epam cloud orchestrator - maestro cli user guide · maestro cli user guide user guide march 2018...
TRANSCRIPT
Legal Notice: This document contains privileged and/or confidential information and may not be disclosed, distributed or
reproduced without the prior written permission of EPAM®.
EPAM Cloud Orchestrator
MAESTRO CLI USER GUIDE
User Guide
May 2018
CSUG-2
Version 19.6.23
EPAM Cloud Orchestrator - Maestro CLI User Guide
2 EPAM PUBLIC
CONTENTS
Preface .................................................................................................................................. 11
About this Guide ............................................................................................................ 11
Audience ........................................................................................................................ 11
The structure of the Guide ............................................................................................. 11
Documentation References ........................................................................................... 12
1 Getting Started ............................................................................................................... 13
1.1 Installing Maestro CLI ....................................................................................... 13
1.2 Getting Maestro CLI Help ................................................................................. 13
1.3 Setting the Credentials...................................................................................... 15
1.4 Checking the Maestro CLI Client Version ......................................................... 17
1.5 Maestro CLI Info ............................................................................................... 18
1.6 Updating the Maestro CLI Client ....................................................................... 20
1.7 Describe Projects .............................................................................................. 21
1.8 Describe Regions .............................................................................................. 22
2 Working With Instances ................................................................................................. 24
2.1 Determining Available Images .......................................................................... 24
2.2 Determining Available Shapes .......................................................................... 26
2.3 Running Instances ............................................................................................ 27
2.4 Stop (Pause) Instances..................................................................................... 30
2.5 Start (Resume) Instances ................................................................................. 31
2.6 Reboot Instances .............................................................................................. 33
2.7 Terminate Instances ......................................................................................... 34
2.8 Lock Instance Termination ................................................................................ 35
2.9 Describe Existing Instances .............................................................................. 36
2.10 Changing Instance Shape ................................................................................ 38
2.11 Changing Instance Owner ................................................................................ 39
2.12 View Pool State ................................................................................................. 40
2.13 Describe VLANs ................................................................................................ 41
2.14 Move Instance to VLAN .................................................................................... 42
EPAM Cloud Orchestrator - Maestro CLI User Guide
3 EPAM PUBLIC
3 Scheduling Instance Activities ....................................................................................... 43
3.1 Create Schedule ............................................................................................... 43
3.2 Describe Schedules .......................................................................................... 45
3.3 Add Instance to Schedule ................................................................................. 46
3.4 Remove Instance from Schedule ...................................................................... 47
3.5 Delete Schedule ................................................................................................ 48
3.6 Cron Reference ................................................................................................. 49
4 Instance Properties ........................................................................................................ 51
4.1 Set Instance Properties..................................................................................... 51
4.2 Describe Instance Properties ............................................................................ 53
4.3 Delete Instance Properties ............................................................................... 54
5 Creating Images ............................................................................................................ 55
5.1 Create an Image ............................................................................................... 55
5.2 Delete Image ..................................................................................................... 57
5.3 Preparing Instances for Image Creation ........................................................... 58
5.3.1 Windows OS Family .................................................................................. 58
5.3.2 Linux OS Family ........................................................................................ 62
6 Security and Connection ............................................................................................... 64
6.1 Create Key Pair ................................................................................................. 64
6.2 Import Key Pair ................................................................................................. 66
6.3 Describe Key Pairs ........................................................................................... 68
6.4 Delete Key Pair ................................................................................................. 69
6.5 Console ............................................................................................................. 70
6.6 Accessing AWS Management Console ............................................................ 72
6.7 IAM User Management ..................................................................................... 73
6.8 Accessing Azure Management Console ........................................................... 74
6.9 Accessing Google Management Console......................................................... 75
6.10 Decrypting Instance password .......................................................................... 76
6.11 Allocating a Static IP for a Project .................................................................... 77
6.12 Assign a Static IP to a VM ................................................................................ 78
6.13 Describe Static IPs ............................................................................................ 79
6.14 Disassociate a Static IP from a VM .................................................................. 80
EPAM Cloud Orchestrator - Maestro CLI User Guide
4 EPAM PUBLIC
6.15 Release a Static IP ........................................................................................... 81
7 Working with Volumes ................................................................................................... 82
7.1 Create and Attach Volume ................................................................................ 82
7.2 Attach Volume ................................................................................................... 84
7.3 Detach Volume ................................................................................................. 85
7.4 Resize Volumes ................................................................................................ 86
7.5 Describe Volumes ............................................................................................. 87
7.6 Delete Volume .................................................................................................. 89
7.7 Finding the Device Parameter .......................................................................... 90
7.8 Mounting Storage Volumes .............................................................................. 91
7.8.1 Windows OS family ................................................................................... 91
7.8.2 Linux OS Family ........................................................................................ 92
8 Working with Checkpoints ............................................................................................. 93
8.1 Create Instance Checkpoint ............................................................................. 94
8.2 Describe Instance Checkpoints ........................................................................ 95
8.3 Go to Instance Checkpoint ............................................................................... 96
8.4 Revert to Instance Checkpoint .......................................................................... 97
8.5 Delete Instance Checkpoint .............................................................................. 98
9 Working with Hardware Servers .................................................................................... 99
9.1 Hardware Server Registration .......................................................................... 99
9.2 Hardware Server Unregistration ..................................................................... 101
9.3 Hardware Server Modification ........................................................................ 101
9.4 Hardware Report ............................................................................................. 104
10 Audit and Billing ........................................................................................................... 105
10.1 Project Report ................................................................................................. 106
10.2 Get Prices ....................................................................................................... 108
10.3 Instance Audit ................................................................................................. 111
10.4 Working with EO Accounts ............................................................................. 113
11 Using Tags ................................................................................................................... 115
11.1 Set Tag ........................................................................................................... 115
11.2 Describe Tag ................................................................................................... 117
11.3 Delete Tag ...................................................................................................... 118
EPAM Cloud Orchestrator - Maestro CLI User Guide
5 EPAM PUBLIC
12 Working with Files ........................................................................................................ 119
12.1 Upload a New File ........................................................................................... 119
12.2 Delete a File .................................................................................................... 121
12.3 Describe Files ................................................................................................. 122
13 Security Scanning ........................................................................................................ 123
13.1 Starting Security Scan .................................................................................... 123
13.2 Describing Nessus Templates ........................................................................ 124
14 Automating Infrastructure Manipulation ....................................................................... 125
14.1 Amazon Cloud Formation ............................................................................... 125
14.1.1 Run AWS Stack ...................................................................................... 125
14.1.2 Describe AWS Stacks ............................................................................. 127
14.1.3 Describe AWS Stack Events ................................................................... 128
14.1.4 Describe AWS Stack Resources ............................................................ 129
14.1.5 Delete AWS Stack ................................................................................... 131
14.2 Maestro Stacks ............................................................................................... 132
14.2.1 Describe Maestro Stacks ........................................................................ 132
14.2.2 Run Maestro Stack .................................................................................. 133
14.2.3 Delete Maestro Stack .............................................................................. 135
14.2.4 Describe Stack Resources ...................................................................... 136
14.2.5 Validate Maestro Stack Template ........................................................... 137
14.2.6 Convert Maestro Stack Template ........................................................... 138
15 Services ....................................................................................................................... 139
15.1 Services Manipulation ..................................................................................... 140
15.1.1 Starting a Service .................................................................................... 140
15.1.2 Describing Project Services .................................................................... 142
15.1.3 Monitoring the Services ........................................................................... 144
15.2 Chef Server Service ........................................................................................ 145
15.2.1 Set Chef Mode ........................................................................................ 146
15.2.2 Disabling Auto Configuration for Specific OS ......................................... 147
15.2.3 Retrieving Chef Information .................................................................... 147
15.2.4 Collecting Info on Chef Clients ................................................................ 148
15.3 Zabbix Monitoring Service .............................................................................. 149
EPAM Cloud Orchestrator - Maestro CLI User Guide
6 EPAM PUBLIC
15.3.1 Starting a Service .................................................................................... 149
15.3.2 Service Info ............................................................................................. 150
15.3.3 Start Monitoring an Instance ................................................................... 151
15.3.4 Stop Monitoring an Instance ................................................................... 152
15.3.5 Viewing Zabbix Data ............................................................................... 153
15.4 Telemetry as a Service ................................................................................... 155
15.4.1 Starting a Service .................................................................................... 155
15.4.2 Adding an Instance to Telemetry ............................................................ 156
15.4.3 Stop Collecting Telemetry from the Instance .......................................... 157
15.4.4 Describe Telemetry Agents ..................................................................... 158
15.4.5 Get Telemetry ......................................................................................... 159
15.5 Log Aggregation Service ................................................................................ 160
15.5.1 Starting a Service .................................................................................... 160
15.5.2 Log Service Info ...................................................................................... 160
15.5.3 Start Collecting Logs from an Instance ................................................... 161
15.5.4 Stop Collecting Logs from an Instance ................................................... 162
15.5.5 Viewing the Collected Logs ..................................................................... 162
15.6 Load Balancing Service .................................................................................. 163
15.6.1 Starting and Managing the Service ......................................................... 163
15.6.2 Load Balancer Configuration................................................................... 163
15.6.3 Configure Balancing ................................................................................ 165
15.6.4 Configure Limits ...................................................................................... 165
15.6.5 Configure Bans ....................................................................................... 166
15.6.6 Configure Cache ..................................................................................... 167
15.6.7 Describe Load Balancer Members .......................................................... 168
15.7 FTP to AWS S3 Service.................................................................................. 169
15.7.1 Service Activation .................................................................................... 169
15.7.2 S3 Buckets Management ........................................................................ 169
15.7.3 Providing Access to Users ...................................................................... 170
15.8 OpenShift as a Service ................................................................................... 171
15.8.1 Service Activation .................................................................................... 171
15.8.2 OpenShift Configuration .......................................................................... 171
EPAM Cloud Orchestrator - Maestro CLI User Guide
7 EPAM PUBLIC
15.9 Docker Service ................................................................................................ 172
15.9.1 Starting the Service ................................................................................. 173
15.9.2 Docker Container Images ....................................................................... 173
15.9.3 Manipulating Containers ......................................................................... 176
15.9.4 Manipulating Volumes ............................................................................. 178
15.9.5 Creating a Docker Registry ..................................................................... 180
15.9.6 Manipulating Registry Images ................................................................. 180
15.9.7 Docker Service Info ................................................................................. 182
15.10 Kubernetes as a Service ................................................................................. 184
15.10.1 Starting the Kubernetes Service ............................................................. 184
15.10.2 Kubernetes Info ....................................................................................... 184
15.10.3 Kubernetes Pods Management .............................................................. 185
15.10.4 Kubernetes Namespaces Management .................................................. 186
15.10.5 Kubernetes Services Management ......................................................... 187
15.10.6 Kubernetes Replication Controllers Management .................................. 188
15.10.7 Kubernetes Nodes Management ............................................................ 188
15.10.8 Using the Service .................................................................................... 189
15.11 Hadoop Data Platform Service ....................................................................... 190
15.11.1 Starting the service ................................................................................. 190
15.11.2 Retrieving Hadoop Information ............................................................... 191
15.11.3 Manipulating Slaves and Clients ............................................................. 192
15.11.4 Running Jobs .......................................................................................... 193
15.12 Ambari as a Service ........................................................................................ 194
15.12.1 Starting the service ................................................................................. 194
15.12.2 Setting up the Ambari Cluster ................................................................. 195
15.12.3 Retrieving Information on Ambari Resources ......................................... 196
15.13 Splunk as a Service ........................................................................................ 197
15.13.1 Service Architecture ................................................................................ 197
15.13.2 Starting the service ................................................................................. 198
15.13.3 Splunk Proxy ........................................................................................... 198
15.13.4 Retrieving Splunk Information ................................................................. 199
15.14 Jenkins as a Service ....................................................................................... 200
EPAM Cloud Orchestrator - Maestro CLI User Guide
8 EPAM PUBLIC
15.14.1 Starting the service ................................................................................. 200
15.14.2 Creating a Jenkins Job ............................................................................ 201
15.14.3 Jenkins Plugins Management ................................................................. 202
15.14.4 Describing Existing Jenkins Jobs ............................................................ 204
15.14.5 Triggering a Jenkins Job ......................................................................... 205
15.14.6 Removing a Jenkins Job ......................................................................... 206
15.14.7 Configuration File Example ..................................................................... 207
15.15 Sonar as a Service .......................................................................................... 208
15.15.1 Service Activation .................................................................................... 208
15.15.2 Service Manipulation ............................................................................... 208
15.15.3 Sonar Quality Profiles ............................................................................. 209
15.15.4 Sonar Rules ............................................................................................ 210
15.16 Artifactory as a Service ................................................................................... 212
15.16.1 Service Activation .................................................................................... 212
15.16.2 Service Manipulation ............................................................................... 212
15.17 Adobe AEM Service ........................................................................................ 214
15.18 Sitecore as a Service ...................................................................................... 216
15.18.1 Service Architecture ................................................................................ 216
15.18.2 Single Mode ............................................................................................ 216
15.18.3 Large Mode ............................................................................................. 217
14.18 Relational Database Service .......................................................................... 221
15.20 Hybris as a Service ......................................................................................... 223
15.20.1 Service Architecture ................................................................................ 223
15.20.2 Service Manipulation ............................................................................... 224
15.21 Magento as a Service ..................................................................................... 226
15.21.1 Service Activation .................................................................................... 226
15.21.2 Service Manipulation ............................................................................... 226
15.22 ATG as a Service ............................................................................................ 227
15.22.1 Service Architecture ................................................................................ 227
15.22.2 Service Activation .................................................................................... 228
15.22.3 Service Manipulation ............................................................................... 228
15.23 Messaging as a Service .................................................................................. 229
EPAM Cloud Orchestrator - Maestro CLI User Guide
9 EPAM PUBLIC
15.23.1 Starting the service ................................................................................. 229
15.23.2 Getting Tokens ........................................................................................ 229
15.23.3 Queues Manipulation .............................................................................. 230
15.23.4 Messages Manipulation .......................................................................... 231
16 Ansible Usage .............................................................................................................. 232
16.1 Initializing Environment ................................................................................... 232
16.2 Ansbile Hosts .................................................................................................. 233
16.3 Ansible Groups ............................................................................................... 234
16.4 Ansible Group Properties ................................................................................ 235
16.5 Ansible Dynamic Inventory ............................................................................. 236
17 Troubleshooting ........................................................................................................... 237
Annex A - User Permissions ............................................................................................... 238
User Groups ................................................................................................................ 238
Default Project Roles ................................................................................................... 241
Annex B – Client Versioning ................................................................................................ 243
Annex C – Instance Types and Their Shapes ..................................................................... 244
Annex D – Service Locations .............................................................................................. 245
EPAM Infrastructure .................................................................................................... 245
AWS Cloud Formation Regions ................................................................................... 248
Azure Regions ............................................................................................................. 250
Google Cloud Regions ................................................................................................ 251
Annex E – Logging in to Instances ...................................................................................... 252
Windows ...................................................................................................................... 252
Linux 252
AWS – Windows .......................................................................................................... 252
Azure 254
Google Cloud Regions: ............................................................................................... 255
Hardware MacOs ......................................................................................................... 256
Virtual MacOs .............................................................................................................. 256
Annex F – Maestro CLI Commands List ............................................................................. 258
Annex G – PaaS Guest Operating Systems ....................................................................... 261
Table of Figures................................................................................................................... 262
EPAM Cloud Orchestrator - Maestro CLI User Guide
10 EPAM PUBLIC
Version history ..................................................................................................................... 268
EPAM Cloud Orchestrator - Maestro CLI User Guide
11 EPAM PUBLIC
PREFACE
ABOUT THIS GUIDE
Maestro Command Line Interface (CLI) is intended to perform basic Orchestrator
commands via remote command line by sending server API requests using REST API without
the need to install 3rd party utilities. Maestro CLI commands are based on respective
commands for Amazon AWS. We picked a minimum required set of parameters for each
command. This way we were able to uniform the commands for different service providers.
This document provides detailed reference, including purpose, use case and syntax for each
of Maestro CLI commands.
The document is being constantly modified and updated. Please, feel free to contact us if
any questions or issues appear.
AUDIENCE
This guide is designed for EPAM Cloud users who create, manage and monitor their virtual
infrastructure using Maestro CLI.
THE STRUCTURE OF THE GUIDE
• Getting Started section gives the instructions on how to start working with Maestro
CLI, set credentials and see the regions and projects available for the user.
• Working With Instances section lists the commands dealing with the instance
manipulation and info.
• Scheduling Instance Activities section provides the commands to set up and
manipulate cron schedules
• Instance Properties section lists the commands dealing with instance properties
• Creating Images section gives image-related commands and the instructions on
preparing an instance for image creation.
• Security and Connection section describes keys and console commands
• Working with Volumes section lists the volume-related command and gives
instructions on volumes mounting and usage.
• Working with Checkpoints section lists checkpoint-related commands and tips.
• Audit and Billing section gives report, prices and audit-related commands.
• Using Tags section lists the tag-related commands
• Working with Files section lists files manipulation commands
• Automating Infrastructure Manipulation section gives the commands and
recommendations on working with Amazon Cloud Formation and Maestro Stacks.
• Services section gives the detailed instructions on working with the services
manipulated via Maestro CLI.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 12
DOCUMENTATION REFERENCES
EPAM Orchestration is described in details in a number of documents, oriented on different aspects of
Orchestration usage, and on different types of users.
You can find these documents on our Documentation page.
The answers to the most frequently asked questions can be found on the FAQ page.
EPAM Cloud terms and conditions are described in the EPAM Cloud Terms and Conditions. Please
take a look at this document in order to avoid misunderstandings and conflicts that may arise during the
service usage.
The terminology of EPAM Cloud and the related products can be found on the Glossary page.
Please email your comments and feedback to EPAM Cloud Consulting at
[email protected] to help us provide you with documentation that is as clear,
correct and readable as possible.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 13
1 GETTING STARTED
This section provides you with the basic information on Maestro CLI installation and the basic commands
that allow you to get acquainted with the Orchestrator.
1.1 INSTALLING MAESTRO CLI
Maestro Command Line Interface (CLI) is a tool for performing Orchestrator commands via remote
command line. It can be easily installed and run by following the steps given below:
• Make sure you have Java Runtime Environment (JRE) installed (Java Developer’s Kit (JDK)
ver. 1.8). You can download the latest version of JRE/JDK from the official Oracle website.
• Having installed Java, make sure JAVA_HOME system variable points to JDK installation
folder, while Path contains a link to 'bin' folder of JDK.
• Download maestro-cli.zip archive.
• Unpack the archive. The target folder should not contain spaces. As a result, you will get a
'maestro-cli' folder containing two subfolders.
• Run Maestro CLI:
• For Windows: Run windows-console.cmd in ‘maestro-cli’ folder
• For Linux: go to the ‘maestro-cli/bin’ folder, where you will be able to select any of the available
scripts to run.
You can find a detailed guide on Maestro CLI installation and the full list of the necessary
Prerequisites in Maestro CLI Quick Start Guide.
1.2 GETTING MAESTRO CLI HELP
Maestro CLI needs precise specification of command parameters and their values.
Typically, users remember the most frequently used commands and parameters, and need to reference
documentation to clarify the details.
Maestro CLI provides a set of its own assistance facilities that allow to simplify the tool usage and
minimize the need to use additional resources:
• or2help command allows to see the list of all commands available in cloud or, when used with
the --region parameter, in a specified virtualization region. Additionally, the command can
contain the --project parameter to retrieve the list of commands available for the requesting
user in the specified project.
By default, the commands in the response go alphabetically with brief descriptions. In case you
need the commands with detailed parameters info, you can use the –full flag. For example:
or2help –r AWS-USEAST [--full]
• Automatic help: In case you miss a parameter at command run, or the given parameter or
parameter value is incorrect, Maestro CLI will inform you on the issue and provide with the list
of command parameters.
For example, the following command:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 14
Figure 1 - or2help Command Output
or2chow –p DEMOPRO
where not all necessary parameters are given, will result in the following output:
Figure 2 - Command help for incorrect parameters input
• Usage examples and related commands. You can get a full reference on a command,
including usage examples, parameters, and related commands, by calling the necessary
command with the --help parameter, for example:
or2dim --help
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 15
The command response will include the following elements:
Figure 3 - Command response with --help option
Where:
1. Command description
2. The most typical examples of the command’s usage
3. The list of the commands, related to the target one, with examples
4. The list of parameters
1.3 SETTING THE CREDENTIALS
Running commands using Maestro CLI requires provision of user credentials.
The first thing you should do after going through installation is execute the or2access command and
enter your credentials when prompted.
Invoke: or2-get-access (or2access)
The command registers user domain credentials within Orchestrator and creates a ‘default.cr’ file.
When launched, it prompts to provide EPAM domain credentials (with or without ‘@epam.com’
respectively.) Specified credentials are checked for validity on Orchestrator side and a list of projects,
available to the user, is drawn and stored in local Orchestrator storage.
Passwords are never stored openly either on Orchestrator, or on Maestro CLI client side.
Currently, user credentials are cached by the or2access command to the %Maestro_CLI%/lib/default.cr
file. Thus, it is important to keep the %Maestro_CLI% in the directory that cannot be accessed from
outside.
We recommend to install Maestro CLI to your home directory (C:\Users\<your_name>).
The Company security policy implies changing user passwords every three months. Please, run the
or2access command again, specifying your new password each time you have it changed.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 16
Orchestrator allows Project Managers and Coordinators to customize user permissions in order to avoid
any unwanted actions from specific project members and keep a better track of project infrastructure.
Each project member is given access to a certain set of actions, depending on their current project role.
We have created a generic project role mapping matrix, which is used by default and gives you
something to start with. You can find it in Annex A.
Unlike most of commands, this one is performed on the Orchestrator level and does not use any
Virtualization Service Providers. You do not need to specify the -r and -p parameters to run it.
CLI Parameters
Parameter name Description Required
--force Force user update No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-s, --system Use system credentials. Uses domain credentials if not
specified. No
--help Display command help No
Response Elements
Name Description
Name User name
Pwd User password
Command Example
or2access
Response Example
Figure 4 - or2access Response Example
If you like to log in as another EPAM user, please run the or2access command again to overwrite
previously stored user credentials.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 17
1.4 CHECKING THE MAESTRO CLI CLIENT VERSION
Invoke: or2-check-version (or2check)
The command shows the version of Maestro CLI client currently installed on your machine. See Annex
B – Client Versioning for details.
Unlike most of CLI commands, this one requires no parameters to run.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--help Display command help No
Response Elements
Name Description
provided-cli-version Current version of Maestro CLI client installed on user machine
provided-api-version Current version of Maestro API installed on user machine
required-api-version Minimum version of Maestro API required to work with current
Orchestration framework
last-cli-version Latest available version of Maestro CLI
client-status Status of current client
Command Example
or2check
Response Example
Figure 5 - or2check Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 18
1.5 MAESTRO CLI INFO
Invoke: or2-get-info (or2info)
This command allows obtaining information of Maestro CLI client configuration, the state of environment
variables as well as Freemarker FTL user templates utilized.
Unlike most of commands, this one is performed on the Maestro CLI Client level, does not require
connection to Orchestrator and does not use any Virtualization Service Providers. There are no required
parameters and execution result has no fixed elements.
CLI Parameters
Parameter name Description Required
-f, --file Use this parameter to send output to the specified file in the
‘/maestro-cli/out’ folder. No
--help Display command help No
The result of the ‘info’ command execution contains several sections:
• Current time – current GMT time on a client machine. This parameter is used when forming an
authorization key for each command and can be useful to determine reasons for failures.
• Parameter values within ‘cli-system.properties’. Users are unable to edit system parameters,
since ‘cli-system.properties’ is contained within ‘maestro-cli-full.jar’, while its contents are
crucial to determine reasons for command failures. One of the parameters within this file is
‘cli.version’, containing currently installed version of the CLI client.
• HTTP Client configuration values.
• Contents of the ‘default.cr’ file. In case this file contains a property password, it will not be
displayed for security concerns.
• Environment variable values, namely ‘ORCH_URL’, ‘MAESTRO_CLI_HOME’,
‘JAVA_HOME’.
• Contents of custom Freemarker Template, if defined as a value for the
‘custom.freemarker.template.file’ within ‘cli.properties’.
In case a parameter has no set value (e.g. ‘http.tcp.nodelay=’), it will not be included in the response
to the ‘or2info’ command execution.
Command Example
or2info
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 19
Response Example
Figure 6 - or2info Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 20
1.6 UPDATING THE MAESTRO CLI CLIENT
Invoke: or2-update-cli (or2update)
The command retrieves the newest version of Maestro CLI client available on the Internet.
1. Unlike most of CLI commands, this one requires no parameters to run.
2. Some older versions of Maestro CLI client do not support this command. If you encounter a problem
when running it, please download and update the client manually for once.
Command Example
or2update
Response Example
Figure 7 - or2update Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 21
1.7 DESCRIBE PROJECTS
Invoke: or2-describe-projects (or2dpro)
Describes all activated projects accessible by current user.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA. To describe several projects,
repeat the parameter: -p project1 –p project2 –p projectN No
-t, --type Region type [EPAM, AWS, AZURE, GOOGLE, Single region] No
--help Display command help No
Response Elements
Name Description
projectID Project abbreviation in UPSA
Zone Virtualization zone
zoneLocation Physical location of the region
Shapes Available shapes
projectState Current project state
activated Project activation date
deactivated Project deactivation date
defautOwner Email address of the user being the default owner of the project
If your project is not in the list returned by the command, it means, that it is not activated in Cloud. In
this case, before proceeding with other commands, please, address to your Project Manager to submit
a Service Request for activating your project in Cloud.
Command Example
or2dpro –t aws
Response Example
Figure 8 - or2dpro Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 22
1.8 DESCRIBE REGIONS
Invoke: or2-describe-regions (or2dreg)
Describes available virtualization regions for provided project and user credentials.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-t, --type Region type [EPAM, AWS, AZURE, GOOGLE] Yes
-i, --inactive Show inactive regions for the project No
--help Display command help No
Response Elements
Name Description
Name Virtualization region name
zoneLocation Physical location of the region
Access
EPAM Cloud access level of the user who called the command. There are four levels, each including a group of permitted actions:
• guest: READ, META, VM, STORAGE
• low: READ, META, VM, STORAGE, NEW_RESOURCES
• medium: READ, META, VM, STORAGE, NEW_RESOURCES, KILL_RESOURCES
• advanced: READ, META, VM, STORAGE, NEW_RESOURCES, KILL_RESOURCES, ADVANCED_MANAGEMENT
You can find the details on the actions, included to each group, on the User Permissions page.
virtType The region Virtualization type
orchType The type of orchestrator used
Status The current status of the region
monthSla The region availability statistics, based on the information gathered during the latest four weeks
Coefficient Region billing coefficient
quotaLimit The project quota limit in the region, if any
quotaPolicy Specifies whether quotas are applied to the project, or not
Command Example
This example describes available regions for the specified project.
or2dreg -p project –t aws
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 23
Response Example
Figure 9 - or2dreg Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 24
2 WORKING WITH INSTANCES
Instances are the main items of the infrastructure created by a user. To run an instance, you should
specify the following necessary instance parameters:
• The project to which the new instance will be assigned
• The region in which the new instance will be run
• The name of the image to be used to run the instance
• The shape of the image to be run
The image determines the basic configuration of the instance. This includes an Operation system, as
well as the set of default settings. The list of available images can be retrieved by or2-describe-images
command.
The instance shape specifies the capacity of the instance to be created. This includes vCPU number
and RAM memory size. Please, note that the selected shape influences the VM monthly cost.
2.1 DETERMINING AVAILABLE IMAGES
Invoke: or2-describe-images (or2dim)
Use this command to return information about images. If you specify one or more image IDs,
Orchestrator returns information for those images. If you do not specify image IDs, Orchestrator returns
information for all relevant images according to your access rights.
AWS-type regions: this command describes only ‘Project’ (‘Owned by me’) and ‘Enterprise’ images
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-g, --group
Image group name. Available values: public,
enterprise, project. For several groups repeat the parameter.
Default behavior if not specified: show all groups
No
-i, --image
Image ID. For several images repeat the parameter
Default behavior if not specified: show all images
This parameter is case sensitive
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
Id Image ID
description Image description
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 25
Group
Scope of availability for the image. Public typically stands for Linux-based images,
Enterprise – for Windows, and Project stands for custom images created by
project members and available within this project.
size_MB Image size in MB
State Current state of the image
Command Example
This example describes all images available to your user and project in the specified region.
or2dim -p project -r region
Response Example
Figure 10 - or2dim Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 26
2.2 DETERMINING AVAILABLE SHAPES
Invoke: or2-describe-shapes (or2dshape)
The shape of the VM specifies its capacity, determined by the vCPU number and RAM memory size.
Run the command to find out available instance shapes for your project.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Shape name
cpu Shape CPU count
memory_MB Shape memory in MB
disk_drive Available disk types (HDD, SSD)
aws-type AWS shape indication (AWS-type regions only)
storage_GB Default storage size (only for OpenStack-based regions)
flavors The available system disk sizes (only for OpenStack-based regions)
The list of the shapes available in Cloud is given in Annex C – Instance Types and Their Shapes. Some
of these shapes may be not available for your project. To extend the list of the available shapes, please,
submit a corresponding Service Request to HelpDesk.
Command Example
This example describes available shapes for the specified project.
or2dshape -p project -r region
Response Example
Figure 11 - or2dshape Response Example (OpenStack-based region)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 27
2.3 RUNNING INSTANCES
Invoke: or2-run-instances (or2run)
Use this command to launch the specified number of instances with provided shape and image.
Instances will be created under Maestro project that is bound to the specified user credentials. Once an
instance is launched, a notification is sent to EPAM user’s e-mail and EPAM Cloud Consulting Team.
Although instance launching procedure is similar for all platforms EPAM Cloud works with, there are
some specifics on instance launch and login for each type of regions:
• EPAM regions:
o If you run Windows instances, use your domain credentials
([email protected]) to access them. This is also true for Linux instances.
o For Linux instances, use the SSH and/or your standard domain credentials
o Both Windows and Linux instances accept credentials from all members of the specified
project (they are included in the ‘Administrators’ user group).
o Each machine image has a recommended shape. Users can now only run machine
images using recommended shapes (or larger ones).
• AWS regions:
o To connect to Windows instances running on Amazon, run the or2console command
specifying your instance ID, project and region. You will receive an email message
containing the encrypted password in an attached file. Save the attachment or its
content and run the or2dp command specifying the path to your private key and the
path to the file containing the encrypted password. The command will return the
password to use for logging in to your VM via the RDP connection.
o The connection to Linux instances on Amazon is performed only via SSH key
• Azure regions:
o When a VM (either Windows or Linux) creation is initiated, you, as the requesting user
(the instance owner), will get a letter containing credentials for access to this VM
remotely. These credentials are generated only once and will not be available for
reference anywhere except this letter. Please save them properly for further usage.
• Google regions:
o For Linux instances, an SSH key is mandatory for VM launch and login. The usernames
depend on the VM image:
Image Username
CentOS6_64-bit centos
Debian8_64-bit debian
Ubuntu16.04_64-bit Ubuntu
o For Windows instances, SSH keys are not supported for VM launch. However, to login
to a Windows VM, use the or2console command specifying an SSH key. The key must
always be of 2048 size. You will receive an email message containing the encrypted
password in an attached file. Save the attachment or its content and run the or2dp
command specifying the path to your private key and the path to the file containing the
encrypted password. The command will return the password to use for logging in to
your VM via the RDP connection.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 28
• EPAM-MAC region:
o Hardware Mac: use your MacOS IP address or DNS name in the VNC client. For
Authentication, use the uppercase abbreviation of your project in UPSA, then log in with
the user/user credentials.
We strongly recommend changing your credentials after the first login!
o Virtual Mac: connect to your VM via the VNC client using your project abbreviation in
UPSA as the password and log in with your domain credentials (without @epam.com).
Please note that the domain credentials are case sensitive.
We strongly recommend changing the default credentials after the first login and
enabling access via the VNC standalone client!
CLI Parameters
Parameter name Description Required
-g,
--ansible-group
Add instance to an existing Ansible group. For several
groups repeat the parameter:
-g groupName1 -g groupName2 -g groupNameN
No
-c, --count * Instances count. Maximum allowed value: 5. Default value if
not specified: 1 No
-d, --description Description property alias. Can be used to assign custom
instance descriptions displayed by the "or2din" command No
-e, --expiration **
A time point the instance will be stopped at. Use the ISO
8601 date format: ‘yyyy-MM-ddTHH:mm’ or shift in hours
‘hH’.
No
--full Show full command output instead of default basic one No
-i, --image Machine Image Yes
-a, --ip-address IP address. Applicable only for OpenStack zones No
-k, --key-name Name of an existing keypair to associate with this instance.
This option is mandatory for running Linux instances in AWS. No
--max-price Max price for the spot instance ($ per hour). Is required with
--spot flag. Applicable only for AWS zones. No
-n, --network
UUID of the network in which the instance(s) will be
launched. If not specified, the default network will be used.
Repeat the parameter to specify several networks (e.g. -n
networkUUID1 -n networkUUID2)
No
-P,
--plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t,
--script-name
Script to launch. To specify script parameters with their
values, use the following syntax:
-t "<scriptName>:value1#value2"
No
-S, --security-group
Name of the security groups in which the instance(s) will be
launched. If not specified, the default security group will be
used. Repeat the parameter to specify several security
groups (e.g. -S sg1 -S sg2)
No
-s, --shape*** Instance type in format <shapeName>.<diskType>.<flavor>. Yes
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 29
CLI Parameters
--spot
Request spot instance. Applicable only for AWS zones.
