Connecting Compute Cloud VMs to Cloud Backup
To back up your Yandex Compute Cloud VM using Cloud Backup, you need to connect it to this service and set it up properly.
Note
Cloud Backup also supports Yandex BareMetal server backups. For details, see Connecting a BareMetal server to Cloud Backup.
BareMetal will be released at the Preview stage in Q4 2024.
To connect your VM to Cloud Backup, make sure it has one of the supported operating systems installed. For more information on connecting VMs, see this guide.
For the connection to work properly, assign a service account with the backup.editor role to your VM and configure network access for the VM.
After connecting to Cloud Backup, add the VM to the backup policy.
Note
When creating a backup, make sure the VM is running.
You can also link a policy to a virtual machine while creating it. A policy is linked asynchronously after you create and initialize a VM, as well as install and configure a backup agent. This may take up to 10-15 minutes. For more information, see Linking a Yandex Cloud Backup policy to a VM automatically.
VM configuration requirements
A VM's minimum configuration required to install and correctly run the Cloud Backup agent is as follows:
-
Free disk space:
- For Linux-based VMs: 2 GB.
- For Windows-based VMs: 1.2 GB.
-
RAM: For backups, 1 GB of RAM is required per TB of a backup. The amount of RAM used depends on the volume and type of data handled by the agent.
Supported operating systems
You can automatically install the Cloud Backup agent when creating a VM from Yandex Cloud Marketplace images:
Linux-based images
- Ubuntu 22.04 LTS
- Ubuntu 22.04 LTS OS Login
- Ubuntu 20.04 LTS
- Ubuntu 20.04 LTS OS Login
- Ubuntu 18.04 LTS
- Ubuntu 18.04 LTS OS Login
- Ubuntu 16.04 LTS
- CentOS 7
- CentOS 7 OS Login
- CentOS Stream
- Astra Linux SE 1.7 Voronezh
- Astra Linux SE 1.7 Orel
Windows-based images
- Kosmos VM 2022 based on Windows Server Datacenter 2022
- Kosmos VM 2019 based on Windows Server Datacenter 2019
- Kosmos VM 2016 based on Windows Server Datacenter 2016
- Kosmos VM RDS (5 licenses)
- Kosmos VM RDS (10 licenses)
- Kosmos VM RDS (50 licenses)
- Kosmos BD WEB 2019
- Kosmos BD Standard 2019
- Kosmos VM Visio Pro 2021
Note
The OS must be installed from a public image (a Yandex Cloud Marketplace product). When creating a VM, you can select the OS directly or use an image or disk snapshot of a different VM if its OS was also installed from a public image.
Unaided installation
You can install the Cloud Backup agent yourself:
For a complete list of supported operating systems, see the backup provider documentation.
If you have issues while installing the agent, contact technical support.
Service account
Service account is a special account on behalf of which VM backups are created and uploaded to a Cloud Backup storage.
When creating a VM you want to configure backups for in Cloud Backup, you need to link to it a service account with the backup.editor role.
You can assign the role to an existing service account or create a service account with relevant roles.
VM network access permissions
For the Cloud Backup agent to exchange data with the backup provider servers, make sure the VM is granted network access to the IP addresses of Cloud Backup resources based on the following table:
| Port range | Protocol | Destination name | CIDR blocks |
|---|---|---|---|
80 |
TCP |
CIDR |
213.180.193.0/24 |
80 |
TCP |
CIDR |
213.180.204.0/24 |
443 |
TCP |
CIDR |
84.47.172.0/24 |
443 |
TCP |
CIDR |
84.201.181.0/24 |
443 |
TCP |
CIDR |
178.176.128.0/24 |
443 |
TCP |
CIDR |
213.180.193.0/24 |
443 |
TCP |
CIDR |
213.180.204.0/24 |
7770-7800 |
TCP |
CIDR |
84.47.172.0/24 |
8443 |
TCP |
CIDR |
84.47.172.0/24 |
44445 |
TCP |
CIDR |
51.250.1.0/24 |
To provide network access, assign the VM a public IP or use a route table that allows internet access via a NAT gateway or a custom router.
The VM's security group rules must allow access to the specified resources. You can add the rules to an existing security group or create a new group with the rules.