Veeam Cloud Connect For Microsoft Azure
Veeam Cloud Connect For Microsoft Azure
Veeam Cloud Connect For Microsoft Azure
With the recent release of Veeam 8, I was exited to hear that Veeam also added support
for Cloud Connect Against Azure. So Cloud Connect is a option for Veeam Cloud providers
to offer off-site backup for their customers. So it requires that customers already have
Veeam in place, but makes it easy for them to just add a “service provider” to the Veeam
console and ship off-site backup to cloud provider.
So why use Azure? First of it might be as simple that you don’t have the available
space/hardware/ to supply your customers. Also it might be that you don’t have adequate
network infrastructure to support your customers. (NOTE that cloud connect) does not
use VPN.
NOTE: That this requires that you have an existing azure account and preconfigured
virtual networks and resource groups.
Then go into Marketplace and then search for Veeam (You can see Cloud Connect
appearing there)
Choose create, NOTE: This will provision a virtual machine instance in Azure, and note
that the default instance is a A2 which can have up to 4 data disks (4 TB of total data)
and total of 2000 IOPS in total. What kind of Disk size you want is up to you to decide. If
you need more disk size or more IOPS you need to change to another instance size.
After that is done you can just wait for the provisioning is complete. Now by default the
template does a couple of things, firstly it spins up a VM with Veeam Cloud Connect
preinstalled and it also precreates an Endpoint (port 6180) which Veeam will use to
communicate and send traffic.
NOTE: On the top of the menu pane on the VM you need to take note of the FQDN of the
VM (Since you need it later when addind the service on-premise)
Also take note that the virtual machine has an VIP if (which is by default dynamic) but will
remain with the VM as long as it is allocated. The same goes with the internal IP which is
this case is 10.0.0.4 but we can assign them both as an static IP address.
I can assign the internal static IP address from the portal itself.(This means that it sets it
as an static DHCP allocation) I can also define an Instance IP address. By default a Virtual
IP address is shared by many virtual machines inside a cloud service, but an instance IP
address is a dedicated public IP for a single virtual machine.
So you should define them both, since if a VM goes down and changes IP-address the
cloud connect will not work properly.
After you are done with the ip-addresses you can connect to the VM using RDP (This can
be done from the main dashboard and choose connect)
When inside the Cloud connect setup will start automatically
(and yes you need a VCP license) after the license is added it gives you an set of
instructions on what do to next
First thing we need to do on the Azure part is to add a customer / user to allow them to
authenticate and store content.
Then you are done on the Azure part! (Note that the Azure provisioning generated a self-
signed certificate) which will generate error messages when connecting from on-
premise/customer side so this should be changed to a public certificate to avoid that
issue.
So now that we have setup everything on the virtual machine in Azure we need to add
the “service provider” gateway on our customer VM running Veeam V8.
Note that the DNS name can be found inside the dashboard of the virtual machine in
Azure.
Next we need to add username and password that can be used to authenticate against
the providers, and note that by default the Veeam VM in Azure uses a self-signed
certificate therefore customers need to add the certificate thumbprint to verify the
connection.
Next we see that the Cloud repository we created is available after authenticating in the
service provider. Note that it is also possible to use WAN accelerators between customers
and Azure. But using WAN accelerator requires more CPU and disk IO on the Azure side
(therefore you should look at D-instances Azure Vms (Which has SSD diskes)
Now that we have added the cloud repository we are good to go, now we can just create
a new copy backup job and point it to the cloud repository.