ZFS snapshots and clones

If you’re new to ZFS you probably want to start here


ZFS RAID is not your backup

Besides being a fantastic alternative to hardware RAID ZFS provides other useful features. However, while features are neat all that really matters is what problems they solve. While RAID solves data loss in the instance of disk failure it does not protect your data from many other catastrophes. It is never safe to consider RAID as your backup solution, even if it is ZFS with scrubbing.

ZFS Snapshots and clones are powerful, it’s awesome

The problems that ZFS snapshots can solve are probably not as mind blowing today as they were when I first learned about them in 2010 but even today I am still impressed

# Problem Pro-active steps Recovery cost Traditional method
1 File system corruption Take a snapshot Copy uncorrupted data from snapshot or clone Restore from backup
2 Human error (deleted
or overwritten data)
Take a snapshot Copy correct version of file from snapshot or clone Restore from backup
3 Live backup of running VM Take a snapshot
(You’ll want write-cache
off for this)
Make a clone (takes less than 1 minute) and run
VM from new clone
Stop VM or use scripts/tools
to perform backup
4 Create test environement Take a snapshot and make
a clone of it
Clone only takes up as much space as is newly written
in test. Delete the clone whenever you want.
Full duplication of production

Continue reading ZFS snapshots and clones

Supermicro IPMI – password vulnerability


I love Supermicro, they make great boards and some of my favorite chassis. Typically I like to build my own servers so I’m not stuck buying hard drives just to get trays or subject to back doors out of the box. I build most servers from parts so I can pick the hardware I like and make sure I’m using what I consider to be the newest stable set. However, I recently stumbled across the fact that on older versions of Supermicro IPMI firmware the system will just give you the admin password.

The problem

IPMI is a standard remote management tool typically built into server class motherboards. This means you can remotely:

  • Power cycle the unit
  • Change some setup/BIOS options
  • Monitor sensors (temp, fan levels etc)
  • Open a console as if you plugged into VGA
  • Access the machine, even if it is off

Continue reading Supermicro IPMI – password vulnerability