
Anthos support for multi-cloud is generally available - 9nGQluzmnq3M
https://cloud.google.com/blog/topics/anthos/anthos-for-aws-is-now-ga
======
odensc
So what does "Google Cloud's fully managed Anthos" do in non-marketing speak?
I'm not exactly sure what a "multi-cloud and hybrid application platform"
providing "agility and flexibility" is supposed to do for me as a "born-in-
the-cloud digital native or a traditional enterprise."

~~~
cfors
From my understanding it's a managed Istio service.

~~~
igetspam
Thank you. Searching for anthos and istio got me the info I needed. Istio,
when finally configured, is pretty fantastic. Leveraging it for multi cloud
clusters is already possible so a service that streamlines that feels like a
natural step.

Terrible blog post. Had no clue what I was being sold until you pointed it
out.

~~~
uoaei
> Had no clue what I was being sold until you pointed it out.

Unfortunately not even Googlers are immune to the draw to elite signalling by
drowning your copy in industry jargon without ever getting to the point.

I see this a lot on hastily-composed GitHub Readmes and "rocket-launch"
startup landing pages, but it's a shame it also happens to a company whose
name is globally recognized.

~~~
derefr
> the draw to elite signalling

I don't _feel_ like that's why we all sometimes do this (though that might be
an inside view and I might really be signalling along with everyone else.)

I feel like the internal thought-process that motivates this kinds of inside-
baseball writing is twofold (depending on the stage of the project):

\- early on: "the only people who could possibly care about something this new
are people with the _exact_ problem it solves, who stumbled onto it when
jamming google full of enough keywords that there are zero other results; they
already know what this does before reading; and they just want to confirm that
it isn't fatally flawed. They're deploying this project _in anger_. (Of course
they are; if they didn't desperately need it, they'd never rely on something
so early in development!)"

\- later on: "We're selling this to customers. We've picked a specific target
market that has specific use-cases and needs, and we try to think about things
the way _they_ think about things 100% of the time, because talking to _those
people_ is what gets us money. We don't do any inbound marketing—we aren't
trying to passively educate anyone outside our target market to get them
interested. We're having enough trouble capturing the pre-qualified part of
our funnel with in-person conversations. Converting people who haven't even
fallen into the funnel yet? Who cares! They might get converted by accident if
someone who already uses us takes the time to explain our product to them; but
otherwise, the only time they'll hear about us is when we reach out to slowly
warm them up for a million-dollar enterprise deal."

~~~
searchableguy
Or they don't care about what you (the engineer) thinks as long as your non-
engineer manager is impressed and convinced your team needs it to grow.

~~~
uoaei
When the manager asks the engineering team about their thoughts on the
product, the marketers are banking on the engineers to say anything above an
"ehh, it could work I guess..." so the manager makes the purchase.

------
mayank
It's quite weird that a Google blog post about a highly technical product
doesn't include a link to the actual technical details:
[https://cloud.google.com/anthos/docs/concepts/overview](https://cloud.google.com/anthos/docs/concepts/overview)

~~~
mike_d
They are trying to compete with Azure, which is sold in the boardroom - not to
developers.

I know of at least one company where they had to blacklist AWS and GCP on corp
cards because developers were still trying to use them despite the company
having signed a multi-hundred million dollar deal with Azure.

~~~
trhway
>They are trying to compete with Azure, which is sold in the boardroom - not
to developers.

Looks like an Oracle style approach (couldn't find that famous Larry's quote
that developers don't grasp the concerns what he is discussing with the
C-suites), and this GCP offering is the first big one under the new GCP
leadership transplanted from Oracle. This is probably the new look and feel of
GCP going forward.

------
atonse
"At Plaid we provide real-time data analysis of over 6.8 billion online users"
err what? Not even Facebook has 6.8 billion users. Or probably not even
CloudFlare. Is this part of the Visa acquisition? Maybe they'd have that many
users but I still kind of doubt "online users."

~~~
ineedasername
And they really don't provide real-time data analysis of 6.8 billion users. At
any given time, there aren't even 6.8 billion people _awake_ on the entire
planet. Their real-time analysis would be on a vastly smaller subset. Is this
too much of a nitpick?

