Embed Size (px)
Citation preview
Legal Notice: This document is property of EPAM and may not be disclosed, distributed or reproduced without the prior
written permission of EPAM®.
EPAM Cloud Infrastructure
Orchestrator ver.2.5.163
What’s New
December 2019
CI2WN-S160-163
Version 1.0
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 2
CONTENT
1 Overview ................................................................................................................................................ 3
2 EPAM Cloud: 2019 Restrospective ....................................................................................................... 4
3 Infrastructure Updates ........................................................................................................................... 6
3.1 Migration to OpenStack Stein ........................................................................................................ 6
3.2 Shapes Configuration Updates ...................................................................................................... 6
3.2.1 Shapes Specification Changes....................................................................................... 6
3.2.2 Shapes Availability Updates ........................................................................................... 7
4 Platform Services Updates .................................................................................................................... 8
4.1 Docker Service Updates ................................................................................................................ 8
4.2 Kubernetes Instructions Updates ................................................................................................. 11
4.3 Auto Configuration: new Chef ...................................................................................................... 11
4.4 Zabbix Service Performance Improvements ................................................................................ 12
5 Security Updates ................................................................................................................................. 13
5.1 Qualys Cloud VIew: Remediation Steps ...................................................................................... 13
5.2 Azure Security Center Recommendations Report ....................................................................... 14
6 Personal Projects Updates .................................................................................................................. 15
6.1 Personal Quotas Reviewed ......................................................................................................... 15
6.2 Resource Limitations Updates ..................................................................................................... 17
7 Enterprise Cloud Support .................................................................................................................... 17
8 Maestro CLI Changes .......................................................................................................................... 18
9 Cloud Admin Tool Updates .................................................................................................................. 18
10 Documentation Updates .............................................................................................................. 19
Table of Figures........................................................................................................................................... 20
Version history ............................................................................................................................................. 21
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 3
1 OVERVIEW
EPAM Cloud Orchestration v.2.5.163 was released on December 22, 2019.
The current release includes a big number of various changes to different parts of the system.
The infrastructure updates include the new steps in migration to OpenStack Stein, and the review of the
available shapes configurations in OpenStack regions.
Among Platform Services, Docker as a Service faced the largest updates with the introduction of the
Docker service concept. Kubernetes, Auto Configuration, and Zabbix services also faced improvements.
We also paid attention to improved security reporting, and updated the Qualys Cloud View report, and
introduced a new security report for Azure.
The personal projects offering was updated with the reviewed quota levels and usage specifics.
The other changes include updates in Admin Tool, Maestro CLI, and documentation.
EPAM Cloud Orchestration v.2.5.163 is the last release of the year, and we are also pleased to have a
look back and to highlight the most important milestones of the year.
The functionality changes, of course, are reflected in Maestro CLI, where necessary, and in EPAM Cloud
documentation. Refer to the EPAM Cloud website for detailed information on the improvements and
features introduced in Orchestrator version 2.5.163.
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 4
2 EPAM CLOUD: 2019 RESTROSPECTIVE
EPAM Cloud Orchestrator v.2.5.163 is the last release of 2019.
The whole year was fruitful and full with events in all possible directions – development, integrations,
knowledge sharing, expertise growth, and other. The first significant milestone was reached quite in
January – we introduced the 50-th officially announced Orchestrator release.
Below, you can find the short overview of the most important updates of the year.
Infrastructure
In terms of infrastructure, the main direction was active integration of OpenStack,
and gradual decommissioning of ESC-based regions. Meanwhile, the existing
and new regions were also replacing old HDD storage with SSD, resulting to no
additional costs for our users.
We also constantly reviewed the image library, and introduced the highly demanded and effective
images:
• Oracle Linux 8
• Debian 10
• CentOS 7 with improved kernel and security
• CentOS 8
• Windows 10
• Windows Server Core 2019 Standard and Windows Server 2019 Standard
Security
Security was one of the main directions for EPAM Cloud Orchestration development
this year
Together with the whole company, we accepted the new security requirements and
regulations, and started updating the respective functionality to meet these changes.
