Anthos is an application modernization and delivery platform offered by Google Cloud. Anthos consist of a set of integrated components that helps you modernize how you develop, secure, and operate hybrid cloud and cloud-native environments. Anthos is built on open source technologies pioneered by Google, including Kubernetes, Istio, and Knative, enabling consistency between cloud and on-premises environments.
GKE, GKE On-Prem, Anthos Config Management and Kubenetes Application for GCP Marketplace are the core building blocks of Anthos. In addition to these, Anthos comes included with Migrate for Anthos and integration with platform-level services such as Stackdriver, Cloud Build, and Binary Authorization.
Within the context of GCP, the term hybrid cloud describes a setup in which common or interconnected services are deployed across multiple computing environments, one based in the public cloud, and at least one being on-premises.
A hybrid cloud strategy lets you extend the capacity and capabilities of your IT, without up-front capital expense investments by using the public cloud, as well as preserve your existing investments by adding one or more cloud deployments to your existing infrastructure. For more information, refer to Hybrid and Multi-Cloud Architecture Patterns.
Anthos is designed to help you modernize your infrastructure and applications. Whether you are looking to migrate from your on-premises data center to the cloud in the longer term, or implement a hybrid strategy today, Anthos meets you where you are and helps you realize your infrastructure modernization goals.
Anthos provides you with a consistent platform for building and managing applications across hybrid infrastructures and helps your developers become more productive across all environments. Anthos provides all the mechanisms required to bring your code into production reliably, more securely, and consistently, with minimal risk.
Containers and microservices provide a great path to well-managed enterprise applications. Google Kubernetes Engine (GKE) is a Google-managed environment for deploying containerized applications. GKE On-Prem is a Google-configured Kubernetes solution that brings a managed Google Kubernetes Engine experience to your on-premises infrastructure as part of Anthos.
GKE On-Prem makes it easy to install and upgrade Kubernetes and provides access to the following capabilities across GCP and on-premises:
- Unified multi-cluster registration and upgrade management
- Centralized monitoring and logging with Prometheus and Stackdriver
- Hybrid identity and access management
- GCP Marketplace for Kubernetes applications
- Professional services and enterprise-grade support
These are the following steps to get started with Anthos:
- Set up a GKE On-Prem cluster and start running new cloud-native apps or migrate some of your existing applications into the cluster. By containerizing your on-premises applications, you get the benefits of the modern application development stack in your data center and a consistent and portable management experience between GKE On-Prem and Google Kubernetes Engine running in the cloud.
- Register the cluster with GCP, so you can view and manage all your GKE clusters (on-premises or in GCP) in a single pane of glass.
- (Optional) Install open-source Istio on your GKE clusters to create service meshes and gain visibility for services running in your clusters. You can also enable mTLS service-service encryption to further secure the services in the service mesh.
- Enable Anthos Config Management across your GKE clusters (installed as part of GKE On-Prem clusters) to manage Kubernetes and Istio policies across your managed clusters
Please reach out to your Google Cloud account team to set up a more detailed discussion.
Anthos will be available to enterprises via a term-based monthly subscription, entitling users to ongoing updates and security patches across hybrid environments.
Anthos can be purchased in blocks of 100 vCPUs requiring a minimum one year term (at $100 per vCPU/month). These vCPUs can be allocated in any combination across environments. Please contact sales for pricing.
The pricing listed above is in addition to core infrastructure charges including, but not limited to CPU, networking, infrastructure support, etc.
Please reach out to your Google Cloud account team to get access to the product. After downloading and installing GKE On-Prem, you can register it with your GCP account. Once registered, you will be able to manage your GKE On-Prem clusters just like any existing GKE cluster, as well as incorporate your services as a part of a service mesh to get observability and enforce encryption using Istio.
Anthos has multiple components. Among these, running GKE On-Prem requires vCenter 6.5 in order to create VMs for the GKE On-Prem cluster. Additionally, GKE On-Prem integrates with (but does not require) F5 BIG-IP load balancers in order to provide layer 4 load balancing.
