Google Cloud Platform is one of the leading cloud providers. At the beginning of 2017, EPAM Cloud supported GCP as one of the possible options for obtaining virtual infrastructions by EPAM project teams.
Google Cloud Platform
This topic contains the following sections:
- Google Cloud Platform Roadmap
- Running VMs on Google Cloud Platform
- Google Cloud Platform Regions Activation
Google Cloud Platform Roadmap
EPAM Cloud integration with Google Cloud Platform allows running and managing virtual resources via unified EPAM Orchestrator tools, as well as accessing the native Google Management Console.
|1/2||To activate your project in EPAM Cloud or Google Cloud Platform regions, please submit an activation request at EPAM Service Desk and provide the details. Project activation in cloud and in new regions can be initiated in terms of self-service with the help of Manage Cloud Wizard for the project responsible persons from Advanced Management Group.|
|3||To perform standard instance manipulations in GCP, you can use Maestro CLI commands or Cloud Management Console tools with GCP regions specified as --region parameter value. For more details, please, see Maestro CLI Reference Guide , sections 2: Getting Started and 3: Working with Instances.|
|4||To get access to GCP management console, run the or2-google-management-console command and follow the link provided in the command response. For more details, please, see Hybrid Cloud Guide.|
|5-8||To find more information on the mentioned EPAM Cloud capabilities, please, see our Cloud Management Console and Account Management guides.|
|9||EPAM Cloud web-site is available on https://cloud.epam.com/site.|
|10||The details on EPAM Cloud integration with GCP, Azure and AWS are given on other pages of this section.|
|11||Maestro CLI User Guide lists the details on all the available CLI commands and settings|
Running VMs on Google Cloud Platform
To create a virtual machine in Google Cloud, use the standard Orchestrator tools with -r GCP-REGION parameters:
or2run -p project -r GCP-REGION -s shape -i image -k key_for_linux_only
To log in to the Linux VMs, use the SSH key specified during the VM creation. For Windows machines, use the or2console CLI command specifying an SSH key:
or2console -p project -r region -i instance_id -k key
Please note that with Windows insatnces, the key must always be of 2048 size. The key is required only for the log in operation, not for VM run.
When this command is executed, you will receive an email containing an encrypted password. Decrypt the password as follows:
or2-decrypt-password -p private-key-file-path -e encrypted-password-file-path
Use the decrypted password to log in to your Windows VM under user name 'user'.
Google Cloud Platform Regions Activation
To activate Google Cloud Platform regions for your project in EPAM Cloud, simply leave a Project or Region Activaion Request.
While making the request, state the region in which you wish to have your project activated. Google regions are supported:
|Google Region||Location||EPAM Cloud Alias|
|asia-east1||Changhua County, Taiwan||GCP-AS-EAST|
|europe-west2||London, England, UK||GCP-EUWEST2|
|northamerica-northeast1||Montréal, Québec, Canada||GCP-NANORTHEAST|
|southamerica-east1||São Paulo, Brazil||GCP-SAEAST|
|us-east4||Ashburn, Northern Virginia, USA||GCP-USEAST4|
|asia-norhteast1||Tokyo, Japan||GCP-AS-NORTHEAST||asia-southeast1||Jurong West, Singapore||DCP-AS-SOUTHEAST|
|europe-west1||St. Ghislain, Belgium||GCP-EUWEST|
|us-central1||Council Bluffs, Iowa||GCP-USCENTRAL|
|us-east1||Moncks Corner, South Carolina||GCP-USEAST|
|us-west1||The Dalles, Oregon||GCP-USWEST|
|us-west2||Los Angeles, California, USA||GCP-USWEST2|
Please note that each region has several sub-zones, and by default, your project is activated in one of them. If you create some project resources in other sub-zones directly in Google Cloud, they will be registered under your main Google region.
The request is free of charge and will be fulfilled during three working days. Please remember that it should be approved by the Project Manager/Project Coordinator.
When the project is activated in Google Cloud Platform, all the project members get a corresponding email notification.
Getting Access to Google Management Console
There two methods to get Google Cloud Access. You can access to Google Cloud Console using the Console button on the Cloud Dashboard, or to run or2goomc Maestro CLI command.
If you want to obtain Google Cloud Console Access with Console button on the Cloud Dashboard:
- Click the Console button on the Dashboard.
- In the wizard, select the cloud provider and project, under which you want to log in.
- Click the Next button to proceed to login details.
- On the Google Access step, review the information on the access provided to you for your project in Google.
- Click the Go to button to login to Google Cloud.
The granted Access is constant and does not need to be renewed. Granted roles section lists the roles you have in Google Cloud on your project account.
In case you have already requested the Access, you can find the details and the link in your email (topic: Google Console Access Credentials).
If you want to obtain Google Cloud Access with Maestro CLI:
you can run or2-google-management-console (or2goomc) command, which has the similar effect as Google Console button. The command is as follows:
or2goomc -p project_id
If your project role-based permissions are not enough for your project needs, you can expand them by submitting the respective request.
Google Cloud Pricing
You can estimate your virtual infrastructure cost in Google Cloud using the online Google Cloud Platform Pricing Calculator. EPAM Cloud will provide the bill for Google Cloud usage "as is", with no modifications.
For projects hosting their infrastructures in Google Cloud, the following billing specifics should be considered:
- Google Cloud billing supports cost distribution by region, though some bills will belong to default common cost region.
- Billing for individual resources is not supported, however, the costs are broken down by resource type.
- Reports of the "resource" and "hourly" types are not supported. Reports of the "total" and "subtotal" types are supported in full.
- The total resource billing data is available in the resource report requested for the whole project where a few regions are specified. The Google Cloud resource figure will be shown in a separate line marked "Total".
Google Cloud-based resources are placed in a public cloud, there is a set of security limitations introduced to ensure your data safety:
- A security group includes 0.0.0.0/0 IP, if there is no other group of higher priority that would deny traffic from this IP.
- Authorization to Linux instances can be performed only via SSH keys. The user name depends on the system family (user: ubuntu, user: centos, user: debian, etc).
- Windows instances are run without a key, but to get the password, the user needs to run the or2console command and provide a key (required size: 2048).