To ensure higher level of security, EPAM chose a Zero Trust Access Solution called
Symantec Secure Access Cloud (Luminate). In compliance with this approach EPAM Cloud divided
application link into three endpoints taking into consideration the tools purposes and user needs:
• cloud.epam.com – main EPAM Cloud website endpoint. Available for all external and internal
EPAM users. Contains publicly available information related to EPAM Cloud.
• console.cloud.epam.com - Cloud management endpoint (Cloud UI) under Symantec SDP
protection. Available for EPAM users after authorization on cloud.epam.com.
• api.cloud.epam.com - Programmatic access endpoint. Used for API and CLI access to the
Cloud. Can be accessed only from EPAM network.
We also introduced the new security scanner – Qualys – which provides regular checks (each of
instances in both private and public regions, irrespective of the provider.
We made changes to permission management, IAM access, native public cloud tools access, regions
access policies, and others, which brings the security level of the whole product to the modern high level.
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 5
Account Management
Effective costs management and reporting was another important mission for us
this year.
One of the most important features was introduction of the default AWS QuickSight
dashboard, which now can be requested by any project with AWS costs over 400
USD monthly. The dashboard is provided for free, and allows convenient, detailed, multi-dimensional
review of AWS costs structures given as convenient interactive graphs.
AWS Billing and Reporting was migrated to AWS Athena and Costs and Usage report to provide better
clarity and usability of data.
Monthly Analytic Optimization report was introduced to highlight spending trends and possible
optimization points, such as unused VMs, outdated instance types, or purchase options analytics.
We also made it possible to share (by request) project costs with another project in case the infrastructure
usage is shared.
Education and Knowledge Sharing
Cloud Education and Knowledge Sharing were an important part of Cloud
Community life this year. EPAM Cloud team prepared, delivered, organized,
supported and announced a number of events.
The largest attention was spent to effective AWS usage, with the following events:
Event Type Link
AWS Costs Optimization with QuickSight Webinar Video EN
Containers against Serverless. What is better, and when? Webinar Video EN Video RU
DevOps AWS Approaches. How we use them to develop our services Webinar Video EN Video RU
AWS GameDays Live Article
We’ve also been working on collecting the data on cloud-related trainings and certifications passed by
EPAMers. We are always glad to grant badges to those who provide the respective certificates.
You can always find the latest statistics on expertise appreciation on the Cloud Dashboard on the Heroes
portal.
EPAM Cloud team would really like to thank all service users for being with us, providing valuable
feedbacks, and being open to the innovations we introduce.
We wish everyone Merry Christmas and Happy New Year, and are looking forward to seeing you
after the holidays!
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 6
3 INFRASTRUCTURE UPDATES
The current release includes a set of infrastructure updates, related to OpenStack upgrade and instance
shapes configuration.
3.1 MIGRATION TO OPENSTACK STEIN
The migration to OpenStack Stein continues in private regions. The new version enables better
performance and, what is especially important – better possibilities for corporate security updates.
Since previous update, two new regions were upgraded: EPAM-UA2 and EPAM-RU3.
The general migration order and status is as follows:
Private Region Current OpenStack Version Migration Status
EPAM-US2 Stein Done
EPAM-RU3 Stein Done
EPAM-UA2 Stein Done
EPAM-HU2 Rocky Planned next
EPAM-BY2 Pike Planned
EPAM-IN1 Rocky Planned
The migration is a complex multi-stage process that can take up to three weeks. Most time, user
infrastructure is not affected. The last stage – implementation, takes up to one day, and during the
process, the VMs in upgraded regions are stopped.
The support team sends additional notification beforehand to general Cloud Users community and to
owners of each affected resource.
3.2 SHAPES CONFIGURATION UPDATES
Underlying infrastructure upgrades bring positive improvements to overall Cloud experience.
