02.11.21

What Is Google Anthos?

By Agustin Romano
What is #GoogleAnthos

According to the 2020 CNCF survey, 83% of enterprises are using Kubernetes in production. By the end of 2021, this number is only going to increase. So, a majority of IT organizations are embracing the power of cloud-native technologies including containers, service meshes, etc. Many of these organizations are running their containerized applications on Kubernetes clusters. 

Today’s evolving technology means that it is now not necessary that all Kubernetes clusters need to run only on the cloud. There is the option to run clusters on-premises locally at a particular location and in the cloud. However, managing hybrid Kubernetes clusters running on cloud and on-premises together is not an easy task. And this is where Google Anthos comes to the rescue.

Google Anthos Uncut

Anthos is a hybrid and multi-cloud application modernization platform. Embracing open standards lets you run your applications unmodified on existing on-prem hardware or in the public cloud, simply, flexibly, and securely.  The Google Cloud service also performs deployments without compromising security or increasing complexity.

Anthos enables containerized microservices architectural-based apps across multiple platforms, clusters, and locations. This Google management platform allows for consistent policy and configuration management, provides observability through golden signals, and delivers a Zero Trust security model for your apps. Anthos can be used to re-platform virtual machines, modernize existing apps, applying modern CI/CD principles and security, and reduce operational expenditure with no vendor lock-in.

Below are the benefits of Google Anthos:

  • Brings consistency across environments (cloud or on-premises)
  • Provides centralized management for development, migration, operations, security
  • Easy deployment and rollback with Git check-ins and configuration management
  • No lock-in period to any cloud vendor
  • Provides Anthos Service Mesh for code-free security for microservices

How Does Google Anthos Work?

Let’s look at the architecture stack of how Google Cloud Anthos helps you build, deploy, deliver and manage the applications across Google cloud and on-premises private cloud data centers. Let’s say you are using Google Cloud to run applications and package them using containers, and these containers are scaled, deployed, launched and managed by Google Kubernetes Engine. Anthos provides Google Kubernetes Engine (GKE) for applications running on-premises and helps you launch, manage, scale the containers as you do in Google Cloud. 

So, what about the services or API’s that you expose out of these applications? How do you connect, control, secure and observe these microservices? Istio is an open-source service mesh microservices management platform embedded within Anthos. Google Cloud provides managed Istio as a part of the Anthos stack that helps in managing the microservices. Anthos configuration management seamlessly connects both public cloud and private cloud. 

Google Anthos manages and delivers these applications running on Google Kubernetes Engine using one single control plane. Anthos also comes with a GCP Marketplace that you can use to deploy the applications. This marketplace  offers plenty of ‘off-the-shelf’ software packages available which you can deploy on Google Cloud in just the click of a few buttons. Just search for the package you need depending on your business requirements and install it. You can use the default configuration present on the marketplace package or you can even edit the configurations as per your need.

Overall, Anthos helps you manage the applications running in hybrid cloud and private data centers using one single configuration and control plane.

Is Anthos Open Source?

Anthos is not open source, but, as mentioned, the platform leverages Istio, which is an open-source project to create the service mesh layer. There are a lot of open-source projects used to migrate for Anthos. Google has given the Kubernetes project to the open-source community, but the platform is still involved in the further development of this project. Just like many other cloud providers, Google also creates commercial managed services like Google Anthos to manage open-source Kubernetes clusters. Kubernetes clusters for cluster management, better security, monitoring, etc.

Does Google Anthos Require VMWare?

Yes, GCP Anthos requires VMWare for on-premises. The combination of VMware with Google Anthos is a very strategic move. The service abstracts the storage of the local system on-premises from Anthos. The hybrid and multi-cloud model of Anthos is dependent on VMWare to containerize the applications using local storage. A lot of legacy businesses still rely on local storage at on-premises and through VMWare, you can easily use Anthos for such legacy systems. VMware can run Anthos clusters using VMWare vCenter servers and manage the on-premise clusters.

What Is Anthos Service Mesh?

Anthos Service Mesh (ASM) is powered and built on top of Istio, which is an open-source project that Google started, and now works with multiple partners. There are three main attributes of Anthos Service Mesh.

Uniform observability

The first thing is uniform observability. The idea here is that we can collect metrics on all communication going on in the mesh. We know which services are talking to which other services, what the requests per second are between those services, and we can find the error rates. We can achieve all this instantaneously as well as over a time series. In addition, we can even set service level objectives (SLOs), on both availability and latency. SLO is a part of Google service monitoring toolkit for optimizing monitoring and alerting the health of the services. Between all of these features we can curate a wealth of information about what is going on in the mesh layer from a traffic perspective.

Operational agility

Second, the Anthos Service Mesh provides operational agility which means we can manage the network and control network traffic simultaneously. Benefits here include being able to run canary deployments, blue-green deployments and/or load balancing (with a variety of algorithms). For testing purposes, we can even achieve fault injections to improve service resiliency. It is also possible to set quotas.

Security

The third attribute of the Service Mesh is security that begins with identities for the different services. And with those identities, we can obtain certificates which allows us to then enable mTLS. mTLS is mutual transport layer security which is used by clients and servers to verify each other. So, with mTLS, now we have the capability to monitor which services are talking to each other in a secure cryptographic manner. And all the data can be encrypted across the connection, so nobody else can see what’s going on. With mTLS, we can set access control policies and gain simple, but efficiency enhancing perks including the ability to allow and deny lists.

Google Anthos Pricing: How Much Does the App Cost?

Anthos charges for all managed Anthos clusters on an hourly basis based on the number of vCPUs used by the clusters. You can choose from the two pricing models it provides⁠—pay as you go or subscription model. Below is the pricing table for Google Anthos:

If you are a new user, you get 900$ worth of usage for Google Anthos for a period of 30 days, whichever finishes earlier. This is good enough to get your hands dirty with Google Anthos and use it in a couple of projects. In the subscription model, you don’t need to commit.

Conclusion

So, go ahead and try out Anthos to run your applications both on-premises and on cloud through a single management system, and take advantage of all the benefits outlined above.


Caylent provides a critical DevOps-as-a-Service function to high growth companies looking for expert support with Kubernetes, cloud security, cloud infrastructure, and CI/CD pipelines. Our managed and consulting services are a more cost-effective option than hiring in-house, and we scale as your team and company grow. Check out some of the use cases, learn how we work with clients, and read more about our DevOps-as-a-Service offering.