This article describes how to mount a secure file restore or image export using a decommissioned private node.
- Datto Private Node
- This process does not support encrypted assets
- When restoring virtual machine images, choosing VMDK or VHDx does incur a conversion time penalty. For example, a 41 GB .datto file (thick or thin-provisioned) would take these estimated times to convert and mount:
- Extrapolating for a 256 GB Virtual Machine:
- VHDX ~ 6m 30s
- VMDK ~ 14m
- VHDx ~ 1m 4s
- VHD ~ 11s
- VMDK ~ 2m15s
- VMDK-linked ~ 11s
Obtain the following information:
- The device ID of the original Datto appliance. If you do not know the device ID, contact Datto Technical Support, and reference the device's serial number.
- The asset ID. This ID may be in the form of an IP address, machine hostname, or a UUID.
- The IP address of the Private Node.
- The root password for the Private Node.
Finding the correct snapshot
Once you have the device ID and asset ID, you will need to list out the snapshots to find the epoch of the snapshot you wish to restore. Connect to the node using an SSH client as the root user, and run one of the following commands:
Example for a protected machine:
zfs list -o name,creation -r dattoArray/[deviceID]/aurora-home/agents/[assetID]
Example for a NAS share:
zfs list -o name,creation -r dattoArray/[deviceID]/aurora-home/[assetID]
You will see a list of snapshots in the following format
dattoArray/[deviceID]/aurora-home/agents/[assetID]@[epoch] [date of snapshot]
Mount the snapshot and enable SFTP access
The following steps use Perl (.pl) and PHP (.php) scripts to mount a snapshot and establish accessibility via SFTP. You will use the information gathered in previous steps to continue.
1. Run createSftpUser.pl to create a numeric username. The username must start with sftp, and cannot contain any letters or special characters.
sudo /datto/scripts/createSftpUser.pl sftp31672
2. Run safeZfsClone.pl to create a snapshot clone:
sudo /datto/scripts/safeZfsClone.pl [deviceID] [assetID] [epoch]
For a NAS share:
sudo /datto/scripts/safeZfsClone.pl [deviceID] aurora-home/[assetID] [epoch]
sudo /datto/scripts/safeZfsClone.pl 31672 172.20.1.5 1496717722
3. Run safeMountFR.php to mount the snapshot:
sudo /datto/scripts/safeMountFR.php [deviceID] [assetID] [epoch]
sudo /datto/scripts/safeMountFR.php 31672 172.20.1.5 1496717722
4. Run initSftp.sh to enable SFTP access, and document its output as it will give you the syntax required to disable SFTP access. Remove the sftp characters from the user name. As an example, username sftp1234 would be 1234 only. You can also add one of the following arguments to the end of the command to automate an image export - no option indicates a file restore:
sudo /datto/scripts/initSftp.sh [deviceID] [assetID] [epoch] [username] [raw/vhd/vhdx/vmdk]
sudo /datto/scripts/initSftp.sh 31672 172.20.1.5 1496717722 31672
At this point, you will be able to use your favorite SFTP client to connect and retrieve the files. Connect to sftp://[IPofNode] with the username and password created in step 1.
Unmounting the Snapshot and Disabling SFTP Access
1. Run deinitSftp.sh, using the syntax generated in the previous section to disable SFTP access. The full syntax of this command is generated as part of initSftp.sh's output. Below is an example:
SFTP provisioned, run 'sudo /datto/scripts/deinitSftp.sh 102051 192.168.58.222 1496635230 102051' to tear it down
2. Run safeUnmountFR.php to unmount the snapshot clone:
sudo /datto/scripts/safeUnmountFR.php [deviceID] [assetID] [epoch]
3. Use safeZfsDestroy.pl to destroy the snapshot clone:
sudo /datto/scripts/safeZfsDestroy.pl [deviceID] [assetID] [epoch]
If you require assistance with any of the above steps, contact Datto Technical Support.