Legal Notice: This document contains privileged and/or confidential information and may not be disclosed, distributed or

reproduced without the prior written permission of EPAM®.

EPAM Cloud Infrastructure

Orchestrator ver.2.1.66

What’s New

March 2016

CI2WN-S64-66

Version 1.0

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 2

CONTENT

1 Overview ................................................................................................................................................ 3

2 VMs Creation Approvals ........................................................................................................................ 4

3 New Region: EPAM-DKR ...................................................................................................................... 5

3.1 How to Use..................................................................................................................................... 5

3.2 Implementation Details .................................................................................................................. 6

4 PowerShell DSC Support ...................................................................................................................... 7

5 Platform Services Update ...................................................................................................................... 8

5.1 Hybris As a Service Introduction .................................................................................................... 8

5.1.1 Service Architecture .............................................................................................................. 9

5.1.2 Service Activation and Manipulation ..................................................................................... 9

5.1.3 Logging in to Service Nodes ............................................................................................... 10

5.1.4 Pricing .................................................................................................................................. 10

5.2 MS SQL With Guaranteed Capacities ......................................................................................... 10

5.3 AEM Service Updated .................................................................................................................. 12

6 Security Updates ................................................................................................................................. 12

6.1 Lock AWS VMs from Termination ................................................................................................ 12

6.2 Resource Creation Control in AWS ............................................................................................. 13

6.3 Automatic Daily AWS Price Monitoring ........................................................................................ 14

6.4 Security Scanning Updates .......................................................................................................... 15

6.5 Security Reporting Updates ......................................................................................................... 16

6.6 AWS Security Groups Management ............................................................................................ 16

7 Hardware Billing Changes ................................................................................................................... 17

8 Knowledge Base Updates ................................................................................................................... 18

8.1 Cloud Glossary ............................................................................................................................ 18

8.2 Documentation Update ................................................................................................................ 19

Table of Figures........................................................................................................................................... 20

Version history ............................................................................................................................................. 21

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 3

1 OVERVIEW

EPAM Orchestration Framework version 2.1.66 was released on March 26, 2016. The update is mainly

concentrated on platform services and Cloud Security improvements, but it is also accompanied by billing,

project management, and documentation changes and issues fixes.

Numerous other improvements were also introduced, including AEM Service update, hardware billing

changes, the enabling approvals for VMs creation, and others.

Please note that starting from April 1, 2016, hardware billing changes. Find more details here.

The new EPAM-DKR region is activated in BETA mode, and resources there are provided for free within

a month since March 26, 2016. For more info, see this section.

Our users often address us with the questions for EPAM Private Cloud SLA details and clarifications. For

you to be more acquainted with the subject and to prevent misunderstandings and unexpected situations,

we strongly recommend to review EPAM Cloud Service Offering document.

New Region: EPAM-DKR

EPAM-DKR – a new region for CoreOS usage

Docker on CoreOS

Auto Configuration

Chef-Client 12 introduced, allowing auto configuration for DSC

Hybris as a Service

Goes in two modes: - Single (1 VM) - Large (5 VMs) Available phases: - Prepare - Full Install

Guaranteed Capacities for MySQL

MySQL 2014 provisioned DB hosting on hardware

servers

Security Improvements

Lock VMs termination for AWS Daily utilization monitoring VMs creation limits

monitoring Security reports updated

Documentation

Glossary Added 3 New documents 6 Documentation updates FAQ updated EPAM Orchestration video

overviewsintroduced

New Region: EPAM-DKR

EPAM-DKR – a new region for CoreOS usage

Docker on CoreOS via KVM Kubernetes as a Service

development start

PowerShell DSC Support

Auto configuration for DSC is supported by introducing Chef Client 12

Hybris as a Service

Goes in two modes: - Single (1 VM) - Large (5 VMs) Available phases: - Prepare - Full Install

Guaranteed Capacities for MS SQL

MS SQL 2014 provisioned DB hosting on hardware

servers

Security Improvements

Lock VMs termination for AWS Daily utilization monitoring VMs creation limits

monitoring Security reports updated

Documentation

Glossary Added 3 New documents 6 Documentation updates FAQ updated Release video overviews

introduced

FREE!