~~~
hazz99
Them being asleep is still realtime data. The realtime aspect comes from
finding out as soon as they wake up.

------
TimMurnaghan
I'd also position this as being up against openshift which is in the managed
k8s/hybrid cloud space.

Hybrid cloud is definitely a thing as you scale up. For a big enterprise with
a significant base load you're paying 5-8 times the cost of on prem for that
in a public cloud, so being able to run your own infra for production base
load but scale up to the public cloud for dev and burst is a real win.

~~~
slgeorge
The direct competitors to Anthos are whatever the other cloud vendors do here.

Anthos and OpenShift are trying to create a 'PaaS-lite', or maybe
Orchestration++ is a way to think about it.

Alot of the K8s vendors are trying to build a complete experience: for both
operators and developers. You can use the CNCF's capabilties (K8s, Prometheus,
Istio, etc) to build a container orchestration and developer experience.

(Disclaimer - work in this area). Maybe the difference is that OpenShift is
quite tightly bound, whereas Anthos is more modular. The complexity is how all
the elements are plugged together and the overall life-cycle.

NOTE: Weaveworks builds application platforms built from CNCF technology so I
definitely have 'opinions' in this space

------
hardwaresofton
Anthos is just managed Kubernetes.

And I thought I was being tinfoil-hat-y about Google's true motives in pushing
Kubernetes so hard and the benefits of it being so popular. It enabled the
first true cross-cloud experience, that Google just happens to be the creator
of and have control over (no matter how much you hear that it's "community
driven", the only project I've seen that is actually lives up to that is
Rust). Yeah, Kubernetes is massively useful and I'm grateful, but that doesn't
stop me from being very cynical about it -- the complexity and learning curve
is a consultant's dream (disclaimer: I'm a consultant) and at this point it
looks like a 5d chess move to improve their cloud offering by basically
backdooring themselves into every single other cloud and the headspace of
millions of developers.

Condolences to Crossplane[1]. Hyperbole yes, but I do not envy any companies
that have to try and compete with Google in the current regulatory (captured)
marketplace. If they didn't buy you but entered your space it's gotta be bad
news on some level.

Luckily, the fact the kubernetes is open source and at least in some part
community driven (i.e. the wide ecosystem of plugins) means that companies
like Crossplane can still exist if they work hard to out-sell and out-market
google, and there is a _slim_ possibility that the barrier to creating a
"cloud platform" being lowered so much might mean that all the little mom &
pop shop VPS providers and bare metal providers will get in on it, and force
the bigger guys to compete on price _somewhat_ (we all know big enterprise is
going to go straight to AWS/GCP/Azure anyway).

[EDIT] - I just realized that while I was harsh on Crossplane, they arguably
just became an _extremely_ valuable acquisition target for every other large
cloud provider that wants to buy their way in. Probably not Amazon but
Azure/IBM/Orcale/etc probably.

[1]: [https://crossplane.io/](https://crossplane.io/)

~~~
monus
I'm wondering how native Anthos integrate with other clouds. They are
standardizing on Kubernetes level, i.e. you can schedule pods from on-prem GKE
to AWS cluster. But are you able to use RDS similar to how k8s config
connector makes CloudSQL available via CRs? Crossplane has the advantage of
being equally integrated to all clouds.