Default: false No
--help Display command help No
* Maximum count can be limited on Orchestrator side (Use system property "virt.max.instances.count", default value is 5) ** 1. To reset the expiration timer a user should restart the VM (or stop and start it again); 2. A VM can be launched with a new expiration parameter, if required. 3. If a user sends a command to reboot/shutdown a VM as a system user (via SSH or RDP) this timer will not be reset. ***In the EPAM-BY2 region, you can specify whether the VM should have HDD or SSD storage. For SSD, add the .SSD indicator to the shape name (for example, -s MEDIUM.SSD). You can also specify instance flavor – the size of the system disk (100, 200, 300, 500 GB), in case this facility is activated for the project by the previous request.
You can run instances under the personal projects. Such instances can be convenient for testing,
training, and estimations, and are free of charge. However, they have a number of limitations. The
details on personal project usage, their quotas and limitations are given in the Quick Start
Guide (Chapter 7: Personal Quotas and Projects).
Response Elements
Name Description
instanceID Service provider specific instance ID
dnsName Instance DNS name
privateIP Private IP assigned to the instance
state instance state
guestOS Operating System running on the instance
owner Owner of the instance
image Template used to launch the instance (optional)
shape Hardware shape of the instance
In case you are running several instances at once and CLI returns an error (for example, you have reached
the project quota), it is possible, that some of the requested resources were still launched and you are set
as the owner of these resources. Please, use the or2din command to check it.
Command Example
This example runs one instance with specified image and shape. This instance will be tagged with
maestro:project-id according to the user’s credentials.
or2run -p project -i image -s medium -r region
If your instance encounters a problem during launch and remains in the ‘starting’ state for 5 hours, it is
terminated automatically.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 30
Response Example
Figure 12 - or2run Response Example
2.4 STOP (PAUSE) INSTANCES
Invoke: or2-stop-instances (or2stop)
Use this command to stop the specified instances. You can only stop permitted instances, in accordance
with your project abbreviation in UPSA:
If you stop an instance, its expiration timer will be reset.
CLI Parameters
Parameter name Description Required
-c, --force Force to stop instances. Default: false No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -i
ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No*
-r, --region Virtualization region No*
-rg, --
resourceGroup Indicates the necessary resource group for work with Azure No
--help Display command help No
*The ‘project’ and ‘region’ parameters are mandatory when several instance IDs are sent in the
command. When only one instance ID is sent, the ‘project’ and ‘region’ parameters may be omitted.
Response Elements
Name Description
instanceID Service provider specific instance ID
dnsName DNS name assigned to the instance
privateIP Private IP assigned to the instance
state Instance state
requested Instance request timestamp
Command Example
This example shows the common case of stopping an instance.
or2stop -i instance_id -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 31
Response Example
Figure 13 - or2stop Example Response
2.5 START (RESUME) INSTANCES
Invoke: or2-start-instances (or2start)
Starts stopped instances. You can only start permitted instances, in accordance with your project
abbreviation in UPSA
CLI Parameters
Parameter name Description Required
-e, --expiration*
A time point the instance will be stopped at. Use the ISO 8601
date format: ‘yyyy-MM-ddTHH:mm’ or shift in hours ‘hH’.
This option is not available for AWS-type regions.
No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1
-i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No*
-r, --region Virtualization region No*
-rg, --resourceGroup Indicates the necessary resource group for work with Azure No
--help Display command help No
1. To reset the expiration timer a user should restart the VM (or stop and start it again). 2. A VM can be launched with a new expiration parameter, if required. 3. If a user sends a command to reboot/shutdown a VM as a system user (via SSH or RDP) this timer will not be reset.
*The ‘project’ and ‘region’ parameters are mandatory when several instance IDs are sent in the command. When only one instance ID is sent, the ‘project’ and ‘region’ parameters may be omitted
Response Elements
Name Description
instanceID Service provider specific instance ID
state Instance state
Command Example
This example starts one instance with specified instance ID.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 32
or2start -i instance_id -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 33
Response Example
Figure 14 - or2start Response Example
2.6 REBOOT INSTANCES
Invoke: or2-reboot-instances (or2reboot)
The command reboots specified instances. You can only reboot permitted instances, in accordance with
your project abbreviation in UPSA
1. If you reboot an instance, its expiration timer will be reset (this does not concern AWS-type regions).
2. or2reboot command is not supported in Google regions.
CLI Parameters
Parameter name Description Required
-c, --force Force to reset instances. Default: false No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -
i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p,--project Project abbreviation in UPSA No*
-r, --region Virtualization region No*
-rg,
--resourceGroup Indicates the necessary resource group for work with Azure No
--help Display command help No
*The ‘project’ and ‘region’ parameters are mandatory when several instance IDs are sent in the
command. When only one instance ID is sent, the ‘project’ and ‘region’ parameters may be omitted
Response Elements
Name Description
instanceID Service provider specific instance ID of the rebooted instance
dnsName DNS name assigned to the instance
privateIp Private IP assigned to the instance
state State of the instance (PoweredOn/PoweredOff/Rebooting)
requested Instance request timestamp
Command Example
This example reboots one instance with specified instance ID.
or2reboot -i instance_id -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 34
Response Example
Figure 15 - or2reboot Response Example
2.7 TERMINATE INSTANCES
Invoke: or2-terminate-instances (or2kill)
Use his command to terminate the specified instances. You can only terminate permitted instances, in
accordance with your project abbreviation in UPSA.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -i
ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Automatic confirmation No
--permanently Terminates the instance permanently without an attempt to place
it in the Recycle Bin No
-rg, --
resourceGroup Indicates the necessary resource group for work with Azure No
--help Display command help No
Response Elements
Name Description
instanceID Service provider specific instance ID
dnsName DNS name assigned to the instance
privateIP Private IP assigned to the instance
state Instance state
requested Instance request timestamp
Command Example
This example shows the common case of terminating an instance with specified ID.
or2kill -i instance_id -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 35
Response Example
Figure 16 - or2kill Response Example
2.8 LOCK INSTANCE TERMINATION
Invoke: or2-lock-instance-termination (or2lock)
Use his command to prohibit termination of a specific instance. When called second time for the same
instance, the command will release the lock.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance The ID of the instance to be locked from termination Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
This example shows the common case of instance termination prohibition:
or2lock -i instance_id -p project -r region
Response Example
Figure 17 - or2lock Response Example
If the or2lock command specifies an AWS region and an AWS instance, the VM will be locked for
termination not only by the Orchestrator tools, but also by the native AWS tools.
or2lock –p project –r AWS-REGION –i instance_ID
The same command used on a locked instance will allow its termination again.
Figure 18 - or2lock command repeated to allow instance termination
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 36
2.9 DESCRIBE EXISTING INSTANCES
Invoke: or2-describe-instances (or2din)
Use this command to return information about instances that you own. If you specify one or more
instance IDs, Orchestrator returns information for those instances. If you do not specify instance IDs,
Orchestrator returns information for all relevant instances according to your access rights.
User will see only permitted instances. Permission rights are bound to the provided credentials. Usually,
remote resources are filtered by the -p (--project) parameter. This parameter will be resolved on the
Orchestrator side from the provided user credentials.
CLI Parameters
Parameter name Description Required
-a, --audit
Switches the output to Audit mode. The list of the VMs will
be accompanied by the following information: Instance ID
and DNS name, shape, state, description, requested date
and time, the owner, the date and time of the last event on
the VM, the name of the person who performed the latest
change.
No
-d, --inSchedule Show only VMs present in the specified schedule No
-e, --propertyExistence Show only instances with the specified key No
--full Show full command output instead of default basic one. Full
output includes AWS availability zone No
--help Display command help No
-i, --instance Instance ID. For several instances repeat the parameter. No
-l, --property Show only instances with the provided ‘key=value’
properties. For several properties repeat the parameter. No
-o, --onlyIds Show only instance IDs, one per line No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No
-r, --region Virtualization region. Use several times to find information
on instances in several regions No
-S, --service Service name. To describe instances for all
services, type 'any'. No
-s, --instanceState Show only VMs with the provided state. For several states
repeat the parameter. No
-u, --output Show only the field specified as csv. No
-v, --vlan Show only instances within the specified VLAN No
-w, --owner Email or 'Name Surname' of instance owner for report
generation. No
-x, --regexp
Show only instances with the provided ‘key=value’
properties. For several properties repeat the parameter.
Values are treated like regular expressions.
No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 37
Response Elements
Name Description
instanceID Service provider specific instance ID
instanceName Instance name
dnsName DNS name assigned to the instance
privateIP Private IP assigned to the instance
state State of the instance
guestOS Instance OS*.
owner Owner of the instance
Image Template used to launch the instance (optional)
shape Hardware shape of the instance
description Custom instance description (See Set Instance Properties)
*This functionality is limited on AWS due API restrictions. You can only see, whether your instances
running in this region have Windows as guest OS or not.
Command Example
This example describes the current state of the instances mapped to your user ID.
or2din -p project -r region
Response Example
Figure 19 - or2din General Response Example
Command Example
This example describes only stopped instances of the specified owner:
or2din -p project -r region -i instance_id -s stopped -w
Response Example
Figure 20 - or2din Response Example with Filters
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 38
2.10 CHANGING INSTANCE SHAPE
Invoke: or2-change-shape (or2chshape)
Changes the instance shape to a larger or smaller one. The target VM should be stopped before you
initiate shape change.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-i, --instance The ID of the instance to change Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
-s, --shape New shape Yes
This command is not available in AWS, Microsoft Azure and Google Cloud regions.
Command Example
or2chshape -r region -p project -i instance_id -s MEDIUM
Response Example
Figure 21 - or2chshape Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 39
2.11 CHANGING INSTANCE OWNER
Invoke: or2-change-owner (or2chow)
Changes the owner of an instance or file resource.
CLI Parameters
Parameter name Description Required
-e, --email New owner’s email, case-insensitive Yes
--full Show full command output instead of default basic one No
--help Display command help No
-f, --file-type File type for file resources [script, eo-template, cf-
template, zabbix-template, blueprint] No
-n, --resource-name Resource name [Instance ID (case-sensitive) or
Instance Name (case-insensitive), file name] Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-t, --resource-type Type of resource [instance, file]. Default: INSTANCE No
Response Elements
Name Description
instanceId Instance ID
name Instance name
zone Virtualization region
owner New owner of the instance
state Instance state
Command Example
or2chow -p project –n instance_name -e [email protected]
Response Example
Figure 22 - or2chow Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 40
2.12 VIEW POOL STATE
Invoke: or2-view-pool-state (or2vps)
To estimate the time needed for running a new instance, you can use the or2vps command. Creating
an instance from an image available in the pool will take less time than from the other images.
The or2-view-pool-state command shows current state of instance pool for the specified region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
imageName Machine image name
quantity Number of instances available in the pool
Command Example
or2vps -r region
Response Example
Figure 23 - or2vps Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 41
2.13 DESCRIBE VLANS
Invoke: or2-describe-vlans (or2dvlans)
Describes Virtual Local Area Networks (VLAN) available for specified availability region and project
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name VLAN name
description VLAN description
Command Example
This example describes existing VLANs for the specified project and region:
or2dvlans -p project -r region
Response Example
Figure 24 - or2dvlans Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 42
2.14 MOVE INSTANCE TO VLAN
Invoke: or2-move-instance-to-vlan (or2mivlan)
Moves an instance to another VLAN activated for the current project and availability region
In order to move between VLANs instances must be in the ‘stopped’ state.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --vlan Target VLAN ID Yes
--help Display command help No
Response Elements
Name Description
result States whether the command has been run successfully
Command Example
This command reads the specified template and stores it to the specified local file:
or2mivlan -p project -r region -i instance_ID -v vlan_id
Response Example
Figure 25 - or2mivlan Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 43
3 SCHEDULING INSTANCE ACTIVITIES
EPAM Orchestrator allows scheduling instances manipulation so that their state is automatically
changed when needed, allowing to optimize the infrastructure load and costs.
The schedules are set up with cron expressions that are to be specified in the or2-create-schedule CLI
command according to the specific rules.
Maestro CLI allows you to create a schedule, retrieve its info and delete. All these action are performed
with different CLI commands described below in this section.
When working with cron and setting time values, GMT+0 time is used.
3.1 CREATE SCHEDULE
Invoke: or2-create-schedule (or2addsch)
Creates a new schedule to start or stop existing instances using cron expressions.
CLI Parameters
Parameter name Description Required
-a, --action An action to be performed by the schedule. ID of the
checkpoint to be deleted. Valid values: start, stop. Yes
--all Set schedule for all instances in a region. Default: false No
-c, --cronExpression Time point as cron expression Yes
-d, --description Schedule description No
--full Show full command output instead of default basic one No
-i, --instance ID of an instance affected by the schedule No
-n, --name Schedule name Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t, --tag Set schedule for instances with tag. Tag format:
'prefix:key=value'. Default prefix is 'user', default key is 'tag' No
--help Display command help No
Response Elements
Name Description
name Schedule name
project UPSA abbreviation of the project the schedule is assigned to
region Virtualization region the schedule is active for
cron Time point as cron expression
action Action performed by the schedule
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 44
Command Example
The example below schedules the specified instance to start on January 1, 2014 at 0:00 am:
or2addsch -a start -c “0 0 0 1 1 ? 2014” -i instance_id -n sample_schedule
-p project -r region
Response Example
Figure 26 - or2addsch Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 45
3.2 DESCRIBE SCHEDULES
Invoke: or2-describe-schedules (or2dsch)
Describes previously created and available schedules.
In order to see the list of instances affected by a schedule, provide the --full parameter
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-n, --name Schedule name. For several schedules, repeat the parameter:
-n sch1 -n sch2 -n schN No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Schedule name
project UPSA abbreviation of the project the schedule is assigned to
region Virtualization region the schedule is active for
cron Time point as cron expression
action Action performed by the schedule
creationTime Date and time of schedule creation
lastExecuteTIme Date and time of last schedule execution
owner Instance owner
type Schedule type (INSTANCE, REGION or TAG)
Command Example
This example describes available schedules for the specified project.
or2dsch -p project -r region
Response Example
Figure 27 - or2dsch Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 46
3.3 ADD INSTANCE TO SCHEDULE
Invoke: or2-schedule-add-instances (or2schaddi)
Adds an instance to the existing schedule.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-i, --instance Instance ID. For several instances, repeat the parameter Yes
-n, --name Schedule name Yes
--help Display command help No
Instances cannot be added to schedules created for the entire region (with the --all option) or for
instances with tags (with the -t/--tag) option.
Command Example
This command example adds the specified instance to the schedule.
or2schaddi -p project -r region -i instance_id -n schedule_name
Response Example
Figure 28 - or2schaddi Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 47
3.4 REMOVE INSTANCE FROM SCHEDULE
Invoke: or2-schedule-remove-instances (or2schremi)
Removes an instance from the existing schedule
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-i, --instance Instance ID. For several instances, repeat the parameter Yes
-n, --name Schedule name Yes
--help Display command help No
Instances cannot be removed from schedules created for the entire region (with the --all option) or for
instances with tags (with the -t/--tag) option.
Command Example
This command example removes the specified instance from the schedule.
or2schremi -p project -r region -i instance_id -n schedule_name
Response Example
Figure 29 - or2schremi Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 48
3.5 DELETE SCHEDULE
Invoke: or2-delete-schedule (or2delsch)
Deletes a previously created schedule.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-n, --name Name of the schedule to be deleted Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Schedule name
status Current status of the schedule
Command Example
This command example deletes the specified schedule.
or2delsch -n sample_schedule -p project -r region
Response Example
Figure 30 - or2delsch Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 49
3.6 CRON REFERENCE
EPAM Cloud Orchestrator uses generic cron rules to specify time points for operation scheduling.
Below is an extract of cron rules, taken from the quartz-scheduler.org. For additional information, please
see the source page.
Cron expressions are comprised of 6 required fields and one optional field separated by white space.
The fields respectively are described as follows:
Field Name Allowed Values Allowed Special Characters
Seconds 0-59 , - * /
Minutes 0-59 , - * /
Hours 0-23 , - * /
Day-of-month 1-31 , - * ? / L W
Month 1-12 or JAN-DEC , - * /
Day-of-Week 1-7 or SUN-SAT , - * ? / L #
Year (Optional) empty, 1970-2199 , - * /
The '*' character is used to specify all values. For example, "*" in the minute field means "every minute".
The '?' character is allowed for the day-of-month and day-of-week fields. It is used to specify 'no specific
value'. This is useful when you need to specify something in one of the two fields, but not the other.
The '-' character is used to specify ranges. For example, "10-12" in the hour field means "the hours
10, 11 and 12".
The ',' character is used to specify additional values. For example, "MON,WED,FRI" in the day-of-week
field means "the days Monday, Wednesday, and Friday".
The '/' character is used to specify increments. For example, "0/15" in the seconds field means "the
seconds 0, 15, 30, and 45". And "5/15" in the seconds field means "the seconds 5, 20, 35, and 50".
Specifying '*' before the '/' is equivalent to specifying 0 is the value to start with. Essentially, for each
field in the expression, there is a set of numbers that can be turned on or off. For seconds and minutes,
the numbers range from 0 to 59. For hours 0 to 23, for days of the month 0 to 31, and for months 1 to
12. The "/" character simply helps you turn on every "nth" value in the given set. Thus "7/6" in the month
field only turns on month "7", it does NOT mean every 6th month, please note that subtlety.
The 'L' character is allowed for the day-of-month and day-of-week fields. This character is short-hand
for "last", but it has different meaning in each of the two fields. For example, the value "L" in the day-
of-month field means "the last day of the month" - day 31 for January, day 28 for February on non-
leap years. If used in the day-of-week field by itself, it simply means "7" or "SAT". But if used in
the day-of-week field after another value, it means "the last xxx day of the month" - for
example "6L" means "the last Friday of the month". You can also specify an offset from the last day
of the month, such as "L-3" which would mean the third-to-last day of the calendar month. When
using the 'L' option, it is important not to specify lists, or ranges of values, as you'll get
confusing/unexpected results.
The 'W' character is allowed for the day-of-month field. This character is used to specify
the weekday (Monday-Friday) nearest the given day. As an example, if you were to specify "15W" as
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 50
the value for the day-of-month field, the meaning is: "the nearest weekday to the 15th of the month".
So if the 15th is a Saturday, the trigger will fire on Friday the 14th. If the 15th is a Sunday, the trigger
will fire on Monday the 16th. If the 15th is a Tuesday, then it will fire on Tuesday the 15th. However, if
you specify "1W" as the value for day-of-month, and the 1st is a Saturday, the trigger will fire on Monday
the 3rd, as it will not 'jump' over the boundary of a month's days. The 'W' character can only be specified
when the day-of-month is a single day, not a range or list of days.
The 'L' and 'W' characters can also be combined for the day-of-month expression to yield 'LW', which
translates to "last weekday of the month".
The '#' character is allowed for the day-of-week field. This character is used to specify "the nth" XXX
day of the month. For example, the value of "6#3" in the day-of-week field means the third Friday of
the month (day 6 = Friday and "#3" = the 3rd one in the month). Other examples: "2#1" = the first
Monday of the month and "4#5" = the fifth Wednesday of the month. Note that if you specify "#5"
and there is not 5 of the given day-of-week in the month, then no firing will occur that month. If the '#'
character is used, there can only be one expression in the day-of-week field ("3#1,6#3" is not valid,
since there are two expressions).
The legal characters and the names of months and days of the week are not case sensitive.
NOTES:
Support for specifying both a day-of-week and a day-of-month value is not complete (you'll need to use
the '?' character in one of these fields).
Overflowing ranges is supported - that is, having a larger number on the left hand side than the right.
You might do 22-2 to catch 10 o'clock at night until 2 o'clock in the morning, or you might have NOV-
FEB. It is very important to note that overuse of overflowing ranges creates ranges that don't make
sense and no effort has been made to determine which interpretation CronExpression chooses. An
example would be "0 0 14-6? * FRI-MON".
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 51
4 INSTANCE PROPERTIES
The commands in this section are used to create and manipulate user-defined metadata, known as
properties.
4.1 SET INSTANCE PROPERTIES
Invoke: or2-set-instance-properties (or2setp)
Assigns user-defined metadata to instances.
If you would like to use default auto-configuration provided by Orchestrator for instances in AWS-type
regions, launched from Amazon EC2 console, please assign the following property to each of them:
op_orch_ip=https://config.orchestration.epam.com/orchestration
CLI Parameters
Parameter name Description Required
-a, --append Append the specified properties in case target instance already
has corresponding keys. Default: false No
-c, --chefattribute
Chef attribute property alias. Use “=” as a delimiter for
name=value format. For several chef attributes repeat the
parameter
No
-h, --chefrole
Chef role property alias. For several chef roles
repeat the parameter: --chefrole value1 --chefrole value2
--chefrole valueN.
No
-d, --description
Description property alias. Multiple values are not supported.
Can be used to assign custom instance descriptions to be
viewed using the "or2din" command (See Describe Instances)
No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1
-i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-t, --property
Property name=value pair. Use "=" as delimiter. For several
properties repeat the parameter: --property name1=value1 --
property name2=value2 --property nameN=valueN*
No
-r, --region Virtualization region Yes
-s, --secure Marks the property as secure, so that its value will be hidden
when properties are described No
-v, --volume Volume ID. For several volumes repeat the parameter:
-v Vol1 -v Vol2 -v VolN No
--help Display command help No
When running the command, you should specify either the --property or --chefattribute and --chefrole
combination.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 52
Please note that when you use the or2-set-properties command for auto configuration purposes, it will
have no effect on the instances, based on the following images:
• CentOS5_64-bit
• Ubuntu10.04_32-bit
• Ubuntu10.04_64-bit
Response Elements
Name Description
status Property status
name Property name
value Property value
resource ID of the resource for which the property is set
resourceType Type of the resource for which the property is set
1. The following symbols are NOT accepted when used in key or value for this command: < > ( ) + &
^ * \ | "
2. If you use this command for a Windows instance, please, encase the ‘-t’ parameter in quotes i.e.
"key=value"
Command Example
This example sets several properties to an instance.
or2setp -p project -r region -i instance_id -t property1=1 -t property2=2
Response Example
The command returns a list of newly set instance properties.
Figure 31 - or2setp Response Example
Alias Usage
A command with chef alias can look as follows:
or2setp -i EVBYMINSD121CT3 -h java -c "version=1.7"
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 53
4.2 DESCRIBE INSTANCE PROPERTIES
Invoke: or2-describe-instance-properties (or2getp)
Retrieves user-defined metadata from instances.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1
-i ID2 -i IDN. Yes
-n, --name
Property name. For several properties repeat the parameter: -
n property-name1 -n property-name2 -n property-nameN. If not
specified, returns a list of all properties assigned.
Default: []
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Volume ID. For several volumes repeat the parameter:
-v Vol1 -v Vol2 -v VolN No
--help Display command help No
Response Elements
Name Description
name Property name
value Property value
resource ID of the resource for which the property is set
resourceType Type of the resource for which the property is set
Command Example
This example requests the properties of the specified instance:
or2getp -p project -r region -i instance_id
Response Example
The command returns a list of properties assigned to an instance:
Figure 32 - or2getp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 54
4.3 DELETE INSTANCE PROPERTIES
Invoke: or2-delete-instance-properties (or2delp)
Use this command to delete user-defined metadata from instances.
CLI Parameters
Parameter name Description Required
-a, --all Specify this parameter to delete all properties assigned to a
specified instance. Default: false. No
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1
-i ID2 -i IDN. Yes
-n, --name
Property name. For several properties repeat the parameter: -
n property-name1 -n property-name2 -n property-nameN
Default: []
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Volume ID. For several volumes, repeat the parameter: -v
volume ID1 -v volumeID2 -v volume IDN No
--help Display command help No
Command Example
This example deletes specific properties, assigned to an instance:
or2delp -p project -r region -i instance_id -n property_1 -n property_2 -n
property_3 -n property_4
Response Example
Figure 33 - or2delp Response Examples
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 55
5 CREATING IMAGES
EPAM Orchestrator allows to create images from the existing instances. This allows to save the
existing settings and data and to create the necessary number of copies.
5.1 CREATE AN IMAGE
Invoke: or2-create-image (or2cim)
Use this command to create an image based on the instance and its storages. The image can be used
later to run new identical instances.
1. The created image will only be available for a single project (the one you use to create it).
2. Make sure to stop the instance and perform all preliminary requirements for image creation
before creating its image. (See 5.3. Preparing Instances for Image Creation).
3. Image name length should be in range 3-63 and can only contain digits ('0-9'), letters ('a-z', 'A-
Z'), dashes ('-'), underscores ('_'), round parentheses (‘()’), square parentheses (‘[]’) and the at sign
(‘@’).
4. Image description should be in range 5-100 inclusive. A semicolon is not allowed.
5. In OpenStack regions, an image can be created only from instances that do not have additional
volumes.
6. In Google regions, you can use for image name lowercase letters ('a-z'), digits ('0-9') if not on the
first place and hyphens if not on first or last place.
7. All instances launched using the custom images will not be included in epam.com domain and
will be assigned a standard DNS name. You will only be able to login to these instances using their
IP addresses. To have your VM included in the epam.com domain, make a request to the
support.epam.com in the category EPAM Cloud -> Unspecified Request.
CLI Parameters
Parameter name Description Required
-d, --description Image description Yes
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-n, --name Image name Yes*
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
* While still required for AWS-type regions, this parameter will be shown in EC2 Management Console as ‘Source’, while the ‘Name’ field will remain empty.
Response Elements
Name Description
id Image id
description Image description
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 56
group Image availability scope
state Current state of the image
Command Example
or2cim -r region -p project -i instance_id -n image_name –d description
Response Example
Figure 34 - or2cim Response Example
When the image is ready, it will be available in the list of machine images returned by the ‘or2dim’
command. The detailed description of the ‘or2dim’ command can be found in the respective section of
the Guide.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 57
5.2 DELETE IMAGE
Invoke: or2-delete-image (or2delim)
Use this command to delete custom machine images.
In AWS-type regions this command is only available for ‘Project’ images.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --image ID of the image to be deleted. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Provide this parameter for automatic command confirmation No
--help Display command help No
Response Elements
Name Description
id Image id
description Image description
group Image availability scope
state Current state of the image
Command Example
or2delim -i image_id -p project -r region -y
Response Example
Figure 35 - or2delim Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 58
5.3 PREPARING INSTANCES FOR IMAGE CREATION
The instruction below is actual for the instances in private regions and is not applicable for work in AWS
and Google Cloud regions.
Please see the information about virtual machines preparation in Microsoft Azure regions in the
respective sections describing workflows for Windows and Linux instances.
5.3.1 Windows OS Family
Remove static IP settings (if applicable), configure DHCP respectively.
Figure 36 - TCP/IP Configuration (Windows)
Create a user account and assign administrator privileges to it:
1. Click Start -> Control Panel
2. Click User Accounts
3. In a window that opens click Manage User Accounts
4. Move to the Advanced tab in the User Accounts window and click Advanced
5. Choose the Users group in the left part of the window that opens, then right-click on the right
part of the window and choose New user
6. Provide the data requested in the New user window and click Create to complete creation
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 59
Figure 37 - Creating Local Windows User
7. Return to the User Accounts window and click Manage User Accounts
8. Select the newly created user name in the User Accounts window and click Properties
9. Move to the Group Membership tab within the Properties window, choose the Administrator
option and click Apply.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 60
Figure 38 - Assigning Administrator Privileges to a Windows User
Make sure you remember these credentials. You will only be able to login to all instances, launched on
the created template using them.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 61
10. Open Control Panel -> System and Security -> System. Click Change Settings.
11. In the System Properties window, click Change for the To rename the computer or change
its domain or workgroup option.
12. Exclude guest OS from domain:
Figure 39 - Excluding Guest OS from Domain (Windows)
13. Rename guest OS by replacing digits at the end of its name with xxxx characters:
Figure 40 - Renaming Guest OS (Windows)
At this point, the system may prompt for reboot. Do not reboot the VM, continue with Step 15 instead.
14. Run the following command in Windows console
ipconfig /release && shutdown -s -t 0
5.3.1.1 Preparing VMs in Microsoft Azure Regions
For virtual machines running in Microsoft Azure regions, use the Windows console to change the
directory to %windir%\system32\sysprep, then run sysprep.exe.
Make the following settings in the System Preparation Tool dialog window:
1. In the System Cleanup Action field, select the Enter System Out-of-Box Experience
(OOBE) option and check the Generalize checkbox.
2. In the Shutdown Options field, select Shutdown.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 62
Figure 41 - Rebooting a VM in Azure region
This reboots and stops the VM. After the command execution, the VM is ready for image creation.
5.3.2 Linux OS Family
1. Remove static IP and any hardware-related settings (e.g. MAC address), if applicable. Set up
DHCP by editing configuration file.
For example:
RHEL-family - /etc/sysconfig/network-scripts/ifcfg-eth0
Debian-family - /etc/network/interfaces
2. Create a local user account:
RHEL-family:
# useradd username
# passwd username
Debian-family:
# adduser username
Adding user `username' ...
Adding new group `groupname' (1003) ...
Adding new user `username' (1004) with group `groupname' ...
Creating home directory `/home/username' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for username
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 63
Enter the new value, or press ENTER for the default
Full Name []: <Full Name>
Room Number []: <room number>
Work Phone []: <Phone>
Home Phone []: <Phone>
Other []: <Other>
Is the information correct? [Y/n] Y
Add the administrator rights to the user by editing the /etc/sudoers file as follows:
username ALL=(ALL:ALL) ALL
3. Remove UDEV settings for network devices, if applicable, by deleting all strings from /etc/udev/rules.d/70-persistent-net.rules
4. Rename guest OS by replacing digits at the end of its name with xxxx characters.
For example:
RHEL-family - /etc/sysconfig/network
Debian-family - /etc/hostname
Please be aware that the path for CentOS7 is similar to the path for Debian.
5. Modify guest OS name in DHCP client settings by replacing digits at the end of its name with
xxxx characters.
For example:
/etc/dhclient-eth0.conf.
5.3.2.1 Preparing VMs in Microsoft Azure Regions
For virtual machines running in Microsoft Azure regions, perform the following steps:
1. Connect to your VM via SSH.
2. Type the following command in the SSH window:
sudo waagent -deprovision+user
The command output may vary depending on the utility version.
This command is used to clean the system and prepare it for image creation. The following
actions are performed:
- SSH host keys are removed
- nameserver configuration in /etc/resolvconf is cleared
- the root user’s password is removed from /etc/shadow
- cached DHCP client leases are removed
- the host name is reset to localhost.localdomain
- the last provisioned user account (obtained from /var/lib/waagent) and the associated
data is deleted
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 64
3. Type y to continue. To avoid this step, add the -force parameter to the command.
4. Type exit. This closes the SSH client.
6 SECURITY AND CONNECTION
This Section lists a set of commands used to connect to your VMs and to provide their security.
Please note that the commands related to Static IPs manipulation have different effect for AWS and
EPAM-based infrastructure. In AWS, they deal with public IPs, and the manipulations do not need the
VM to have any specific state. In EPAM Cloud, these commands deal with private IPs, and you will have
to stop your VM before initiating any IP changes.
6.1 CREATE KEY PAIR
Invoke: or2-create-keypair (or2addkey)
With this command you can create a key pair used to access instances without the need to provide login
credentials. Key pairs consist of a public key (stored in Orchestrator) and a private key, stored locally in
‘..\maestro-cli\out\{YOUR_PROJECT_NAME}\’ folder.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-k, --key-name Name of the key to be created Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --size Key size, a positive integer specified in bits.
Default: 4096 No
--help Display command help No
2048 bits is the minimum available key size. If you specify a key size of 2048 bits or less, a 2048-bit key
will be created
Response Elements
Name Description
name Key pair name
owner Key pair owner
project Project the key pair belongs to
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 65
Command Example
or2addkey -p project -r region -k key_name
Response Example
Figure 42 - or2addkey Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 66
6.2 IMPORT KEY PAIR
Invoke: or2-import-keypair (or2ikey)
Imports the existing key to a specified region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-k, --key-name
Key pair name (to describe a specific key pair). For
several key names repeat the parameter: -k keyname1
-k keyname2 -k keynameN
Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-f, --public-key-file Full path to the local public key No
-s, --source-region The region to which the key already exists No
-d, --destination-region The region to which the key should be imported Yes
--help Display command help No
Response Elements
Name Description
name Key pair name
owner Key pair owner
project Project the key pair belongs to
If the key was created in EPAM Cloud, its public part is stored in Orchestration database, and all you
have to do is specify the region in which the key is already stored and the region where it should be
imported to:
or2ikey -p project -k key_name -s source_region
-d destination_region
If the key is created in AWS and you need to import it to a new AWS region, you will also have to specify
the path to the Public key. For the detailed guidelines on retrieving public AWS keys use the following
links:
o Linux o Windows
A key created with AWS tools will be referenced in EPAM Cloud with the same name that was assigned
to it during the creation.
You can import a key from one Cloud platform to another when needed.
The keys created before November 7, 2015 are incompatible with Azure.
It is impossible to import keys existing keys to Azure regions due to keys processing specifics: the
operation need providing the private key explicitly.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 67
Command Example
This example imports a key from one region to another one.
or2ikey -p project -d region -f D:\maestro-
cli\out\PROJECT\REGION\mykey.pem -k mykey
Response Example
Figure 43 - or2ikey Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 68
6.3 DESCRIBE KEY PAIRS
Invoke: or2-describe-keypairs (or2dkey)
Describes Orchestrator (not AWS) key pairs available for provided project and region
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-k, --key-name Key name (to describe a specific key pair). For several key names
repeat the parameter: -k keyname1 -k keyname2 -k keynameN No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Key pair name
owner Key pair owner
project Project the key pair belongs to
Command Example
This example describes the keypairs available for the specified project.
or2dkey -p project -r region
Response Example
Figure 44 - or2dkey Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 69
6.4 DELETE KEY PAIR
Invoke: or2-delete-keypair (or2delkey)
Deletes a specified key pair.