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 4

2 VMS CREATION APPROVALS

EPAM Orchestration supported two main approaches to infrastructure management in Cloud:

Role-based authorization – a mechanism that identifies user’s permissions depending on their

role on the project (business unit).

Quotas mechanism – to control project expenses.

In this release, we introduced the third approach – approvals. It allows to establish approval policy to VMs

creation, so that project members with respective permissions can request creating new resources, but the

action won’t be performed until the Project Coordinator approves it.

This mechanism is bound to monthly resource utilization quotas. According to implementation, as soon as

the project’s quota in a specific region is depleted, the creation of new VMs is possible only after Project

Manager approves this action.

Figure 1 - Run VM approval rule setting

In case you need to control all VMs creation in your project or in a specific region, you can set the quota

amount to a minimum level of $10. As soon as this limit is reached, the approvals mechanism gets activated.

Approvals are applied to VMs run directly via Maestro CLI or Cloud Dashboard, as well as to those

requested within a Maestro Stack template flow.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 5

3 NEW REGION: EPAM-DKR

Starting from March 26, 2016, EPAM Cloud users get access to a new region

– EPAM-DKR, which embodies new approaches to virtualization and

containerization. The region is based on OpenStack (Kilo), and is designed

for Docker usage over Core OS operating system.

With all its features and tools, CoreOS is a perfect ground for using Docker

– a solution that allows you to distribute processes between containers and

isolate them so that they do not interfere with each other.

EPAM-DKR region is designed specifically for Docker clusters management, and has the following

specifics:

The region allows only Docker as a Service usage (based on Docker 1.8 and Docker Swarm 0.4.0).

Docker VMs are run under KVM and use CoreOS guest operating system

Each Docker Service instance is hosted on a separate hardware server.

Only Large shape is available for Docker instances.

The region is activated in Beta mode. During the first month (starting from March 26), you can run

resources there for free. Please feel free to submit your comments, complaints and suggestion, to Cloud

Consulting team.

3.1 HOW TO USE

Docker service in EPAM-DKR region is manipulated same way as in any other region. For example, to start

the service, run:

or2-manage-service -p <project> -r EPAM-DKR -s docker --activate –c <cluster>

-k <ssh_key_name>

Please note, that with the current update, more than one cluster becomes available for each project in any

region. Thus, Docker-related commands now require –c[-cn]/--cluster-name parameter to be specified.

For more details on Docker service manipulations, please address EPAM Cloud Services Guide.

In the current implementation, the service has the following specifics:

Login to Docker VMs can be performed only via SSH with SSH key.

Docker commands can be performed either via Docker toolset or after login to any node via SSH.

Each node in Docker Swarm cluster is a master.

Swarm API endpoint can be reached at <any_cluster_ip_address>:4000. For example, the

following command will show all containers on all Docker nodes

docker –H hostname:4000 ps

FREE!

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 6

3.2 IMPLEMENTATION DETAILS

Initially, Docker as a Service was based on Ubuntu 14.04 OS, and this implementation remains true for

regions other than EPAM-DKR.

EPAM-DKR region is the result of our desire to provide higher performance and reliability for

containerization in EPAM Cloud. It enables using KVM and CoreOS, and opens new horizons in the service

usage and development.

Still, in both Linux and Core OS-based Docker versions, we use Docker Swarm for clustering.

However, there is another containers orchestration tool, Kubernetes, delivered by Google. The solution

becomes more and more popular among Docker users, as it has its own features and advantages for

specific cases (you can find Swarm-Kubernetes comparison here). EPAM Cloud community also shows

high interest in Kubernetes, thus, the need to support it in EPAM Cloud arose.