Also, if the point of multi-cloud was vendor lock-in, aren't you now GCP
locked-in when you use Anthos? It's not open source and may die any time like
other Google projects.

~~~
hardwaresofton
Sorry I think I might be misunderstanding the specifics (since you work at
crossplane) of the difference, but at this point I would assume that Google
can dedicate engineers to taking any approach Crossplane takes. Basically the
answer to how any of this will work is CRDs and Operators -- it becomes a
grind of ensuring good ergonomics, good integration and marketing after that.

Correct me if I'm wrong, but Crossplane introduces CRDs that paper over the
differences between the provider (ex. `OmniDatabase`), rather than just
offering CRDs that correspond to a platform's offering (ex. `RDSDatabase`)
though I assume you can access those too, and I don't see why Google won't do
_both_. That's the thing about being a monopoly player in the space -- unless
a smaller player is doing something _so next level_ that you can't copy it,
you can just offer underpriced mediocrity until they fold (forgive the
cynicism and hyperbole).

Crossplane has a huge head start and probably the least buggy implementation
of this concept, and was one of the first to innovate in this field (I saw a
few talks from previous kubecons) so wishing you good luck in the future!

------
longtermd
I think that's a fantastic strategic move, even though I'm usually not a GCP/
Google fan. The idea that you have to constantly disrupt yourself, and even
have to cannibalize your own revenue in business to stay alive, is well
understood. An idea, that in my opinion, is generally not understood at all
even by CEOs. Most would rather hold on to their last penny until getting
disrupted and becoming insignificant.

------
awinter-py
> In business as in life, change is constant and unpredictable. When building
> the platforms to power your organization, you can’t be limited by
> yesterday’s technology decisions. Nor can the systems you create today
> constrain your ability to act tomorrow.

was expecting 1st paragraph to be 'anthos is a'

But I like this too, it's like the philosophy cult ads on the subway

the first customer they quote is a 200 yr old bank. 'in my day kubernetes was
a lunch place on stone st'

------
codingslave
"In business as in life, change is constant and unpredictable. When building
the platforms to power your organization, you can’t be limited by yesterday’s
technology decisions. Nor can the systems you create today constrain your
ability to act tomorrow. In times of uncertainty, you need an architecture
that gives you the agility and flexibility you need to help you weather
change—or even take advantage of it."

Who are they marketing to??? I feel like I stumbled onto a well written blog
aimed at SEO.

~~~
derefr
CTOs and CIOs of non-technology companies with IT departments, departments
which have a bunch of legacy stuff they're just getting around to deciding how
to deprecate/replace.

That's the target customer for a lot of the stuff the major cloud providers
do, actually. It's the whole focus of IBM's cloud hosting (Softlayer.) It's a
majority of what Azure does. Even on AWS, look at any services that aren't
pure automagic-IT-for-devs services, but are instead e.g. data-science
services (Redshift), or pure ops services (AWS Storage Gateway), or even "IT
for non-developers" services (AWS WorkSpaces!), and you'll see the same "CTO-
ese."

Any IT service that isn't grown through groundswell support by devs, is grown
by top-down partner-choice by a CTO.

~~~
codingslave
Maybe but I really dont think AWS comes off this way. To me, AWS seems like
this massive complex system with a million overlapping services that engineers
like. What if cloud adoption is bottom up and not top down?

~~~
wmf
AWS is sold bottom-up so Google/Oracle/IBM/Cisco/etc. are focusing on the top-
down "let's force-feed steaks and strippers to the CIO until he signs"
channel. Ultimately some companies buy one way and some buy the other but they
will all adopt cloud.

------
boulos
Disclosure: I work on Google Cloud.

I'll try to translate this into something direct.

Anthos is an umbrella term for things in the combined ecosystem of Kubernetes,
Istio, Anthos Config Management, Traffic Director, and so on.

Anthos [GKE] on {GCP, AWS, Azure, On-prem} is intended to be a consistent
version of this deployed thing in each place.

There is an important historical wrinkle where traditional GKE already exists,
but was "just Kubernetes" and sometimes "with Istio Add-on".

