Anthos

Anthos in depth: Modern application development and delivery

“Keep calm and carry on.” While the words may resonate with the public, carrying on with business as usual these days is not an option for most enterprises—especially not application development and delivery teams. And to the 71% of CIOs who recently cited “improved agility and faster time to market” as top priorities for their businesses, today, we’re going to talk about how Anthos can help you improve application development and delivery in your organization. 

Traditionally, application development and delivery has been affected by several shortcomings, which slow your time to market: 

  • Siloed application operation teams and tools—one for on-prem and one for each of your cloud environments

  • Infrequent rollouts with long lead times that increase risk and complexity of each production deployment

  • Reliability and security issues that don’t get caught during development

  • Lack of scalability, observability, and governance as you add more applications, teams, and updates

Principles for fast, secure, and reliable CI/CD

Adopting containerization and a consistent, policy-based platform like Anthos can help you create more secure and reliable applications faster, with more features, so you can stay ahead in a rapidly changing world. But just because you now drive your old sedan on a racetrack doesn’t mean it goes any faster. Likewise, keeping the same old application development and delivery tools and methodologies after adopting Anthos won’t materially change your application development speed.

Over the years, Google has worked to build services that operate at tremendous scale. In that time we developed principles for application development and delivery and worked to bring you concepts like SRE and innovations like Kubernetes. With Anthos, you have access to application development and delivery tools that work across on-prem and cloud environments. These tools deliver a number of benefits:

Automated build, test, and deploy

Continuous integration (CI) and continuous delivery (CD) lets you remove the constraints of traditional software delivery cycles and move to an on-demand model. Your application operators can push new code to users quickly by using fully-managed tools that enable easy scaling, maintenance, and updates. We provide guidance for these methodologies that integrate with your current tools: source control, artifact repositories, and issue management, both on-prem and in your multi-cloud environments. 

Policy-based security

Security should be based on policies that are managed centrally and enforced by automated tools. Anthos simplifies the implementation of this principle by creating a common management layer across all of your environments. Anthos Config Management enforces security and governance policies across those environments. Policies can be added or updated with a simplified workflow that does not require code changes. Anthos also includes technologies like Binary Authorization to help you secure your software supply chain, ensuring that the code you built is the code you deploy. 

With policy-based security, developers can focus on building products and features, not updating code for ever changing governance and compliance standards.

Proactive reliability testing

CI/CD lets you focus on issue prevention during development and test, rather than having to mitigate problems in production (otherwise known as a shift-left approach), with checks made by automation tools. Our approach to CI/CD supports automated rollouts and rollbacks, and thanks to having a consistent Anthos platform, your test and development environments more closely resemble production so you can find compatibility issues before they make it to production.  

CI/CD users and tools

When you think about the makeup of a modern CI/CD pipeline, consider three roles within your organization: developers, operators, and security administrators. Let’s take a look at the tools that are available to each and how they interact with each other (you can also see this explained in our recently published video “How to build modern CI/CD with Anthos”):

CI_CD users and tools.jpg

Developers can use a git repository for source code management that provides storage for application and configuration code and allows for review of code changes. They can also employ a continuous integration (CI) tool such as Gitlab. This service tests and validates source code, and builds artifacts (container images, for Kubernetes) that can be consumed in the deployment environment. Lastly your developers can use a container registry, which stores the artifacts (container images) built during CI.

Operators can also use a git repository where they can store the instructions for how applications will be deployed. Working with a configuration management tool such as Kustomize or Anthos Config Management, they can package together the artifacts created by CI and the deployment instructions. This allows for the reusability and extension of configuration primitives or blueprints. Finally, operators can use a service for continuous delivery (CD), which defines the rollout process of code across environments, facilitates the process between staging and production, and provides easy rollback for failed changes.

Security administrators utilize a git repository to store the policies that are applied to your infrastructure (clusters). They work with a policy management service, which is also provided by Anthos Config Management, to provide a mechanism to enforce policies on their clusters (for example: role-based access control, quotas, etc). These clusters can be managed using Anthos GKE to provide container orchestration, run the artifacts built during CI, and provide scaling, health checking and rollout methodologies for workloads. Administrators review and approve changes to policies before they are merged into production clusters.

All of these tools are designed to work within your Anthos environment so you can incorporate other Anthos capabilities such as Anthos Service Mesh, which gives you deep visibility into your services and how they are contributing to better resiliency. With an overview of modern CI/CD practices, let’s take a look at how this would be implemented in conjunction with Anthos.

CI/CD in an Anthos deployment

For reasons such as business continuity, regulatory compliance, scalability, proximity to development teams or customers, and more, your software development and delivery process will most likely take place across more than one environment, whether that’s on-prem and cloud, multiple regions, or even across multiple clouds. Let’s take a look at how you can use Anthos to implement CI/CD across two regions where the first region is used for development, testing, and production, and the second region is also used for production:

CI_CD in an Anthos deployment.jpg

In this example architecture, Anthos Config Management keeps your cluster states in sync and helps security admins ensure that all deployments by application operators adhere to org policies (1). Development clusters are provisioned with Anthos GKE for developers to work on their applications before they enter the deployment process (2). Anthos Service Mesh provides service management capabilities across all clusters in your environment so operators know where they can deploy applications (3). Artifact Registry stores the container images built during the CI phase (4). And finally, applications are deployed uniformly and consistently across all environments by application operators (5). 

This is how you can harness the power of Anthos to deploy code quickly to production environments anywhere.

Partnering for more options

Part of what makes Google Cloud successful is an ecosystem of partners. GitLab provides CI/CD tooling that is used by more than 100,000 organizations with an active community of more than 2,200 contributors. In the example above, we used GitLab’s CI service to facilitate the process between staging and production. This commitment to partners and open source is core to Google Cloud’s value of avoiding vendor lock in. 

"Enterprises all over the world use our CI/CD tools to transform and improve their application development and delivery. We've partnered with Anthos because it provides a flexible application modernization platform for creating and delivering secure apps across hybrid and multi-cloud environments." - Brandon Jung, VP of Alliances at GitLab

Getting started

The need to innovate faster has seldom been more critical than it is today. If your organization needs to move faster and you’re interested in getting started with Anthos, please reach out to your account team or fill out this form.  We will set up time with you to discuss how Anthos can help your developers reduce the time they spend on non-coding activities by 23% to 38%1, improve the productivity of your operations teams by 40% to 55%1 and improve productivity for security tasks by 60% to 96%1.


1. Total Economic Impact report