The respective Feature Request was registered, and our team started the research and development

process.

Meanwhile, our users perform their own investigations on the subject and share their ideas on Kubernetes

usage in EPAM Cloud. Their input is very valuable and is a good help in the feature implementation.

We would like to express special thanks to Gyorgy Ruck for his deep investigation of Kubernetes setup and

usage, and for sharing his findings on the subject on the following resources.

The active development of Kubernetes as a Service feature will start in April, and the service delivery is

planned for one of the upcoming production updates.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 7

4 POWERSHELL DSC SUPPORT

Auto configuration is an important part of Cloud service provisioning. Currently,

EPAM Orchestration supports the following auto configuration scenarios:

Running a script at instance creation.

Specifying an SSH key so that one can use Ansible to perform automatic

configuration of dynamic environment.

Using out-of-the-box and custom Chef recipes.

These approaches are more convenient for using with Linux systems, as they are more “native” for them.

With the current update we introduce support of PowerShell DSC as the auto configuration tool to be used

with Windows VMs. To enable this improvement, we updated the Chef Client provided on our VMs, to Chef

Client v.12.0.0, which will be installed on all instances created after March 26.

You can find the detailed description of the new release on the Chef’s What’s New page.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 8

5 PLATFORM SERVICES UPDATE

As EPAM Orchestration is becoming a more and more mature solution, we keep on expanding its platform

services coverage.

Thus, the current update introduces a number of important changes in this area:

Hybris as a Service is introduced (based on Hybris 5.7.0.6) .

Provisioning guaranteed capacities for RDB service with MS SQL 2014 database is enabled.

AEM Service is updated with the new Adobe AEM version: AEM 6.1.

In addition, we implemented Open PaaS architecture which allows to add and use new services in a unified

way, without changing Maestro CLI. The approach is based on Maestro Stacks engine.

The general flow to services manipulation goes as follows:

Activate Service

or2ms … --activate+ service-specific parameters

Describe Service

or2dser … -s service_nameFind information on existing

services

Deactivate Service

or2ms … --deactivateDeactivate the selected

service

In the nearest future, we plan to develop and publish a developer’s guide document that will be a good help

for EPAM Cloud users who develop their own PaaS services.

If you want to contribute your custom services that can be useful for EPAM Cloud community, feel free to

contact our Consulting team.

5.1 HYBRIS AS A SERVICE INTRODUCTION

Hybris is one of the world top e-commerce software platforms, which includes omni-

channel commerce, product information management, order management solutions,

as well as remarketing tools and powerful product search and promotion facilities (for

more details, please Hybris info page).

The platform is widely used by EPAM teams, and, with EPAM Cloud usage growths,

the question of implementing a convenient Hybris solution for Cloud arose.

That’s why, it was decided to implement our own Hybris as a Service, based on Hybris 5.7.0.6. The solution

was developed within short time due to the close collaboration between EPAM Cloud team and Hybris

Competency Center, and is based on the materials developed by EPM-FLEX project team.

The resulting service is a fully scalable solution designed for effective and comfortable development of e-

commerce solutions, and takes into account EPAM’s great experience in e-commerce projects delivery.

The service deployment uses Chef for auto-configuration and Maestro Stacks for creation of solid

environments.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 9

We would like to thank EPM-FLEX team, and, especially Pavel Veller, Sergii Kononov, Grygorii Klymov,

Andrei Mankouski, Andrey Kuznetsov, Tatsiana Kursava, Stanislav Polchanikov, and Maksym

Zinkevych for their participation, assistance, expertise sharing, and the big pleasure to collaborate with

them.

5.1.1 Service Architecture

Hybris service can be provided in two arrangements, or modes:

Single mode, in which one VM is launched and Hybris is downloaded and installed there

Large mode, in which 5 VM are launched, for the following purposes:

o MySQL Server

o Media SRV (Shared media content storage)

o Hybris search node (with Apache Solr installed on it)

o Hybris SRV (API node)

o Hybris Back Office

All nodes are gathered in one cluster and communicate with each other.