1. Once you delete a key pair, you will not be able to use it to launch new instances. You will still be
able to access launched instances using your private key.
2. The command only deletes public keys, stored in Orchestrator. If you like to delete private keys as
well, please do it manually. Private keys are stored in ‘..\maestro-
cli\out\{YOUR_PROJECT_NAME}\’ folder on your local machine.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-k, --key-name Name of the key pair to be deleted Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
name Name of the deleted key pair
owner Owner of the deleted key pair
project Name of the project, the key pair has been assigned to
deleted States whether the key pair has been deleted
Command Example
or2delkey -p project -r region -k key_name
Response Example
Figure 45 - or2delkey Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 70
6.5 CONSOLE
Invoke: or2-console (or2console)
This command allows activating instance console and getting access credentials for it. To activate the
console for a VM, just run this command and provide all the necessary parameters.
CLI Parameters
Parameter name Description Required
-a, --activate Activates access console for the instance No
-e, --expiration Expiration time in hours. Default -1. Max - 9 No
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
or2console -i instance_id -p project -r region
The system responds with the following confirmation: ‘Email with credentials was sent to you’.
Response Example
Figure 46 - or2console Response Example
A message containing the console credentials and the link to the console host is sent to the instance
owner’s email.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 71
Figure 47 - Console credentials
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 72
6.6 ACCESSING AWS MANAGEMENT CONSOLE
Invoke: or2-aws-management-console (or2awsmc)
The command returns a link by which you can login to AWS Management Console and get access to
AWS services (all but the IAM service).
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
--help Display command help No
Before you can run this command, please, ask your Project Coordinator to grant you respective
permissions in Manage Cloud wizard (available on Cloud Dashboard for project coordinators only).
Command Example
or2awsmc -p project
Response Example
Figure 48 - or2awsmc Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 73
6.7 IAM USER MANAGEMENT
Invoke: or2-iam-users (or2iam)
The command allows to describe, delete and set owner for IAM users.
CLI Parameters
Parameter name Description Required
-a, --action Action to be performed [describe, delete, setOwner].
Default: describe No
-e, --email EPAM email of the IAM user’s owner for the ‘-a
setOwner’ action No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
--reason IAM user deletion reason for the ‘a delete’ action No
-t, --type IAM user type. Allowed values : [aws, google] No
-u, --user-name IAM user name No
Before you can run this command, please, ask your Project Coordinator to grant you respective
permissions in Manage Cloud wizard (available on Cloud Dashboard for project coordinators only).
Response Elements
Name Description
userName IAM user name
type IAM user type
creationDate IAM user creation date
groupNames IAM user group names
mfaDevicesSerialNumbers Serial numbers of MFA devices
passwordLastUsed Date on which the password was last used
ownerEmail IAM user’s owner email
projectCode Project abbreviation in UPSA
Command Example
or2iam -p project
Response Example
Figure 49 – or2iam Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 74
6.8 ACCESSING AZURE MANAGEMENT CONSOLE
Invoke: or2-azure-management-console (or2azmc)
The command allows you to login to your project console on Azure Portal and sends you a notification
with login instructions.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
--help Display command help No
Before running this command, please make sure that the project is activated in Azure.
Command Example
or2azmc -p project
Response Example
Figure 50 - or2azmc Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 75
6.9 ACCESSING GOOGLE MANAGEMENT CONSOLE
Invoke: or2-google-management-console (or2goomc)
The command returns a link by which you can login to Google Management Console and get access to
Google Cloud Platform services.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--help Display command help No
Access to the console is provided for all projects activated in Google Cloud to which you are assigned.
When you access the Google Cloud Platform dashboard, you can select the project under which you
will be working.
Before you can run this command, please, ask your Project Coordinator to grant you respective
permissions in Manage Cloud wizard (available on Cloud Dashboard for project coordinators only).
Command Example
or2goomc
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 76
6.10 DECRYPTING INSTANCE PASSWORD
Invoke: or2-decrypt-password (or2dp)
Decrypts the password obtained in or2console mail message (for AWS and Google Cloud Platform).
CLI Parameters
Parameter name Description Required
--full Show full command output Default: false No
--help Display command help Default: false No
-e, --encrypted-password Full path to the file containing password to be
decrypted
Yes
-P, --plain-output Use plain output view Default: false No
--json Show command output in json format No
-p, --private-key-file Path to the file containing private key Yes
-y Provide this parameter for automatic command
confirmation
No
Response Elements
Name Description
decrypted The decrypted password
Command Example
This example shows decrypting an encrypted password.
or2dp -p private-key-file-path -e encrypted-password-file-path
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 77
6.11 ALLOCATING A STATIC IP FOR A PROJECT
Invoke: or2-allocate-static-ip (or2alsip)
Allocates a static IP for the specified project in the given region.
CLI Parameters
Parameter name Description Required
-d, --domain Show Elastic IP addresses for use with instances in EC2-
Classic or instances in a VPC. Applicable only for AWS
regions. Available domain types: [STANDARD, VPC].
Default: VPC
No
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Response Elements
Name Description
ipAddress The allocated IP address
isPublic The address Public status
domainType The domain type
Command Example
This example shows allocating a static IP to a project.
or2alsip -p project -r region
Response Example
Figure 51 - or2alsip Command Example
The ‘or2alsip’ command is not available in OpenStack regions.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 78
6.12 ASSIGN A STATIC IP TO A VM
Invoke: or2-associate-static-ip (or2assip)
Assigns the specified static IP to the given VM.
Please note:
• Assigning a static IP can take some time. Meanwhile, the VM will be unavailable for Maestro
CLI commands.
• If a VM is hosted in an EPAM region, its DNS will not change when a static IP is assigned.
• After associating a static IP, no additional configuration of your VM is required.
CLI Parameters
Parameter name Description Required
--any-ip-address Use any free IP address from among the allocated ones. If no
such address is found, try to allocate another address and
associate the VM with it
No
-a, --ip-address The IP to be assigned to the VM Yes
--full Show full command output. Default: false No
-i, --instance Target Instance ID or Name Yes
--help Display command help. Default: false No
-P, --plain-output Use plain output view. Default: false No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Response Elements
Name Description
ipAddress The allocated IP address
isPublic The address Public status
domainType The domain type
instanceID The ID of the instance to which the IP is assigned
ipState State of the IP address
Command Example
This example shows assigning a static IP to a VM.
or2assip -p project -r region -i instance_id -a ip_address
Response Example
Figure 52 - or2assip Command Example
The ‘or2assip’ command is not available in OpenStack regions.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 79
6.13 DESCRIBE STATIC IPS
Invoke: or2-describe-static-ips (or2dsip)
Returns the list of static IPs available for the project in the given region.
CLI Parameters
Parameter name Description Required
-a, --ip-address IP-address. For several addresses, repeat the parameter
several times. No
-d, -- domain Show Elastic IP-addresses for use with instances in EC2-
Classic or instances in a VPC. Available domain types:
[STANDARD, VPC].
No
--full Show full command output Default: false No
-i, --instance Target Instance ID or Name. To get info about several
instances, repeat the parameter.
No
--help Display command help No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Response Elements
Name Description
ipAddress The allocated IP address
isPublic The address Public status
domainType The domain type
instanceID The ID of the instance to which the IP is assigned
ipState State of the IP address
instanceName The name of the instance to which the IP is assigned
Command Example
This example returns the full list of the IPs allocated to the project
or2dsip -p project -r region
Response Example
Figure 53 - or2dsip Command Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 80
6.14 DISASSOCIATE A STATIC IP FROM A VM
Invoke: or2-disassociate-static-ip (or2dissip)
Disassociates the specified static IP from a VM.
Please note: when the operation is performed on a running VM in EPAM-UA1, EPAM-HU1, EPAM-RU2
regions, the VM is automatically shut down and is set to the STOPPED state.
CLI Parameters
Parameter name Description Required
-a, --ip-address The IP to be disassociated Yes
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Response Elements
Name Description
ipAddress The allocated IP address
isPublic The address Public status
domainType The domain type
instanceID The ID of the instance to which the IP is assigned (should be empty)
Command Example
This example shows disassociating a static IP from its VM.
or2dissip -p project -r region –a ip_address
Response Example
Figure 54 - or2dissip Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 81
6.15 RELEASE A STATIC IP
Invoke: or2-release-static-ip (or2relsip)
Removes the specific static IP from the project pool.
CLI Parameters
Parameter name Description Required
-a, --ip-address The IP to be released Yes
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization Region Yes
Command Example
This example shows removing a static IP from the project pool.
or2relsip -p project -r region -a ip_address
Response Example
Figure 55 - or2relsip Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 82
7 WORKING WITH VOLUMES
Each instance includes 100 GB Storage Volume for Windows Instances and 40 GB Storage Volume for
Linux Instances by default. In a case when your needs are above that, you can attach additional storage
volumes.
Please, note, that the size of the used volume influences the infrastructure price. Active (on started
instances) and Passive (on stopped instances) volumes are billed in different ways. For more details on
EPAM Cloud billing policy, please, see the Account Management Guide.
7.1 CREATE AND ATTACH VOLUME
Invoke: or2-create-attach-volume (or2addattvol)
Creates and attaches a storage volume to the specified instance.
• Each project in EPAM Cloud has a storage volume quota. To update it leave a request at support.epam.com.
• You can create and attach volumes to your permitted instances, in accordance with your project abbreviation in UPSA.
CLI Parameters
Parameter name Description Required
-d, --device System device to attach the volume Yes/No*
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --size Storage volume size in GB Yes
--help Display command help No
*-The device parameter is required for the AWS-type regions. For more details, please see this section.
Response Elements
Name Description
id Storage volume ID
system States whether the volume is a system one
size_MB Storage volume size in MB
instanceID Instance ID
state Current state of the volume
used States whether a storage volume is used at the time
usedSpace_MB Space used out of the attached volume
Command Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 83
This example creates and attaches new storage volume (1GB) to the specified instance hosted in an
AWS region.
or2addattvol -p project -r AWS-region -s 1 -i instance_id -d /dev/sdd
Response Example
Figure 56 - or2addattvol Response Example
When the created volume changes to the ‘ready’ status, you can use it for your project needs.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 84
7.2 ATTACH VOLUME
Invoke: or2-attach-volume (or2attvol)
Attaches specified storage volume to the specified instance. Available for AWS, Azure and
OpenStack regions. The specified storage volume and instance must belong to the same availability
zone, (e. g. us-east-1a).
CLI Parameters
Parameter name Description Required
-d, --device System device to attach the volume. Yes/No*
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Storage volume ID Yes
--help Display command help No
*-The device parameter is required for the AWS-type regions. For more details, please see this section.
Response Elements
Name Description
id Storage volume ID
system States whether the volume is a system volume
size_MB Volume size in MB
usedSpace_MB Amount of volume space used
state Current state of the volume
used States whether a storage volume is used at the time
Command Example
This example attaches the specified volume to the specified instance.
or2attvol -d /dev/hdc -i instance_id -v volume_id -p project -r region
Response Example
Figure 57 - or2attvol Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 85
7.3 DETACH VOLUME
Invoke: or2-detach-volume (or2detvol)
Detaches a storage volume from the specified instance. Available for AWS, Azure and OpenStack
regions. You can only detach volumes from permitted instances, in accordance with your project
abbreviation in UPSA.
1. You can currently detach only one volume at a time.
2. Detaching volumes can currently only be performed for stopped instance. Please, use ‘or2stop’
before launching this command.
3. This command is not available for personal projects
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Storage volume ID Yes
--help Display command help No
Response Elements
Name Description
id Storage volume ID
system States whether the volume is a system volume (only non-system volumes can
be detached)
size_MB Volume size in MB
instanceID ID of the VM from which the volume is detached
state Current state of the volume
used States whether a storage volume is used at the time
usedSpace_MB Amount of volume space used
Command Example
This example shows the common case of detaching a volume from an instance.
or2detvol -p project -r region -v volume_id
Response Example
Figure 58 - or2detvol Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 86
7.4 RESIZE VOLUMES
Invoke: or2-resize-volume (or2resvol)
Increases an earlier created storage volume to the specified size.
1. This command is not available in OpenStack, AWS, Azure and Google Cloud regions.
2. Current implementation only allows increasing the size of storage volumes, decreasing is
unavailable.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --size Target storage volume size in GB Yes
-v, --volume ID of the volume to be resized Yes
--help Display command help No
Response Elements
Name Description
id Storage volume ID
system States whether the volume is a system volume
size_MB Storage volume size in MB
instanceID ID of the instance the volume is attached to
state Current state of the volume
used States whether a storage volume is used at the time
usedSpace_MB Space used out of the attached volume
Command Example
This example resizes an earlier created volume to 100 gigabytes:
or2resvol -p project -r region -v volume_id -s 100
Response Example
Figure 59 - or2resvol Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 87
7.5 DESCRIBE VOLUMES
Invoke: or2-describe-volumes (or2dvol)
Describes storage volumes belonging to the specified project.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID. For several instances repeat the parameter. No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Storage volume ID. For several Volume IDs repeat the parameter. No
--help Display command help No
Response Elements
Name Description
id Storage volume ID
size_MB Storage volume size in MB
usedSpace_MB Space used out of the particular volume
instanceID In some cases, depending on virtual service provider, shows ID of the
instance to which the storage volume is attached
state Current state of the volume
used States whether a storage volume is used at the time
zone Volume availability zone (AWS-type regions only)
snapshot Volume snapshot ID, if present (AWS-type regions only)
type Volume type (AWS-type regions only)
device Volume device (AWS-type regions only)
system Specifies whether the volume is a system volume
deleteOnTermination States, whether the volume will be deleted on instance termination
(AWS-type regions only)
Command Example
This example describes existing storage volumes for specific instance.
or2dvol -p project -r region -i instance_id
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 88
Response Example
Figure 60 - or2dvol Response Example
Command Example
This example describes existing storage volumes. The ‘No volumes were found’ response means there
are no storage volumes for the project in the specified zone.
or2dvol -p project -r region
Response Example
Figure 61 - or2dvol Empty Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 89
7.6 DELETE VOLUME
Invoke: or2-delete-volume (or2delvol)
Deletes the specified storage volume. You can only delete permitted volumes, in accordance with your
project abbreviation in UPSA.
1. Currently you can only delete volumes one at a time.
2. The command deletes specified volumes even if they are attached to an instance.
3. Be careful when using in AWS-type regions. Make sure you do not accidentally delete your system
volume.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-v, --volume Storage volume ID Yes
-y Provide this parameter for automatic command confirmation No
--help Display command help No
Response Elements
Name Description
ID Storage volume ID
system States whether the volume is a system volume
size_MB Volume size in MB
instanceID ID of the instance the volume is attached to
state Current state of the volume
used States whether a storage volume is used at the time
usedSpace_MB Space used out of the volume
Command Example
This example shows the common case of deleting a volume.
or2delvol -p project -r region -v volume_id
Response Example
Figure 62 - or2delvol Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 90
7.7 FINDING THE DEVICE PARAMETER
To obtain the --device parameter required for attaching volumes in AWS regions, log in to your VM and
run the ‘df-h’ command. The response to this command will contain the following information:
Figure 63 - df-h Response Example
Find the device name for the root mount point in the ‘Filesystem’ column (in the example above, the
device name is highlighted in bold and underlined). The device name can have one of the following
formats: ‘/dev/xvda1’ or ‘/dev/sda1’. Modify the device name by replacing the last character with any
letter following it alphabetically. For example, if the device name is ‘dev/xvda1’, the modified name may
have the ‘/dev/xvdd’ or ‘/dev/xvde’ forms; for ‘dev/sda1’ – ‘/dev/sdd’ or ‘/dev/sde’.
Use the modified device name in the ‘or2addattvol’ command:
or2addattvol -p project -r AWS-region -s 50 -i instance_id -d /dev/sdd
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 91
7.8 MOUNTING STORAGE VOLUMES
Once you attach a volume to an instance, it has to be mounted in order to be used. The procedure is
different for Windows and Linux instances.
7.8.1 Windows OS family
1. Login to the instance via RDP
2. Launch 'Start' -> 'All Programs' -> 'Administrative Tools' -> 'Computer Management' or
run compmgmt.msc
3. In the tree pane, double-click the Storage node, and select 'Disk Management'
4. Right-click 'Disk Management' and select 'Rescan Disks'.
Figure 64 - Computer Management in Windows 8
5. After the disk scan completes, scroll down in the tasks pane to locate the new disk that was just
added. Right-click the disk and select 'Online'.
6. The new disk will be listed as 'Unknown' and 'Not Initialized'. Right-click the disk and select
'Initialize Disk'.
7. When the 'Initialize Disk' window opens, check the disk or disks to initialize, and click the
'Option' button to create either an MBR or GPT type disk.
8. Format the disk.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 92
7.8.2 Linux OS Family
1. Login to the instance via RDP
2. Execute the following commands to make the system able to see a newly attached virtual disk:
sudo su -
echo "- - -" > /sys/class/scsi_host/host0/scan
echo "- - -" > /sys/class/scsi_host/host1/scan
echo "- - -" > /sys/class/scsi_host/host2/scan
echo "1" > /sys/class/scsi_device/2\:0\:0\:0/device/rescan
echo "1" > /sys/class/scsi_device/2\:0\:1\:0/device/rescan
3. Create a file system (ext3) on '/dev/sdb'
If you have already attached other disks, use 'sdX', where 'X' identifies your disk
mkfs.ext3 /dev/sdb
4. Create a folder and mount the disk into it:
mkdir /media/storage
mount /dev/sdb /media/storage/
5. Now you can see your attached disk in disk lists
df -h
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 93
8 WORKING WITH CHECKPOINTS
Checkpoints are instance recovery points, containing the data (storage, memory, other devices) of an
instance, including storage volumes at a specific point in time.
Each checkpoint is billed per each GB of storage it takes. The size of the checkpoint depends on the
changes you make to the VM storage. The more changes you make, the heavier your checkpoint is.
Please note that using checkpoints increases the infrastructure price. Active (on started instances) and
Passive (on stopped instances) checkpoints are billed in different ways. Meanwhile, 1GB active checkpoint
storage is about 3 times higher than the price of 1GB HDD running. For more details on EPAM Cloud billing
policy, please, see the Account Management Guide.
The table below compares the monthly price of a standard VMs of different shapes, with 60 GB storage
and with 60 GB checkpoint (in BY2 Region):
Size Standard Price With Checkpoint
MINI $50.31 $108.69
SMALL $53.23 $111.61
MEDIUM $70.03 $128.42
LARGE $86.84 $145.22
XL $101.45 $159.83
3XL $163.54 $221.92
We strongly recommend to create checkpoints only before introducing critical changes to your VM, and
remove a checkpoint when it becomes clear that the changes are successful.
Checkpoints manipulations are available only in ESX-based EPAM regions and cannot be performed on
instances in OpenStack Regions, AWS, Azure, or Google clouds.
It is recommended to stop an instances before creating a checkpoint on it. This ensures seamless reverting
to the checkpoint. Otherwise, guest OS performance issues may occur.
It is advised not to use the Checkpoints during large periods of time. Long-living checkpoints significantly
increase the price of your VM, reverting to a checkpoint that is older than 30 days can have unpredicted
results.
The price of 1GB active checkpoint storage is about 3 times higher than the price of 1 GB of HDD running.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 94
8.1 CREATE INSTANCE CHECKPOINT
Invoke: or2-create-checkpoint (or2ccp)
Creates an instance recovery point, containing data (storage, memory, other devices) of a virtual machine,
including storage volumes at a specific point in time.
• To ensure seamless reverting to a checkpoint, it is recommended to stop the VM before running the
or2ccp command.
• All storage-related commands (or2attvol, or2addattvol, or2delvol, or2detvol) for the instance are
disabled once a checkpoint has been created.
CLI Parameters
Parameter name Description Required
-d, --description Checkpoint description No
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
size_MB Checkpoint size
description Checkpoint description
processTime Checkpoint creation or update time
instanceID ID of the instance for which the checkpoint is created
current States whether the checkpoint represents current state of the instance
state Current state of checkpoint
Command Example
> or2ccp -r region -p project -i instance_id -d checkpoint_description
Response Example
Figure 65 - or2ccp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 95
8.2 DESCRIBE INSTANCE CHECKPOINTS
Invoke: or2-describe-checkpoints (or2dcp)
Describes checkpoints created for the specified instance or all checkpoints in the specified project and
region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID No
-P, --plain-output Use plain output instead of default table output No
-p, --project Project abbreviation in UPSA Yes
--json Show command output in json format No
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
instanceID ID of the instance for which the checkpoint was created
owner Instance owner
state Current state of checkpoint
processState Checkpoint creation progress in percent
size_MB Checkpoint size
current States whether the checkpoint represents current state of the instance
createdDate Checkpoint creation date
outdated States whether the checkpoint is outdated
description Checkpoint description
Command Example
or2dcp -r region -p project -i instance_id
Response Example
Figure 66 - or2dcp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 96
8.3 GO TO INSTANCE CHECKPOINT
Invoke: or2-go-to-checkpoint (or2gcp)
Reverts to the specified instance checkpoint.
CLI Parameters
Parameter name Description Required
-c, --checkpoint ID of the checkpoint to be used. Yes
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
size_MB Checkpoint size
description Checkpoint description
processTime Checkpoint creation or update time. This parameter initially shows the checkpoint
creation date and with each checkpoint update changes to the update time
instanceID ID of the instance for which the checkpoint is created
current States whether the checkpoint represents current state of the instance
state Current state of checkpoint
Command Example
or2gcp -r region -p project -i SAMPLE -c
checkpoint-2012_12_11_12_02_18_EVBYMINSDSAMPLE
Response Example
Figure 67 - or2gcp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 97
8.4 REVERT TO INSTANCE CHECKPOINT
Invoke: or2-revert-to-checkpoint (or2rcp)
Reverts instance to the latest available checkpoint.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
size_MB Checkpoint size
description Checkpoint description
processTime Checkpoint creation or update time. This parameter initially shows the checkpoint
creation date and with each checkpoint update changes to the update time
instanceID ID of the instance for which the checkpoint is created
current States whether the checkpoint represents current state of the instance
state Current state of checkpoint
Command Example
or2rcp -r region -p project -i instance_id
Response Example
Figure 68 - or2rcp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 98
8.5 DELETE INSTANCE CHECKPOINT
Invoke: or2-delete-checkpoint (or2delcp)
Deletes specified instance checkpoints.
Deleting a checkpoint can take long time, even several hours. The parent VM is unavailable till the
deletion process is completed.
If your checkpoint ID contains spaces, encase the -c parameter value in double quotes
CLI Parameters
Parameter name Description Required
-c, --checkpoint ID of the checkpoint to be deleted. Yes
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Provide this parameter for automatic command confirmation No
--help Display command help No
Response Elements
Name Description
id Checkpoint ID
state Current state of checkpoint
description Checkpoint description
current States whether the checkpoint represents current state of the instance
Command Example
or2delcp -r region -p project -i instance_id -c
checkpoint-2012_12_11_12_02_18_EVBYMINSDSAMPLE
Response Example
Figure 69 - or2delcp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 99
9 WORKING WITH HARDWARE SERVERS
EPAM Cloud supports adding hardware resources under the Orchestrator control for proper billing and
monitoring of hardware resources. Dedicated instances related to hardware resources are assigned to the
special hardware region, EPAM-HW1, and this name is to be specified when calling the hardware-related
commands.
9.1 HARDWARE SERVER REGISTRATION
Invoke: or2-register-hardware-server (or2reghs)
This command registers a dedicated instance as a hardware server in EPAM Cloud. During registration,
the hardware server configuration is specified, so that it could be billed accordingly.
This command is available to zone administrators only.
CLI Parameters
Parameter name Description Required
-c, --cost-center Cost center Yes
-u, --cpu-count Number of physical processors. Positive integer in the range of 1-8.
Yes
--full Show full command output instead of default basic one No
-h, --hdd-space HDD space in GB. Positive integer Yes
--help Display command help No
-l, --location DC name, address of the actual server position No
-m, --memory-size RAM volume in MB. Positive integer in the range of 1024-1048576
Yes
-o, --ownership Server ownership. Available ownership values: [PROJECT, CUSTOMER, EPAM]
Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-d, --registration-date Date of hardware resource registration for chargeback. Should consist of date and time in the following format: yyyy-MM-ddTHH:mm. For example: 2015-05-01T10
Yes
-n, --server-name Hardware server name Yes
-e, --server-usage Server usage in percent. Positive integer, max 100%. Yes
-t, --units-count Units count. Positive integer in the range of 1-10 Yes
-w, --working-power Working power in kW No
Response Elements
Name Description
instanceId Instance ID of the hardware server
name Hardware server name
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 100
cpu Number of physical processors
memory RAM volume in MB
owner Server ownership
registrationDate Date of hardware resource registration for chargeback
workingPower Working power in kW
location DC name, address of the actual server position
Command Example
The following command registers a server owned by EPAM with 100% usage in a single project:
> or2reghs -c cost_center -u cpu_count -h hdd_space -m memory_size -o EPAM -p
project -r EPAM-HW1 -d yyyy-MM-ddTHH:mm -n server_name -e 100 -t units_count
The following command registers a server owned by Customer with 30% usage in a project:
> or2reghs -c cost_center -u cpu_count -h hdd_space -m memory_size -o CUSTOMER
-p project -r EPAM-HW1 -d yyyy-MM-ddTHH:mm -n server_name -e 30 -t
units_count
Response Example
Figure 70 - or2reghs Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 101
9.2 HARDWARE SERVER UNREGISTRATION
Invoke: or2-unregister-hardware-server (or2unreghs)
This command unregisters a dedicated instance that was previously registered as a hardware server in
EPAM Cloud.
This command is available to zone administrators only.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-i, --instance Server instance ID No
Command Example:
>or2-unregister-hardware-server --project demopro --region demopro –instance
i-00000000
Response Example:
Figure 71 - or2unreghs Response Example
9.3 HARDWARE SERVER MODIFICATION
Invoke: or2-modify-hardware-server (or2modhs)
This command modifies the settings of an existing hardware server.
This command is available to zone administrators only.
CLI Parameters
Parameter name Description Required
-u, --cpu-count Number of physical processors. Positive integer in the range of 1-8.
No
--full Show full command output instead of default basic one No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 102
-h, --hdd-space HDD space in GB. Positive integer No
--help Display command help No
-i, --instance Dedicated instance ID of the server to be modified Yes
-l, --location DC name, address of the actual server position No
-m, --memory-size RAM size in MB. Positive integer in the range of 1024-1048576
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-e, --server-usage Server usage in percent. Positive integer, max 100%. No
-t, --units-count Units count. Positive integer in the range of 1-10 No
-w, --working-power Working power in kW No
Even though all parameters except ‘--instance' are optional, at least one server parameter with a modified
value has to be specified. If no other parameters are sent, the command returns the following message:
‘No parameters to modify!’.
Response Elements
Name Description
instanceId Instance ID of the hardware server
name Hardware server name
cpu Number of physical processors
memory RAM volume in MB
hddSpace HDD space in GB
unitsCount Units count
serverUsage Server usage in percent
workingPower Working power in kW
location DC name, address of the actual server position
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 103
Command Example
or2modhs -i dedicated_instance_id -u cpu_count -h hdd_space -m memory_space -
t units_count
Response Example
Figure 72 - or2modhs Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 104
9.4 HARDWARE REPORT
Invoke: or2-hardware-report (or2hr)
This command generates a hardware server usage report and delivers it to the requesting user’s email in
.csv format.
CLI Parameters
Parameter name Description Required
-d, --day Day for which the report is to be retrieved No
--full Show full command output instead of default basic one No
--help Display command help No
-m, --month Month for which the report is to be retrieved No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No
-r, --region Virtualization region Yes
-y, --year Year for which the report is to be retrieved No
Response Elements
Name Description
ServerName Hardware server name
State Current state of the hardware server
Zone Virtualization region in which the server is used
ProjectCode PMS code of the project for which the hardware server is used
CostCenter Cost center to which the hardware server is attached
HDDSpace HDD space of the server
UnitsCount Units count
ServerUsage Server usage in percent
MemoryMB RAM size in MB
CpuCount Number of physical processors
RegistrationDate Date of hardware server registration for chargeback
Location Physical location of the hardware server
WorkingPower Working power in kW
Command Example
or2hr -r region
Response Example:
Figure 73 - or2hr Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 105
10 AUDIT AND BILLING
EPAM Cloud Orchestrator utilizes a specifically designed flexible billing model. Striving to make EPAM
Cloud experience as comfortable for our customers as possible, we implemented an easy no contract model
not requiring any commitments from you: you pay only for utilized resources based on no contract pricing.
For the sake of easier comprehension, the billing model is presented on the following diagram and detailed
below:
Figure 74 - Price Breakdown
You can find the details on EPAM Cloud Service billing strategy, and instructions on project cost estimation
in our Account Management Guide.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 106
10.1 PROJECT REPORT
Invoke: or2-report (or2report)
The command prepares a monthly billing report for the specified project. This provides you the ability to
self-manage and control your infrastructure and keep track of expenses through various reports. This is
very useful for big projects with large infrastructure. Each report can be exported into *.csv file to supply
with an option to keep track of changes even in files.
CLI Parameters
Parameter name Description Required
-d, --day Day to retrieve report for No
--full Show full command output instead of default basic one No
-m, --month Month to prepare the report for (Accepted values: 1-12) Yes
-o, --owner Email or ‘Name Surname’ of a user to generate a report by the instances assigned to them
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region If the region is specified as ‘AWS’, the report will describe all the Amazon regions activated for the specified project.
No
-g, --tag Specify a tag to collect only records with the tag. Must be specified as ‘-g user:tag=tag-name’ Default behavior: collect all records.
No
-t, --type
Report type. The following values are available: Total – total amount billed (default option) Subtotal – total amount billed split by categories Resource – total amount billed split by categories and instances Hourly – detailed report. Quota – current state of resource utilization quota
No
-e, --email Receive a .csv file with report to your email No
-y, --year Year to prepare the report for Yes
-a, --account-report Get a report by manager account No
-n, --account-name
Account name. Any account name part is allowed (Manager, Customer or Maestro). If this parameter is not specified and the report type is set as "account", report by Manager account is provided.
No
-i, --instance Instance ID. Only records by specified instances will be included to the report
No
--help Display command help No
The different types of reports have different output location. Total and Subtotal reports are displayed as
Maestro CLI response.
The resource and hourly reports will create a .csv file in the %MAESTRO_HOME%out/reports folder.
Please note that resource and hourly reports are not supported for Azure.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 107
Response Elements
Name Description
type Report item type
project Project abbreviation in UPSA
zone Virtualization region
productCode Billable product code
productName Billable product name
usageType Method of product usage
quantity Billable product quantity
currency Report currency
total Total amount billed
quotaType Quota type
monthlyQuota Monthly resource quota
current (USD) Amount billed since the beginning of the month
utilization Monthly resource utilization quota percentage used since the beginning
of the current month
actionPlan Action to be taken upon quota depletion
status Quota status
Command Example
The command retrieves the total amount billed for the ‘Sample’ project for February 2013.
or2report -m 2 -y 2013 -p project –r region
Response Example
Figure 75 - or2report Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 108
10.2 GET PRICES
Invoke: or2-price (or2price)
Lists current monthly prices for EPAM Cloud Resources
The values returned by the command do not apply for AWS-type regions
CLI Parameters
Parameter name Description Required
-d, --day Get prices for a specific number of days
Acceptable values: positive integers > 0 No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-r, --region Virtualization region Yes
-t, --resourceState Show prices for active/inactive resources only. Acceptable
values: ‘active’, ‘inactive’ No
-s, --shape
Show prices for specific shapes.
Acceptable values: ‘micro’, ‘mini’, ‘small’, ‘medium’, ‘large’,
‘xl’, ‘2xl’, ‘3xl’, ‘4xl’, ‘5xl’, ‘6xl’, ‘7xl’, ‘8xl’.
No
--help Display command help No
The response to the or2price command is broken down into the following price components:
Instance Price:
Response Elements
Name Description
Shape Instance Shape
OsType Operating system installed
Shape Instance Shape
soft&labor Base hourly cost of maintenance and software use
Memory price Price per 1 GB of RAM
vCoresPrice Price per 1 vCore
systemStoragePrice Price per GB of system storage
totalPrice Total price per instance
Checkpoint Price:
Response Elements
Name Description
activePricePer1GB Price per 1 GB of active checkpoint (on started instances)
inactivePricePer1GB Price per 1 GB of inactive checkpoint (on stopped instances)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 109
Additional Storage Price:
Response Elements
Name Description
activePricePer1GB Price per 1 GB of active storage (on started instances)
inactivePricePer1GB Price per 1 GB of inactive storage (on stopped instances)
Machine Image Price:
Response Elements
Name Description
pricePer1GB Price per 1 GB of created machine image
For EPAM-BY1 region the ‘or2price’ command also returns the price for the RDB service with guaranteed
capacity, as this is the only region where such service is offered. The price consists of two components:
Service Creation Price – the one-time price of the RDB-MSSQL-CSA service creation
Service Attribute Prices – the price of RDB-MSSQL-CSA database depending on its size
Command Example
or2price -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 110
Response Example
Figure 76 - or2price Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 111
10.3 INSTANCE AUDIT
Invoke: or2-audit (or2audit)
Views all relevant instance-related information for a specified period of time.
