For decades, organizations built and ran applications in their own on-premises data centers. Then, they started deploying and running applications in the cloud. But, for most enterprises, the thought of moving all-in to the cloud was too daunting. They worried they would need different developers and tools for each environment, and that they wouldn’t have a consistent management interface to ensure the environments were compliant with their security policies. To address these challenges, we introducedAnthos, a services platform that brings applications into the 21st century, with the flexibility to run in any environment—whether it’s cloud-native or based on virtual machines.
Today, we’re announcing new Anthos capabilities to further simplify your application modernization journey:
In addition, Anthos Config Management now includes capabilities to help your teams automate and enforce org-specific policies. Binary Authorization, meanwhile, helps to ensure that only validated, verified images are integrated into your managed build-and-release process..
Increasingly, many organizations consider microservices architectures to be an essential way to modernize their applications. But moving from monolithic applications to large numbers of microservices increases operational complexity. To address this, you can use a service mesh—an abstraction layer that provides a uniform way to connect, secure, monitor, and manage microservices. A service mesh uses high-performance and lightweight proxies to bring security, resiliency, and visibility to service communications, freeing your developers to do what they do best: build great applications. A service mesh helps you manage the lifecycle and policies for this intelligent data plane and gives you secure and easy-to-manage microservices-based applications.
As a managed offering, Anthos Service Mesh in Beta makes it easy to add this abstraction layer to your environment. Built on Istio open APIs, it lets you easily manage and secure inter-service traffic with a unified administrative interface, and provides uniform traffic controls that span them both. In addition, Anthos Service Mesh gives you deep visibility into your application traffic, thereby improving your development experience and making it easier to troubleshoot these complex environments.
Serverless computing provides you with a number of benefits: the ability to run workloads without having to worry about the underlying infrastructure, to execute code only when needed, to autoscale from zero to n depending on traffic, all wrapped around a simple developer experience.
Today, we are excited to bring this experience to Anthos through Cloud Run for Anthos, now in beta. Based on Knative, an open API and runtime environment, Cloud Run for Anthos enables you to be more agile by letting you write code like you always do—without having to learn advanced Kubernetes concepts. It enforces best practices and provides deep integration with Anthos by offering advanced networking support, and enabling cloud accelerators, which means your workloads can all run in the same cluster. Cloud Run for Anthos delivers portability with consistency, so you can flexibly run your workloads on Google Cloud or on-premises – all with the same consistent experience. It helps you adopt cloud on your own terms by letting you adopt serverless wherever you are – even on-premises.
In addition to simplifying the development and operations of modern applications, Anthos includes guardrails that provide security by default. Enterprises can automate their security operations by enforcing consistent policy across environments, isolating workloads with different risk profiles, and deploying only trusted workloads.
With Anthos Service Mesh, you have uniform policies for enforcing service aware network security including encryption in transit, mutual authentication and powerful access controls. This allows your IT teams to implement zero trust security that moves across environments with your application without making application code changes, allowing you to focus on delivering critical business functions faster.
Binary Authorization helps you build defined security checks into the development process earlier, making sure you deploy only trusted workloads in your environments. By ensuring workloads are assessed and validated before they are deployed, enterprises can have the confidence that these workloads can be trusted.
Finally, using the new Policy Controller and Config Connector features of Anthos Config Management, you can enforce consistent security policies and controls continuously across your cloud environments, including Google Cloud, on-prem and other clouds.
Learn more about how Anthos helps organizations modernize their approach to application security in our Anthos Security white paper.
Anthos launched with more than 30 hardware, software and system integration partners ready to help customers adopt Anthos right out of the gate. Today, that number stands at more than 40, and partners report exceptional momentum for the platform.
Atos, Cognizant, Deloitte, HCL, Infosys, TCS, and Wipro are some of the global systems integrators who are helping deliver Anthos to their clients, and they are doubling down on their efforts.
“Deloitte has been working with Google long before the formal announcement of Anthos at Google Cloud Next in April, said Tim O’Connor, Principal, Deloitte Consulting LLP. “Since then we’ve supercharged our investments and have been extending existing Anthos assets and building teams to bring this powerful and game-changing technology to the marketplace,” through a dedicated group of practitioners focused on hybrid enablement through Anthos.
With its comprehensive capabilities for container management, service mesh, security, monitoring and logging, as well as developer productivity, Anthos helps your entire organization benefit from application modernization. For developers, Anthos simplifies application deployment with access to services like GCP Marketplace and Cloud Run. Operations teams benefit from improved resource utilization and reuse, and visibility into all available services—all from a single management plane. Meanwhile, Anthos lets security professionals roll out consistent policies across their deployments, encrypt sensitive traffic, and ensure that only trusted binaries are running in the environment. All the while, Anthos puts your organization on the path to the cloud, in the configuration and at the pace that works for you.
For a technical deep dive into service mesh, download our new ebook, The Service Mesh Era: Architecting, Securing and Managing Microservices with Istio. And to understand how Anthos can take your cloud environment to the next level, check out A CIO’s guide to cloud success: decouple to shift your business into high gear.