Each VM (in either Single or Large modes) has the following parameters:

Image: CentOS6_64-bit

Shape: Large (is default and recommended one, can be changed on service initialization)

5.1.2 Service Activation and Manipulation

To activate Hybris as a Service, use the or2-manage-service (or2ms) command with the -a/--activate flag

and the -s/--service parameter with hybris-single or hybris-large value, which specifies the service mode:

or2ms –p <project> -r <region> -a –s hybris-single

When you input the command, the command line will prompt for additional parameters:

Shape – skip to use LARGE.

SSH key to be used - skip to use no key.

Ansible group name – unique Ansible group name; if skipped no group will be set.

Cluster name – unique Hybris cluster name. Should be specified as (without spaces):

cluster_name=value

Install hybris flexo – If you skip this parameter, Hybris package will be uploaded to the service

VMs, so that you will be able to setup it later manually. In case you type “yes”, Hybris application

will be automatically deployed.

As soon as the service gets activated, its status will be marked as initialized in or2-describe-services

(or2ds) command response

Thank You!

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 10

You can find the details on the VMs created within the service activation, by calling the or2-describe-

instances (or2din) or or2-describe-servcies (or2ds) commands with -S hybris-[single/large]

parameter:

or2din –p <project> -r <region> –S hybris-large

5.1.3 Logging in to Service Nodes

To access service instances, connect them using their DNS names and appropriate ports, and login using

your domain credentials.

The table below describes the ports to use:

Service Mode Node Port

Large MS SQL Server :3306

Large Hybris SRV (API node) :9001/hmc/hybris

Large Hybris Back Office :9001/backoffice

Large Hybris search node :8983/solr

Large Media SRV -

Please note that for single-mode Hybris, you can use any of the ports, depending on the component you

want to access.

5.1.4 Pricing

The service price depends on the price of the VMs included to one service instance.

For example, the approximate price of a Single-mode Hybris in EPAM-BY1 region service will be the price

for the respective LARGE Linux VM, which is $77.58 per month (as for March 26, 2016).

This price will be multiplied by five for the Large mode ($387.90).

5.2 MS SQL WITH GUARANTEED CAPACITIES

For long time, EPAM cloud provided two ways to get a database for your

project's needs:

Run a VM and set up a necessary database using one of the

recipes available for EPAM Cloud Auto Configuration Service.

Run the RDB as a Service, specifying the necessary database

name.

However, when a database hosted on a VM is subjected to high loads,

performance degradation is possible.

Figure 2 - Hybris service availability check

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 11

To ensure stable and reliable database provisioning, it was decided to establish the creation of database

instances (database with all related components) on hardware servers. These servers are configured

specifically for database usage and provide independent disk subsystems.

Thus, with the Orchestration v.2.1.66, you can order an MS SQL 2014 instance in scope of the RDB service,

and it will be deployed to dedicated hardware DBMS servers.

To order an MS SQL 2014 instance capacities, run the or2-manage-rdb (or2rdb) command with the

following parameters:

or2rdb –p <project> -r EPAM-BY1 –a install –v 2014 –s 50

Where:

-r EPAM-BY1 - the virtualization region. The service is available only in EPAM-BY1;

-v 2014 – version number. Specify 2014 to order a MS SQL 2014 with high capacity. If other version

is specified, the standard VM-based service will be launched.

-s 50 – database disk quota limit, in GB. Allowed values: 50, 100, 150. If not specified, will be set

to 100.

The default, the MAX memory size used for one database instance is 4GB and currently cannot be

changed.

When ordering an MS SQL 2014 instance, you don’t have to specify user name and password. Instance

users have dbcreator’s rights and can access database by using their domain credentials.

Still, if you don’t want to use your domain credentials (Windows authorization), you can use the login and

password generated during the service activation (use SQL authorization).

