With the recent release of Veeam 8, I was exited to hear that Veeam also added support for Cloud Connect Against Azure. So Cloud Connect is a option for Veeam Cloud providers to offer off-site backup for their customers. So it requires that customers already have Veeam in place, but makes it easy for them to just add a “service provider” to the Veeam console and ship off-site backup to cloud provider.
So why use Azure? First of it might be as simple that you don’t have the available space/hardware/ to supply your customers. Also it might be that you don’t have adequate network infrastructure to support your customers. (NOTE that cloud connect) does not use VPN.
NOTE: That this requires that you have an existing azure account and preconfigured virtual networks and resource groups.
So how do we set this up?
First we go into the newest Azure Portal → portal.azure.com
Then go into Marketplace and then search for Veeam (You can see Cloud Connect appearing there)
Choose create, NOTE: This will provision a virtual machine instance in Azure, and note that the default instance is a A2 which can have up to 4 data disks (4 TB of total data) and total of 2000 IOPS in total. What kind of Disk size you want is up to you to decide. If you need more disk size or more IOPS you need to change to another instance size.
After that is done you can just wait for the provisioning is complete. Now by default the template does a couple of things, firstly it spins up a VM with Veeam Cloud Connect preinstalled and it also precreates an Endpoint (port 6180) which Veeam will use to communicate and send traffic.
NOTE: On the top of the menu pane on the VM you need to take note of the FQDN of the VM (Since you need it later when addind the service on-premise)
Also take note that the virtual machine has an VIP if (which is by default dynamic) but will remain with the VM as long as it is allocated. The same goes with the internal IP which is this case is 10.0.0.4 but we can assign them both as an static IP address.
I can assign the internal static IP address from the portal itself.(This means that it sets it as an static DHCP allocation) I can also define an Instance IP address. By default a Virtual IP address is shared by many virtual machines inside a cloud service, but an instance IP address is a dedicated public IP for a single virtual machine.
So you should define them both, since if a VM goes down and changes IP-address the cloud connect will not work properly.
After you are done with the ip-addresses you can connect to the VM using RDP (This can be done from the main dashboard and choose connect)
When inside the Cloud connect setup will start automatically
(and yes you need a VCP license) after the license is added it gives you an set of instructions on what do to next
First thing we need to do on the Azure part is to add a customer / user to allow them to authenticate and store content.
Add a username and password
Next, define what type of resources that are available to this customer. Note that by default there is a repository on the local drive C: (This should be changed to a data disk repository) but by default the instance has no data disks.)
Then you are done on the Azure part! (Note that the Azure provisioning generated a self-signed certificate) which will generate error messages when connecting from on-premise/customer side so this should be changed to a public certificate to avoid that issue.
So now that we have setup everything on the virtual machine in Azure we need to add the “service provider” gateway on our customer VM running Veeam V8.
Note that the DNS name can be found inside the dashboard of the virtual machine in Azure.
Next we need to add username and password that can be used to authenticate against the providers, and note that by default the Veeam VM in Azure uses a self-signed certificate therefore customers need to add the certificate thumbprint to verify the connection.
Next we see that the Cloud repository we created is available after authenticating in the service provider. Note that it is also possible to use WAN accelerators between customers and Azure. But using WAN accelerator requires more CPU and disk IO on the Azure side (therefore you should look at D-instances Azure Vms (Which has SSD diskes)
Now that we have added the cloud repository we are good to go, now we can just create a new copy backup job and point it to the cloud repository.