Istio is a service mesh designed to work with distributed applications running in cloud-native and hybrid environments. Istio is designed to work with both VMs and containers and simplifies IT and security operations by decoupling development from operations. Among other things, Istio offers:
- Visibility in the form of telemetry for monitoring and logs for your services
- Security by giving each service a strong identity based on its role, as well as encryption
- Enforcing of network security policies
- Controlling software rollouts through canary deployments
Anthos contains a service mesh that uses Istio. It can be used in conjunction with the open-source Istio offering.
Google Cloud has simplified the process of deploying and managing the Istio lifecycle through our offering, Istio on GKE. This lets you deploy Istio to your Kubernetes clusters with the click of a button. Istio on GKE works with both new and existing container deployments. It lets you incrementally roll out features, such as Istio security, bringing the benefits of Istio to your existing deployments. It also simplifies Istio lifecycle management by automatically upgrading your Istio deployments when newer versions become available.
Microservices provide a simple, compelling way for organizations to accelerate moving workloads to the cloud, serving as a path towards a larger cloud strategy. Istio enables service discovery, connection, and management for microservices.
Just as organizations need services management for microservices, they need API management for their APIs. Apigee API Management platform complements Istio by extending API management natively into the microservices stack. Apigee features include API usage, access, productization, catalog, and discovery, plus a developer portal to create a smooth experience for developers and increase API consumption.
More than simply making it easier to migrate workloads to the cloud, Anthos improves service operations by providing administrators with a service-centric view of their infrastructure, rather than infrastructure views of services.
- Service graph: see all your microservices, how they communicate, and their dependencies
- Service level objective (SLO) monitoring
- Service dashboard: All your signals for a given service are in a single place
On-premises, GKE On-Prem offers:
GKE On-Prem supports local authentication with any OIDC provider, such as Active Directory or Google Cloud Identity Platform. You can read more about configuring Kubernetes with OIDC here. Additionally, anyone that uses the GCP Console or other Google services requires a Google account.
Anthos Config Management gives Anthos admins a single pane of glass for defining and enforcing policies in clusters both on-premises and in the cloud. With a config-as-code model, admins can manage RBAC, resource quotas, and namespaces across a hybrid environment.
We have many Kubernetes applications available on GCP Marketplace today. These are full applications (not just container images) that will run on Anthos and offer consolidated billing through GCP, no matter where they are deployed.
At GA, Anthos will support VMWare vSphere volume plugins for GKE On-Prem. Anthos will include built-in support for Kubernetes in-tree volume plugins and CSI. It can also integrate directly with third-party block and file storage systems using built-in Kubernetes volume plugins or through CSI Drivers (i.e. HPE SimpliVity and HPE Nimble Storage and HPE ProLiant).
You may have physical servers and VMs on-premises (or in public clouds) that would benefit from an upgrade to containers. In the past, the manual effort to perform that conversion has prevented many customers from trying. That’s why our beta release, Migrate for Anthos, will take existing systems and migrate them directly into containers in GKE, helping reduce excess labor, complexity, and risk that may have stood in the way of modernizing in the past. As a result, you can migrate and modernize your IT landscape more seamlessly and begin leveraging the full power of the cloud.
Customers build YAML files that define specific parameters about the source systems, the destination in GKE, and other variables. At that point, customers use Cloud Shell (in GCP) to execute their migrations of those VMs into GKE. Customers can monitor their migrations either from the VMware UI or from the GKE dashboard in the GCP Console. Once the migration completes, customers can access their containers via the GCP Console.
Migrate for Anthos is free for customers to use when migrating workloads to GCP. Customers will still pay for all other services they consume (compute, storage, GKE, etc.) but using the migration tool (Migrate for Anthos) itself does not incur additional cost.You do not need to be an Anthos customer to use Migrate for Anthos.
No, any GCP customer can use Migrate for Anthos.
Anthos includes cloud-based managed services as well as managed software which runs within your data center. Google maintains all of the software components with the latest Kubernetes and Istio releases, up-to-date security patches, and best practice configurations, including maintaining the base operating system images. Google Cloud Support offers enterprise-grade 24x7 support with up to a 15-minute response time SLA.