Write once, deploy anywhere with Google Anthos


In the past few years, enterprise developers, IT operators (and their managers too) are faced with new challenges - Kubernetes is everywhere. Some parts of apps run on the private cloud, some on on-premise servers and others on public cloud or edge environments. Developing and deploying new apps to various environments is a tough nut to crack.

But is there a way to simplify the management of such a large ecosystem without going insane?

Google has recently introduced Anthos - a unified platform for managing applications in today's hybrid and multi-cloud world without getting lock-in to one vendor. Anthos allows you to manage all Kubernetes workloads from one environment. You can focus on a single technology in-house and don't have to rely on external experts in a multitude of proprietary cloud technologies.

But how does that work exactly?

Anthos consists of several key services:

  • infrastructure management,
  • container management and orchestration,
  • service management
  • and policy enforcement across your platforms in one place.

As a result, you get a helicopter view on business information, alerts and operational information. Anthos can manage network policies, routing, security and help you with configuration management of workloads deployed across clusters. You can also use integrated services to develop and deploy applications to Anthos environments.Your colleagues can also manage Anthos with the same tools they use to manage applications in other parts of Google Cloud.

“All developers and IT operators are looking forward to the modernization of legacy infrastructure” - said no one ever. Even though we all know it is the key to successful business development, we have to admit it is also one of the hardest parts of the “keeping up with the market” marathon.

David, CIO of an exemplary medium company: “No way, we don't need any of those “cloud stuff”. We are modern in our own specific way. We are fine as we are now, Mike told us everything is fine, down here in the basement, no need to change anything. I have many people in my team already, it is expensive and they are really busy with ops, we don't have time for this.” Yes, this is actually why you need Anthos - because your team will spend less time with day-to-day operation responsibilities.

Implementing modern CI/CD deployment processes enhances the application's ability to reduce time to market. If you modernize your applications your teams will spend less time managing them and will be able to focus on making them better. You'll also get better uptime and improved availability.

Many corporate businesses invested large amounts of money to buy on-premises (storage and compute power) because they wanted to be prepared for growth (scaling their business). If you're one of them, Google Anthos will enable you to keep and make use of all of your bare metal and VMs and utilize them efficiently together with the cloud-native environments without vendor lock-in.
For example, Google Kubernetes Engine's On-Premises runs on your own servers with regulated access. That's why it can be used for sensitive business data. All is regulated and stored behind a firewall. Other parts of your application can run on GCP (or another public cloud platform), where you can easily test your apps etc. Combining these two into a hybrid system means you can keep all your sensitive data and applications on your private data centre, leverage the scalability of the public cloud for everything else and manage it from a single place.

Just imagine how pretty the hybrid infrastructure with Google Anthos can be…


Key components and features of Anthos

  • Anthos Control Plane

This is the core component firmly grounded in GCP. Control Plane is responsible for managing the lifecycle of managed clusters and for the registration and un-registration of external, unmanaged clusters. Anthos exposes the API for this through the Hub and Connect services. It can launch managed Kubernetes clusters in a variety of environments including on-premises data centres, AWS and Azure. The managed Kubernetes clusters launched via Anthos have the same reliability and stability of a typical GKE cluster running in GCP.

  • Anthos Service Mesh

This component is a commercially available implementation of Istio service mesh that’s optimized for Anthos. It delivers three capabilities – 1) secure communication among microservices, 2) Network and routing policies, and 3) uniformed observability.

  • Anthos Config Management

The component based on GitOps enables a centralized mechanism to push deployments, configuration, and policies to all the participating clusters — both managed and unmanaged. A centrally accessible Git repository acts as a single source of truth for all the clusters. Anthos Config Management agent that runs in each cluster will monitor its change of state When deviated from what’s defined in the Git the agent automatically applies the configuration which will bring the cluster back to the desired state.

  • Cloud Run for Anthos

Cloud Run is a serverless and “clusterless” environment to run containers in GCP. It’s a layer above Knative that delivers an optimal developer experience to deploy and run containers without the need to launch a GKE cluster or define a pod specification. Cloud Run for Anthos brings the same developer experience to the managed clusters.

  • Ingress for Anthos

This component routes the traffic to the microservices in conjunction with the Envoy proxy configured through Anthos Service Mesh. Ingress for Anthos becomes the entry point to access workloads running in Anthos clusters. It currently works only for workloads running in GKE clusters launched by Anthos.

  • Kubernetes Apps On GCP Marketplace

This service acts as the catalog for a variety of stateless and stateful workloads targeting Kubernetes. You can push a button to deploy applications from the marketplace in Anthos managed clusters regardless of where they are provisioned.
If your applications don't run in containers and kubernetes yet, Anthos doesn't seem to be a perfect solution at the first glance. But this is not the case. With Migrate for Anthos, Google offers tools for (partially) automated containerization of applications running on virtual machines or directly on “bare metal” servers. It allows for the modernization of legacy applications to be carried out on-premises and moved to cloud native environments.

If you are not in a hurry and don't know where to start with all of this, start with Istio and Cloud Run, they are real game changers.


Anthos lets you carry out modernization with your existing resources. It runs on GKE. Apart from the GCP, your engineers can manage workloads running on the third-party clouds and on-premises. You can adopt a set of proven tools that let you increase the speed of your development, improve security and reliability of your infrastructure and applications. You can scale and automate (and, as we all know, this is one and only way to stay up to date with the customers and competitors) without vendor lock-in. No matter if you are on your local market only or in many regions with special policies (and no matter what situation is out there), Anthos enables you to track, update and manage configuration and policy changes everywhere. Users can enjoy the cloud that suits them best for their application deployment and management needs. Admins and developers don’t need to learn all the new APIs functionalities of different environments. They only have to master Google’s. It is not a cheap solution, but your guys will love it.

Fun fact: Anthos means flower in greek, it grows on-premise but needs water from the cloud to flourish :)


[e-book]: Anthos under the hood: The technologies that will transform enterprise applications
Google Cloud Platform Youtube channel
Google Developers India Youtube Channel

https://cloud.google.com/blog/topics/hybrid-cloud/new-platform-for-managing-applications-in-todays-multi-cloud-world https://services.google.com/fh/files/misc/cio_guide_to_application_migraton.pdf