CLI Parameters
Parameter name Description Required
-d, --days Number of days to retrieve information for.
Default value: 3. The number must not exceed 100 No
-f, --from Starting date to retrieve information about an instance (yyyy-mm-dd)
Must not be earlier than 100 days before current date No
--full Show full command output instead of default basic one No
-g, --group Audit events group. Available groups: [PROJECT, ACS,
HARDWARE, DOCKER, AEM, JENKINS] No
-i, --instance Instance ID No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack The ID of the stack for which audit is to be retrieved No
-t, --to End date to retrieve information about an instance (yyyy-mm-dd) No
--help Display command help No
If you do not specify the -i/--instance parameter, the command response will include information
concerning all instances for the specified project.
Response Elements
Name Description
Date Date of event
User ID of the user, who launched an event
Action Event ID
instanceID ID of the instance
message Event description
region Virtualization region
project Project abbreviation in UPSA
Command Example
This example lists instance-related events for the specified period
or2audit -p project -r region -f 2016-03-01 -t 2016-04-01 -i instance_id
Response Example
Returns major events having occurred to the instance during the specified period of time
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 112
Figure 77 - or2audit Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 113
10.4 WORKING WITH EO ACCOUNTS
An EPC Account is a logical group of projects that can be associated to a cost-center. An account is
created by request to Consulting Team or to Help Desk , where you specify the following details:
• the account name
• the list of the projects to be included to the EPC Account
• the primary and secondary contacts
The people specified as the account contacts will get access to the EPC Account reporting information
even if they are not assigned to the projects associated with this account.
When the EPC Account is activated, you can use the or2report command with the -a/--account parameter:
or2report -m 03 -y 2016 -a account_ID -t total
The requested report will be mailed as a .csv file and contain the list of the user’s projects, the cost centers
in which they are priced (each cost center is bound to a virtualization region), the reporting period and the
cost:
Figure 78 - Account report
To see the details on EO Accounts assigned to you, use the or2-describe-eo-account (or2dacc).
The command provides the information on EO Accounts available to the user.
CLI Parameters
Parameter name Description Required
-c, --contacts Account contact email. For several contacts, repeat the
parameter Yes
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--help Display command help No
Response Elements
Name Description
accountId The ID of the account assigned to the specified user
projectCodes The list of the projects included to the account
description Account description
contacts Account contacts
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 114
Command Example
This example lists instance-related events for the specified period
or2dacc -c [email protected]
Command Response
Figure 79 - or2dacc Command Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 115
11 USING TAGS
Tags are used to identify Cloud items, such as instances, checkpoints and volumes, for further easier
reference and manipulation. The tags are typically used in or2report command in order to retrieve the
information only on the specified group of resources.
The tag can also be used to filter the instances on Management page.
11.1 SET TAG
Invoke: or2-set-tag (or2settag)
Assigns custom tags to an instance or a volume for billing purposes to share costs between projects.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-r, --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-t, --tag
Tag value. Multiple tags are supported. Allowed formats:
prefix1:key1=value1,prefix2:key2=value2
prefix1:key1=, prefix2key2=
key1=value1,key2=value2
value1,value2
Default prefix: user. Default key: tag
Yes
--help Display command help No
1. Reports by tags take billing info starting from the moment of tag creation. The resource price that
existed before the tag was added, won’t be taken into account in a tag report.
2. The following symbols are NOT accepted when used in key or value for this command: < > ( ) + &
^_ * \ | "
3. If you use this command for a Windows instance, please, encase the ‘-t’ parameter in quotes i.e.
"tag"
4. 10 tags per resource are supported.
5. “eo” or “aws” cannot be used as prefixes.
6. If the or2settag command results in no change (for example, all tags sent in the command already
exist), an error response is returned. If only some tags exist, new tags will be set.
Command Example
This example assigns a tag to an instance.
or2settag -p project -r region -i instance_id -t prefix1:key1=value1
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 116
Response Example
The command confirms tag assignment.
Figure 80 - or2settag Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 117
11.2 DESCRIBE TAG
Invoke: or2-describe-tag (or2dtag)
Retrieves custom tags, assigned to an instance or a volume for billing purposes.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID No/Yes*
-v, --volume Volume ID No/Yes*
-c, --checkpoint Checkpoint ID No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
*Either --instance or --volume should be specified.
Response Elements
Name Description
resourceType Specifies, whether the resource is an instance or a volume
resourceId Resource ID
prefix Specifies, whether the tag has been added by a user
key Tag indication
value Tag value
Command Example
This example retrieves an assigned tag from an instance.
or2dtag -p project -r region -i instance_id
Response Example
Figure 81 - or2dtag Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 118
11.3 DELETE TAG
Invoke: or2-delete-tag (or2deltag)
Deletes a custom tag from an instance or a volume.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t, --tag Tag value to be removed Yes
--help Display command help No
If the or2deltag command results in no change (for example, none of the tags sent in the command exist),
an error response is returned. If only some tags exist, they will be removed.
Response Elements
Name Description
resourceType Specifies, whether the resource is an instance or a volume
resourceId Resource ID
prefix Specifies, whether the tag has been added by a user
key Tag indication
value Tag value
Command Example
This example retrieves an assigned tag from an instance.
or2deltag -p project -r region -i instance_id -t tag_value
Response Example
Figure 82 - or2deltag Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 119
12 WORKING WITH FILES
EPAM Orchestrator allows to upload files to the Orchestration Server for further reference and usage.
12.1 UPLOAD A NEW FILE
Invoke: or2-upload-file (or2uf)
The command is used to upload a new file and save it in Orchestrator. The command can be used to upload
the following types of files:
• script files: any script file
• EO-template: Maestro Stack template files
• Zabbix-template: Files with templates for Zabbix Server
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA. Upload the resource as system if this
parameter is absent. No
-d, --description Description of the file to be uploaded Yes
-t, --type File type [script, eo-template, cf-template, zabbix-template,
blueprint] Yes
-f, --file-path The local file path Yes
-n, --name Name under which the file will be uploaded (different from the name
in the file path) No
--help Show command help No
1. cf-template option is supposed to be used with confirmation files, however, this functionality is not
implemented yet.
2. If the --project parameter is not given in the command call, but is specified in default.properties file, it
will not be added automatically, because only obligatory parameters are applied this way, and --project
is optional here.
Response Elements
Name Description
name file name
link file download link
size file size
Command Example
or2uf -p project -f d:\work\maestrostacks\test.json -t eo-template -d
testFileUpload
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 120
Response Example
Figure 83 - or2uf Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 121
12.2 DELETE A FILE
Invoke: or2-delete-file (or2delf)
Deletes a previously uploaded file from Orchestrator’s repository.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No
-n, --file-name Name of the file to be deleted Yes
-t, --type File type [script, eo-template, cf-template, zabbix-template,
blueprint] Yes
--help Display command help. Default: False No
Response Elements
Name Description
name File name
description File description
link The link to the file
size The file size
1. To delete a Maestro Stack template file, specify the file type as eo-template
2. The or2-delete-file command does not actually delete the file from the Orchestrator database, but
marks it as “deleted”, so that it becomes unavailable for further reference. To upload the same file
once more to the same region and project, you will need to change the file name.
Command Example
or2delf -n file1.json -p project -t eo-template
Response Example
Figure 84 - or2delf Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 122
12.3 DESCRIBE FILES
Invoke: or2-describe-files (or2df)
Describes uploaded and available files for the specified project.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA. If the parameter is absent, the
system resource will be described No
-n, --file-name File name No
-t, --type File type [script, eo-template, cf-template, zabbix-template,
blueprint] Yes
--help Display command help No
1. To describe a Maestro Stack template file, specify the file type as eo-template
2. cf-template option is supposed to be used with confirmation files, however, this functionality is not
implemented yet.
3. If the --project parameter is not given in the command call, but is specified in default.properties file, it
will not be added automatically, because only obligatory parameters are applied this way, and --
project is optional here.
Response Elements
Name Description
name Script name
description File description
link File download link
size File size
Command Example
or2df -p project -n test.json -t eo-template
Response Example
Figure 85 - or2df Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 123
13 SECURITY SCANNING
As an additional security measure, EPAM Orchestrator supports Nessus scanning which is used to identify
VM vulnerabilities. Nessus scanning can be performed automatically on schedule and manually, initiated
by the user.
13.1 STARTING SECURITY SCAN
Invoke: or2-security-check (or2sc)
Initiates Nessus security scan of the specified resources.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-i, --instance Instance to be scanned No
-l, --policy Nessus advanced policy ID No
-s, --server Nessus server to be used during scanning. Possible values:
INTERNAL, EXTERNAL. Default value: INTERNAL No
-t, --template Nessus template UUID No
--help Display command help No
Command Example
or2sc –p project_id -r region
Response Example:
Figure 86 - or2sc Response Example
The security scan report is sent to the user’s email.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 124
13.2 DESCRIBING NESSUS TEMPLATES
Invoke: or2-describe-nessus-templates (or2dnt)
Describes all Nessus templates available for security scanning.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-r, --region Virtualization region Yes
-t, --type Nessus server type. Possible values: INTERNAL,
EXTERNAL. Default value: INTERNAL Yes
--help Display command help No
Response Elements
Name Description
templateAlias Alias of the Nessus policy template
policyAlias Alias of the Nessus policy
templateId ID of the Nessus policy template
policyId ID of the Nessus policy
Command Example
or2dnt –t internal -r region
Figure 87 - or2dnt Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 125
14 AUTOMATING INFRASTRUCTURE MANIPULATION
EPAM cloud Orchestrator supports mechanisms that allow to automate the process of infrastructure
creation and manipulation via special templates that aggregate the descriptions of sets of actions that are
to be performed.
There are two types of templates that can be processed by Orchestrator. They are Amazon Cloud
Formation Templates and Maestro Stacks.
14.1 AMAZON CLOUD FORMATION
The detailed information about AWS Cloud Formation is given in Cloud Formation Service guide.
14.1.1 Run AWS Stack
Invoke: or2-run-aws-stack (or2rawss)
Runs a new AWS stack based on an existing template.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name Name of the stack to run.
Must satisfy AWS naming rules: [a-zA-Z][-a-zA-Z0-9]* Yes
-t, --template-name Name of an existing template in Orchestrator storage Yes
-d, --default-parameters Run stack with default parameters No
-m, --timeout-in-minutes The amount of time during which the stack must be created,
otherwise stack creation considered as failed No
-b, --disable-rollback Disable stack rollback if the stack creation fails No
-c, --capability The list of the capabilities allowed in the stack. No
-n, --notification-ar-ns
The Simple Notification Service (SNS) topic ARNs to
publish stack related events. For several topic ARNs repeat
the parameter
No
-f, --on-failure
Specifies the action to be taken if stack creation fails.
Available actions: DO_NOTHING, ROLLBACK, DELETE.
Ignored if "--disable-rollback" parameter is set to "true"
No
-R, --parameter
Parameter name=value pair. Use "=" as delimiter. Repeat
for several parameters: --parameter name1=value1--
parameter name2=value2 --parameter nameN=valueN. If
you use Windows command line, please, encase the -r
parameter in quotes i.e. "name=value". Conditional: You
must pass the --parameter or --parameter-config . If both
are passed, only --parameter is used
No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 126
CLI Parameters
Default: []
-g, --parameter-config
Full path to the stack parameters configuration file.
Conditional: You must pass --parameter or --parameter-
config. If both are passed, only --parameter is used
No
--help Display command help No
If you do not use either -d/--default-parameters, -R/--parameter, or -g/--parameter-config parameter,
you will be asked to specify additional information, depending on your template e.g. key, instance shape,
DB name/access credentials and root password for the instance.
Response Elements
Name Description
stackName Name of the stack
StackID Unique ID of the stack assigned by AWS
status Current state of the stack
Command Example 1
or2rawss -r aws-region -s stack_name -t template_name –p project
Response Example 1
Figure 88 - or2rsawss Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 127
14.1.2 Describe AWS Stacks
Invoke: or2-describe-aws-stacks (or2dawss)
Describes one or more existing AWS stacks for the specified project and region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
No
--help Display command help No
Response Elements
Name Description
stackName Name of the stack
stackID Unique ID of the stack assigned by AWS
status Current state of the stack
description * The stack description
outputs*
Stack output, giving the information on the executed stack:
Instance ID – The ID of the newly created EC2 instance
PublicDNS – Public DNSName of the newly created EC2 instance
PublicIP – Public IP address of the newly created EC2 instance
parameters* Lists the parameters used within the specified stack
disableRollback* specifies whether the stack rollback in case of a failure is disabled
creationTime* The time when the stack was created
The options with the asterisk (*) are displayed only when the --full output mode is on
Command Example
or2dawss -r aws-region –p project –s stack_name
Response Example
Figure 89 - or2dawss Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 128
14.1.3 Describe AWS Stack Events
Invoke: or2-describe-aws-stack-events (or2dawsse)
Returns the events related to the specified stack.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
Yes
--help Display command help No
Response Elements
Name Description
date The event date
logicalResourceId The logical name of the resource given in the template
resourceStatus The current resource status
resourceStatusReason The resource-associated message informing on the success or failure
physicalResourceId The resource physical instance unique identifier
stackName The name assigned to the stack
resourceType Type of the resource
Command Example
or2dawsse -s stack_name -r aws-region -p project --full
Response Example
Figure 90 - or2dawsse Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 129
14.1.4 Describe AWS Stack Resources
Invoke: or2-describe-aws-stack-resources (or2dawssr)
Describes the resources for running and deleted stacks. one or more existing AWS stacks for the specified
project and region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
No
-l, --logical-id The logical name of the resource as specified in the template No
-h, --physical-id The name or unique identifier that corresponds to a physical
instance ID of a resource supported by AWS CloudFormation No
--help Display command help No
If the --stack-name parameter is specified, the command will return all the associated resources included
to the stack.
If the --physical-resource-id is specified, the command returns the resources of the stack to which the
resources belong.
If you specify both --stack-name and --physical-resource-id parameters in one command call, a validation
error will occur.
Response Elements
logicalId The logical name of the resource given in the template
status The stack status
physicalId The name or unique identifier that corresponds to a physical instance ID of a resource
supported by AWS CloudFormation
stackName The name assigned to the stack
The command returns only the first 100 resources.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 130
Command Example
or2dawssr -r aws-region -p project -s stack_name
Response Example
Figure 91 - or2dawssr Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 131
14.1.5 Delete AWS Stack
Invoke: or2-delete-aws-stack (or2delawss)
Deletes an existing AWS stack.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-name
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
Yes
-y Provide this parameter for automatic command confirmation
Default: false No
--help Display command help No
Response Elements
Name Description
stackName Name of the stack
region Virtualization region
project Name of the project the stack is assigned to
StackID Unique ID of the stack assigned by AWS
status Current state of the stack
Command Example
or2delawss -r aws-region -s stack_name -p project -y
Response Example
Figure 92 - or2delawss Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 132
14.2 MAESTRO STACKS
The detailed information about Maestro Stack files creation and usage is given Cloud Formation Service
Guide.
14.2.1 Describe Maestro Stacks
Invoke: or2-describe-maestro-stacks (or2dmstack)
Describes one or more existing Maestro Stacks for the specified project and region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA No*
-r, --region Virtualization region No*
-s, --stack-id
Name of the stack to retrieve information about.
For several stacks repeat the parameter: -n stackName1 -n
stackName2 -n stackName3
No*
--help Display command help No
*Either --stack-id or --project and --region should be specified
Response Elements
Name Description
stackName The name of an existing stack
stackId The Id of the existing stack
Status The status of the stack
owner Stack owner
templateName The name of the template used to run the stack
Command Example
or2dmstack -r region –p project
Response Example
Figure 93 - or2dmstack Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 133
14.2.2 Run Maestro Stack
Invoke: or2-run-maestro-stack (or2rmstack)
Runs a new Maestro Stack based on an existing template.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --parameter
Parameter name=value pair.
To provide several parameters:
• Use "=" as delimiter. Repeat for several parameters:
-R name1=value1 -R name2=value2 -R nameN=valueN. If
you use Windows command line, please, encase the -r
parameter in quotes i.e. "name=value".
• Separate parameters with coma within one string:
-R "name1=value1,name2=value2,…nameN=valueN"
No
-s, --stack-name Name of the stack to run Yes
-b, --rollback
Roll back stack resources if stack creation failed. Note: 1.
Rollback influences only the issues created with this particular
stack.
2. Rollback does not work for CSA-Type regions
No
-t, --template-name Name of an existing template in Orchestrator storage No*
-m, --template-path Full path to the local Maestro Stack template No*
--help Display command help No
*Either ‘--template-name’ or ‘--template-path’ parameter should be specified.
or2-run-maestro-stack uses EO-template to search for the stack templates to run. If the specified template
is absent among project templates, it will be searched for among system ones.
Response Elements
Name Description
stackName Name of the stack
stackId The Id of the stack
status The current status of the stack
owner Stack owner
templateName The name of the used template
Command Example
or2rmstack -p project -r region -s scenario1 –m D:\Stacks\1scenario.json -b
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 134
Response Example
Figure 94 - or2rmstack -m Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 135
14.2.3 Delete Maestro Stack
Invoke: or2-delete-maestro-stack (or2delmstack)
Deletes a Maestro Stack previously run on Orchestration, including all the stack-related resources.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --stack-id The id of the stack to be deleted Yes
-y Automatic command confirmation
--help Display command help No
Response Elements
Name Description
stackName Name of the stack
stackId The Id of the stack
Status The current status of the stack
Owner The user who run the stack
templateName The name of the used template
Command Example
or2delmstack -p project -r region -s stack_name
Response Example
Figure 95 - or2delmstack -m Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 136
14.2.4 Describe Stack Resources
Invoke: or2-describe-maestro-stack-resources (or2dmsr)
Describes the resources created during the specified stack execution.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-s, --stack-id Name of the stack to retrieve information about. Yes
--help Display command help No
Response Elements
Name Description
resourceId The Id of an existing stack resource
resourceType The type of the stack-related resource
resourceState The current state of the stack-related resource
projectName The project abbreviation in UPSA
zoneName Virtualization region
Command Example
or2dmsr -s stack_id
Response Example
Figure 96 - or2dmsr Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 137
14.2.5 Validate Maestro Stack Template
Invoke: or2-validate-maestro-stack-template (or2vmst)
Performs a Maestro Stack template validation by the following parameters:
• JSON and XML syntax validation
• Stack template Logic check
• Check for the template commands availability in the region
• Check for template commands permission for the user
The validation covers all errors in the specified Maestro Stack template file and returns the list of the errors.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t, --template-name Name of the template No
-m, --template-path Full path to the local Maestro Sack template No
--help Display command help No
Response Elements
Name Description
Type Issue type
Message Issue description
Command Example
or2vmst -r region –p project -m template_path
Response Example
Figure 97 – or2vmst Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 138
14.2.6 Convert Maestro Stack Template
Invoke: or2-convert-maestro-stack-template (or2cmst)
Converts a Maestro Stack template into a CloudFormation template.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-f, --input-file Path to the Maestro Stack template Yes
-d, --output-file Path to the generated CloudFormation stack template. If no
path is specified, the stack template is displayed in the console No
--help Display command help No
Command Example
or2cmst -p project -r region -f template_path -d output_path
Response Example
Figure 98 - or2cmst Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 139
15 SERVICES
A service is a software solution that allows you to install and manipulate a component, necessary for your
project, with a simple set of Maestro CLI commands. The Services provide you with functionality that is
meant to simplify your work with Orchestrator and give you the additional infrastructure monitoring and
management tools.
Most services are started with the or2-manage-service command with the corresponding –service-name
flag specifying the service to start.
Below, you can see a list of the supported services, driven by or2-manage-service command:
• Monitoring Service
• Chef Server Service
• Log Aggregation Service
• Load-Balancing Service
• Docker Service
When running the services, Orchestrator creates instances with pre-defined settings. These instances are
used as servers for the started services. The corresponding or2-describe-<service> commands can
provide you with the necessary details on the instances involved into the service.
You can monitor the state and the performance of each service using the or2-audit command with --group
project flag. This command returns the list of the service events that take place in the specified project
during the current day. The details are given in this section.
Below, you can find the details on the general services-related commands, and the commands used to
manipulate the specific services.
The mapping table of the required images for EO PaaS services can be found in Annex G – PaaS Guest
Operating Systems.
The new services cannot be activated if the target project Chef mode was set to USER.
Platform services are not available in Google Cloud regions.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 140
15.1 SERVICES MANIPULATION
15.1.1 Starting a Service
Invoke: or2-manage-service (or2ms)
Activates/deactivates available services for a particular project
CLI Parameters
Parameter name Description Required
-a, --activate Activate service. Default: false Yes*
-c, --cluster-name Platform service cluster name Yes**
--customize Allows to customize parameters defined in service stack
template Yes/No****
-d, --deactivate Deactivate service. Default: false Yes*
--full Show full command output instead of default basic one No
--init-entry-point Refreshes the entrypoint information of the service in
default.properties file No
--help Display command help No
-i, --instance Instance ID. Can be used for service deactivation No
-k, --key-name Project SSH key name. Required for all services in AWS zones Yes***
-P, --plain-output Use plain output instead of default table output. Default: false No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --service-name
Platform service name, mandatory for service activation.
Valid service names: monitoring, chef, log, load-balancer,
docker, hadoop, ambari, jenkins, aem, aem-author-paas,
aem-publish-paas, messaging, hybris-single, hybris-large,
kubernetes, gerrit, sitecore-single, sitecore-dev-paas,
sitecore-lb-paas, sitecore-ci-paas, magento, splunk, splunk-
proxy, atg-small
Yes/No
-S, --service-id Platform service ID. This parameter can be used for service
deactivation No
-h, --shape Platform service Instance type No
-t, --stack Stack ID. This parameter can be used for service deactivation No
-v, --version The version of the application used within the service No
-y Provide this parameter for automatic command confirmation.
Default: false No
*Either activate or deactivate parameter should be specified
**Required for Ambari and Docker service activation
***Required for Ambari and most services in AWS zones; can be specified for Hadoop resources access
****Required for Hybris and Gerrit service activation
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 141
The response depends on the activated/deactivated service.
Response Elements
Name Description
stackName Name of the Maestro Stack used to run the service
stackId The ID of the stack run to launch a VM with all the corresponding server settings
status Displays the current command execution stage and its status
Command Example
The command runs the Zabbix monitoring service:
or2ms -p project -r region -s monitoring -a
Response Example
Figure 99 - or2-manage-service Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 142
15.1.2 Describing Project Services
Invoke: or2-describe-services (or2dser)
Describes the services activated for the given project in the given region.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --service
Service name. Valid service names: monitoring, chef, log, load-
balancer, docker, hadoop, ambari, jenkins, aem, messaging,
hybris-single, hybris-large, kubernetes, gerrit
No
--help Display command help No
The response depends on the activated/deactivated service.
Response Elements
Name Description
serviceId Existing service ID
serviceName The name of an activated project
availability Service availability status
project The name of the project for which the service is activated
stackID The ID of the stack that was used to start the service
ip The IP of the service VM
dns The DNS of the service VM
keyName The name of the key to be used with the service
webUiUrl The URL you can use to connect to the service server, if possible
user The user name to connect to the service server, if possible
password The password to connect to the service server, if possible
Command Example
This command reads the specified template and stores it to the specified local file
or2dser -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 143
Response Example
Figure 100 - or2dser Response Example (shown in 2 lines for better visibility)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 144
15.1.3 Monitoring the Services
Invoke: or2-audit –p <project> -r <region> -g PROJECT
The services-based events can be easily monitored by the or2-audit command with the
--group PROJECT property:
or2audit --group PROJECT
Such command will return the list of the service-related actions, invoked by the users or the system.
The following response elements are displayed:
• Date: The action date and time
• User: The user that invoked the action. Can be a Cloud User or System
• Action: The name of the performed action, e.g.:
|SERVICE_ACTIVATION_STARTED|
• Message: The message describing the action details, e.g.:
|Service LOAD-BALANCER activation started. See or2audit -s EPMC-
CLONginxServer-d55a2ece command for details.|
• Region: The virtualization region
• Project: The affected project
The command allows you to keep track of all the service-related events in your project.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 145
15.2 CHEF SERVER SERVICE
EPAM orchestration provides you with the possibility to run Chef Server as a service on you project, i.e.,
to use a project-specific Chef-server, when needed. Currently Chef Client v.12.0.0 is supported by default
based on Ubuntu 16.04_64-bit in all regions except CSA ones where only Chef 11 is supported.
When the service is run, you can switch between the following ACS modes:
• Default mode – the default mode for all projects in the EPAM Cloud. In this case, a common Chef
server is used for all production environment machines.
• EPC mode – use project-specific Chef server, created by EPAM Orchestrator for the specified
project.
• User mode – use project-specific Chef server, created and properly configured by the user. When
switching to this mode, the user should provide Chef server’s instance ID (or instance IP) and
manually upload validation.pem file to the Orchestrator’s file storage. The user should also provide
the path to validation.pem file during the command invocation.
It is impossible to start services in a project/region, if its Chef mode is set to USER.
While working in the EPC mode, please consider specific details below:
• Chef 12 has improved security approaches, and using SSL encryption is obligatory.
• Chef 12 run on Azure needs the port 443 to be open on your project subscription.
• The 0.0.0.0/0 range should be prohibited.
• Chef 12 is available in all regions (including AWS, Azure, and GCP), except ESX-based ones.
• In case 25 and more clients are connected to Chef 12-based server, Chef UI becomes paid.
• You can request a Chef 11-based EPC Chef server on Ubuntu 12, by adding the --version 11
parameter to the or2cm command
Setting the current Chef server on project will not apply any actions on the virtual machines. Re-
configuration of the software on instances is not allowed.
To apply auto-configuration changes, you need to re-register existing VMs on the new Chef server.
It is also recommended to remember that the creation of the project Chef Server is not an instant operation
and will take some time (up to one hour). These are the main conceptual limitations of the given
functionality.
It is possible to connect to Chef Server, created for EPC and USER modes, via HTTP connection and to
get the detailed information about the server.
The UI for the Default Chef server is not accessible
To get the URL to be used for connection, use the or2-describe-chef command. Use the server DNS name
to connect.
To login to an EPC Chef Server, use the following login and password:
Login: user
Password: chef-server
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 146
For initial login to a User Chef Server, use the login and password provided in the left corner of the login
page. It is highly advisable that you change these default credentials to custom ones. When you
successfully login, you will get access to Chef Server information. You can share an existing EPC Chef
server among several regions, projects and Cloud Platforms. To connect another region or project to an
existing EPC Chef server, you will have to add its Service ID to the or2-manage-services command run
for the project/region you want to add:
or2cm –p <project> -r <region> -m epc -S <serviceid>
In case you are not assigned to the project hosting the existing Chef server, Project Coordinator should
provide you with the server service ID.
15.2.1 Set Chef Mode
Invoke: or2-chef-mode (or2cm)
Sets one of the available chef modes (default, epc, user) to the project.
CLI Parameters
Parameter name Description Required
-m, --mode The desired mode to switch to. Available values: default, epc, user Yes
--full Show full command output instead of default basic one No
-i, --instance ID of the instance where Chef is installed No
-v, --key-file Path to the validation.pem file of the Chef server No
-k, --key-name Project SSH key name. Required for EPC mode in AWS regions No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-s, --shape Instance type No
--help Display command help No
-y Provide this parameter for automatic command confirmation.
Default: false No
If you call the or2cm command, please make sure that the chef mode has changed (use or2dchef
command) before creating new instances on your project. In case you need to establish a cross-project
connection, make sure you have permissions to run the or2cm command in the project which you want to
connect to the Chef server. Chef mode change can take about 30 minutes. During this period, the Chef
service is in the ‘unavailable’ state.
Response Elements
Name Description
stackName The name of the stack executed to change the Chef mode
stackId The ID of the stack executed to change the Chef mode
Status The stack status
Command Example
This example sets the project chef mode to epc:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 147
or2cm –p project –r region –m epc
Response Example
The command returns a list of newly set instance properties.
Figure 101 - or2cm Response Example
Find more information about work with shared Chef server in the Cloud Services Guide
15.2.2 Disabling Auto Configuration for Specific OS
EPAM orchestrator allows to disable auto configuration for VMs with specific OS types, rather than for the
whole project.
This is done by adding the --customize parameter to the or2-manage-service (or2ms) command with the
--activate flag:
or2ms -a -s chef -p project -r region --customize
When run, the command prompts you for the ACS disable mode. As a response, specify the OS family for
which the auto configuration should be disabled (ALL, WINDOWS, LINUX):
Figure 102 - Disabling auto configuration for a specific OS
The information on the auto configuration on the project can be found in the or2-describe-chef (or2dchef)
command: the disableType column shows the OS for which the service is disabled:
Figure 103 - Reviewing information on the current status of the ACS
To enable auto configuration back, run the same or2ms command with the --customize parameter, and
select the NONE mode.
The new auto configuration disabling mode is applied only to the virtual instances that are launched after
the mode is changed. The virtual instances created earlier, will stick to the mode in which they were created.
15.2.3 Retrieving Chef Information
Invoke: or2-describe-chef (or2dchef)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 148
Describes the project’s Chef Server mode.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
chefMode The current Chef Mode of the project
chefServer Current Chef DNS name
active Chef server state
Command Example
or2dchef –p project –r region
Response Example
Figure 104 - or2dchef Response Example
15.2.4 Collecting Info on Chef Clients
The or2-validate-chef (or2vchef) command allows the user to control and monitor the work of the service
indicating any errors occurred.
The command should be run in Maestro CLI on the target VM and does not need any parameters:
or2-validate-chef
The command output includes the following information:
Figure 105 - The or2-validate-chef command output
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 149
15.3 ZABBIX MONITORING SERVICE
EPAM Cloud Orchestrator provides you with the ability to create a Zabbix server to monitor your
infrastructure performance. You can specify which instances are being monitored by Zabbix server, and
stop monitoring them when needed.
The default metrics covered by Zabbix monitoring service are given below.
For Windows systems:
• CPU Load
• Free Memory
• Free memory in %
For Linux systems:
• CPU Load
• Disk Read/Write Operations
The set of monitored metrics can be customized by specifying a custom template when adding the instance
to the monitoring list.
You can see the information gathered by Zabbix Server, either on Orchestration UI Monitoring Page, or by
connecting to the server via HTTP. For the details, please, see the Viewing Zabbix Data section.
The default parameters of a Zabbix Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
For more details on Zabbix Monitoring service, please, see our Cloud Management Console guide.
15.3.1 Starting a Service
Invoke: or2-manage-service –p <project> -r <region> -s monitoring --activate
This command starts and sets up a Zabbix Monitoring server.
Each project can have only one Zabbix server activated for it. If the server is already activated, you will get
the respective command response:
Execution error. code=20054, message='monitoring service already
activated.
If there is no Zabbix server activated for your project, a special stack will be run to launch a VM with all the
corresponding Zabbix Server settings.
The command response will give the ID of the executed stack.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 150
15.3.2 Service Info
Invoke: or2-describe-monitoring (or2dmon)
Use the or2-describe-monitoring command to retrieve the information about the instances monitored by
Zabbix server, Zabbix monitoring templates and Zabbix agent availability.
Describes all activated projects accessible by current user.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA. To describe several projects,
repeat the parameter: -p project1 -p project2 -p projectN Yes
-r, --region Virtualization region name Yes
--help Display command help No
Response Elements
Name Description
monitoredInstanceId The IDs of the instances monitored by the described Server
zabbixServerInstanceId The ID of the Zabbix Server instance
monitoringtemplateNames The names of the monitoring templates used
zabbixAgentAvailability Zabbix Agent Availability status
Command Example
This command describes the Monitoring service for the specified project and region.
or2dmon –p project –r region
Response Example
Figure 106 - or2dmon Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 151
15.3.3 Start Monitoring an Instance
Invoke: or2-start-monitoring (or2mon)
This command adds the instance to Zabbix Monitoring list and Zabbix Server starts collecting the
information about this instance.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -
i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-t, --template Zabbix template No
--help Display command help No
Response Elements
Name Description
monitoredInstanceID The ID of the instance added to the monitoring list
zabbixServerInstanceId| The ID of the Zabbix Server instance
monitoringTemplateName The name of the monitoring template
For the correct Zabbix Monitoring service performance, it is recommended to add the custom image based
instances to the monitoring list (or2-start-monitoring command) only after they come to the running state.
Otherwise, the custom image can be indicated incorrectly and will be monitored as a Linux image
(regardless of its real type).
Command Example
This example starts monitoring of the specified instance.
or2mon -r region -p project -i instance_id
Response Example
Figure 107 - or2mon Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 152
15.3.4 Stop Monitoring an Instance
Invoke: or2-stop-monitoring (or2stopmon)
Stop monitoring the specified instance with Zabbix Monitoring Service.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -
i ID2 -i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
monitoredInstanceID The ID of the instance added to the monitoring list
zabbixServerInstanceId| The ID of the Zabbix Server instance
monitoringTemplateName The name of the monitoring template
Command Example
This example removes the specified instance from monitoring.
or2stopmon -r region -p project -i instance_id
Response Example
Figure 108 - or2stopmon Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 153
15.3.5 Viewing Zabbix Data
There are two ways to view Zabbix Server monitoring data. They are:
• Viewing the statistics on the Monitoring page of Orchestration UI
• Logging to the server via HTTP connection
Viewing the statistics on Monitoring Page
After an instance is added to the monitoring list with the or2-start-monitoring command, its statistics can
be seen on the Monitoring page. To view the instance details, select the instance in the project instance list
and unfold the line with the Zabbix metrics, interesting to you:
Figure 109 - Zabbix metrics details on UI
Logging via HTTP Connection
The typical address template for connecting to Zabbix server is:
http://<ZabbixServerInstanceID>
To get the Zabbix Server Instance ID, you can use the or2-describe-monitoring command.
