Upload
others
View
9
Download
1
Embed Size (px)
Citation preview
Legal Notice: This document is property of EPAM and may not be disclosed, distributed or reproduced without the prior
written permission of EPAM®.
EPAM Cloud Orchestrator
MAESTRO CLI USER GUIDE
User Guide
February 2021
CSUG-2
Version 19.11
EPAM Cloud Orchestrator - Maestro CLI User Guide
2 EPAM PUBLIC
CONTENTS
Preface .................................................................................................................................. 10
About this Guide ............................................................................................................ 10
Audience ........................................................................................................................ 10
The structure of the Guide ............................................................................................. 10
Documentation References ........................................................................................... 11
1 Getting Started ............................................................................................................... 12
1.1 Installing Maestro CLI ....................................................................................... 12
1.2 Getting Maestro CLI Help ................................................................................. 12
1.3 Setting the Credentials...................................................................................... 14
1.4 Checking the Maestro CLI Client Version ......................................................... 16
1.5 Maestro CLI Info ............................................................................................... 17
1.6 Updating the Maestro CLI Client ....................................................................... 19
1.7 Describe Projects .............................................................................................. 20
1.8 Describe Regions .............................................................................................. 21
2 Working With Instances ................................................................................................. 23
2.1 Determining Available Images .......................................................................... 23
2.2 Determining Available Shapes .......................................................................... 25
2.3 Running Instances ............................................................................................ 26
2.4 Stop (Pause) Instances..................................................................................... 30
2.5 Start (Resume) Instances ................................................................................. 31
2.6 Reboot Instances .............................................................................................. 32
2.7 Rebuild Instance ............................................................................................... 33
2.8 Terminate Instances ......................................................................................... 33
2.9 Lock Instance Termination ................................................................................ 34
2.10 Describe Existing Instances .............................................................................. 36
2.11 Changing Instance Shape ................................................................................ 38
2.12 Changing Instance Owner ................................................................................ 39
2.13 View Pool State ................................................................................................. 40
2.14 Describe VLANs ................................................................................................ 41
EPAM Cloud Orchestrator - Maestro CLI User Guide
3 EPAM PUBLIC
2.15 Move Instance to VLAN .................................................................................... 42
2.16 Describe Subnets .............................................................................................. 43
2.17 Custom Instance Properties ( Launch Template) ............................................. 44
2.18 Describe Workspaces ....................................................................................... 46
3 Scheduling Instance Activities ....................................................................................... 46
3.1 Create Schedule ............................................................................................... 46
3.2 Describe Schedules .......................................................................................... 48
3.3 Add Instance to Schedule ................................................................................. 49
3.4 Remove Instance from Schedule ...................................................................... 50
3.5 Delete Schedule ................................................................................................ 51
3.6 Cron Reference ................................................................................................. 52
4 Instance Properties ........................................................................................................ 54
4.1 Set Instance Properties..................................................................................... 54
4.2 Describe Instance Properties ............................................................................ 56
4.3 Delete Instance Properties ............................................................................... 57
5 Creating Images ............................................................................................................ 58
5.1 Create an Image ............................................................................................... 58
5.2 Delete Image ..................................................................................................... 60
5.3 Preparing Instances for Image Creation ........................................................... 61
5.3.1 Windows OS Family .................................................................................. 61
5.3.2 Linux OS Family ........................................................................................ 65
6 Security and Connection ............................................................................................... 68
6.1 Create Key Pair ................................................................................................. 68
6.2 Import Key Pair ................................................................................................. 70
6.3 Describe Key Pairs ........................................................................................... 72
6.4 Delete Key Pair ................................................................................................. 73
6.5 Console ............................................................................................................. 74
6.6 Accessing AWS Management Console ............................................................ 76
6.7 IAM User Management ..................................................................................... 77
6.8 Accessing Azure Management Console ........................................................... 78
6.9 Accessing Google Management Console......................................................... 79
6.10 Decrypting Instance password .......................................................................... 80
EPAM Cloud Orchestrator - Maestro CLI User Guide
4 EPAM PUBLIC
6.11 Allocating a Static IP for a Project .................................................................... 81
6.12 Assign a Static IP to a VM ................................................................................ 82
6.13 Describe Static IPs ............................................................................................ 83
6.14 Disassociate a Static IP from a VM .................................................................. 84
6.15 Release a Static IP ........................................................................................... 85
6.16 Register an Existing Instance on Luminate ...................................................... 86
6.17 Describe Public Permissions ............................................................................ 86
7 Working with Volumes ................................................................................................... 88
7.1 Create and Attach Volume ................................................................................ 88
7.2 Attach Volume ................................................................................................... 90
7.3 Detach Volume ................................................................................................. 91
7.4 Resize Volumes ................................................................................................ 92
7.5 Describe Volumes ............................................................................................. 93
7.6 Delete Volume .................................................................................................. 95
7.7 Finding the Device Parameter .......................................................................... 96
7.8 Mounting Storage Volumes .............................................................................. 97
7.8.1 Windows OS family ................................................................................... 97
7.8.2 Linux OS Family ........................................................................................ 98
8 Working with Checkpoints ............................................................................................. 99
8.1 Create Instance Checkpoint ........................................................................... 100
8.2 Describe Instance Checkpoints ...................................................................... 101
8.3 Go to Instance Checkpoint ............................................................................. 102
8.4 Revert to Instance Checkpoint ........................................................................ 103
8.5 Delete Instance Checkpoint ............................................................................ 104
9 Working with Hardware Servers .................................................................................. 105
9.1 Hardware Server Registration ........................................................................ 105
9.2 Hardware Server Unregistration ..................................................................... 107
9.3 Hardware Server Modification ........................................................................ 108
9.4 Hardware Report ............................................................................................. 110
10 Audit and Billing ........................................................................................................... 111
10.1 Project Report ................................................................................................. 112
10.2 Get Prices ....................................................................................................... 114
EPAM Cloud Orchestrator - Maestro CLI User Guide
5 EPAM PUBLIC
10.3 Instance Audit ................................................................................................. 117
10.4 Working with EO Accounts ............................................................................. 119
11 Using Tags ................................................................................................................... 121
11.1 Set Tag ........................................................................................................... 121
11.2 Describe Tag ................................................................................................... 123
11.3 Delete Tag ...................................................................................................... 124
12 Working with Files ........................................................................................................ 125
12.1 Upload a New File ........................................................................................... 125
12.2 Delete a File .................................................................................................... 127
12.3 Describe Files ................................................................................................. 128
13 Security Scanning ........................................................................................................ 129
14 Automating Infrastructure Manipulation ....................................................................... 130
14.1 Terraform ........................................................................................................ 130
14.2 Amazon Cloud Formation ............................................................................... 131
14.2.1 Run AWS Stack ...................................................................................... 131
14.2.2 Describe AWS Stacks ............................................................................. 133
14.2.3 Describe AWS Stack Events ................................................................... 134
14.2.4 Describe AWS Stack Resources ............................................................ 135
14.2.5 Delete AWS Stack ................................................................................... 137
14.3 Maestro Stacks ............................................................................................... 138
14.3.1 Describe Maestro Stacks ........................................................................ 138
14.3.2 Run Maestro Stack .................................................................................. 139
14.3.3 Delete Maestro Stack .............................................................................. 141
14.3.4 Describe Stack Resources ...................................................................... 142
14.3.5 Validate Maestro Stack Template ........................................................... 143
14.3.6 Convert Maestro Stack Template ........................................................... 144
15 Services ....................................................................................................................... 145
15.1 Services Manipulation ..................................................................................... 146
15.1.1 Starting a Service .................................................................................... 146
15.1.2 Describing Project Services .................................................................... 148
15.1.3 Monitoring the Services ........................................................................... 150
15.2 Chef Server Service ........................................................................................ 151
EPAM Cloud Orchestrator - Maestro CLI User Guide
6 EPAM PUBLIC
15.2.1 Set Chef Mode ........................................................................................ 152
15.2.2 Disabling Auto Configuration for Specific OS ......................................... 153
15.2.3 Retrieving Chef Information .................................................................... 154
15.2.4 Collecting Info on Chef Clients ................................................................ 155
15.3 Zabbix Monitoring Service .............................................................................. 156
15.3.1 Starting a Service .................................................................................... 156
15.3.2 Service Info ............................................................................................. 157
15.3.3 Start Monitoring an Instance ................................................................... 158
15.3.4 Stop Monitoring an Instance ................................................................... 159
15.3.5 Viewing Zabbix Data ............................................................................... 160
15.4 Telemetry as a Service ................................................................................... 162
15.4.1 Starting a Service .................................................................................... 162
15.4.2 Adding an Instance to Telemetry ............................................................ 163
15.4.3 Stop Collecting Telemetry from the Instance .......................................... 164
15.4.4 Describe Telemetry Agents ..................................................................... 165
15.4.5 Get Telemetry ......................................................................................... 166
15.5 CloudWatch and SSM Service ....................................................................... 167
15.5.1 Starting a Service .................................................................................... 167
15.5.2 Managing SSM and CloudWatch Agents on a VM ................................. 168
15.6 Log Aggregation Service ................................................................................ 168
15.6.1 Starting a Service .................................................................................... 168
15.6.2 Log Service Info ...................................................................................... 168
15.6.3 Start Collecting Logs from an Instance ................................................... 169
15.6.4 Stop Collecting Logs from an Instance ................................................... 170
15.6.5 Viewing the Collected Logs ..................................................................... 170
15.7 Load Balancing Service .................................................................................. 171
15.7.1 Starting and Managing the Service ......................................................... 171
15.7.2 Load Balancer Configuration................................................................... 171
15.7.3 Configure Balancing ................................................................................ 173
15.7.4 Configure Limits ...................................................................................... 173
15.7.5 Configure Bans ....................................................................................... 174
15.7.6 Configure Cache ..................................................................................... 175
EPAM Cloud Orchestrator - Maestro CLI User Guide
7 EPAM PUBLIC
15.7.7 Describe Load Balancer Members .......................................................... 176
15.8 OpenShift as a Service ................................................................................... 177
15.8.1 Service Activation .................................................................................... 177
15.8.2 OpenShift Configuration .......................................................................... 177
15.9 Docker Service ................................................................................................ 179
15.9.1 Docker Container Images ....................................................................... 180
15.9.2 Manipulating an Application .................................................................... 182
15.9.3 Manipulating Volumes ............................................................................. 184
15.9.4 Creating a Docker Registry ..................................................................... 186
15.9.5 Manipulating Registry Images ................................................................. 186
15.9.6 Docker Service Info ................................................................................. 188
15.10 Kubernetes as a Service ................................................................................. 190
15.10.1 Starting the Kubernetes Service ............................................................. 190
15.10.2 Generating Inventory File for Ansible ...................................................... 191
15.11 Jenkins as a Service ....................................................................................... 192
15.11.1 Starting the service ................................................................................. 192
15.11.2 Creating a Jenkins Job ............................................................................ 193
15.11.3 Jenkins Plugins Management ................................................................. 194
15.11.4 Describing Existing Jenkins Jobs ............................................................ 196
15.11.5 Triggering a Jenkins Job ......................................................................... 197
15.11.6 Removing a Jenkins Job ......................................................................... 198
15.11.7 Configuration File Example ..................................................................... 199
15.12 Sonar as a Service .......................................................................................... 200
15.12.1 Service Activation .................................................................................... 200
15.12.2 Service Manipulation ............................................................................... 200
15.12.3 Sonar Quality Profiles ............................................................................. 201
15.12.4 Sonar Rules ............................................................................................ 202
15.13 Artifactory as a Service ................................................................................... 204
15.13.1 Service Activation .................................................................................... 204
15.13.2 Service Manipulation ............................................................................... 204
15.14 Relational Database Service .......................................................................... 206
15.15 Magento as a Service ..................................................................................... 208
EPAM Cloud Orchestrator - Maestro CLI User Guide
8 EPAM PUBLIC
15.15.1 Service Activation .................................................................................... 208
15.15.2 Service Manipulation ............................................................................... 208
15.16 Messaging as a Service .................................................................................. 209
15.16.1 Starting the service ................................................................................. 209
15.16.2 Getting Tokens ........................................................................................ 209
15.16.3 Queues Manipulation .............................................................................. 210
15.16.4 Messages Manipulation .......................................................................... 211
16 Ansible Usage .............................................................................................................. 212
16.1 Initializing Environment ................................................................................... 212
16.2 Ansbile Hosts .................................................................................................. 213
16.3 Ansible Groups ............................................................................................... 214
16.4 Ansible Group Properties ................................................................................ 215
16.5 Ansible Dynamic Inventory ............................................................................. 216
17 Troubleshooting ........................................................................................................... 217
Annex A - User Permissions ............................................................................................... 218
User Groups ................................................................................................................ 218
Default Project Roles ................................................................................................... 221
User Permissions customization for a Specific User ................................................... 224
Annex B – Client Versioning ................................................................................................ 225
Annex C – Instance Types and Their Shapes ..................................................................... 226
Annex D – Service Locations .............................................................................................. 227
EPAM Infrastructure .................................................................................................... 227
AWS Cloud Formation Regions ................................................................................... 230
Azure Regions ............................................................................................................. 231
Google Cloud Regions ................................................................................................ 232
Annex E – Logging in to Instances ...................................................................................... 233
Windows ...................................................................................................................... 233
Linux 233
AWS – Windows .......................................................................................................... 234
Azure 235
Google Cloud Regions - Windows ............................................................................... 236
Hardware MacOs ......................................................................................................... 237
EPAM Cloud Orchestrator - Maestro CLI User Guide
9 EPAM PUBLIC
Virtual MacOs .............................................................................................................. 238
Annex F – Maestro CLI Commands List ............................................................................. 240
Annex G – PaaS Guest Operating Systems ....................................................................... 243
Table of Figures................................................................................................................... 244
Version history ..................................................................................................................... 250
EPAM Cloud Orchestrator - Maestro CLI User Guide
10 EPAM PUBLIC
PREFACE
ABOUT THIS GUIDE
Maestro Command Line Interface (CLI) is intended to perform basic Orchestrator
commands via remote command line by sending server API requests using REST API without
the need to install 3rd party utilities. Maestro CLI commands are based on respective
commands for Amazon AWS. We picked a minimum required set of parameters for each
command. This way we were able to uniform the commands for different service providers.
This document provides detailed reference, including purpose, use case and syntax for each
of Maestro CLI commands.
The document is being constantly modified and updated. Please, feel free to contact us if
any questions or issues appear.
AUDIENCE
This guide is designed for EPAM Cloud users who create, manage and monitor their virtual
infrastructure using Maestro CLI.
THE STRUCTURE OF THE GUIDE
• Getting Started section gives the instructions on how to start working with Maestro
CLI, set credentials and see the regions and projects available for the user.
• Working With Instances section lists the commands dealing with the instance
manipulation and info.
• Scheduling Instance Activities section provides the commands to set up and
manipulate cron schedules
• Instance Properties section lists the commands dealing with instance properties
• Creating Images section gives image-related commands and the instructions on
preparing an instance for image creation.
• Security and Connection section describes keys and console commands
• Working with Volumes section lists the volume-related command and gives
instructions on volumes mounting and usage.
• Working with Checkpoints section lists checkpoint-related commands and tips.
• Audit and Billing section gives report, prices and audit-related commands.
• Using Tags section lists the tag-related commands
• Working with Files section lists files manipulation commands
• Automating Infrastructure Manipulation section gives the commands and
recommendations on working with Amazon Cloud Formation and Maestro Stacks.
• Services section gives the detailed instructions on working with the services
manipulated via Maestro CLI.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 11
DOCUMENTATION REFERENCES
EPAM Orchestration is described in details in a number of documents, oriented on different aspects of
Orchestration usage, and on different types of users.
You can find these documents on our Documentation page.
The answers to the most frequently asked questions can be found on the FAQ page.
EPAM Cloud terms and conditions are described in the EPAM Cloud Terms and Conditions. Please
take a look at this document in order to avoid misunderstandings and conflicts that may arise during the
service usage.
The terminology of EPAM Cloud and the related products can be found on the Glossary page.
Please email your comments and feedback to EPAM Cloud Consulting at
[email protected] to help us provide you with documentation that is as clear,
correct and readable as possible.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 12
1 GETTING STARTED
This section provides you with the basic information on Maestro CLI installation and the basic commands
that allow you to get acquainted with the Orchestrator.
1.1 INSTALLING MAESTRO CLI
Maestro Command Line Interface (CLI) is a tool for performing Orchestrator commands via remote
command line. It can be easily installed and run by following the steps given below:
• Make sure you have Java Runtime Environment (JRE) installed (Java Developer’s Kit (JDK)
ver. 1.8). You can download the latest version of JRE/JDK from the official Oracle website.
• Having installed Java, make sure JAVA_HOME system variable points to JDK installation
folder, while Path contains a link to 'bin' folder of JDK.
• Download maestro-cli.zip archive.
• Unpack the archive. The target folder should not contain spaces. As a result, you will get a
'maestro-cli' folder containing two subfolders.
• Run Maestro CLI:
• For Windows: Run windows-console.cmd in ‘maestro-cli’ folder
• For Linux: go to the ‘maestro-cli/bin’ folder, where you will be able to select any of the available
scripts to run.
You can find a detailed guide on Maestro CLI installation and the full list of the necessary
Prerequisites in Maestro CLI Quick Start Guide.
1.2 GETTING MAESTRO CLI HELP
Maestro CLI needs precise specification of command parameters and their values.
Typically, users remember the most frequently used commands and parameters, and need to reference
documentation to clarify the details.
Maestro CLI provides a set of its own assistance facilities that allow to simplify the tool usage and
minimize the need to use additional resources:
• or2help command allows to see the list of all commands available in cloud or, when used with
the --region parameter, in a specified virtualization region. Additionally, the command can
contain the --project parameter to retrieve the list of commands available for the requesting
user in the specified project.
By default, the commands in the response go alphabetically with brief descriptions. In case you
need the commands with detailed parameters info, you can use the –full flag. For example:
or2help –r AWS-USEAST [--full]
• Automatic help: In case you miss a parameter at command run, or the given parameter or
parameter value is incorrect, Maestro CLI will inform you on the issue and provide with the list
of command parameters.
For example, the following command:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 13
Figure 1 - or2help Command Output
or2chow –p DEMOPRO
where not all necessary parameters are given, will result in the following output:
Figure 2 - Command help for incorrect parameters input
• Usage examples and related commands. You can get a full reference on a command,
including usage examples, parameters, and related commands, by calling the necessary
command with the --help parameter, for example:
or2dim --help
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 14
The command response will include the following elements:
Figure 3 - Command response with --help option
Where:
1. Command description
2. The most typical examples of the command’s usage
3. The list of the commands, related to the target one, with examples
4. The list of parameters
1.3 SETTING THE CREDENTIALS
Running commands using Maestro CLI requires provision of user credentials.
The first thing you should do after going through installation is execute the or2access command and
enter your credentials when prompted.
Invoke: or2-get-access (or2access)
The command registers user domain credentials within Orchestrator and creates a ‘default.cr’ file.
When launched, it prompts to provide EPAM domain credentials (with or without ‘@epam.com’
respectively.) Specified credentials are checked for validity on Orchestrator side and a list of projects,
available to the user, is drawn and stored in local Orchestrator storage.
Passwords are never stored openly either on Orchestrator, or on Maestro CLI client side.
Currently, user credentials are cached by the or2access command to the %Maestro_CLI%/lib/default.cr
file. Thus, it is important to keep the %Maestro_CLI% in the directory that cannot be accessed from
outside.
We recommend to install Maestro CLI to your home directory (C:\Users\<your_name>).
The Company security policy implies changing user passwords every three months. Please, run the
or2access command again, specifying your new password each time you have it changed.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 15
Orchestrator allows Project Managers and Coordinators to customize user permissions in order to avoid
any unwanted actions from specific project members and keep a better track of project infrastructure.
Each project member is given access to a certain set of actions, depending on their current project role.
We have created a generic project role mapping matrix, which is used by default and gives you
something to start with. You can find it in Annex A.
Unlike most of commands, this one is performed on the Orchestrator level and does not use any
Virtualization Service Providers. You do not need to specify the -r and -p parameters to run it.
CLI Parameters
Parameter name Description Required
--force Force user update No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-s, --system Use system credentials. Uses domain credentials if not
specified. No
--help Display command help No
Response Elements
Name Description
Name User name
Pwd User password
Command Example
or2access
Response Example
Figure 4 - or2access Response Example
If you like to log in as another EPAM user, please run the or2access command again to overwrite
previously stored user credentials.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 16
1.4 CHECKING THE MAESTRO CLI CLIENT VERSION
Invoke: or2-check-version (or2check)
The command shows the version of Maestro CLI client currently installed on your machine. See Annex
B – Client Versioning for details.
Unlike most of CLI commands, this one requires no parameters to run.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--help Display command help No
Response Elements
Name Description
provided-cli-version Current version of Maestro CLI client installed on user machine
provided-api-version Current version of Maestro API installed on user machine
required-api-version Minimum version of Maestro API required to work with current
Orchestration framework
last-cli-version Latest available version of Maestro CLI
client-status Status of current client
Command Example
or2check
Response Example
Figure 5 - or2check Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 17
1.5 MAESTRO CLI INFO
Invoke: or2-get-info (or2info)
This command allows obtaining information of Maestro CLI client configuration, the state of environment
variables as well as Freemarker FTL user templates utilized.
Unlike most of commands, this one is performed on the Maestro CLI Client level, does not require
connection to Orchestrator and does not use any Virtualization Service Providers. There are no required
parameters and execution result has no fixed elements.
CLI Parameters
Parameter name Description Required
-f, --file Use this parameter to send output to the specified file in the
‘/maestro-cli/out’ folder. No
--help Display command help No
The result of the ‘info’ command execution contains several sections:
• Current time – current GMT time on a client machine. This parameter is used when forming an
authorization key for each command and can be useful to determine reasons for failures.
• Parameter values within ‘cli-system.properties’. Users are unable to edit system parameters,
since ‘cli-system.properties’ is contained within ‘maestro-cli-full.jar’, while its contents are
crucial to determine reasons for command failures. One of the parameters within this file is
‘cli.version’, containing currently installed version of the CLI client.
• HTTP Client configuration values.
• Contents of the ‘default.cr’ file. In case this file contains a property password, it will not be
displayed for security concerns.
• Environment variable values, namely ‘ORCH_URL’, ‘MAESTRO_CLI_HOME’,
‘JAVA_HOME’.
• Contents of custom Freemarker Template, if defined as a value for the
‘custom.freemarker.template.file’ within ‘cli.properties’.
In case a parameter has no set value (e.g. ‘http.tcp.nodelay=’), it will not be included in the response
to the ‘or2info’ command execution.
Command Example
or2info
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 18
Response Example
Figure 6 - or2info Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 19
1.6 UPDATING THE MAESTRO CLI CLIENT
Invoke: or2-update-cli (or2update)
The command retrieves the newest version of Maestro CLI client available on the Internet.
1. Unlike most of CLI commands, this one requires no parameters to run.
2. Some older versions of Maestro CLI client do not support this command. If you encounter a problem
when running it, please download and update the client manually for once.
Command Example
or2update
Response Example
Figure 7 - or2update Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 20
1.7 DESCRIBE PROJECTS
Invoke: or2-describe-projects (or2dpro)
Describes all activated projects accessible by current user.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA. To describe several projects,
repeat the parameter: -p project1 –p project2 –p projectN No
-t, --type Region type [EPAM, AWS, AZURE, GOOGLE, Single region] No
--help Display command help No
Response Elements
Name Description
projectID Project abbreviation in UPSA
Zone Virtualization zone
zoneLocation Physical location of the region
Shapes Available shapes
projectState Current project state
activated Project activation date
deactivated Project deactivation date
defautOwner Email address of the user being the default owner of the project
If your project is not in the list returned by the command, it means, that it is not activated in Cloud. In
this case, before proceeding with other commands, please, address to your Project Manager to submit
a Service Request for activating your project in Cloud.
Command Example
or2dpro –t aws
Response Example
Figure 8 - or2dpro Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 21
1.8 DESCRIBE REGIONS
Invoke: or2-describe-regions (or2dreg)
Describes available virtualization regions for provided project and user credentials.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-t, --type Region type [EPAM, AWS, AZURE, GOOGLE] Yes
-i, --inactive Show inactive regions for the project No
--help Display command help No
Response Elements
Name Description
Name Virtualization region name
zoneLocation Physical location of the region
Access
EPAM Cloud access level of the user who called the command. There are four levels, each including a group of permitted actions:
• guest: READ, META, VM, STORAGE
• low: READ, META, VM, STORAGE, NEW_RESOURCES
• medium: READ, META, VM, STORAGE, NEW_RESOURCES, KILL_RESOURCES
• advanced: READ, META, VM, STORAGE, NEW_RESOURCES, KILL_RESOURCES, ADVANCED_MANAGEMENT
You can find the details on the actions, included to each group, on the User Permissions page.
virtType The region Virtualization type
orchType The type of orchestrator used
Status The current status of the region
monthSla The region availability statistics, based on the information gathered during the latest four weeks
Coefficient Region billing coefficient
quotaLimit The project quota limit in the region, if any
quotaPolicy Specifies whether quotas are applied to the project, or not
Command Example
This example describes available regions for the specified project.
or2dreg -p project –t aws
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 22
Response Example
Figure 9 - or2dreg Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 23
2 WORKING WITH INSTANCES
Instances are the main items of the infrastructure created by a user. To run an instance, you should
specify the following necessary instance parameters:
• The project to which the new instance will be assigned
• The region in which the new instance will be run
• The name of the image to be used to run the instance
• The shape of the image to be run
The image determines the basic configuration of the instance. This includes an Operation system, as
well as the set of default settings. The list of available images can be retrieved by or2-describe-images
command.
The instance shape specifies the capacity of the instance to be created. This includes vCPU number
and RAM memory size. Please, note that the selected shape influences the VM monthly cost.
2.1 DETERMINING AVAILABLE IMAGES
Invoke: or2-describe-images (or2dim)
Use this command to return information about images. If you specify one or more image IDs,
Orchestrator returns information for those images. If you do not specify image IDs, Orchestrator returns
information for all relevant images according to your access rights.
AWS-type regions: this command describes only ‘Project’ (‘Owned by me’) and ‘Enterprise’ images
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-g, --group
Image group name. Available values: public,
enterprise, project. For several groups repeat the parameter.
Default behavior if not specified: show all groups
No
-i, --image
Image ID. For several images repeat the parameter
Default behavior if not specified: show all images
This parameter is case sensitive
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
Id Image ID
description Image description
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 24
Group
Scope of availability for the image. Public typically stands for Linux-based images,
Enterprise – for Windows, and Project stands for custom images created by
project members and available within this project.
size_MB Image size in MB
State Current state of the image
Command Example
This example describes all images available to your user and project in the specified region.
or2dim -p project -r region
Response Example
Figure 10 - or2dim Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 25
2.2 DETERMINING AVAILABLE SHAPES
Invoke: or2-describe-shapes (or2dshape)
The shape of the VM specifies its capacity, determined by the vCPU number and RAM memory size.
Run the command to find out available instance shapes for your project.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Shape name
cpu Shape CPU count
memory_MB Shape memory in MB
aws-type AWS shape indication (AWS-type regions only)
storage_GB Default storage size (only for OpenStack-based regions)
storage_gb The available system disk sizes (only for OpenStack-based regions)
The list of the shapes available in Cloud is given in Annex C – Instance Types and Their Shapes. Some
of these shapes may be not available for your project. To extend the list of the available shapes, please,
submit a corresponding Service Request to HelpDesk.
Command Example
This example describes available shapes for the specified project.
or2dshape -p project -r region
Response Example
Figure 11 - or2dshape Response Example (OpenStack-based region)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 26
2.3 RUNNING INSTANCES
Invoke: or2-run-instances (or2run)
Use this command to launch the specified number of instances with provided shape and image.
Instances will be created under Maestro project that is bound to the specified user credentials. Once an
instance is launched, a notification is sent to EPAM user’s e-mail and EPAM Cloud Consulting Team.
By default, each instance includes 100 GB Storage Volume for Windows Instances, 40 GB Storage
Volume for Linux Instances, and 60 GB Storage Volume for virtual MacOS. In a case when your needs
are above that (except MacOS), you can attach additional storage volumes.
The initial system disk is set up when you order a virtual instance. This is a part of the shape declaration,
which includes the combination of CPU and RAM, referenced by the shape name, and flavor:
SHAPE (CPU + RAM) . FLAVOR
RUN A VM = + IMAGE (OS + DISK)
The available flavors are 100 GB, 200 GB, 300GB, 500 GB. Once flavor is not specified, default system
storage size is used.
Although instance launching procedure is similar for all platforms EPAM Cloud works with, there are
some specifics on instance launch and login for each type of regions:
• EPAM regions:
o If you run Windows instances, use your domain credentials
([email protected]) to access them. This is also true for Linux instances.
o For Linux instances, use the SSH and/or your standard domain credentials
o Both Windows and Linux instances accept credentials from all members of the specified
project (they are included in the ‘Administrators’ user group).
o Each machine image has a recommended shape. Users can now only run machine
images using recommended shapes (or larger ones).
• AWS regions:
o To connect to Windows instances running on Amazon, run the or2console command
specifying your instance ID, project and region. You will receive an email message
containing the encrypted password in an attached file. Save the attachment or its
content and run the or2dp command specifying the path to your private key and the
path to the file containing the encrypted password. The command will return the
password to use for logging in to your VM via the RDP connection.
o The connection to Linux instances on Amazon is performed only via SSH key
• Azure regions:
o When a VM (either Windows or Linux) creation is initiated, you, as the requesting user
(the instance owner), will get a letter containing credentials for access to this VM
remotely. These credentials are generated only once and will not be available for
reference anywhere except this letter. Please save them properly for further usage.
o Each virtual instance in Azure is created within a specific resource group, with the name,
matching the ID of the VM. The resource group includes the VM, system disk, network
interface.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 27
If you terminate an instance in Azure, and the name of the instance is the same as the
name of the resource group it is placed within, the whole resource group will be
terminated. The operation will also affect any attached additional volumes.
o Each virtual instance and volume, created in Azure via EPAM Orchestrator, are based
on Azure Managed Disks for better performance and usability.
• Google regions:
o For Linux instances, an SSH key is mandatory for VM launch and login. The usernames
depend on the VM image:
Image Username
CentOS7_64-bit centos
Debian9_64-bit debian
Ubuntu16.04_64-bit Ubuntu
o For Windows instances, SSH keys are not supported for VM launch. However, to login
to a Windows VM, use the or2console command specifying an SSH key. The key must
always be of 2048 size. You will receive an email message containing the encrypted
password in an attached file. Save the attachment or its content and run the or2dp
command specifying the path to your private key and the path to the file containing the
encrypted password. The command will return the password to use for logging in to
your VM via the RDP connection.
• EPAM-MAC region:
o Hardware Mac: use your MacOS IP address or DNS name in the VNC client. For
Authentication, use the uppercase abbreviation of your project in UPSA, then log in with
the user/user credentials.
We strongly recommend changing your credentials after the first login!
o Virtual Mac: connect to your VM via the VNC client using your project abbreviation in
UPSA as the password and log in with your domain credentials (without @epam.com).
Please note that the domain credentials are case sensitive.
We strongly recommend changing the default credentials after the first login and
enabling access via the VNC standalone client!
CLI Parameters
Parameter name Description Required
-g,
--ansible-group
Add instance to an existing Ansible group. For several
groups repeat the parameter:
-g groupName1 -g groupName2 -g groupNameN
No
-c, --count * Instances count. Maximum allowed value: 5. Default value if
not specified: 1 No
-d, --description Description property alias. Can be used to assign custom
instance descriptions displayed by the "or2din" command No
-e, --expiration **
A time point the instance will be stopped at. Use the ISO
8601 date format: ‘yyyy-MM-ddTHH:mm’ or shift in hours
‘hH’.
No
--full Show full command output instead of default basic one No
-i, --image Machine Image No
-a, --ip-address IP address. Applicable only for OpenStack zones No
-k, --key-name Name of an existing keypair to associate with this instance.