The instance connection information can be found in or2-manage-rdb (or2rdb) command (as the describe

action is the default one, it is not necessary to specify it):

or2rdb -p <project> -r <region>

Please note that the service has specific billing approach. Typically, platform services in EPAM Cloud are

billed according to the price of resources needed to run these servers.

As MS SQL 2014 database instances are based on hardware, their pricing policy differs. Their billing directly

depends on the used storage volume, as is performed according to the following scheme:

DB Storage Volume Creation Fee (one-time) Monthly Price

50 GB

$10

$50

100 GB $62

150 GB $74

Figure 3 - RDB service information

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 12

5.3 AEM SERVICE UPDATED

In the current Orchestration version, Adobe AEM as a Service was updated by

adding a new supported version – Adobe AEM 6.1.

So, both AEM 6.0 and AEM 6.1 are available now for usage, the former being the

default one.

If you need the service to be run with AEM 6.1, or just want to specify the version

explicitly, please use the --version/-v parameter at or2-manage-aem (or2aem)

or or2-manage-services (or2ms) command call:

or2aem –p <project> -r <region> -a activate-cluster –v 6 –c <cluster_name>

or2ms –p <project> -r <region> -a -s aem –c <cluster_name> -v 6.1

6 SECURITY UPDATES

EPAM Cloud is a solution which is especially important for the company, as it is used for software

development and processing of data of different types and confidentiality levels. It is constantly growing

and becomes more distributed, engaging increasing number of projects and users, available regions and

managed resources, etc.

This takes a number of enterprise-level questions to the new level, and this applies to security – one of the

keystones of high-standard IT service.

As of the beginning of the year, we started cooperating with the Security Department in order to improve

the existing Cloud Security system according to the coming changes.

With the current Orchestration update, we go on with the improvements in Cloud security. This time, the

following ones are implemented:

AWS instances termination lock is enabled;

Daily resource creation control for AWS is introduced;

Automatic daily AWS resource utilization monitoring started;

Security scanning and reporting are updated.

You can find the details on these changes below in this section.

6.1 LOCK AWS VMS FROM TERMINATION

A virtual machine is not only a tool that is used for a project’s needs. It can be a container of valuable data,

critical application, etc. That is why, safety of a VM is an important business and security point. This includes

not only data safety, but also the ability to restrict undesirable instance termination.

This ability is implemented as the or2-lock-instance-termination (or2lock) command that allows to

prohibit termination of the specified VM and cancel the restriction, if necessary.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 13

With the current update, we expanded this command’s scope, and it can be used for AWS instances so

that it locks their termination not only via EPAM Orchestrator, but also by means of native AWS tools.

The command belongs to the KILL Resources group and by default can be called by any user who has

permissions to terminate instances in Cloud (for more details on the subject, see User Permissions page).

To lock a VM from termination, call the command, specifying instance ID, project and region:

or2lock –p DEMOPRO –r AWS-REGION –i instance_ID

If the same command is run on a locked VM, the termination prohibit will be removed.

The lock can be set and released by different users.

Please remember, that Project managers, Project Coordinators and Delivery Managers can manually

customize the permissions of project members – both individually and by project role. This also applies to

the lock instance termination action.

To prohibit or allow it for project members, run the Manage Cloud wizard, and go to one of the permission

control modes:

Figure 4 - Denying an operation for a group of users

The example above shows how Lock Instance Termination operation can be prohibited for the users with

the Developer role on the project.

6.2 RESOURCE CREATION CONTROL IN AWS

EPAM Orchestration allows to set up a daily resource creation quota – the limit which specifies how

many VMs, volumes, and checkpoints can be created for one project in one region within 24 hours.

In case the quota is depleted, project members cannot run new resources till 24 hours period is over.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 14

However, AWS does not provide the possibility to restrict VMs creation, and the users can request

uncontrolled number of resources in case they use native AWS tools.