To login to Zabbix Server via web interface, please, use the following credentials:
• Login: user
• Password: zabbix
The accessed Zabbix Server web-interface provides you with the Zabbix server details, such as number of
hosts, their statistics,system status, the issues that occurred, hosts status, configuration details, etc. You
can also get the graphs on the selected hosts. Unlike the graphs on the Monitoring page, these graphs
provide you not only with the information on the specified metrics, but also allow you to zoom the data to
see the statistics for the specified time period.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 154
Figure 110 - Zabbix Graph in web Interface
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 155
15.4 TELEMETRY AS A SERVICE
Telemetry as a Service allows monitoring the CPU utilization, disk Read/Write operations and network
traffic of your Linux instances. Support for Windows instances will be implemented later.
The service is based on Gnocchi, a metrics database platform, and collectd, a service collecting the
instance metrics and sending them to Gnocchi. Gnocchi version 4.0 and collectd version 5.7 are supported.
Currently, Telemetry as a Service allows gathering and storing metrics from the following images:
• Ubuntu 14
• Ubuntu16 (except EPAM-BY2 and EPAM-US1)
• CentOS 7
Support of other images will be implemented later.
At the moment, Telemetry as a Service is supported only in EPAM regions.
The default parameters of a Telemetry Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
Telemetry as a Service is deployed in two steps:
1. Starting a Telemetry server with Gnocchi and PostgreSQL. The server comes already with
installed and configured Gnocchi and PostgreSQL as well as with a Gnocchi client (the Gnocchi
shell utility allowing server manipulations via the command line).
2. Adding instances to the Telemetry service. In each added instance Chef auto-configuration is
invoked assigning a special Chef role to the selected instance. As the result, collectd client will be
installed on the instance together with a Gnocchi plugin to enable proper integration. After
successful configuration, the instance will send its metrics to the Gnocchi server.
The gathered metrics will be available either on the Maestro CLI console or in the Monitoring screen of the
Cloud UI. The metrics to be returned can be filtered by name, granularity (metrics by minutes, hours and
days can be selected) or aggregation method (average, min, max, sum, count, standard). Also, you can set
the date range for which you would like to retrieve the instance metrics.
15.4.1 Starting a Service
Invoke: or2-manage-service -p project -r region -s telemetry --activate
This command starts and configures a Telemetry server.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 156
15.4.2 Adding an Instance to Telemetry
Invoke: or2-start-telemetry (or2starttel)
This command adds the instance to Telemetry and creates a Gnocchi client on it. The Gnocchi client starts
sending the instance metrics to the Telemetry server.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
instanceID The ID of the instance added to the monitoring list
serverInstanceId The ID of the Telemetry Server instance
Command Example
This example starts one instance with specified instance ID.
or2mon -r region -p project -i instance_id
Response Example
Figure 111 - or2starttel Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 157
15.4.3 Stop Collecting Telemetry from the Instance
Invoke: or2-stop-telemetry (or2stoptel)
Stops collecting telemetry from the specified instance and removes the Gnocchi client.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
instanceID The ID of the instance removed from the monitoring list
serverInstanceId The ID of the Telemetry Server instance
Command Example
This example removes the specified instance from Telemetry monitoring.
or2stoptel -r region -p project -i instance_id
Response Example
Figure 112 - or2stoptel Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 158
15.4.4 Describe Telemetry Agents
Invoke: or2-describe-telemetry-agents (or2dtelag)
Describes the resources monitored by the Telemetry service.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-o, --original-resource-id Original Telemetry resource ID No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
originalResourceID ID of the instance generated by the Gnocchi client
serverInstanceId| The ID of the Telemetry Server instance
telemetryResourceID ID of the instance generated by the Gnocchi server
startedAt Date and time of instance inclusion to Telemetry monitoring
metrics Available metrics
state The state of the agent (Stopped/Running/Source_Unavailable)
Command Example
This example retrieves the list of all telemetry agents for the specified project and region.
or2dtelag -r region -p project
Response Example
Figure 113 - or2dtelag Response Example
If you specify the original resource ID in the or2dtelag command, the command will also return the list
of metrics available for that agent:
or2-describe-telemetry-agents -p project -r region –o original_resource_ID
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 159
Figure 114 - Telemetry agent with available metrics
15.4.5 Get Telemetry
Invoke: or2-get-telemetry (or2tel)
Retrieves the resource metrics from the Telemetry server.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-o, --original-resource-id Original Telemetry resource ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-a, --aggregation Aggregation method for the described measures. Available
values: [average, min, max, sum, count, std] Default: AVERAGE No
-c, --count Message count in output, positive integer. Default: 100 No
-d, --days History days, positive integer. Default: 1 No
-h, --hours History hours, positive integer.
-f, --from From date (yyyy-MM-dd or yyyy-MM-ddTHH:mm) No
-t, --to To date (yyyy-MM-dd or yyyy-MM-ddTHH:mm) No
-g, --granularity Granularity of the described measures. Available values:
[minute, hour, day]. Default: HOUR No
-m, --metric-name Metric name. If empty, all available metrics will be returned Yes
--help Display command help No
If you are using the --from and --to parameters, make sure you enter the local time values. If you use GMT
values, the returned data will be inaccurate.
Response Elements
Name Description
metricName Name of the metric
aggregationMethod Aggregation method
granularity Metrics granularity
timestamp Date and time of metrics collection
measureValue Value of the metrics
Command Example
This example returns matric data with the one-minute granularity.
or2tel -r region -p project –o original_resource_id –m metrics –g minute
Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 160
Figure 115 – or2tel Response Example
Telemetry as a Service returns metrics data in unnormalized form.
You can get the data visualized on Grafana-based web UI, by the URL given in the or2dser command
response.
15.5 LOG AGGREGATION SERVICE
EPAM Cloud Orchestrator provides the users with a GrayLog-based Log Aggregator Service that collects
the logs from the specified instances and provides an easy and visual access to them via a web-interface.
The default parameters of a GrayLog Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit.
The service is not available for Microsoft Azure.
15.5.1 Starting a Service
Invoke: or2-manage-service –p project -r region -s log --activate
This command runs a Maestro Stack that creates and sets up a VM with a GrayLog Server on it.
The GrayLog server setup is a complicated process and can take up to an hour.
15.5.2 Log Service Info
Invoke: or2-describe-logging (or2dlog)
The command gives the list of the logged instances and the DNS name of the GrayLog Server
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
This example shows the common case of describing the Log service on a project.
or2dlog -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 161
15.5.3 Start Collecting Logs from an Instance
Invoke: or2-start-logging (or2log)
Use this command to start collecting the logs from the specified instance.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -i ID2
-i IDN. Yes
-l, --log Full path to the log file No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
monitoredInstanceID The ID of the instance added to the monitoring list
grayServerInstanceId| The ID of the GrayLog Server instance
monitoringTemplateName The name of the monitoring template
Command Example
This example starts monitoring of the instance with the specified instance ID.
or2log -r region -p project -i instance_id
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 162
15.5.4 Stop Collecting Logs from an Instance
Invoke: or2-stop-logging (or2stoplog)
The command removes the instance from Logging Service list. The server stops collecting the instance log
data, but all the logs, previously aggregated, are kept.
Please note: the service cannot collect data from the server where it is hosted, in EPAM-BY2. EPAM-IN1,
EPAM-US2, and AWS regions, until the server is rebooted.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-i, --instance Instance ID For several instances repeat the parameter: -i ID1 -i ID2
-i IDN. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Command Example
This command stops monitoring of the instance with the specified instance ID.
or2stoplog -i instance_id -p project -r region
15.5.5 Viewing the Collected Logs
You can view the collected logs by connecting to the Log Server via HTTP.
The typical address template for connecting to Log Server is:
http://<LogServerDNS>
Use the or2dser command to find the Log Server DNS, login and password to be used to login to the
server.
When you log in, you will get to GrayLog Web Interface that provides you with the full access to the gathered
data.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 163
15.6 LOAD BALANCING SERVICE
EPAM Cloud Orchestrator provides the users with a Nginx-based Load Balancing Service, that allows the
user to arrange load balancing with a set of CLI commands.
The default parameters of a Load Balancer Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
15.6.1 Starting and Managing the Service
To start the Load Balancer service, you should call the following command:
or2ms –p project -r region -s load-balancer --activate
The command runs a Maestro stack that creates and configures a Load Balancer VM. A project can have
only one Load Balancer.
15.6.2 Load Balancer Configuration
All the Load Balancer configuration actions are performed with or2-load-balancer-config (or2lbconf)
command.
The command deals with four configuration areas, each having its own set of properties or properties
behavior:
• Balancing – this area deals with Load Balancer Server, balancing members, the details on the
balancer connections.
• Limits – this area deals with the user connections and requests limits
• Bans – this area allows to ban specific URLs or user IPs
• Cache – this area allows to set up Load Balancer caching
When calling a command, you need to specify one configuration area and the necessary relative
parameters.
When used with --project and –region parameters only, the command displays the list of the configuration
settings applied to the Load Balancer.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 164
CLI Parameters
Parameter name Description Required G
enera
l -p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-P, --plain-output Use plain output view No
--json Show command output in json format No
--full Show full command output No
--help Display command help No
Bala
ncin
g
-b, --balancing Specifies the configuration area as “balancing” Yes/No
--balancerName FQDN of the Load Balancer No
-i, --instance The ID of the instance to be added or removed from the balancing members list
No
--port The port to route to. Default: 80 No
--permanent Enable/Disable “keep alive” feature: Nginx will open the specified number of connections with each host [0…]. Default 0.
No
--iphash Enable/disable “sticky session” [on/off] Default: on No
-d, --remove Remove a host from the balancing members list No
--removeAll Remove all hosts from the balancing members list No
Lim
its
-l, --limit Specifies the configuration area as “limit” Yes/No
--connections Specifies that the number of allowed simultaneous user connections should be set
No
--requests Specifies that the limit of requests per second should be set No
--perIp Sets the connections or requests limit for a given IP (set 0 to remove the limit)
No
--total Sets the connections or requests limit for the whole balancer No
Bans
--ban Specifies the configuration area as “ban” Yes/No
--ip Adds IP address to the ban list. Format: xxx.xxx.xxx.xxx No
--url Sets the URL to return failure status code No
--status Set status code for URL to return (Default: 403 Forbidden) No
--remove Removes ban from IP or URL No
--removeAll Removes all bans No
Cache
--cache Specifies the configuration area as “cache” Yes/No
--url Sets the URL to cache No
--extension Sets the extensions of files to be cached No
--expiration Sets the cache expiration time (in minutes) No
--remove Removes caching files or URLs No
--removeAll Disables caching No
Response Elements
Name Description
Area The name of the configured area
Item The type of manipulated item
Value The description of the performed operation
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 165
15.6.3 Configure Balancing
General balancing settings are set with the --balancing flag of the or2lbconf command followed by next
parameters:
--balancerName <string> - FQDN of the Load Balancer
--instance <string> - instance id to add
--port <number> - (80 by default) the port to route to
--permanent <number> - the number of connections to keep alive with hosts within balancing, 0
turns off the feature
--iphash <on/off> - enable/disable "sticky session" on the Load Balancer
--remove <nothing> - removes instance from load balancing
--removeAll <nothing> - clears load balancing group
Below, you can see a set of command examples:
or2lbconf --balancing --instance <instance1> - adds instance1 to the
balancing group
or2lbconf --balancing --instance <instance1> --port 2752 - changes the port
of instance1 to 2752
or2lbconf --balancing --remove --instance <instance1> - removes instance1
from group
or2lbconf --balancing --permanent 10 - enables feature: caches 10 connections
to hosts
Response Example:
Figure 116 - or2lbconf –-balancing Response Example
15.6.4 Configure Limits
You can set up the balancer limits with the --limit flag of the or2lbconf command followed by the next
parameters:
--connections <nothing> - configures connection limits (number of allowed simultaneous
connections)
--requests <nothing> - configures request frequency limits (number of allowed requests per second)
--perIp <number> - sets limit per client IP (0 to turn off)
--total <number> - sets limit for the balancer (0 to turn off)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 166
The examples of the limits configuration are given below:
or2lbconf --limit --requests --total 50 - sets maximum requests per second to
balancer to 50
or2lbconf --limit --connections --perIp 10 --total 50 - sets maximum connections
from a unique IP to 10 and the overall maximum connections to balancer - to 50
Response Example:
Figure 117 - or2lbconf –-limit Response Example
15.6.5 Configure Bans
The balancer bans are set with the --ban flag of the or2lbconf command followed by the next parameters:
--ban <nothing> - configure bans
--ip <xxx.xxx.xxx.xxx> - add IP address to ban list
--url <string> - set URL to return failure status code
--status <number> - (403 Forbidden default) set status code for URL to return
--remove <nothing> - removes ban from IP or URL
--removeAll <nothing> - removes bans on IPs or URLs
or2lbconf --ban --ip 123.456.7.8 - adds 192.168.1.1 to banlist
or2lbconf --ban --url /maestro/ - sets /maestro/ to return 403 Forbidden status
or2lbconf --ban --url /maestro/ --status 404 - sets /maestro/ to return 404 Not
found
or2lbconf --ban --remove --ip 192.168.1.1 - removes 192.168.1.1 from IP banlist
or2lbconf --ban --removeAll --ip - clears IP banlist
Response Example:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 167
Figure 118 - or2lbconf –-ban Response Example
15.6.6 Configure Cache
The caching settings are set with the --ban flag of the or2lbconf command followed by the next parameters:
--cache <nothing> - configure caching
--url <string> - the URL to cache
--extension <string> - extensions of files to cache
--expiration <number> - sets cache expiration time (in minutes)
--remove <nothing> - removes caching files or URLs
--removeAll - disables caching.
or2lbconf --cache --url /images/ --expiration 10 - enables caching on /images/
with 10 minutes expiration
or2lbconf --cache --url /images/ --remove - removes /images/ caching
or2lbconf --cache --extension jpg --extension gif --expiration 30 - enables
caching on all ".jpg" and ".gif" files with 30 minutes expiration
or2lbconf --cache --removeAll - disables caching at all
Response Example
Figure 119 - or2lbconf –-cache --url --expiration Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 168
15.6.7 Describe Load Balancer Members
Invoke: or2-describe-load-balancing (or2dlb)
The command shows the list of the hosts (instance IDs) in the Load Balancer group and their availability.
The instance reported as AVAILABLE is running and it is possible to connect to it via the port defined in
configuration.
The instance reported as UNAVAILABLE is not running or cannot be connected via HTTP.
CLI Parameters
Parameter name Description Required
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output view. No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
host The Instance ID of the host in group
port The port used to connect to the host
availability Service availability status
description The description of the current host state
Command Example:
or2dlb –p project -r region
Response Example
Figure 120 - or2dlb Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 169
15.7 FTP TO AWS S3 SERVICE
FTP to AWS S3 service is the first stage of the new data management service which is currently under
development. It is implemented as FTP access to AWS S3 buckets, and includes the respective Maestro
CLI commands.
The service can be used in AWS regions only.
The default parameters of an FTP Server Instance are:
• Shape: SMALL
• Image: Ubuntu14.04_64-bit
15.7.1 Service Activation
To activate Backup as a Service, use the or2-manage-service (or2ms) command with the -a/--activate
flag and the -s/--service-name parameter with backup value. The -k key_name parameter is also
necessary, as for any instance in AWS:
or2ms –p project -r aws-region -a –s backup -k key_name
When the service is activated, it runs a VM with the following parameters:
• Shape: SMALL
• Image: Ubuntu14.04_64-bit
To deactivate the service, run the same command with the -d/--deactivate flag:
or2ms –p project -r aws-region -d –s backup
15.7.2 S3 Buckets Management
Invoke: or2-manage-ftp (or2ftp)
The command is used to make existing S3 buckets available via FTP.
CLI Parameters
Parameter name Description Required
-a, --action FTP management action [list, mount, unmount]. Default: list No
-b, --bucket Bucket name
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
name The name of the bucket
Command example:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 170
The command below adds a bucket_name bucket to the service:
or2ftp –p project –r aws_region -a mount -b bucket_name
Command response:
Figure 121 - or2ftp Response Example
15.7.3 Providing Access to Users
Invoke: or2-ftp-access (or2ftpa)
The command allows to grant and prohibit access to FTP to S3 for a specific user:
CLI Parameters
Parameter name Description Required
-a, --action FTP management action [list, grant, revoke]. Default: list No
-e, --email User email No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
Login User login name
Enabled The flag indicating whether user access is enabled
Command example:
The command below allows the user_name user access the FTP server:
or2ftp –p project –r aws_region -a grant -e [email protected]
Command response:
Figure 122 - or2ftpa Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 171
15.8 OPENSHIFT AS A SERVICE
OpenShift is a platform as a service for container management, using Docker containerization and
Kubernetes orchestration tools. The service allows to deploy the necessary environments in container-
based infrastructure, without need to look for higher hardware capacities.
In EPAM Cloud, OpenShift can be deployed to virtual instances.
Currently, we strongly recommend to run the service in EPAM-BY2 region, where it can perform in a stable
and reliable manner.
OpenShift as a Service is based on Ansible configuration management solution, thus it is recommended to
use Linux-based workstations to set up the service. Due to Ansible limitations, the service cannot be run
from Windows workstations
OpenShift as a Service needs additional actions to be performed on your workstation and service instances.
Please find the details in the OpenShift as a Service Configuration Guide.
15.8.1 Service Activation
The service activation starts with creating a cluster of pre-configured VMs. To do it, call the following
command:
or2ms -p project -r region -a -s open-shift -v 3.7 -k key_name
The command launches four LARGE CenOS 7 64-bit instances, each with additional 30GB storage volume.
15.8.2 OpenShift Configuration
Invoke: or2-openshift-client (or2osc)
The command integrates Ansible client with Maestro CLI, and configures the wildcard for OpenShift.
CLI Parameters
Parameter name Description Required
-a, --action OpenShift client preparing actions [install, configure] Yes
--full Show full command output instead of default basic one No
--json Show command output in json format No
-P, --plain-output Use plain output instead of default table output No
-p, --project Project abbreviation in UPSA No
-r, --region Virtualization region No
-w, --wildcard Automatic command confirmation (for the terminate action) No
The command response consists of action logs and, for wildcard configuration, host details.
Response Elements
Name Description
hostId The ID of the host in the OpenShift cluster
dnsName The DNS name of the host in the OpenShift cluster
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 172
Response Elements
ipAddress The IP address of the host in the OpenShift cluster
role The host role in the OpenShift cluster
Command Example 1:
This example installs Ansible client that will be used to configure the service VMs
or2osc -a install
Command Response 1:
Figure 123 - or2osc Command Response Example
Command Example 2:
This example configures the wildcard for OpenShift (should be used only after the wildcard record is created
in the DNS server):
or2-openshift-client -a configure -p project -r region -w wildcard
Figure 124 - or2osc Command Response Example for Wildcard Setup
15.9 DOCKER SERVICE
Orchestrator provides its users with Docker facilities that can be accessed as an EPAM Cloud service. The
Docker Service allows to create a node hosting a set of containers that share the node resources but are
independent in manipulation. This allows to distribute the resources of one VM (node) effectively, minimize
the infrastructure costs and facilitate its monitoring.
The default parameters of a Docker node VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 173
Docker as a product is an open-source engine for automating applications deployment inside software
containers. This section describes how Docker is integrated into Cloud and the ways it can be used in this
context. To find out more details on Docker as a product, please visit the Official Docker Web-Site.
Integration with Docker 1.9 and Docker Swarm 1.0.0 is supported.
15.9.1 Starting the Service
As Docker uses multiple clusters, all Docker-related commands should specify the cluster name as the -
c or -cn parameter.
To start the service, call the following command:
or2ms –p project -r region -s docker –c cluster_name --activate
The default VM shape is MEDIUM. You can use the --shape parameter to specify another one.
You can run Docker service in the dedicated EPAM-DKR region, which is based on OpenStack (kilo) and
is exclusively designed for Docker usage. In this case, the Docker VMs will have CoreOS guest OS. For
more details on the region, see this section.
The command runs a Maestro Stack that creates and configures a Docker Master VM. Docker Master will
later be used as an entry point to the Docker Cluster, and will allocate the requested containers
automatically to the nodes that have lower load.
Docker Master VM is also used as a node VM that hosts containers. If you need a new node to be added
to your Docker cluster, just repeat the or2-manage-service command.
To make the containers within the created node accessible only with SSH key, add the --key-name property
in the or2-manage-service command. The Property should be followed by the name of an SSH key,
previously created by or2-create-keypair command.
To remove a node, use the or2ms command with --deactivate and -i parameters. The -i parameter
specifies the ID of the node to be stopped.
When a service is activated, two default containers (skydoc and skydns) are automatically started.
These containers are engaged in dynamic assignment of names within the node VM. The containers IP
addresses can change during the node performance, but to establish a reliable connection between
containers, you can use the containers Full Qualified Domain Names (FQDN), that are to be composed
according to the following rules:
<container_name>.ubuntu_epc.docker.local
The container name is retrieved by the or2dd command described below.
15.9.2 Docker Container Images
Invoke: or2-docker-image (or2di)
The command is designed to manipulate the Docker Swarm images available on node VMs for container
creation.
CLI Parameters
Parameter name Description Required
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 174
-a, --action Docker image action [describe, push, pull, commit, delete].
Default: describe. No
-c, --container Container ID. Mandatory for the commit action Yes/No
-cn, --cluster-name Cluster name Yes
-dr, --docker-registry
Docker registry instance ID. If not specified, the command
will pull the image from the public Docker Registry
(https://index.docker.io)
No
--full Show full command output instead of default basic one.
Default: false No
--help Display command help. Default: false No
--force Force delete Docker image. Default: false
-i, --image-id Image ID No
-m, --message Commit message (will be seen only on direct API
“containers/inspect” call) No
-n, --name Image name No
-ns, --namespace Private Docker Registry namespace No
-nt, --new-tag-name Private Docker Registry Tag Name No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --repository Private Docker Registry Repository name No
-t, --tag Image tag. Default: latest No
-y Provide this parameter for automatic command confirmation.
Default: false No
The command response consists of two parts: a string describing the action performance result and the
container details.
Response Elements
Name Description
host Host name of the parent hypervisor
id Image ID
name Image name
tag Image tag
Command Example 1:
This example returns the list of available images:
or2di -p project -r region –cn cluster_name
Command Response 1:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 175
Figure 125 - or2di Command Response Example
Command Example 2:
This example creates an image from the specified container:
or2di -p project -r region -a commit -c container_id -n image_name -t
image_tag –cn cluster_name
Command Response 2:
Figure 126 - or2di -a Commit Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 176
15.9.3 Manipulating Containers
Invoke: or2-docker-container (or2dc)
The containers are manipulated with the or2-docker-container command. The command allows to run,
terminate, start and stop the containers.
Manipulating containers, including creating new ones, takes only seconds.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
-i, --image Docker image to use for run command. The full image name <name:tag> of Docker image ID is required
No
-c, --container Docker Container name or ID No
-cn, --cluster-name Cluster name Yes
-cmd, --command Specifies a command that will be run on a new Docker container after its start
No
-a, --action Docker container action [run, terminate, start, stop, describe]. Default: DESCRIBE
No
-t, --tcp
TCP container ports mapping FROM (Host port) : TO (Container port.) Multiple values could be separated with commas without spaces. Used on a container run action. Example: -t 4857:22,5541:80
No
-u, --udp
UDP container ports mapping FROM (Host port) : TO (Container port.) Multiple values could be separated with commas without spaces. Used on a container run action. Example: -u 4857:22,5541:80
No
-v, --volume Docker volume binding. Allowed formats: ["/host/dir:/container/dir", "container-name:/container/dir", ":/container/dir"]
No
-y Automatic command confirmation (for the terminate action) No
The command response consists of two parts: a string describing the action performance result and the
container details.
Response Elements
Name Description
host The host on which the container is running
containerName The automatically created name of the container
containerId The ID of the created container
status The container status
portMappings Container port mappings
image Docker image to use for run command
command The command that will be run on a new Docker container after its start
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 177
Command Example:
This example lists the existing Docker containers:
or2dc -p project -r region –cn cluster_name
Command Response:
Figure 127 - or2dc Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 178
15.9.4 Manipulating Volumes
Invoke: or2-docker-volume (or2dv)
The Docker Swarm volumes are manipulated with the or2-docker-volume command. The command
allows to create, delete and describe Docker Swarm volumes.
CLI Parameters
Parameter name Description Required
-a, --action Docker volume action [describe, create, delete]. Default value: describe
No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
-cn, --cluster-name Cluster name Yes
-v, --volume Volume name No
-y Automatic command confirmation. Default value: false No
Response Elements
Name Description
host The host on which the volume is mapped
id Volume ID
name Volume name
driver Volume driver
mountPoint Host directory to which the volume is mapped
Command Example 1:
The following command creates a Docker volume:
or2dv -p project -r region -a create –cn cluster_name –v volume
Command Response 1:
Figure 128 - or2dv Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 179
Command Example 2:
The following command deletes the specified Docker volume:
or2dv -p project -r region -a delete –cn cluster_name –v volume
Command Response 2:
Figure 129 - Docker volume deletion
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 180
15.9.5 Creating a Docker Registry
Invoke: or2-manage-service (or2ms)
To create a Docker registry, use the command with the -s docker-registry parameter.
This command runs a new VM on which the registry will be hosted. The VM has SMALL shape and is
based on Ubuntu14.04_64-bit image.
Command Example:
This example shows the Docker registry creation:
or2ms -p project -r region –s docker-registry -a
Command Response:
Figure 130 – Docker registry creation
15.9.6 Manipulating Registry Images
Invoke: or2-docker-registry-image (or2dri)
The command is used to describe and manage images within a specified registry.
CLI Parameters
Parameter name Description Required
-a, --action The action to be taken [describe, delete]
Default: describe No
-q, --query Create a query to filter certain images by string No
--full Show full command output instead of default basic one No
--help Display command help No
-dr --docker-registry
Docker registry instance id. If not specified, will show all
images from each Docker registry on the project. For several
docker registries repeat the parameter: -dr dockerRegistry1 -
dr dockerRegistry2 -dr dockerRegistryN.
No
-ns, --namespace Private Docker Registry namespace No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --repository Repository name No
-t, --type Docker Registry type. Allowed values: [public, private].
Default: private No
-y Automatic confirmation No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 181
When used with the -a delete action, the command removes the registry with ALL images existing in it.
Response Elements
Name Description
stackName The name of the stack used to create a Docker registry
stackId The ID of the stack used to create a Docker registry
status Registry stack status
Command Example 1:
This example shows the list of the images on a specified Docker registry:
or2dri -p project -r region -dr docker_registry_id -a describe
Command Response 1:
Figure 131 - or2dri -a describe Response Example
Command Example 2:
This example deletes a repository from Docker registry:
or2dri -p project -r region -dr docker_registry_id -R repository
-a delete
Command Response 2:
Figure 132 - or2dri -a delete Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 182
15.9.7 Docker Service Info
Invoke: or2-describe-docker (or2dd)
The command gives the list of existing Docker elements and their details.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-cn, --cluster-name Cluster name Yes
--help Display command help No
-t, --type Docker Type [cluster, nodes]. Default: nodes No
The command response for the Docker description includes the same elements as those returned by the
or2-describe-instances command.
In one command call, you can either get the description of the Docker service and the list of the existing
nodes or the details of the specified container.
Response Elements
Name Description Described
Element
instanceId The ID of the Docker node
Docker
dnsName Docker node DNS
privateIp Docker node privateIp
state The current state of the Docker node
CPU The number of CPU in the node VM
memory The RAM volume in the node VM
description The node description
containerId The Id of the container
Node/
Container
containerName The automatically assigned name of the container
status The current status of the container
sshPort SSH port to be used to connect to the container
portMappings The port mappings of the container
image The image used to run the Container
command The command to be executed on the container start
filters Filters to display the host
strategy Balancing strategy
nodesCount Number of nodes in the cluster
containersCount Number of containers in the cluster
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 183
Command Example 1:
This example shows the Docker service description example:
or2dd -p project -r region –cn cluster_name
Command Response 1:
Figure 133 - or2dd Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 184
15.10 KUBERNETES AS A SERVICE
Kubernetes is an open-source container management platform delivered by Google.
Kubernetes as a Service is used to manage, schedule and run containerized applications created by various
container engines, such as Docker or rkt. One or more containers to be managed as a single application
are grouped into ‘pods’ which will be running on clusters of virtual machines.
Within a cluster, one virtual machine functions as a master node consisting of a stateless API server,
scheduler and controller manager. Additionally, the master node includes an etcd key-value store for data
storing in the cluster. The master node manages the workload and provides communication within the
cluster through the API server. Other virtual machines are worker nodes subordinate to the master.
For more details on Kubernetes, please visit the Official Kubernetes Website.
15.10.1 Starting the Kubernetes Service
Kubernetes as a Service can only be activated in OpenStack private regions. For a cluster proper
configuration, you need to activate Kubernetes Master and at least one worker (UI Dashboard, Proxy,
Addons for DNS).
To start the Kubernetes Service, use the or2-manage-service (or2ms) command with the following
parameters:
or2ms -p project -r region -s kubernetes –c cluster_name -k key_name --
activate
To start the service as a Kubernetes master, run the command with the -s (--service) parameter containing
‘kubernetes’ or ‘kubernetes-master’. To start the service as a Kubernetes worker, run the command with
the -s (--service) parameter containing ‘kubernetes-worker’.
or2-manage-service -p project -r region -s kubernetes-worker –c cluster_name
-k key_name --activate
You can activate a worker node only if a master node has already been activated in the same cluster.
If you need a new node to be added to your Kubernetes cluster, just repeat the or2-manage-service
command.
By default, Kubernetes nodes are LARGE-shaped VMs with CoreOS_1632_64-bit operating system.
To stop the service, use --deactivate and –i instance_id to deactivate nodes one by one, with the
Kubernetes Master being deactivated the last.
You can start more than one Kubernetes cluster for the same project and region. To login in every instance
in the cluster, use the following user with the private SSH key with which you activate the service:
User: Core
15.10.2 Kubernetes Info
To view the list of the existing Kubernetes nodes and their parameters, run the or2-describe-services
(or2dser) command specifying your project and region:
or2dser -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 185
Figure 134 - List of Kubernetes nodes (shown in two lines for better visibility)
15.10.3 Kubernetes Pods Management
Invoke: or2-kubernetes-pods (or2kp)
The command returns the list of Kubernetes pods in the specified cluster and their state.
CLI Parameters
Parameter name Description Required
-a, --action Kubernetes pods action. Allowed values: [describe]. Default:
DESCRIBE No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-cn, --cluster-name Cluster name Yes
--help Display command help No
Response Elements
Name Description
nodeName Name of the Kubernetes node
name Name of the Kubernetes pod
phrase Kubernetes pod state
startDate Kubernetes pod start date
Command Example:
or2kp -p project -r region –cn cluster_name
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 186
Command Response:
Figure 135 - or2kp Command Response
15.10.4 Kubernetes Namespaces Management
Invoke: or2-kubernetes-namespaces (or2kns)
The command returns the list of Kubernetes namespaces in the specified cluster and their state.
CLI Parameters
Parameter name Description Required
-a, --action Kubernetes namespaces action. Allowed values: [describe].
Default: DESCRIBE No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-cn, --cluster-name Cluster name Yes
--help Display command help No
Response Elements
Name Description
name Kubernetes namespace name
phrase Kubernetes namespace state
Command Example:
or2kns -p project -r region –cn cluster_name
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 187
Command Response:
Figure 136 - or2kns Command Response
15.10.5 Kubernetes Services Management
Invoke: or2-kubernetes-services (or2ks)
The command describes the Kubernetes services in the specified cluster.
CLI Parameters
Parameter name Description Required
-a, --action Kubernetes service action. Allowed values: [describe]. Default:
DESCRIBE No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-cn, --cluster-name Cluster name Yes
--help Display command help No
Response Elements
Name Description
name Kubernetes service name
type Kubernetes service type
Command Example:
or2ks -p project -r region –cn cluster_name
Command Response:
Figure 137 - or2ks Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 188
15.10.6 Kubernetes Replication Controllers Management
Invoke: or2-kubernetes-replication-controllers (or2krc)
The command describes the Kubernetes replication controllers in the specified cluster.
CLI Parameters
Parameter name Description Required
-a, --action Kubernetes replication controller action. Allowed values:
[describe]. Default: DESCRIBE No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-cn, --cluster-name Cluster name Yes
--help Display command help No
Response Elements
Name Description
name Kubernetes replication controller name
templatePodName Pod template name
generalReplicas The number of currently existing replicas
requiredReplicas The target number of replicas
readyReplicas The number of completed replicas
Command Example:
or2krc -p project -r region –cn cluster_name
Command Response:
Figure 138 - or2krc Command Response
15.10.7 Kubernetes Nodes Management
Invoke: or2-kubernetes-nodes (or2kn)
The command describes the Kubernetes nodes in the specified cluster.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 189
CLI Parameters
Parameter name Description Required
-a, --action Kubernetes node action. Allowed values: [describe]. Default:
DESCRIBE No
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-cn, --cluster-name Cluster name Yes
--help Display command help No
Response Elements
Name Description
name Kubernetes node name
ready Kubernetes node state
pods Number of pods in the node
cpu CPU count
memory Memory size
Command Example:
or2kn -p project -r region –cn cluster_name
Command Response:
Figure 139 - or2kn Command Response
15.10.8 Using the Service
When the Kubernetes service is activated, you can use it via the native command line interface, kubectl,
which is automatically available on the master virtual machine on which Kubernetes is activated.