This option is mandatory for running Linux instances in AWS. No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 28
CLI Parameters
-u,
--launch-template
Launch template name. Applicable only for EPAM
OpenStack and AWS regions. No
--luminate Register instance on Luminate. No
--max-price Max price for the spot instance ($ per hour). Applicable only
for AWS zones. No
-n, --network
UUID of the network in which the instance(s) will be
launched. If not specified, the default network will be used.
Repeat the parameter to specify several networks (e.g. -n
networkUUID1 -n networkUUID2)
No
-P,
--plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t,
--script-name
Script to launch. To specify script parameters with their
values, use the following syntax:
-t "<scriptName>:value1#value2"
No
-S, --security-group
Name of the security groups in which the instance(s) will be
launched. If not specified, the default security group will be
used. Repeat the parameter to specify several security
groups (e.g. -S sg1 -S sg2)
No
-s, --shape***
Instance type in format <shapeName>.<flavor>.
(for example: MEDIUM.300) No
--spot
Request spot instance. Applicable only for AWS zones.
Default: false No
--help Display command help No
* Maximum count can be limited on Orchestrator side (Use system property "virt.max.instances.count", default value is 5) ** 1. To reset the expiration timer a user should restart the VM (or stop and start it again); 2. A VM can be launched with a new expiration parameter, if required. 3. If a user sends a command to reboot/shutdown a VM as a system user (via SSH or RDP) this timer will not be reset. ***In OpenStack regions, you can specify instance flavor – the size of the system disk (100, 200, 300, 500 GB), in case this facility is activated for the project by the previous request.
If you want to enable custom script to be executed on the instance after creation, please check that the
script titles are in a correct format. For Linux scripts, it is necessary to have a header that includes one
of the following: "bash", "bin/sh", "perl", Windows script files should have a ".ps1", ".cmd" or ".bat"
extension.
You can run instances under the personal projects. Such instances can be convenient for testing,
training, and estimations, and are free of charge. However, they have a number of limitations. The
details on personal project usage, their quotas and limitations are given in the Quick Start
Guide (Chapter 7: Personal Quotas and Projects).
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 29
Response Elements
Name Description
instanceID Service provider specific instance ID
dnsName Instance DNS name
privateIP Private IP assigned to the instance
state instance state
guestOS Operating System running on the instance
owner Owner of the instance
image Template used to launch the instance (optional)
shape Hardware shape of the instance
In case you are running several instances at once and CLI returns an error (for example, you have reached
the project quota), it is possible, that some of the requested resources were still launched and you are set
as the owner of these resources. Please, use the or2din command to check it.
Command Example
This example runs one instance with specified image and shape. This instance will be tagged with
maestro:project-id according to the user’s credentials.
or2run -p project -i image -s medium -r region
If your instance encounters a problem during launch and remains in the ‘starting’ state for 5 hours, it is
terminated automatically.
Response Example
Figure 12 - or2run Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.4 STOP (PAUSE) INSTANCES
Invoke: or2-stop-instances (or2stop)
Use this command to stop the specified instances. You can only stop permitted instances, in accordance
with your project abbreviation in UPSA:
If you stop an instance, its expiration timer will be reset.
CLI Parameters
Parameter name Description Required
-c, --force Force to stop instances. Default: false No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -
i ID1 -i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No*
-r, --region Virtualization region No*
--irg,
--instanceResourceGroup
Indicates the necessary resource group for work with
Azure No
--help Display command help No
*The ‘project’ and ‘region’ parameters are mandatory when several instance IDs are sent in the
command. When only one instance ID is sent, the ‘project’ and ‘region’ parameters may be omitted.
Response Elements
Name Description
instanceID Service provider specific instance ID
dnsName DNS name assigned to the instance
privateIP Private IP assigned to the instance
state Instance state
requested Instance request timestamp
Command Example
This example shows the common case of stopping an instance.
or2stop -i instance_id -p project -r region
Response Example
Figure 13 - or2stop Example Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.5 START (RESUME) INSTANCES
Invoke: or2-start-instances (or2start)
Starts stopped instances. You can only start permitted instances, in accordance with your project
abbreviation in UPSA
CLI Parameters
Parameter name Description Required
-e, --expiration*
A time point the instance will be stopped at. Use the ISO
8601 date format: ‘yyyy-MM-ddTHH:mm’ or shift in hours
‘hH’.
This option is not available for AWS-type regions.
No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -
i ID1 -i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No*
-r, --region Virtualization region No*
--irg,
--instanceResourceGroup
Indicates the necessary resource group for work with
Azure No
--help Display command help No
1. To reset the expiration timer a user should restart the VM (or stop and start it again). 2. A VM can be launched with a new expiration parameter, if required. 3. If a user sends a command to reboot/shutdown a VM as a system user (via SSH or RDP) this timer will not be reset.
*The ‘project’ and ‘region’ parameters are mandatory when several instance IDs are sent in the command. When only one instance ID is sent, the ‘project’ and ‘region’ parameters may be omitted
Response Elements
Name Description
instanceID Service provider specific instance ID
state Instance state
Command Example
This example starts one instance with specified instance ID.
or2start -i instance_id -p project -r region
Response Example
Figure 14 - or2start Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.6 REBOOT INSTANCES
Invoke: or2-reboot-instances (or2reboot)
The command reboots specified instances. You can only reboot permitted instances, in accordance with
your project abbreviation in UPSA
1. If you reboot an instance, its expiration timer will be reset (this does not concern AWS-type regions).
2. or2reboot command is not supported in Google regions.
CLI Parameters
Parameter name Description Required
-c, --force Force to reset instances. Default: false No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter:
-i ID1 -i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p,--project Project abbreviation in UPSA No*
-r, --region Virtualization region No*
--irg,
--instanceResourceGroup
Indicates the necessary resource group for work with
Azure No
--help Display command help No
*The ‘project’ and ‘region’ parameters are mandatory when several instance IDs are sent in the
command. When only one instance ID is sent, the ‘project’ and ‘region’ parameters may be omitted
Response Elements
Name Description
instanceID Service provider specific instance ID of the rebooted instance
dnsName DNS name assigned to the instance
privateIp Private IP assigned to the instance
state State of the instance (PoweredOn/PoweredOff/Rebooting)
requested Instance request timestamp
Command Example
This example reboots one instance with specified instance ID.
or2reboot -i instance_id -p project -r region
Response Example
Figure 15 - or2reboot Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.7 REBUILD INSTANCE
Invoke: or2-rebuild-instance (or2ri)
Rebuilds an instance with new image in OpenStack regions. It is possible to rebuild an instance not only
from public and enterprise machine images but from project ones too.
Using this command has several limitations that include:
• rebuild is only possible for stopped (recommended) and running instances,
• machine images must be of the same OS type,
• volume size of the instance should not exceed 100 GB,
• the instance should not be under rebuilt process,
• the instance should not be under moving to another project.
• for Windows-based instances the rebuild can be performed only on images with the type
“project”, which were created from the instances prepared beforehand. You can find the
details about Windows instance image preparation in the respective section of this guide.
Admin CLI Parameters
Parameter name Description Required
-h, --help Display command help No
-p, --project Project ID Yes
-r, --region Virtualization Region Yes
-i, --instance Instance ID or Instance Name. Yes
-m, --imageId Image ID or Image Name. Yes
Command example:
or2rebuild-instance -i <instance ID> -m <image ID> -p <project>
-r <region>
Response example:
2.8 TERMINATE INSTANCES
Invoke: or2-terminate-instances (or2kill)
Use his command to terminate the specified instances. You can only terminate permitted instances, in
accordance with your project abbreviation in UPSA.
If you terminate an instance in Azure, and the name of the instance is the same as the name of the
resource group it is placed within (the default case for VMs created by EPAM Orchestrator), the whole
resource group will be terminated. The operation will also affect any attached additional volumes.
In AWS additional volumes are removed together with the related instance by default. EPAM
Orchestrator automatically sets this option to prevent additional costs resulting from volumes remaining
in the system after the corresponding instance termination. If your project needs require that additional
EPAM Cloud Orchestrator - Maestro CLI User Guide
volumes remain available, detach them before terminating the instance with or2-detach-volume
(or2detvol) command and specify project, region and volume ID.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -
i ID1 -i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Automatic confirmation No
--permanently Terminates the instance permanently without an attempt
to place it in the Recycle Bin No
--irg,
--instanceResourceGroup
Indicates the necessary resource group for work with
Azure. No
--help Display command help No
Response Elements
Name Description
instanceID Service provider specific instance ID
dnsName DNS name assigned to the instance
privateIP Private IP assigned to the instance
state Instance state
requested Instance request timestamp
Command Example
This example shows the common case of terminating an instance with specified ID.
or2kill -i instance_id -p project -r region
Response Example
Figure 16 - or2kill Response Example
2.9 LOCK INSTANCE TERMINATION
Invoke: or2-lock-instance-termination (or2lock)
Use his command to prohibit termination of a specific instance. When called second time for the same
instance, the command will release the lock.
EPAM Cloud Orchestrator - Maestro CLI User Guide
The command is available in private regions and in AWS.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance The ID of the instance to be locked from termination Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
This example shows the common case of instance termination prohibition:
or2lock -i instance_id -p project -r region
Response Example
Figure 17 - or2lock Response Example
If the or2lock command specifies an AWS region and an AWS instance, the VM will be locked for
termination not only by the Orchestrator tools, but also by the native AWS tools.
or2lock –p project –r AWS-REGION –i instance_ID
The same command used on a locked instance will allow its termination again.
Figure 18 - or2lock command repeated to allow instance termination
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.10 DESCRIBE EXISTING INSTANCES
Invoke: or2-describe-instances (or2din)
Use this command to return information about instances that you own. If you specify one or more
instance IDs, Orchestrator returns information for those instances. If you do not specify instance IDs,
Orchestrator returns information for all relevant instances according to your access rights.
User will see only permitted instances. Permission rights are bound to the provided credentials. Usually,
remote resources are filtered by the -p (--project) parameter. This parameter will be resolved on the
Orchestrator side from the provided user credentials.
CLI Parameters
Parameter name Description Required
-a, --audit
Switches the output to Audit mode. The list of the VMs will be
accompanied by the following information: Instance ID and DNS
name, shape, state, description, requested date and time, the
owner, the date and time of the last event on the VM, the name of
the person who performed the latest change.
No
-d, --inSchedule Show only VMs present in the specified schedule No
-e, --
propertyExistence Show only instances with the specified key No
-c, --force Force to get instance information. Default: false No
--full Show full command output instead of default basic one. Full output
includes AWS availability zone No
--help Display command help No
-i, --instance Instance ID. For several instances repeat the parameter. No
-l, --property Show only instances with the provided ‘key=value’ properties. For
several properties repeat the parameter. No
-o, --onlyIds Show only instance IDs, one per line No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No
-r, --region Virtualization region. Use several times to find information on
instances in several regions No
-S, --service Service name. To describe instances for all
services, type 'any'. No
-s, --
instanceState
Show only VMs with the provided state. For several states repeat
the parameter. No
-u, --output Show only the field specified as csv. No
-v, --vlan Show only instances within the specified VLAN No
-w, --owner Email or 'Name Surname' of instance owner for report generation. No
-x, --regexp
Show only instances with the provided ‘key=value’ properties. For
several properties repeat the parameter.
Values are treated like regular expressions.
No
EPAM Cloud Orchestrator - Maestro CLI User Guide
Response Elements
Name Description
instanceID Service provider specific instance ID
instanceName Instance name
dnsName DNS name assigned to the instance
privateIP Private IP assigned to the instance
state State of the instance
guestOS Instance OS*.
owner Owner of the instance
Image Template used to launch the instance (optional)
shape Hardware shape of the instance
description Custom instance description (See Set Instance Properties)
*This functionality is limited on AWS due API restrictions. You can only see, whether your instances
running in this region have Windows as guest OS or not.
Command Example
This example describes the current state of the instances mapped to your user ID.
or2din -p project -r region
Response Example
Figure 19 - or2din General Response Example
Command Example
This example describes only stopped instances of the specified owner:
or2din -p project -r region -i instance_id -s stopped -w
Response Example
Figure 20 - or2din Response Example with Filters
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.11 CHANGING INSTANCE SHAPE
Invoke: or2-change-shape (or2chshape)
Changes the instance shape to a larger or smaller one. The target VM should be stopped before you
initiate shape change.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-i, --instance The ID of the instance to change Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
-s, --shape New shape Yes
This command is not available in Google Cloud regions.
Command Example
or2chshape -r region -p project -i instance_id -s MEDIUM
Response Example
Figure 21 - or2chshape Response Example
Command Example
This example expands the system disk of the existing instance
or2chshape -p demopro -r epam-by2 -i ecsc12312312 -s medium.500
Response Example
Figure 22 - or2chshape Shape Expand Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.12 CHANGING INSTANCE OWNER
Invoke: or2-change-owner (or2chow)
Changes the owner of an instance or file resource.
CLI Parameters
Parameter name Description Required
-e, --email New owner’s email, case-insensitive Yes
--full Show full command output instead of default basic one No
--help Display command help No
-f, --file-type File type for file resources [script, eo-template, cf-
template, zabbix-template, blueprint] No
-n, --resource-name Resource name [Instance ID (case-sensitive) or
Instance Name (case-insensitive), file name] Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-t, --resource-type Type of resource [instance, file]. Default: INSTANCE No
Response Elements
Name Description
instanceId Instance ID
name Instance name
zone Virtualization region
owner New owner of the instance
state Instance state
Command Example
or2chow -p project –n instance_name -e [email protected]
Response Example
Figure 23 - or2chow Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.13 VIEW POOL STATE
Invoke: or2-view-pool-state (or2vps)
To estimate the time needed for running a new instance, you can use the or2vps command. Creating
an instance from an image available in the pool will take less time than from the other images.
The or2-view-pool-state command shows current state of instance pool for the specified region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
imageName Machine image name
quantity Number of instances available in the pool
Command Example
or2vps -r region
Response Example
Figure 24 - or2vps Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.14 DESCRIBE VLANS
Invoke: or2-describe-vlans (or2dvlans)
Describes Virtual Local Area Networks (VLAN) available for specified availability region and project
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name VLAN name
description VLAN description
Command Example
This example describes existing VLANs for the specified project and region:
or2dvlans -p project -r region
Response Example
Figure 25 - or2dvlans Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.15 MOVE INSTANCE TO VLAN
Invoke: or2-move-instance-to-vlan (or2mivlan)
Moves an instance to another VLAN activated for the current project and availability region. The CSA и
OpenStack regions are supported.
In order to move between VLANs instances must be in the ‘stopped’ state.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --vlan Target VLAN ID Yes
--help Display command help
Response Elements
Name Description
result States whether the command has been run successfully
Command Example
This command reads the specified template and stores it to the specified local file:
or2mivlan -p project -r region -i instance_ID -v vlan_id
Response Example
Figure 26 - or2mivlan Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.16 DESCRIBE SUBNETS
Invoke: or2-describe-subnets (or2dsn)
Describes subnets available for the specified project in the given region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --subnet-id Filter subnets. Repeat parameters to specify multiple subnets No
--help Display command help No
Response Elements
Name Description
subnetId The ID of the subnet available for the project
networkId The ID of the network to which the subnet belongs
cidr Subnet IP range
name The name of the subnet (the default internal EPAM network is named Server
Network
gatewayIp The default gateway in the subnet
dmz Specifies whether the parent network is placed in DMZ
Command Example
This example describes existing VLANs for the specified project and region:
or2dsn -p project -r region
Response Example
Figure 27 - or2dsn command response
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.17 CUSTOM INSTANCE PROPERTIES ( LAUNCH TEMPLATE)
Invoke: or2-launch-template (or2lt)
Allows managing launch templates, json files containing information on certain configuration of VMs
available for the existing infrastructure.
• The command can be executed only by members of Advanced Management Group and admins
• Available in AWS and Private OpenStack regions
CLI Parameters
Parameter name Description Required
-a, --action
Manage Launch Template action. Allowed values:
[describe, upload_template, upload_version, delete,
modify]
No
-f, --file Path to the Launch Template JSON file No
--full Show full command output No
--help Display command help No
--json Show command output in json format No
-n, --name Launch Template name. No
-P, --plain-output Use plain output view No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --source-version The version number of the Launch Template version on
which to base the new version Yes
-v, --version Launch Template version No
-d,
--version-description Launch Template version description No
Command Example
or2lt -a upload_template -p project -r region -n template_name
-f path_to_file -d version_description
Response Example
Figure 28 - or2lt Response Example
To run VM with a Launch Template use or2run Maestro CLI command and --launch-template (-u)
parameter.
EPAM Cloud Orchestrator - Maestro CLI User Guide
Syntax and template creation
All templates you upload for private regions, are stored on the Orchestrator side.
The templates should be saved in json format, and the syntax is quite close to that for AWS Launch
templates. In the current implementation, the following parameters can be specified in a launch template
for OpenStack regions:
• Image
• Instance shape
• Attached volumes
• Instance and volumes tags
• SSH Key
Below, you can find an example of how this can be done:
{ "blockDeviceMappings" : [ { --specifying additional
storage volumes
"diskInfo" : {
"volumeSize" : 20}
},{
"diskInfo" : {
"volumeSize" : 30}
}
],
"imageId" : "Ubuntu16.04_64-bit", --specifying image name
"instanceType" : "small.ssd.40", --specifying shape
"keyName" : "test_automation_key", --specifying key
"tagSpecifications" : [ { --setting tags
"resourceType" : "instance", --tags for instance
"tags" : [ {
"key" : "test",
"value" : "test" } ]
}, {
"resourceType" : "volume", --tags for volumes
"tags" : [ {
"key" : "test",
"value" : "test" } ]
} ]
}
EPAM Cloud Orchestrator - Maestro CLI User Guide
2.18 DESCRIBE WORKSPACES
Invoke: or2-describe-workspaces (or2dw)
Describes a workspace in a project.
CLI Parameters
Parameter name Description Required
-h, --help Display command help No
-p, --project Project ID Yes
-i , --workspace_id Workspace ID. For several workspaces repeat the parameter: -i workspaceId1 -i workspaceId2 -i workspaceIdN
No
--full Show full command output instead of default basic one No
--json Show command output in json format No
-p, --plain-output Use plain output view No
Command example:
or2-describe-workspaces -p project
3 SCHEDULING INSTANCE ACTIVITIES
EPAM Orchestrator allows scheduling instances manipulation so that their state is automatically
changed when neded, allowing to optimize the infrastructure load and costs.
The schedules are set up with cron expressions that are to be specified in the or2-create-schedule CLI
command according to the specific rules.
Maestro CLI allows you to create a schedule, retrieve its info and delete. All these action are performed
with different CLI commands described below in this section.
When working with cron and setting time values, GMT+0 time is used.
Schedules cannot be used for hardware MacMini instacnes and resources in Enterprise and Hardware
regions.
3.1 CREATE SCHEDULE
Invoke: or2-create-schedule (or2addsch)
Creates a new schedule to start or stop existing instances using cron expressions.
CLI Parameters
Parameter name Description Required
-a, --action An action to be performed by the schedule. ID of the
checkpoint to be deleted. Valid values: start, stop. Yes
--all Set schedule for all instances in a region. Default: false No
-c, --cronExpression Time point as cron expression Yes
-d, --description Schedule description No
--full Show full command output instead of default basic one No
-i, --instance ID of an instance affected by the schedule No
-n, --name Schedule name Yes
EPAM Cloud Orchestrator - Maestro CLI User Guide
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t, --tag Set schedule for instances with tag. Tag format:
'prefix:key=value'. Default prefix is 'user', default key is 'tag' No
--help Display command help No
Response Elements
Name Description
name Schedule name
project UPSA abbreviation of the project the schedule is assigned to
region Virtualization region the schedule is active for
cron Time point as cron expression
action Action performed by the schedule
Command Example
The example below schedules the specified instance to start on January 1, 2014 at 0:00 am:
or2addsch -a start -c “0 0 0 1 1 ? 2014” -i instance_id -n sample_schedule
-p project -r region
Response Example
Figure 29 - or2addsch Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
3.2 DESCRIBE SCHEDULES
Invoke: or2-describe-schedules (or2dsch)
Describes previously created and available schedules.
In order to see the list of instances affected by a schedule, provide the --full parameter
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-n, --name Schedule name. For several schedules, repeat the parameter:
-n sch1 -n sch2 -n schN No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Schedule name
project UPSA abbreviation of the project the schedule is assigned to
region Virtualization region the schedule is active for
cron Time point as cron expression
action Action performed by the schedule
creationTime Date and time of schedule creation
lastExecuteTIme Date and time of last schedule execution
owner Instance owner
type Schedule type (INSTANCE, REGION or TAG)
Command Example
This example describes available schedules for the specified project.
or2dsch -p project -r region
Response Example
Figure 30 - or2dsch Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
3.3 ADD INSTANCE TO SCHEDULE
Invoke: or2-schedule-add-instances (or2schaddi)
Adds an instance to the existing schedule.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-i, --instance Instance ID. For several instances, repeat the parameter Yes
-n, --name Schedule name Yes
--help Display command help No
Instances cannot be added to schedules created for the entire region (with the --all option) or for
instances with tags (with the -t/--tag) option.
Command Example
This command example adds the specified instance to the schedule.
or2schaddi -p project -r region -i instance_id -n schedule_name
Response Example
Figure 31 - or2schaddi Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
3.4 REMOVE INSTANCE FROM SCHEDULE
Invoke: or2-schedule-remove-instances (or2schremi)
Removes an instance from the existing schedule
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-i, --instance Instance ID. For several instances, repeat the parameter Yes
-n, --name Schedule name Yes
--help Display command help No
Instances cannot be removed from schedules created for the entire region (with the --all option) or for
instances with tags (with the -t/--tag) option.
Command Example
This command example removes the specified instance from the schedule.
or2schremi -p project -r region -i instance_id -n schedule_name
Response Example
Figure 32 - or2schremi Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
3.5 DELETE SCHEDULE
Invoke: or2-delete-schedule (or2delsch)
Deletes a previously created schedule.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-n, --name Name of the schedule to be deleted Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Schedule name
status Current status of the schedule
Command Example
This command example deletes the specified schedule.
or2delsch -n sample_schedule -p project -r region
Response Example
Figure 33 - or2delsch Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
3.6 CRON REFERENCE
EPAM Cloud Orchestrator uses generic cron rules to specify time points for operation scheduling.
Below is an extract of cron rules, taken from the quartz-scheduler.org. For additional information, please
see the source page.
Cron expressions are comprised of 6 required fields and one optional field separated by white space.
The fields respectively are described as follows:
Field Name Allowed Values Allowed Special Characters
Seconds 0-59 , - * /
Minutes 0-59 , - * /
Hours 0-23 , - * /
Day-of-month 1-31 , - * ? / L W
Month 1-12 or JAN-DEC , - * /
Day-of-Week 1-7 or SUN-SAT , - * ? / L #
Year (Optional) empty, 1970-2199 , - * /
The '*' character is used to specify all values. For example, "*" in the minute field means "every minute".
The '?' character is allowed for the day-of-month and day-of-week fields. It is used to specify 'no specific
value'. This is useful when you need to specify something in one of the two fields, but not the other.
The '-' character is used to specify ranges. For example, "10-12" in the hour field means "the hours
10, 11 and 12".
The ',' character is used to specify additional values. For example, "MON,WED,FRI" in the day-of-week
field means "the days Monday, Wednesday, and Friday".
The '/' character is used to specify increments. For example, "0/15" in the seconds field means "the
seconds 0, 15, 30, and 45". And "5/15" in the seconds field means "the seconds 5, 20, 35, and 50".
Specifying '*' before the '/' is equivalent to specifying 0 is the value to start with. Essentially, for each
field in the expression, there is a set of numbers that can be turned on or off. For seconds and minutes,
the numbers range from 0 to 59. For hours 0 to 23, for days of the month 0 to 31, and for months 1 to
12. The "/" character simply helps you turn on every "nth" value in the given set. Thus "7/6" in the month
field only turns on month "7", it does NOT mean every 6th month, please note that subtlety.
The 'L' character is allowed for the day-of-month and day-of-week fields. This character is short-hand
for "last", but it has different meaning in each of the two fields. For example, the value "L" in the day-
of-month field means "the last day of the month" - day 31 for January, day 28 for February on non-
leap years. If used in the day-of-week field by itself, it simply means "7" or "SAT". But if used in
the day-of-week field after another value, it means "the last xxx day of the month" - for
example "6L" means "the last Friday of the month". You can also specify an offset from the last day
of the month, such as "L-3" which would mean the third-to-last day of the calendar month. When
using the 'L' option, it is important not to specify lists, or ranges of values, as you'll get
confusing/unexpected results.
The 'W' character is allowed for the day-of-month field. This character is used to specify
the weekday (Monday-Friday) nearest the given day. As an example, if you were to specify "15W" as
the value for the day-of-month field, the meaning is: "the nearest weekday to the 15th of the month".
So if the 15th is a Saturday, the trigger will fire on Friday the 14th. If the 15th is a Sunday, the trigger
EPAM Cloud Orchestrator - Maestro CLI User Guide
will fire on Monday the 16th. If the 15th is a Tuesday, then it will fire on Tuesday the 15th. However, if
you specify "1W" as the value for day-of-month, and the 1st is a Saturday, the trigger will fire on Monday
the 3rd, as it will not 'jump' over the boundary of a month's days. The 'W' character can only be specified
when the day-of-month is a single day, not a range or list of days.
The 'L' and 'W' characters can also be combined for the day-of-month expression to yield 'LW', which
translates to "last weekday of the month".
The '#' character is allowed for the day-of-week field. This character is used to specify "the nth" XXX
day of the month. For example, the value of "6#3" in the day-of-week field means the third Friday of
the month (day 6 = Friday and "#3" = the 3rd one in the month). Other examples: "2#1" = the first
Monday of the month and "4#5" = the fifth Wednesday of the month. Note that if you specify "#5"
and there is not 5 of the given day-of-week in the month, then no firing will occur that month. If the '#'
character is used, there can only be one expression in the day-of-week field ("3#1,6#3" is not valid,
since there are two expressions).
The legal characters and the names of months and days of the week are not case sensitive.
NOTES:
Support for specifying both a day-of-week and a day-of-month value is not complete (you'll need to use
the '?' character in one of these fields).
Overflowing ranges is supported - that is, having a larger number on the left hand side than the right.
You might do 22-2 to catch 10 o'clock at night until 2 o'clock in the morning, or you might have NOV-
FEB. It is very important to note that overuse of overflowing ranges creates ranges that don't make
sense and no effort has been made to determine which interpretation CronExpression chooses. An
example would be "0 0 14-6? * FRI-MON".
EPAM Cloud Orchestrator - Maestro CLI User Guide
4 INSTANCE PROPERTIES
The commands in this section are used to create and manipulate user-defined metadata, known as
properties.
4.1 SET INSTANCE PROPERTIES
Invoke: or2-set-instance-properties (or2setp)
Assigns user-defined metadata to instances.
If you would like to use default auto-configuration provided by Orchestrator for instances in AWS-type
regions, launched from Amazon EC2 console, please assign the following property to each of them:
op_orch_ip=https://config.orchestration.epam.com/orchestration
CLI Parameters
Parameter name Description Required
-a, --append Append the specified properties in case target instance already
has corresponding keys. Default: false No
-c, --chefattribute
Chef attribute property alias. Use “=” as a delimiter for
name=value format. For several chef attributes repeat the
parameter
No
-h, --chefrole
Chef role property alias. For several chef roles
repeat the parameter: --chefrole value1 --chefrole value2
--chefrole valueN.
No
-d, --description
Description property alias. Multiple values are not supported.
Can be used to assign custom instance descriptions to be
viewed using the "or2din" command (See Describe Instances)
No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1
-i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-t, --property
Property name=value pair. Use "=" as delimiter. For several
properties repeat the parameter: --property name1=value1 --
property name2=value2 --property nameN=valueN*
No
-r, --region Virtualization region Yes
-s, --secure Marks the property as secure, so that its value will be hidden
when properties are described No
-v, --volume Volume ID. For several volumes repeat the parameter:
-v Vol1 -v Vol2 -v VolN No
--help Display command help No
When running the command, you should specify either the --property or --chefattribute and --chefrole
combination.
EPAM Cloud Orchestrator - Maestro CLI User Guide
Response Elements
Name Description
status Property status
name Property name
value Property value
resource ID of the resource for which the property is set
resourceType Type of the resource for which the property is set
1. The following symbols are NOT accepted when used in key or value for this command: < > ( ) + &
^ * \ | "
2. If you use this command for a Windows instance, please, encase the ‘-t’ parameter in quotes i.e.
"key=value"
Command Example
This example sets several properties to an instance.
or2setp -p project -r region -i instance_id -t property1=1 -t property2=2
Response Example
The command returns a list of newly set instance properties.
Figure 34 - or2setp Response Example
Alias Usage
A command with chef alias can look as follows:
or2setp -i EVBYMINSD121CT3 -h java -c "version=1.7"
EPAM Cloud Orchestrator - Maestro CLI User Guide
4.2 DESCRIBE INSTANCE PROPERTIES
Invoke: or2-describe-instance-properties (or2getp)
Retrieves user-defined metadata from instances.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1
-i ID2 -i IDN. Yes
-n, --name
Property name. For several properties repeat the parameter: -
n property-name1 -n property-name2 -n property-nameN. If not
specified, returns a list of all properties assigned.
Default: []
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Volume ID. For several volumes repeat the parameter:
-v Vol1 -v Vol2 -v VolN No
--help Display command help No
Response Elements
Name Description
name Property name
value Property value
resource ID of the resource for which the property is set
resourceType Type of the resource for which the property is set
Command Example
This example requests the properties of the specified instance:
or2getp -p project -r region -i instance_id
Response Example
The command returns a list of properties assigned to an instance:
Figure 35 - or2getp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
4.3 DELETE INSTANCE PROPERTIES
Invoke: or2-delete-instance-properties (or2delp)
Use this command to delete user-defined metadata from instances.
CLI Parameters
Parameter name Description Required
-a, --all Specify this parameter to delete all properties assigned to a
specified instance. Default: false. No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1
-i ID2 -i IDN. Yes
-n, --name
Property name. For several properties repeat the parameter: -
n property-name1 -n property-name2 -n property-nameN
Default: []
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Volume ID. For several volumes, repeat the parameter: -v
volume ID1 -v volumeID2 -v volume IDN No
--help Display command help No
Command Example
This example deletes specific properties, assigned to an instance:
or2delp -p project -r region -i instance_id -n property_1 -n property_2 -n
property_3 -n property_4
Response Example
Figure 36 - or2delp Response Examples
EPAM Cloud Orchestrator - Maestro CLI User Guide
5 CREATING IMAGES
EPAM Orchestrator allows to create images from the existing instances. This allows to save the
existing settings and data and to create the necessary number of copies.
5.1 CREATE AN IMAGE
Invoke: or2-create-image (or2cim)
Use this command to create an image based on the instance and its storages. The image can be used
later to run new identical instances.
1. The created image will only be available for a single project (the one you use to create it).
2. Make sure to stop the instance and perform all preliminary requirements for image creation
before creating its image. (See 5.3. Preparing Instances for Image Creation).
3. Image name length should be in range 3-63 and can only contain digits ('0-9'), letters ('a-z', 'A-
Z'), dashes ('-'), underscores ('_'), round parentheses (‘()’), square parentheses (‘[]’) and the at sign
(‘@’).
4. Image description should be in range 5-100 inclusive. A semicolon is not allowed.
5. In OpenStack regions, an image can be created only from instances that do not have additional
volumes.
6. In Google regions, you can use for image name lowercase letters ('a-z'), digits ('0-9') if not on the
first place and hyphens if not on first or last place.
7. All instances launched using the custom images will not be included in epam.com domain and
will be assigned a standard DNS name. You will only be able to login to these instances using their
IP addresses. To have your VM included in the epam.com domain, make a request to the
support.epam.com in the category EPAM Cloud -> Unspecified Request.
CLI Parameters
Parameter name Description Required
-d, --description Image description Yes
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-n, --name Image name Yes*
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
* While still required for AWS-type regions, this parameter will be shown in EC2 Management Console as ‘Source’, while the ‘Name’ field will remain empty.