Thus, the best solution for control over resources creation is establishing an effective advanced monitoring

system, which will detect abnormal and suspicious activity, report it to project management and provide

tools for quick resolving of arising issues.

With the current Orchestration update, we introduce the mechanism that monitors the number of VMs

created in AWS by an IAM user within an hour. In case this number exceeds the project’s daily quota, an

alert is sent to Project Manager and Cloud Support group.

Using the letter, the Project Manager can view the details on the created instances and approve this activity,

in case it is an expected behavior.

In case the growths of resource creation activity is illegal, the action can be a sign of IAM user compromising

or unexpected automation activities. In such case, the Project Manager can reject the activity, which will

result into following actions:

The compromised IAM user gets blocked;

All the VMs created during the observed period are terminated;

Cloud Support group investigates the case and takes respective security measures.

Below, you can find an example of the alert letter:

Figure 5 - AWS Activity Alert Letter

This mechanism allows to detect possible issues within the shortest time, and react immediately, thus

minimizing the possible threats and losses.

6.3 AUTOMATIC DAILY AWS PRICE MONITORING

Quotas engine has already proven to be an effective tool of expenses control. Although it allows to detect

specific levels of quotas utilization, detecting unexpected growth of expenses in project can be delayed, as

the warning comes only at a specific infrastructure cost point.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 15

Thus, the current update comes with a new feature for AWS regions – Daily Expenses Threshold. The

threshold specifies the estimated “normal” maximum daily price for any project in one region, which is 300

USD. This value is taken based on investigation of Cloud usage statistics by different projects.

In case a project’s daily cost for AWS usage exceeds the Threshold, project responsible persons get a

Daily Threshold Exceeded Alert notifying on the issue:

Figure 6 - Threshold exceeded alert

The feature is intended to prevent unexpected costs and detect possible issues within the shortest terms.

If you need to clarify your infrastructure details and price in order to investigate the issue, you can use the

following resources:

EPAM Cloud Management Page – to see the list of resources and the information about them

EPAM Cloud Reporting Page – to find the information on the project billing

EPAM Cloud Audit Page – to keep track of the Cloud events on your project.

For more details on project management, monitoring and billing in Cloud, please see the Account

Management Guide.

In case you have any questions, feel free to address Cloud Consulting Team.

6.4 SECURITY SCANNING UPDATES

The other important security update deals with the security

scanning procedure, performed by the Nessus Scanner by

request from Orchestrator.

The scanning is triggered by Orchestrator automatically on

schedule, once a week, or if specific security-group related actions are detected.

In addition, the scanning can be initiated manually by request. With the current update, we introduce the

ability to select whether the internal or external scanner should be used for this procedure.

By default, external scanner is used (scanning AWS instance with Nessus hosted in EPAM Cloud, and

scanning EPAM cloud-hosted instance with Nessus hosted in AWS). However, if needed, at scan initiation,

the requestor can specify that internal scanner should be used.

Besides this, the security scanning policies reference was updated for better usability of the feature.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 16

6.5 SECURITY REPORTING UPDATES

Reporting is the other important dimension of effective security policy. Thus, the weekly reports were also

improved with Orchestration v.2.1.66.

The Weekly Vulnerability Report was replaced by the Weekly Security Report, which includes more details

and points.

The report is sent to Project Manager, at the end of each week, with the following information:

Detailed AWS Security Group Issues: provides the information on security rules violation

in AWS security groups.

The information in the letter provides the general overview of the detected issues. The

details are given in the attachment coming with the report.

Resource Owner Report: Provides the information on the VMs that are not assigned to

any owner and the name of the project member to whom such VMs will be assigned.

Figure 7 - Weekly Security Report

6.6 AWS SECURITY GROUPS MANAGEMENT

The current Orchestration update includes a number of improvements on security groups management,

that will be convenient for responsible Cloud Support teams and reduce the time of the respective

requests and manipulations performance.

Reversion to default settings. EPAM Orchestrator stores the information on the initial

configuration of default security groups. In case they get changed for a project, it is possible now

to bring them back to default settings by a single command call.

