Hybrid Cloud

Google Cloud Platform

Google Cloud Platform is one of the leading cloud providers. At the beginning of 2017, EPAM Cloud supported GCP as one of the possible options for obtaining virtual infrastructions by EPAM project teams.

Google Cloud Platform Roadmap

EPAM Cloud integration with Google Cloud Platform allows running and managing virtual resources via unified EPAM Orchestrator tools, as well as accessing the native Google Management Console.

.
Comments
1/2 To activate your project in EPAM Cloud or Google Cloud Platform regions, please submit an activation request at EPAM Service Desk and provide the details. Project activation in cloud and in new regions can be initiated in terms of self-service with the help of Manage Cloud Wizard for the project responsible persons from Advanced Management Group.
3 To perform standard instance manipulations in GCP, you can use Maestro CLI commands or Cloud Management Console tools with GCP regions specified as --region parameter value. For more details, please, see Maestro CLI Reference Guide , sections 2: Getting Started and 3: Working with Instances.
4 To get access to GCP management console, run the or2-google-management-console command and follow the link provided in the command response. For more details, please, see Hybrid Cloud Guide.
5-8 To find more information on the mentioned EPAM Cloud capabilities, please, see our Cloud Management Console and Account Management guides.
9 EPAM Cloud web-site is available on https://cloud.epam.com/site.
10 The details on EPAM Cloud integration with GCP, Azure and AWS are given on other pages of this section
11 Maestro CLI User Guide lists the details on all the available CLI commands and settings

Running VMs on Google Cloud Platform

To create a virtual machine in Google Cloud, use the standard Orchestrator tools with -r GCP-REGION parameters:

or2run -p project -r GCP-REGION -s shape -i image -k key_for_linux_only

To log in to the Linux VMs, use the SSH key specified during the VM creation. For Windows machines, use the or2console CLI command specifying an SSH key:

or2console -p project -r region -i instance_id -k key

Please note that with Windows insatnces, the key must always be of 2048 size. The key is required only for the log in operation, not for VM run.

When this command is executed, you will receive an email containing an encrypted password. Decrypt the password as follows:

or2-decrypt-password -p private-key-file-path -e encrypted-password-file-path

Use the decrypted password to log in to your Windows VM under user name Administrator.

Google Cloud Platform Regions Activation

To activate Google Cloud Platform regions for your project in EPAM Cloud, simply leave a Project or Region Activaion Request.

While making the request, state the region in which you wish to have your project activated. Google regions are supported:

Google Region Location EPAM Cloud Alias
asia-east2 Hong Cong GCP-AS-EAST2
asia-east1 Changhua County, Taiwan GCP-AS-EAST
asia-south1 Mumbai, India GCP-ASSOUTH
australia-southeast1 Sydney, Australia GCP-AUSOUTH
europe-north1 Hamina, Finland GCP-EUNORTH
europe-west2 London, England, UK GCP-EUWEST2
europe-west3 Frankfurt, Germany GCP-EUWEST3
europe-west4 Eemshaven, Netherlands GCP-EUWEST4
europe-west6 Zürich, Switzerland GCP-EUWEST6
northamerica-northeast1 Montréal, Québec, Canada GCP-NANORTHEAST
southamerica-east1 São Paulo, Brazil GCP-SAEAST
us-east4 Ashburn, Northern Virginia, USA GCP-USEAST4
asia-norhteast1 Tokyo, Japan GCP-AS-NORTHEAST
asia-southeast1 Jurong West, Singapore DCP-AS-SOUTHEAST
europe-west1 St. Ghislain, Belgium GCP-EUWEST
us-central1 Council Bluffs, Iowa GCP-USCENTRAL
us-east1 Moncks Corner, South Carolina GCP-USEAST
us-west1 The Dalles, Oregon GCP-USWEST
us-west2 Los Angeles, California, USA GCP-USWEST2

Please note that each region has several sub-zones, and by default, your project is activated in one of them. If you create some project resources in other sub-zones directly in Google Cloud, they will be registered under your main Google region.

The request is free of charge and will be fulfilled during three working days. Please remember that it should be approved by the Project Manager/Project Coordinator.

When the project is activated in Google Cloud Platform, all the project members get a corresponding email notification.

Getting Access to Google Management Console

There two methods to get Google Cloud Access. You can access to Google Cloud Console using the Console button on the Cloud Dashboard, or to run or2goomc Maestro CLI command.

If you want to obtain Google Cloud Console Access with Console button on the Cloud Dashboard:

  • Click the Console button on the Dashboard.
  • In the wizard, select the cloud provider and project, under which you want to log in.
  • Click the Next button to proceed to login details.
  • On the Google Access step, review the information on the access provided to you for your project in Google.
  • Click the Go to button to login to Google Cloud.

The granted Access is constant and does not need to be renewed. Granted roles section lists the roles you have in Google Cloud on your project account.

In case you have already requested the Access, you can find the details and the link in your email (topic: Google Console Access Credentials).

If you want to obtain Google Cloud Access with Maestro CLI:

you can run or2-google-management-console (or2goomc) command, which has the similar effect as Google Console button. The command is as follows:

or2goomc -p project_id

If your project role-based permissions are not enough for your project needs, you can expand them by submitting the respective request.

Google Cloud Pricing

You can estimate your virtual infrastructure cost in Google Cloud using the online Google Cloud Platform Pricing Calculator. EPAM Cloud will provide the bill for Google Cloud usage "as is", with no modifications.

For projects hosting their infrastructures in Google Cloud, the following billing specifics should be considered:

  • Google Cloud billing supports cost distribution by region, though some bills will belong to default common cost region.
  • Billing for individual resources is not supported, however, the costs are broken down by resource type.
  • Reports of the "resource" and "hourly" types are not supported. Reports of the "total" and "subtotal" types are supported in full.
  • The total resource billing data is available in the resource report requested for the whole project where a few regions are specified. The Google Cloud resource figure will be shown in a separate line marked "Total".

Limitations

Google Cloud-based resources are placed in a public cloud, there is a set of security limitations introduced to ensure your data safety:

  • A security group includes 0.0.0.0/0 IP, if there is no other group of higher priority that would deny traffic from this IP.
  • Authorization to Linux instances can be performed only via SSH keys. The user name depends on the system family (user: ubuntu, user: centos, user: debian, etc).
  • Windows instances are run without a key, but to get the password, the user needs to run the or2console command and provide a key (required size: 2048).