Response Elements
Name Description
id Image id
description Image description
group Image availability scope
state Current state of the image
EPAM Cloud Orchestrator - Maestro CLI User Guide
Command Example
or2cim -r region -p project -i instance_id -n image_name –d description
Response Example
Figure 37 - or2cim Response Example
When the image is ready, it will be available in the list of machine images returned by the ‘or2dim’
command. The detailed description of the ‘or2dim’ command can be found in the respective section of
the Guide.
EPAM Cloud Orchestrator - Maestro CLI User Guide
5.2 DELETE IMAGE
Invoke: or2-delete-image (or2delim)
Use this command to delete custom machine images.
In AWS-type regions this command is only available for ‘Project’ images.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --image ID of the image to be deleted. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Provide this parameter for automatic command confirmation No
--help Display command help No
Response Elements
Name Description
id Image id
description Image description
group Image availability scope
state Current state of the image
Command Example
or2delim -i image_id -p project -r region -y
Response Example
Figure 38 - or2delim Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
5.3 PREPARING INSTANCES FOR IMAGE CREATION
The instruction below is actual for the instances in private regions and is not applicable for work in AWS
and Google Cloud regions.
Please see the information about virtual machines preparation in Microsoft Azure regions in the
respective sections describing workflows for Windows and Linux instances.
You can also import a custom image to your project from outside EPAM Cloud. For more instructions,
please see Importing External Custom Images to EPAM Cloud in this guide.
Virtual machines created from custom images by default are not added to the EPAM domain. Thus,
login to such a virtual machine is performed not via the domain credentials, but with the username and
password created during custom image preparation.
5.3.1 Windows OS Family
Remove static IP settings (if applicable), configure DHCP respectively.
Figure 39 - TCP/IP Configuration (Windows)
Create a user account and assign administrator privileges to it:
1. Click Start -> Control Panel
2. Click User Accounts
3. In a window that opens click Manage User Accounts
4. Move to the Advanced tab in the User Accounts window and click Advanced
5. Choose the Users group in the left part of the window that opens, then right-click on the right
part of the window and choose New user
EPAM Cloud Orchestrator - Maestro CLI User Guide
6. Provide the data requested in the New user window and click Create to complete creation
Figure 40 - Creating Local Windows User
7. Return to the User Accounts window and click Manage User Accounts
8. Select the newly created username in the User Accounts window and click Properties
EPAM Cloud Orchestrator - Maestro CLI User Guide
9. Move to the Group Membership tab within the Properties window, choose the Administrator
option and click Apply.
Figure 41 - Assigning Administrator Privileges to a Windows User
Make sure you remember these credentials. You will only be able to login to all instances, launched on
the created template using them.
EPAM Cloud Orchestrator - Maestro CLI User Guide
10. Open Control Panel -> System and Security -> System. Click Change Settings.
11. In the System Properties window, click Change for the To rename the computer or change
its domain or workgroup option.
12. Exclude guest OS from domain:
Figure 42 - Excluding Guest OS from Domain (Windows)
13. Rename guest OS by replacing digits at the end of its name with xxxx characters:
Figure 43 - Renaming Guest OS (Windows)
At this point, the system may prompt for reboot. Do not reboot the VM, continue with Step 15 instead.
14. Run the following command in Windows console
ipconfig /release && shutdown -s -t 0
5.3.1.1 Preparing VMs in Microsoft Azure Regions
For virtual machines running in Microsoft Azure regions, use the Windows console to change the
directory to %windir%\system32\sysprep, then run sysprep.exe.
Make the following settings in the System Preparation Tool dialog window:
1. In the System Cleanup Action field, select the Enter System Out-of-Box Experience
(OOBE) option and check the Generalize checkbox.
2. In the Shutdown Options field, select Shutdown.
EPAM Cloud Orchestrator - Maestro CLI User Guide
Figure 44 - Rebooting a VM in Azure region
This procedure reboots and stops the VM. After the command execution, the VM is ready for image
creation.
5.3.2 Linux OS Family
1. Remove static IP and any hardware-related settings (e.g. MAC address), if applicable. Set up
DHCP by editing configuration file.
For example:
RHEL-family - /etc/sysconfig/network-scripts/ifcfg-eth0
Debian-family - /etc/network/interfaces
2. Create a local user account:
RHEL-family:
# useradd username
# passwd username
Debian-family:
# adduser username
Adding user `username' ...
Adding new group `groupname' (1003) ...
Adding new user `username' (1004) with group `groupname' ...
Creating home directory `/home/username' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for username
EPAM Cloud Orchestrator - Maestro CLI User Guide
Enter the new value, or press ENTER for the default
Full Name []: <Full Name>
Room Number []: <room number>
Work Phone []: <Phone>
Home Phone []: <Phone>
Other []: <Other>
Is the information correct? [Y/n] Y
Add the administrator rights to the user by editing the /etc/sudoers file as follows:
username ALL=(ALL:ALL) ALL
3. Remove UDEV settings for network devices, if applicable, by deleting all strings from /etc/udev/rules.d/70-persistent-net.rules
4. Rename guest OS by replacing digits at the end of its name with xxxx characters.
For example:
RHEL-family - /etc/sysconfig/network
Debian-family - /etc/hostname
Please be aware that the path for CentOS7 is similar to the path for Debian.
5. Stop sssd daemon and clear cache:
systemctl stop sssd; (for Centos service sssd stop)
rm -rf /var/lib/sss/db/*
# remove file /etc/krb5.keytab
rm -f /etc/krb5.keytab
# remove file /etc/samba/smb.conf
rm -f /etc/samba/smb.conf
6. Modify guest OS name in DHCP client settings by replacing digits at the end of its name with
xxxx characters.
For example:
/etc/dhclient-eth0.conf.
7. Remove the following lines from the /etc/ssh/sshd_config file:
Match User maintenance
PasswordAuthentication no
sed -i -e "/^Match User maintenance/,+1d" /etc/ssh/sshd_config
For Fedora CoreOS and Ubuntu 20, enable password authentication in the
/etc/ssh/sshd_config file by changing PasswordAuthentication no to
PasswordAuthentication yes.
EPAM Cloud Orchestrator - Maestro CLI User Guide
5.3.2.1 Preparing VMs in Microsoft Azure Regions
For virtual machines running in Microsoft Azure regions, perform the following steps:
1. Connect to your VM via SSH.
2. Type the following command in the SSH window:
sudo waagent -deprovision+user
The command output may vary depending on the utility version.
This command is used to clean the system and prepare it for image creation. The following
actions are performed:
- SSH host keys are removed
- nameserver configuration in /etc/resolvconf is cleared
- the root user’s password is removed from /etc/shadow
- cached DHCP client leases are removed
- the host name is reset to localhost.localdomain
- the last provisioned user account (obtained from /var/lib/waagent) and the associated
data is deleted
3. Type y to continue. To avoid this step, add the -force parameter to the command.
4. Type exit. This closes the SSH client.
EPAM Cloud Orchestrator - Maestro CLI User Guide
6 SECURITY AND CONNECTION
This Section lists a set of commands used to connect to your VMs and to provide their security.
Please note that the commands related to Static IPs manipulation have different effect for AWS and
EPAM-based infrastructure. In AWS, they deal with public IPs, and the manipulations do not need the
VM to have any specific state. In EPAM Cloud, these commands deal with private IPs, and you will have
to stop your VM before initiating any IP changes.
6.1 CREATE KEY PAIR
Invoke: or2-create-keypair (or2addkey)
With this command you can create a key pair used to access instances without the need to provide login
credentials. Key pairs consist of a public key (stored in Orchestrator) and a private key, stored locally in
‘..\maestro-cli\out\{YOUR_PROJECT_NAME}\’ folder.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-k, --key-name Name of the key to be created Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --size Key size, a positive integer specified in bits.
Default: 4096 No
--help Display command help No
2048 bits is the minimum available key size. If you specify a key size of 2048 bits or less, a 2048-bit key
will be created
Response Elements
Name Description
name Key pair name
owner Key pair owner
project Project the key pair belongs to
EPAM Cloud Orchestrator - Maestro CLI User Guide
Command Example
or2addkey -p project -r region -k key_name
Response Example
Figure 45 - or2addkey Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.2 IMPORT KEY PAIR
Invoke: or2-import-keypair (or2ikey)
Imports the existing key to a specified region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-k, --key-name
Key pair name (to describe a specific key pair). For
several key names repeat the parameter: -k keyname1
-k keyname2 -k keynameN
Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-f, --public-key-file Full path to the local public key No
-s, --source-region The region to which the key already exists No
-d, --destination-region The region to which the key should be imported Yes
--help Display command help No
Response Elements
Name Description
name Key pair name
owner Key pair owner
project Project the key pair belongs to
If the key was created in EPAM Cloud, its public part is stored in Orchestration database, and all you
have to do is specify the region in which the key is already stored and the region where it should be
imported to:
or2ikey -p project -k key_name -s source_region
-d destination_region
If the key is created in AWS and you need to import it to a new AWS region, you will also have to specify
the path to the Public key. For the detailed guidelines on retrieving public AWS keys use the following
links:
o Linux o Windows
A key created with AWS tools will be referenced in EPAM Cloud with the same name that was assigned
to it during the creation.
You can import a key from one Cloud platform to another when needed.
The keys created before November 7, 2015 are incompatible with Azure.
It is impossible to import keys existing keys to Azure regions due to keys processing specifics: the
operation need providing the private key explicitly.
EPAM Cloud Orchestrator - Maestro CLI User Guide
Command Example
This example imports a key from one region to another one.
or2ikey -p project -d destination_region -k key_name -f
path\to\public\key\file.pub
Response Example
Figure 46 - or2ikey Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.3 DESCRIBE KEY PAIRS
Invoke: or2-describe-keypairs (or2dkey)
Describes Orchestrator (not AWS) key pairs available for provided project and region
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-k, --key-name Key name (to describe a specific key pair). For several key names
repeat the parameter: -k keyname1 -k keyname2 -k keynameN No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Key pair name
owner Key pair owner
project Project the key pair belongs to
Command Example
This example describes the keypairs available for the specified project.
or2dkey -p project -r region
Response Example
Figure 47 - or2dkey Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.4 DELETE KEY PAIR
Invoke: or2-delete-keypair (or2delkey)
Deletes a specified key pair.
1. Once you delete a key pair, you will not be able to use it to launch new instances. You will still be
able to access launched instances using your private key.
2. The command only deletes public keys, stored in Orchestrator. If you like to delete private keys as
well, please do it manually. Private keys are stored in ‘..\maestro-
cli\out\{YOUR_PROJECT_NAME}\’ folder on your local machine.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-k, --key-name Name of the key pair to be deleted Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Name of the deleted key pair
owner Owner of the deleted key pair
project Name of the project, the key pair has been assigned to
deleted States whether the key pair has been deleted
Command Example
or2delkey -p project -r region -k key_name
Response Example
Figure 48 - or2delkey Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.5 CONSOLE
Invoke: or2-console (or2console)
This command allows activating instance console and getting access credentials for it. To activate the
console for a VM, just run this command and provide all the necessary parameters.
CLI Parameters
Parameter name Description Required
-a, --activate Activates access console for the instance No
-e, --expiration Expiration time in hours. Default -1. Max - 9 No
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
or2console -i instance_id -p project -r region
The system responds with the following confirmation: ‘Email with credentials was sent to you’.
Response Example
Figure 49 - or2console Response Example
A message containing the console credentials and the link to the console host is sent to the instance
owner’s email.
EPAM Cloud Orchestrator - Maestro CLI User Guide
Figure 50 - Console credentials
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.6 ACCESSING AWS MANAGEMENT CONSOLE
Invoke: or2-aws-management-console (or2awsmc)
The command returns a link by which you can login to AWS Management Console and get access to
AWS services (all but the IAM service).
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
--help Display command help No
Before you can run this command, please, ask your Project Coordinator to grant you respective
permissions in Manage Cloud wizard (available on Cloud Dashboard for project coordinators only).
Command Example
or2awsmc -p project
Response Example
Figure 51 - or2awsmc Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.7 IAM USER MANAGEMENT
Invoke: or2-iam-users (or2iam)
The command allows to describe, delete and set owner for IAM users.
CLI Parameters
Parameter name Description Required
-a, --action Action to be performed [describe, delete, setOwner].
Default: describe No
-e, --email EPAM email of the IAM user’s owner for the ‘-a
setOwner’ action No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
--reason IAM user deletion reason for the ‘a delete’ action No
-t, --type IAM user type. Allowed values : [aws, google] No
-u, --user-name IAM user name No
Before you can run this command, please, ask your Project Coordinator to grant you respective
permissions in Manage Cloud wizard (available on Cloud Dashboard for project coordinators only).
Response Elements
Name Description
userName IAM user name
type IAM user type
creationDate IAM user creation date
groupNames IAM user group names
mfaDevicesSerialNumbers Serial numbers of MFA devices
passwordLastUsed Date on which the password was last used
ownerEmail IAM user’s owner email
projectCode Project abbreviation in UPSA
Command Example
or2iam -p project
Response Example
Figure 52 – or2iam Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.8 ACCESSING AZURE MANAGEMENT CONSOLE
Invoke: or2-azure-management-console (or2azmc)
The command allows you to login to your project console on Azure Portal and sends you a notification
with login instructions.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
--help Display command help No
Before running this command, please make sure that the project is activated in Azure.
Command Example
or2azmc -p project
Response Example
Figure 53 - or2azmc Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.9 ACCESSING GOOGLE MANAGEMENT CONSOLE
Invoke: or2-google-management-console (or2goomc)
The command returns a link by which you can login to Google Management Console and get access to
Google Cloud Platform services.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--help Display command help No
Access to the console is provided for all projects activated in Google Cloud to which you are assigned.
When you access the Google Cloud Platform dashboard, you can select the project under which you
will be working.
Before you can run this command, please, ask your Project Coordinator to grant you respective
permissions in Manage Cloud wizard (available on Cloud Dashboard for project coordinators only).
Command Example
or2goomc
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.10 DECRYPTING INSTANCE PASSWORD
Invoke: or2-decrypt-password (or2dp)
Decrypts the password obtained in or2console mail message (for AWS and Google Cloud Platform).
CLI Parameters
Parameter name Description Required
--full Show full command output Default: false No
--help Display command help Default: false No
-e, --encrypted-password Full path to the file containing password to be
decrypted
Yes
-P, --plain-output Use plain output view Default: false No
--json Show command output in json format No
-p, --private-key-file Path to the file containing private key Yes
-y Provide this parameter for automatic command
confirmation
No
Response Elements
Name Description
decrypted The decrypted password
Command Example
This example shows decrypting an encrypted password.
or2dp -p private-key-file-path -e encrypted-password-file-path
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.11 ALLOCATING A STATIC IP FOR A PROJECT
Invoke: or2-allocate-static-ip (or2alsip)
Allocates a static IP for the specified project in the given region.
CLI Parameters
Parameter name Description Required
-d, --domain Show Elastic IP addresses for use with instances in EC2-
Classic or instances in a VPC. Applicable only for AWS
regions. Available domain types: [STANDARD, VPC].
Default: VPC
No
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Response Elements
Name Description
ipAddress The allocated IP address
isPublic The address Public status
domainType The domain type
Command Example
This example shows allocating a static IP to a project.
or2alsip -p project -r region
Response Example
Figure 54 - or2alsip Command Example
The ‘or2alsip’ command is not available in OpenStack regions.
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.12 ASSIGN A STATIC IP TO A VM
Invoke: or2-associate-static-ip (or2assip)
Assigns the specified static IP to the given VM.
Please note:
• Assigning a static IP can take some time. Meanwhile, the VM will be unavailable for Maestro
CLI commands.
• If a VM is hosted in an EPAM region, its DNS will not change when a static IP is assigned.
• After associating a static IP, no additional configuration of your VM is required.
CLI Parameters
Parameter name Description Required
--any-ip-address Use any free IP address from among the allocated ones. If no
such address is found, try to allocate another address and
associate the VM with it
No
-a, --ip-address The IP to be assigned to the VM Yes
--full Show full command output. Default: false No
-i, --instance Target Instance ID or Name Yes
--help Display command help. Default: false No
-P, --plain-output Use plain output view. Default: false No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Response Elements
Name Description
ipAddress The allocated IP address
isPublic The address Public status
domainType The domain type
instanceID The ID of the instance to which the IP is assigned
ipState State of the IP address
Command Example
This example shows assigning a static IP to a VM.
or2assip -p project -r region -i instance_id -a ip_address
Response Example
Figure 55 - or2assip Command Example
The ‘or2assip’ command is not available in OpenStack regions.
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.13 DESCRIBE STATIC IPS
Invoke: or2-describe-static-ips (or2dsip)
Returns the list of static IPs available for the project in the given region.
CLI Parameters
Parameter name Description Required
-a, --ip-address IP-address. For several addresses, repeat the parameter
several times. No
-d, -- domain Show Elastic IP-addresses for use with instances in EC2-
Classic or instances in a VPC. Available domain types:
[STANDARD, VPC].
No
--full Show full command output Default: false No
-i, --instance Target Instance ID or Name. To get info about several
instances, repeat the parameter.
No
--help Display command help No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Response Elements
Name Description
ipAddress The allocated IP address
isPublic The address Public status
domainType The domain type
instanceID The ID of the instance to which the IP is assigned
ipState State of the IP address
instanceName The name of the instance to which the IP is assigned
Command Example
This example returns the full list of the IPs allocated to the project
or2dsip -p project -r region
Response Example
Figure 56 - or2dsip Command Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.14 DISASSOCIATE A STATIC IP FROM A VM
Invoke: or2-disassociate-static-ip (or2dissip)
Disassociates the specified static IP from a VM.
Please note: when the operation is performed on a running VM in EPAM-UA1, EPAM-HU1, EPAM-HU2,
EPAM-RU2 regions, the VM is automatically shut down and is set to the STOPPED state.
CLI Parameters
Parameter name Description Required
-a, --ip-address The IP to be disassociated Yes
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Response Elements
Name Description
ipAddress The allocated IP address
isPublic The address Public status
domainType The domain type
instanceID The ID of the instance to which the IP is assigned (should be empty)
Command Example
This example shows disassociating a static IP from its VM.
or2dissip -p project -r region –a ip_address
Response Example
Figure 57 - or2dissip Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.15 RELEASE A STATIC IP
Invoke: or2-release-static-ip (or2relsip)
Removes the specific static IP from the project pool.
CLI Parameters
Parameter name Description Required
-a, --ip-address The IP to be released Yes
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Command Example
This example shows removing a static IP from the project pool.
or2relsip -p project -r region -a ip_address
Response Example
Figure 58 - or2relsip Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
6.16 REGISTER AN EXISTING INSTANCE ON LUMINATE
Invoke: or2-register-on-luminate (or2lum)
Registers an existing instance on Luminate.
CLI Parameters
Parameter name Description Required
--full Show full command output No
--help Display command help No
-i, --instance Instance ID or Instance Name. Yes
--json Show command output in json format No
-P, --plain-output Use plain output view No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Command Example
This example shows registering an existing instance on Luminate.
or2lum -p project -r region -i instance
Response Example
Figure 59 - or2lum Command Response
6.17 DESCRIBE PUBLIC PERMISSIONS
Invoke: or2-describe-public-permissions (or2dpp)
Describes user`s permission policy in Public Cloud.
CLI Parameters
Parameter name Description Required
-e,--email User’s email address. Yes
--full Show full command output instead of default basic
one No
--help Display command help No
--json Show command output in json format No
-P, --plain-output Use plain output instead of default table output No
-p, --project Project ID No
Command Example
This example shows the full set of permissions assigned to a specified user in a Public Cloud.
or2-describe-user-permission -p <project> -e <email>
EPAM Cloud Orchestrator - Maestro CLI User Guide
Response Example
Figure 60 - or2dpp Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
7 WORKING WITH VOLUMES
Each virtual machine created in EPAM Cloud has a default (system) storage volume or flavor (size of
the system disk) which you choose.
Based on the technical characteristics, the following recommendations on storage type selection can be
summed up:
• Using system disk is recommended when:
o The instance hosts a database or an application that needs high read/write speed
o You estimate that the whole storage volume assigned to the instance will be used
throughout its lifecycle
• Using attached volumes is recommended when:
o You need to store cold data and high read/write speed is not critical for your application.
o Using additional storage is a temporary measure and you plan to decrease storage
usage in future
The system disk is located on the same host as the instance, and shows higher read/write performance,
while attached volumes are treated as network ones, and some latency is typical for them.
The table below provides the details on technical difference between the two storage types:
Parameters Comparison
Parameter name System disk Volume
Has higher read/write speed Yes No
Can be easily extended Yes No
Needs additional steps for mounting No Yes
Can be removed or reattached to
another instance when needed No Yes
The described two options of storage management in OpenStack allow you to select the solution that
would be the best balance between the performance and cost effectiveness.
The described approach cannot be applied to instances in EPAM-MAC region.
Please, note, that the size of the used volume influences the infrastructure price. Active (on started
instances) and Passive (on stopped instances) volumes are billed in different ways. For more details on
EPAM Cloud billing policy, please, see the Account Management Guide.
7.1 CREATE AND ATTACH VOLUME
Invoke: or2-create-attach-volume (or2addattvol)
Creates and attaches a storage volume to the specified instance.
• Each project in EPAM Cloud has a storage volume quota. To update it leave a request at support.epam.com.
• You can create and attach volumes to your permitted instances, in accordance with your project abbreviation in UPSA.
EPAM Cloud Orchestrator - Maestro CLI User Guide
CLI Parameters
Parameter name Description Required
-d, --device System device to attach the volume Yes/No*
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --size Storage volume size in GB Yes
--irg,
--instanceResourceGroup
Indicates the necessary resource group for work with
Azure No
--help Display command help No
*-The device parameter is required for the AWS-type regions. For more details, please see this section.
Response Elements
Name Description
id Storage volume ID
system States whether the volume is a system one
size_MB Storage volume size in MB
instanceID Instance ID
state Current state of the volume
used States whether a storage volume is used at the time
usedSpace_MB Space used out of the attached volume
Command Example
This example creates and attaches new storage volume (1GB) to the specified instance hosted in an
AWS region.
or2addattvol -p project -r AWS-region -s 1 -i instance_id -d /dev/sdd
Response Example
Figure 61 - or2addattvol Response Example
When the created volume changes to the ‘ready’ status, you can use it for your project needs.
EPAM Cloud Orchestrator - Maestro CLI User Guide
7.2 ATTACH VOLUME
Invoke: or2-attach-volume (or2attvol)
Attaches specified storage volume to the specified instance. Available for AWS, Azure and
OpenStack regions. The specified storage volume and instance must belong to the same availability
zone, (e. g. us-east-1a).
CLI Parameters
Parameter name Description Required
-d, --device System device to attach the volume. Yes/No*
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--irg,
--instanceResourceGroup
Indicates the necessary resource group for work with
Azure No
-v, --volume Storage volume ID Yes
-vrg,
--volumeResourceGroup Volume Resource Group No
--help Display command help No
*-The device parameter is required for the AWS-type regions. For more details, please see this section.
Response Elements
Name Description
id Storage volume ID
system States whether the volume is a system volume
size_MB Volume size in MB
instanceID Instance ID
usedSpace_MB Amount of volume space used
state Current state of the volume
used States whether a storage volume is used at the time
Command Example
This example attaches the specified volume to the specified instance.
or2attvol -d /dev/hdc -i instance_id -v volume_id -p project -r region
Response Example
Figure 62 - or2attvol Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
7.3 DETACH VOLUME
Invoke: or2-detach-volume (or2detvol)
Detaches a storage volume from the specified instance. Available for AWS, Azure and OpenStack
regions. You can only detach volumes from permitted instances, in accordance with your project
abbreviation in UPSA.
1. You can currently detach only one volume at a time.
2. Detaching volumes can currently only be performed for stopped instance. Please, use ‘or2stop’
before launching this command.
3. This command is not available for personal projects
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Storage volume ID Yes
-vrg,
--volumeResourceGroup Volume Resource Group No
--help Display command help No
Response Elements
Name Description
id Storage volume ID
system States whether the volume is a system volume (only non-system volumes can
be detached)
size_MB Volume size in MB
instanceID ID of the VM from which the volume is detached
state Current state of the volume
used States whether a storage volume is used at the time
usedSpace_MB Amount of volume space used
Command Example
This example shows the common case of detaching a volume from an instance.
or2detvol -p project -r region -v volume_id
Response Example
Figure 63 - or2detvol Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
7.4 RESIZE VOLUMES
Invoke: or2-resize-volume (or2resvol)
Increases an earlier created storage volume to the specified size.
1. This command is not available in OpenStack, AWS, Azure and Google Cloud regions.
2. Current implementation only allows increasing the size of storage volumes, decreasing is
unavailable.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --size Target storage volume size in GB Yes
-v, --volume ID of the volume to be resized Yes
--help Display command help No
Response Elements
Name Description
id Storage volume ID
system States whether the volume is a system volume
size_MB Storage volume size in MB
instanceID ID of the instance the volume is attached to
state Current state of the volume
used States whether a storage volume is used at the time
usedSpace_MB Space used out of the attached volume
Command Example
This example resizes an earlier created volume to 100 gigabytes:
or2resvol -p project -r region -v volume_id -s 100
Response Example
Figure 64 - or2resvol Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
7.5 DESCRIBE VOLUMES
Invoke: or2-describe-volumes (or2dvol)
Describes storage volumes belonging to the specified project.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID. For several instances repeat the parameter. No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Storage volume ID. For several Volume IDs repeat the parameter. No
--help Display command help No
Response Elements
Name Description
id Storage volume ID
size_MB Storage volume size in MB
usedSpace_MB Space used out of the particular volume
instanceID In some cases, depending on virtual service provider, shows ID of the
instance to which the storage volume is attached
state Current state of the volume
used States whether a storage volume is used at the time
zone Volume availability zone (AWS-type regions only)
snapshot Volume snapshot ID, if present (AWS-type regions only)
type Volume type (AWS-type regions only)
device Volume device (AWS-type regions only)
system Specifies whether the volume is a system volume
deleteOnTermination States, whether the volume will be deleted on instance termination
(AWS-type regions only)
Command Example
This example describes existing storage volumes for specific instance.
or2dvol -p project -r region -i instance_id
EPAM Cloud Orchestrator - Maestro CLI User Guide
Response Example
Figure 65 - or2dvol Response Example
Command Example
This example describes existing storage volumes. The ‘No volumes were found’ response means there
are no storage volumes for the project in the specified zone.
or2dvol -p project -r region
Response Example
Figure 66 - or2dvol Empty Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
7.6 DELETE VOLUME
Invoke: or2-delete-volume (or2delvol)
Deletes the specified storage volume. You can only delete permitted volumes, in accordance with your
project abbreviation in UPSA.
1. Currently you can only delete volumes one at a time.
2. The command deletes specified volumes even if they are attached to an instance.
3. Be careful when using in AWS-type regions. Make sure you do not accidentally delete your system
volume.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Storage volume ID Yes
-vrg,
--volumeResourceGroup Volume Resource Group No
-y Provide this parameter for automatic command
confirmation No
--help Display command help No
Response Elements
Name Description
ID Storage volume ID
system States whether the volume is a system volume
size_MB Volume size in MB
instanceID ID of the instance the volume is attached to
state Current state of the volume
used States whether a storage volume is used at the time
usedSpace_MB Space used out of the volume
Command Example
This example shows the common case of deleting a volume.
or2delvol -p project -r region -v volume_id
Response Example
Figure 67 - or2delvol Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
7.7 FINDING THE DEVICE PARAMETER
To obtain the --device parameter required for attaching volumes in AWS regions, log in to your VM and
run the ‘df-h’ command. The response to this command will contain the following information:
Figure 68 - df-h Response Example
Find the device name for the root mount point in the ‘Filesystem’ column (in the example above, the
device name is highlighted in bold and underlined). The device name can have one of the following
formats: ‘/dev/xvda1’ or ‘/dev/sda1’. Modify the device name by replacing the last character with any
letter following it alphabetically. For example, if the device name is ‘dev/xvda1’, the modified name may
have the ‘/dev/xvdd’ or ‘/dev/xvde’ forms; for ‘dev/sda1’ – ‘/dev/sdd’ or ‘/dev/sde’.
Use the modified device name in the ‘or2addattvol’ command:
or2addattvol -p project -r AWS-region -s 50 -i instance_id -d /dev/sdd
EPAM Cloud Orchestrator - Maestro CLI User Guide
7.8 MOUNTING STORAGE VOLUMES
Once you attach a volume to an instance, it has to be mounted in order to be used. The procedure is
different for Windows and Linux instances.
7.8.1 Windows OS family
1. Login to the instance via RDP
2. Launch 'Start' -> 'All Programs' -> 'Administrative Tools' -> 'Computer Management' or
run compmgmt.msc
3. In the tree pane, double-click the Storage node, and select 'Disk Management'
4. Right-click 'Disk Management' and select 'Rescan Disks'.
Figure 69 - Computer Management in Windows 8
5. After the disk scan completes, scroll down in the tasks pane to locate the new disk that was just
added. Right-click the disk and select 'Online'.
6. The new disk will be listed as 'Unknown' and 'Not Initialized'. Right-click the disk and select
'Initialize Disk'.
7. When the 'Initialize Disk' window opens, check the disk or disks to initialize, and click the
'Option' button to create either an MBR or GPT type disk.
8. Format the disk.
EPAM Cloud Orchestrator - Maestro CLI User Guide
7.8.2 Linux OS Family
1. Login to the instance by SSH.
2. Execute the following commands to make the system able to see a newly attached virtual disk:
sudo su -
echo "- - -" > /sys/class/scsi_host/host0/scan
echo "- - -" > /sys/class/scsi_host/host1/scan
echo "- - -" > /sys/class/scsi_host/host2/scan
echo "1" > /sys/class/scsi_device/2\:0\:0\:0/device/rescan
echo "1" > /sys/class/scsi_device/2\:0\:1\:0/device/rescan
3. Create a file system (ext3) on '/dev/sdb'
If you have already attached other disks, use 'sdX', where 'X' identifies your disk
mkfs.ext3 /dev/sdb
4. Create a folder and mount the disk into it:
mkdir /media/storage
mount /dev/sdb /media/storage/
5. Now you can see your attached disk in disk lists
df -h
EPAM Cloud Orchestrator - Maestro CLI User Guide
8 WORKING WITH CHECKPOINTS
Checkpoints are instance recovery points, containing the data (storage, memory, other devices) of an
instance, including storage volumes at a specific point in time.
Each checkpoint is billed per each GB of storage it takes. The size of the checkpoint depends on the
changes you make to the VM storage. The more changes you make, the heavier your checkpoint is.
Please note that using checkpoints increases the infrastructure price. Active (on started instances) and
Passive (on stopped instances) checkpoints are billed in different ways. Meanwhile, 1GB active checkpoint
storage is about 3 times higher than the price of 1GB HDD running. For more details on EPAM Cloud billing
policy, please, see the Account Management Guide.
The table below compares the monthly price of a standard Linux VMs of different shapes with 20 GB
checkpoint (in EPAM-HU1 and EPAM-HU2 Regions):
Size Standard Price With Checkpoint
MINI $8.77 $20.77
SMALL $14.61 $26.61
MEDIUM $41.64 $53.64
LARGE $61.36 $73.36
XL $113.96 $125.96
3XL $227.92 $239.92
We strongly recommend to create checkpoints only before introducing critical changes to your VM, and
remove a checkpoint when it becomes clear that the changes are successful.
Checkpoints manipulations are available only in ESX-based EPAM regions and cannot be performed on
instances in OpenStack Regions, AWS, Azure, or Google clouds.
It is recommended to stop an instances before creating a checkpoint on it. This ensures seamless reverting
to the checkpoint. Otherwise, guest OS performance issues may occur.
It is advised not to use the Checkpoints during large periods of time. Long-living checkpoints significantly
increase the price of your VM, reverting to a checkpoint that is older than 30 days can have unpredicted
results.
The price of 1GB active checkpoint storage is significantly higher than the price of 1 GB of HDD running.
EPAM Cloud Orchestrator - Maestro CLI User Guide
8.1 CREATE INSTANCE CHECKPOINT
Invoke: or2-create-checkpoint (or2ccp)
Creates an instance recovery point, containing data (storage, memory, other devices) of a virtual machine,
including storage volumes at a specific point in time.
