Anthos

How Anthos supports your multicloud needs from day one

#anthos

Most enterprises that run in the cloud have already spent a significant amount of effort automating, operationalizing, and securing their environment. Many have spent years investing in a single cloud provider. Yet today, the ability to run workloads on multiple cloud providers is becoming increasingly important.

Why? There are multiple reasons. Some organizations want application teams to be able to take advantage of the best service for a given application. Others have acquired a company which runs on another cloud. And still others want the ability to spread out risk across multiple vendors. 

At the same time, there are also challenges associated with multicloud. Having multiple cloud providers means you must accept having different APIs, operational tools, security standards, and ways of working. 

Resource sprawl becomes significantly worse when you have multiple cloud platforms. Without a single place to see all of your resources, inventorying, monitoring, and keeping these systems up to date can become difficult. 

Creating secure environments within multiple cloud platforms is another challenge. With each platform having different security capabilities, identity systems, and risks. Supporting an additional cloud platform often means doubling your security efforts.

Finally, the biggest challenge with multicloud can be the inconsistency between platforms. In an ideal world, application teams would not need to worry about platform-specific details. They would be able to build their application and deploy it to any cloud platform, or move it between platforms, even if platform-specific details such as storage, load balancing, networking, workload identity, and security make each platform quite different.

Is multicloud worth it? Yes.

For many organizations, multicloud is only worth it if they can find a smart way to address these challenges. For a growing number of companies, the solution is Anthos.

Rather than relying on your application or cloud infrastructure teams to build tools to operate across multiple platforms, Anthos provides these capabilities out-of-the-box. Anthos provides the core capabilities for deploying and operating infrastructure and services across Google Cloud, AWS, and soon in Azure. 

For infrastructure teams, Anthos provides a single way to provision, view, and manage distributed infrastructure, characterized by:

  • A simple API-driven deployment mechanism

  • Reliable one-step cluster upgrades that updates the Google-managed Kubernetes distribution, the server OS, and all of the supporting system pods and services

  • A single web console for viewing cluster state, nodes, attached volumes

single web console for viewing cluster state, nodes, attached volumes.jpg

  • A powerful configuration and policy management system which can be used to enforce security policies, RBAC rules, network policies, and any other Kubernetes objects

Anthos Config Management offering.jpg
  • A fully managed logging system with a powerful search capability, log-based metrics, and custom retention rules

  • Software supply-chain security to ensure only trusted code is running in your environment

  • Hybrid identity service compatible with Active Directory, AWS IAM, and other OIDC-based identity providers

And for application teams, Anthos offers a consistent deployment target regardless of which cloud you’re targeting, characterized by:

  • A familiar Kubernetes API that provides a consistent way of provisioning storage, load balancers, and ingress rules

  • A single web console for deploying, updating, and monitoring workloads and services

  • An open-source, serverless application framework 

  • A consistent way to securely access cloud-managed services that your app depends on

  • A single Kubernetes API endpoint for connecting to multiple clusters across multiple platforms, even without direct network connectivity (especially great for enabling your CI/CD pipeline to run anywhere)

  • A fully-managed logging system with strong support for multi-tenancy so you only see logs for your application

  • The option to auto-discover and collect custom application metrics, dashboarding, alerting, and incident management

Plays nice with others

There are a lot of Kubernetes clusters already deployed out in the wild. Every cluster should not need to be completely replaced to build a multicloud environment. The promise of Kubernetes is that it provides a single API and common set of objects. Because of this, Anthos provides a subset of capabilities to existing Kubernetes clusters, and existing Amazon EKS, Microsoft AKS, or Red Hat OpenShift clusters can be attached to the Anthos management plane. These attached clusters can take advantage of the same operational management capabilities of Anthos-native clusters, including:

  • The web console for deploying, updating, and monitoring workloads and services

  • Policy and configuration management

  • Logging, monitoring, dashboarding, and alerting

  • The single Kubernetes API end-point which is always available so you don't need to worry about network connectivity 

Anthos-attached clusters provide an easy onboarding path that allows users to connect existing clusters to Google Cloud in minutes and start managing them through a single pane of glass. The connection does not require special networking capabilities and is simple to set up. This allows users to use any Kubernetes cluster they have alongside their Google Kubernetes Engine (GKE) clusters.

Of course, you still use native tools for EKS, AKS, and OpenShift for cluster creation, upgrades, and deletes; but once a cluster is attached to Anthos, you can manage the cluster just like any other Anthos cluster.

Check out the recent blog post on Anthos 1.7 release. We announced new features for Anthos that our customers tell us will drive business agility and efficiency in the multicloud world. The Anthos Sample Deployment on Google Cloud today is a great place to start with an actual application. You can also deploy Anthos to your AWS account or try out attaching your existing clusters to Anthos.