Worker Instances
A worker instance is a Linux-based EC2 instance that performs the role of a backup proxy — it is responsible for interaction with S3 repositories and performing data copy tasks. Veeam Backup for AWS automatically launches a worker instance in Amazon EC2 for the duration of a backup or restore process and removes it immediately after the process is complete.
Worker Instance Deployment
Veeam Backup for AWS launches worker instances during the following data protection and disaster recovery operations:
- Creating image-level backups in S3 repositories
- Restoring backed-up data
Veeam Backup for AWS launches one worker instance per each EC2 instance specified in a backup policy or restore task. The size of the worker instance is selected automatically based on the size and number of EBS volumes that are attached to the processed or restored EC2 instance.
To minimize cross-region traffic charges, depending on the data protection and disaster recovery operation, Veeam Backup for AWS launches a worker instance in the following location:
Operation | Worker Instance Location |
---|---|
Creating image-level backups | AWS region in which a processed EC2 instance resides |
EC2 instance restore | AWS region to which an EC2 instance is restored |
Volume-level restore | AWS region to which EC2 instance volumes are restored |
File-level restore from cloud-native snapshots | AWS region in which an original EC2 instance resides |
File-level restore from image-level backups | AWS region in which an S3 repository with backed-up data resides |
Worker Instance Components
A worker instance uses the following components:
- Veeam Data Mover is a component that performs data processing tasks: retrieving EC2 instance data from snapshots, storing it to S3 repositories, and transferring backed-up data from S3 repositories to the target location during restore.
- Veeam Backup browser is a web service that allows you to find and save files and folders of a backed-up EC2 instance to the local machine. The Veeam Backup browser is installed automatically on worker instances that are launched during file-level restore.
Security Certificates for Worker Instances
Veeam Backup for AWS uses self-signed TLS certificates to establish secure communication between the web browser on the local machine and the Veeam Backup browser on the worker instance during file-level restore.
Requirements for Worker Instances
For every AWS region where worker instances will be launched, you must configure network settings — specify the Amazon VPC, subnet, and security group to which worker instances must be connected. Otherwise, Veeam Backup for AWS will not be able to launch worker instances and thus perform data protection and recovery operations. For details on how to configure network settings for worker instances, see Configuring Worker Instance Settings.
Related Topics