• To ensure seamless reverting to a checkpoint, it is recommended to stop the VM before running the
or2ccp command.
• All storage-related commands (or2attvol, or2addattvol, or2delvol, or2detvol) for the instance are
disabled once a checkpoint has been created.
CLI Parameters
Parameter name Description Required
-d, --description Checkpoint description No
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
size_MB Checkpoint size
description Checkpoint description
processTime Checkpoint creation or update time
instanceID ID of the instance for which the checkpoint is created
current States whether the checkpoint represents current state of the instance
state Current state of checkpoint
Command Example
> or2ccp -r region -p project -i instance_id -d checkpoint_description
Response Example
Figure 70 - or2ccp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
8.2 DESCRIBE INSTANCE CHECKPOINTS
Invoke: or2-describe-checkpoints (or2dcp)
Describes checkpoints created for the specified instance or all checkpoints in the specified project and
region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID No
-P, --plain-output Use plain output instead of default table output No
-p, --project Project abbreviation in UPSA Yes
--json Show command output in json format No
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
instanceID ID of the instance for which the checkpoint was created
owner Instance owner
state Current state of checkpoint
processState Checkpoint creation progress in percent
size_MB Checkpoint size
current States whether the checkpoint represents current state of the instance
createdDate Checkpoint creation date
outdated States whether the checkpoint is outdated
description Checkpoint description
Command Example
or2dcp -r region -p project -i instance_id
Response Example
Figure 71 - or2dcp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
8.3 GO TO INSTANCE CHECKPOINT
Invoke: or2-go-to-checkpoint (or2gcp)
Reverts to the specified instance checkpoint.
CLI Parameters
Parameter name Description Required
-c, --checkpoint ID of the checkpoint to be used. Yes
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
size_MB Checkpoint size
description Checkpoint description
processTime Checkpoint creation or update time. This parameter initially shows the checkpoint
creation date and with each checkpoint update changes to the update time
instanceID ID of the instance for which the checkpoint is created
current States whether the checkpoint represents current state of the instance
state Current state of checkpoint
Command Example
or2gcp -r region -p project -i SAMPLE -c
checkpoint-2012_12_11_12_02_18_EVBYMINSDSAMPLE
Response Example
Figure 72 - or2gcp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
8.4 REVERT TO INSTANCE CHECKPOINT
Invoke: or2-revert-to-checkpoint (or2rcp)
Reverts instance to the latest available checkpoint.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
size_MB Checkpoint size
description Checkpoint description
processTime Checkpoint creation or update time. This parameter initially shows the checkpoint
creation date and with each checkpoint update changes to the update time
instanceID ID of the instance for which the checkpoint is created
current States whether the checkpoint represents current state of the instance
state Current state of checkpoint
Command Example
or2rcp -r region -p project -i instance_id
Response Example
Figure 73 - or2rcp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
8.5 DELETE INSTANCE CHECKPOINT
Invoke: or2-delete-checkpoint (or2delcp)
Deletes specified instance checkpoints.
Deleting a checkpoint can take long time, even several hours. The parent VM is unavailable till the
deletion process is completed.
If your checkpoint ID contains spaces, encase the -c parameter value in double quotes
CLI Parameters
Parameter name Description Required
-c, --checkpoint ID of the checkpoint to be deleted. Yes
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Provide this parameter for automatic command confirmation No
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
state Current state of checkpoint
description Checkpoint description
current States whether the checkpoint represents current state of the instance
Command Example
or2delcp -r region -p project -i instance_id -c
checkpoint-2012_12_11_12_02_18_EVBYMINSDSAMPLE
Response Example
Figure 74 - or2delcp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
9 WORKING WITH HARDWARE SERVERS
EPAM Cloud supports adding hardware resources under the Orchestrator control for proper billing and
monitoring of hardware resources. Dedicated instances related to hardware resources are assigned to the
special hardware region, EPAM-HW1, and this name is to be specified when calling the hardware-related
commands.
9.1 HARDWARE SERVER REGISTRATION
Invoke: or2-register-hardware-server (or2reghs)
This command registers a dedicated instance as a hardware server in EPAM Cloud. During registration,
the hardware server configuration is specified, so that it could be billed accordingly.
This command is available to zone administrators only.
CLI Parameters
Parameter name Description Required
-c, --cost-center Cost center Yes
-u, --cpu-count Number of physical processors. Positive integer in the range of 1-8.
Yes
--full Show full command output instead of default basic one No
-h, --hdd-space HDD space in GB. Positive integer Yes
--help Display command help No
-l, --location DC name, address of the actual server position No
-m, --memory-size RAM volume in MB. Positive integer in the range of 1024-1048576
Yes
-o, --ownership Server ownership. Available ownership values: [PROJECT, CUSTOMER, EPAM]
Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-d, --registration-date Date of hardware resource registration for chargeback. Should consist of date and time in the following format: yyyy-MM-ddTHH:mm. For example: 2015-05-01T10
Yes
-n, --server-name Hardware server name Yes
-e, --server-usage Server usage in percent. Positive integer, max 100%. Yes
-t, --units-count Units count. Positive integer in the range of 1-10 Yes
-w, --working-power Working power in kW No
Response Elements
Name Description
instanceId Instance ID of the hardware server
name Hardware server name
cpu Number of physical processors
memory RAM volume in MB
EPAM Cloud Orchestrator - Maestro CLI User Guide
owner Server ownership
registrationDate Date of hardware resource registration for chargeback
workingPower Working power in kW
location DC name, address of the actual server position
Command Example
The following command registers a server owned by EPAM with 100% usage in a single project:
> or2reghs -c cost_center -u cpu_count -h hdd_space -m memory_size -o EPAM -p
project -r EPAM-HW1 -d yyyy-MM-ddTHH:mm -n server_name -e 100 -t units_count
The following command registers a server owned by Customer with 30% usage in a project:
> or2reghs -c cost_center -u cpu_count -h hdd_space -m memory_size -o CUSTOMER
-p project -r EPAM-HW1 -d yyyy-MM-ddTHH:mm -n server_name -e 30 -t
units_count
Response Example
Figure 75 - or2reghs Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
9.2 HARDWARE SERVER UNREGISTRATION
Invoke: or2-unregister-hardware-server (or2unreghs)
This command unregisters a dedicated instance that was previously registered as a hardware server in
EPAM Cloud.
This command is available to zone administrators only.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-i, --instance Server instance ID No
Command Example:
>or2-unregister-hardware-server --project demopro --region demopro –instance
i-00000000
Response Example:
Figure 76 - or2unreghs Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
9.3 HARDWARE SERVER MODIFICATION
Invoke: or2-modify-hardware-server (or2modhs)
This command modifies the settings of an existing hardware server.
This command is available to zone administrators only.
CLI Parameters
Parameter name Description Required
-u, --cpu-count Number of physical processors. Positive integer in the range of 1-8.
No
--full Show full command output instead of default basic one No
-h, --hdd-space HDD space in GB. Positive integer No
--help Display command help No
-i, --instance Dedicated instance ID of the server to be modified Yes
-l, --location DC name, address of the actual server position No
-m, --memory-size RAM size in MB. Positive integer in the range of 1024-1048576
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-e, --server-usage Server usage in percent. Positive integer, max 100%. No
-t, --units-count Units count. Positive integer in the range of 1-10 No
-w, --working-power Working power in kW No
Even though all parameters except ‘--instance' are optional, at least one server parameter with a modified
value has to be specified. If no other parameters are sent, the command returns the following message:
‘No parameters to modify!’.
Response Elements
Name Description
instanceId Instance ID of the hardware server
name Hardware server name
cpu Number of physical processors
memory RAM volume in MB
hddSpace HDD space in GB
unitsCount Units count
serverUsage Server usage in percent
workingPower Working power in kW
location DC name, address of the actual server position
EPAM Cloud Orchestrator - Maestro CLI User Guide
Command Example
or2modhs -i dedicated_instance_id -u cpu_count -h hdd_space -m memory_space -
t units_count
Response Example
Figure 77 - or2modhs Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
9.4 HARDWARE REPORT
Invoke: or2-hardware-report (or2hr)
This command generates a hardware server usage report and delivers it to the requesting user’s email in
.csv format.
CLI Parameters
Parameter name Description Required
-d, --day Day for which the report is to be retrieved No
--full Show full command output instead of default basic one No
--help Display command help No
-m, --month Month for which the report is to be retrieved No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No
-r, --region Virtualization region Yes
-y, --year Year for which the report is to be retrieved No
Response Elements
Name Description
ServerName Hardware server name
State Current state of the hardware server
Zone Virtualization region in which the server is used
ProjectCode PMS code of the project for which the hardware server is used
CostCenter Cost center to which the hardware server is attached
HDDSpace HDD space of the server
UnitsCount Units count
ServerUsage Server usage in percent
MemoryMB RAM size in MB
CpuCount Number of physical processors
RegistrationDate Date of hardware server registration for chargeback
Location Physical location of the hardware server
WorkingPower Working power in kW
Command Example
or2hr -r region
Response Example:
Figure 78 - or2hr Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
10 AUDIT AND BILLING
EPAM Cloud Orchestrator utilizes a specifically designed flexible billing model. Striving to make EPAM
Cloud experience as comfortable for our customers as possible, we implemented an easy no contract model
not requiring any commitments from you: you pay only for utilized resources based on no contract pricing.
For the sake of easier comprehension, the billing model is presented on the following diagram and detailed
below:
Figure 79 - Price Breakdown
You can find the details on EPAM Cloud Service billing strategy, and instructions on project cost estimation
in our Account Management Guide.
EPAM Cloud Orchestrator - Maestro CLI User Guide
10.1 PROJECT REPORT
Invoke: or2-report (or2report)
The command prepares a monthly billing report for the specified project. This provides you the ability to
self-manage and control your infrastructure and keep track of expenses through various reports. This is
very useful for big projects with large infrastructure. Each report can be exported into *.csv file to supply
with an option to keep track of changes even in files.
CLI Parameters
Parameter name Description Required
-d, --day Day to retrieve report for No
--full Show full command output instead of default basic one No
-m, --month Month to prepare the report for (Accepted values: 1-12) Yes
-o, --owner Email or ‘Name Surname’ of a user to generate a report by the instances assigned to them
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region
Virtualization region Can be specified as specific region name or region type (EPAM, AWS, AZURE, Google, ENTERPRISE, HARDWARE, WORKSPACE)
No
-g, --tag Specify a tag to collect only records with the tag. Must be specified as ‘-g user:tag=tag-name’ Default behavior: collect all records.
No
-t, --type
Report type. The following values are available: Total – total amount billed (default option) Subtotal – total amount billed split by categories Resource – total amount billed split by categories and instances Hourly – detailed report. Quota – current state of resource utilization quota
No
-y, --year Year to prepare the report for Yes
-a, --account-report Get a report by manager account No
-n, --account-name
Account name. Any account name part is allowed (Manager, Customer or Maestro). If this parameter is not specified and the report type is set as "account", report by Manager account is provided.
No
-i, --instance Instance ID. Only records by specified instances will be included to the report
No
--help Display command help No
The different types of reports have different output location. Total and Subtotal reports are displayed as
Maestro CLI response.
The resource and hourly reports will create a .csv file in the %MAESTRO_HOME%out/reports folder.
Please note that resource and hourly reports are not supported for Azure.
EPAM Cloud Orchestrator - Maestro CLI User Guide
Response Elements
Name Description
type Report item type
project Project abbreviation in UPSA
zone Virtualization region
productCode Billable product code
productName Billable product name
usageType Method of product usage
quantity Billable product quantity
currency Report currency
total Total amount billed
quotaType Quota type
monthlyQuota Monthly resource quota
current (USD) Amount billed since the beginning of the month
utilization Monthly resource utilization quota percentage used since the beginning
of the current month
actionPlan Action to be taken upon quota depletion
status Quota status
Command Example
The command retrieves the total amount billed for the ‘Sample’ project for February 2013.
or2report -m 2 -y 2013 -p project –r region
Response Example
Figure 80 - or2report Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
10.2 GET PRICES
Invoke: or2-price (or2price)
Lists current monthly prices for EPAM Cloud Resources
The values returned by the command do not apply for AWS-type regions
CLI Parameters
Parameter name Description Required
-d, --day Get prices for a specific number of days
Acceptable values: positive integers > 0 No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-r, --region Virtualization region Yes
-t, --resourceState Show prices for active/inactive resources only. Acceptable
values: ‘active’, ‘inactive’ No
-s, --shape
Show prices for specific shapes.
Acceptable values: ‘micro’, ‘mini’, ‘small’, ‘medium’, ‘large’,
‘xl’, ‘2xl’, ‘3xl’, ‘4xl’, ‘5xl’, ‘6xl’, ‘7xl’, ‘8xl’.
No
--help Display command help No
The response to the or2price command is broken down into the following price components:
Instance Price:
Response Elements
Name Description
Shape Instance Shape
OsType Operating system installed
Shape Instance Shape
soft&labor Base hourly cost of maintenance and software use
Memory price Price per 1 GB of RAM
vCoresPrice Price per 1 vCore
systemStoragePrice Price per GB of system storage
totalPrice Total price per instance
Checkpoint Price:
Response Elements
Name Description
activePricePer1GB Price per 1 GB of active checkpoint (on started instances)
inactivePricePer1GB Price per 1 GB of inactive checkpoint (on stopped instances)
EPAM Cloud Orchestrator - Maestro CLI User Guide
Additional Storage Price:
Response Elements
Name Description
activePricePer1GB Price per 1 GB of active storage (on started instances)
inactivePricePer1GB Price per 1 GB of inactive storage (on stopped instances)
Machine Image Price:
Response Elements
Name Description
pricePer1GB Price per 1 GB of created machine image
For EPAM-BY1 region the ‘or2price’ command also returns the price for the RDB service with guaranteed
capacity, as this is the only region where such service is offered. The price consists of two components:
Service Creation Price – the one-time price of the RDB-MSSQL-CSA service creation
Service Attribute Prices – the price of RDB-MSSQL-CSA database depending on its size
Command Example
or2price -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
Response Example
Figure 81 - or2price Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
10.3 INSTANCE AUDIT
Invoke: or2-audit (or2audit)
Views all relevant instance-related information for a specified period of time.
CLI Parameters
Parameter name Description Required
-d, --days Number of days to retrieve information for.
Default value: 3. The number must not exceed 100 No
-f, --from Starting date to retrieve information about an instance (yyyy-mm-dd)
Must not be earlier than 100 days before current date No
--full Show full command output instead of default basic one No
-g, --group
Audit events group. Available groups: [PROJECT, ACS,
HARDWARE, DOCKER, AEM, JENKINS, TERRAFORM, AWS,
ENTERPRISE, MACHINE_IMAGE]
No
-m/--image-id Image ID No
-i, --instance Instance ID No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack The ID of the stack for which audit is to be retrieved No
-t, --to End date to retrieve information about an instance (yyyy-mm-dd) No
--help Display command help No
If you do not specify the -i/--instance parameter, the command response will include information
concerning all instances for the specified project.
Response Elements
Name Description
Date Date of event
User ID of the user, who launched an event
Action Event ID
instanceID ID of the instance
message Event description
region Virtualization region
project Project abbreviation in UPSA
Command Example
This example lists instance-related events for the specified period
or2audit -p project -r region -f 2016-03-01 -t 2016-04-01 -i instance_id
Response Example
Returns major events having occurred to the instance during the specified period of time
EPAM Cloud Orchestrator - Maestro CLI User Guide
Figure 82 - or2audit Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
10.4 WORKING WITH EO ACCOUNTS
An EPC Account is a logical group of projects that can be associated to a cost-center. An account is
created by request to Consulting Team or to Help Desk , where you specify the following details:
• the account name
• the list of the projects to be included to the EPC Account
• the primary and secondary contacts
The people specified as the account contacts will get access to the EPC Account reporting information
even if they are not assigned to the projects associated with this account.
When the EPC Account is activated, you can use the or2report command with the -a/--account parameter:
or2report -m 03 -y 2016 -a account_ID -t total
The requested report will be mailed as a .csv file and contain the list of the user’s projects, the cost centers
in which they are priced (each cost center is bound to a virtualization region), the reporting period and the
cost:
Figure 83 - Account report
To see the details on EO Accounts assigned to you, use the or2-describe-eo-account (or2dacc).
The command provides the information on EO Accounts available to the user.
CLI Parameters
Parameter name Description Required
-c, --contacts Account contact email. For several contacts, repeat the
parameter Yes
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--help Display command help No
Response Elements
Name Description
accountId The ID of the account assigned to the specified user
projectCodes The list of the projects included to the account
description Account description
contacts Account contacts
EPAM Cloud Orchestrator - Maestro CLI User Guide
Command Example
This example lists instance-related events for the specified period
or2dacc -c [email protected]
Command Response
Figure 84 - or2dacc Command Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
11 USING TAGS
Tags are used to identify Cloud items, such as instances, checkpoints and volumes, for further easier
reference and manipulation. The tags are typically used in or2report command in order to retrieve the
information only on the specified group of resources.
The tag can also be used to filter the instances on Management page.
11.1 SET TAG
Invoke: or2-set-tag (or2settag)
Assigns custom tags to an instance or a volume for billing purposes to share costs between projects.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-r, --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-t, --tag
Tag value. Multiple tags are supported. Allowed formats:
prefix1:key1=value1,prefix2:key2=value2
prefix1:key1=, prefix2key2=
key1=value1,key2=value2
value1,value2
Default prefix: empty. Default key: tag
Yes
--help Display command help No
1. Reports by tags take billing info starting from the moment of tag creation. The resource price that
existed before the tag was added, won’t be taken into account in a tag report.
2. The following symbols are NOT accepted when used in key or value for this command: < > ( ) + &
^_ * \ | "
3. If you use this command for a Windows instance, please, encase the ‘-t’ parameter in quotes i.e.
"tag"
4. 10 tags per resource are supported.
5. “eo” or “aws” cannot be used as prefixes.
6. If the or2settag command results in no change (for example, all tags sent in the command already
exist), an error response is returned. If only some tags exist, new tags will be set.
Command Example
This example assigns a tag to an instance.
or2settag -p project -r region -i instance_id -t prefix1:key1=value1
EPAM Cloud Orchestrator - Maestro CLI User Guide
Response Example
The command confirms tag assignment.
Figure 85 - or2settag Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
11.2 DESCRIBE TAG
Invoke: or2-describe-tag (or2dtag)
Retrieves custom tags, assigned to an instance or a volume for billing purposes.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID No/Yes*
-v, --volume Volume ID No/Yes*
-c, --checkpoint Checkpoint ID No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
*Either --instance or --volume should be specified.
Response Elements
Name Description
resourceType Specifies, whether the resource is an instance or a volume
resourceId Resource ID
prefix Specifies, whether the tag has been added by a user
key Tag indication
value Tag value
Command Example
This example retrieves an assigned tag from an instance.
or2dtag -p project -r region -i instance_id
Response Example
Figure 86 - or2dtag Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
11.3 DELETE TAG
Invoke: or2-delete-tag (or2deltag)
Deletes a custom tag from an instance or a volume.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t, --tag Tag value to be removed Yes
--help Display command help No
If the or2deltag command results in no change (for example, none of the tags sent in the command exist),
an error response is returned. If only some tags exist, they will be removed.
Response Elements
Name Description
resourceType Specifies, whether the resource is an instance or a volume
resourceId Resource ID
prefix Specifies, whether the tag has been added by a user
key Tag indication
value Tag value
Command Example
This example retrieves an assigned tag from an instance.
or2deltag -p project -r region -i instance_id -t tag_value
Response Example
Figure 87 - or2deltag Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
12 WORKING WITH FILES
EPAM Orchestrator allows to upload files to the Orchestration Server for further reference and usage.
12.1 UPLOAD A NEW FILE
Invoke: or2-upload-file (or2uf)
The command is used to upload a new file and save it in Orchestrator. The command can be used to upload
the following types of files:
• script files: any script file
• EO-template: Maestro Stack template files
• Zabbix-template: Files with templates for Zabbix Server
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA. Upload the resource as system if this
parameter is absent. No
-d, --description Description of the file to be uploaded Yes
-t, --type File type [script, eo-template, zabbix-template, cf-template,
blueprint] Yes
-f, --file-path The local file path Yes
-n, --name Name under which the file will be uploaded (different from the name
in the file path) No
--help Show command help No
1. cf-template option is supposed to be used with confirmation files, however, this functionality is not
implemented yet.
2. If the --project parameter is not given in the command call, but is specified in default.properties file, it
will not be added automatically, because only obligatory parameters are applied this way, and --project
is optional here.
If you want to enable custom script to be executed on the instance after creation, please check that the
script titles are in a correct format. For Linux scripts, it is necessary to have a header that includes one of
the following: "bash", "bin/sh", "perl", Windows script files should have a ".ps1", ".cmd" or ".bat" extension.
Response Elements
Name Description
name file name
link file download link
size file size
EPAM Cloud Orchestrator - Maestro CLI User Guide
Command Example
or2uf -p project -f d:\work\maestrostacks\test.json -t eo-template -d
testFileUpload
Response Example
Figure 88 - or2uf Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
12.2 DELETE A FILE
Invoke: or2-delete-file (or2delf)
Deletes a previously uploaded file from Orchestrator’s repository.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No
-n, --file-name Name of the file to be deleted Yes
-t, --type File type [script, eo-template, cf-template, zabbix-template,
blueprint] Yes
--help Display command help. Default: False No
Response Elements
Name Description
name File name
description File description
link The link to the file
size The file size
1. To delete a Maestro Stack template file, specify the file type as eo-template
2. The or2-delete-file command does not actually delete the file from the Orchestrator database, but
marks it as “deleted”, so that it becomes unavailable for further reference. To upload the same file
once more to the same region and project, you will need to change the file name.
Command Example
or2delf -n file1.json -p project -t eo-template
Response Example
Figure 89 - or2delf Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
12.3 DESCRIBE FILES
Invoke: or2-describe-files (or2df)
Describes uploaded and available files for the specified project.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA. If the parameter is absent, the
system resource will be described No
-n, --file-name File name No
-t, --type File type [script, eo-template, cf-template, zabbix-template,
blueprint] Yes
--help Display command help No
1. To describe a Maestro Stack template file, specify the file type as eo-template
2. cf-template option is supposed to be used with confirmation files, however, this functionality is not
implemented yet.
3. If the --project parameter is not given in the command call, but is specified in default.properties file, it
will not be added automatically, because only obligatory parameters are applied this way, and --
project is optional here.
Response Elements
Name Description
name Script name
description File description
link File download link
size File size
Command Example
or2df -p project -n test.json -t eo-template
Response Example
Figure 90 - or2df Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 129
13 SECURITY SCANNING
As a main security measure, EPAM Orchestrator supports Qualys scanning which is used to identify VM
vulnerabilities. Qualys is an external security appliance which performs instance regular scanning on a daily
basis.
With the or2-security-check (or2sc) command you can obtain the latest security scanning report regarding
the selected instance.
The security scanning is performed automatically and cannot be initiated by a user. The report requested
by this command will return the result of a security scanning performed on the previous day.
EPAM performs security scanning in terms of self-service. You can review the results of scanning,
performed on instances related to projects to which you are assigned, via this link.
Invoke: or2-security-check (or2sc)
Initiates security scan of the specified resources.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-i, --instance Instance to be scanned No
--help Display command help No
--qualys Initiates Qualys scan No
Command Example
or2sc –p project_id -r region --qualys
Response Example:
Figure 91 - or2sc Response Example
The security scan report is sent to the user’s email.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 130
14 AUTOMATING INFRASTRUCTURE MANIPULATION
EPAM cloud Orchestrator supports mechanisms that allow to automate the process of infrastructure
creation and manipulation via special templates that aggregate the descriptions of sets of actions that are
to be performed.
There are two types of templates that can be processed by Orchestrator. They are Amazon Cloud
Formation Templates and Maestro Stacks.
14.1 TERRAFORM
Invoke: or2-terraform (or2ter)
Allows building, versioning and managing your infrastructure with the help of Terraform templates.
The service is activated with the standard or2ms command.
Terraform as a Service is available in public clouds only.
For the detailed instructions on Terraform service usage in via EPAM Orchestrator, see this guide.
CLI Parameters
Parameter name Description Required
-a, --action Terraform template action [describe, apply, plan, destroy,
upload, delete, validate]. Default: DESCRIBE No
-d, --description The description of the template No
--full Show full command output No
--json Show command output in json format No
-o, --override-existing-
template Override if a template with similar name exists. No
-g, --parameter-config Full path to the local variables file No
-P, --plain-output Use plain output view No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region No
-v, --skip-validation Skip validation for the uploaded template No
-n, --template-name Name of the template Default: [] No
--help Display command help No
Command example
The command below describes the existing templates
or2ter -a describe -p project_ID
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 131
Command output example
Figure 92 - or2ter Response Example
14.2 AMAZON CLOUD FORMATION
The detailed information about AWS Cloud Formation is given in Cloud Formation Service guide.
14.2.1 Run AWS Stack
Invoke: or2-run-aws-stack (or2rawss)
Runs a new AWS stack based on an existing template.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name Name of the stack to run.
Must satisfy AWS naming rules: [a-zA-Z][-a-zA-Z0-9]* Yes
-t, --template-name Name of an existing template in Orchestrator storage Yes
-d, --default-parameters Run stack with default parameters No
-m, --timeout-in-minutes The amount of time during which the stack must be created,
otherwise stack creation considered as failed No
-b, --disable-rollback Disable stack rollback if the stack creation fails No
-c, --capability The list of the capabilities allowed in the stack. No
-n, --notification-ar-ns
The Simple Notification Service (SNS) topic ARNs to
publish stack related events. For several topic ARNs repeat
the parameter
No
-f, --on-failure
Specifies the action to be taken if stack creation fails.
Available actions: DO_NOTHING, ROLLBACK, DELETE.
Ignored if "--disable-rollback" parameter is set to "true"
No
-R, --parameter
Parameter name=value pair. Use "=" as delimiter. Repeat
for several parameters: --parameter name1=value1--
parameter name2=value2 --parameter nameN=valueN. If
you use Windows command line, please, encase the -r
No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 132
CLI Parameters
parameter in quotes i.e. "name=value". Conditional: You
must pass the --parameter or --parameter-config . If both
are passed, only --parameter is used
Default: []
-g, --parameter-config
Full path to the stack parameters configuration file.
Conditional: You must pass --parameter or --parameter-
config. If both are passed, only --parameter is used
No
--help Display command help No
If you do not use either -d/--default-parameters, -R/--parameter, or -g/--parameter-config parameter,
you will be asked to specify additional information, depending on your template e.g. key, instance shape,
DB name/access credentials and root password for the instance.
Response Elements
Name Description
stackName Name of the stack
StackID Unique ID of the stack assigned by AWS
status Current state of the stack
Command Example 1
or2rawss -r aws-region -s stack_name -t template_name –p project
Response Example 1
Figure 93 - or2rsawss Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 133
14.2.2 Describe AWS Stacks
Invoke: or2-describe-aws-stacks (or2dawss)
Describes one or more existing AWS stacks for the specified project and region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
No
--help Display command help No
Response Elements
Name Description
stackName Name of the stack
stackID Unique ID of the stack assigned by AWS
status Current state of the stack
description * The stack description
outputs*
Stack output, giving the information on the executed stack:
Instance ID – The ID of the newly created EC2 instance
PublicDNS – Public DNSName of the newly created EC2 instance
PublicIP – Public IP address of the newly created EC2 instance
parameters* Lists the parameters used within the specified stack
disableRollback* specifies whether the stack rollback in case of a failure is disabled
creationTime* The time when the stack was created
The options with the asterisk (*) are displayed only when the --full output mode is on
Command Example
or2dawss -r aws-region –p project –s stack_name
Response Example
Figure 94 - or2dawss Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 134
14.2.3 Describe AWS Stack Events
Invoke: or2-describe-aws-stack-events (or2dawsse)
Returns the events related to the specified stack.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
Yes
--help Display command help No
Response Elements
Name Description
date The event date
logicalResourceId The logical name of the resource given in the template
resourceStatus The current resource status
resourceStatusReason The resource-associated message informing on the success or failure
physicalResourceId The resource physical instance unique identifier
stackName The name assigned to the stack
resourceType Type of the resource
Command Example
or2dawsse -s stack_name -r aws-region -p project --full
Response Example
Figure 95 - or2dawsse Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 135
14.2.4 Describe AWS Stack Resources
Invoke: or2-describe-aws-stack-resources (or2dawssr)
Describes the resources for running and deleted stacks. one or more existing AWS stacks for the specified
project and region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
No
-l, --logical-id The logical name of the resource as specified in the template No
-h, --physical-id The name or unique identifier that corresponds to a physical
instance ID of a resource supported by AWS CloudFormation No
--help Display command help No
If the --stack-name parameter is specified, the command will return all the associated resources included
to the stack.
If the --physical-resource-id is specified, the command returns the resources of the stack to which the
resources belong.
If you specify both --stack-name and --physical-resource-id parameters in one command call, a validation
error will occur.
Response Elements
logicalId The logical name of the resource given in the template
status The stack status
physicalId The name or unique identifier that corresponds to a physical instance ID of a resource
supported by AWS CloudFormation
stackName The name assigned to the stack
The command returns only the first 100 resources.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 136
Command Example
or2dawssr -r aws-region -p project -s stack_name
Response Example
Figure 96 - or2dawssr Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 137
14.2.5 Delete AWS Stack
Invoke: or2-delete-aws-stack (or2delawss)
Deletes an existing AWS stack.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
Yes
-y Provide this parameter for automatic command confirmation
Default: false No
--help Display command help No
Response Elements
Name Description
stackName Name of the stack
region Virtualization region
project Name of the project the stack is assigned to
StackID Unique ID of the stack assigned by AWS
status Current state of the stack
Command Example
or2delawss -r aws-region -s stack_name -p project -y
Response Example
Figure 97 - or2delawss Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 138
14.3 MAESTRO STACKS
The detailed information about Maestro Stack files creation and usage is given Cloud Formation Service
Guide.
14.3.1 Describe Maestro Stacks
Invoke: or2-describe-maestro-stacks (or2dmstack)
Describes one or more existing Maestro Stacks for the specified project and region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No*
-r, --region Virtualization region No*
-s, --stack-id
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -s stackName1 -s
stackName2 -s stackName3
No*
--help Display command help No
*Either --stack-id or --project and --region should be specified
Response Elements
Name Description
stackName The name of an existing stack
stackId The Id of the existing stack
Status The status of the stack
owner Stack owner
templateName The name of the template used to run the stack
Command Example
or2dmstack -r region –p project
Response Example
Figure 98 - or2dmstack Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 139
14.3.2 Run Maestro Stack
Invoke: or2-run-maestro-stack (or2rmstack)
Runs a new Maestro Stack based on an existing template.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --parameter
Parameter name=value pair.
To provide several parameters:
• Use "=" as delimiter. Repeat for several parameters:
-R name1=value1 -R name2=value2 -R nameN=valueN. If
you use Windows command line, please, encase the -r
parameter in quotes i.e. "name=value".
• Separate parameters with coma within one string:
-R "name1=value1,name2=value2,…nameN=valueN"
No
-s, --stack-name Name of the stack to run Yes
-b, --rollback
Roll back stack resources if stack creation failed. Note: 1.
Rollback influences only the issues created with this particular
stack.
2. Rollback does not work for CSA-Type regions
No
-t, --template-name Name of an existing template in Orchestrator storage No*
-m, --template-path Full path to the local Maestro Stack template No*
--help Display command help No
*Either ‘--template-name’ or ‘--template-path’ parameter should be specified.
or2-run-maestro-stack uses EO-template to search for the stack templates to run. If the specified template
is absent among project templates, it will be searched for among system ones.