For other machines, download the kubectl executable and install it.
For more details on using kubectl, on the available commands, syntax and parameters, refer to the kubectl
Overview page of the official Kubernetes website.
Additionally, the Kubernetes service has a web UI which is automatically available as soon as the service
is activated in the cluster. It is accessible via a URL over the https connection. The Web UI URL can be
found from the Kubernetes node details returned by the or2dser command.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 190
15.11 HADOOP DATA PLATFORM SERVICE
EPAM Cloud provides Hadoop capacities that can be used by developers to test and debug their Hadoop
jobs before running them on production.
EPAM Cloud Hadoop Data Platform Service is based on Hortonworks Hadoop Distribution v.2.
15.11.1 Starting the service
To start the Hadoop service, run the or2-manage-service (or2ms) command with --activate (-a), --
service-name (-s) hadoop and other necessary flags:
or2ms -p project -r region -a -s hadoop -l slaves -h shape
where:
-l (--hadoop-slave-count) specifies the number of Hadoop slave machines that will be run (1 by
default, if the property is not specified)
-h (--shape) specifies the instance shape for Hadoop slave machines (MEDIUM by default, if the
property is not specified)
You can also use the -k (--key-name) option to specify the SSH key for all the created resources.
The service when activated, by default starts the following virtual machines:
VM Role OS Shape Number
Hadoop Client Ubuntu 12.04 x64 SMALL 1
Hadoop Resource Manager Ubuntu 12.04 x64 MEDIUM 1
Hadoop Name Node Ubuntu 12.04 x64 MEDIUM 1
Hadoop Slave Ubuntu 12.04 x64 MEDIUM (alterable with -h parameter
1 (alterable with -l parameter
To check whether Hadoop has started properly, you should login to the client and run a test job. The cluster
is ready to work if the test job is performed without issues.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 191
15.11.2 Retrieving Hadoop Information
Invoke: or2-describe-hadoop (or2dh)
The command gives the list, the states and the DNS names of existing Hadoop resources.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
--help Display command help No
Response Elements
Name Description
instanceID The ID of a Hadoop resource
dnsName The DNS name of a Hadoop resource
privateIP The private IP address of a Hadoop resource
state The current state of a Hadoop resource
shape The shape of a Hadoop resource
description The description of a Hadoop resource that gives information on its Hadoop role
Command Example
This example shows the common case of describing the Hadoop service on a project.
or2dh -p project -r region
Response Example
Figure 140 - or2-describe-hadoop Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 192
15.11.3 Manipulating Slaves and Clients
Invoke: or2-manage-hadoop (or2mh)
The command allows to create and remove Hadoop resources
CLI Parameters
Parameter name Description Required
-a, --add Add resource (default: false) No
-c, --count New resources count (default: 1) No
--full Show full command output No
--help Display command help (default: false) No
-k, --key-name Project SSH key name. Can be specified for Hadoop resources
access No
-P, --plain-output Use Plain Output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-m, --remove Remove resource (default: false) No
-s, --resource Hadoop resource type [client, slave] Yes
-h, --shape Instance type for the new resources No
-y Automatic operation confirmation (default: false) No
Response Elements
Name Description
stackName The name of the stack used to execute the specified operation
stackId The ID of the stack used to execute the specified operation
status The status of the stack used to execute the specified operation
Command Example
This example shows the common case of stopping an instance.
>or2mh -p project -r region -a -c 5 -s slave
Response Example
This example shows the response for the or2mh -a -s slave command:
Figure 141 - or2-manage-hadoop Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 193
15.11.4 Running Jobs
To run a Hadoop job, you have to connect to the Hadoop Client you want to use. To connect, use the DNS
name retrieved by the or2dh command and the following credentials:
• User: hdfs
• Password: user
When connected to the Client, run the following command on it:
hadoop jar job_path [job parameters]
Where:
• job_path stands for the path to the .jar file describing the Hadoop job
• job_parameters stands for the list of the parameters that can be accepted by the current job
Each Hadoop client has a set of pre-installed demo jobs you can run to check how the service works. For
example, the command below will call the job with a program that is intended to calculate the Pi number:
hadoop jar /usr/lib/hadoop-mapreduce/hadoop-mapreduce-examples-
2.4.0.2.1.5.0-695.jar pi 10 20
Here,
• pi specifies the name of a valid program available within the specified job
• 10 stands for an integer specifying the number of mappings
• 20 stands for an integer specifying the number of samples per map.
You can also see the other examples in the /usr/lib/hadoop-mapreduce/ folder.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 194
15.12 AMBARI AS A SERVICE
Apache Ambari is an open operational framework that provides a set of APIs and operator tools that simplify
the manipulations with Hadoop clusters.
Ambari as a Service creates an Ambari server for your project, sets up a cluster and provides the existing
Ambari facilities for processing Big Data.
Ambari as a Service is based on Hortonworks Ambari 2.2.0.
Ambari as a Service is delivered in cooperation with Big Data Competency Center, who are responsible
for the application initial settings and performance. In case you encounter any issues with the service
usage, please address the Big Data CC.
15.12.1 Starting the service
To start the Ambari service, run the or2-manage-service (or2ms) command with --activate (-a), --service-
name (-s) ambari and other necessary flags:
or2ms -p project -r region -a -s ambari -c cluster_name -k key
where:
-c (--cluster-name) specifies the name for the newly created Ambari cluster
-k (--key-name) the SSH key name that will be used for all Ambari resources; necessary if you
used a key to run the service.
The service when activated, by default starts an Ambari server VM with the following configuration:
• OS: CentOS6_64-bit
• Shape: MEDIUM
To check whether Ambari has started properly, you should login to the server by the following address:
http://server_DNS:8080
The user/password are: admin/admin.
One project can have several Ambari servers activated.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 195
15.12.2 Setting up the Ambari Cluster
Invoke: or2-ambari-cluster (or2ac)
The command is used to set up an Ambari cluster for the project
CLI Parameters
Parameter name Description Required
-a, --action Ambari cluster action [describe, create, start, stop] Yes
-c, --cluster-name Ambari Cluster Name Yes
-f, --config-file Ambari cluster configuration file full path (for run action only) No
--full Show full command output instead of default basic one No
--help Display command help No
--key-name Project SSH key name. The default Ambari key will be used if
not specified. Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Provide this parameter for automatic command confirmation No
Response Elements
Name Description
stackName The name of the stack used to run the cluster
stackId The ID of the stack used to run the cluster
status the status of the stack used to run the cluster
Command Example
This example shows the common case of creating an Ambari cluster on a project.
or2ac -p project -r region -a create -c cluster_name -k key_name
Response Example
This example shows the response for the or2ac -p project -r region -a create -c cluster_name -k
key_name command:
Figure 142 - or2ac command Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 196
15.12.3 Retrieving Information on Ambari Resources
There are several ways to get the information on the resources engaged in Ambari Service:
To get the service availability, the name of the stack that launched the service and the details on the Ambari Server, use:
or2dser -p project -r region
To get the information on the resources created in the Ambari cluster, use the following commands:
or2dmsr -p project -r region -s cluster_stack_id
or
or2din -p project -r region -l “cluster_name=your_cluster_name”
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 197
15.13 SPLUNK AS A SERVICE
Splunk Enterprise is a big data management platform allowing to receive, analyze and process large
volumes of data. Splunk Enterprise collects data from various sources and turns it into Operational
Intelligence. Data gathered by Splunk can be searched, indexed, visualized, monitored and organized as
reports.
EPAM Cloud supports Splunk as a Service based on Splunk Enterprise 6.3.1.
For more information on Splunk products and usage, visit the official Splunk website.
Each Splunk or Splunk proxy server has the following configuration:
• Image: Ubuntu14.04_64-bit
• Shape: MEDIUM
15.13.1 Service Architecture
When Splunk as a Service is activated, it starts a virtual machine with a trial version of Splunk Enterprise
installed. This version allows using Splunk free of charge up to the limit of 500 Mb of data per day for 60
days. After 60 days, the trial license can be converted into a perpetual free license with the same conditions.
You can change the license from trial to free using Splunk Web.
Figure 143 - Changing Splunk license type
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 198
Several Splunk instances can be started for a project and region combination.
If necessary, a Splunk proxy server can also be created to manage data traffic from various endpoints.
When the Splunk proxy server is running, you can specify the endpoints from which traffic is to be managed
and set the quota to limit the traffic from a particular endpoint.
Several Splunk proxy servers can be created for a project and region.
15.13.2 Starting the service
Splunk as a Service is started by means of the or2-manage-service (or2ms) command. To activate the
service, send the command with the -a/--activate parameter and indicate splunk in the -s/--service-name
parameter:
or2ms -p project -r region –a –s splunk
When the service is activated, it starts a MEDIUM-shaped Ubuntu14.04_64-bit virtual machine.
When Splunk as a Service has been activated, its details data can be retrieved by means of the or2-
describe-services command.
15.13.3 Splunk Proxy
To start a Splunk proxy server, use the same command (or2-manage-service).
or2ms -p project -r region –a –s splunk-proxy
Once a Splunk proxy server has been activated, you can add and manage endpoints to limit traffic from.
For this purpose, a special command, or2-splunk-proxy (or2sp), is used:
or2sp -p project -r region -a create –n endpoint_name –i
splunk_instance –x proxy_instance –t port –q quota
CLI Parameters
Parameter name Description Required
-a, --action Splunk proxy action. Allowed values: [describe, create, delete].
Default: DESCRIBE No
-n, --endpoint-name Splunk Proxy endpoint name No
--full Show full command output instead of default basic one No
--help Display command help No
-i, --instance Splunk instance ID No
-x, --instance-proxy Proxy instance ID Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-t, --port Splunk port No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-q, --quota Splunk Proxy quota in Mb No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 199
Response Elements
Name Description
proxyURL Proxy URL
splunk URL Splunk URL
endpointName Name of the Splunk endpoint
maxQuota Maximum quota value set for the endpoint
currentQuota Currently used quota
Command Example:
This example describes Splunk proxy endpoints:
or2sp -p project -r region -a describe –x proxy_instance
Response Example:
Figure 144 - or2sp Command Response
15.13.4 Retrieving Splunk Information
As soon as the Splunk or Splunk proxy service is activated, its data can be retrieved using the or2-
describe-services (or2dser) command.
or2dser -p project -r region
To get the information on the resources created within the service activation use the or2-describe-
instances (or2din) command with -S splunk or splunk-proxy parameter:
or2din –p project -r region –S splunk
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 200
15.14 JENKINS AS A SERVICE
EPAM Orchestrator was initially created on the basis of the concept of CI/CD processes automation. EPAM
Orchestration is intended to deliver Cloud for developers, providing them with all the capabilities, necessary
to build effective CI/CD processes.
Jenkins as a service, when activated, installs Jenkins v.2.107.1 from scratch, installs all the necessary
plugins and starts collecting audit messages from Jenkins (this information becomes available on the Audit
page, without need to connect to Jenkins directly).
The default parameters of a Jenkins Server VM are:
• Shape: MEDIUM
• Image: Ubuntu16.04_64-bit
Please note that Jenkins as a service is unavailable in Google regions!
15.14.1 Starting the service
To start the Jenkins service, run the or2-manage-service (or2ms) command with --activate (-a), --
service-name (-s) Jenkins and other necessary flags:
or2ms -p project -r region -a -s jenkins -k key_name
where:
-k (--key-name) the SSH key name that will be used to run the service VM. The key is necessary for running
the service in AWS, and is not obligatory for Azure.
The service when activated, by default starts a Jenkins server VM with the following configuration:
• OS: Ubuntu16.04_64-bit
• Shape: MEDIUM
To create a Jenkins cluster, repeat the or2ms command to start Jenkins slaves. Repeat the command as
many times as you need slave instances. The Jenkins slave instances will have the same configuration as
the master instance (MEDIUM Ubuntu16.04_64-bit). All integrations between the master and the slaves will
be performed automatically.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 201
15.14.2 Creating a Jenkins Job
Invoke: or2-create-jenkins-job (or2cjj)
The command is used to create a new Jenkins Job.
CLI Parameters
Parameter name Description Required
-c, --config Path to the Job XML config file Yes
--full Show full command output instead of default basic one No
--help Display command help No
-j, --job Jenkins Job name Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--noaudit Do not use EPC audit No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
jobName The name of the created job
result Action result
Command Example:
This example shows a Jenkins job creation:
or2cjj -j "new job" -p project -r region --config [path to job XML config
file]*
*see the Configuration File Example page.
The or2cjj command verifies whether all required for the selected configuration are available. If one or
several plugins are missing, the job is not created, and the system returns an error message listing the
missing plugins:
Figure 145 - List of missing plugins
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 202
15.14.3 Jenkins Plugins Management
Invoke: or2-manage-jenkins-plugins (or2mjp)
The command is used to describe, install or uninstall Jenkins plugins.
CLI Parameters
Parameter name Description Required
-a, --action Manage Jenkins plugins action. Allowed values: [describe,
install, uninstall]. Default: DESCRIBE No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-n, --plugin-name Plugin short name, required for install/uninstall actions No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
name Jenkins plugin name
shortName Short name of the plugin
version Jenkins plugin version
Command Example:
This command describes the available Jenkins plugins:
or2mjp -p project -r region
Response Example:
Figure 146 - List of Jenkins plugins
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 203
To install or uninstall a plugin, send the same command with the -a/--action parameter set to “install” or
“uninstall”, respectively, and the plugin name:
or2mjp -p project -r region -a uninstall -n plugin-name
The command execution will be confirmed with a message that the plugin has been queued for installing
or uninstalling.
Figure 147 - Jenkins plugin uninstallation
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 204
15.14.4 Describing Existing Jenkins Jobs
Invoke: or2-describe-jenkins-jobs (or2djj)
The command is used to get the list of the existing Jenkins jobs.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-j, --job Jenkins job name No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
name Job name
lastBuildState The status of the last job build
currentBuildState The current state of the build if the job was triggered
url The job url
nextBuildNumber The number of the next build
Command Example:
This example shows the Jenkins jobs description:
or2djj -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 205
15.14.5 Triggering a Jenkins Job
Invoke: or2-trigger-jenkins-job (or2tjj)
The command is used to trigger one of the existing Jenkins jobs.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-j, --job Jenkins job name Yes
-t, --parameter
Used for parameterized job. Parameter name=value pair. Use
"=" as delimiter. For several parameters repeat: --parameter
name1=value1 --parameter name2=value2 –parameter
nameN=valueN. If you use Windows command line, encase
the –t parameter in quotes i.e. "name=value".
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Response Elements
Name Description
jobName The name of the created job
result Action result
Command Example:
This example shows the Jenkins jobs triggering:
or2tjj -p project -r region -j “tewt”
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 206
15.14.6 Removing a Jenkins Job
Invoke: or2-remove-jenkins-job (or2rjj)
The command is used to remove one of the existing Jenkins jobs.
CLI Parameters
Parameter name Description Required
--full Show full command output instead of default basic one No
--help Display command help No
-j, --job Jenkins job name Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-y Provide this parameter for automatic confirmation No
Response Elements
Name Description
jobName The name of the created job
result Action result
Command Example:
This example shows the Jenkins jobs triggering:
or2rjj -p project -r region -j “tewt”
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 207
15.14.7 Configuration File Example
Below, you can find an example of an XML configuration file to be used during the Jenkins job creation.
<?xml version='1.0' encoding='UTF-8'?>
<project>
<actions/>
<description></description>
<keepDependencies>false</keepDependencies>
<properties/>
<scm class="hudson.scm.NullSCM"/>
<canRoam>true</canRoam>
<disabled>false</disabled>
<blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuild
ing>
<blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
<triggers/>
<concurrentBuild>false</concurrentBuild>
<builders>
<hudson.tasks.Shell>
<command>#!/bin/bash
echo "START"
sleep 15
echo "END"</command>
</hudson.tasks.Shell>
</builders>
<publishers/>
<buildWrappers/>
</project>
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 208
15.15 SONAR AS A SERVICE
Sonar as a Service is based on SonarQube, an open-source code quality inspection component. Together
with Jenkins and Gerrit, it forms a complete CI/CD environment.
Sonar as a Service supports SonarQube versions 5.2 and 5.6.
For more details on working with SonarQube, visit the official SonarQube website.
The table below provides the list of service-related commands and their descriptions.
Please note that Sonar as a Service is not supported in AWS-type regions.
15.15.1 Service Activation
To activate Sonar as a Service, use the or2-manage-service (or2ms) command with the -a/--activate flag
and the -s/--service-name parameter with sonar value:
or2ms -p project -r region -a –s sonar
By default, the service starts SonarQube version 5.6. To start version 5.2, add the -v/--version parameter
to the or2ms command:
or2ms -p project -r region -a –s sonar v 5.2
This command creates a Sonar server based on the virtual machine with the following parameters:
Image: Ubuntu14.04_64-bit
Shape: MEDIUM
During the service activation, a PostgreSQL database is installed on the same virtual machine.
To deactivate the service, run the same command with the -d/--deactivate flag:
or2ms –p project -r region -d –s sonar
15.15.2 Service Manipulation
As soon as the service gets activated, its data can be retrieved using the or2-describe-services (or2dser)
command.
or2dser –p project -r region –s sonar
Figure 148 – Sonar Service Info (shown in two lines for better visibility)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 209
You can find the details on the VMs created within the service activation, by calling the or2-describe-
instances (or2din) or command with -S sonar parameter:
or2din –p project -r region –S sonar
15.15.3 Sonar Quality Profiles
After activating Sonar as a Service, you can set up a Sonar quality profile for your project and populate it
with rules by which the code quality will be verified.
To set up a Sonar quality profile, use the or2-sonar-quality-profiles (or2sqp) command with the -a create
option. Specify the project and region to which the quality profile is to apply, the quality profile name and
the profile language:
or2sqp -p project -r region –a create –n profile_name –l language
CLI Parameters
Parameter name Description Required
-a, --action
Manage Sonar quality profiles action. Allowed values:
[describe, create, delete, activate-rules, deactivate-rules].
Default: describe
No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-l, --language Profile language. Allowed values: [java]. Default: java No
-n, --name Quality profile name No
-q, --quality-profile-key Quality profile key No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --rule-key Rule key. For several rules repeat the parameter: -R rule1 -R
rule2 -R ruleN No
-y Provide this parameter for automatic command confirmation.
Default: false No
Response Elements
Name Description
key Quality profile key
name Quality profile name
languageName Language to which the quality profile applies
defaultProfile Indicates whether the profile is the default one
activeRuelsCount The number of active Sonar rules
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 210
Command Example:
This example creates a Sonar quality profile:
or2sqp -p project -r region –a create –n profile_name –l language
Response Example:
Figure 149 – or2sqp Command Response
You can use the same command to retrieve the list of all quality profiles set for the project and region (just
send the -p project and -r region parameters) or delete a quality profile (send the -a delete parameter and
specify the key of the profile to be deleted).
To activate Sonar rules for a quality profile, use the or2-sonar-quality-profiles (or2sqp) command with
the -a activate-rules parameter. The command should contain one or several keys of the rules to be
activated:
or2sqp -p project -r region –a activate-rules –q quality_profile_key –R
rule_key1 –R rule_key2
Figure 150 - Rules activation for Sonar quality profile
The same command with the -a deactivate-rules parameter will deactivate the rules with the specified
keys.
15.15.4 Sonar Rules
To retrieve the Sonar rules from a repository or a quality profile, use the or2-sonar-rules(or2sr) command.
or2sr -p project -r region –R repository –n page_number
CLI Parameters
Parameter name Description Required
-a, --action Manage Sonar rules action. Allowed values: [search]. Default:
search No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 211
-n, --page-number Page number to retrieve. Min value: 1. Max value: 1000000.
Default: 1 No
-s, --page-size Page size. Min value: 10. Max value: 50. Default: 20 No
-q, --quality-profile-key Quality profile key No
-R, --repository Rules repository. For example: squid, common-java etc. No
-t, --tag Rule tag. For example: java8, security, bug etc. For several tags
repeat the parameter: -t tag1 –t tag2 -t tagN No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-R, --rule-key Rule key. For several rules repeat the parameter: -R rule1 -R
rule2 -R ruleN No
-y Provide this parameter for automatic command confirmation.
Default: false No
Response Elements
Name Description
key Sonar rule key
name Sonar rule name
severity Rule severity
Command Example:
This command retrieves Sonar rules from a repository:
or2sr -p project -r region –R repository –n page_number
Figure 151 – or2sr Command Response
To retrieve Sonar rules from a quality profile, send the -q quality_profile_key parameter instead of -R
repository.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 212
15.16 ARTIFACTORY AS A SERVICE
An artifact repository is one of the important components of the CI/CD flow storing artifact collections and
metadata. Artifactory as a Service is a cloud-based platform service which, together with Jenkins, Gerrit
and SonarQube, forms a consistent CI/CD environment.
Artifactory as a Service is based on Artifactory version 4.15.0. Each Sonar server has the following
configuration:
• Image: CentOS7_64-bit
• Shape: MEDIUM
• Additional storage: 300 GB
For more details on working with Artifactory, visit the official Artifactory website.
The table below provides the list of service-related commands and their descriptions.
Command Description or2-manage-service...-s artifactory -a Activates the Artifactory service in the specified project
and region
or2-describe-instances… -S artifactory Displays the details of VMs created during the service activation
or2-describe-services… -s artifactory Describes the Artifactory service activated in the specified project and region
15.16.1 Service Activation
To activate Artifactory as a Service, use the or2-manage-service (or2ms) command with the -a/--activate
flag and the -s/--service-name parameter with artifactory value:
or2ms -p project -r region -a –s artifactory
After the command is sent, the system requests an admin password. The password created by the user
starting the service is then used to access the Artifactory server. This is an additional security measure
protecting the repositories in the storage.
This command creates an Artifactory server with an additional storage volume.
All artifacts are stored on the additional disk. No root disk space is used for artifact storage which
guarantees reliable performance and availability.
To deactivate the service, run the same command with the -d/--deactivate flag:
or2ms –p project -r region -d –s artifactory
15.16.2 Service Manipulation
As soon as the service is activated, its data can be retrieved using the or2-describe-services (or2dser)
command.
or2dser –p project -r region –s artifactory
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 213
Figure 152 – Artifactory Service Info (shown in two lines for better visibility)
You can find the details on the VMs created within the service activation, by calling the or2-describe-
instances (or2din) or command with -S artifactory parameter:
or2din –p project -r region –S artifact
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 214
15.17 ADOBE AEM SERVICE
Adobe AEM service can provide your project with a web content management system, equipped with a
wide range of powerful tools. Integration with AEM versions 6.0 and 6.1 is supported.
The default parameters of an AEM instance are:
• Shape: MEDIUM
• Image: CentOS6_64-bit
The service is available only in EPAM and AWS regions.
AEM as a Service is delivered in cooperation with Content Management Competency Center, who are
responsible for the application initial settings and performance. In case you encounter any issues with the
service usage, please address the Competency Content Service Desk.
Most of AEM Service manipulations are performed via or2-manage-aem (or2aem) command (though it
can be started with the or2ms command with the -s aem parameter).
CLI Parameters
Parameter name Description Required
-a, --action
Manage AEM action [describe, activate-cluster, attach-publish,
deactivate-cluster, detach-publish]
Default: describe
No
-c, --cluster-name Name of the author AEM instance No
--force Allows to attach a publish instance even if the author is
unavailable No
--full Show full command output No
--help Show command help No
-i, --instance Instance ID for removal No
-k, --key-name Project SSH key name. Required for AWS zones Yes/No
-l, --license-url URL for downloading the AEM license No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-S, --service-id Service ID for removal No
-s, --shape Instance type. Default: MEDIUM No
-v, --version AEM service version. Supported versions: [6.0, 6.1]. Default: 6.0 No
-y Provide this parameter for automatic command confirmation No
Command response depends on the used action.
Command Example 1:
The example creates a new AEM cluster:
or2aem -p project -r region -a activate-cluster -c cluster_name
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 215
Command Response 1:
Figure 153 - or2aem -a activate-cluster Response Example
Command Example 2:
The example describes existing AEM service in a region:
or2aem -p project -r region
Command Response 2:
Figure 154 - or2aem -a describe Response Example
Command Example 3:
The example adds a new publish instance to the cluster:
or2aem -p project -r region -a attach-publish -c cluster_name
Command Response 3:
Figure 155 - or2aem -a attach-publish Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 216
15.18 SITECORE AS A SERVICE
Sitecore is a convenient and reliable platform for website content management and application
development based on the customer experience management approach. Sitecore is a comprehensive
marketing and CMS solution offering advanced tools for website editing, monitoring and organization. The
service is based on Microsoft .NET which allows taking advantage of all features and functionality supported
by this development platform.
EPAM Cloud offers Sitecore as a Service in the form of a virtual Sitecore server.
In the current implementation EPAM Cloud supports Sitecore.NET 8.1 (rev. 160302) version.
For more information on Sitecore and its features please visit the Official Sitecore Website.
15.18.1 Service Architecture
In EPAM Cloud, Sitecore as a Service is supported in two deployment modes – Sitecore Single and Sitecore
Large:
• Single Mode – one Windows Server 2012 R2 virtual machine is launched. This VM acts as the
Sitecore server and also hosts the MS SQL relational database management system and the
MongoDB database
• Large Mode – five VMs are launched, each performing its dedicated function:
1. Sitecore Server + MongoDB
2. MS SQL
3. Jenkins Master
4. Jenkins Slave
5. Load Balancer
Auto-configuration is performed by a combination of Chef service and Windows Powershell DSC, a native
Microsoft application and environment configuration tool. Such combination ensures the required
consistency and reliability of auto-configuration processes.
15.18.2 Single Mode
15.18.2.1 Service Activation
Sitecore in the Single Mode is activated via the Maestro CLI by means of the or2-manage-service (or2ms)
command with the -a/--activate flag and the -s/--service-name parameter with sitecore-single value:
or2ms –p <project> -r <region> -a –s sitecore-single
When you input the command, the command line will prompt for additional parameters:
• SSH key – the name of an SSH key existing in the target region. Skip to use no key
• Shape – skip to use LARGE as the default shape
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 217
The service, when activated, by default starts a Sitecore server VM with the following configuration:
• Image: Windows Server 2012 R2
• Shape: LARGE (also, the MEDIUM shape is available)
Sitecore service activation takes approximately 1 hour. You can be sure that the service has been properly
deployed and configured when the auto-configuration is complete (autoConfigurationState = SUCCESS).
You can start more than one Sitecore server for the same project and region.
To stop the service, use the or2-manage-service (or2ms) command with the --deactivate and -i
instance_id parameters.
Figure 156 - Sitecore service activation
15.18.2.2 Sitecore Info
To view the list of the existing Sitecore instances and their parameters, run the or2-describe-services
(or2dser) command specifying your project and region:
or2dser -p project -r region
Figure 157 - List of Sitecore instances
15.18.3 Large Mode
15.18.3.1 Service Activation
To activate Sitecore Large, use the or2-manage-service (or2ms) command. The value of the -s/--service-
name parameter depends on the role of virtual machine started by the command:
or2ms –p project_id -r region -a –s sitecore-dev-paas –c cluster –v 8.1
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 218
This command starts two VMs – a Sitecore server also containing MongoDB and a VM with MS SQL
installed. This is the minimum configuration for Sitecore service to function properly.
or2ms –p project_id -r region -a –s sitecore-ci-paas –c cluster –v 8.1
This command creates two VMs – Jenkins Master and Jenkins Slave to provide CI/CD.
or2ms –p project_id -r region -a –s sitecore-lb-paas –c cluster –v 8.1 --
customize
This command starts a VM serving as the Load Balancer. This VM may be required for clusters involving
several VMs.
Four VMs started under the Sitecore Large service (all except the VM hosting the Load Balancer) have the
following configuration:
• Image: W2012R2Std
• Shape: MEDIUM
The virtual machine serving as the Load Balancer has the following configuration:
• Image: Ubuntu16.04_64-bit
• Shape: SMALL
The command activating the Load Balancer requires custom parameters to be specified. For that purpose,
the or2ms command has to include the --customize option:
or2ms –s sitecore-lb-paas --activate -p project -r region –v 8.1 –c
cluster_name --customize
The following parameters are to be specified during the activation of Sitecore-LB:
Description Type Default Value Required
Stack ID string sitecore_stack_dev Yes
Environment string DEV Yes
The ‘Environment’ and ‘Stack ID’ parameters are mandatory for Sitecore-LB activation. They define how
the Sitecore cluster components will be linked. The values must be the same as those used in the Sitecore-
DEV service. To find the values, use the or2-describe-instance-properteis (or2getp) command and specify
the Sitecore server instance ID.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 219
Figure 158 - Sitecore-LB activation
You can start more than one Sitecore server for the same project and region.
To stop the service, use the or2-manage-service (or2ms) command with the --deactivate and -i
instance_id parameters. You have to deactivate all three components of the service.
15.18.3.2 Sitecore Info
To view the list of the existing Sitecore Large instances and their parameters, run the or2-describe-
services (or2dser) command specifying your project and region:
or2dser -p project -r region
Figure 159 - Sitecore Info (shown in two lines for better visibility)
To retrieve the list of all instances started under the Sitecore Large service, use the or2-describe-
instances (or2din) command:
or2din -p project -r region
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 220
Figure 160 - Sitecore instances info (shown in two lines for better visibility)
If you use the or2din command with the -S sitecore-dev[ci, lb]-paas parameter, the command will not
return all VMs started by the corresponding Maestro Stack. To retrieve data on all Sitecore-related VMs,
use the or2din command without specifying the -S parameter or use the or2-describe-maestro-stack-
resources (or2dmsr) command specifying the ID of the corresponding Maestro Stack.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 221
14.18 RELATIONAL DATABASE SERVICE
The Relational Database (RDB) service automatically creates a PostgreSQL/MySQL database entity for
your project. It is possible to create several entities within one project/region.
The RDB service is available only in EPAM regions.
The default parameters of the DB instance are:
• Shape: MEDIUM
• Image: Ubuntu14.04_64-bit
• Additional Storages: 3x100GB
The default image for MSSQL 2012 database is W2012R2Std.
The service is manipulated with the or2-manage-rdb (or2rdb) command with different --action/-a
parameter values (describe, install, remove):
CLI Parameters
Parameter name Description Required
-a, --action Manage RDB action [describe, install, remove] Default: describe
No
--assign-static-ip Specifies whether a static IP should be used on the DB instance (allowed in AWS only)
No
--use-sys-disk-size
An extended system disk instead of 3 attached additional 100GB storages. Allowed disk sizes: [100,200,300,500]. The extended system disk is available only for OpenStack regions, for MS SQL and MySQL databases.
No
-n, --db-name The name of the database. If not specified, will be generated automatically
No
-pwd,--db-password The password to be created to login to the created database. If not specified, a random one will be generated.
No
-d, --description The brief description of the database No
-s, --db-size Database size. Applicable for MS SQL with version 2014. Allowed values: [50, 100, 150]. Default: 100
No
-u, --user Name of the database user No
-f, --file-path The path to the init script file used for database configuration. No
--full Show full command output No
--help Display command help No
-k, --key-name Project SSH key name. Required for AWS zones Yes/No
-P, --plain-output Use plain output view No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
-S, --service-id Service ID (for service deactivation) No
-t, --type Relational database type [mysql,mssql, postgresql, oracle, mariadb]
Yes
-v, --version MS SQL service version. Allowed values: [2012, 2014]. No
-y Provide this parameter for automatic confirmation No
Please note that if you run the service with MS SQL 2014 database, the database instance will be created
on dedicated hardware servers, and will be billed according to the database storage volume size used. For
more details, see EPAM Cloud Services Guide, section 3.10.4: MS SQL With Guaranteed Capacities.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 222
The command response depends on the selected action.
Command example 1:
The example below describes existing RDB servers:
or2rdb -p project -r region
Response Example 1:
Figure 161 - the or2rdb [-a describe] Response Example
Command Example 2
This command starts a new RDB server:
or2rdb -p project -a install -t mysql -r region -u username -k keyname
-n db_name -f “D:\example\path.xml”
Command Response 2
Figure 162 - or2rdb -a install Response Example
Command Example 3
This command removes an RDB server:
or2rdb -p project -r region -a remove -S serviceId
Response Example 3:
Figure 163 - or2rdb -a remove Response Example
Command Example 4
This command starts a new RDB server with an extended system disk instead of 3 additional 100GB
storages:
or2rdb -p project -r region -a install -t type [-n db_name] -u db_username
[-pwd db_password] [-d description] [-f file_path] --use-sys-disk-size 200
Response example 4
Figure 164--use-sys-disk-size output example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 223
15.20 HYBRIS AS A SERVICE
Hybris is one of the world top commerce software platforms, which includes omni-channel commerce,
product information management, order management solutions, as well as remarketing tools and powerful
product search and promotion facilities (for more details, please refer to Hybris info page).
The Hybris platform is extensively used by the EPAM e-commerce team, for which purpose Orchestrator
offers an own solution of accessing Hybris with the Orchestrator tools. Currently, Hybris as a Service
supports Hybris version 6.2.
Hybris as a Service is based on materials provided by Hybris Competency Center, who are responsible for
the application initial settings and performance. In case you encounter any issues with the service usage,
please address the Hybris CC team.
