Salaam, Namaste, Ola and Hello!
For those who are new to the blog, welcome, and to those returning a big thanks! In this weeks blog series I will be taking a closer look into utilizing Azure IaaS for backing up, in particular the Veeam Cloud Connect Service in Azure.
This service is more applicable if you are a Managed Service Provider (MSP) as it allows you to host your customers backups on a multi-tenanted platform, offsite into the public cloud. Most IT professionals will have heard of Veeam and its range of products as they are one of leading vendors when it comes to data backup and replication. In part one of this series I will discuss the requirements as well as the initial configuration steps within Azure.
The above diagram shows an overview of how the Veeam Cloud Connect service looks. As you can see you have multiple customers backing data over an SSL connection to cloud repositories in Azure. To be in a position to use this service, the end user/customer needs to meet the following prerequisites:
- A Veeam Backup & Replication server is deployed and functioning in their on-premises infrastructure
- The infrastructure is running on Microsoft Hyper-V or VMware (Veeam Agent for Windows is also supported for physical Windows servers)
- The Veeam Backup & Replication Server has an Internet Connection
I will not be covering it in this blog but Backing up Office 365 mailboxes using Veeam Cloud Connect is also supported. For a Managed Service Provider to be able to offer this service they must meet the following prerequisites:
- A current Azure tenant subscription
- Is a Veeam Cloud Service Provider and has signed a rental agreement
Before going into the steps required to configure this service lets go through some of the key roles and concepts:
Roles and Concepts: The communication in Azure is between two parties, the Service Provider and the tenant. The Service Provider is the organization that provides the cloud infrastructure (mainly the repository) to the tenants, and the tenant is the customers who send data off site and stores their backups in the cloud infrastructure.
In Azure, the Service Provider needs to perform the following tasks:
- Configure the Veeam Cloud Connect Infrastructure
- Create the relevant backup repositories
- Setup SSL certificates to allow for data encryption in transit
- Create Cloud Gateways
- Create and document the tenant user accounts
The customer (or in this case ‘tenants’) need to perform the following tasks:
- Connect to the Azure hosted Veeam Cloud Connect platform from their on-premises Infrastructure.
- Configure backup jobs targeted at the Veeam Cloud Connect repository
To get started with the Veeam Cloud Connect service in Azure you need to provision the virtual machine first via the ‘Azure Marketplace’. Now you have two options and it all depends on your requirement. If you are an Enterprise level company wanting to extend your backups offsite into Azure then ‘VCC for the Enterprise’ is the correct choice. For Managed Service Providers (MSP) who wish to run a multi tenanted solution in which they can send multiple customers backups into Azure then ‘VCC for Service Providers’ is what they require and that is what I went for.
One thing to note is the current version in the bottom left. As of the time of me writing this post, the latest version of Veeam is 9.5 update 4a which means the version in Azure is out of date. This means that if you are good with your patching and your on premises Veeam services are at the latest version you will need to update the version in Azure once the virtual machine is provisioned.
When you click on ‘Create’ it then takes you to create a virtual machines where you can select the relevant configuration including:
- Virtual Machine name
- Azure Region
- Resource Group
- Administrator username and Password
That is it for part one, keep an eye out for part two where I will go into more details configuring the Veeam Cloud Connect Platform. Until next time, ‘IamITGeek’ over and out!