This also applies to virtual instances capacities, defined in EPAM Cloud via shapes. The changes include
updates in shapes specification via CLI/UI, as well as the maximum shapes available across private
regions.
3.2.1 Shapes Specification Changes
We are glad to announce that in private OpenStack regions, SSD disks are now the main disk type, while
HDD is now considered out of use.
This is why, the disk type part of the detailed shape definition is not necessary, and the respective option
is removed.
Thus, to specify the shape, you need to specify the shape name and, optionally, the size of the system
disk (also called flavor). The available flavors are 100 GB, 200 GB, 300GB, 500 GB.
Below, you can find an example of the new and the old shapes definition:
New Shape Definition Old Shape Definition
--shape MEDIUM.200
--shape MEDIUM.SSD.200
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 7
For example, to run a new instance, you can specify the LARGE shape with the 500GB flavor as follows:
or2run -p <project> -r <os-region> -i <image> -s LARGE.500
Once flavor is not specified, default system storage size is used, which is 100GB for Windows, and 40GB
for Linux instances.
For EPAM-MAC, CSA-based and public regions, applying flavors is not
available.
3.2.2 Shapes Availability Updates
We are glad to announce that the maximum shape sizes for private OpenStack regions were also
reviewed by the current release.
The current maximum shape size for private region is:
Region Max Shape Capacity
vCPU RAM, GB
EPAM-BY2 5XL 8 32
EPAM-UA2 5XL 8 32
EPAM-US2 5XL 8 32
EPAM-RU3 5XL 8 32
EPAM-HU2 3XL 8 15
EPAM-IN1 3XL 8 15
By default, SMALL (1CPU, 2GB RAM), MEDIUM (2CPU, 4GB RAM), and
LARGE (2CPU, 8GB RAM) shapes are activated for projects in Cloud. If you
need larger shapes available for your project, please request them with a
respective ticket for Support.
You can find more details on existing shapes and their mapping for public clouds, on this page.
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 8
4 PLATFORM SERVICES UPDATES
We traditionally keep on updating platform services. This time our attention is focused on the
containerization. Docker service has experienced the most changes as well as Kubernetes, Zabbix and
Auto Configuration services were improved.
4.1 DOCKER SERVICE UPDATES
With this release we are glad to inform you that Docker version was updated to 19.03.1 and we have
supported the new approach of working with Docker Swarm. Implementation of the Docker Swarm basic
functionality allows to use its advantages, the most useful of which is the concept of Service.
The change allows to run and maintain the microservice based applications on higher level.
The basic concept of the new approach is service, which in Docker terminology is understood as “the
definition of tasks to execute on the manager or worker nodes. It is the central structure of the swarm
system and the primary root of user interaction with the swarm.”
When Docker is running in swarm mode, standalone containers can be still
run on any of the Docker hosts participating in the swarm, as well as swarm
services. A key difference between standalone containers and swarm services
is that only swarm managers can manage a swarm, while standalone
containers can be started on any daemon. Docker daemons can participate in
a swarm as managers, workers, or both.
More details about Docker swarm basic concepts and functionality you can find by the link.
The implemented changes made it possible to improve the performance of load balancing and provide
effective container management model.
In this release we introduce new command to manage Docker services in order to support the new
approach.
The or2-docker-container (or2dc) command was deprecated and or2-docker-service (or2ds)
command, which allows to describe, run, delete and update Docker services was created.
The typical Docker service management flow looks as follows:
• Docker as a platform service activation
To activate Docker as EPAM Cloud platform service, use the or2-manage-service (or2ms)
command with the following flags:
or2ms -p project -r region -s docker --activate -c cluster_name
Here, the -s/ -- service parameter specifies the name of the service to manage (docker), and the
--activate parameter indicates that the service should be activated. You can also use the --shape flag to set a non-default shape for the new node.
The command runs a Maestro Stack that creates and configures a Docker Master VM.