I do not agree with the lack of public pricing.

tl;dr: For most people here this is GKE "but wherever you want" (this
announcement is "on AWS"), including Istio and friends.

~~~
state_less
Without public prices, this could be anywhere from really relevant and worth
considering to overpriced and not worth your time. The price is an important
feature. We need something for small and midsize at least.

Thanks for the info. I’ve been pretty happy with the designs (K8S, Istio) and
services so far (GKE, Cloud Run).

------
nerdbaggy
Can anybody find any pricing? I would love to find a managed on prem
Kubernetes management thingy that won’t break the bank.

~~~
scarmig
The pricing is very clear: "Contact Sales."

~~~
chance_state
Otherwise stated as, "how much you got?"

------
alpb
Disclaimer: I work at Google Cloud, helping "developers" understand what
Anthos is.

(If you criticize my comment, there's a decent change the marketing is gonna
have a discussion with my boss about my employment. I'll try not to use as
many marketing-y terms as the article.)

At a high level, if you're a solo developer or a small company, you probably
don't need to understand everything going on there, many Anthos
features/products are actually available a la carte, possibly under different
names.

First, I’ll agree that the blog post is written in a way that might be hard to
grasp for hands-on practitioners (assuming I know HN enough, since I visit it
30 times a day). I'll start with an architecture diagram:
[https://cloud.google.com/anthos/docs/concepts/overview](https://cloud.google.com/anthos/docs/concepts/overview)

You might still find this diagram difficult to understand (unless you live
with the "cloud-native" stuff day to day) so I'll break this down for you:

\- Anthos GKE: This is basically the GKE (Google Kubernetes Engine) you know.
But it is now capable of running clusters not just on Google Cloud. If you
ever thought "ahh, X cloud doesn't have good Kubernetes support", well Google
can bring GKE quality to that cloud (AWS support is now GA, Azure is in
preview) or to your on-prem datacenter, or AWS/Azure account. The GKE you know
is still available with pay-as-you-go model.

I must note that this GKE on-prem/hybrid capabilities are probably the most
critical part of Anthos stack.

\- Anthos Service Mesh: This is Istio (the open source service mesh), set up
and managed for you. It helps you (1) connect your services, even if they're
across different datacenters or clouds (2) automatically export telemetry like
traces, metrics and set up SLOs/alerts with them (3) set policies for your RPC
traffic at high level e.g. tcp retry policies should be like X (4) enable mTLS
automatically without changing your code across ALL your fleet and without
having to run a PKI. (If you're still not convinced about service mesh, you
probably don't have a RPC-heavy infra like some companies, maybe you don't
need it.) You can technically install/manage Istio yourself across your
clusters, but with Anthos, Google does that for you.

\- Cloud Run for Anthos: This is actually hosted Knative (open source
serverless stack on Kubernetes) for you. If you like rapid request-based
autoscaling containers, you can have it anywhere (GCP, AWS, on-prem). You can
install Knative anywhere, but Google does it for you and ensures it works
properly with Istio and Kubernetes versions. I've written a blog post
explaining what Knative does here: [https://ahmet.im/blog/knative-better-
kubernetes-networking/](https://ahmet.im/blog/knative-better-kubernetes-
networking/) Basically, this works like a CaaS (containers as a service) or
build your own opinionated in-house opinionated PaaS with this.

We also offer Cloud Run as a fully-managed serverless product (not running on
GKE, runs on Google’s infra directly) if you're into that:
[https://cloud.run/](https://cloud.run/)

\- Anthos Config Management: This is available to GKE users as "GKE Config
Sync". It's basically a GitOps tool (though not a complete suite like some
stuff like Weaveworks Flux etc). You point it to a git repo/branch, and it
will go create Kubernetes manifests in that directory across your clusters. It
has a pretty neat model where leaf directories correspond to Kubernetes
namespace and there's inheritance to fanout Kubernetes policy objects to
multiple namespaces etc. AFAIK many companies using Kubernetes at scale build
similar in-house solutions to this. So we worked with them to create a
solution for everyone. This product also has some policy enforcement features
and monitoring to see if your Kubernetes objects are propagating properly to
your clusters.

\- Other components: You'll find them on the page I linked. I think they are
not as interesting to the day to day practitioners here.

Obviously I've oversimplified many of these, but the docs of each specific
product do a decent job explaining, you should read if you're interested.

I'd say that if you are a practitioner, you don't need to worry much about
details of Anthos. You can continue focus on the technologies you need to know
(choose how low-level you wanna go: containers, Kubernetes, RPC or networking
layer/service mesh, DevOps/GitOps) and continue to be successful.

However, if you work at a company which doesn't haven't gone through the cloud
native application modernization (I'm hitting my head on the wall for you for
saying this), Anthos can actually help your company use cloud-native stack
WITHOUT having to go to cloud.

As you might imagine, a ton of companies out there are (perhaps happily) run
on infrastructure stacks from another time. However, those looking to change
it and try to use Kubernetes, they need to build a lot of in-house tooling,
hire talent to manage Kubernetes. Google is decent (maybe more) at running
Kubernetes clusters at scale for many customers, so Google can bring this
service and all the listed above to you.

I'm not that familiar with pricing, though as you can see from
[https://cloud.google.com/anthos/pricing](https://cloud.google.com/anthos/pricing)
if you want to use these features on just on GCP, there's a $30 vCPU/month
cost based on GKE nodes you're running. For other stuff, you need to contact
support.

I should probably make this a blog post.

