A cloud built for developers — 2021 year in review
Aparna Sinha
Director of Product Management
Urs Hölzle
Senior Vice President, Technical Infrastructure, Google Cloud
2021 was a seminal year for software developers. Every company accelerated their digital and online efforts, while simultaneously moving to remote development. Innovation by driving developer productivity was top of mind for nearly every IT executive we spoke to. Many asked us about Alphabet's long track record of innovation. From Google search to Waymo’s driverless cars, is there a secret to developing the next big thing?
The answer is simple: 10X thinking. Look for solutions that help customers drive 10X improvements, through a series of smaller increments that compound to a large impact over time. At Google Cloud, we follow a similar philosophy to help our customers become innovative technology companies. In recent times, we’ve worked closely with partners, customers, and developers on services that help unlock 10X improvements in developer productivity.
Six years ago, we introduced a managed Kubernetes service, Google Kubernetes Engine (GKE). This year, we added GKE Autopilot, which revolutionized Kubernetes management by eliminating all node management operations. Likewise, our Cloud Run serverless platform was the first service of its kind, allowing developers to go beyond running small bits of code and run full applications in a serverless environment. From September 2020 to September 2021, Cloud Run deployments more than quadrupled. More recently, we co-founded the Open Source Security Foundation and began working on secure continuous Integration and delivery (CI/CD) services a year or so ahead of the cybersecurity threats that made it to headlines.
Here are the top developer challenges that customers asked us to solve in 2021:
Driving distributed developer productivity
Securing the software supply chain
Simplifying running of cloud-native applications
Read on for more insights.
Driving distributed developer productivity
A critical prerequisite for innovation is time. Investments in developer productivity free developers to work on the important things. Traditionally, developers have spent hours downloading and installing tools to their local environments, updating them with the latest versions, or dependencies. Cloud Shell Editor is a full remote development environment with a growing set of built in security capabilities. It comes with developer tools pre-installed, including MySql, Kubernetes, Docker, minikube, Skaffold, etc. Developers just needed a web browser and internet connection to be productive. Developers now have access to tutorials right from Cloud Shell Editor, and can try code samples directly in our documentation. Additionally, with support for buildpacks, developers can create container images directly from source code, without knowing anything about docker or containers.
Securing the software supply chain
Software supply chain vulnerabilities had far reaching consequences in 2021, with events such as SolarWinds, Mimecast/Microsoft Exchange, and Log4j affecting businesses, daily life, and entire governments. President Biden even issued an executive order to strengthen software supply-chain security standards.
Solving the software supply chain problem requires players across industries to work together. This is why we co-founded the Open Source Security Foundation (Open SSF). We also proposed SLSA, an industry-wide framework for maintaining the integrity of software artifacts throughout the software supply chain.
Open source, with its complex dependency trees, continues to remain a prime target for exploitation. In fact, an estimated 84% of commercial code bases have at least one open source vulnerability. Today, developers can use our tools such as Allstar GitHub App, open source security score cards and Open Source Insights to implement security best practices, determine a risk score for open source projects, and visualize a project's deep dependencies. And several of these same kinds of open-source innovations are available out of the box to Google Cloud customers. Here are a few examples:
Detailed recommendations to help mitigate the Apache Log4j vulnerability.
The Java scanning feature of Google Cloud On-Demand Scanning, which can be quite handy for developers to identify Linux-based container images that use an impacted version of Log4j. On-Demand Scanning can be used with no charge until December 31, 2021.
Cloud Build, our serverless CI/CD service, offers SLSA Level 1 compliance by default. This verifiable build provenance lets you trace a binary to the source code to prevent tampering and prove that the code you’re running is the code you think you’re running.
Cloud Build’s new build integrity feature improves on this by automatically generating digital signatures, which can be validated before deployment by Binary Authorization.
Simplifying running cloud-native applications
Innovation is rarely a straight road, there are many wrong turns along the way. Developers need a cost effective runtime, a way to run experiments and fail forward fast. That's why GKE Autopilot takes GKE, the most mature Kubernetes service on the market and further simplifies Kubernetes operations by providing a managed control and data plane, an optimized configuration out-of-the-box, automated scalability, health checks and repairs, and pay-for-use pricing.
“With GKE Autopilot, we can do more with our business. We can continue developing and upgrading our products, rather than focusing on fine-tuning infrastructure.”—Jun Sakata, Software Engineer, Site Reliability, Ubie
Simpler still is no cluster all. Cloud Run provides developers the freedom to run services from code or container images with no cluster or VM to manage. At the same time, it provides a hypervisor grade secure sandbox environment and several built in DevOps capabilities such as, multi-versioned deployments, gradual rollouts and rollbacks, GitHub and Cloud Build integrations. This is ideal for web and mobile application development. In 2021, with additions like higher per-instance concurrency, new CPU allocation controls, and support for standard Docker images, the benefits of serverless can now be expanded to a wider range of workloads, including legacy ones. Additionally, with newer cost controls along with billing flexibility like committed use contracts and features like always-on CPU, it’s possible to run more steady-state pattern workloads cost effectively in a serverless environment. Best of all, thanks to improvements like these, organizations using Cloud Run have reported reduction in developer recruiting costs by 40%.
Cloud Run is also the first platform to provide developers the option to optimize their carbon footprint. With the news self-service Region Picker you can choose the data center region with the lowest gross carbon cost on which to run your Cloud Run workloads. Further, with just one click, Google Cloud Carbon Footprint gives you access to the energy-related emissions data for external carbon disclosures.
“With Cloud Run, we only need half the people to manage our systems as compared to before” Google Cloud Platform Architect, Cosmetics
“Cloud Run is one of the easiest services on Google Cloud Platform you can deploy to. It’s just super simple.” CTO, Healthcare SaaS
If you want to give Cloud Run and associated Cloud Functions a try, check out the Easy as Pie Serverless Hackathon, which offers over $20,000 USD in cash prizes.
2022: More to come
2021 brought simplification and greater attention to developer productivity. It is essential that developers continue to operate at even higher levels of the stack, without worrying about infrastructure, security, compliance and integrations. This is the Northstar for 2022. In 2022, look for Google Cloud to co-innovate with our ISV partners, developers, and SecOps team to bring you the 10X innovation you need from the cloud that is built for developers.