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 9
To add additional node to your cluster just repeat the or2-manage-service (or2ms) command. Every next node activated in your cluster will be configured as Worker node.
To stop the service, use the or2-manage-service (or2ms) command and specify --deactivate and
-i node_instance_id parameters.
If you have more than one node, they will be deactivated one by one, with the Docker Master being
deactivated the last.
By default, Docker nodes are MEDIUM-shaped VM with Ubuntu 18.04
operating system. If needed, you can use the --shape parameter with the
or2-manage-service (or2ms) command to run a node with a non-default
shape.
• Deployment and maintenance of an application
To deploy an application image when Docker Engine is in swarm mode, you need to create a
service.
To create a service, specify which container image to use, the port where the swarm makes the
service available outside the swarm and the number of replicas of the image to run in the swarm.
To run a new service, execute or2-docker-service (or2ds) command with the following
parameters:
or2ds -p project -r region -cn cluster_name -a run -s service_name
-i image
Here, the -a/--action parameter specifies the action to be performed (run), and -i/--image
parameter specifies the container image to be used, and -s/--service stands for the service
name.
When the service is deployed to the swarm, the swarm manager accepts your service definition
as the desired state for the service.
With the next step the swarm manager schedules the service on nodes in the swarm as one or
more replica tasks. Docker manager will automatically select the node with the lowest load and
run the task there.
There are two types of service deployments: replicated and global:
o The replicated service deployment is used by default.
To use replicated service, specify the number of identical tasks you want to run. For
example, to run service in replicated mode with 4 replicas, invoke the or2-docker-service
(or2ds) command with the following parameters:
or2ds -p project -r region -cn cluster_name -a run -s service_name
-i image -m replicated -n 4
o A global service is a service that runs one task on every node. To run service in global
mode, invoke the or2-docker-service (or2ds) command with the following parameters:
or2ds -p project -r region -cn cluster_name -a run -s service_name
-i image -m global
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 10
To publish service’s ports externally to the swarm, use -t flag for TCP and -u flag for UPD protocols.
or2ds -p project -r region -cn cluster_name -a run -s service_name -i
image -t published_port:service_port
To see the list of services, run the or2-docker-service (or2ds) command with -a/--action
describe flag:
or2ds -p project -r region -cn cluster_name -a describe
To describe one service, add the -s/--service flag to the previous command:
or2ds -p project -r region -cn cluster_name -a describe -s service
Service name or service id can be used as service identifier.
You can change the configuration of an existing service specifying -a/--action update flag:
or2ds -p project -r region -cn cluster_name -a update -s service -i
new_image -v version
Here, the version parameter represents the version number of the service object being updated.
This parameter should be specified to avoid conflicting writes. The version number should be the
value as currently set on the service before the update.
When you update a service, Docker stops its containers and restarts them with the new
configuration.
To remove a service, run the or2-docker-service (or2ds) command with -a/--action delete flag:
or2ds -p project -r region -cn cluster_name -a delete -s service
You can find the updated detailed instructions on Docker management and the full list Maestro CLI
commands in EPAM Cloud Services Guide.
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 11
4.2 KUBERNETES INSTRUCTIONS UPDATES
We have updated Kubernetes instructions and added the description of optional steps that allow to
configure Kubernetes dashboard if it is required to manage the cluster via web UI.
The web UI has most of the functionality supported by the CLI in an intuitive format.
Figure 1 - Kubernetes dashboard
Current dashboard version is a beta one and some of the provided features
might not work correctly.
You can find the updated instruction in EPAM Cloud Services Guide
4.3 AUTO CONFIGURATION: NEW CHEF
With release 2.5.163 we have started migration to the new Chef v.13 server and Chef Client v.15.4 that
allows to work with the latest versions of Debian10, Oracle8, CentOS8 operating systems which use
Python 3.0 as the default Python compiler. Older Chef version does not support this functionality.
Migration to the Chef v.13 will allow to improve stability, performance and reliability.
Details about Chef client 15.4 updates you can find by the link.
