ORIGINALLY POSTED 2nd June 2015
Edit: A number of my colleagues have misunderstood what I mean when I call this a hidden feature. At no time did anyone want to hide the feature from our customers! I was merely commenting on the fact that unless someone told you about this feature, there was little chance you would stumble across it. Hopefully this helps clear things up.
About 3 or 4 times a year the Level 3 support team get a panicked call from a customer asking whether it is possible to restore a volume that they deleted accidentally. The answer is unfortunately no. To try and help you with this problem, we introduced a new feature in 7.4.0 and later that can prevent you or your colleagues from deleting volumes if they have recently performed any IO operations. This feature is called Volume Protection. I strongly recommend that you consider enabling this feature after upgrading to 7.4 or higher.
Here is a link to the knowledge center so you can see how to configure it:
The way we implemented Volume Protection is to enforce that you can not delete the last mapping between a host and a volume if the volume has received any IO in the last X seconds. You get to choose the value of X. By preventing you from deleting the last host mapping, we also prevent deleting volumes and deleting storage pools. So basically if an application is still using a volume it can’t be deleted. If the volume is mapped to multiple hosts (e.g. a VMWare cluster) then you can remove access from one or more VMWare server, but you can’t delete the volume.
There is no -force command that can override this protection, the only way to delete a volume once the volume protection is enabled is to either wait for the volume to be idle (recommended), or to disable the volume protection feature (not such a good idea).
Unfortunately we were unable to turn this feature on by default, because there is a good chance that this could break any automation that you are using, but I would strongly recommend that you consider turning this on right now. I think that the applications most likely to be affected by this feature are:
- FlashCopy Manager – if you are mounting the FlashCopies and backing up to tape, then the FlashCopy manager software may not be able to clear up the volume mappings when it is finished with the tape backup
- Any form of orchestration software that destroys virtual machines and all associated volumes – if the VMs don’t get shut down and left shutdown for a number of hours before being destroyed then the volumes will not be deletable.
- Any software (e.g. TPC) that offers a manual way of deleting volumes – there will now be a new error message that they have to be able to handle.
- Operators who try and delete volumes using the GUI or the CLI and get confused when it doesn’t work
Please let me know in the comments if you find any other software applications that have problems when the Volume Protection feature is enabled.