Cloud Services Platform—bringing hybrid cloud to you
Eyal Manor
General Manager/VP of Engineering, Application Modernization Platform
If you’ve ever thought about adopting a hybrid cloud, you know it usually means committing to a cloud vendor and purchasing new hardware—with no easy way of integrating your existing on-premises investments. At Google Cloud, we are taking a different approach, with a software-based, hybrid offering that brings Google Cloud services into your on-prem infrastructure using the power of Kubernetes and Istio to meet you where you are.
At Google Cloud Next last year, we introduced our vision for Cloud Services Platform (CSP), and we are excited to announce it’s available in beta today. CSP is a modern platform that simplifies building, running, and managing services both on-prem and in the cloud. Built on open APIs, CSP is a less disruptive and more compliant approach than competing hybrid offerings. CSP gives you the freedom to modernize your applications at your own pace, innovate faster, and improve operational security and governance. Now that our customers have started to modernize their applications in their own data centers with CSP, we believe it will be the enterprise application deployment platform of choice for many years to come.
Modernize in-place with GKE On-Prem
For many of you, modernization means navigating existing on-prem investments as well as cloud infrastructure, while simultaneously adopting cloud-native tools and development practices.
CSP is built on top of Google Kubernetes Engine (GKE), the industry’s leading managed Kubernetes service with advanced security and automation. CSP includes GKE On-Prem, a managed Kubernetes service providing remote lifecycle management of your on-prem clusters, keeping them updated and secure. GKE On-Prem brings Google’s expertise in Kubernetes and the thriving Kubernetes ecosystem to your data center and runs on your existing hardware, saving you time and money. You can write once and deploy to the cloud or on-prem, using a consistent platform that spans all your environments. Furthermore, CSP’s design allows you to integrate existing networking, storage, and identity capabilities that you already use, so you can move to the cloud when you are ready.
Automate policy and security at scale with CSP Config Management
Ensuring security and compliance to centralized policies is difficult in a hybrid environment. You need to be able to apply security policies and compliance rules at scale, deploying the right controls across your applications without hindering development speed.
With today’s introduction of CSP Config Management you can create multi-cluster policies out of the box, that set and enforce role-based access controls, resource quotas, and create namespaces; all from a single source of truth. You can also rapidly deploy your configurations out across all your clusters—both on-prem and in the cloud. CSP Config Management automatically monitors your CSP environment for changes from your desired state, blocking unapproved changes, alerting you to unexpected variations and making policy deployment, security, management, and monitoring easy and universal.
Beyond this, CSP works great with Istio. By adding a proxy in front of your services, it provides a scalable foundation for policy enforcement, helps services establish trust, and encrypts traffic without needing any code changes.
Build once, manage and deploy anywhere
As we bring the benefits of the cloud to your on-prem deployments, having a consistent experience across all your environments can make your operations team much more efficient, freeing them up to focus on innovation.
In addition to letting you run anywhere, CSP provides the visibility you need to see what is happening across those environments. Stackdriver Monitoring and Istio policy management capabilities give you a single management console spanning on-prem and the cloud, while GCP Marketplace gives you access to a variety of enterprise-ready, open-source, and commercial Kubernetes applications featuring prebuilt deployment templates, simple licensing, and consolidated billing. This consistent management console lets you embrace DevOps like never before, while SRE-focused monitoring tools bring you better visibility into service-level communications.
CSP: your path to a more productive organization
CSP can make your organization more productive with add-on tools that improve the efficiency of your entire IT team: IT operators benefit from a single unified platform to manage applications and services that span multiple environments. Developers gain a secure foundation on which to build scalable, efficient applications based on containers and microservices. Additionally, security teams get consistent tooling to secure their software supply chain and improve run-time security. With CSP we are partnering with our customers to realize their modernization and hybrid goals.
KeyBank, one of the largest banks in the U.S., chose CSP to bring the benefits of Kubernetes and Istio to its own data centers.
“Google created Kubernetes and Istio so they were the obvious cloud to partner with as we look to bring containerized applications into our data centers. Put simply, the Cloud Services Platform provides us the security we need, the portability we want, and the productivity that our developers crave.” - Keith Silvestri, Chief Technology Officer for KeyBank.
Partners like Arctiq, meanwhile, are using CSP to help customers modernize and innovate rapidly.
“We’re working with some of our largest customers to modernize their applications with CSP. For our customers in regulated industries and government agencies, the ability to run in their current data centers reduces risk and enables them to get many of the benefits of the cloud while still meeting their internal compliance and regulatory requirements. CSP gives us the flexibility to use GKE On-Prem for sensitive workloads and keep them on-prem while using GKE in the cloud for other strategic applications.” - Kyle Bassett, Partner at Arctiq.
CSP represents a foundational element of our hybrid strategy, which integrates with our build, deployment, and monitoring tools to provide a modern DevOps environment that accelerates development velocity. We look forward to building on it in the coming months. To learn more about our vision for CSP, please see Application Modernization and the Decoupling of Infrastructure, Services and Teams, a white paper by distinguished Googlers Eric Brewer and Jennifer Lin.