15.20.1 Service Architecture
Hybris service can be provided in three configurations:
• SMALL, in which one CentOS7_64-bit LARGE machine with Hybris, MySQL and Apache Solr is
launched
• MEDIUM, in which three virtual machines are created with the following components:
o Hybris (CentOS7_64-bit, LARGE)
o MySQL (CentOS7_64-bit, MEDIUM)
o Apache Solr (CentOS7_64-bit, MEDIUM)
Figure 165 - Hybris MEDIUM configuration
• LARGE, in which six or more virtual machines are created. You can specify the number of Hybris
nodes required for your project during the service activation. In the minimum configuration, the
following VMs are started:
o Apache Web Server (CentOS7_64-bit, MEDIUM)
o 2 Hybris nodes (CentOS7_64-bit, LARGE)
o Apache Solr Master (CentOS7_64-bit, MEDIUM)
o Apache Solr Slave (CentOS7_64-bit, MEDIUM)
o MySQL with NFS (CentOS7_64-bit, MEDIUM)
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 224
Figure 166 - Hybris LARGE configuration
All nodes are gathered in one cluster and communicate with each other.
15.20.2 Service Manipulation
To activate Hybris as a Service, use the or2-manage-service (or2ms) command with the -a/--activate flag
and the -s/--service-name parameter with hybris value:
or2ms –p project -r region -a –s hybris
Optionally, you can add the -h/--shape parameter to the or2ms command to start all instances in the
MEDIUM or LARGE configuration with the same shape. The minimum available value of the -h/--shape
parameter is LARGE.
After the or2ms command execution, you will be prompted to enter custom parameters:
- Configuration (SMALL, MEDIUM or LARGE)
- Whether to install SPARK – a demo Hybris application. If you skip this parameter, only the Hybris
administrator console will be deployed
- Number of Hybris nodes to create (the minimum number is 2, the maximum is 10)
Figure 167 - Hybris activation
After the service has been activated, you can find its details in the response to the or2dser command. The
details of all VMs started during the service activation will be available in the response to the or2din
command with the -S hybris parameter.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 225
or2din –p project -r region –S hybris
Figure 168 - List of Hybris instances
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 226
15.21 MAGENTO AS A SERVICE
Magento is an open-source e-commerce platform allowing to quickly build unique shopping websites both
for the B2B and B2C industries. Now Magento is available for EPAM developers as a Cloud service based
on Magento 2.0.
Each Magento server has the following configuration:
• Image: CentOS7
• Shape: MEDIUM
For more details on Magento platform, visit the official Magento website.
15.21.1 Service Activation
To activate Magento as a Service, use the or2-manage-service (or2ms) command with the -a/--activate
flag and the -s/--service-name parameter with magento value:
or2ms –p project -r region -a –s magento
To deactivate the service, run the same command with the -d/--deactivate flag:
or2ms –p project -r region -d –s magento
15.21.2 Service Manipulation
As soon as the service gets activated, its data can be retrieved using the or2-describe-services (or2dser)
command.
or2dser –p project -r region –S magento
Figure 169 – Magento service info (shown in two lines for better visibility)
You can find the details on the VMs created within the service activation, by calling the or2-describe-
instances (or2din) or command with -S magento parameter:
or2din –p project -r region –S magento
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 227
15.22 ATG AS A SERVICE
Oracle ATG Web Commerce is an e-commerce platform widely used for creating and administering
commerce websites and managing their content.
With ATG Web Commerce, you receive unique flexibility of a multi-channel tool and the advantages of a
personalization engine.
For more details, visit the official Oracle ATG Web Commerce website.
In the current implementation EPAM Cloud supports ATG 11.2 version.
. Each ATG VM has the following configuration:
• Image: CentOS6_64-bit
• Shape: MEDIUM
The table below provides the list of service-related commands and their descriptions.
15.22.1 Service Architecture
When the service is activated, it starts two virtual machines each serving its dedicated purpose:
1. ATG server also containing an Endeca full-text search engine together with Experience Manager,
a JBoss application server (JBoss 6.1), Java 1.7
2. Oracle database server
To ensure correct performance, start a separate Jenkins Service and configure it to work with the two
above-mentioned instances.
VM 2: OracleDB
VM 3: Jenkins
VM 1: ATG
Figure 170 - ATG as a Service architecture
ATG as a Service is still under development. With the current implementation, you can obtain a ready-to-
use DEV/CI environment for ATG development. To achieve full functionality, you need to configure Jenkins
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 228
to get the working environment. In the next releases the Jenkins components will be finalized, after which
the fully functional ATG environment will be available after the service activation.
15.22.2 Service Activation
To activate ATG as a Service, use the or2-manage-service (or2ms) command with the -a/--activate flag
and the -s/--service-name parameter with atg-small value:
or2ms –p project -r region -a –s atg-small
Both virtual machines started under the ATG Service have the following default configuration:
• Image: CentOS6
• Shape: MEDIUM
15.22.3 Service Manipulation
As soon as the service gets activated, its data can be retrieved using the or2-describe-services (or2dser)
command.
Figure 171 – ATG service info
You can find the details on the VMs created within the service activation, by calling the or2-describe-
instances (or2din) command with -S atg-small parameter:
or2din –p project -r region –S atg-small
Figure 172 - ATG instance details
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 229
15.23 MESSAGING AS A SERVICE
The Messaging Service allows to set up a RabbitMQ server (v.3.1.5) for message exchange. The service
is similar to Amazon SQS and is available in EPAM regions only.
The default parameters of the instance are:
• Shape: MEDIUM
• Image: Ubuntu14.04_64-bit
15.23.1 Starting the service
To start the Messaging service, run the or2-manage-service (or2ms) command with --activate (-a), --
service-name (-s) messaging parameters:
or2ms -p project -r region -a -s messaging
The service when activated, starts a RabbitMQ server VM with the following configuration:
• OS: Ubuntu12.04_64-bit
• Shape: MEDIUM
15.23.2 Getting Tokens
EPAM Private Cloud provides a special entry point in the Messaging service that may be used for
communication between AWS SDK and the service.
In both cases, to use the service, you need to create a token that will be used to reach the RabbitMQ
server. The token is created by the or2-manage-service (or2ms) command with the --init-entry-point
flag:
or2ms –p project –r region –s messaging --init-entry-point
For each project-region combination, there should be a special token created. The token is stored in the
default.properties file, and has the following structure:
messaging.demopro.demoreg.access=http://service_VM_DNS:5673#token
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 230
15.23.3 Queues Manipulation
Invoke: or2-manage-queues (or2mq)
The command is used to create and manage queues within the Messaging service.
CLI Parameters
Parameter name Description Required
-a, --action The action to be taken [describe, create, purge, delete]
Default: describe No
--full Show full command output instead of default basic one No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-q, --queue-name Name of a queue No
-qp, --queue-name-prefix Queue name prefix (case-sensitive). Use for filtering the
results of the DESCRIBE action. No
-r, --region Virtualization region Yes
-v, --visibility-timeout Visibility timeout of a queue to be created (in seconds).
Should be in range [30, 43200]. Default: 30 No
-y Provide the parameter for automatic command confirmation No
Response Elements
Name Description
queueName The name of the queue
visibilityTimeout Queue visibility timeout
creationDate The date and time when the queue was created
created/purged/deleted Action execution status
messagesCount The number of messages in the queue
Command Example:
This example shows a queue creation:
or2mq –p project –r region –q queue_name –v 45
Command Response:
Figure 173 - or2mq -a create Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 231
15.23.4 Messages Manipulation
Invoke: or2-manage-messages (or2mm)
The command is used to create and manage messages within the Messaging service.
CLI Parameters
Parameter name Description Required
-a, --action The action to be taken [send, receive, delete]
Default: receive No
-c, --count The number of messages to retrieve [1-10] No
--full Show full command output instead of default basic one No
--help Display command help No
-m, --message-content
Content of a message to be send (maximum 256 KB in size).
Specify 'file:' prefix to retrieve content from the file on a disk.
For example: file:D:/message.txt
No
-i, --message-id ID of a message No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-p, --project Project abbreviation in UPSA Yes
-q, --queue-name Name of a queue Yes
-r, --region Virtualization region Yes
-w, --wait-time Time for messages (in seconds). If a message is available, it
will return sooner [1-120] No
-y Provide the parameter for automatic command confirmation No
Response Elements
Name Description
content Message content
id Message ID
timestamp Time identifier of the message
Command Example:
This example shows messages sending:
or2mm –p project –r region –q queue_name –m “message” –c 5 –a send
Command Response:
Figure 174 - or2mm -a send Command Response
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 232
16 ANSIBLE USAGE
Apart from Chef-based auto configuration, EPAM Cloud includes Ansible facilities supporting dynamic
inventory restful API.
Ansible is set up and configured via Maestro CLI.
On Windows, if you have already used Maestro CLI, before starting Ansible download the Maestro CLI
installation archive manually and install it. The or2update command will not be sufficient to load all
required Ansible resources, particularly, the /lib/ansible/ folder necessary to work with Ansible.
It is strongly recommended to use workspaces for Ansible-related commands.
16.1 INITIALIZING ENVIRONMENT
Invoke: or2-ansible-init (or2ai)
Initializes Ansible environment for the specified project and zone.
The command sets up all required configuration files in the current user directory:
• ansible.cfg – Ansible configuration file
• default.properties – contains default values for the required CLI parameters
• ansible_hosts.sh – executable script to get Ansible dynamic inventory
CLI Parameters
Parameter name Description Required
-r, --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--full Show full command output instead of default basic one No
--help Display command help No
Command Example
This example initializes an Ansible environment
or2ai -p project -r region
Response Example:
Figure 175 - or2ai Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 233
16.2 ANSBILE HOSTS
Invoke: or2-ansible-hosts (or2ah)
Is used to manage Ansible hosts.
CLI Parameters
Parameter name Description Required
-a, --action Action (include/exclude*/describe). Default: describe No
--full Show full command output No
-g, --group Name of the group (for several groups repeat the parameter) No
--help Display command help No
-h, --host Host ID (for several host ids repeat the parameter) No
-r, --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--full Show full command output instead of default basic one No
*You cannot exclude host(s) from a ‘default’ group. A warning message will appear if you try to exclude host(s) from ‘default’ group.
Response Elements
Name Description
hostId Host ID
host Host name
groups Engaged groups
groupName Group name on Describe action
properties Group properties on Describe action
Command Example
This example adds a host to a specified group
or2ah -p project -r region -h host_id1 -h host_id2 -g group_name
-a include
Response Example:
Figure 176 - or2ah Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 234
16.3 ANSIBLE GROUPS
Invoke: or2-ansible-groups (or2ag)
Is used to manage Ansible groups.
CLI Parameters
Parameter name Description Required
-a, --action Action (create/delete*/describe). Default: describe No
--full Show full command output No
-g, --group Name of the group (for several groups repeat the parameter) No
--help Display command help No
-r, --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--full Show full command output instead of default basic one No
*You cannot delete the ‘default’ group. A warning message will appear if you try to delete the ‘default’ group.
Command Example
This example creates a new Ansible group
or2ag -p project -r region -g group_name -a create
Response Example:
Figure 177- or2ag Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 235
16.4 ANSIBLE GROUP PROPERTIES
Invoke: or2-ansible-group-properties (or2agp)
Is used to manipulate Ansible groups properties.
CLI Parameters
Parameter name Description Required
-a, --action Action (set/delete/describe). Default: describe No
--all Deletes all properties. Default: all No
--append Append new properties if the current group already has corresponding keys
No
--full Show full command output No
-g, --group Name of the group (for several groups repeat the parameter) No
--help Display command help No
-h, --host Host ID (for several host ids repeat the parameter) No
-r. --region Virtualization region Yes
-p, --project Project abbreviation in UPSA Yes
-t, --property
Property to add in a name=value way. Use "=" as the delimiter. For several properties repeat the parameter: --property name1=value1 --property name2=value2 --property nameN=valueN. If you use Windows command line, please, encase the -t parameter in quotes i.e. "name=value".
No
-n, --property-name Property name. For several properties repeat the parameter. To delete all properties use "all" parameter instead
No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
--full Show full command output instead of default basic one No
Command Example
This example assigns properties to a group.
or2agp -p project -r region -g web -a set -t “keepalive=60” -t
“ssl_enable=false” -t “workers=4”
Response Example:
Figure 178 - or2agp Response Example
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 236
16.5 ANSIBLE DYNAMIC INVENTORY
Invoke: or2-ansible-dynamic-inventory (or2adi)
Returns Ansible dynamic inventory for the specified project and region in the JSON format.
CLI Parameters
Parameter name Description Required
--full Show full command output No
--help Display command help No
-P, --plain-output Use plain output instead of default table output No
--json Show command output in json format No
-t, --pretty Returns the JSON data in a formatted way No
-p, --project Project abbreviation in UPSA Yes
-r, --region Virtualization region Yes
Command Example
or2adi -p project -r region
Response Example:
Figure 179 – Fragment of or2adi Response Example
Figure 180 - Fragment of or2adi Response Example in a Formatted Way
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 237
17 TROUBLESHOOTING
It may happen that you will get some errors or encounter other issues when working with EPAM Cloud
Orchestrator. Below is given a recommended troubleshooting procedure which is intended to help you
resolve your issues.
Problem?
Cannot manage my
infrastructure
Unexpected Behaviour
Can’t access Orchestrator
See the Audit page
See the Health Check page
See FAQCheck SIN
notifications
Report an incident
Figure 181 - Troubleshooting Scheme
In case you have problems with managing your infrastructure, cannot execute commands or reach
your VM, please, go to Orchestrator Audit page and ensure your VM is available and not deleted by anyone.
If your VM is present and available, but CLI commands still do not work for you, it is possible, that due to
technical issues, the connection to your region is broken. Please, take a look at the Orchestration
Healthcheck page which gives real-time detailed information on each of the Orchestrator regions
performance (except for EPAM-BY1) and indicates which regions are unavailable at the moment. If the
region is currently unavailable, it is advised to wait for a while until the technical issues are fixed and the
region performance is resumed.
In case of emergency, or when you have infrastructure configuration issues not related to the regions
performance, please, address the Help Desk or L1.5 team.
If you encounter an unexpected Orchestrator behavior, please, look at the FAQ pages in EPAM
Knowledge Base or at EPAM Orchestrator website. It is highly possible that the solution is already described
there.
If you get an unexpected “Service under Maintenance” message when trying to login to Orchestration
website or “EPAM orchestration in progress” message when trying to execute a CLI command, please,
check whether you have received a corresponding SIN notification on Orchestrator maintenance. If you
have not received one, please, address the Help Desk for further instructions and help.
If you have an issue that is not listed above, or you have performed the described steps, but your issue is
not solved due to one reason or another, please, submit an incident request to support.epam.com (EPAM
Cloud section in the Catalog).
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 238
ANNEX A - USER PERMISSIONS
USER GROUPS
All operations available using Orchestrator are divided into several groups, used to customize user
permissions. These groups are detailed in the table below.
CLI Command READ
group
STORAGE
group
VM
group
META
group
NEW
RESOURCES
group
KILL
RESOURCES
group
ADVANCED
MANAGEMENT
group
or2-allocate-static-ip (or2alsip) ✓
or2-ambari-cluster (or2ac) ✓
or2-attach-volume (or2attvol) ✓
or2-associate-static-ip
(or2assip)
✓
or2-audit (or2audit) ✓
or2-aws-management-console
(or2awsmc)
✓
or2-azure-management-
console (or2azmc)
✓
or2-change-owner (or2chow) ✓
or2-change-shape (or2chshape) ✓
or2-check-version (or2check) ✓
or2-chef-mode (or2cm) ✓
or2-console (or2console) ✓
or2-convert-maestro-stack-
template (or2cmst)
✓
or2-create-attach-volume
(or2addattvol)
✓
or2-create-checkpoint (or2ccp) ✓
or2-create-image (or2cim) ✓
or2-create-keypair (or2addkey) ✓
or2-create-schedule
(or2addsch)
✓
or2-delete-aws-stack
(or2dawss)
✓
or2-delete-checkpoint
(or2delcp)
✓
or2-delete-file (or2delf) ✓
or2-delete-image (or2delim) ✓
or2-delete-instance-properties
(or2delp)
✓ ✓
or2-delete-keypair (or2delkey) ✓
or2-delete-maestro-stack
(or2delmstack)
✓
or2-delete-schedule (or2delsch) ✓
or2-delete-tag (or2deltag) ✓
or2-delete-volume (or2delvol) ✓
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 239
CLI Command READ
group
STORAGE
group
VM
group
META
group
NEW
RESOURCES
group
KILL
RESOURCES
group
ADVANCED
MANAGEMENT
group
or2-describe-aws-stack-events
(or2dawsse)
✓
or2-describe-aws-stack-
resources (or2dawssr)
✓
or2-describe-aws-stacks
(or2dawss)
✓
or2-describe-checkpoints
(or2dcp)
✓
or2-describe-chef (or2chef) ✓
or2-describe-docker (or2dd) ✓
or2-describe-files (or2df) ✓
or2-describe-hadoop (or2dh) ✓
or2-describe-images (or2dim) ✓
or2-describe-instance-
properties (or2getp)
✓
or2-describe-instances (or2din) ✓
or2-describe-keypairs (or2dkey) ✓
or2-describe-load-balancing
(or2dlb)
✓
or2-describe-logging (or2dlog) ✓
or2-describe-maestro-stack-
resources (or2dmsr)
✓
or2-describe-maestro-stacks
(or2dmstack)
✓
or2-describe-monitoring
(or2dmon)
✓
or2-describe-nessus-templates
(or2dnt)
✓
or2-describe-operation (or2dop) ✓
or2-describe-projects (or2dpro) ✓
or2-describe-regions (or2dreg) ✓
or2-describe-schedules
(or2dsch)
✓
or2-describe-services (or2dser) ✓
or2-describe-shapes
(or2dshape)
✓
or2-describe-static-ips (or2dsip) ✓
or2-describe-tag (or2dtag) ✓
or2-describe-vlans (or2dvlans) ✓
or2-describe-volumes (or2dvol) ✓
or2-detach-volume (or2detvol) ✓
or2-disassociate-static-ip
(or2dissip)
✓
or2-docker-container (or2dc) ✓ ✓
or2-docker-image (or2di) ✓
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 240
CLI Command READ
group
STORAGE
group
VM
group
META
group
NEW
RESOURCES
group
KILL
RESOURCES
group
ADVANCED
MANAGEMENT
group
or2-docker-registry-image
(or2dri)
✓ ✓
or2-ftp-access (or2ftpa) ✓ ✓
or2-get-access (or2access) ✓
or2-get-info (or2info) ✓
or2-go-to-checkpoint (or2gcp) ✓
or2-hardware-report (or2hr) ✓
or2-import-keypair (or2ikey) ✓
or2-load-balancer-config
(or2lbconf)
✓
or2-lock-instance-termination
(or2lock)
✓
or2-manage-ftp (or2ftp) ✓ ✓
or2-manage-hadoop (or2mh) ✓
or2-manage-service (or2ms) ✓ ✓
or2help No permissions or credentials required
or2-modify-hardware-server
(or2modhs)
Only available to zone administrators
or2-move-instance-to-vlan
(or2mivlan)
✓
or2-price (or2price) ✓
or2-reboot-instances
(or2reboot)
✓
or2-register-hardware-server
(or2rhs)
Only available to zone administrators
or2-release-static-ip (or2relsip) ✓
or2-report (or2report) ✓
or2-resize-volume (or2resvol) ✓
or2-revert-to-checkpoint
(or2rcp)
✓
or2-run-aws-stack (or2rawss) ✓
or2-run-instances (or2run) ✓
or2-run-maestro-stack
(or2rmstack)
✓
or2-schedule-add-instances
(or2schaddi)
✓
or2-schedule-remove-instances
(or2schremi)
✓
or2-security-check (or2sc) ✓
or2-set-instance-properties
(or2setp)
✓ ✓
or2-set-tag (or2settag) ✓
or2-start-instances
(or2start)
✓
or2-start-logging (or2log) ✓
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 241
CLI Command READ
group
STORAGE
group
VM
group
META
group
NEW
RESOURCES
group
KILL
RESOURCES
group
ADVANCED
MANAGEMENT
group
or2-start-monitoring (or2mon) ✓
or2-stop-instances (or2stop) ✓
or2-stop-logging (or2stoplog) ✓
or2-stop-monitoring
(or2stopmon)
✓
or2-terminate-instances (or2kill) ✓
or2-update-cli (or2update) ✓
or2-upload-file (or2uf) ✓
or2-upload-script (or2ups)
or2-validate-maestro-stack-
template (or2vmst)
No permissions required
or2-view-pool-state (or2vps) ✓
or2-manage-
service (or2ms)
Activate ✓
Deactivate ✓
or2-docker-
volume (or2dv)
Create ✓
Delete ✓
or2-chef-mode
(or2cm)
Describe Chef
Mode
✓
Deactivate
Service
✓
Activate Service ✓
Update Chef
Mode
✓
DEFAULT PROJECT ROLES
The following table details default user permissions depending of their project roles. Each project role has
access to several Maestro CLI user groups to perform respective operations (see User Groups.) These
permissions can be customized for each project abbreviation in UPSA.
Table 1 - User Permissions
Project Role Maestro CLI User Group 1st Line / Help Desk Specialist READ, VM, STORAGE, META
2nd Line / Environments Support Engineer READ, VM, STORAGE, META, NEW, KILL
3rd Line / Software Maintenance Engineer READ, VM, STORAGE, META, NEW, KILL
Account Manager READ, VM, STORAGE
Administrative Support READ, VM, STORAGE, META
Billing Coordinator READ, VM, STORAGE, META
Build Engineer READ, VM, STORAGE, META, NEW, KILL
Business Analysis Team Lead READ, VM, STORAGE, META, NEW, KILL
Business Analyst READ, VM, STORAGE, META, NEW, KILL
NB: In order to customize user groups for your project, please contact Consulting Team.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 242
Project Role Maestro CLI User Group Consultant READ, VM, STORAGE, META
Consulting Team Lead READ, VM, STORAGE, META, NEW, KILL
Contact READ, VM, STORAGE, META
Customer READ, VM, STORAGE, META
Customer Representative READ, VM, STORAGE, META
Customer TR READ, VM, STORAGE, META
Data Modeler READ, VM, STORAGE, META, NEW, KILL
Delivery Manager READ, VM, STORAGE, META, NEW, KILL, ADVANCED MANAGEMENT
Delivery Supervisor READ, VM, STORAGE, META
Design Team Lead READ, VM, STORAGE, META
Designer READ, VM, STORAGE, META
Developer READ, VM, STORAGE, META, NEW, KILL
Development Team Lead READ, VM, STORAGE, META, NEW, KILL
EngX Productivity Lead READ, VM, STORAGE, META
Executive READ, VM, STORAGE, META
External User READ, VM, STORAGE, META
Financial Manager READ, VM, STORAGE, META
HR Business Partner READ, VM, STORAGE, META
HTML Coder READ, VM, STORAGE, META
Information Architect READ, VM, STORAGE, META, NEW, KILL
Junior Developer READ, VM, STORAGE, META
Junior Functional Tester READ, VM, STORAGE, META
Key Designer READ, VM, STORAGE, META, NEW, KILL
Key Developer READ, VM, STORAGE, META, NEW, KILL
Key Tester READ, VM, STORAGE, META, NEW, KILL
Maintenance & Support Team Lead READ, VM, STORAGE, META, NEW, KILL
Member READ, VM, STORAGE, META
Performance Analyst READ, VM, STORAGE, META, NEW, KILL
Principal Delivery Manager READ, VM, STORAGE, META
Process Engineer READ, VM, STORAGE, META, NEW, KILL
Program Manager READ, VM, STORAGE, META
Project Accountant Assistant READ, VM, STORAGE, META
Project Coordinator READ, VM, STORAGE, META, NEW, KILL, ADVANCED MANAGEMENT
Project Manager READ, VM, STORAGE, META, NEW, KILL, ADVANCED MANAGEMENT
Project Member READ, VM, STORAGE, META
Project PL Analyst READ, VM, STORAGE, META, NEW
Project Sponsor READ, VM, STORAGE, META
Project Supervisor READ, VM, STORAGE, META
Project VIP READ, VM, STORAGE, META
Resource Manager READ, VM, STORAGE, META, NEW, KILL
Sales Executive READ, VM, STORAGE, META
Sales Manager READ, VM, STORAGE, META
Sales Representative READ, VM, STORAGE, META
Signatory READ, VM, STORAGE, META
Solution Architect READ, VM, STORAGE, META, NEW, KILL
TS Engineer READ, VM, STORAGE, META, NEW, KILL
Technical Writer READ, VM, STORAGE, META
Tester READ, VM, STORAGE, META, NEW, KILL
Testing Team Lead READ, VM, STORAGE, META, NEW, KILL
ZXY Agile Team Member READ, VM, STORAGE, META
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 243
ANNEX B – CLIENT VERSIONING
Current version of the CLI is defined in the cli.version parameter within the ‘cli-system.properties’ file,
which is unavailable for user editing. You can display contents of ‘cli-system.properties’ in console by
running the or2info command (See the Maestro CLI Info Section). CLI client version comprises the
following components:
• Orchestrator version
• Separator (.)
• Last digit of a year (2 for 2012)
• Month number (10 for October)
• Separator (.)
• Day
• Build number for current day
For example, ‘cli.version=2.210.103’ corresponds to Orchestrator version 2, built on October 10, 2012 and
being the third build that day.
NB: Under construction. Currently support for versioning is implemented by versioning Maestro CLI
client using the Maestro-CLI-version
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 244
ANNEX C – INSTANCE TYPES AND THEIR SHAPES
The table below contains available virtual instance hardware configurations aka Shapes.
Shape AWS shape mapping
(based on the
closest size)
AWS Units # vCPU
CSA (AWS)
Memory
CSA (AWS)
Micro t1.micro < 2 1 512 (615) MB
Mini t1.micro < 2 1 1 GB (615 MB)
Small m1.small 1 2 (1) 1.7 GB
Medium m1.medium 2 2 (1) 3.75 GB
Large m1.large 4 2 7.5 GB
XL c1.xlarge 20 4 (8) 7.5 (7) GB
2XL m2.xlarge 6.5 4 (8) 15 (17.1) GB
3XL m1.xlarge 8 8 (4) 15 GB
4XL cc1.4xlarge 33.5 6 (8) 23 (22.5) GB
5XL m2.2xlarge 13 8 (4) 30 (34.2) GB
6XL m2.2xlarge 13 8 (4) 46 (34.2) GB
7XL m2.4xlarge 26 8 60 (68.4) GB
8XL cc2.8xlarge 88 8 (16) 92 (60.5) GB
Not all the shapes are by default available for projects. When a project is activated in EPAM regions, Small,
Medium, and Large shapes are activated for it. To get other shapes, submit a Shape Activation Request.
Please note:
• EPAM-BY1, EPAM-HU1, EPAM-BY2, EPAM-UA2 regions support shapes up to 3XL.
EPAM-IN1 and EPAM-US2 regions support shapes up to 5XL.
• Other regions support shapes up to Large.
• When a project is activated in AWS, the full stack of shapes is automatically activated for it.
• Extra-large shapes (over 5XL) are available in AWS regions only.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 245
ANNEX D – SERVICE LOCATIONS
The tables below contain the list of planned EPAM Cloud service locations, using both own infrastructure
and public cloud offerings.
EPAM INFRASTRUCTURE
EPAM Cloud Orchestration Service is a system distributed between different regions. The regions have
different geographical location, virtualization basis and a certain coefficient that applies to services provided
within the region and modifies actual costs. The coefficient depends on the region location and related
maintenance expenses.
Location Service Region Virtualization Coefficient
CIS (Minsk, Belarus) EPAM-BY1 CSA 1
CIS (Minsk, Belarus) EPAM-BY2 OpenStack 0.8
CIS (Minsk, Belarus) EPAM-MAC CSA 1
CIS (Minsk, Belarus) EPAM-DKR OpenStack -*
CIS (St. Petersburg, Russia) EPAM-RU2 CSA 1
Europe (Budapest, Hungary) EPAM-HU1 CSA 1
Ukraine (Kyiv) EPAM-UA1 CSA 1
Ukraine (Kyiv) EPAM-UA2 OpenStack 0.8**
USA (Edison, NJ) EPAM-US CSA 0.9
USA (Edison, NJ) EPAM-US2 OpenStack 0.6
Asia (India, Hyderabad) EPAM-IN1 OpenStack 1
*VMs in the EPAM-DKR region are billed for electricity consumption only at the rate of $33 per month.
** EPAM-UA2 region is in Beta mode till April 1, 2018. While in beta, the billing coefficient is set to 0.
For more information on EPAM Cloud billing policy, please, see our Account Management Guide, Section
7: Billing in EPAM Cloud.
Some of the existing regions have their specific features or limitations. They are listed below.
EPAM-BY2
• EPAM-BY2 is based on OpenStack technology
• EPAM-BY2 supports both HDD and SSD storage. Storage type can be selected during the VM
request by using the corresponding shape name (for example, MEDIUM.HDD – for HDD,
MEDIUM.SSD – for SSD). The standard shape notations (e.g. MEDIUM) are supported, in this
case the default storage type for the region is used
• The Recycle Bin functionality is supported. This functionality allows restoring a terminated VM
within 7 days after termination by sending a request to support.epam.com
• Checkpoint manipulations are not supported.
• An image can be created only from instance that do not have additional volumes.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 246
Network specifics
• All instances have an assigned floating IP from EPAM network (10.x.).
• All instances have hostname like ECSX000XXXXX.epam.com, which can be resolved as an IP
from EPAM network (for example, 10.6.129.34).
• If you try to resolve native hostname from instance in OpenStack you will get external IP, which
does not belong to any network interface of instance.
• This can cause issues when you try to bind some process to hostname instead of Instance IP.
EPAM-UA2
EPAM-UA2 is currently run in the Beta mode, and has the following specifics:
• Shapes up to 3XL are supported
• Billing coefficient is 0 while in Beta.
• The region capacities are limited.
• Due to the limited capacities, while activating the region, the preference will be given to the projects
that are already activated in EPAM-UA1.
EPAM-IN1
• EPAM-IN1 is based on OpenStack technology
• Storage volumes are billed by provisioned, not by used, space
• Shapes up to 5XL are supported
• Checkpoints are disabled
• Graceful shutdown functionality is not available. The or2stop command acts as power-off
• The commands from other groups (as listed in Maestro CLI Reference Guide) are mostly available,
but some are disabled.
• View instance pool scope is not available
Network specifics
• All instances in project have IPs from internal net (172.16.242.230/21).
• All instances have an assigned floating IP from EPAM network (10.x.).
• All instances have hostname like ECSX000XXXXX.epam.com, which can be resolved as an IP
from EPAM network (for example, 10.6.129.34).
• If you try to resolve native hostname from instance in OpenStack you will get external IP, which
does not belong to any network interface of instance.
This can cause issues when you try to bind some process to hostname instead of Instance IP.
EPAM-US2
• EPAM-US2 is based on OpenStack technology
• Storage volumes are billed by provisioned, not by used, space
• Shapes up to 5XL are supported
• Checkpoints are disabled
• Graceful shutdown functionality is not available. The or2stop command acts as power-off
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 247
• The commands from other groups (as listed in Maestro CLI Reference Guide) are mostly available,
but some are disabled.
• View instance pool scope is not available
Network specifics
• All instances have an assigned floating IP from EPAM network (10.x.).
• All instances have hostname like ECSX000XXXXX.epam.com, which can be resolved as an IP
from EPAM network (for example, 10.6.129.34).
• If you try to resolve native hostname from instance in OpenStack you will get external IP, which
does not belong to any network interface of instance.
This can cause issues when you try to bind some process to hostname instead of Instance IP.
EPAM-MAC
EPAM-MAC region is designed to enable Mac resources provisioning. No other instance types can be
created here.
The region hosts two types of instances – virtual and hardware, each having its own specifics.
• Virtual. Virtual MacOS instances have a choice between MacOS 10.10 Yosemite, MacOS 10.11 El
Capitan, MacOS 10.12 Sierra and MacOS_10.13_HighSierra operating systems. The instances
details are:
o Image name: MacOS_10.10_Yosemite, MacOS_10.11_EL_Capitan, MacOS_10.12_Sierra,
MacOS_10.13_HighSierra
o Shape: Any standard EPAM Cloud shape (recommended – MEDIUM)
o System Disk: 60GB
o Billing: Same as in EPAM-BY1 region
o Login: via VNC console with EPAM credentials
o Limitations: auto configuration service and checkpoints are not available.
To run such an instance, use the standard or2run command, and provide the new instance details, e.g.:
or2run –p <project> -r EPAM-MAC –i macos_10.10_Yosemite –s <shape>
• Hardware. The other type of resources that can be provided in EPAM-MAC region, are reusable
hardware Macmini (OS X 10.12.x) servers that can be provided for project needs. The specifics of this
kind of resources are:
o Image name: macmini_os_X
o Shape: Large (2CPU, 8GB RAM) only
o System Disk: 300GB, not extendable
o Billing: $30/Month, calculated hourly at 30/730.5 USD per hour
o Login: via VNC console with user/user credentials (we strongly recommend changing the
default credentials after the first login)
o Limitations:
▪ Instance operations are strictly limited: only or2run, or2kill, or2report, or2settag,
or2din commands are available. You can also see all the instance-related info on UI.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 248
▪ Limited number of available servers. To check whether there are Macmini instances
available, please use the or2vps command:
or2vps -r EPAM-MAC
If there are no free Macmini servers, you will get a respective “low capacity” message when trying to request
one.
In this case, please, wait till one of the servers in use, is released.
To order a hardware Mac, use the standard or2run command, and provide the new instance details, e.g.:
or2run –p <project> -r EPAM-MAC –i macmini_os_X –s LARGE
Please also note that VM actions on the Management page are not available for instances in EPAM-MAC
region.
EPAM-DKR
EPAM-DKR is a dedicated region designed exclusively for running Docker and Kubernetes services and
resources. In EPAM-DKR region, Docker VMs are run under KVM and use CoreOS guest operating system.
