ratings yetOceanStor Dorado 6.1.x Container User Guide138 pages
- Best Practices of OceanStor Dorado & OceanStor for VMware in NAS ScenariosNo ratings yetBest Practices of OceanStor Dorado & OceanStor for VMware in NAS Scenarios46 pages
- OceanStor Dorado 6.1.x HyperSnap Feature Guide for BlockNo ratings yetOceanStor Dorado 6.1.x HyperSnap Feature Guide for Block142 pages
- OceanStor Dorado 6.1.x CloudVxLAN Feature GuideNo ratings yetOceanStor Dorado 6.1.x CloudVxLAN Feature Guide65 pages
- OceanStor Dorado 6.1.x HyperClone Feature Guide for BlockNo ratings yetOceanStor Dorado 6.1.x HyperClone Feature Guide for Block106 pages
- VTU Exam Question Paper With Solution of 18CS53 Database Management System March-2021-Dr. Anand RNo ratings yetVTU Exam Question Paper With Solution of 18CS53 Database Management System March-2021-Dr. Anand R35 pages
- بحث الحضارة الفينيقية للطالبات فرحات مليكة وسدي رونق PDFNo ratings yetبحث الحضارة الفينيقية للطالبات فرحات مليكة وسدي رونق PDF1 page
- 20240705130310-b.a.mdcarts12semester2024-25comressedNo ratings yet20240705130310-b.a.mdcarts12semester2024-25comressed124 pages
- Summer Project Report - Docx Shraddha ProjectNo ratings yetSummer Project Report - Docx Shraddha Project35 pages
- Tech Co., LTD.: Multi-Screen Splicing Video ProcessorNo ratings yetTech Co., LTD.: Multi-Screen Splicing Video Processor23 pages
- How To Install TX-97 TRANSAS CHARTS From USBNo ratings yetHow To Install TX-97 TRANSAS CHARTS From USB5 pages
- SpeedFace-V3L Series Datasheet - CVAccess 202312No ratings yetSpeedFace-V3L Series Datasheet - CVAccess 2023123 pages
- Agi 32 Lighting Des. Software Instr.: Exporting File From MicrostationNo ratings yetAgi 32 Lighting Des. Software Instr.: Exporting File From Microstation5 pages
- Convergent Convergys x3 Operation User S Manual 61No ratings yetConvergent Convergys x3 Operation User S Manual 6161 pages
- ITECH 2201 Cloud Computing - Week 10 - TutorialsNo ratings yetITECH 2201 Cloud Computing - Week 10 - Tutorials3 pages
- Bharat Intern Full-Stack Web Development Tasks (1)No ratings yetBharat Intern Full-Stack Web Development Tasks (1)11 pages
- Survey of Planar and Outerplanar Graphs in Fuzzy and Neutrosophic GraphsNo ratings yetSurvey of Planar and Outerplanar Graphs in Fuzzy and Neutrosophic Graphs71 pages
- UM0105.GB_GARDiS-User-Manual-_Semi_iss9No ratings yetUM0105.GB_GARDiS-User-Manual-_Semi_iss961 pages
- Module 5 Mathematical Tools: Determinants and Matrices: True/FalseNo ratings yetModule 5 Mathematical Tools: Determinants and Matrices: True/False21 pages
- ebs-continuous-innovation-on-release-12-2No ratings yetebs-continuous-innovation-on-release-12-22 pages
- External - Turbo HD DVR V4.21.000 Build190722 - Release Notes100% (1)External - Turbo HD DVR V4.21.000 Build190722 - Release Notes4 pages
- 5 SKILLS THAT CAN HELP YOU SUCCEED IN THE FIELD OF HEALTH INFORMATICSssssNo ratings yet5 SKILLS THAT CAN HELP YOU SUCCEED IN THE FIELD OF HEALTH INFORMATICSssss4 pages
- Guanaco LLM With QLoRA - A ChatGPT Competitor Trained On A Single GPUNo ratings yetGuanaco LLM With QLoRA - A ChatGPT Competitor Trained On A Single GPU3 pages
- How To Do Histogram Matching Using OpenCV - Automatic AddisonNo ratings yetHow To Do Histogram Matching Using OpenCV - Automatic Addison10 pages