Response Elements
Name Description
stackName Name of the stack
stackId The Id of the stack
status The current status of the stack
owner Stack owner
templateName The name of the used template
Command Example
or2rmstack -p project -r region -s scenario1 –m D:\Stacks\1scenario.json -b
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 140
Response Example
Figure 99 - or2rmstack -m Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 141
14.3.3 Delete Maestro Stack
Invoke: or2-delete-maestro-stack (or2delmstack)
Deletes a Maestro Stack previously run on Orchestration, including all the stack-related resources.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-id The id of the stack to be deleted Yes
-y Automatic command confirmation
--help Display command help No
Response Elements
Name Description
stackName Name of the stack
stackId The Id of the stack
Status The current status of the stack
Owner The user who run the stack
templateName The name of the used template
Command Example
or2delmstack -p project -r region -s stack_name
Response Example
Figure 100 - or2delmstack -m Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 142
14.3.4 Describe Stack Resources
Invoke: or2-describe-maestro-stack-resources (or2dmsr)
Describes the resources created during the specified stack execution.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-s, --stack-id Name of the stack to retrieve information about. Yes
--help Display command help No
Response Elements
Name Description
resourceId The Id of an existing stack resource
resourceType The type of the stack-related resource
resourceState The current state of the stack-related resource
projectName The project abbreviation in UPSA
zoneName Virtualization region
Command Example
or2dmsr -s stack_id
Response Example
Figure 101 - or2dmsr Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 143
14.3.5 Validate Maestro Stack Template
Invoke: or2-validate-maestro-stack-template (or2vmst)
Performs a Maestro Stack template validation by the following parameters:
• JSON and XML syntax validation
• Stack template Logic check
• Check for the template commands availability in the region
• Check for template commands permission for the user
The validation covers all errors in the specified Maestro Stack template file and returns the list of the errors.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t, --template-name Name of the template No
-m, --template-path Full path to the local Maestro Sack template No
--help Display command help No
Response Elements
Name Description
Type Issue type
Message Issue description
Command Example
or2vmst -r region –p project -m template_path
Response Example
Figure 102 – or2vmst Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 144
14.3.6 Convert Maestro Stack Template
Invoke: or2-convert-maestro-stack-template (or2cmst)
Converts a Maestro Stack template into a CloudFormation template.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-f, --input-file Path to the Maestro Stack template Yes
-d, --output-file Path to the generated CloudFormation stack template. If no
path is specified, the stack template is displayed in the console No
--help Display command help No
Command Example
or2cmst -p project -r region -f template_path -d output_path
Response Example
Figure 103 - or2cmst Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 145
15 SERVICES
A service is a software solution that allows you to install and manipulate a component, necessary for your
project, with a simple set of Maestro CLI commands. The Services provide you with functionality that is
meant to simplify your work with Orchestrator and give you the additional infrastructure monitoring and
management tools.
Most services are started with the or2-manage-service command with the corresponding –service-name
flag specifying the service to start.
When running the services, Orchestrator creates instances with pre-defined settings. These instances are
used as servers for the started services. The corresponding or2-describe-<service> commands can
provide you with the necessary details on the instances involved into the service.
You can monitor the state and the performance of each service using the or2-audit command with --group
project flag. This command returns the list of the service events that take place in the specified project
during the current day. The details are given in this section.
Below, you can find the details on the general services-related commands, and the commands used to
manipulate the specific services.
The mapping table of the required images for EO PaaS services can be found in Annex G – PaaS Guest
Operating Systems.
The new services cannot be activated if the target project Chef mode was set to USER.
Platform services are not available in Google Cloud regions.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 146
15.1 SERVICES MANIPULATION
15.1.1 Starting a Service
Invoke: or2-manage-service (or2ms)
Activates/deactivates available services for a particular project
CLI Parameters
Parameter name Description Required
-a, --activate Activate service. Default: false Yes*
-c, --cluster-name Platform service cluster name Yes**
--customize Allows to customize parameters defined in service stack
template Yes/No****
-d, --deactivate Deactivate service. Default: false Yes*
--full Show full command output instead of default basic one No
--init-entry-point Refreshes the entrypoint information of the service in
default.properties file No
--help Display command help No
-i, --instance Instance ID. Can be used for service deactivation No
-k, --key-name Project SSH key name. Required for all services in AWS zones Yes***
-P, --plain-output Use plain output instead of default table output. Default: false No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --service-name
Platform service name, mandatory for service activation.
Valid service names: monitoring, chef, log, load-balancer,
docker, ambari, jenkins, messaging, hybris, kubernetes, gerrit,
magento, terraform
Yes/No
-S, --service-id Platform service ID. This parameter can be used for service
deactivation No
-h, --shape Platform service Instance type No
-t, --stack Stack ID. This parameter can be used for service deactivation No
-v, --version The version of the application used within the service No
-y Provide this parameter for automatic command confirmation.
Default: false No
*Either activate or deactivate parameter should be specified
**Required for Ambari and Docker service activation
***Required for Ambari and most services in AWS zones
****Required for Hybris and Gerrit service activation
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 147
The response depends on the activated/deactivated service.
Response Elements
Name Description
stackName Name of the Maestro Stack used to run the service
stackId The ID of the stack run to launch a VM with all the corresponding server settings
status Displays the current command execution stage and its status
Command Example
The command runs the Zabbix monitoring service:
or2ms -p project -r region -s monitoring -a
Response Example
Figure 104 - or2-manage-service Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 148
15.1.2 Describing Project Services
Invoke: or2-describe-services (or2dser)
Describes the services activated for the given project in the given region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --service
Service name. Valid service names: monitoring, chef, log, load-
balancer, docker, ambari, jenkins, messaging, hybris,
kubernetes, gerrit
No
--help Display command help No
The response depends on the activated/deactivated service.
Response Elements
Name Description
serviceId Existing service ID
serviceName The name of an activated project
availability Service availability status
project The name of the project for which the service is activated
stackID The ID of the stack that was used to start the service
ip The IP of the service VM
dns The DNS of the service VM
keyName The name of the key to be used with the service
webUiUrl The URL you can use to connect to the service server, if possible
user The user name to connect to the service server, if possible
password The password to connect to the service server, if possible
Command Example
This command reads the specified template and stores it to the specified local file
or2dser -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 149
Response Example
Figure 105 - or2dser Response Example (shown in 2 lines for better visibility)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 150
15.1.3 Monitoring the Services
Invoke: or2-audit –p <project> -r <region> -g PROJECT
The services-based events can be easily monitored by the or2-audit command with the
--group PROJECT property:
or2audit --group PROJECT
Such command will return the list of the service-related actions, invoked by the users or the system.
The following response elements are displayed:
• Date: The action date and time
• User: The user that invoked the action. Can be a Cloud User or System
• Action: The name of the performed action, e.g.:
|SERVICE_ACTIVATION_STARTED|
• Message: The message describing the action details, e.g.:
|Service LOAD-BALANCER activation started. See or2audit -s EPMC-
CLONginxServer-d55a2ece command for details.|
• Region: The virtualization region
• Project: The affected project
The command allows you to keep track of all the service-related events in your project.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 151
15.2 CHEF SERVER SERVICE
EPAM orchestration provides you with the possibility to run Chef Server as a service on you project, i.e., to
use a project-specific Chef-server, when needed. Currently Chef Infra v.13 server and Chef Infra Client
v.15.11.3 is supported by default based on Ubuntu 16.04_64-bit in all regions.
When the service is run, you can switch between the following ACS modes:
• Default mode – the default mode for all projects in the EPAM Cloud. In this case, a common Chef
server is used for all production environment machines.
• EPC mode – use project-specific Chef server, created by EPAM Orchestrator for the specified
project.
• User mode – use project-specific Chef server, created and properly configured by the user. When
switching to this mode, the user should provide Chef server’s instance ID (or instance IP) and
manually upload validation.pem file to the Orchestrator’s file storage. The user should also provide
the path to validation.pem file during the command invocation.
While working in the EPC mode you can use Chef 13, please consider specific details below:
• Chef 13 has improved security approaches, and using SSL encryption is obligatory.
• Chef 13 run on Azure needs the port 443 to be open on your project subscription.
• The 0.0.0.0/0 range should be prohibited.
• Chef 13 is available in all regions (including AWS, Azure, and GCP), except ESX-based ones.
• In case you want to have a project Chef Server in a public cloud, please submit a request for exposing
the server VM to Internet in order to enable access to it.
Setting the current Chef server on project will not apply any actions on the virtual machines. Re-
configuration of the software on instances is not allowed.
To apply auto-configuration changes, you need to re-register existing VMs on the new Chef server.
It is also recommended to remember that the creation of the project Chef Server is not an instant operation
and will take some time (up to one hour). These are the main conceptual limitations of the given
functionality.
It is possible to connect to Chef Server, created for EPC and USER modes, via HTTP connection and to
get the detailed information about the server.
The UI for the Default Chef server is not accessible
To get the URL to be used for connection, use the or2-describe-chef command. Use the server DNS name
to connect.
To login to an EPC Chef Server, use the following login and password:
Login: user
Password: chef-server
For initial login to a User Chef Server, use the login and password provided in the left corner of the login
page. It is highly advisable that you change these default credentials to custom ones. When you
successfully login, you will get access to Chef Server information. You can share an existing EPC Chef
server among several regions, projects and Cloud Platforms. To connect another region or project to an
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 152
existing EPC Chef server, you will have to add its Service ID to the or2-manage-services command run
for the project/region you want to add:
or2cm –p <project> -r <region> -m epc -S <serviceid>
In case you are not assigned to the project hosting the existing Chef server, Project Coordinator should
provide you with the server service ID.
15.2.1 Set Chef Mode
Invoke: or2-chef-mode (or2cm)
Sets one of the available chef modes (default, epc, user) to the project.
CLI Parameters
Parameter name Description Required
-m, --mode The desired mode to switch to. Available values: default, epc, user Yes
--full Show full command output instead of default basic one No
-i, --instance ID of the instance where Chef is installed No
-v, --key-file Path to the validation.pem file of the Chef server No
-k, --key-name Project SSH key name. Required for EPC mode in AWS regions No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --shape Instance type No
--help Display command help No
-y Provide this parameter for automatic command confirmation.
Default: false No
If you call the or2cm command, please make sure that the chef mode has changed (use or2dchef
command) before creating new instances on your project. In case you need to establish a cross-project
connection, make sure you have permissions to run the or2cm command in the project which you want to
connect to the Chef server. Chef mode change can take about 30 minutes. During this period, the Chef
service is in the ‘unavailable’ state.
Response Elements
Name Description
stackName The name of the stack executed to change the Chef mode
stackId The ID of the stack executed to change the Chef mode
Status The stack status
Command Example
This example sets the project chef mode to epc:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 153
or2cm –p project –r region –m epc
Response Example
The command returns a list of newly set instance properties.
Figure 106 - or2cm Response Example
Find more information about work with shared Chef server in the Cloud Services Guide
15.2.2 Disabling Auto Configuration for Specific OS
EPAM orchestrator allows to disable auto configuration for VMs with specific OS types, rather than for the
whole project.
This is done by adding the --customize parameter to the or2-manage-service (or2ms) command with the
--activate flag:
or2ms -a -s chef -p project -r region --customize
When run, the command prompts you for the ACS disable mode. As a response, specify the OS family for
which the auto configuration should be disabled (ALL, WINDOWS, LINUX):
Figure 107 - Disabling auto configuration for a specific OS
The information on the auto configuration on the project can be found in the or2-describe-chef (or2dchef)
command: the disableType column shows the OS for which the service is disabled:
Figure 108 - Reviewing information on the current status of the ACS
To enable auto configuration back, run the same or2ms command with the --customize parameter, and
select the NONE mode.
The new auto configuration disabling mode is applied only to the virtual instances that are launched after
the mode is changed. The virtual instances created earlier, will stick to the mode in which they were created.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 154
15.2.3 Retrieving Chef Information
Invoke: or2-describe-chef (or2dchef)
Describes the project’s Chef Server mode.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
chefMode The current Chef Mode of the project
chefServer Current Chef DNS name
active Chef server state
Command Example
or2dchef –p project –r region
Response Example
Figure 109 - or2dchef Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 155
15.2.4 Collecting Info on Chef Clients
The or2-validate-chef (or2vchef) command allows the user to control and monitor the work of the service
indicating any errors occurred.
The command should be run in Maestro CLI on the target VM and does not need any parameters:
or2-validate-chef
The command output includes the following information:
Figure 110 - The or2-validate-chef command output
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 156
15.3 ZABBIX MONITORING SERVICE
EPAM Cloud Orchestrator provides you with the ability to create a Zabbix server to monitor your
infrastructure performance. Currently Zabbix v.4.0 LTS is supported. You can specify which instances are
being monitored by Zabbix server and stop monitoring them when needed.
The default metrics covered by Zabbix monitoring service are given below.
For Windows systems:
• CPU Load
• Free Memory
• Free memory in %
For Linux systems:
• CPU Load
• Disk Read/Write Operations
The set of monitored metrics can be customized by specifying a custom template when adding the instance
to the monitoring list.
You can see the information gathered by Zabbix Server, either on Orchestration UI Monitoring Page, or by
connecting to the server via HTTP. For the details, please, see the Viewing Zabbix Data section.
The default parameters of a Zabbix Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
For more details on Zabbix Monitoring service, please, see our Cloud Management Console guide.
15.3.1 Starting a Service
Invoke: or2-manage-service –p <project> -r <region> -s monitoring --activate
This command starts and sets up a Zabbix Monitoring server.
Each project can have only one Zabbix server activated for it. If the server is already activated, you will get
the respective command response:
Execution error. code=20054, message='monitoring service already
activated.
If there is no Zabbix server activated for your project, a special stack will be run to launch a VM with all the
corresponding Zabbix Server settings.
The command response will give the ID of the executed stack.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 157
15.3.2 Service Info
Invoke: or2-describe-monitoring (or2dmon)
Use the or2-describe-monitoring command to retrieve the information about the instances monitored by
Zabbix server, Zabbix monitoring templates and Zabbix agent availability.
Describes all activated projects accessible by current user.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA. To describe several projects,
repeat the parameter: -p project1 -p project2 -p projectN Yes
-r, --region Virtualization region name Yes
--help Display command help No
Response Elements
Name Description
monitoredInstanceId The IDs of the instances monitored by the described Server
zabbixServerInstanceId The ID of the Zabbix Server instance
monitoringtemplateNames The names of the monitoring templates used
zabbixAgentAvailability Zabbix Agent Availability status
Command Example
This command describes the Monitoring service for the specified project and region.
or2dmon –p project –r region
Response Example
Figure 111 - or2dmon Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 158
15.3.3 Start Monitoring an Instance
Invoke: or2-start-monitoring (or2mon)
This command adds the instance to Zabbix Monitoring list and Zabbix Server starts collecting the
information about this instance.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -
i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t, --template Zabbix template No
--help Display command help No
Response Elements
Name Description
monitoredInstanceID The ID of the instance added to the monitoring list
zabbixServerInstanceId| The ID of the Zabbix Server instance
monitoringTemplateName The name of the monitoring template
For the correct Zabbix Monitoring service performance, it is recommended to add the custom image based
instances to the monitoring list (or2-start-monitoring command) only after they come to the running state.
Otherwise, the custom image can be indicated incorrectly and will be monitored as a Linux image
(regardless of its real type).
Command Example
This example starts monitoring of the specified instance.
or2mon -r region -p project -i instance_id
Response Example
Figure 112 - or2mon Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 159
15.3.4 Stop Monitoring an Instance
Invoke: or2-stop-monitoring (or2stopmon)
Stop monitoring the specified instance with Zabbix Monitoring Service.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -
i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
monitoredInstanceID The ID of the instance added to the monitoring list
zabbixServerInstanceId| The ID of the Zabbix Server instance
monitoringTemplateName The name of the monitoring template
Command Example
This example removes the specified instance from monitoring.
or2stopmon -r region -p project -i instance_id
Response Example
Figure 113 - or2stopmon Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 160
15.3.5 Viewing Zabbix Data
There are two ways to view Zabbix Server monitoring data. They are:
• Viewing the statistics on the Monitoring page of Orchestration UI
• Logging to the server via HTTP connection
Viewing the statistics on Monitoring Page
After an instance is added to the monitoring list with the or2-start-monitoring command, its statistics can
be seen on the Monitoring page. To view the instance details, select the instance in the project instance list
and unfold the line with the Zabbix metrics, interesting to you:
Figure 114 - Zabbix metrics details on UI
Logging via HTTP Connection
The typical address template for connecting to Zabbix server is:
http://<ZabbixServerInstanceID>
To get the Zabbix Server Instance ID, you can use the or2-describe-monitoring command.
To login to Zabbix Server via web interface, please, use the following credentials:
• Login: user
• Password: zabbix
The accessed Zabbix Server web-interface provides you with the Zabbix server details, such as number of
hosts, their statistics,system status, the issues that occurred, hosts status, configuration details, etc. You
can also get the graphs on the selected hosts. Unlike the graphs on the Monitoring page, these graphs
provide you not only with the information on the specified metrics, but also allow you to zoom the data to
see the statistics for the specified time period.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 161
Figure 115 - Zabbix Graph in web Interface
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 162
15.4 TELEMETRY AS A SERVICE
Telemetry as a Service allows monitoring the CPU utilization, disk Read/Write operations and network
traffic of your Linux instances. Support for Windows instances will be implemented later.
The service is based on Gnocchi, a metrics database platform, and collectd, a service collecting the
instance metrics and sending them to Gnocchi. Gnocchi version 4.3.2 and collectd version 1.7.1 are
supported.
Currently, Telemetry as a Service allows gathering and storing metrics from the following images:
• Ubuntu16 (except EPAM-BY2 and EPAM-US1)
• CentOS 7
Support of other images will be implemented later.
At the moment, Telemetry as a Service is supported only in EPAM regions.
The default parameters of a Telemetry Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
Telemetry as a Service is deployed in two steps:
1. Starting a Telemetry server with Gnocchi and PostgreSQL. The server comes already with installed
and configured Gnocchi and PostgreSQL as well as with a Gnocchi client (the Gnocchi shell utility
allowing server manipulations via the command line).
2. Adding instances to the Telemetry service. In each added instance Chef auto-configuration is
invoked assigning a special Chef role to the selected instance. As the result, collectd client will be
installed on the instance together with a Gnocchi plugin to enable proper integration. After successful
configuration, the instance will send its metrics to the Gnocchi server.
The gathered metrics will be available either on the Maestro CLI console or in the Monitoring screen of the
Cloud UI. The metrics to be returned can be filtered by name, granularity (metrics by minutes, hours and
days can be selected) or aggregation method (average, min, max, sum, count, standard). Also, you can set
the date range for which you would like to retrieve the instance metrics.
15.4.1 Starting a Service
Invoke: or2-manage-service -p project -r region -s telemetry --activate
This command starts and configures a Telemetry server.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 163
15.4.2 Adding an Instance to Telemetry
Invoke: or2-start-telemetry (or2starttel)
This command adds the instance to Telemetry and creates a Gnocchi client on it. The Gnocchi client starts
sending the instance metrics to the Telemetry server.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
instanceID The ID of the instance added to the monitoring list
serverInstanceId The ID of the Telemetry Server instance
Command Example
This example starts one instance with specified instance ID.
or2mon -r region -p project -i instance_id
Response Example
Figure 116 - or2starttel Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 164
15.4.3 Stop Collecting Telemetry from the Instance
Invoke: or2-stop-telemetry (or2stoptel)
Stops collecting telemetry from the specified instance and removes the Gnocchi client.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
instanceID The ID of the instance removed from the monitoring list
serverInstanceId The ID of the Telemetry Server instance
Command Example
This example removes the specified instance from Telemetry monitoring.
or2stoptel -r region -p project -i instance_id
Response Example
Figure 117 - or2stoptel Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 165
15.4.4 Describe Telemetry Agents
Invoke: or2-describe-telemetry-agents (or2dtelag)
Describes the resources monitored by the Telemetry service.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-o, --original-resource-id Original Telemetry resource ID No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
originalResourceID ID of the instance generated by the Gnocchi client
serverInstanceId| The ID of the Telemetry Server instance
telemetryResourceID ID of the instance generated by the Gnocchi server
startedAt Date and time of instance inclusion to Telemetry monitoring
metrics Available metrics
state The state of the agent (Stopped/Running/Source_Unavailable)
Command Example
This example retrieves the list of all telemetry agents for the specified project and region.
or2dtelag -r region -p project
Response Example
Figure 118 - or2dtelag Response Example
If you specify the original resource ID in the or2dtelag command, the command will also return the list
of metrics available for that agent:
or2-describe-telemetry-agents -p project -r region –o original_resource_ID
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 166
Figure 119 - Telemetry agent with available metrics
15.4.5 Get Telemetry
Invoke: or2-get-telemetry (or2tel)
Retrieves the resource metrics from the Telemetry server.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-o, --original-resource-id Original Telemetry resource ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-a, --aggregation Aggregation method for the described measures. Available
values: [average, min, max, sum, count, std] Default: AVERAGE No
-c, --count Message count in output, positive integer. Default: 100 No
-d, --days History days, positive integer. Default: 1 No
-h, --hours History hours, positive integer.
-f, --from From date (yyyy-MM-dd or yyyy-MM-ddTHH:mm) No
-t, --to To date (yyyy-MM-dd or yyyy-MM-ddTHH:mm) No
-g, --granularity Granularity of the described measures. Available values:
[minute, hour, day]. Default: HOUR No
-m, --metric-name Metric name. If empty, all available metrics will be returned Yes
--help Display command help No
If you are using the --from and --to parameters, make sure you enter the local time values. If you use GMT
values, the returned data will be inaccurate.
Response Elements
Name Description
metricName Name of the metric
aggregationMethod Aggregation method
granularity Metrics granularity
timestamp Date and time of metrics collection
measureValue Value of the metrics
Command Example
This example returns matric data with the one-minute granularity.
or2tel -r region -p project –o original_resource_id –m metrics –g minute
Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 167
Figure 120 – or2tel Response Example
Telemetry as a Service returns metrics data in unnormalized form.
You can get the data visualized on Grafana-based web UI, by the URL given in the or2dser command
response.
15.5 CLOUDWATCH AND SSM SERVICE
CloudWatch Agent is integrated with EPAM Orchestrator to enable data collecting, analysis and
presentation to the user for virtual instances in private OpenStack regions.
The service collects the following data:
• CPU utilization
• Operation disk bites READ/WRITE
• Memory used
• Network bites
The service uses AWS Systems Management (SSM) Agent which is installed to target VMs on service
activation.
15.5.1 Starting a Service
Invoke: or2-manage-ssm (or2ssm)
The command initiates the service activation. On command call, a record is created in EPAM Orchestrator
database containing the necessary configs and AWS credentials.
CLI Parameters
Parameter name Description Required
-a, --action Manage Amazon SSM action [describe, activate, deactivate]
Default: DESCRIBE No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
This example shows the common case of activating the SSM service.
or2ssm -p project -r region -a activate
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 168
15.5.2 Managing SSM and CloudWatch Agents on a VM
Invoke: or2-cloud-watch-agent (or2cwag)
The command allows to review, install, or remove the CloudWatch and SSM agents on the target VM.
CLI Parameters
Parameter name Description Required
-a, --action Manage CloudWatch Agent action [describe, install, remove] Yes
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-i, --instance The ID of the target instance Yes
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Once the agent is installed, CloudWatch begins to collect data which can be reviewed as graphs on the
Monitoring page.
Command Example
This example shows the common case of installing agents to a VM.
or2cwag -p project -r region -i instance_id -a install
15.6 LOG AGGREGATION SERVICE
EPAM Cloud Orchestrator provides the users with a GrayLog-based Log Aggregator Service that collects
the logs from the specified instances and provides an easy and visual access to them via a web-interface.
The default parameters of a GrayLog Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit.
The service is not available for Microsoft Azure.
15.6.1 Starting a Service
Invoke: or2-manage-service –p project -r region -s log --activate
This command runs a Maestro Stack that creates and sets up a VM with a GrayLog Server on it.
The GrayLog server setup is a complicated process and can take up to an hour.
15.6.2 Log Service Info
Invoke: or2-describe-logging (or2dlog)
The command gives the list of the logged instances and the DNS name of the GrayLog Server
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 169
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
This example shows the common case of describing the Log service on a project.
or2dlog -p project -r region
15.6.3 Start Collecting Logs from an Instance
Invoke: or2-start-logging (or2log)
Use this command to start collecting the logs from the specified instance.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -i ID2
-i IDN. Yes
-l, --log Full path to the log file No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
monitoredInstanceID The ID of the instance added to the monitoring list
grayServerInstanceId| The ID of the GrayLog Server instance
monitoringTemplateName The name of the monitoring template
Command Example
This example starts monitoring of the instance with the specified instance ID.
or2log -r region -p project -i instance_id
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 170
15.6.4 Stop Collecting Logs from an Instance
Invoke: or2-stop-logging (or2stoplog)
The command removes the instance from Logging Service list. The server stops collecting the instance log
data, but all the logs, previously aggregated, are kept.
Please note: the service cannot collect data from the server where it is hosted, in EPAM-BY2. EPAM-IN1,
EPAM-US2, and AWS regions, until the server is rebooted.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -i ID2
-i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
This command stops monitoring of the instance with the specified instance ID.
or2stoplog -i instance_id -p project -r region
15.6.5 Viewing the Collected Logs
You can view the collected logs by connecting to the Log Server via HTTP.
The typical address template for connecting to Log Server is:
http://<LogServerDNS>
Use the or2dser command to find the Log Server DNS, login and password to be used to login to the
server.
When you log in, you will get to GrayLog Web Interface that provides you with the full access to the gathered
data.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 171
15.7 LOAD BALANCING SERVICE
EPAM Cloud Orchestrator provides the users with a Nginx-based Load Balancing Service, that allows the
user to arrange load balancing with a set of CLI commands.
The default parameters of a Load Balancer Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
15.7.1 Starting and Managing the Service
To start the Load Balancer service, you should call the following command:
or2ms –p project -r region -s load-balancer --activate
The command runs a Maestro stack that creates and configures a Load Balancer VM. A project can have
only one Load Balancer.
15.7.2 Load Balancer Configuration
All the Load Balancer configuration actions are performed with or2-load-balancer-config (or2lbconf)
command.
The command deals with four configuration areas, each having its own set of properties or properties
behavior:
• Balancing – this area deals with Load Balancer Server, balancing members, the details on the
balancer connections.
• Limits – this area deals with the user connections and requests limits
• Bans – this area allows to ban specific URLs or user IPs
• Cache – this area allows to set up Load Balancer caching
When calling a command, you need to specify one configuration area and the necessary relative
parameters.
When used with --project and –region parameters only, the command displays the list of the configuration
settings applied to the Load Balancer.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 172
CLI Parameters
Parameter name Description Required G
enera
l -p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-P, --plain-output Use plain output view No
--json Show command output in json format No
--full Show full command output No
--help Display command help No
Bala
ncin
g
-b, --balancing Specifies the configuration area as “balancing” Yes/No
--balancerName FQDN of the Load Balancer No
-i, --instance The ID of the instance to be added or removed from the balancing members list
No
--port The port to route to. Default: 80 No
--permanent Enable/Disable “keep alive” feature: Nginx will open the specified number of connections with each host [0…]. Default 0.
No
--iphash Enable/disable “sticky session” [on/off] Default: on No
-d, --remove Remove a host from the balancing members list No
--removeAll Remove all hosts from the balancing members list No
Lim
its
-l, --limit Specifies the configuration area as “limit” Yes/No
--connections Specifies that the number of allowed simultaneous user connections should be set
No
--requests Specifies that the limit of requests per second should be set No
--perIp Sets the connections or requests limit for a given IP (set 0 to remove the limit)
No
--total Sets the connections or requests limit for the whole balancer No
Bans
--ban Specifies the configuration area as “ban” Yes/No
--ip Adds IP address to the ban list. Format: xxx.xxx.xxx.xxx No
--url Sets the URL to return failure status code No
--status Set status code for URL to return (Default: 403 Forbidden) No
--remove Removes ban from IP or URL No
--removeAll Removes all bans No
Cache
--cache Specifies the configuration area as “cache” Yes/No
--url Sets the URL to cache No
--extension Sets the extensions of files to be cached No
--expiration Sets the cache expiration time (in minutes) No
--remove Removes caching files or URLs No
--removeAll Disables caching No
Response Elements
Name Description
Area The name of the configured area
Item The type of manipulated item
Value The description of the performed operation
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 173
15.7.3 Configure Balancing
General balancing settings are set with the --balancing flag of the or2lbconf command followed by next
parameters:
--balancerName <string> - FQDN of the Load Balancer
--instance <string> - instance id to add
--port <number> - (80 by default) the port to route to
--permanent <number> - the number of connections to keep alive with hosts within balancing, 0
turns off the feature
--iphash <on/off> - enable/disable "sticky session" on the Load Balancer
--remove <nothing> - removes instance from load balancing
--removeAll <nothing> - clears load balancing group
Below, you can see a set of command examples:
or2lbconf --balancing --instance <instance1> - adds instance1 to the
balancing group
or2lbconf --balancing --instance <instance1> --port 2752 - changes the port
of instance1 to 2752
or2lbconf --balancing --remove --instance <instance1> - removes instance1
from group
or2lbconf --balancing --permanent 10 - enables feature: caches 10 connections
to hosts
Response Example:
Figure 121 - or2lbconf –-balancing Response Example
15.7.4 Configure Limits
You can set up the balancer limits with the --limit flag of the or2lbconf command followed by the next
parameters:
--connections <nothing> - configures connection limits (number of allowed simultaneous
connections)
--requests <nothing> - configures request frequency limits (number of allowed requests per second)
--perIp <number> - sets limit per client IP (0 to turn off)
--total <number> - sets limit for the balancer (0 to turn off)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 174
The examples of the limits configuration are given below:
or2lbconf --limit --requests --total 50 - sets maximum requests per second to
balancer to 50
or2lbconf --limit --connections --perIp 10 --total 50 - sets maximum connections
from a unique IP to 10 and the overall maximum connections to balancer - to 50
Response Example:
Figure 122 - or2lbconf –-limit Response Example
15.7.5 Configure Bans
The balancer bans are set with the --ban flag of the or2lbconf command followed by the next parameters:
--ban <nothing> - configure bans
--ip <xxx.xxx.xxx.xxx> - add IP address to ban list
--url <string> - set URL to return failure status code
--status <number> - (403 Forbidden default) set status code for URL to return
--remove <nothing> - removes ban from IP or URL
--removeAll <nothing> - removes bans on IPs or URLs
or2lbconf --ban --ip 123.456.7.8 - adds 192.168.1.1 to banlist
or2lbconf --ban --url /maestro/ - sets /maestro/ to return 403 Forbidden status
or2lbconf --ban --url /maestro/ --status 404 - sets /maestro/ to return 404 Not
found
or2lbconf --ban --remove --ip 192.168.1.1 - removes 192.168.1.1 from IP banlist
or2lbconf --ban --removeAll --ip - clears IP banlist
Response Example:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 175
Figure 123 - or2lbconf –-ban Response Example
15.7.6 Configure Cache
The caching settings are set with the --ban flag of the or2lbconf command followed by the next parameters:
--cache <nothing> - configure caching
--url <string> - the URL to cache
--extension <string> - extensions of files to cache
--expiration <number> - sets cache expiration time (in minutes)
--remove <nothing> - removes caching files or URLs
--removeAll - disables caching.
or2lbconf --cache --url /images/ --expiration 10 - enables caching on /images/
with 10 minutes expiration
or2lbconf --cache --url /images/ --remove - removes /images/ caching
or2lbconf --cache --extension jpg --extension gif --expiration 30 - enables
caching on all ".jpg" and ".gif" files with 30 minutes expiration
or2lbconf --cache --removeAll - disables caching at all
Response Example
Figure 124 - or2lbconf –-cache --url --expiration Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 176
15.7.7 Describe Load Balancer Members
Invoke: or2-describe-load-balancing (or2dlb)
The command shows the list of the hosts (instance IDs) in the Load Balancer group and their availability.
The instance reported as AVAILABLE is running and it is possible to connect to it via the port defined in
configuration.
The instance reported as UNAVAILABLE is not running or cannot be connected via HTTP.
CLI Parameters
Parameter name Description Required
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output view. No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
host The Instance ID of the host in group
port The port used to connect to the host
availability Service availability status
description The description of the current host state
Command Example:
or2dlb –p project -r region
Response Example
Figure 125 - or2dlb Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 177
15.8 OPENSHIFT AS A SERVICE
Red Hat OpenShift as a Service is a Kubernetes container platform with full-stack automated operations to
manage hybrid cloud and multicloud deployments. The service is optimized to improve developer
productivity and promote innovation as well as expands Kubernetes with full-stack automated ops to
manage hybrid cloud and multicloud deployments.
