Architecture Overview

In this article

    The Veeam Backup for Google Cloud infrastructure includes the following components:

    Backup Appliance

    The backup appliance is a Linux-based VM instance where Veeam Backup for Google Cloud is installed. The backup appliance performs the following administrative activities:

    The backup appliance also maintains the configuration database that stores data collected from the Veeam Backup for Google Cloud infrastructure for the existing backup policies, protected VM instances and Cloud SQL instances, deployed worker instances, connected Google Cloud projects and so on.

    Backup Repositories

    A backup repository is a Google Cloud storage bucket where Veeam Backup for Google Cloud stores backups of protected VM instances and Cloud SQL instances.

    To communicate with a backup repository, Veeam Backup for Google Cloud uses Veeam Data Mover — the service that runs on a worker instance and that is responsible for data processing and transfer. When a backup policy addresses the backup repository, the Veeam Data Mover establishes a connection with the repository to enable data transfer.

    Important

    Backup files are stored in backup repositories in the native Veeam format and must be modified neither manually nor by 3rd party tools. Otherwise, Veeam Backup for Google Cloud may fail to restore the backed-up data.

    Encryption on Repositories

    For enhanced data security, Veeam Backup for Google Cloud allows you to enable encryption at the repository level. Veeam Backup for Google Cloud uses the same encryption standards as Veeam Backup & Replication to encrypt backup files stored in backup repositories. To learn what encryption standards Veeam Backup & Replication uses to encrypt its data, see the Veeam Backup & Replication User Guide, section Encryption Standards.

    To learn how to enable encryption at the repository level, see Enabling Data Encryption.

    Limitations for Repositories

    To use a storage bucket as a target location for backups, you must connect to a project in which this bucket resides, as described in section Adding Backup Repositories.

    Veeam Backup for Google Cloud allows you to store backups only in the Standard Storage and Archive Storage classes. The Nearline Storage and Coldline Storage classes are not supported. For more information on storage classes offered by Cloud Storage, see Google Cloud documentation.

    Worker Instances

    A worker instance is an auxiliary Linux-based VM instance that is responsible for the interaction between the backup appliance and other components of the Veeam Backup for Google Cloud infrastructure. Worker instances process backup workload and distribute backup traffic when transferring data to and from backup repositories.

    Veeam Backup for Google Cloud automatically deploys a worker instance in Google Cloud for the duration of a backup or restore process, and removes it immediately as soon as the process is over. To minimize cross-region traffic charges and to speed up the data transfer, depending on the performed operation, Veeam Backup for Google Cloud deploys the worker instance in the following location:

    Operation

    Worker Instance Location

    Default Worker Profile

    Creating image-level backups of VM instances

    Google Cloud region in which a processed VM instance resides

    e2-highcpu-8, with an additional empty standard persistent (pd-standard) disk up to 4000 GB in size

    Creating image-level backups of Cloud SQL instances

    Google Cloud region in which a target standard backup repository resides

    e2-highcpu-8

    Creating image-level backups of Cloud SQL instances using a staging server

    Google Cloud region in which a source Cloud SQL instance resides

    db-n1-standard-4

    Creating archived image-level backups of VM instances

    Google Cloud region in which a processed VM instance resides

    e2-standard-4

    Creating archived image-level backups of Cloud SQL instances

    Google Cloud region in which a target standard backup repository resides

    e2-standard-4

    Performing health check for created restore points

    Google Cloud region in which a target standard backup repository resides

    e2-standard-4

    Applying retention policy settings to created restore points

    Google Cloud region in which a backup repository with backed-up data resides

    e2-highcpu-8

    Restoring VM instances

    Google Cloud region to which a VM instance is restored

    e2-highcpu-4, with an additional empty standard persistent (pd-standard) disk up to 1500 GB in size

    Restoring Cloud SQL instances

    Google Cloud region in which a backup repository with backed-up data resides

    e2-highcpu-4

    Restoring individual persistent disks of VM instances

    Google Cloud region to which the persistent disks of a processed VM instance are restored

    e2-highcpu-4, with an additional empty standard persistent (pd-standard) disk up to 1500 GB in size

    Restoring specific Cloud SQL databases

    Google Cloud region in which a backup repository with backed-up data resides

    e2-highcpu-4

    File-level recovery from cloud-native snapshots

    Google Cloud region in which a source VM instance resides

    e2-highcpu-4

    File-level recovery from image-level backups

    Google Cloud region in which a backup repository with backed-up data resides

    e2-highcpu-4

    Worker instances are deployed based on worker configurations and profiles that can be created either automatically by Veeam Backup for Google Cloud, or manually by the user as described in section Managing Workers.

    Important

    For Veeam Backup for Google Cloud to deploy the number of worker instances required for a backup or restore process, you must have enough resource quotas allocated between your projects. To learn how to check your quotas, see Google Cloud documentation.

    Worker Instance Components

    A worker instance uses the following components:

    • Veeam Data Mover — the service that performs data processing tasks. During backup, the Veeam Data Mover retrieves data from snapshots and stores the retrieved data to backup repositories. During restore, the Veeam Data Mover transfers backed-up data from backup repositories to the target location.
    • File-Level Restore Browser — the web service that allows you to find and save files and folders of a backed-up VM instance to a local machine. The File-Level Restore browser is installed automatically on every worker instance that is launched for file-level recovery.

    For more information on recovering files of VM instances with the File-Level Restore browser, see Performing File-Level Recovery.

    Security Certificates for Worker Instances

    Veeam Backup for Google Cloud uses self-signed TLS certificates to establish secure communication between the web browser on a user workstation and the File-Level Restore browser running on a worker instance during the file-level recovery process. A self-signed certificate is generated automatically on the worker instance when the recovery session starts.