Many companies are looking into hybrid/multi-cloud infrastructures to secure greater reliability and agility in business operations. Eighty-four percent of enterprises responding to the RightScale 2019 State of the Cloud Report reported having a multi-cloud strategy. Additionally, on-prem still plays an important role in many organizations, especially those that operate in highly regulated industries such as finance or healthcare or that depend heavily on legacy applications that aren’t feasible to replace. RightScale found that enterprises with a hybrid strategy grew to 58% in 2019, up from 51% in 2018 .
Today’s cloud ecosystem includes a variety of different deployment models that have evolved to reflect organizations’ unique needs surrounding infrastructure, workloads, security, and more. It is in this intricate business ecosystem that Google has introduced Anthos, a software-based service that enables developers to run and manage their containerized applications in both hybrid and multi-cloud environments — even if those environments include cloud solutions from Microsoft or Amazon.
Complete Solution for Hybrid and Multi-Cloud Environments
Anthos, which is currently in beta, is an upgraded version of the former Cloud Services Platform (CSP). Introduced last year, CSP was designed to reduce the complexity and cost of setting up a hybrid cloud environment. While hybrid cloud is the best option for organizations that want to take advantage of the flexibility of the cloud while maintaining their local environment, initial setup often requires investing in yet more expensive hardware, creating new security requirements, deeper knowledge of compliance regulations, and ensuring compatibility across environments — all of which can pose significant stumbling blocks.
CSP, which was a software-based solution like Anthos, solved this problem by allowing organizations to run and manage Google Cloud Platform (GCP) services using their existing on-prem hardware. Anthos retains these features. Like its predecessor, it is built atop Google Kubernetes Engine (GKE) and includes GKE On-Prem, a managed service that allows organizations to securely run Kubernetes clusters on-prem while ensuring the same Kubernetes experience both on-prem and within GCP. Anthos also allows for integration of existing networking, storage, and identity capabilities so that organizations can choose to migrate to the cloud later.
However, unlike CSP, Anthos has the ability to manage workloads in other public clouds, including competitors AWS and Azure. While competing cloud services offer hybrid stacks, Anthos differentiates itself by supporting not just hybrid clouds but the environment that the overwhelming majority of enterprises are using right now: multi-cloud.
Anthos gives developers a consistent environment where they can write applications once and deploy them in the cloud of their choice, speeding up the development process and allowing them to focus on functionality instead of compatibility across on-prem and different public cloud environments.
Automate Security & Enforce Policy Across Clusters
Sixty percent of respondents to a recent study on hybrid cloud security reported that their organizations were implementing hybrid cloud solutions faster than they could secure them, and over 80% complained about the limitations and complexity of current hybrid cloud security solutions.
Anthos Config Management addresses these concerns by simplifying, centralizing, and automating security and compliance across environments. Security personnel can easily migrate existing definitions or create new multi-cluster policies right out of the box. Rules are rapidly deployed to all clusters throughout the environment, ensuring correct, consistent access controls and resource allocations at scale without slowing down development.
Anthos Config Management is a declarative tool and works well with modern version-control systems such as Git. It treats configuration files as source code that defines what the end state of the clusters should look like, then continuously and automatically monitors them for compliance. Access control policies are stored in a central Git repository, providing a single source of truth for compliance audits.
Enhance Security, Compliance, and Service Operations
Administrators can further enhance application security, visibility, and control with Istio, Google’s service mesh, which works with both containers and virtual machines (VMs). Istio provides an underlying secure communication channel for applications so that both service-to-service and end-user-to-service communications are secured by default, freeing developers to focus on application-level security.
Stackdriver Service Monitoring seamlessly integrates with Anthos and simplifies the onerous task of managing dependencies by providing administrators with a service graph where they can view all the services in their application. When combined with Istio’s policy management capabilities, Stackdriver Service Monitoring provides a single management console for the entire Anthos environment.
Take the Pain Out of Lift-and-Shift with Anthos Migrate
Anthos Migrate, which is also in beta, simplifies the process of infrastructure modernization by auto-migrating VMs, whether on-prem or in other clouds, directly into containers in GKE, simultaneously migrating and modernizing. This allows enterprises to begin taking advantage of the integrations within Anthos as soon as possible while allowing developers to focus on developing and managing applications instead of getting bogged down in lift-and-shift tasks, such as VM maintenance and OS patching.