The migration started with EPAM-US2 region. All new VMs within this region are run with default
connection to Chef v.13 server and Chef client 15.4.
Existing VMs still use Chef v.12 server and will be able to use it till the end of its life.
To use platform services, you need to activate EPC Chef mode. To do this run or2-chef-mode
command and specify the following parameters:
or2-chef-mode -p project -r region –m epc -y
This command starts a virtual machine to act as your project Chef server. All instances started under your
project after the Chef mode switch, will be registered by the project server.
You can find more details about the Auto Configuration service in EPAM Cloud Services Guide
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 12
4.4 ZABBIX SERVICE PERFORMANCE IMPROVEMENTS
In current release we have updated Zabbix version to v.4.0 LTS and made a number of changes in the
service configuration based on our user’s feedbacks to improve its usability. The current version improves
reliability and high performance out-of-the-box.
Zabbix monitoring service provides easy configuration and monitoring of project cloud infrastructure. With
provided implementations, updated Zabbix server monitoring doesn’t need additional configuration as it is
run automatically.
Once the service has been activated you can add VMs to monitoring list and get Zabbix statistics, using
only four service-related commands:
Command Description or2-manage-service …. -s monitoring -a Starts the service in the specified project and region
or2-start-monitoring (or2mon) Adds an instance to the monitoring list
or2-describe-monitoring (or2dmon) Retrieves information about the instances monitored by Zabbix server, Zabbix monitoring templates and Zabbix agent availability
or2-stop-monitoring (or2stopmon) Removes an instance from the monitoring list
You can find more details about the Zabbix service in the EPAM Cloud Services Guide.
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 13
5 SECURITY UPDATES
Security keeps being among the number one priorities for EPAM Cloud, so we introduce updates within
most of our releases.
Currently, the primary attention is focused on pro-active monitoring and notifying users on potential risks
and vulnerabilities, giving them the ability fix detected issues quickly.
With this release, we complemented the Qualys Cloud View report with the remediation steps, and
introduced the Azure Security Center report for informing on respective notifications from Azure side.
5.1 QUALYS CLOUD VIEW: REMEDIATION STEPS
The monthly Qualys Cloud View report gained lots of interest and attention from our users once it was
launched to production.
The report is aimed to describe the vulnerabilities detected on the account level in public clouds (AWS
accounts, Azure subscriptions, Google Cloud projects).
Qualys checks the accounts against a set of rules prepared and recommended by the Security team. All
the vulnerabilities are collected into a monthly report, sent to the primary contacts. The report includes the
scan results for each of the public clouds in which your project is activated, in case any rules are violated
in these clouds.
Starting from this release, for each Cloud Provider, the report also includes the link to the KB page with
remediation steps for all issues that can be listed into the report.
1
2
QUALYS CLOUD VIEW REPORT
SECURITY KNOWLEDGE BASE
Figure 2 - Remediation Steps Link and KB
The remediation steps can be accessed on the Knowledge Base by the following links:
• Public Cloud Security Issues: Root Page
• AWS Security Issues
• Azure Security Issues
• GCP Security Issues
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 14
5.2 AZURE SECURITY CENTER RECOMMENDATIONS REPORT
EPAM Cloud Orchestrator v.2.5.163 goes also with a new security-related report, containing the
recommendations from Azure Security Center.
Azure Security Center regularly checks your accounts in Azure and provides information on vulnerable
resources and detected issues.
Once in a month, EPAM Cloud Orchestrator collects the recommendations, available at the moment, and
shares them with project primary contacts (Project Manager, Delivery Manager).
Figure 3 - Azure Security Center Recommendations report
By following the link in the report, you can login to the Security Center and find more details.
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 15
6 PERSONAL PROJECTS UPDATES
EPAM Cloud provides all its users with their personal projects (named by corporate email address),
where they can launch and manage instances. These services are provided free of charge, within special
(personal) quotas.
With this release, we reviewed the existing quotas level mapping, and updated it according to the latest
changes in organization structure.