Automatic setup. Starting with the current update, security groups get automatically configured

for all AWS regions as soon as the project gets activated in AWS.

Settings backup. It is now possible to save all security groups settings applied to a project (for

both default and custom groups) and restore them on request, when needed

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 17

7 HARDWARE BILLING CHANGES

With the current Orchestration update, we start the process of hardware servers billing adjustments. The

standardized rule that was applied to hardware servers all over EPAM will be gradually replaced by location-

specific policy, which allows to make the final prices closer to the resources prime costs, and to decrease

hardware usage bills.

The new policy takes into account the costs for hardware servers maintenance (including used electricity

and location-dependent coefficients).

Please note that starting from April 1, 2016 the location-specific hardware billing will be applied in two

locations:

Country Location Location Coefficient

Belarus Minsk, Kuprevicha 1/1 0.8

Belarus Minsk, Kuprevicha 3V 1

The details on the new billing policies are given in Account Management Guide (Section 7.2 Dedicated

Instances).

As prices in EPAM-HW1 region now depend on location specifics, preliminary cost estimation using the

online Cost Estimator tool becomes inefficient. If you need to have approximate price of hardware servers

in the locations in which the new policy is applied, please address Andrew Baidala.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 18

8 KNOWLEDGE BASE UPDATES

EPAM Orchestrator v.2.1.66 is accompanied by a number of significant documentation updates, which

includes new tools and documents, as well as update of the existing resources.

8.1 CLOUD GLOSSARY

EPAM Cloud is a complex solution which deals with numerous technologies and tools. Thus, when working

with it, users can encounter terms that can be unclear or unknown to them, especially if a user only makes

their first steps in EPAM Cloud.

To make the acquaintance easier, we introduced EPAM Cloud Glossary which lists fundamental and the

most frequently used concepts related to our service and Cloud technologies in general.

Figure 8 - Cloud Glossary main page

The words are listed alphabetically, and each article includes not only the definition of a term, but also the

specifics of its usage in EPAM Cloud, if any, and the link to the resource where more details can be found.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 19

8.2 DOCUMENTATION UPDATE

The documentation set was also improved and expanded.

Three new documents were published:

Features Overview containing the summary of main features and functionality offered by EPAM

Cloud Service was released

Billing Solution Overview containing the brief description of the solutions implemented in the

EPAM Orchestrator billing engine was released

Cloud Reporting Overview containing the summary of reports and notifications sent within EPAM

Cloud was released

The other documentation updates include:

Maestro CLI User Guide was updated with the information on the specifics of MacOS instances

usage and with the changes and improvements of the CLI functionality

EPAM Cloud Services document was updated according to the latest improvements in the provided

Platform services

Account Management Guide was complemented with the information on the new approval letters

Hybrid Cloud guide was updated with the information on the latest security updates

In addition, a number of FAQ questions were added and clarified.

We are also glad to present the new format of EPAM Orchestration presentation – Cloud videos. You can

find the current orchestration update overview on our Announcements page.

This and other overviews and presentations will also be available on EPAM Cloud channel on EPAM Video

Portal.

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 20

TABLE OF FIGURES

Figure 1 - Run VM approval rule setting ....................................................................................................... 4

Figure 2 - Hybris service availability check ................................................................................................. 10

Figure 4 - RDB service information ............................................................................................................. 11

Figure 5 - Denying an operation for a group of users ................................................................................. 13

Figure 6 - AWS Activity Alert Letter ............................................................................................................. 14

Figure 7 - Threshold exceeded alert ........................................................................................................... 15

Figure 8 - Weekly Security Report ............................................................................................................. 16

Figure 9 - Cloud Glossary main page ......................................................................................................... 18

EPAM Cloud Orchestrator 2.1.66 - What’s New

EPAM SYSTEMS 21

VERSION HISTORY

Version Date Summary

1.0 March 26, 2016 First published