~~~
gavinray
Will you tell the team that works on the Cloud Code IDE plugin that added the
ability to deploy + debug Cloud Run services recently that I love them.

I submitted detailed feedback on two user surveys, praising the plugin and
asking only for this a few months ago and it miraculously appeared.

Probably not related to my survey answers, but I like to think it was ;^)

(Also if you guys are sleeping on Cloud Run, it's basically the greatest thing
since sliced bread. Knative and Serverless Containers are heaven)

~~~
Sytten
Agreed Cloud Run is awesome, but still waiting on that Load Balancer to Cloud
Run route (in private preview from what the Cloud Run PM said on twitter).

~~~
steren
(Cloud Run PM here)

Hi, Thanks! You can fill this form to be on the waitlist for Load Balancer to
Cloud Run:
[https://docs.google.com/forms/d/e/1FAIpQLSd5vTSeU00oSDT5Bxye...](https://docs.google.com/forms/d/e/1FAIpQLSd5vTSeU00oSDT5Bxyea3oTU1db-
sZU8n6cBalbUmeJdDP7gA/viewform)

------
WatchDog
Interesting definition of general availability.

All the technical pages still seem to carry the message:

> This product or feature is in a pre-release state and might change or have
> limited support

Pricing directs you to "contact sales"

If you do want to try it out, it seems you need to fill out a google docs
form.

I don't have a great idea about what the product does, but it seems to require
use of an active google cloud account.

A multi-cloud platform product, having a hard dependency on a single vendor,
seems like a non-starter. Doesn't that defeat the main purpose of going multi-
cloud in the first place?

~~~
9nGQluzmnq3M
Anthos is built on Kubernetes, so if you don't like it, you can go run your
containers somewhere else. The Anthos promise is that it makes it easy to have
a managed Kubernetes service on any cloud or on-prem, with the same management
UI and controls.

I'm also a bit curious what a multi-cloud platform product _not_ built by a
single vendor would look like. Are there any credible OSS offerings in this
space?

~~~
monus
I think Crossplane[1] could be a candidate here. It allows cloud services to
be provisioned via native CRs in your Kubernetes cluster and mount their
credentials to workloads that can be scheduled to any kubernetes cluster,
either provisioned through Crossplane or imported via Kubeconfig.

