3.3 Veeam Cloud Connect Backup deployment

Once VLANs and subnets are created, and the firewalls are in place to protect communications between the different security zones, it’s time to deploy the different servers needed and suggested to build the complete Veeam Cloud Connect Backup environment.

This is the schema of the servers:

Cloud Connect Backup servers details

3.3: Cloud Connect Backup servers details

Active Directory

The internal domain is named cloudconnect.local and is managed by two domain controllers:

dc1  
server name dc1.cloudconnect.local
IP Address 10.10.51.21
Operating System Windows Server 2016
Installed roles AD, DNS, Global Catalog, FMSO roles
vCPU 2
RAM 4 Gb
Disk 40 Gb
dc2  
server name dc2.cloudconnect.local
IP Address 10.10.51.22
Operating System Windows Server 2016
Installed roles AD, DNS, Global Catalog
vCPU 2
RAM 4 Gb
Disk 40 Gb

Active Directory should use at least Windows Server 2008 level and be configured with no backward compatibility with older domain controllers. This allows you to reach an additional level of security. If possible, use native Windows 2016 Active Directory level.

10.10.51.21 and 10.10.51.22 are also the DNS servers to be configured in all other servers of the Veeam Cloud Connect infrastructure. For those servers that will use local authentication, DNS records should be configured manually.

Veeam management servers

There are two windows servers so you can separate Veeam Backup & Replication and Veeam Enterprise Manager.

EM  
server name em.cloudconnect.local
IP Address 10.10.51.41
Operating System Windows Server 2016
Installed components Veeam Enterprise Manager + Cloud Portal (used only in replication services)
vCPU 2
RAM 4 Gb
Disk 40 Gb

This server holds the installation of Veeam Enterprise Manager and its related database. By having a separated installation, a service provider can better manage the different performance requirements of Veeam Enterprise Manager and the Veeam Backup & Replication server and configure a specific security rule to allow access to the RESTful API service running on the Enterprise Manager from an optional web portal only.

The installation has no specific requirements, and you can follow the default wizard from start to finish. A dedicated Microsoft SQL Server 2012 Express is installed locally as part of the installation wizard, and Veeam Enterprise Manager itself will use it. If the service provider is also going to offer replication or DRaaS services, the optional cloud portal should be selected during the installation.

Once the installation of Veeam Backup & Replication is completed on vbr.cloudconnect.local, the configuration of Veeam Enterprise Manager can be completed by adding this server to the list of managed backup servers.

Add Veeam Backup Server to Enterprise Manager

3.4: Add Veeam backup server to Veeam Enterprise Manager

VBR  
server name vbr.cloudconnect.local
IP Address 10.10.51.40
Operating System Windows Server 2016
Installed components Veeam Backup & Replication
vCPU 4
RAM 8 Gb
Disk 40 Gb

This server holds the installation of Veeam Backup & Replication. In a Veeam Cloud Connect infrastructure, this server is the central location for daily activities.

The installation has no specific requirements, and you can follow the default wizard from start to finish. A dedicated Microsoft SQL Server 2012 Express is installed locally as part of the installation wizard, and the Veeam Backup & Replication server itself will use it. During the component selection, a service provider should also choose to install the optional PowerShell SDK: Cloud Connect can be heavily automated via RESTful API or PowerShell, so having both available is a good choice.

Once the setup is completed and the license to enable Veeam Cloud Connect is installed (directly, or pushed via Veeam Enterprise Manager if installed), the initial management interface can be reached by opening the Veeam console and selecting the node Cloud Connect:

Veeam Cloud Connect start screen

3.5: Veeam Cloud Connect start screen

From here, the required steps to have a fully functional Veeam Cloud Connect Backup infrastructure are:

  1. Create and install a proper certificate (see Appendix A)
  2. Deploy and configure the required cloud gateways
  3. Deploy and configure the optional WAN accelerators
  4. Deploy and configure at least one backup repository

Once all the configurations steps are completed, a service provider will be able to create and manage users/tenants.