Quotas limitations and resources review rules were also reviewed.
6.1 PERSONAL QUOTAS REVIEWED
Personal quotas define the limit of monthly virtual infrastructure usage within personal projects, set as a
total price of such infrastructure.
Personal quotas can be of four levels, each corresponding to a specific monthly sum.
With this release, we reviewed the existing mapping and are glad to announce that for many job
functions, personal quotas were increased!
We developed a unified scheme of Job Function Level – Quota Level mapping that is now applied. The
general approach is: the personal quota depends on each user’s job function and level, irrespective of the
job function type:
Job Function Level Quota Level Total Sum
Job Function L1 Quota Level 1 $20.20
Job Function L2 Quota Level 1 $20.20
Job Function L3 Quota Level 2 $40.40
Job Function L4 Quota Level 3 $60.60
Job Function L5+ Quota Level 4 $80.80
Thus, the following personal quotas levels were applied:
Job Function Old Quota New Quota
Administration Level 3 L1 L2
Administration Level 4 L1 L3
Administration Level 5 L1 L4
Content Development Level 3 L1 L2
Content Development Level 4 L1 L3
Content Development Level 5 L1 L4
Corporate Functions Management Level 2 L4 L1
Corporate Functions Management Level 3 L1 L2
Corporate Functions Management Level 4 L4 L3
Corporate Functions Management Level 5 L1 L4
Data Administration Level 3 L1 L2
Design Level 3 L1 L2
Design Level 4 L1 L3
Design Level 5 L1 L4
Design Management Level 3 L1 L2
Design Management Level 4 L1 L3
Design Management Level 5 L1 L4
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 16
Experience Consulting Level 3 L1 L2
Experience Consulting Level 4 L1 L3
Experience Consulting Level 5 L1 L4
Instructional Design Level 3 L1 L2
Instructional Design Level 4 L1 L3
Learning and Development Services Level 4 L1 L3
Learning and Development Services Level 5 L1 L4
Legal Level 3 L1 L2
Legal Level 4 L1 L3
Legal Level 5 L1 L4
People Management Level 3 L1 L2
People Management Level 4 L1 L3
People Management Level 5 L1 L4
People Services Level 3 L1 L2
People Services Level 4 L1 L3
People Services Level 5 L1 L4
Physical Technology Development Level 3 L1 L2
Physical Technology Development Level 4 L1 L3
Physical Technology Development Level 5 L1 L4
Product Management Level 3 L1 L2
Product Management Level 4 L1 L3
Product Management Level 5 L1 L4
Sales Enablement Level 3 L1 L2
Sales Enablement Level 4 L1 L3
Scientific Curation Level 3 L1 L2
Scientific Curation Level 4 L1 L3
Scientific Curation Level 5 L1 L4
Service Delivery Management Level 1 L3 L1
Service Delivery Management Level 3 L1 L2
Service Delivery Management Level 4 L4 L3
Service Delivery Management Level 5 L1 L4
Software Engineering in Test Level 3 L1 L2
Software Engineering in Test Level 4 L3 L3
Software Engineering in Test Level 5 L1 L4
Staffing Level 2 L1 L1
Staffing Level 3 L1 L2
Staffing Level 4 L1 L3
Talent Acquisition Level 4 L1 L3
Talent Acquisition Level 5 L1 L4
Technical Writing Level 3 L1 L2
Technical Writing Level 4 L1 L3
Technical Writing Level 5 L1 L4
Technology Consulting Level 3 L1 L2
Technology Consulting Level 4 L1 L3
Technology Consulting Level 5 L1 L4
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 17
6.2 RESOURCE LIMITATIONS UPDATES
The other update in personal projects relates to the limitations for used resources and usage specifics:
• Personal resources idle period was set to 30 days.
Personal VMs are automatically terminated with a week’s notice, in case they remain in the
STOPPED state during 30 days in a row.
• The maximum shape size for personal projects is set to MEDIUM.