The EPAM-DKR region has certain specifics:
• The region is available only for running Docker-related services and resources
• VMs are billed only for electricity consumption at the rate of $33 per month
• Each Docker Service instance is hosted on a separate hardware server
• Only the Large shape is available for Docker instances
• Login to Docker VMs can be performed only via SSH with SSH key
• Docker commands can be performed either via Docker toolset or after login to any node via SSH
• Each node in Docker Swarm cluster is a master
• Swarm API endpoint can be reached at <any_cluster_ip_address>:4000. For example, the
following command will show all containers on all Docker nodes:
docker –H hostname:4000 ps
AWS CLOUD FORMATION REGIONS
To activate AWS regions in EPAM Cloud simply leave a respective request at support.epam.com. The
following regions are supported:
Region Code Region Name EPC Reference Name
ap-northeast-1 Asia Pacific (Tokyo) Region AWS-AP-NORTHEAST
ap-northeast-2 Asia Pacific (Seoul) Region AWS-AP-NORTHEAST-2
ap-southeast-1 Asia Pacific (Singapore) Region AWS-AP-SOUTHEAST
ap-southeast-2 Asia Pacific (Sydney) Region AWS-AP-SOUTHEAST-2
eu-west-1 EU (Ireland) Region AWS-EUWEST
eu-central-1 EU (Frankfurt) Region AWS-EUCENTRAL
sa-east-1 South America (Sao Paulo) Region AWS-SAEAST
us-east-1 US East (Northern Virginia) Region AWSUSEAST
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 249
us-west-1 US West (Northern California) Region
AWS-USWEST
us-west-2 US West (Oregon) Region AWS-USWEST-2
Once you get a notification from us about an AWS Region activation, you should be able to see it in your
list of available regions. Below is the example of Maestro CLI command for the AWS regions describing:
or2dreg -p sample –t AWS
Figure 182 - Describing available AWS regions
If you can see the AWS regions in the response, you can start utilizing AWS resources via EPAM
Orchestration tools.
For more information about AWS regions utilization specifics, please, see the Hybrid Cloud Guide.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 250
AZURE REGIONS
To activate Azure regions in EPAM Cloud simply leave a respective request at support.epam.com. The
following regions are supported:
Region Name (Location) Region Alias EPC Reference Name
Brazil South (Sao Paolo State) BR South AZURE-BS
Central US (Iowa) - AZURE-CUS
East Asia (Hong Kong) - AZURE-EA
East US (Virginia) USEast, eastus AZURE-EUS
East Us 2 (Virginia) useast2, EastUS2 AZURE-EUS-2
Japan East (Tokyo, Saitama) - AZURE-JE
Japan West (Osaka) Ja West AZURE-JW
North Central US (Illinois) - AZURE-NCUS
North Europe (Ireland) Northeurope AZURE-NEU
South Central US (Texas) - AZURE-SCUS
Southeast Asia (Singapore) - AZURE-SEA
West Europe (Netherlands) westeurope AZURE-WEU
West US (California) - AZURE-WUS
Once you get a notification from us about activating your project in Azure, you should be able to see it in
your list of available regions. Below is the example of Maestro CLI command for the region describing:
or2dreg -p sample –t Azure
Figure 183 - Describing available Azure regions
If you can see Azure regions in the response, you can start utilizing Azure resources via EPAM
Orchestration tools.
For more information about Azure regions utilization specifics, please, see the Hybrid Cloud Guide
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 251
GOOGLE CLOUD REGIONS
To activate Google Cloud regions in EPAM Cloud simply leave a respective request at support.epam.com.
The following regions are supported:
Google Region Location Orchestration Reference Name
Eastern Asia-Pacific Changhua County, Taiwan GCP-AS-EAST
Northeastern Asia-Pacific Tokyo, Japan GCP-AS-NORTHEAST
Western Europe St. Ghislain, Belgium GCP-EUWEST
Central US Council Bluffs, Iowa GCP-USCENTRAL
Eastern US Berkeley County, South Carolina GCP-USEAST
Western US The Dalles, Oregon GCP-USWEST
Once you get a notification from us about activating your project in Google Cloud, you should be able to
see it in your list of available regions. Below is the example of Maestro CLI command for the region
describing:
or2dreg -p project –t google
Figure 184 - Describing available Google Cloud regions
If you can see Google Cloud regions in the response, you can start utilizing Google Cloud resources via
EPAM Orchestration tools.
For more information about Google Cloud regions utilization specifics, please, see the Hybrid Cloud
Guide
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 252
ANNEX E – LOGGING IN TO INSTANCES
WINDOWS
Login via an RDP client by using your standard domain credentials.
In order to access Windows instances via SSH, you first have to access them via RDP and configure SSH
connection.
LINUX
For Linux instances, use the SSH and/or your standard domain credentials.
Please note that the login should include the domain name:
AWS – Linux
To connect to a Linux VM, run the following Linux command:
ssh user@<hostname> -i <path>
Where <hostname> stands for your VM DNS Name and <path> stands for the full path to your key file.
Depending on the OS used on your VM, the following login should be provided:
Image OS Default Login
Ubuntu ubuntu
CentOS centos
Debian admin
AWS – WINDOWS
To login to a newly created AWS-based Windows instance perform the following steps:
1. Make sure the instance is up and running, e.g., using the o2-describe-instances command.
2. Run the or2console command providing the instance ID, project and region:
or2console –p demopro –r aws-region –i instance_id
3. When the command is executed, you get an email containing the details on the VM and an
attachment with the encrypted password.
AWS needs at least 4 minutes to generate a password for a new instance. If you run the
or2console command before the password is ready, the attachment in the letter will be empty.
4. Save the attachment to your disc or copy its content to an empty file.
5. Run the or2-aws-decrypt-password (or2adp) command, providing the name of the key used to
run the instance and the path to the file with the encryption:
or2adp -p private-key-file-path -e encrypted-password-file-path
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 253
The command response will contain the password to be used to login to your Windows VM as
Administrator.
Please note that the command is executed on the client’s side, external tools have no access to
the private part of the key.
6. Use this password to login to your VM via RDC:
Figure 185 - Remote connection to a Windows instance
If you have access to AWS Management Console, you can get the password using it, without having to
perform the steps described above. All you have to do is login to the Console, go to the Instances section,
right-click on the instance to which you want to get access and select Get Windows Password in the
dropdown menu.
Figure 186 - Connecting to a Windows VM in AWS
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 254
AZURE
When a VM (either Windows or Linux) creation is initiated, you get a letter containing credentials for access
to this VM remotely. These credentials are generated only once and will not be available for reference
anywhere except this letter.
If you run an instance without using an SSH key, the instance run letter will include the access username
and the password:
Figure 187 - Run instance letter with a password
Please save the credentials properly for further usage; they are not saved anywhere else and cannot
be restored in case of loss.
If you used an SSH key to run an instance, the letter will include the key name instead of the credentials.
The Public IP necessary to connect to the VM will be given in the next letter sent to you as soon as your
new VM gets to the RUNNING state:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 255
Figure 188 - A Start Instance letter with IPs
GOOGLE CLOUD REGIONS:
For Linux VMs, use the SSH key specified during the VM creation. The username depends on the VM
image:
Image Username
CentOS6_64-bit centos
Debian8_64-bit debian
Ubuntu16.04_64-bit ubuntu
For Windows machines, use the or2console CLI command specifying an SSH key:
or2console -p project -r region -i instance_id -k key
The key must always be of 2048 size. The key is required only for the log in operation, not for VM run.
When this command is executed, you will receive an email containing an encrypted password. Decrypt the
password as follows:
or2-decrypt-password -p private-key-file-path -e encrypted-password-
file-path
Use the decrypted password to log in to your Windows VM under user name Administrator.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 256
HARDWARE MACOS
To access your hardware MacOS instance, perform the following steps:
• Install the VNC Client to your workstation.
• Run the VNC Client, and input your MacOS IP address or DNS name (as
HOSTNAME.minsk.epam.com):
Figure 189 - VNC Client start
Click Connect.
• On Authentication step, input the uppercased abbreviation of your project in UPSA:
Figure 190 - VNC client authentication
• Login to the instance with user/user credentials.
It is highly recommended to change the default credentials after the first login.
VIRTUAL MACOS
To get access to a Virtual MacOS instance perform the following actions:
• Click the VNC icon next to the VM ID on the Management page to run the VNC Web Client, and
login to the VM using your domain credentials as soon as the connection is established:
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 257
Figure 191 - VNC web access link
Please note that the domain credentials are case sensitive.
After logging in to the VM, it is recommended to change the default credentials and to enable
access via the VNC standalone client.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 258
ANNEX F – MAESTRO CLI COMMANDS LIST
The table below gives the list of the existing Maestro CLI Commands, their descriptions and links to the
respective sections:
Command Description or2access Registers user domain credentials within Orchestrator
or2addattvol Creates and attaches a storage volume to the specified instance
or2addsch Creates a new schedule to start or stop existing instances using cron expressions.
or2adp Decrypts AWS password
or2ag Is used to manage Ansible groups.
or2agp Is used to manipulate Ansible groups properties.
or2ah Is used to manage Ansible hosts.
or2ai Initializes Ansible environment for the specified project and zone.
or2aem Manages Adobe AEM service
or2alsip Allocates a static IP for the project
or2assip Assigns a static IP to the VM
or2attvol Attaches the specified storage volume to the specified instance
or2audit Views all relevant instance-related information for the specified period
or2awsmc Returns a link for accessing the AWS Management Console
or2ccp Creates an instance recovery point
or2check Shows Maestro CLI client currently installed on your machine
or2chef Describes the project Chef server mode
or2cim Creates an image based on the instance
or2cm Sets one of the existing chef modes to the project
or2cmst Converts a Maestro Stack template into a CloudFormation stack template
or2console Activates instance console and provides access credentials to it
or2addkey Creates a key pair used to access instances without need to provide login credentials
or2dawsse Returns the events related to the specified stack
or2dawssr Returns the events related to the specified stack
or2dcp Lists all checkpoints created for the instance and their short descriptions
or2di Manipulates Docker container images
or2delawss Deletes one or more stacks for the specified region and project
or2delcp Deletes the specified instance checkpoint
or2delf Deletes a previously uploaded file from Orchestrator’s repository
or2delim Deletes custom machine images
or2delkey Deletes a specified key pair
or2delsch Deletes a previously created schedule
or2delp Deletes user-defined metadata from instances
or2deltag Deletes a custom tag from an instance or a volume
or2delvol Deletes a storage volume from the specified instance
or2detvol detaches a storage volume from the specified instance
or2df Describes the uploaded and available files for the specified project
or2dim Returns information about images
or2din Returns information about the instances that you own
or2dissip Disassociates a Static IP from a VM
or2dkey Describes pairs available for provided project and region
or2dlb Shows the list of the hosts in the load balancer group and their availability
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 259
Command Description or2dlog Gives the list of the logged instances and the DNS name of the GrayLog Server
or2dmon Retrieves information about Zabbix-related items
or2dmstack Describes existing Maestro stacks for the specified project and region
or2dpro Lists of projects available for user
or2dreg Describes available virtualization regions for provided project and user credentials
or2dri Manipulates Docker registry images
or2dsch Describes previously uploaded and available schedules
or2dser Describes the services activated for the specified project and region
or2dsip Describes static IPs available for the project
or2dshape Describes available shapes for the provided project and user credentials
or2dtag Retrieves custom tags assigned to resources for billing purposes
or2dv Creates, describes or deletes a Docker volume
or2dvlans describes available VLANs for the selected project
or2dvol Describes a user’s storage volumes
or2ftp Makes existing S3 buckets available via FTP
or2ftpa Manages user access to AWS S3 via FTP
or2gcp Reverts to the specified checkpoint
or2getp Retrieves user-defined metadata from instances
or2help Lists all commands and their parameters
or2hr Generates a hardware server usage report
or2info Lists information of CLI Client current configuration
or2ikey Imports an existing key pair to the specified region
or2kill Terminates the specified instances
or2kn Manages Kubernetes nodes
or2kns Manages Kubernetes namespaces
or2kp Manages Kubernetes pods
or2krc Manages Kubernetes replication controllers
or2ks Manages Kubernetes services
or2lbconf Set the Load balancer configuration
or2lock Locks the specified instance from termination
or2log Starts collecting the logs from the specific instance
or2mivlan Moves specific instance under available VLAN
or2mm Manages Messaging Service messages
or2modhs Modifies the settings of a hardware server
or2mon Add an instance to Zabbix monitoring list
or2mq Manages Messaging service queues
or2ms Activates/deactivates available services for a particular project
or2price Lists prices for all activated shapes
or2rawss Launches a specified stack on AWS
or2rcp Reverts instance to the latest available checkpoint
or2rdb manages the relational database service
or2reboot Reboots specified instances
or2reghs Registers a dedicated instance as a hardware server in EPAM Cloud
or2relsip Releases a static IP from the project
or2report Prepares a monthly billing report
or2resvol Resizes the specified volume for instance
or2rmstack Runs a new maestro stack based on an existing template
or2run Launches the specified number of instances with provided shape and image
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 260
Command Description or2setp Assigns user-defined metadata to instances
or2settag Assigns a custom tag to an instance or a volume for billing purposes
or2sm Remove an instance from the monitoring list
or2sr Manages Sonar rules
or2sqp Manages Sonar quality profiles
or2start Starts the specified stopped instances
or2stop Stops the specified instances
or2stoplog Removes the instance from logging list
or2sus Powers down an instance
or2uf Uploads a new file and saves it in Orchestrator
or2unreghs Unregisters hardware server
or2update Checks for updates and updates
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 261
ANNEX G – PAAS GUEST OPERATING SYSTEMS
Service name Used Image
Adobe AEM as a Service (AEM) CentOS6_64-bit
Ambari Service (AAS) CentOS6_64-bit
Artifactory as a Service (AFS) CentOS7_64-bit
ATG as a Service (ATG) CentOS6_64-bit
Auto Configuration Service (ACS): Chef server (epc/user modes) Version 11/version 12 Ubuntu14.04_64-bit/Ubuntu16.04_64-bit
Cloud Monitoring Service (CMS): Zabbix Ubuntu16.04_64-bit
Docker/Docker registry (DOS) (with volumes) CoreOS_899.13_64-bit
Docker/Docker registry Service (DOS) Ubuntu16.04_64-bit/Ubuntu14.04_64
FTP to AWS SE Service (FTP2S3) Ubuntu14.04_64-bit
Gerrit as a Service (GAS) Ubuntu 14.04_64-bit
Hybris as a Service (HAS) CentOS7_64-bit
Jenkins as a Service (JAS) Ubuntu16.04_64-bit
Kubernetes as a Service (KUB) CoreOS_899.13_64-bit
Load Balancer Service (LBS) Ubuntu16.04_64-bit
Log Aggregation Service (LAS) Ubuntu16.04_64-bit
Magento as a Service (MAS) CentOS7_64-bit
Messaging Service (MES) Ubuntu14.04_64-bit
Relational Data Base Service (RDB) Mariadb Ubuntu14.04_64-bit
Relational Data Base Service (RDB) MSSQL (2012) W2012R2Std
Relational Data Base Service (RDB) MSSQL (2014) hardware W2012R2Std
Relational Data Base Service (RDB) MySQL Ubuntu14.04_64-bit
Relational Data Base Service (RDB) Oracle OracleLinux7_64-bit
Relational Data Base Service (RDB) PostgreSQL Ubuntu14.04_64-bit
Sitecore as a Service (SAS) W2012R2Std
Sonar as a Service (SQS) Ubuntu 14.04_64-bit
Splunk as a Service (SPS) Ubuntu14.04_64-bit
Telemetry as a Service (TMS) Ubuntu16.04_64-bit
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 262
TABLE OF FIGURES
Figure 1 - or2help Command Output .......................................................................................................... 14
Figure 2 - Command help for incorrect parameters input ........................................................................... 14
Figure 3 - Command response with --help option ....................................................................................... 15
Figure 4 - or2access Response Example ................................................................................................... 16
Figure 5 - or2check Response Example ..................................................................................................... 17
Figure 6 - or2info Response Example ......................................................................................................... 19
Figure 7 - or2update Response Example ................................................................................................... 20
Figure 8 - or2dpro Response Example ....................................................................................................... 21
Figure 9 - or2dreg Response Example ....................................................................................................... 23
Figure 10 - or2dim Response Example ....................................................................................................... 25
Figure 11 - or2dshape Response Example (OpenStack-based region) ..................................................... 26
Figure 12 - or2run Response Example ....................................................................................................... 30
Figure 13 - or2stop Example Response ...................................................................................................... 31
Figure 14 - or2start Response Example ..................................................................................................... 33
Figure 15 - or2reboot Response Example .................................................................................................. 34
Figure 16 - or2kill Response Example ........................................................................................................ 35
Figure 17 - or2lock Response Example ...................................................................................................... 35
Figure 18 - or2lock command repeated to allow instance termination ........................................................ 35
Figure 19 - or2din General Response Example .......................................................................................... 37
Figure 20 - or2din Response Example with Filters ..................................................................................... 37
Figure 21 - or2chshape Response Example ............................................................................................... 38
Figure 22 - or2chow Response Example .................................................................................................... 39
Figure 23 - or2vps Response Example ....................................................................................................... 40
Figure 24 - or2dvlans Response Example .................................................................................................. 41
Figure 25 - or2mivlan Response Example .................................................................................................. 42
Figure 26 - or2addsch Response Example ................................................................................................. 44
Figure 27 - or2dsch Response Example ..................................................................................................... 45
Figure 28 - or2schaddi Response Example ................................................................................................ 46
Figure 29 - or2schremi Response Example ................................................................................................ 47
Figure 30 - or2delsch Response Example .................................................................................................. 48
Figure 31 - or2setp Response Example ...................................................................................................... 52
Figure 32 - or2getp Response Example ..................................................................................................... 53
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 263
Figure 33 - or2delp Response Examples ................................................................................................... 54
Figure 34 - or2cim Response Example ....................................................................................................... 56
Figure 35 - or2delim Response Example .................................................................................................... 57
Figure 36 - TCP/IP Configuration (Windows) .............................................................................................. 58
Figure 37 - Creating Local Windows User .................................................................................................. 59
Figure 38 - Assigning Administrator Privileges to a Windows User ............................................................ 60
Figure 39 - Excluding Guest OS from Domain (Windows) .......................................................................... 61
Figure 40 - Renaming Guest OS (Windows) ............................................................................................... 61
Figure 41 - Rebooting a VM in Azure region ............................................................................................... 62
Figure 42 - or2addkey Response Example ................................................................................................. 65
Figure 43 - or2ikey Response Example ...................................................................................................... 67
Figure 44 - or2dkey Response Example ..................................................................................................... 68
Figure 45 - or2delkey Response Example .................................................................................................. 69
Figure 46 - or2console Response Example ................................................................................................ 70
Figure 47 - Console credentials .................................................................................................................. 71
Figure 48 - or2awsmc Response Example ................................................................................................. 72
Figure 49 – or2iam Response Example ...................................................................................................... 73
Figure 50 - or2azmc Response Example .................................................................................................... 74
Figure 51 - or2alsip Command Example ..................................................................................................... 77
Figure 52 - or2assip Command Example .................................................................................................... 78
Figure 53 - or2dsip Command Response Example .................................................................................... 79
Figure 54 - or2dissip Command Response ................................................................................................. 80
Figure 55 - or2relsip Command Response ................................................................................................. 81
Figure 56 - or2addattvol Response Example .............................................................................................. 83
Figure 57 - or2attvol Response Example .................................................................................................... 84
Figure 58 - or2detvol Response Example ................................................................................................... 85
Figure 59 - or2resvol Response Example ................................................................................................... 86
Figure 60 - or2dvol Response Example ...................................................................................................... 88
Figure 61 - or2dvol Empty Response Example ........................................................................................... 88
Figure 62 - or2delvol Response Example ................................................................................................... 89
Figure 63 - df-h Response Example............................................................................................................ 90
Figure 64 - Computer Management in Windows 8 ...................................................................................... 91
Figure 65 - or2ccp Response Example ....................................................................................................... 94
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 264
Figure 66 - or2dcp Response Example ....................................................................................................... 95
Figure 67 - or2gcp Response Example ....................................................................................................... 96
Figure 68 - or2rcp Response Example ....................................................................................................... 97
Figure 69 - or2delcp Response Example .................................................................................................... 98
Figure 70 - or2reghs Response Example ................................................................................................. 100
Figure 71 - or2unreghs Response Example ............................................................................................. 101
Figure 72 - or2modhs Response Example ................................................................................................ 103
Figure 73 - or2hr Response Example ....................................................................................................... 104
Figure 74 - Price Breakdown ..................................................................................................................... 105
Figure 75 - or2report Response Example ................................................................................................. 107
Figure 76 - or2price Response Example ................................................................................................... 110
Figure 77 - or2audit Response Example ................................................................................................... 112
Figure 78 - Account report ......................................................................................................................... 113
Figure 79 - or2dacc Command Example .................................................................................................. 114
Figure 80 - or2settag Response Example ................................................................................................. 116
Figure 81 - or2dtag Response Example ................................................................................................... 117
Figure 82 - or2deltag Response Example ................................................................................................. 118
Figure 83 - or2uf Response Example ....................................................................................................... 120
Figure 84 - or2delf Response Example ..................................................................................................... 121
Figure 85 - or2df Response Example ....................................................................................................... 122
Figure 86 - or2sc Response Example ....................................................................................................... 123
Figure 87 - or2dnt Response Example ..................................................................................................... 124
Figure 88 - or2rsawss Response Example ............................................................................................... 126
Figure 89 - or2dawss Response Example ................................................................................................ 127
Figure 90 - or2dawsse Response Example .............................................................................................. 128
Figure 91 - or2dawssr Response Example ............................................................................................... 130
Figure 92 - or2delawss Response Example ............................................................................................. 131
Figure 93 - or2dmstack Response Example ............................................................................................. 132
Figure 94 - or2rmstack -m Response Example ......................................................................................... 134
Figure 95 - or2delmstack -m Response Example ..................................................................................... 135
Figure 96 - or2dmsr Response Example .................................................................................................. 136
Figure 97 – or2vmst Response Example .................................................................................................. 137
Figure 98 - or2cmst Response Example ................................................................................................... 138
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 265
Figure 99 - or2-manage-service Response Example................................................................................ 141
Figure 100 - or2dser Response Example (shown in 2 lines for better visibility) ....................................... 143
Figure 101 - or2cm Response Example .................................................................................................... 147
Figure 102 - Disabling auto configuration for a specific OS ...................................................................... 147
Figure 103 - Reviewing information on the current status of the ACS ...................................................... 147
Figure 104 - or2dchef Response Example ................................................................................................ 148
Figure 105 - The or2-validate-chef command output ................................................................................ 148
Figure 106 - or2dmon Response Example ............................................................................................... 150
Figure 107 - or2mon Response Example ................................................................................................. 151
Figure 108 - or2stopmon Response Example ........................................................................................... 152
Figure 109 - Zabbix metrics details on UI ................................................................................................. 153
Figure 110 - Zabbix Graph in web Interface .............................................................................................. 154
Figure 111 - or2starttel Response Example .............................................................................................. 156
Figure 112 - or2stoptel Response Example .............................................................................................. 157
Figure 113 - or2dtelag Response Example ............................................................................................... 158
Figure 114 - Telemetry agent with available metrics................................................................................. 159
Figure 115 – or2tel Response Example .................................................................................................... 160
Figure 116 - or2lbconf –-balancing Response Example ........................................................................... 165
Figure 117 - or2lbconf –-limit Response Example ................................................................................... 166
Figure 118 - or2lbconf –-ban Response Example ................................................................................... 167
Figure 119 - or2lbconf –-cache --url --expiration Response Example ..................................................... 167
Figure 120 - or2dlb Response Example .................................................................................................... 168
Figure 121 - or2ftp Response Example .................................................................................................... 170
Figure 122 - or2ftpa Response Example .................................................................................................. 170
Figure 123 - or2osc Command Response Example ................................................................................. 172
Figure 124 - or2osc Command Response Example for Wildcard Setup .................................................. 172
Figure 125 - or2di Command Response Example .................................................................................... 175
Figure 126 - or2di -a Commit Response Example .................................................................................... 175
Figure 127 - or2dc Command Response .................................................................................................. 177
Figure 128 - or2dv Command Response .................................................................................................. 178
Figure 129 - Docker volume deletion ........................................................................................................ 179
Figure 130 – Docker registry creation ....................................................................................................... 180
Figure 131 - or2dri -a describe Response Example.................................................................................. 181
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 266
Figure 132 - or2dri -a delete Response Example ..................................................................................... 181
Figure 133 - or2dd Command Response .................................................................................................. 183
Figure 134 - List of Kubernetes nodes (shown in two lines for better visibility) ........................................ 185
Figure 135 - or2kp Command Response .................................................................................................. 186
Figure 136 - or2kns Command Response ................................................................................................ 187
Figure 137 - or2ks Command Response .................................................................................................. 187
Figure 138 - or2krc Command Response ................................................................................................. 188
Figure 139 - or2kn Command Response .................................................................................................. 189
Figure 140 - or2-describe-hadoop Response Example ............................................................................ 191
Figure 141 - or2-manage-hadoop Command Response .......................................................................... 192
Figure 142 - or2ac command Response Example .................................................................................... 195
Figure 143 - Changing Splunk license type .............................................................................................. 197
Figure 144 - or2sp Command Response .................................................................................................. 199
Figure 145 - List of missing plugins ........................................................................................................... 201
Figure 146 - List of Jenkins plugins ........................................................................................................... 202
Figure 147 - Jenkins plugin uninstallation ................................................................................................. 203
Figure 148 – Sonar Service Info (shown in two lines for better visibility) .................................................. 208
Figure 149 – or2sqp Command Response ............................................................................................... 210
Figure 150 - Rules activation for Sonar quality profile .............................................................................. 210
Figure 151 – or2sr Command Response .................................................................................................. 211
Figure 152 – Artifactory Service Info (shown in two lines for better visibility) ........................................... 213
Figure 153 - or2aem -a activate-cluster Response Example .................................................................... 215
Figure 154 - or2aem -a describe Response Example............................................................................... 215
Figure 155 - or2aem -a attach-publish Response Example ...................................................................... 215
Figure 156 - Sitecore service activation .................................................................................................... 217
Figure 157 - List of Sitecore instances ...................................................................................................... 217
Figure 158 - Sitecore-LB activation ........................................................................................................... 219
Figure 159 - Sitecore Info (shown in two lines for better visibility) ............................................................ 219
Figure 160 - Sitecore instances info (shown in two lines for better visibility) ............................................ 220
Figure 161 - the or2rdb [-a describe] Response Example ........................................................................ 222
Figure 162 - or2rdb -a install Response Example ..................................................................................... 222
Figure 163 - or2rdb -a remove Response Example .................................................................................. 222
Figure 164--use-sys-disk-size output example ......................................................................................... 222
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 267
Figure 165 - Hybris MEDIUM configuration .............................................................................................. 223
Figure 166 - Hybris LARGE configuration ................................................................................................. 224
Figure 167 - Hybris activation .................................................................................................................... 224
Figure 168 - List of Hybris instances ......................................................................................................... 225
Figure 169 – Magento service info (shown in two lines for better visibility) .............................................. 226
Figure 170 - ATG as a Service architecture .............................................................................................. 227
Figure 171 – ATG service info ................................................................................................................... 228
Figure 172 - ATG instance details ............................................................................................................. 228
Figure 173 - or2mq -a create Response Example .................................................................................... 230
Figure 174 - or2mm -a send Command Response ................................................................................... 231
Figure 175 - or2ai Response Example ...................................................................................................... 232
Figure 176 - or2ah Response Example .................................................................................................... 233
Figure 177- or2ag Response Example ..................................................................................................... 234
Figure 178 - or2agp Response Example .................................................................................................. 235
Figure 179 – Fragment of or2adi Response Example .............................................................................. 236
Figure 180 - Fragment of or2adi Response Example in a Formatted Way .............................................. 236
Figure 181 - Troubleshooting Scheme ...................................................................................................... 237
Figure 182 - Describing available AWS regions ........................................................................................ 249
Figure 183 - Describing available Azure regions ...................................................................................... 250
Figure 184 - Describing available Google Cloud regions .......................................................................... 251
Figure 185 - Remote connection to a Windows instance .......................................................................... 253
Figure 186 - Connecting to a Windows VM in AWS.................................................................................. 253
Figure 187 - Run instance letter with a password ..................................................................................... 254
Figure 188 - A Start Instance letter with IPs .............................................................................................. 255
Figure 189 - VNC Client start .................................................................................................................... 256
Figure 190 - VNC client authentication ..................................................................................................... 256
Figure 191 - VNC web access link ............................................................................................................ 257
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 268
VERSION HISTORY
The document is constantly updated since September, 2012. The table below provides its main
development points until the beginning of 2015, and the detailed story starting from this year.
Version Date Summary
19.6.23 May 18, 2018 - Added the -resourceGroup parameter to the set of
commands for the work with Azure
19.6.22 April 4, 2018 - Updated the info about Kubernetes as Service
19.6.21 March 24, 2018
- Updated information about availability of the or2resvol
command in different regions
- Removed the references to EPAM-KZ1 region.
- Added info on the OpenShift service
19.6.20 February 22, 2018 - Update the description of the section 5.3
- Added 2 sections about the VMs in Azure regions
19.6.19 January 31, 2018
- Removed the ‘or2-suspend’ command
- Added EPAM-UA2 region info
- Updated EPAM-MAC region info with
MacOS_10.13_HighSierra
- Updated the --use-sys-disc-size parameter info
19.6.18 January 28, 2017 - Updated the permissions mapping table
19.6.17 December 22, 2017 - RDB Service info update
- OS for PaaS Service table added
19.6.16 December 15, 2017 - ACS info updated
19.6.15 December 7, 2017
- Image creation availability for EPAM-KZ1 region updated
- Info about Jenkins availability in different regions
updated
19.6.14 December 6, 2017 - Image name and description restrictions update
19.6.13 December 1, 2017 - Shared Chef Server info updated
- Chef 12 and Chef 11 availability info updated
19.6.12 November 30, 2017 - MSQ3 information removed
19.6.11 November 4, 2017 - Updated Creating Images and Disassociate Static IP
Sections
19.6.10 September 9, 2017 - Updated checkpoints creation limitations
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 269
- Updated Telemetry as a Service info
- Updated EPAM-RU2 price in Annex D
19.6.9 July 15, 2017
- fixed-ip parameter removed from the description of or2-
allocate-static-ip command
- Description of Telemetry as a Service added
19.6.8 May 20, 2017
- Description of Cloudify service removed
- Information on static IP-related commands availability by
regions updated
19.6.7 April 8, 2017
- Updated info on Checkpoints (recommendation to create
checkpoints on stopped instances)
- or2mjp command added
- or2run command description updated with spot instance
parameters
- Information about EPAM-BY2 region added
19.6.6 February 25, 2017
- Azure specifics is clarified for or2ikey command.
- Google-related specifics added
- or2adp command replaced with or2dp
- Hybris as a Service info updated
- Sonar as a Service info updated
- Artifactory as a Service info added
- Schedules info updated with --all -t options
19.6.5 December 16, 2016
- Kubernetes commands added
- Sonar as a Service info added
- or2dr (or2-docker-registry) command removed
- Option of command output display in json format added
- Classification changed from Confidential to Public,
approved by Dzmitry Pliushch
19.6.4 October 29, 2016
- Reference to EPAM-US1-PROD and EPAM-RU1
regions removed
- EPAM-US2 region added
- Instructions for VM preparation for image creation
updated with information specific to Microsoft Azure
regions
- Backup Service commands added
19.6.3 September 3, 2016
- Updated or2rmstack command description
- Note about Chef mode change added
- Hyperlinks fixed
- Updated permissions map
- Added IND1 region info
- Splunk as a Service info added
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 270
- Magento as a Service info added
- ATG as a Service info added
- Sitecore as a Service info updated
- AEM as a Service info updated
19.6.2 July 8, 2016 - Updated shapes limitations info
19.6 July 2, 2016 - Added Services cooperation notifications
- Commands related to security scanning added
19.5 May 22, 2016
- Updated Permissions table with new PMC Roles
- Added “Finding the device parameter” section
- Screenshots updated
- Description of hardware-related commands added
- Description of Kubernetes as a Service added
- Updated regions table with Virtualization column
19.4 March 26, 2016
- Added 1.1 Getting CLI Help
- Updated regions specifics info
- Added Annex E – Logging in to Instances
- Added or2lock command
- Updated 2.3 Logging in to Instances
- Docker Service info updated
- Hybris Service info added
19.3 February 13, 2016
- Updated or2report, or2ac, or2help, or2dreg, or2din
commands descriptions
- Updated or2dd examples
- Added or2prkill command
19.2 December 20, 2015 - Added MES service commands
- Issues fixed
19.1 November 7, 2015 - Issues fixed
19.0 September 6, 2015 - Renamed to csug_02_maestro_cli_user_guide
- Updated layout, reviewed content.
18.0 April 26, 2014 - Totally restructured. The commands are grouped by purpose, additional info added.
15.22 September 4, 2013 - links throughout the document are revised
15.21 August 16, 2013 - related documents are updated
10.0 February 9, 2013 - Major revision including update of AWS-related command syntax, new commands, user permissions etc.
EPAM Cloud Orchestrator - Maestro CLI User Guide
EPAM PUBLIC 271
8.01 December 21, 2012 - Major command revision
4.1 October 9, 2012 - Restructured as user/reference guide - Setup section is shortened - Reference to setup guide is added
1.0 September 07, 2012 First published