[1]: [https://crossplane.io/](https://crossplane.io/)

~~~
monus
Missed the edit window.

Disclaimer: I am actively contributing to Crossplane.

------
toshk
I was joking a few years ago now Kubernetes is a great layer to manage docker,
and then in a few years we will have another layer to manage Kubernetes...
Just in general this ever evolving complexity in software (and many other
system, like law) is interesting, but often we solve one problem while at the
same time creating 5 new ones. I understand it, and sometimes it is indeed the
best path forward, but also feel a need for more simplicity sometimes. We see
it in both hosting, but frontend development is also very good in adding
layers of complexity.

------
scarface74
_Enterprises know they need the cloud to help drive cost efficiency and
digital transformation._

I’m a cloud true believer and admitted AWS fan (and probably would be an Azure
fan too if I had any experience with it), but even Amazon admits that only 5%
of Enterprise workloads are in the cloud. “The Enterprise” is leery of the
cloud.

Even once you can convince a large company to move some of their workloads off
prem, most CTO’s wouldn’t touch GCP with a 10 foot pole. No one ever got fired
for choosing AWS and many large companies would trust Azure because they are
heavily invested in Microsoft.

Google is not exactly known for its great enterprise support or customer
support in general.

~~~
wmf
_No one ever got fired for choosing AWS_

I think that's the point of this and similar offerings. You get to run on AWS
but with even more handholding than AWS enterprise level support.

~~~
scarface74
It’s used to “manage virtual machines” to help avoid “lock-in”. If all you’re
doing is hosting a bunch of virtual machines on your cloud provider, you have
the worse of both worlds. You’re paying more for infrastructure and you’re
still babysitting hardware.

Besides, if you are at any type of scale - you’re de facto already “locked
in”. Infrastructure has weight. Data migrations alone are a pain let alone
migrating your network infrastructure, you’d permissions (IAM$), auditing for
security compliance, your DNS entries, etc.

Why add Google to the mix at all if you’re all in on AWS and Azure? I bet few
people have ever sat down and work with their project management team or IT
people and estimated how long it would take or how much money it would cost to
actually migrate to another vendor.

~~~
wmf
I think these kinds of offerings are for customers who want to use AWS but
aren't skilled enough to use AWS directly. Anthos includes VMs and k8s BTW.

------
judge2020
> One such early adopter is Plaid, a Japanese tech company providing real-time
> visibility into user activity online. Plaid’s customers rely on their
> always-available analytics service to make changes in real-time and
> continuously improve the user experience.

Edit: They're talking about a different company

Odd categorization of Plaid, they (at least primarily) provide an API for
linking (logging in to) users' bank accounts and scraping information from the
bank websites.

~~~
sbader
It's a different company: [https://www.crunchbase.com/organization/plaid-
inc](https://www.crunchbase.com/organization/plaid-inc)

~~~
judge2020
Ah, my bad.

------
chippy
GKE Ingress for Anthos (and possibly other stuff) requires Cloud SDK version
290 or higher which is not currently released, only 289 is. So it's not all
available yet.

[https://cloud.google.com/kubernetes-engine/docs/how-
to/ingre...](https://cloud.google.com/kubernetes-engine/docs/how-to/ingress-
for-anthos-setup?hl=en)

------
jaytaylor
Are there any plans for Anthos to support the Oracle OCI cloud?

------
speedgoose
If I have to ask for a price, I'm not going to ask.

------
OldFatCactus
I feel like Rancher already does most of this for free

------
chanux
The URL slug is the clearest bit.

------
seph-reed
So very tired of Google, Microsoft, Amazon, Firefox, and Apple release
articles.

It's not that I don't understand they're important to a lot of developers and
totally belong here. Time to search for a content filter though.

Edit: I mean look at it! It's basically an advertisement. It feels like
Kardashians of coding.

------
sbassi
Is this product open source? I can't trust Google products since they end it
up at any time. [https://gcemetery.co/](https://gcemetery.co/)

~~~
pseudobry
Not saying you're wrong, but I'm having a hard time finding GCP products that
had paying enterprise customers at the link you provided, at least none with
Greek names.

~~~
ineedasername
Not there yet, but Hades is a Greek name: They should name a product Hades and
then kill is just so gcemetary has, you know, appropriate oversight &
leadership.