In EPAM Cloud, Red Hat OpenShift v.3.11 LTS is available as one of the services which can be quickly
deployed in EPAM Cloud in the self-service manner. It will be available till July 2022.
• Deploy automatization is based on official Red Hat tool – OpenShift Ansible. Ansible can be used
only on POSIX (any Linux, OS X, *BSD).
• For Windows 10 users, WSL can be used to install Linux locally for cluster configuration
• For OpenShift cluster configuration, please make sure that you have Java, Maestro CLI, and Ansible
installed on the workstation you use to deploy OpenShift as a service (inside WSL if you work on
Windows).
• Unification of the service deploy cluster configuration provides you with opportunity to activate cluster
v.3.11 or new releases till official Ansible playbook will be compatible.
15.8.1 Service Activation
The service activation starts with creating a cluster of pre-configured VMs. To do it, call the following
command:
or2ms -p project -r region -a -s open-shift -k key_name
The command launches four LARGE CenOS 7 64-bit instances, each with additional 40GB storage volume.
15.8.2 OpenShift Configuration
Invoke: or2-openshift-client (or2osc)
The command integrates Ansible client with Maestro CLI and configures the wildcard for OpenShift.
CLI Parameters
Parameter name Description Required
-a, --action OpenShift client preparing actions [install, configure] Yes
--full Show full command output instead of default basic one No
--json Show command output in json format No
-P, --plain-output Use plain output instead of default table output No
-p, --project Project abbreviation in UPSA No
-r, --region Virtualization region No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 178
The command response consists of action logs and, for wildcard configuration, host details.
Response Elements
Name Description
hostId The ID of the host in the OpenShift cluster
dnsName The DNS name of the host in the OpenShift cluster
ipAddress The IP address of the host in the OpenShift cluster
role The host role in the OpenShift cluster
Command Example 1:
This example installs Ansible client that will be used to configure the service VMs
or2osc -a install
Command Response 1:
Figure 126 - or2osc Command Response Example
Command Example 2:
This example compiles inventory file for OpenShift cluster configuration
or2-openshift-client -a configure -p project -r region
Figure 127 - or2osc Command Response Example for compiling inventory file
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 179
15.9 DOCKER SERVICE
Orchestrator provides its users with Docker facilities that can be accessed as an EPAM Cloud service. The
Docker Service allows to create a node hosting a set of containers that share the node resources but are
independent in manipulation. This allows to distribute the resources of one VM (node) effectively, minimize
the infrastructure costs and facilitate its monitoring.
The default parameters of a Docker node VM are:
• Shape: MEDIUM
• Image: Ubuntu 18.04
Docker as a product is an open-source engine for automating applications deployment inside software
containers. This section describes how Docker is integrated into Cloud and the ways it can be used in this
context. To find out more details on Docker as a product, please visit the Official Docker Web-Site.
EPAM Cloud allows to have Docker as a Service for your project needs. Docker 19.03.1 version is
supported Starting the Service
As Docker uses multiple clusters, all Docker-related commands should specify the cluster name as the -
c or -cn parameter.
To activate Docker as EPAM Cloud platform service, call the following command:
or2ms –p project -r region -s docker –c cluster_name --activate
The default VM shape is MEDIUM. You can use the --shape parameter to specify another one.
The command runs a Maestro Stack that creates and configures a Docker Master VM. Docker Master will
later be used as an entry point to the Docker Cluster, and will allocate the requested containers
automatically to the nodes that have lower load.
Docker Master VM is also used as a node VM that hosts containers. If you need a new node to be added
to your Docker cluster, just repeat the or2-manage-service command.
To make the containers within the created node accessible only with SSH key, add the --key-name property
in the or2-manage-service command. The Property should be followed by the name of an SSH key,
previously created by or2-create-keypair command.
To remove a node, use the or2ms command with --deactivate and -i parameters. The -i parameter
specifies the ID of the node to be stopped.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 180
15.9.1 Docker Container Images
Invoke: or2-docker-image (or2di)
The command is designed to manipulate the Docker Swarm images available on node VMs for container
creation.
CLI Parameters
Parameter name Description Required
-a, --action Docker image action [describe, push, pull, commit, delete].
Default: describe. No
-c, --container Container ID. Mandatory for the commit action Yes/No
-cn, --cluster-name Cluster name Yes
-dr, --docker-registry
Docker registry instance ID. If not specified, the command
will pull the image from the public Docker Registry
(https://index.docker.io)
No
--full Show full command output instead of default basic one.
Default: false No
--help Display command help. Default: false No
--force Force delete Docker image. Default: false No
-i, --image-id Image ID No
-m, --message Commit message (will be seen only on direct API
“containers/inspect” call) No
-n, --name Image name No
-ns, --namespace Private Docker Registry namespace No
-nt, --new-tag-name Private Docker Registry Tag Name No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --repository Private Docker Registry Repository name No
-t, --tag Image tag. Default: latest No
-y Provide this parameter for automatic command confirmation.
Default: false No
The command response consists of two parts: a string describing the action performance result and the
container details.
Response Elements
Name Description
host Host name of the parent hypervisor
id Image ID
name Image name
tag Image tag
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 181
Command Example 1:
This example returns the list of available images:
or2di -p project -r region –cn cluster_name
Command Response 1:
Figure 128 - or2di Command Response Example
Command Example 2:
This example creates an image from the specified container:
or2di -p project -r region -a commit -c container_id -i image_name -nt
image_tag –cn cluster_name
Command Response 2:
Figure 129 - or2di -a Commit Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 182
15.9.2 Manipulating an Application
Invoke: or2-docker-service (or2ds)
To deploy an application image when Docker Engine is in swarm mode, you need to create a service.
The services are manipulated with the or2-docker-service (or2ds) command, which allows to describe,
run, delete and update Docker services.
CLI Parameters
Parameter name Description Required
-a, --action Docker service action [describe, run delete, update] Default: describe
No
--add Use this flag to add or update a published port No
-cn, --cluster-name Cluster name Yes
--full Show full command output Default: false
No
--help Display command help Default: false
No
-i, --image Docker image to use for run command (full image name image name <name:tag> or Docker image ID required)
No
--json Show command output in json format Default: false
No
-m, --mode Scheduling mode for service [replicated, global] Default value is ‘replicated’
No
-P, --plain-output Use plain output view Default: false
No
-p, --project Project ID Yes
-r, --region Virtualization Region Yes
--remove Use this flag to remove a published port No
-n, --replicas Number of replicas No
-s, --service Docker service name or ID No
-t, --tcp TCP service ports mapping FROM (Host port):TO (Container port). Multiple values could be separated with commas without spaces. Example “4857:22, 5541:80”
No
-u, --udp UDP service ports mapping FROM (Host port):TO (Container port). Multiple values could be separated with commas without spaces. Example”4257:44, 5842:132”
No
-v, version The version number of the service being updated No
-y, Provide this parameter for automatic command confirmation Default: false
No
Response Elements
Name Description
id Service ID
name Service name
version Service version
mode Service mode
replicas Number of replicas
mode Service mode (replicated / global)
created Creation date
image Image used for the service
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 183
Command Example 1:
This example runs new service:
or2ds -p project -r region -cn cluster_name -a run -s service_name
-i image
Command Response 1:
Figure 130 - or2ds -a run Command Response
Command Example 2:
This example retrieves the list of all services available on a Docker Swarm:
or2-docker-service -cn <cluster-name> -p <project> -r <region>
-a describe
Command Response 2:
Figure 131 - or2ds -a describe Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 184
15.9.3 Manipulating Volumes
Invoke: or2-docker-volume (or2dv)
The Docker Swarm volumes are manipulated with the or2-docker-volume command. The command
allows to create, delete and describe Docker Swarm volumes.
CLI Parameters
Parameter name Description Required
-a, --action Docker volume action [describe, create, delete]. Default value: describe
No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
-cn, --cluster-name Cluster name Yes
-v, --volume Volume name No
-y Automatic command confirmation. Default value: false No
Response Elements
Name Description
host The host on which the volume is mapped
id Volume ID
name Volume name
driver Volume driver
mountPoint Host directory to which the volume is mapped
Command Example 1:
The following command creates a Docker volume:
or2dv -p project -r region -a create –cn cluster_name –v volume
Command Response 1:
Figure 132 - or2dv Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 185
Command Example 2:
The following command deletes the specified Docker volume:
or2dv -p project -r region -a delete –cn cluster_name –v volume
Command Response 2:
Figure 133 - Docker volume deletion
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 186
15.9.4 Creating a Docker Registry
Invoke: or2-manage-service (or2ms)
To create a Docker registry, use the command with the -s docker-registry parameter.
This command runs a new VM on which the registry will be hosted. The VM has SMALL shape and is
based on Ubuntu16.04_64-bit image.
Command Example:
This example shows the Docker registry creation:
or2ms -p project -r region –s docker-registry -a
Command Response:
Figure 134 – Docker registry creation
15.9.5 Manipulating Registry Images
Invoke: or2-docker-registry-image (or2dri)
The command is used to describe and manage images within a specified registry.
CLI Parameters
Parameter name Description Required
-a, --action The action to be taken [describe, delete]
Default: describe No
-q, --query Create a query to filter certain images by string No
--full Show full command output instead of default basic one No
--help Display command help No
-dr --docker-registry
Docker registry instance id. If not specified, will show all
images from each Docker registry on the project. For several
docker registries repeat the parameter: -dr dockerRegistry1 -
dr dockerRegistry2 -dr dockerRegistryN.
No
-ns, --namespace Private Docker Registry namespace No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --repository Repository name No
-t, --type Docker Registry type. Allowed values: [public, private].
Default: private No
-y Automatic confirmation No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 187
When used with the -a delete action, the command removes the registry with ALL images existing in it.
Response Elements
Name Description
stackName The name of the stack used to create a Docker registry
stackId The ID of the stack used to create a Docker registry
status Registry stack status
Command Example 1:
This example shows the list of the images on a specified Docker registry:
or2dri -p project -r region -dr docker_registry_id -a describe
Command Response 1:
Figure 135 - or2dri -a describe Response Example
Command Example 2:
This example deletes a repository from Docker registry:
or2dri -p project -r region -dr docker_registry_id -R repository
-a delete
Command Response 2:
Figure 136 - or2dri -a delete Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 188
15.9.6 Docker Service Info
Invoke: or2-describe-docker (or2dd)
The command gives the list of existing Docker elements and their details.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-cn, --cluster-name Cluster name Yes
--help Display command help No
-t, --type Docker Type [cluster, nodes]. Default: nodes No
The command response for the Docker description includes the same elements as those returned by the
or2-describe-instances command.
In one command call, you can either get the description of the Docker service and the list of the existing
nodes or the details of the specified container.
Response Elements
Name Description Described
Element
instanceId The ID of the Docker node
Docker
dnsName Docker node DNS
privateIp Docker node privateIp
state The current state of the Docker node
CPU The number of CPU in the node VM
memory The RAM volume in the node VM
description The node description
containerId The Id of the container
Node/
Container
containerName The automatically assigned name of the container
status The current status of the container
sshPort SSH port to be used to connect to the container
portMappings The port mappings of the container
image The image used to run the Container
command The command to be executed on the container start
filters Filters to display the host
strategy Balancing strategy
nodesCount Number of nodes in the cluster
containersCount Number of containers in the cluster
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 189
Command Example 1:
This example shows the Docker service description example:
or2dd -p project -r region –cn cluster_name
Command Response 1:
Figure 137 - or2dd Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 190
15.10 KUBERNETES AS A SERVICE
Kubernetes is an open-source container management platform delivered by Google. In a containerized
infrastructure, applications are deployed as isolated, independent entities, the so-called containers.
Containerization has multiple benefits over the traditional deployment – faster and more efficient
installation, environment consistency, portability, security.
EPAM Cloud provides installation of the latest Kubernetes version supported by the community.
For more details on Kubernetes, please visit the Official Kubernetes Website.
In EPAM Cloud, by default, Kubernetes cluster includes two virtual machines function as master nodes,
and one worker node.
• Master node manages the workload and provides communication within the cluster as well as
contains information about state of the cluster. Availability of two master nodes and more enables
high service performance and ensures faultless operation.
• Worker node subordinates to the master node and serves as runner.
Application containers can be run on both master and worker nodes.
You can make any changes in the predefined cluster configuration by changing Ansible inventory file
generated by or2kc Maestro CLI command.
15.10.1 Starting the Kubernetes Service
Kubernetes as a Service can only be activated in OpenStack private regions.
Kubernetes as a Service can be managed only from POSIX compatible workstations. If you use Windows
OS on your workstation, run any Linux-based virtual instance to proceed.
Before you start Kubernetes Service, you need have the following on your workstation:
1. Ansible
2. Git
3. Python-pip
4. Python-jinja2
5. Python-netaddr
6. kubectl
7. kubespray repository
The details on the installation are given in the Kubernetes as a Service section of EPAM Cloud Services
Guide.
To start the Kubernetes Service, use the or2-manage-service (or2ms) command with the following
parameters:
or2ms -p project -r region -s k8s -k key_name –activate
You can check service activation completion with the or2dmstack command using the stack ID retrieved
by or2dser command.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 191
15.10.2 Generating Inventory File for Ansible
Invoke: or2-kubernetes-client (or2kc)
The command generates Ansible inventory.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
hostId The host ID of the node
dnsName The DNS of the node
ipAddress The IP address of the node
role The node role
Command Example
This example shows the common case of Ansible inventory generation.
or2kc -p project -r region
Response Example
Figure 138 - or2kc response example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 192
15.11 JENKINS AS A SERVICE
EPAM Orchestrator was initially created on the basis of the concept of CI/CD processes automation. EPAM
Orchestration is intended to deliver Cloud for developers, providing them with all the capabilities, necessary
to build effective CI/CD processes.
Jenkins as a service, when activated, installs Jenkins v. 2.235.1 LTS from scratch, installs all the necessary
plugins and starts collecting audit messages from Jenkins (this information becomes available on the Audit
page, without need to connect to Jenkins directly).
The default parameters of a Jenkins Server VM are:
• Shape: MEDIUM
• Image: Ubuntu18.04_64-bit
15.11.1 Starting the service
To start the Jenkins service, run the or2-manage-service (or2ms) command with --activate (-a), --
service-name (-s) Jenkins and other necessary flags:
or2ms -p project -r region -a -s jenkins -k key_name
where:
-k (--key-name) the SSH key name that will be used to run the service VM. The key is necessary for running
the service in AWS, and is not obligatory for Azure.
The service when activated, by default starts a Jenkins server VM with the following configuration:
• OS: Ubuntu18.04_64-bit
• Shape: MEDIUM
To create a Jenkins cluster, repeat the or2ms command to start Jenkins slaves. Repeat the command as
many times as you need slave instances. The Jenkins slave instances will have the same configuration as
the master instance (MEDIUM Ubuntu18.04_64-bit). All integrations between the master and the slaves will
be performed automatically.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 193
15.11.2 Creating a Jenkins Job
Invoke: or2-create-jenkins-job (or2cjj)
The command is used to create a new Jenkins Job.
CLI Parameters
Parameter name Description Required
-c, --config Path to the Job XML config file Yes
--full Show full command output instead of default basic one No
--help Display command help No
-j, --job Jenkins Job name Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--noaudit Do not use EPC audit No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
jobName The name of the created job
result Action result
Command Example:
This example shows a Jenkins job creation:
or2cjj -j "new job" -p project -r region --config [path to job XML config
file]*
*see the Configuration File Example page.
The or2cjj command verifies whether all required for the selected configuration are available. If one or
several plugins are missing, the job is not created, and the system returns an error message listing the
missing plugins:
Figure 139 - List of missing plugins
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 194
15.11.3 Jenkins Plugins Management
Invoke: or2-manage-jenkins-plugins (or2mjp)
The command is used to describe, install or uninstall Jenkins plugins.
CLI Parameters
Parameter name Description Required
-a, --action Manage Jenkins plugins action. Allowed values: [describe,
install, uninstall]. Default: DESCRIBE No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-n, --plugin-name Plugin short name, required for install/uninstall actions No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
name Jenkins plugin name
shortName Short name of the plugin
version Jenkins plugin version
Command Example:
This command describes the available Jenkins plugins:
or2mjp -p project -r region
Response Example:
Figure 140 - List of Jenkins plugins
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 195
To install or uninstall a plugin, send the same command with the -a/--action parameter set to “install” or
“uninstall”, respectively, and the plugin name:
or2mjp -p project -r region -a uninstall -n plugin-name
The command execution will be confirmed with a message that the plugin has been queued for installing
or uninstalling.
Figure 141 - Jenkins plugin uninstallation
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 196
15.11.4 Describing Existing Jenkins Jobs
Invoke: or2-describe-jenkins-jobs (or2djj)
The command is used to get the list of the existing Jenkins jobs.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-j, --job Jenkins job name No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
name Job name
lastBuildState The status of the last job build
currentBuildState The current state of the build if the job was triggered
url The job url
nextBuildNumber The number of the next build
Command Example:
This example shows the Jenkins jobs description:
or2djj -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 197
15.11.5 Triggering a Jenkins Job
Invoke: or2-trigger-jenkins-job (or2tjj)
The command is used to trigger one of the existing Jenkins jobs.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-j, --job Jenkins job name Yes
-t, --parameter
Used for parameterized job. Parameter name=value pair. Use
"=" as delimiter. For several parameters repeat: --parameter
name1=value1 --parameter name2=value2 –parameter
nameN=valueN. If you use Windows command line, encase
the –t parameter in quotes i.e. "name=value".
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
jobName The name of the created job
result Action result
Command Example:
This example shows the Jenkins jobs triggering:
or2tjj -p project -r region -j “tewt”
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 198
15.11.6 Removing a Jenkins Job
Invoke: or2-remove-jenkins-job (or2rjj)
The command is used to remove one of the existing Jenkins jobs.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-j, --job Jenkins job name Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Provide this parameter for automatic confirmation No
Response Elements
Name Description
jobName The name of the created job
result Action result
Command Example:
This example shows the Jenkins jobs triggering:
or2rjj -p project -r region -j “tewt”
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 199
15.11.7 Configuration File Example
Below, you can find an example of an XML configuration file to be used during the Jenkins job creation.
<?xml version='1.0' encoding='UTF-8'?>
<project>
<actions/>
<description></description>
<keepDependencies>false</keepDependencies>
<properties/>
<scm class="hudson.scm.NullSCM"/>
<canRoam>true</canRoam>
<disabled>false</disabled>
<blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuild
ing>
<blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
<triggers/>
<concurrentBuild>false</concurrentBuild>
<builders>
<hudson.tasks.Shell>
<command>#!/bin/bash
echo "START"
sleep 15
echo "END"</command>
</hudson.tasks.Shell>
</builders>
<publishers/>
<buildWrappers/>
</project>
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 200
15.12 SONAR AS A SERVICE
Sonar as a Service is based on SonarQube, an open-source code quality inspection component. Together
with Jenkins and Gerrit, it forms a complete CI/CD environment.
Sonar as a Service supports SonarQube versions 7.
For more details on working with SonarQube, visit the official SonarQube website.
The table below provides the list of service-related commands and their descriptions.
Please note that Sonar as a Service is not supported in AWS-type regions.
15.12.1 Service Activation
To activate Sonar as a Service, use the or2-manage-service (or2ms) command with the -a/--activate flag
and the -s/--service-name parameter with sonar value:
or2ms -p project -r region -a –s sonar
By default, the service starts SonarQube version 5.6. To start version 5.2, add the -v/--version parameter
to the or2ms command:
or2ms -p project -r region -a –s sonar v 5.2
This command creates a Sonar server based on the virtual machine with the following parameters:
Image: Ubuntu16.04_64-bit
Shape: MEDIUM
During the service activation, a PostgreSQL database is installed on the same virtual machine.
To deactivate the service, run the same command with the -d/--deactivate flag:
or2ms –p project -r region -d –s sonar
15.12.2 Service Manipulation
As soon as the service gets activated, its data can be retrieved using the or2-describe-services (or2dser)
command.
or2dser –p project -r region –s sonar
Figure 142 – Sonar Service Info (shown in two lines for better visibility)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 201
You can find the details on the VMs created within the service activation, by calling the or2-describe-
instances (or2din) or command with -S sonar parameter:
or2din –p project -r region –S sonar
15.12.3 Sonar Quality Profiles
After activating Sonar as a Service, you can set up a Sonar quality profile for your project and populate it
with rules by which the code quality will be verified.
To set up a Sonar quality profile, use the or2-sonar-quality-profiles (or2sqp) command with the -a create
option. Specify the project and region to which the quality profile is to apply, the quality profile name and
the profile language:
or2sqp -p project -r region –a create –n profile_name –l language
CLI Parameters
Parameter name Description Required
-a, --action
Manage Sonar quality profiles action. Allowed values:
[describe, create, delete, activate-rules, deactivate-rules].
Default: describe
No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-l, --language Profile language. Allowed values: [java]. Default: java No
-n, --name Quality profile name No
-q, --quality-profile-key Quality profile key No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --rule-key Rule key. For several rules repeat the parameter: -R rule1 -R
rule2 -R ruleN No
-y Provide this parameter for automatic command confirmation.
Default: false No
Response Elements
Name Description
key Quality profile key
name Quality profile name
languageName Language to which the quality profile applies
defaultProfile Indicates whether the profile is the default one
activeRuelsCount The number of active Sonar rules
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 202
Command Example:
This example creates a Sonar quality profile:
or2sqp -p project -r region –a create –n profile_name –l language
Response Example:
Figure 143 – or2sqp Command Response
You can use the same command to retrieve the list of all quality profiles set for the project and region (just
send the -p project and -r region parameters) or delete a quality profile (send the -a delete parameter and
specify the key of the profile to be deleted).
To activate Sonar rules for a quality profile, use the or2-sonar-quality-profiles (or2sqp) command with
the -a activate-rules parameter. The command should contain one or several keys of the rules to be
activated:
or2sqp -p project -r region –a activate-rules –q quality_profile_key –R
rule_key1 –R rule_key2
Figure 144 - Rules activation for Sonar quality profile
The same command with the -a deactivate-rules parameter will deactivate the rules with the specified
keys.
15.12.4 Sonar Rules
To retrieve the Sonar rules from a repository or a quality profile, use the or2-sonar-rules(or2sr) command.
or2sr -p project -r region –R repository –n page_number
CLI Parameters
Parameter name Description Required
-a, --action Manage Sonar rules action. Allowed values: [search]. Default:
search No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 203
-n, --page-number Page number to retrieve. Min value: 1. Max value: 1000000.
Default: 1 No
-s, --page-size Page size. Min value: 10. Max value: 50. Default: 20 No
-q, --quality-profile-key Quality profile key No
-R, --repository Rules repository. For example: squid, common-java etc. No
-t, --tag Rule tag. For example: java8, security, bug etc. For several tags
repeat the parameter: -t tag1 –t tag2 -t tagN No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --rule-key Rule key. For several rules repeat the parameter: -R rule1 -R
rule2 -R ruleN No
-y Provide this parameter for automatic command confirmation.
Default: false No
Response Elements
Name Description
key Sonar rule key
name Sonar rule name
severity Rule severity
Command Example:
This command retrieves Sonar rules from a repository:
or2sr -p project -r region –R repository –n page_number
Figure 145 – or2sr Command Response
To retrieve Sonar rules from a quality profile, send the -q quality_profile_key parameter instead of -R
repository.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 204
15.13 ARTIFACTORY AS A SERVICE
An artifact repository is one of the important components of the CI/CD flow storing artifact collections and
metadata. Artifactory as a Service is a cloud-based platform service which, together with Jenkins, Gerrit
and SonarQube, forms a consistent CI/CD environment.
Artifactory as a Service is based on Artifactory version 4.15.0. Each Sonar server has the following
configuration:
• Image: CentOS7_64-bit
• Shape: MEDIUM
• Additional storage: 300 GB
For more details on working with Artifactory, visit the official Artifactory website.
The table below provides the list of service-related commands and their descriptions.
Command Description or2-manage-service...-s artifactory -a Activates the Artifactory service in the specified project
and region
or2-describe-instances… -S artifactory Displays the details of VMs created during the service activation
or2-describe-services… -s artifactory Describes the Artifactory service activated in the specified project and region
15.13.1 Service Activation
To activate Artifactory as a Service, use the or2-manage-service (or2ms) command with the -a/--activate
flag and the -s/--service-name parameter with artifactory value:
or2ms -p project -r region -a –s artifactory
After the command is sent, the system requests an admin password. The password created by the user
starting the service is then used to access the Artifactory server. This is an additional security measure
protecting the repositories in the storage.
This command creates an Artifactory server with an additional storage volume.
All artifacts are stored on the additional disk. No root disk space is used for artifact storage which
guarantees reliable performance and availability.
To deactivate the service, run the same command with the -d/--deactivate flag:
or2ms –p project -r region -d –s artifactory
15.13.2 Service Manipulation
As soon as the service is activated, its data can be retrieved using the or2-describe-services (or2dser)
command.
or2dser –p project -r region –s artifactory
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 205
Figure 146 – Artifactory Service Info (shown in two lines for better visibility)
You can find the details on the VMs created within the service activation, by calling the or2-describe-
instances (or2din) or command with -S artifactory parameter:
or2din –p project -r region –S artifact
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 206
15.14 RELATIONAL DATABASE SERVICE
The Relational Database (RDB) service automatically creates a PostgreSQL/MySQL/MariaDB/Oracle/MS
SQL Server database entity for your project. It is possible to create several entities within one project/region.
The RDB service is available only in EPAM regions.
The default parameters of the DB instance are:
• Shape: MEDIUM
• Image: Ubuntu18.04_64-bit (for PostgreSQL, MySQL, MariaDB), OracleLinux7 64-bit (for Oracle),
W2019Std (for MS SQL Server)
The service is manipulated with the or2-manage-rdb (or2rdb) command with different --action/-a
parameter values (describe, install, remove):
CLI Parameters
Parameter name Description Required
-a, --action Manage RDB action [describe, install, remove] Default: describe
No
--assign-static-ip Specifies whether a static IP should be used on the DB instance (allowed in AWS only)
No
-n, --db-name The name of the database. If not specified, will be generated automatically
No
-pwd,--db-password The password to be created to login to the created database. If not specified, a random one will be generated.
No
-d, --description The brief description of the database No
-u, --user Name of the database user No
-f, --file-path The path to the init script file used for database configuration. No
--full Show full command output No
--help Display command help No
-k, --key-name Project SSH key name. Required for AWS zones Yes/No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-S, --service-id Service ID (for service deactivation) No
-t, --type Relational database type [mysql,mssql, postgresql, oracle, mariadb]
Yes
-y Provide this parameter for automatic confirmation No
The command response depends on the selected action.
Command example 1:
The example below describes existing RDB servers:
or2rdb -p project -r region
Response Example 1:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 207
Figure 147 - the or2rdb [-a describe] Response Example
Command Example 2
This command starts a new RDB server:
or2rdb -p project -a install -t mysql -r region -u username -k keyname
-n db_name -f “D:\example\path.xml”
Command Response 2
Figure 148 - or2rdb -a install Response Example
Command Example 3
This command removes an RDB server:
or2rdb -p project -r region -a remove -S serviceId
Response Example 3:
Figure 149 - or2rdb -a remove Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 208
15.15 MAGENTO AS A SERVICE
Magento is an open-source e-commerce platform allowing to quickly build unique shopping websites both
for the B2B and B2C industries. Now Magento is available for EPAM developers as a Cloud service based
on Magento 2.3.
Each Magento server has the following configuration:
• Image: CentOS7
• Shape: MEDIUM
For more details on Magento platform, visit the official Magento website.
15.15.1 Service Activation
To activate Magento as a Service, use the or2-manage-service (or2ms) command with the -a/--activate
flag and the -s/--service-name parameter with magento value:
or2ms –p project -r region -a –s magento
To deactivate the service, run the same command with the -d/--deactivate flag:
or2ms –p project -r region -d –s magento
15.15.2 Service Manipulation
As soon as the service gets activated, its data can be retrieved using the or2-describe-services (or2dser)
command.
or2dser –p project -r region –S magento
Figure 150 - Magento service info (shown in two lines for better visibility)
You can find the details on the VMs created within the service activation, by calling the or2-describe-
instances (or2din) or command with -S magento parameter:
or2din –p project -r region –S magento
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 209
15.16 MESSAGING AS A SERVICE
The Messaging Service allows to set up a RabbitMQ server (v.3.1.5) for message exchange. The service
is similar to Amazon SQS and is available in EPAM regions only.
The default parameters of the instance are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
15.16.1 Starting the service
To start the Messaging service, run the or2-manage-service (or2ms) command with --activate (-a), --
service-name (-s) messaging parameters:
or2ms -p project -r region -a -s messaging
The service when activated, starts a RabbitMQ server VM with the following configuration:
• OS: Ubuntu16.04_64-bit
• Shape: MEDIUM
15.16.2 Getting Tokens
EPAM Private Cloud provides a special entry point in the Messaging service that may be used for
communication between AWS SDK and the service.
In both cases, to use the service, you need to create a token that will be used to reach the RabbitMQ
server. The token is created by the or2-manage-service (or2ms) command with the --init-entry-point
flag:
or2ms –p project –r region –s messaging --init-entry-point
For each project-region combination, there should be a special token created. The token is stored in the
default.properties file, and has the following structure:
messaging.demopro.demoreg.access=http://service_VM_DNS:5673#token
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 210
15.16.3 Queues Manipulation
Invoke: or2-manage-queues (or2mq)
The command is used to create and manage queues within the Messaging service.
CLI Parameters
Parameter name Description Required
-a, --action The action to be taken [describe, create, purge, delete]
Default: describe No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-q, --queue-name Name of a queue No
-qp, --queue-name-prefix Queue name prefix (case-sensitive). Use for filtering the
results of the DESCRIBE action. No
-r, --region Virtualization region Yes
-v, --visibility-timeout Visibility timeout of a queue to be created (in seconds).
Should be in range [30, 43200]. Default: 30 No
-y Provide the parameter for automatic command confirmation No
Response Elements
Name Description
queueName The name of the queue
visibilityTimeout Queue visibility timeout
creationDate The date and time when the queue was created
created/purged/deleted Action execution status
messagesCount The number of messages in the queue
Command Example:
This example shows a queue creation:
or2mq –p project –r region –q queue_name –v 45
Command Response:
Figure 151 - or2mq -a create Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 211
15.16.4 Messages Manipulation
Invoke: or2-manage-messages (or2mm)
The command is used to create and manage messages within the Messaging service.
CLI Parameters
Parameter name Description Required
-a, --action The action to be taken [send, receive, delete]
Default: receive No
-c, --count The number of messages to retrieve [1-10] No
--full Show full command output instead of default basic one No
--help Display command help No
-m, --message-content
Content of a message to be send (maximum 256 KB in size).
Specify 'file:' prefix to retrieve content from the file on a disk.
For example: file:D:/message.txt
No
-i, --message-id ID of a message No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-q, --queue-name Name of a queue Yes
-r, --region Virtualization region Yes
-w, --wait-time Time for messages (in seconds). If a message is available, it
will return sooner [1-120] No
-y Provide the parameter for automatic command confirmation No
Response Elements
Name Description
content Message content
id Message ID
timestamp Time identifier of the message
Command Example:
This example shows messages sending:
or2mm –p project –r region –q queue_name –m “message” –c 5 –a send
Command Response:
Figure 152 - or2mm -a send Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 212
16 ANSIBLE USAGE
Apart from Chef-based auto configuration, EPAM Cloud includes Ansible facilities supporting dynamic
inventory restful API.
Ansible is set up and configured via Maestro CLI.
On Windows, if you have already used Maestro CLI, before starting Ansible download the Maestro CLI
installation archive manually and install it. The or2update command will not be sufficient to load all
required Ansible resources, particularly, the /lib/ansible/ folder necessary to work with Ansible.
It is strongly recommended to use workspaces for Ansible-related commands.
