This document compares the options available on Compute Engine to back up and replicate the following Compute Engine resources:
- Persistent Disk and Google Cloud Hyperdisk volumes
- Virtual machine (VM) instances
- Workloads running in Compute Engine and on-premises
To safeguard important data, Google recommends using one of the backup options discussed in this document. You can't recover a VM, disk, image, or snapshot if you delete it, even if the deletion was accidental.
Options
Managed backup and disaster recovery (DR) service providing secure storage and centralized backup management at scale for VMs and other workloads running in Google Cloud.
- Improve cyber resilience with immutable and indelible backups to backup vaults. (Preview)
- Empower app developers to protect VMs while retaining governance and oversight. (Preview)
- Comprehensive monitoring, auditing & reporting for compliance.
- Defend against ransomware and other risks through insights into security threat events.
- Captures the state of your disk at a particular point in time.
- Stored as differential copies for better performance and space efficiency.
- Offers all the same benefits as standard snapshots, but at a lower-cost.
- Suited for use cases related to compliance, audit, and long-term cold storage.
- Captures the state of your disk at a particular point in time.
- Each instant snapshot is stored as a differential copy of the disk for more efficient storage and better performance.
- Rapid data restoration after application corruption, user error, or failed upgrades.
- Low RTO and RPO .
- Long term VM backup and restore.
- Instance cloning and replication.
- High availability.
- Not designed for data backup.
RPO: 0
- Creates a live duplicate of the source disk that can be instantly attached to a VM.
- Quickly bringing up staging environments from production.
- Replication for backup verification or export offloading.
- Not designed for disaster recovery.
- VM import and fast disk creation.
- Quickly creating many VMs.
Best practices for backups
Observe the following best practices when creating backups for your disks.
Avoid temporary standard snapshots
To immediately create a copy of a disk in the same zone for verification or export, use disk clones or instant snapshots instead of standard snapshots. Compared to disk clones and instant snapshots, standard snapshots have longer copy times for upload and download.
Schedule hourly standard snapshots for backup and disaster recovery
Schedule hourly standard snapshots . If you require daily snapshots, consider scheduling snapshots every 6 hours.
Use images for fast and frequent disk creation across regions
To create many disks from a single data source, use images instead of snapshots. Because Compute Engine performs local caching in target zones, disk creation from images is faster than disk creation from snapshots.
To create backups of all disks attached to a VM instance, use machine images
Use machine images to create backups of all disks that are attached to a VM. A machine image can be used to backup multiple disks at a time to help ensure that the data captured in the machine image is consistent across all disks. A persistent disk snapshot can only back up a single disk at a time. For more information, see When to use machine images .
To manage backups at scale across projects and environments using advanced policies, centralized monitoring and backup reporting, use Google Cloud Backup and DR Service
Use the Backup and DR Service to do the following:
- Create advanced backup schedules.
- Assign specific permissions for backup access.
- Proactively and reactively monitor backup jobs.
- Create reports for tracking backups across resources spanning multiple projects.
You can also integrate Security Command Center Premium tier with Backup and DR Service to additionally:
- Track audit logs for backup access.
- Monitor for malicious activity on your backups.