The currently available shapes are:
Name CPU Units RAM
MINI 1 1024 MB
SMALL 1 1740 MB
MEDIUM 2 3840 MB
You can see the detailed instructions on personal projects activation and usage, as well as the applied
limitations and other specifics of the offering, in the respective section of the Quick Start Guide.
7 ENTERPRISE CLOUD SUPPORT
With this release, EPAM Cloud Orchestrator gets integrated with the Enterprise Cloud, and supports a
new region for this – EPAM-ENT.
Using the region differs from other regions supported in EPAM Cloud, and has the following specifics:
• The resources cannot be created and managed in terms of self-service. To order a virtual
instance in the EPAM-ENT region, please address the Enterprise Admins team.
• Using EPAM Cloud toolset (EPAM Cloud Management Console and Maestro CLI), you can
review the existing resources, see their details, billing, and events audit.
• The billing information is provided as given based on the data obtained from by the Enterprise
Cloud data source. Billing data is updated once a day.
• Resource and billing quotas are not applied in EPAM-ENT region.
All projects that already have resources in the Enterprise Cloud, were
automatically activated in EPAM-ENT region on December 22.
The billing for projects in the region will start on January 1, 2020
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 18
8 MAESTRO CLI CHANGES
The changes in EPAM Cloud functionality are traditionally reflected in updates in Maestro CLI.
The following commands were updated in the new release:
• or2-describe-projects (or2dpro) – the command response now includes the ID of the project
account in public clouds.
• or2-docker-service (or2ds) – the command was added to enable changes in the service logic.
• or2-audit (or2audit) – the --group/-g parameter can now accepts the ENTERPRISE value to
enable the review of events in EPAM-ENT region.
• or2-report (or2report) – the --region/-r parameter can now accepts the ENTERPRISE value to
enable billing reports review for EPAM-ENT region.
You can find the detailed information on Maestro CLI usage and commands references in Maestro CLI
User Guide.
9 CLOUD ADMIN TOOL UPDATES
The Admin Tool allows to monitor and maintain the Cloud infrastructure and projects hosted within,
provide support and consulting on the Cloud projects operation and issues which may occur from time to
time.
The tool is available to authorized Cloud Support engineers only. It is regularly reviewed to enable the
support of the new features and improvements, introduced in upcoming EPAM Cloud Orchestrator
updates, as well as to improve the Support team user experience for the tool.
With the current release, the main changes introduced to the Cloud Admin tool are:
• Enterprise Cloud support is enabled
• SDN management is improved
• Billing reports processing is improved
• Project deactivation process is improved
• Help layout is improved to enable better usability
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 19
10 DOCUMENTATION UPDATES
All changes and updates to the EPAM Orchestrator functionality were reflected in the documentation and
other EPAM Cloud resources. With the release of EPAM Orchestrator 2.5.163, the following
documentation updates were made:
• Quick Reference Card was updated upon changes in the Maestro CLI
• Maestro CLI User Guide was updated upon changes in the Maestro CLI
• Services Guide Docker, Kubernetes, Auto Configuration, and Zabbix as a Service information
was updated.
• Quick Start Guide was updated with the reviewed information on personal projects.
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 20
TABLE OF FIGURES
Figure 1 - Kubernetes dashboard................................................................................................................ 11
Figure 2 - Remediation Steps Link and KB ................................................................................................. 13
Figure 3 - Azure Security Center Recommendations report ....................................................................... 14
EPAM Cloud Orchestrator 2.5.163 - What’s New
EPAM Systems 21
VERSION HISTORY
Version Date Summary
1.0 December 22, 2019 First published
![Description Templates and Orchestration Framework using … · (container orchestrator), Occopus [4] (cloud orchestrator) and Prometheus [5] (monitoring), and some additional custom](https://img.pdfslide.us/doc/110x75/5f05f7557e708231d4159e34/description-templates-and-orchestration-framework-using-container-orchestrator.jpg)