16.1 INITIALIZING ENVIRONMENT
Invoke: or2-ansible-init (or2ai)
Initializes Ansible environment for the specified project and zone.
The command sets up all required configuration files in the current user directory:
• ansible.cfg – Ansible configuration file
• default.properties – contains default values for the required CLI parameters
• ansible_hosts.sh – executable script to get Ansible dynamic inventory
CLI Parameters
Parameter name Description Required
-r, --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--full Show full command output instead of default basic one No
--help Display command help No
Command Example
This example initializes an Ansible environment
or2ai -p project -r region
Response Example:
Figure 153 - or2ai Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 213
16.2 ANSBILE HOSTS
Invoke: or2-ansible-hosts (or2ah)
Is used to manage Ansible hosts.
CLI Parameters
Parameter name Description Required
-a, --action Action (include/exclude*/describe). Default: describe No
--full Show full command output No
-g, --group Name of the group (for several groups repeat the parameter) No
--help Display command help No
-h, --host Host ID (for several host ids repeat the parameter) No
-r, --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--full Show full command output instead of default basic one No
*You cannot exclude host(s) from a ‘default’ group. A warning message will appear if you try to exclude host(s) from ‘default’ group.
Response Elements
Name Description
hostId Host ID
host Host name
groups Engaged groups
groupName Group name on Describe action
properties Group properties on Describe action
Command Example
This example adds a host to a specified group
or2ah -p project -r region -h host_id1 -h host_id2 -g group_name
-a include
Response Example:
Figure 154 - or2ah Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 214
16.3 ANSIBLE GROUPS
Invoke: or2-ansible-groups (or2ag)
Is used to manage Ansible groups.
CLI Parameters
Parameter name Description Required
-a, --action Action (create/delete*/describe). Default: describe No
--full Show full command output No
-g, --group Name of the group (for several groups repeat the parameter) No
--help Display command help No
-r, --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--full Show full command output instead of default basic one No
*You cannot delete the ‘default’ group. A warning message will appear if you try to delete the ‘default’ group.
Command Example
This example creates a new Ansible group
or2ag -p project -r region -g group_name -a create
Response Example:
Figure 155 - or2ag Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 215
16.4 ANSIBLE GROUP PROPERTIES
Invoke: or2-ansible-group-properties (or2agp)
Is used to manipulate Ansible groups properties.
CLI Parameters
Parameter name Description Required
-a, --action Action (set/delete/describe). Default: describe No
--all Deletes all properties. Default: all No
--append Append new properties if the current group already has corresponding keys
No
--full Show full command output No
-g, --group Name of the group (for several groups repeat the parameter) No
--help Display command help No
-h, --host Host ID (for several host ids repeat the parameter) No
-r. --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-t, --property
Property to add in a name=value way. Use "=" as the delimiter. For several properties repeat the parameter: --property name1=value1 --property name2=value2 --property nameN=valueN. If you use Windows command line, please, encase the -t parameter in quotes i.e. "name=value".
No
-n, --property-name Property name. For several properties repeat the parameter. To delete all properties, use "all" parameter instead
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--full Show full command output instead of default basic one No
Command Example
This example assigns properties to a group.
or2agp -p project -r region -g web -a set -t “keepalive=60” -t
“ssl_enable=false” -t “workers=4”
Response Example:
Figure 156 - or2agp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 216
16.5 ANSIBLE DYNAMIC INVENTORY
Invoke: or2-ansible-dynamic-inventory (or2adi)
Returns Ansible dynamic inventory for the specified project and region in the JSON format.
CLI Parameters
Parameter name Description Required
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-t, --pretty Returns the JSON data in a formatted way No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Command Example
or2adi -p project -r region
Response Example:
Figure 157 – Fragment of or2adi Response Example
Figure 158 - Fragment of or2adi Response Example in a Formatted Way
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 217
17 TROUBLESHOOTING
It may happen that you will get some errors or encounter other issues when working with EPAM Cloud
Orchestrator. Below is given a recommended troubleshooting procedure which is intended to help you
resolve your issues.
Problem?
Cannot manage my
infrastructure
Unexpected Behaviour
Can’t access Orchestrator
See the Audit page
See the Health Check page
See FAQCheck SIN
notifications
Report an incident
Figure 159 - Troubleshooting Scheme
In case you have problems with managing your infrastructure, cannot execute commands or reach
your VM, please, go to Orchestrator Audit page and ensure your VM is available and not deleted by anyone.
If your VM is present and available, but CLI commands still do not work for you, it is possible, that due to
technical issues, the connection to your region is broken. Please, take a look at the Orchestration
Healthcheck page which gives real-time detailed information on each of the Orchestrator regions
performance (except for EPAM-BY1) and indicates which regions are unavailable at the moment. If the
region is currently unavailable, it is advised to wait for a while until the technical issues are fixed and the
region performance is resumed.
In case of emergency, or when you have infrastructure configuration issues not related to the regions
performance, please, address the Help Desk or L1.5 team.
If you encounter an unexpected Orchestrator behavior, please, look at the FAQ pages in EPAM
Knowledge Base or at EPAM Orchestrator website. It is highly possible that the solution is already described
there.
If you get an unexpected “Service under Maintenance” message when trying to login to Orchestration
website or “EPAM orchestration in progress” message when trying to execute a CLI command, please,
check whether you have received a corresponding SIN notification on Orchestrator maintenance. If you
have not received one, please, address the Help Desk for further instructions and help.
If you have an issue that is not listed above, or you have performed the described steps, but your issue is
not solved due to one reason or another, please, submit an incident request to support.epam.com (EPAM
Cloud section in the Catalog).
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 218
ANNEX A - USER PERMISSIONS
USER GROUPS
All operations available using Orchestrator are divided into several groups, used to customize user
permissions. These groups are detailed in the table below.
CLI Command READ
group
STORAGE
group
VM
group
META
group
NEW
RESOURCES
group
KILL
RESOURCES
group
ADVANCED
MANAGEMENT
group
or2-allocate-static-ip (or2alsip) ✓
or2-ambari-cluster (or2ac) ✓
or2-attach-volume (or2attvol) ✓
or2-associate-static-ip
(or2assip)
✓
or2-audit (or2audit) ✓
or2-aws-management-console
(or2awsmc)
✓
or2-azure-management-
console (or2azmc)
✓
or2-change-owner (or2chow) ✓
or2-change-shape (or2chshape) ✓
or2-check-version (or2check) ✓
or2-chef-mode (or2cm) ✓
or2-console (or2console) ✓
or2-convert-maestro-stack-
template (or2cmst)
✓
or2-create-attach-volume
(or2addattvol)
✓
or2-create-checkpoint (or2ccp) ✓
or2-create-image (or2cim) ✓
or2-create-keypair (or2addkey) ✓
or2-create-schedule
(or2addsch)
✓
or2-delete-aws-stack
(or2dawss)
✓
or2-delete-checkpoint
(or2delcp)
✓
or2-delete-file (or2delf) ✓
or2-delete-image (or2delim) ✓
or2-delete-instance-properties
(or2delp)
✓ ✓
or2-delete-keypair (or2delkey) ✓
or2-delete-maestro-stack
(or2delmstack)
✓
or2-delete-schedule (or2delsch) ✓
or2-delete-tag (or2deltag) ✓
or2-delete-volume (or2delvol) ✓
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 219
CLI Command READ
group
STORAGE
group
VM
group
META
group
NEW
RESOURCES
group
KILL
RESOURCES
group
ADVANCED
MANAGEMENT
group
or2-describe-aws-stack-events
(or2dawsse)
✓
or2-describe-aws-stack-
resources (or2dawssr)
✓
or2-describe-aws-stacks
(or2dawss)
✓
or2-describe-checkpoints
(or2dcp)
✓
or2-describe-chef (or2chef) ✓
or2-describe-docker (or2dd) ✓
or2-describe-files (or2df) ✓
or2-describe-hadoop (or2dh) ✓
or2-describe-images (or2dim) ✓
or2-describe-instance-
properties (or2getp)
✓
or2-describe-instances (or2din) ✓
or2-describe-keypairs (or2dkey) ✓
or2-describe-load-balancing
(or2dlb)
✓
or2-describe-logging (or2dlog) ✓
or2-describe-maestro-stack-
resources (or2dmsr)
✓
or2-describe-maestro-stacks
(or2dmstack)
✓
or2-describe-monitoring
(or2dmon)
✓
or2-describe-nessus-templates
(or2dnt)
✓
or2-describe-operation (or2dop) ✓
or2-describe-projects (or2dpro) ✓
or2-describe-regions (or2dreg) ✓
or2-describe-schedules
(or2dsch)
✓
or2-describe-services (or2dser) ✓
or2-describe-shapes
(or2dshape)
✓
or2-describe-static-ips (or2dsip) ✓
or2-describe-tag (or2dtag) ✓
or2-describe-vlans (or2dvlans) ✓
or2-describe-volumes (or2dvol) ✓
or2-detach-volume (or2detvol) ✓
or2-disassociate-static-ip
(or2dissip)
✓
or2-docker-container (or2dc) ✓ ✓
or2-docker-image (or2di) ✓
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 220
CLI Command READ
group
STORAGE
group
VM
group
META
group
NEW
RESOURCES
group
KILL
RESOURCES
group
ADVANCED
MANAGEMENT
group
or2-docker-registry-image
(or2dri)
✓ ✓
or2-ftp-access (or2ftpa) ✓ ✓
or2-get-access (or2access) ✓
or2-get-info (or2info) ✓
or2-go-to-checkpoint (or2gcp) ✓
or2-hardware-report (or2hr) ✓
or2-import-keypair (or2ikey) ✓
or2-load-balancer-config
(or2lbconf)
✓
or2-lock-instance-termination
(or2lock)
✓
or2-manage-ftp (or2ftp) ✓ ✓
or2-manage-hadoop (or2mh) ✓
or2-manage-service (or2ms) ✓ ✓
or2help No permissions or credentials required
or2-modify-hardware-server
(or2modhs)
Only available to zone administrators
or2-move-instance-to-vlan
(or2mivlan)
✓
or2-price (or2price) ✓
or2-reboot-instances
(or2reboot)
✓
or2-register-hardware-server
(or2rhs)
Only available to zone administrators
or2-release-static-ip (or2relsip) ✓
or2-report (or2report) ✓
or2-resize-volume (or2resvol) ✓
or2-revert-to-checkpoint
(or2rcp)
✓
or2-run-aws-stack (or2rawss) ✓
or2-run-instances (or2run) ✓
or2-run-maestro-stack
(or2rmstack)
✓
or2-schedule-add-instances
(or2schaddi)
✓
or2-schedule-remove-instances
(or2schremi)
✓
or2-security-check (or2sc) ✓
or2-set-instance-properties
(or2setp)
✓ ✓
or2-set-tag (or2settag) ✓
or2-start-instances
(or2start)
✓
or2-start-logging (or2log) ✓
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 221
CLI Command READ
group
STORAGE
group
VM
group
META
group
NEW
RESOURCES
group
KILL
RESOURCES
group
ADVANCED
MANAGEMENT
group
or2-start-monitoring (or2mon) ✓
or2-stop-instances (or2stop) ✓
or2-stop-logging (or2stoplog) ✓
or2-stop-monitoring
(or2stopmon)
✓
or2-terminate-instances (or2kill) ✓
or2-update-cli (or2update) ✓
or2-upload-file (or2uf) ✓
or2-upload-script (or2ups)
or2-validate-maestro-stack-
template (or2vmst)
No permissions required
or2-view-pool-state (or2vps) ✓
or2-manage-
service (or2ms)
Activate ✓
Deactivate ✓
or2-docker-
volume (or2dv)
Create ✓
Delete ✓
or2-chef-mode
(or2cm)
Describe Chef
Mode
✓
Deactivate
Service
✓
Activate Service ✓
Update Chef
Mode
✓
DEFAULT PROJECT ROLES
A user's UPSA project role identifies which operations, by Maestro user groups, the user can perform via
EPAM Orchestrator CLI or UI interfaces on this project. If a user is not assigned to the project, they cannot
perform any related cloud operations.
EPAM Orchestrator also ensures the access to native tools of the external cloud providers. The user gets
the access role depending on their project role. Below the section, there is a mapping table of the project
roles and groups.
The following roles are available for work with Cloud via EPAM Orchestrator:
• EPAM-based project roles characterize permissions for work in private cloud regions. These
permissions can be customized for each project.
• AWS Role based on the EPAM Cloud project role and defining the scope of access to the AWS
Management Console via SSO.
• Google Role based on the project role and defining the scope of access to the Google Console
via SSO.
• When working with Azure via EPAM Orchestrator, a user gets EPAM_BasicUser’s role. It is equal
to Azure` Contributor role without the ability to manage users and security groups. See details
about Azure Contributor's role on the Microsoft website.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 222
The default AWS and Google roles include the following permissions:
Role Name Access Scope
AWS GCP AWS GCP BasicReadOnly BasicReadAccess Read-only access to EC2, S3, RDS,
DynamoDB, Lambda services Read-only access to Compute engine.
FullReadOnly FulLReadAccess Read-only access to all AWS services Full-read access to all GCP services
BasicUser BasicAccess The access to the main compute, storage, management, database, IoT, networking, analytics, machine learning services, step functions and developer tools. Full access to IAM except Write, Permissions management Full access to EC2 except Security Groups management
The access to the main GCP services, except: admin-special options, IAM Write, Network security management.
AdminUser AdminAccess Full access to all AWS services except: IAM Write, Permissions management EC2 Security Groups management
Full access to all GCP services except: IAM Write, Network security management
You can access your resources in the external cloud regions via Maestro CLI and Web Management
Console as well as via the native management tools. Please see the respective section of the Maestro User
Guide for more details.
The following table details default user permissions depending of their project roles. Each project role has
access to several Maestro CLI user groups to perform respective operations (see User Groups.) These
permissions can be customized for each project abbreviation in UPSA.
EPAM Orchestrator also ensures the access to native tools of the external cloud providers. The user gets
the access role depending on their project role.
Project Role EPAM Orchestrator Permissions Groups
AWS Role Azure Role Google Role
1st Line / Help Desk Specialist
READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
2nd Line / Environments Support Engineer
READ, VM, STORAGE, META, NEW, KILL
BasicUser EPAM_BasicUser BasicUserAccess
3rd Line / Software Maintenance Engineer
READ, VM, STORAGE, META, NEW, KILL
AdminUser EPAM_BasicUser AdminUserAccess
Account Manager READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Administrative Support
READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Agile Coach READ, VM, STORAGE, META, NEW, KILL
BasicReadOnly EPAM_BasicUser BasicReadAccess
Build Engineer READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Business Analysis Team Lead
READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Business Analyst READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Consultant READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
NB: In order to customize user groups for your project, please contact Consulting Team.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 223
Consulting Team Lead
READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Contact READ, VM, STORAGE, META - - -
Customer READ, VM, STORAGE, META - - -
Customer Representative
READ, VM, STORAGE, META - - -
Customer TR READ, VM, STORAGE, META - - -
Data Analyst READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Data Modeler READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Delivery Manager READ, VM, STORAGE, META, NEW, KILL, ADVANCED MANAGEMENT
AdminUser EPAM_BasicUser AdminUserAccess
Delivery Supervisor READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Design Team Lead READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Designer READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Developer READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Development Team Lead
READ, VM, STORAGE, META, NEW, KILL
BasicReadOnly EPAM_BasicUser BasicReadAccess
Engineer READ, STORAGE, META, VM, NEW_RESOURCES
FullReadOnly EPAM_BasicUser FullReadAccess
Engineering Team Lead
READ, STORAGE, META, VM, NEW_RESOURCES, KILL_RESOURCES
BasicUser EPAM_BasicUser BasicUserAccess
EngX Productivity Lead
READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Executive READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
External User READ, VM, STORAGE, META - - -
Financial Manager READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
HR Business Partner READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
HTML Coder READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Information Architect
READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Junior Developer READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Junior Functional Tester
READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Key Designer READ, VM, STORAGE, META, NEW, KILL
BasicReadOnly EPAM_BasicUser BasicReadAccess
Key Developer READ, VM, STORAGE, META, NEW, KILL
BasicUser EPAM_BasicUser BasicUserAccess
Key Engineer READ, STORAGE, META, VM, NEW_RESOURCES, KILL_RESOURCES
BasicUser EPAM_BasicUser BasicUserAccess
Key Tester READ, VM, STORAGE, META, NEW, KILL
BasicUser EPAM_BasicUser BasicUserAccess
Machine Learning Engineer
READ, VM, STORAGE, META, NEW
BasicReadOnly EPAM_BasicUser BasicUserAccess
Maintenance & Support Team Lead
READ, VM, STORAGE, META, NEW, KILL
BasicUser EPAM_BasicUser BasicUserAccess
Member READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Performance Analyst READ, VM, STORAGE, META, NEW, KILL
BasicReadOnly EPAM_BasicUser BasicReadAccess
Principal Delivery Manager
READ, VM, STORAGE, META BasicUser EPAM_BasicUser BasicUserAccess
Process Engineer READ, VM, STORAGE, META, NEW, KILL
BasicReadOnly EPAM_BasicUser BasicReadAccess
Program Manager READ, VM, STORAGE, META BasicUser EPAM_BasicUser BasicUserAccess
Project Coordinator READ, VM, STORAGE, META, NEW, KILL, ADVANCED MANAGEMENT
BasicUser EPAM_BasicUser BasicUserAccess
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 224
Project Manager READ, VM, STORAGE, META, NEW, KILL, ADVANCED MANAGEMENT
AdminUser EPAM_BasicUser AdminUserAccess
Project Member READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Project Sponsor READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Project Supervisor READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Project VIP READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Quality Engineer READ, STORAGE, META, VM FullReadOnly EPAM_BasicUser FullReadAccess
Resource Manager READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Sales Executive READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Sales Manager READ, VM, STORAGE, META FullReadOnly EPAM_BasicUser FullReadAccess
Sales Representative READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Scrum Master READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Signatory READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Solution Architect READ, VM, STORAGE, META, NEW, KILL
AdminUser EPAM_BasicUser AdminUserAccess
Technical Writer READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
Technician Team Lead
READ, STORAGE, META, VM, NEW_RESOURCES, KILL_RESOURCES
BasicUser EPAM_BasicUser BasicUserAccess
Tester READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
Testing Team Lead READ, VM, STORAGE, META, NEW, KILL
BasicUser EPAM_BasicUser BasicUserAccess
TS Engineer READ, VM, STORAGE, META, NEW, KILL
FullReadOnly EPAM_BasicUser FullReadAccess
ZXY Agile Team Member
READ, VM, STORAGE, META BasicReadOnly EPAM_BasicUser BasicReadAccess
USER PERMISSIONS CUSTOMIZATION FOR A SPECIFIC USER
There are 4 options of permissions available for each user:
• Project role-based (default). The user will get the set of permissions, guaranteed to them
according to their project role, as described in the previous section.
• Admin. The user will get the max project permissions level in private regions and AdminUser for
Amazon.
• Deny access. The user will have no access to perform project manipulations in Cloud. Also, the
user will not have an access through SSO to all public providers for the selected projects.
• AWS Managed Policy. The user will have a set of permissions which can be used to set up a
specific access level to one of AWS services (for example, AmazonChimeReadOnly), or to match
standard needs of a person with a specific job function (for example, SupportUser).
If the default role is not enough, an Advanced Management group member (Project Manager, Coordinator,
Account Manager, and Delivery Manager) can change the Admin permissions through Manage Cloud
wizard at Cloud Dashboard. Please note, that this will affect your permissions in other Clouds as well.
Please check more details in section 6.1 of Account Management Guide.
In case you need to fine-tune the permissions for a specific role on a project, please use the Manage
permissions for a project role option of the wizard.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 225
ANNEX B – CLIENT VERSIONING
Current version of the CLI is defined in the cli.version parameter within the ‘cli-system.properties’ file,
which is unavailable for user editing. You can display contents of ‘cli-system.properties’ in console by
running the or2info command (See the Maestro CLI Info Section). CLI client version comprises the
following components:
• Orchestrator version
• Separator (.)
• Last digit of a year (2 for 2012)
• Month number (10 for October)
• Separator (.)
• Day
• Build number for current day
For example, ‘cli.version=2.210.103’ corresponds to Orchestrator version 2, built on October 10, 2012 and
being the third build that day.
NB: Under construction. Currently support for versioning is implemented by versioning Maestro CLI
client using the Maestro-CLI-version
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 226
ANNEX C – INSTANCE TYPES AND THEIR SHAPES
The table below contains available virtual instance hardware configurations aka Shapes.
EPAM Cloud Shape
Shape CPU
Shape RAM GB
AWS Instance Type Microsoft Azure Instance Size
Google Cloud Instance Type Zone Set 1* Zone Set 2**
MICRO 1 0.5 t3.nano t3.nano A0 MICRO
MINI 1 1 t3.micro t3.micro - MINI
SMALL 1 2 t3.small t3.small A1 SMALL
MEDIUM 2 4 t3.medium t3.medium A2 MEDIUM
LARGE 2 8 t3.large t3.large A3 LARGE
XL 4 7.5 m5a.large m5.large - -
2XL 4 16 r5a.large r5.large - -
3XL 8 15 m5a.xlarge m5.xlarge - -
4XL 6 23 r5a.xlarge r5.xlarge - -
5XL 8 32 m5a.2xlarge m5.2xlarge - -
6XL 8 46 r5a.2xlarge r5.2xlarge - -
7XL 8 61 m5a.4xlarge m5.4xlarge - -
8XL 16 122 r5a.4xlarge r5.4xlarge - - *Zone Set 1 US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Ireland),
Asia Pacific (Singapore)
**Zone Set 2 US West (N. California), Canada (Central), EU (Frankfurt), EU (London), EU (Paris), Asia Pacific (Tokyo), Asia Pacific (Seoul), Asia Pacific (Osaka-Local), Asia Pacific (Sydney), Asia Pacific (Mumbai), South America (São Paulo), EU (Stockholm)
Not all the shapes are by default available for projects. When a project is activated in EPAM regions, Small,
Medium, and Large shapes are activated for it. To get other shapes, submit a Shape Activation Request.
Please note:
• ESX regions, EPAM-HU2 and EPAM-IN1 support shapes up to 3XL.
All other OpenStack regions support shapes up to 5XL.
• Other regions support shapes up to Large.
• When a project is activated in AWS, the full stack of shapes is automatically activated for it.
• Extra-large shapes (over 5XL) are available in AWS regions only.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 227
ANNEX D – SERVICE LOCATIONS
The tables below contain the list of planned EPAM Cloud service locations, using both own infrastructure and
public cloud offerings.
EPAM INFRASTRUCTURE
EPAM Cloud Orchestration Service is a system distributed between different regions. The regions have different
geographical location, virtualization basis and a certain coefficient that applies to services provided within the
region and modifies actual costs. The coefficient depends on the region location and related maintenance
expenses.
Location Service Region Virtualization Billing type
CIS (Minsk, Belarus) EPAM-BY1 ESX Per-hour
CIS (Minsk, Belarus) EPAM-BY2 OpenStack Per-second
CIS (Minsk, Belarus) EPAM-MAC ESX Per-hour
CIS (St. Petersburg, Russia) EPAM-RU2 ESX Per-hour
CIS (St. Petersburg, Russia) EPAM-RU3 OpenStack Per-second
Europe (Budapest, Hungary) EPAM-HU1 ESX Per-hour
Europe (Budapest, Hungary) EPAM-HU2 OpenStack Per-hour
Ukraine (Kiyiv) EPAM-UA1 ESX Per-hour
Ukraine (Kiyiv) EPAM-UA2 OpenStack Per-second
USA (Edison, NJ) EPAM-US2 OpenStack Per-second
Asia (Hyderabad, India) EPAM-IN1 OpenStack Per-second
For more information on EPAM Cloud billing policy, please, see our Account Management Guide, Section 7:
Billing in EPAM Cloud.
Some of the existing regions have their specific features or limitations. They are listed below.
EPAM-BY2
• EPAM-BY2 is based on OpenStack technology
• The Recycle Bin functionality is supported. This functionality allows restoring a terminated VM within 7
days after termination by sending a request to support.epam.com
• Checkpoint manipulations are not supported.
• An image can be created only from instance that do not have additional volumes.
Network specifics
• All instances have an assigned floating IP from EPAM network (10.x.).
• All instances have hostname like ECSX000XXXXX.epam.com, which can be resolved as an IP from
EPAM network (for example, 10.6.129.34).
• If you try to resolve native hostname from instance in OpenStack you will get external IP, which does
not belong to any network interface of instance.
• This can cause issues when you try to bind some process to hostname instead of Instance IP.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 228
EPAM-IN1
• EPAM-IN1 is based on OpenStack technology
• Storage volumes are billed by provisioned, not by used, space
• Shapes up to 5XL are supported
• Checkpoints are disabled
• Graceful shutdown functionality is not available. The or2stop command acts as power-off
• The commands from other groups (as listed in Maestro CLI Reference Guide) are mostly available, but
some are disabled.
• View instance pool scope is not available
Network specifics
• All instances in project have IPs from internal net (172.16.242.230/21).
• All instances have an assigned floating IP from EPAM network (10.x.).
• All instances have hostname like ECSX000XXXXX.epam.com, which can be resolved as an IP from
EPAM network (for example, 10.6.129.34).
• If you try to resolve native hostname from instance in OpenStack you will get external IP, which does
not belong to any network interface of instance.
This can cause issues when you try to bind some process to hostname instead of Instance IP.
EPAM-US2
• EPAM-US2 is based on OpenStack technology
• Storage volumes are billed by provisioned, not by used, space
• Shapes up to 5XL are supported
• Checkpoints are disabled
• Graceful shutdown functionality is not available. The or2stop command acts as power-off
• The commands from other groups (as listed in Maestro CLI Reference Guide) are mostly available, but
some are disabled.
• View instance pool scope is not available
Network specifics
• All instances have an assigned floating IP from EPAM network (10.x.).
• All instances have hostname like ECSX000XXXXX.epam.com, which can be resolved as an IP from
EPAM network (for example, 10.6.129.34).
• If you try to resolve native hostname from instance in OpenStack you will get external IP, which does
not belong to any network interface of instance.
This can cause issues when you try to bind some process to hostname instead of Instance IP.
EPAM-MAC
EPAM-MAC region is designed to enable Mac resources provisioning. No other instance types can be created
here.
The region hosts two types of instances – virtual and hardware, each having its own specifics.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 229
• Virtual. Virtual MacOS instances have a choice between two operating systems. The instances details are:
o Image name: MacOS_10.12_Sierra, MacOS_10.13_HighSierra (can be updated to MacOS 10.14
Mojave)
o Shape: Any standard EPAM Cloud shape (recommended – MEDIUM)
o System Disk: 60GB
o Billing: Same as in EPAM-BY2 region
o Login: via VNC console with EPAM credentials
o Limitations: auto configuration service and checkpoints are not available.
To run such an instance, use the standard or2run command, and provide the new instance details, e.g.:
or2run –p <project> -r EPAM-MAC –i macos_10.12_Sierra –s <shape>
• Hardware. The other type of resources that can be provided in EPAM-MAC region, are reusable hardware
Macmini (OS X of current or release version) servers that can be provided for project needs. The specifics
of this kind of resources are:
o Image name: macmini_os_X
o Shape: Large (2CPU, 8GB RAM) only
o System Disk: 300GB, not extendable
o Billing: $30/Month, calculated hourly at 30/730.5 USD per hour
o Login: via VNC console with user/user credentials (we strongly recommend changing the default
credentials after the first login)
o Limitations:
▪ Instance operations are strictly limited: only or2run, or2kill, or2report, or2settag, or2din
commands are available. You can also see all the instance-related info on UI.
▪ Limited number of available servers. To check whether there are Macmini instances
available, please use the or2vps command:
or2vps -r EPAM-MAC
If there are no free Macmini servers, you will get a respective “low capacity” message when trying to request
one.
In this case, please, wait till one of the servers in use, is released.
To order a hardware Mac, use the standard or2run command, and provide the new instance details, e.g.:
or2run –p <project> -r EPAM-MAC –i macmini_os_X –s LARGE
Please also note that VM actions on the Management page are not available for instances in EPAM-MAC region.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 230
AWS CLOUD FORMATION REGIONS
To activate AWS regions in EPAM Cloud simply leave a respective request at support.epam.com. The following
regions are supported:
Region Code Region Name EPC Reference Name
ap-northeast-1 Asia Pacific (Tokyo) Region AWS-AP-NORTHEAST
ap-northeast-2 Asia Pacific (Seoul) Region AWS-AP-NORTHEAST-2
ap-southeast-1 Asia Pacific (Singapore) Region AWS-AP-SOUTHEAST
ap-southeast-2 Asia Pacific (Sydney) Region AWS-AP-SOUTHEAST-2
eu-west-1 EU (Ireland) Region AWS-EUWEST
eu-central-1 EU (Frankfurt) Region AWS-EUCENTRAL
sa-east-1 South America (Sao Paulo) Region AWS-SAEAST
us-east-1 US East (Northern Virginia) Region AWS-USEAST
us-west-1 US West (Northern California) Region
AWS-USWEST
us-west-2 US West (Oregon) Region AWS-USWEST-2
Once you get a notification from us about an AWS Region activation, you should be able to see it in your list of
available regions. Below is the example of Maestro CLI command for the AWS regions describing:
or2dreg -p sample –t AWS
Figure 160 - Describing available AWS regions
If you can see the AWS regions in the response, you can start utilizing AWS resources via EPAM Orchestration
tools.
For more information about AWS regions utilization specifics, please, see the Maestro User Guide.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 231
AZURE REGIONS
To activate Azure regions in EPAM Cloud simply leave a respective request at support.epam.com. The following
regions are supported:
Region Name (Location) Region Alias EPC Reference Name
Brazil South (Sao Paolo State) BR South AZURE-BS
Central US (Iowa) - AZURE-CUS
East Asia (Hong Kong) - AZURE-EA
East US (Virginia) USEast, eastus AZURE-EUS
East Us 2 (Virginia) useast2, EastUS2 AZURE-EUS-2
Japan East (Tokyo, Saitama) - AZURE-JE
Japan West (Osaka) Ja West AZURE-JW
North Central US (Illinois) - AZURE-NCUS
North Europe (Ireland) Northeurope AZURE-NEU
South Central US (Texas) - AZURE-SCUS
Southeast Asia (Singapore) - AZURE-SEA
West Europe (Netherlands) westeurope AZURE-WEU
West US (California) - AZURE-WUS
Once you get a notification from us about activating your project in Azure, you should be able to see it in your
list of available regions. Below is the example of Maestro CLI command for the region describing:
or2dreg -p sample –t Azure
Figure 161 - Describing available Azure regions
If you can see Azure regions in the response, you can start utilizing Azure resources via EPAM Orchestration
tools.
For more information about Azure regions utilization specifics, please, see the Maestro User Guide
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 232
GOOGLE CLOUD REGIONS
To activate Google Cloud regions in EPAM Cloud simply leave a respective request at support.epam.com. The
following regions are supported:
Google Region Location Orchestration Reference Name
Eastern Asia-Pacific Changhua County, Taiwan GCP-AS-EAST
Northeastern Asia-Pacific Tokyo, Japan GCP-AS-NORTHEAST
Western Europe St. Ghislain, Belgium GCP-EUWEST
Central US Council Bluffs, Iowa GCP-USCENTRAL
Eastern US Berkeley County, South Carolina GCP-USEAST
Western US The Dalles, Oregon GCP-USWEST
Once you get a notification from us about activating your project in Google Cloud, you should be able to see it
in your list of available regions. Below is the example of Maestro CLI command for the region describing:
or2dreg -p project –t google
Figure 162 - Describing available Google Cloud regions
If you can see Google Cloud regions in the response, you can start utilizing Google Cloud resources via EPAM
Orchestration tools.
For more information about Google Cloud regions utilization specifics, please, see the Maestro User Guide
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 233
ANNEX E – LOGGING IN TO INSTANCES
This instruction is applicable to the methods of authorization on instances created from images
provided by EPAM Cloud. The method of authorization on VMs based on custom images
depends on the configuration of an image, as well as on settings made by hosting cloud provider.
WINDOWS
Login via an RDP client by using your standard domain credentials.
In order to access Windows instances via SSH, you first have to access them via RDP and configure SSH
connection.
LINUX
For Private Cloud we provide two ways of access to VMs:
• Using your domain authorization without SSH if the key was not specified at VM creation.
• Using the key specified on password.epam.com and your Domain username (with @epam.com).
• Using the key specified at VM creation and the default username, depending on the instance OS:
Image Username
CentOS family centos
Debian family admin
Ubuntu family ubuntu
CoreOS family Core
Amazon Linux ec2-user
For Public Cloud providers (non EPAM region type) SSH key authorization is used. When creating a VM, you
need to specify the name of the SSH key to be used. When authorizing, you can use one of the following
combinations:
• Using the specified SSH key and the default username, depending on the instance OS:
Image Username
CentOS family centos
Debian family admin (AWS, Google) debian (Azure)
Ubuntu family ubuntu
CoreOS family Core
Amazon Linux ec2-user
• Using the key specified on password.epam.com and your Domain username (with @epam.com).
Also, in Azure Cloud you can run a VM without specifying SSH key name. In this case you will
receive an email containing automatically generated username and password.
Password authorization is less secure than the SSH one. We recommend using it for training
purposes and temporary VMs.
According to best practices, it is beeter to use SSH key authorization and disable temporary
user and password access.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 234
AWS – WINDOWS
To login to a newly created AWS-based Windows instance perform the following steps:
1. Make sure the instance is up and running, e.g., using the o2-describe-instances command.
2. Run the or2console command providing the instance ID, project and region:
or2console –p demopro –r aws-region –i instance_id
3. When the command is executed, you get an email containing the details on the VM and an attachment
with the encrypted password.
AWS needs at least 4 minutes to generate a password for a new instance. If you run the or2console
command before the password is ready, the attachment in the letter will be empty.
4. Save the attachment to your disc or copy its content to an empty file.
5. Run the or2-aws-decrypt-password (or2adp) command, providing the name of the key used to run
the instance and the path to the file with the encryption:
or2adp -p private-key-file-path -e encrypted-password-file-path
The command response will contain the password to be used to login to your Windows VM as
Administrator.
Please note that the command is executed on the client’s side, external tools have no access to the
private part of the key.
6. Use this password to login to your VM via RDC:
Figure 163 - Remote connection to a Windows instance
If you have access to AWS Management Console, you can get the password using it, without having to perform
the steps described above. All you have to do is login to the Console, go to the Instances section, right-click on
the instance to which you want to get access and select Get Windows Password in the dropdown menu.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 235
Figure 164 - Connecting to a Windows VM in AWS
AZURE
When a VM (either Windows or Linux) creation is initiated, you get a letter containing credentials for access to
this VM remotely. These credentials are generated only once and will not be available for reference anywhere
except this letter.
If you run an instance without using an SSH key, the instance run letter will include the access username and
the password:
Figure 165 - Run instance letter with a password
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 236
Please save the credentials properly for further usage; they are not saved anywhere else and cannot be
restored in case of loss.
If you used an SSH key to run an instance, the letter will include the key name instead of the credentials.
The Public IP necessary to connect to the VM will be given in the next letter sent to you as soon as your new
VM gets to the RUNNING state:
Figure 166 - A Start Instance letter with IPs
GOOGLE CLOUD REGIONS - WINDOWS
For Windows machines, use the or2console CLI command specifying an SSH key:
or2console -p project -r region -i instance_id -k key
The key must always be of 2048 size. The key is required only for the log in operation, not for VM run.
When this command is executed, you will receive an email containing an encrypted password. Decrypt the
password as follows:
or2-decrypt-password -p private-key-file-path -e encrypted-password-file-
path
Use the decrypted password to log in to your Windows VM under the username ‘user’.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 237
HARDWARE MACOS
MacOS instances are run in the dedicated EPAM-MAC region physically located in Minsk and Saint
Petersburg. By default, in EPAM-MAC (Minsk) location hardware Macmini servers are run with OS X 10.15.x,
while in additional EPAM-MAC (Saint Petersburg) location with OS X 10.12.x.
To access new hardware MacOS instances located in Minsk, perform the following steps:
1. Once an instance is deployed, authorize over SSH client using the default credentials:
• login - user
• password - <PROJECT-ID> (UPPERCASE)
2. Change the default password
3. Initiate VNC connection according to the standard instruction via VNC client and newly created
password for authentication:
a) Install the VNC Client to your workstation.
b) Run the VNC Client, and input your MacOS IP address or DNS name (as
HOSTNAME.cloud.epam.com):
Figure 167 - VNC Client start
4. Click Connect.
• On Authentication step, input the uppercased abbreviation of your project in UPSA:
Figure 168 - VNC client authentication
• Login to the instance with new credentials.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 238
To access new hardware MacOS instances located in Saint Petersburg, perform the following steps:
1. Install the VNC Client to your workstation.
2. Run the VNC Client, and input your MacOS IP address or DNS name (as
HOSTNAME.cloud.epam.com):
Figure 169 - VNC Client start
Click Connect.
3. On Authentication step, input the uppercased abbreviation of your project in UPSA:
Figure 170 - VNC client authentication
4. Login to the instance with user/user credentials.
It is highly recommended to change the default credentials after the first login.
VIRTUAL MACOS
To get access to a Virtual MacOS instance perform the following actions:
• Click the VNC icon next to the VM ID on the Management page to run the VNC Web Client, and login
to the VM using your domain credentials as soon as the connection is established:
If you login to VM via VNC client installed on your workstation, enter your Project_Name (upper case)
as a password and after that use your domain credentials as soon as the connection is established.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 239
Figure 171 - VNC web access link
Please note that the domain credentials are case sensitive.
After logging in to the VM, it is recommended to change the default credentials and to enable access
via the VNC standalone client.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 240
ANNEX F – MAESTRO CLI COMMANDS LIST
The table below gives the list of the existing Maestro CLI Commands, their descriptions and links to the
respective sections:
Command Description or2access Registers user domain credentials within Orchestrator
or2addattvol Creates and attaches a storage volume to the specified instance
or2addsch Creates a new schedule to start or stop existing instances using cron expressions.
or2adp Decrypts AWS password
or2ag Is used to manage Ansible groups.
or2agp Is used to manipulate Ansible groups properties.
or2ah Is used to manage Ansible hosts.
or2ai Initializes Ansible environment for the specified project and zone.
or2aem Manages Adobe AEM service
or2alsip Allocates a static IP for the project
or2assip Assigns a static IP to the VM
or2attvol Attaches the specified storage volume to the specified instance
or2audit Views all relevant instance-related information for the specified period
or2awsmc Returns a link for accessing the AWS Management Console
or2ccp Creates an instance recovery point
or2check Shows Maestro CLI client currently installed on your machine
or2chef Describes the project Chef server mode
or2cim Creates an image based on the instance
or2cm Sets one of the existing chef modes to the project
or2cmst Converts a Maestro Stack template into a CloudFormation stack template
or2console Activates instance console and provides access credentials to it
or2addkey Creates a key pair used to access instances without need to provide login credentials
or2dawsse Returns the events related to the specified stack
or2dawssr Returns the events related to the specified stack
or2dcp Lists all checkpoints created for the instance and their short descriptions
or2di Manipulates Docker container images
or2delawss Deletes one or more stacks for the specified region and project
or2delcp Deletes the specified instance checkpoint
or2delf Deletes a previously uploaded file from Orchestrator’s repository
or2delim Deletes custom machine images
or2delkey Deletes a specified key pair
or2delsch Deletes a previously created schedule
or2delp Deletes user-defined metadata from instances
or2deltag Deletes a custom tag from an instance or a volume
or2delvol Deletes a storage volume from the specified instance
or2detvol detaches a storage volume from the specified instance
or2df Describes the uploaded and available files for the specified project
or2dim Returns information about images
or2din Returns information about the instances that you own
or2dissip Disassociates a Static IP from a VM
or2dkey Describes pairs available for provided project and region
or2dlb Shows the list of the hosts in the load balancer group and their availability
or2dlog Gives the list of the logged instances and the DNS name of the GrayLog Server
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 241
Command Description or2dmon Retrieves information about Zabbix-related items
or2dmstack Describes existing Maestro stacks for the specified project and region
or2dpro Lists of projects available for user
or2dreg Describes available virtualization regions for provided project and user credentials
or2dri Manipulates Docker registry images
or2dsch Describes previously uploaded and available schedules
or2dser Describes the services activated for the specified project and region
or2dsip Describes static IPs available for the project
or2dshape Describes available shapes for the provided project and user credentials
or2dtag Retrieves custom tags assigned to resources for billing purposes
or2dv Creates, describes or deletes a Docker volume
or2dvlans describes available VLANs for the selected project
or2dvol Describes a user’s storage volumes
or2ftp Makes existing S3 buckets available via FTP
or2ftpa Manages user access to AWS S3 via FTP
or2gcp Reverts to the specified checkpoint
or2getp Retrieves user-defined metadata from instances
or2help Lists all commands and their parameters
or2hr Generates a hardware server usage report
or2info Lists information of CLI Client current configuration
or2ikey Imports an existing key pair to the specified region
or2kill Terminates the specified instances
or2kn Manages Kubernetes nodes
or2kns Manages Kubernetes namespaces
or2kp Manages Kubernetes pods
or2krc Manages Kubernetes replication controllers
or2ks Manages Kubernetes services
or2lbconf Set the Load balancer configuration
or2lock Locks the specified instance from termination
or2log Starts collecting the logs from the specific instance
or2lum Registers an existing instance on Luminate
or2mivlan Moves specific instance under available VLAN
or2mm Manages Messaging Service messages
or2modhs Modifies the settings of a hardware server
or2mon Add an instance to Zabbix monitoring list
or2mq Manages Messaging service queues
or2ms Activates/deactivates available services for a particular project
or2price Lists prices for all activated shapes
or2rawss Launches a specified stack on AWS
or2rcp Reverts instance to the latest available checkpoint
or2rdb manages the relational database service
or2reboot Reboots specified instances
or2reghs Registers a dedicated instance as a hardware server in EPAM Cloud
or2relsip Releases a static IP from the project
or2report Prepares a monthly billing report
or2resvol Resizes the specified volume for instance
or2rmstack Runs a new maestro stack based on an existing template
or2run Launches the specified number of instances with provided shape and image
or2setp Assigns user-defined metadata to instances
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 242
Command Description or2settag Assigns a custom tag to an instance or a volume for billing purposes
or2sm Remove an instance from the monitoring list
or2sr Manages Sonar rules
or2sqp Manages Sonar quality profiles
or2start Starts the specified stopped instances
or2stop Stops the specified instances
or2stoplog Removes the instance from logging list
or2ter Manages Terraform templates
or2sus Powers down an instance
or2uf Uploads a new file and saves it in Orchestrator
or2unreghs Unregisters hardware server
or2update Checks for updates and updates
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 243
ANNEX G – PAAS GUEST OPERATING SYSTEMS
Service name Used Image
Artifactory as a Service (AFS) CentOS7_64-bit
Auto Configuration Service (ACS): Chef server (epc/user modes) /version 13 Ubuntu16.04_64-bit/Ubuntu16.04_64-bit
Cloud Monitoring Service (CMS): Zabbix Ubuntu16.04_64-bit
Docker/Docker registry (DOS) (with volumes)
The last stable version of the CoreOS_64-bit
CoreOS_899.13_64-bit
Docker/Docker registry Service (DOS) Ubuntu16.04_64-bit
Gerrit as a Service (GAS) Ubuntu 16.04_64-bit
Hybris as a Service (HAS) CentOS7_64-bit
Jenkins as a Service (JAS) Ubuntu18.04_64-bit
Kubernetes as a Service (KUB) Fedora CoreOS
Load Balancer Service (LBS) Ubuntu16.04_64-bit
Log Aggregation Service (LAS) Ubuntu16.04_64-bit
Magento as a Service (MAS) CentOS7_64-bit
Messaging Service (MES) Ubuntu16.04_64-bit
Relational Data Base Service (RDB) Mariadb Ubuntu16.04_64-bit
Relational Data Base Service (RDB) MSSQL (2012) W2012R2Std
Relational Data Base Service (RDB) MSSQL (2014) hardware W2012R2Std
Relational Data Base Service (RDB) MySQL Ubuntu16.04_64-bit
Relational Data Base Service (RDB) Oracle OracleLinux7_64-bit
Relational Data Base Service (RDB) PostgreSQL Ubuntu16.04_64-bit
Sonar as a Service (SQS) Ubuntu 16.04_64-bit
Telemetry as a Service (TMS) Ubuntu16.04_64-bit
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 244
TABLE OF FIGURES
Figure 1 - or2help Command Output .................................................................................................................. 13
Figure 2 - Command help for incorrect parameters input ................................................................................... 13
Figure 3 - Command response with --help option ............................................................................................... 14
Figure 4 - or2access Response Example ........................................................................................................... 15
Figure 5 - or2check Response Example ............................................................................................................. 16
Figure 6 - or2info Response Example ................................................................................................................. 18
Figure 7 - or2update Response Example ........................................................................................................... 19
Figure 8 - or2dpro Response Example ............................................................................................................... 20
Figure 9 - or2dreg Response Example ............................................................................................................... 22
Figure 10 - or2dim Response Example ............................................................................................................... 24
Figure 11 - or2dshape Response Example (OpenStack-based region) ............................................................. 25
Figure 12 - or2run Response Example ............................................................................................................... 29
Figure 13 - or2stop Example Response .............................................................................................................. 30
Figure 14 - or2start Response Example ............................................................................................................. 31
Figure 15 - or2reboot Response Example .......................................................................................................... 32
Figure 16 - or2kill Response Example ................................................................................................................ 34
Figure 17 - or2lock Response Example .............................................................................................................. 35
Figure 18 - or2lock command repeated to allow instance termination ................................................................ 35
Figure 19 - or2din General Response Example .................................................................................................. 37
Figure 20 - or2din Response Example with Filters ............................................................................................. 37
Figure 21 - or2chshape Response Example ....................................................................................................... 38
Figure 22 - or2chshape Shape Expand Response Example .............................................................................. 38
Figure 23 - or2chow Response Example ............................................................................................................ 39
Figure 24 - or2vps Response Example ............................................................................................................... 40
Figure 25 - or2dvlans Response Example .......................................................................................................... 41
Figure 26 - or2mivlan Response Example .......................................................................................................... 42
Figure 27 - or2dsn command response .............................................................................................................. 43
Figure 28 - or2lt Response Example ................................................................................................................... 44
Figure 29 - or2addsch Response Example ......................................................................................................... 47
Figure 30 - or2dsch Response Example ............................................................................................................. 48
Figure 31 - or2schaddi Response Example ........................................................................................................ 49
Figure 32 - or2schremi Response Example ........................................................................................................ 50
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 245
Figure 33 - or2delsch Response Example .......................................................................................................... 51
Figure 34 - or2setp Response Example .............................................................................................................. 55
Figure 35 - or2getp Response Example ............................................................................................................. 56
Figure 36 - or2delp Response Examples ........................................................................................................... 57
Figure 37 - or2cim Response Example ............................................................................................................... 59
Figure 38 - or2delim Response Example ............................................................................................................ 60
Figure 39 - TCP/IP Configuration (Windows) ...................................................................................................... 61
Figure 40 - Creating Local Windows User .......................................................................................................... 62
Figure 41 - Assigning Administrator Privileges to a Windows User .................................................................... 63
Figure 42 - Excluding Guest OS from Domain (Windows) .................................................................................. 64
Figure 43 - Renaming Guest OS (Windows) ....................................................................................................... 64
Figure 44 - Rebooting a VM in Azure region ....................................................................................................... 65
Figure 45 - or2addkey Response Example ......................................................................................................... 69
Figure 46 - or2ikey Response Example .............................................................................................................. 71
Figure 47 - or2dkey Response Example ............................................................................................................. 72
Figure 48 - or2delkey Response Example .......................................................................................................... 73
Figure 49 - or2console Response Example ........................................................................................................ 74
Figure 50 - Console credentials .......................................................................................................................... 75
Figure 51 - or2awsmc Response Example ......................................................................................................... 76
Figure 52 – or2iam Response Example .............................................................................................................. 77
Figure 53 - or2azmc Response Example ............................................................................................................ 78
Figure 54 - or2alsip Command Example ............................................................................................................. 81
Figure 55 - or2assip Command Example ............................................................................................................ 82
Figure 56 - or2dsip Command Response Example ............................................................................................ 83
Figure 57 - or2dissip Command Response ......................................................................................................... 84
Figure 58 - or2relsip Command Response ......................................................................................................... 85
Figure 59 - or2lum Command Response ............................................................................................................ 86
Figure 60 - or2dpp Command Response ............................................................................................................ 87
Figure 61 - or2addattvol Response Example ...................................................................................................... 89
Figure 62 - or2attvol Response Example ............................................................................................................ 90
Figure 63 - or2detvol Response Example ........................................................................................................... 91
Figure 64 - or2resvol Response Example ........................................................................................................... 92
Figure 65 - or2dvol Response Example .............................................................................................................. 94
Figure 66 - or2dvol Empty Response Example ................................................................................................... 94
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 246
Figure 67 - or2delvol Response Example ........................................................................................................... 95
Figure 68 - df-h Response Example.................................................................................................................... 96
Figure 69 - Computer Management in Windows 8 .............................................................................................. 97
Figure 70 - or2ccp Response Example ............................................................................................................. 100
Figure 71 - or2dcp Response Example ............................................................................................................. 101
Figure 72 - or2gcp Response Example ............................................................................................................. 102
Figure 73 - or2rcp Response Example ............................................................................................................. 103
Figure 74 - or2delcp Response Example .......................................................................................................... 104
Figure 75 - or2reghs Response Example ......................................................................................................... 106
Figure 76 - or2unreghs Response Example ..................................................................................................... 107
Figure 77 - or2modhs Response Example ........................................................................................................ 109
Figure 78 - or2hr Response Example ............................................................................................................... 110
Figure 79 - Price Breakdown ............................................................................................................................. 111
Figure 80 - or2report Response Example ......................................................................................................... 113
Figure 81 - or2price Response Example ........................................................................................................... 116
Figure 82 - or2audit Response Example ........................................................................................................... 118
Figure 83 - Account report ................................................................................................................................. 119
Figure 84 - or2dacc Command Example .......................................................................................................... 120
Figure 85 - or2settag Response Example ......................................................................................................... 122
Figure 86 - or2dtag Response Example ........................................................................................................... 123
Figure 87 - or2deltag Response Example ......................................................................................................... 124
Figure 88 - or2uf Response Example ............................................................................................................... 126
Figure 89 - or2delf Response Example ............................................................................................................. 127
Figure 90 - or2df Response Example ............................................................................................................... 128
Figure 91 - or2sc Response Example ............................................................................................................... 129
Figure 92 - or2ter Response Example .............................................................................................................. 131
Figure 93 - or2rsawss Response Example ....................................................................................................... 132
Figure 94 - or2dawss Response Example ........................................................................................................ 133
Figure 95 - or2dawsse Response Example ...................................................................................................... 134
Figure 96 - or2dawssr Response Example ....................................................................................................... 136
Figure 97 - or2delawss Response Example ..................................................................................................... 137
Figure 98 - or2dmstack Response Example ..................................................................................................... 138
Figure 99 - or2rmstack -m Response Example ................................................................................................. 140
Figure 100 - or2delmstack -m Response Example ........................................................................................... 141
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 247
Figure 101 - or2dmsr Response Example ........................................................................................................ 142
Figure 102 – or2vmst Response Example ........................................................................................................ 143
Figure 103 - or2cmst Response Example ......................................................................................................... 144
Figure 104 - or2-manage-service Response Example...................................................................................... 147
Figure 105 - or2dser Response Example (shown in 2 lines for better visibility) ............................................... 149
Figure 106 - or2cm Response Example ........................................................................................................... 153
Figure 107 - Disabling auto configuration for a specific OS .............................................................................. 153
Figure 108 - Reviewing information on the current status of the ACS .............................................................. 153
Figure 109 - or2dchef Response Example ........................................................................................................ 154
Figure 110 - The or2-validate-chef command output ........................................................................................ 155
Figure 111 - or2dmon Response Example ....................................................................................................... 157
Figure 112 - or2mon Response Example ......................................................................................................... 158
Figure 113 - or2stopmon Response Example ................................................................................................... 159
Figure 114 - Zabbix metrics details on UI ......................................................................................................... 160
Figure 115 - Zabbix Graph in web Interface ...................................................................................................... 161
Figure 116 - or2starttel Response Example ...................................................................................................... 163
Figure 117 - or2stoptel Response Example ...................................................................................................... 164
Figure 118 - or2dtelag Response Example ....................................................................................................... 165
Figure 119 - Telemetry agent with available metrics......................................................................................... 166
Figure 120 – or2tel Response Example ............................................................................................................ 167
Figure 121 - or2lbconf –-balancing Response Example ................................................................................... 173
Figure 122 - or2lbconf –-limit Response Example ............................................................................................ 174
Figure 123 - or2lbconf –-ban Response Example ........................................................................................... 175
Figure 124 - or2lbconf –-cache --url --expiration Response Example ............................................................. 175
Figure 125 - or2dlb Response Example ............................................................................................................ 176
Figure 126 - or2osc Command Response Example ......................................................................................... 178
Figure 127 - or2osc Command Response Example for compiling inventory file .............................................. 178
Figure 128 - or2di Command Response Example ............................................................................................ 181
Figure 129 - or2di -a Commit Response Example ............................................................................................ 181
Figure 130 - or2ds -a run Command Response ................................................................................................ 183
Figure 131 - or2ds -a describe Command Response ....................................................................................... 183
Figure 132 - or2dv Command Response .......................................................................................................... 184
Figure 133 - Docker volume deletion ................................................................................................................ 185
Figure 134 – Docker registry creation ............................................................................................................... 186
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 248
Figure 135 - or2dri -a describe Response Example.......................................................................................... 187
Figure 136 - or2dri -a delete Response Example ............................................................................................. 187
Figure 137 - or2dd Command Response .......................................................................................................... 189
Figure 138 - or2kc response example ............................................................................................................... 191
Figure 139 - List of missing plugins ................................................................................................................... 193
Figure 140 - List of Jenkins plugins ................................................................................................................... 194
Figure 141 - Jenkins plugin uninstallation ......................................................................................................... 195
Figure 142 – Sonar Service Info (shown in two lines for better visibility) .......................................................... 200
Figure 143 – or2sqp Command Response ....................................................................................................... 202
Figure 144 - Rules activation for Sonar quality profile ...................................................................................... 202
Figure 145 – or2sr Command Response .......................................................................................................... 203
Figure 146 – Artifactory Service Info (shown in two lines for better visibility) ................................................... 205
Figure 147 - the or2rdb [-a describe] Response Example ................................................................................ 207
Figure 148 - or2rdb -a install Response Example ............................................................................................. 207
Figure 149 - or2rdb -a remove Response Example .......................................................................................... 207
Figure 150 - Magento service info (shown in two lines for better visibility) ....................................................... 208
Figure 151 - or2mq -a create Response Example ............................................................................................ 210
Figure 152 - or2mm -a send Command Response ........................................................................................... 211
Figure 153 - or2ai Response Example .............................................................................................................. 212
Figure 154 - or2ah Response Example ............................................................................................................ 213
Figure 155 - or2ag Response Example ............................................................................................................ 214
Figure 156 - or2agp Response Example .......................................................................................................... 215
Figure 157 – Fragment of or2adi Response Example ...................................................................................... 216
Figure 158 - Fragment of or2adi Response Example in a Formatted Way ...................................................... 216
Figure 159 - Troubleshooting Scheme .............................................................................................................. 217
Figure 160 - Describing available AWS regions ................................................................................................ 230
Figure 161 - Describing available Azure regions .............................................................................................. 231
Figure 162 - Describing available Google Cloud regions .................................................................................. 232
Figure 163 - Remote connection to a Windows instance .................................................................................. 234
Figure 164 - Connecting to a Windows VM in AWS.......................................................................................... 235
Figure 165 - Run instance letter with a password ............................................................................................. 235
Figure 166 - A Start Instance letter with IPs ...................................................................................................... 236
Figure 167 - VNC Client start ............................................................................................................................ 237
Figure 168 - VNC client authentication ............................................................................................................. 237
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 249
Figure 169 - VNC Client start ............................................................................................................................ 238
Figure 170 - VNC client authentication ............................................................................................................. 238
Figure 171 - VNC web access link .................................................................................................................... 239
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 250
VERSION HISTORY
The document is constantly updated since September 2012. The table below provides its main development
points until the beginning of 2015, and the detailed story starting from this year.
Version Date Summary
19.11 February 20, 2021 - Added a new command for Describing a workspace for a
project
19.10 December 18, 2020 - Updated description of or2run, or2uf and or2rebuild
command sections
19.9 October 31, 2020 - Updated Security Scanning section - Added a new command for Rebuilding an instance
19.8 August 22, 2020 - Updated Jenkins parameters - Updated RDB service section
19.7 June 27, 2020
- Added a new command and parameters for Luminate - Updated Chef version - Updated Jenkins version - Added information about creating custom Fedora CoreOS
images
19.6.9 April 18, 2020
- Updated Terminate instances section - Updated Hardware MacOS section - Updated Determining Available Images section - Updated Working with Volumes section - Updated Working with Volumes section
19.6.8 February 22, 2020
- Updated information about or2audit, or2ds, or2report commands
- User login information updated when logging into Windows VM in Google Cloud
- Removed Ambari Service - Removed Hybris as a service
- Updated Running Instances section - Updated Working with Volumes section - Updated Changing instance shape section
19.6.7 December 22, 2019 - Docker service information updated - Chef service information updated - Zabbix monitoring service information updated
19.6.6 October 26, 2019
- Updated Kubernetes Service information - Removed Sitecore as a Service - Removed ATG as a Service - Added or2dsn command
19.6.5 August 17, 2019 - Updated Linux images preparation
19.6.4 June 1, 2019
- Updated Customs Instance properties, syntax and template creation is added
- Hadoop, AEM, FTP2S3, Splunk services removed - OpenShift, Hybris, Sitecore services updated - Annex G is updated - OpenShift section is updated - Gnocchi version is updated
19.6.33 March 27, 2019 - Private cloud permissions for a specific user section added
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 251
19.6.32 March 5, 2019
- Removed Terraform from files management commands - Added Terraform group to or2audit - Added --action parameter to or2ter command - Adobe AEM Service versions updated - Sonar Versions updated - Magento versions updated
19.6.31 February 19, 2019
- Management operations. Updated section 14.3.1. Parameters --s stacks - Added option --force to VM management operations for or2din, or2stop, or2reboot - Updated preparation for custom image creation from Linux instances instruction - Info about EPAM-HU2 updated
19.6.30 February 6, 2019 - Updated Project Role Mapping, Annex A – User Permissions
19.6.29 January 2019 - Updated the instance shape mapping
19.6.28 November 2018 - Added the or2ter command - Added the Terraform parameter to the or2ms command
19.6.27 September 8, 2018
- Updated checkpoint prices - Added information on AWS Launch Template - Added information on Terraform - Added info on --launch-template (-u) parameter to the or2run
command - Updated the information on --shape (-s) and -- image (-i)
parameters in the or2run command - Updated the information on --action (-a) parameter in the
or2ssm command - Terraform command added - AWS Launch Template command added - Updated Jenkins and Artifactory services description (they are
no longer unavailable in Google)
19.6.26 August 25, 2018 - Updated default permissions mapping
19.6.25 July 8, 2018 - Updated information on logging in to virtual MacOs - Added the information on the SSM service
19.6.24 June 30, 2018 - Removed info on the EPAM-DKR region
19.6.23 May 18, 2018 - Added the -resourceGroup parameter to the set of commands
for the work with Azure
19.6.22 April 4, 2018 - Updated the info about Kubernetes as Service
19.6.21 March 24, 2018
- Updated information about availability of the or2resvol command in different regions
- Removed the references to EPAM-KZ1 region. - Added info on the OpenShift service
19.6.20 February 22, 2018 - Update the description of the section 5.3 - Added 2 sections about the VMs in Azure regions
19.6.19 January 31, 2018
- Removed the ‘or2-suspend’ command - Added EPAM-UA2 region info - Updated EPAM-MAC region info with
MacOS_10.13_HighSierra - Updated the --use-sys-disc-size parameter info
19.6.18 January 28, 2017 - Updated the permissions mapping table
19.6.17 December 22, 2017 - RDB Service info update - OS for PaaS Service table added
19.6.16 December 15, 2017 - ACS info updated
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 252
19.6.15 December 7, 2017 - Image creation availability for EPAM-KZ1 region updated - Info about Jenkins availability in different regions updated
19.6.14 December 6, 2017 - Image name and description restrictions update
19.6.13 December 1, 2017 - Shared Chef Server info updated - Chef 12 and Chef 11 availability info updated
19.6.12 November 30, 2017 - MSQ3 information removed
19.6.11 November 4, 2017 - Updated Creating Images and Disassociate Static IP Sections
19.6.10 September 9, 2017 - Updated checkpoints creation limitations - Updated Telemetry as a Service info - Updated EPAM-RU2 price in Annex D
19.6.9 July 15, 2017 - fixed-ip parameter removed from the description of or2-
allocate-static-ip command - Description of Telemetry as a Service added
19.6.8 May 20, 2017 - Description of Cloudify service removed - Information on static IP-related commands availability by
regions updated
19.6.7 April 8, 2017
- Updated info on Checkpoints (recommendation to create checkpoints on stopped instances)
- or2mjp command added - or2run command description updated with spot instance
parameters - Information about EPAM-BY2 region added
19.6.6 February 25, 2017
- Azure specifics is clarified for or2ikey command. - Google-related specifics added - or2adp command replaced with or2dp - Hybris as a Service info updated - Sonar as a Service info updated - Artifactory as a Service info added - Schedules info updated with --all -t options
19.6.5 December 16, 2016
- Kubernetes commands added - Sonar as a Service info added - or2dr (or2-docker-registry) command removed - Option of command output display in json format added - Classification changed from Confidential to Public, approved
by Dzmitry Pliushch
19.6.4 October 29, 2016
- Reference to EPAM-US1-PROD and EPAM-RU1 regions removed
- EPAM-US2 region added - Instructions for VM preparation for image creation updated
with information specific to Microsoft Azure regions - Backup Service commands added
19.6.3 September 3, 2016
- Updated or2rmstack command description - Note about Chef mode change added - Hyperlinks fixed - Updated permissions map - Added IND1 region info - Splunk as a Service info added - Magento as a Service info added - ATG as a Service info added - Sitecore as a Service info updated - AEM as a Service info updated
19.6.2 July 8, 2016 - Updated shapes limitations info
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 253
19.6 July 2, 2016 - Added Services cooperation notifications - Commands related to security scanning added
19.5 May 22, 2016
- Updated Permissions table with new PMC Roles - Added “Finding the device parameter” section - Screenshots updated - Description of hardware-related commands added - Description of Kubernetes as a Service added - Updated regions table with Virtualization column
19.4 March 26, 2016
- Added 1.1 Getting CLI Help - Updated regions specifics info - Added Annex E – Logging in to Instances - Added or2lock command - Updated 2.3 Logging in to Instances - Docker Service info updated - Hybris Service info added
19.3 February 13, 2016
- Updated or2report, or2ac, or2help, or2dreg, or2din commands descriptions
- Updated or2dd examples - Added or2prkill command
19.2 December 20, 2015 - Added MES service commands - Issues fixed
19.1 November 7, 2015 - Issues fixed
19.0 September 6, 2015 - Renamed to csug_02_maestro_cli_user_guide - Updated layout, reviewed content.
18.0 April 26, 2014 - Totally restructured. The commands are grouped by purpose, additional info added.
15.22 September 4, 2013 - links throughout the document are revised
15.21 August 16, 2013 - related documents are updated
10.0 February 9, 2013 - Major revision including update of AWS-related command syntax, new commands, user permissions etc.
8.01 December 21, 2012 - Major command revision
4.1 October 9, 2012 - Restructured as user/reference guide - Setup section is shortened - Reference to setup guide is added
1.0 September 07, 2012 - First published