Interview Kubernetes (K8s) is everywhere, so how do cloud vendors differentiate their offerings? Google's answer is Anthos, but this is a brand as much as a product.
The Reg sat down with Google's Jennifer Lin, VP of Product Management, at the recent Cloud Next event in London, to unscramble its various permutations.
The background to Anthos is the battle for market share (and mind share) among enterprises deploying applications. The current consensus is that the most scalable and agile applications are composed from microservices – possibly a misnomer as there is no agreement over how "micro" a service needs to be – and that these services should be deployed as containers. Containers bundle application code with its dependencies and form an efficient, portable and isolated unit of deployment, simplifying development and operations (DevOps). This kind of approach is called cloud native.
K8s, invented by Google but now an open source project, is the de facto standard for container orchestration. Google is number three in public cloud, behind Amazon and Microsoft, and is keen to win market share by emphasising its expertise in K8s.
What is Google up to with Anthos? More toys dropped for Kubernetes-style hybrid cloudREAD MORE
Two other related open source projects also play a big role in Google's application platform. These are Istio, which manages the "mesh" of connected microservices that form an application, and Knative, which builds on K8s to make it easy to deploy and scale a container. Knative is packaged by Google as the Cloud Run service, which recently hit general availability.
Although both Istio and Knative are open source, Google has not yielded control of these projects in the same way as it has for K8s. It had been expected that the company would hand them over to a foundation, probably the Cloud Native Computing Foundation (CNCF), but it has announced that it will not do so.
The messaging here is tricky, since Google wants to emphasise that these three projects are cross-vendor industry standards, while at the same time keeping them closely associated with its own platform. Other vendors, naturally, would like to see Istio and Knative under more neutral governance.
Anthos is Google's brand name for an application platform based on Kubernetes but with some added ingredients. According to director of Product Management Jennifer Lin, there are "four major components" in Anthos. These are:
- The managed K8s service GKE
- The service mesh based on Istio
- The Anthos configuration manager
- The Anthos marketplace of third-party services
There is more to Anthos than this implies, though. One facet is that you can run Anthos on-premises or on other public clouds. There are several variations. You can use certified hardware. "We named a number of hardware partners, HP, Intel, Lenovo, Cisco etc," said Lin. "They've all qualified their hardware for the Anthos architecture. We are focusing on the software layer."
In this scenario, Google manages the upgrades and patches for that K8s installation. You can also add integrate any K8s cluster into Anthos, including those you manage yourself, or that are managed by for example AWS, so that it appears as part of your Anthos resources.
The reason Google calls Anthos a migration platform is not only that you can containerise applications and run them there. You can also run VMs on Anthos, as a lift-and-shift manoeuvre hopefully on the way towards cloud native. Why would you run VMs on Anthos rather than on Google Compute Engine (GCE), which also runs VMs?
"There's the image level format," says Lin. "Either a VM or a container. And then there’s a management layer. So GCE Is the VM image format and GKE adds a system management layer. So when we take a VM and put it under a K8s orchestration you get those system level manageability automation benefits," she said. "Customers want to deprecate their existing VM orchestration layer because it costs them a lot and it is not a cloud native paradigm," she said.
Take that, VMware.
What's in the box?
Lin says that Anthos is a mixture of open source and proprietary code. Is there extra stuff in the Anthos service mesh that is not in Istio? "Yes. It is similar to K8s and GKE. A lot of the benefit of the managed service is the ability to tie into system-level components as well as things like advanced security, reporting and compliance," she says. She sounds at times almost dismissive of the open source aspect.
"Open source is great for understanding the technology. Most of our large enterprise customers don’t want to use open source in their production environments, they want the operational domain expertise of our engineers and SREs [Site Reliability Engineers]," she said.
K8s and Linux are open source, so what does she mean by saying customers do not want to use it? "They understand the technology but there's a difference between getting it up and running in three nodes, to you're running your business on it. We have a lot of people that have kicked the tires on K8s with open source, but when they are serving their customers, they want an SLO [service-level objective] with us."
But it is still based on open source? "It's based on open source code, but there are things like workload identity, a feature that we announced, or tie-ins to our global load balancer. We don't have an open source global load balancer but that's one of our key differentiators of GKE," she says.
At the same time, Lin is keen to emphasise the universality of the K8s APIs. This is how Anthos multi-cloud works. "Our multi-cloud capabilities for K8s is because the K8s APIs are the K8s APIs no matter where they are. We're using the ability to register cluster that actually run somewhere else into our control plane to provide a single management layer. So a global cluster administrator can see the K8s environments in other clouds or on-premises," she says.
It is that tricky messaging we mentioned above.
What about this controversy about Google holding on to Knative and Istio governance, does she have any insight into that? "CNCF was birthed at a time when people didn't know Kubernetes and we wanted to build an ecosystem and drive awareness around it," she said. "For Istio and Knative, they are already open source under the Apache license, the most permissive license, to the source code is out there. CNCF generally doesn't take on a lot of the governance," she said. "We have a similar governance and transparency across those environments. It's not about the foundation, it about how do we engage with the community," she continued, in an answer that is unlikely to satisfy those who are concerned, and may puzzle those who manage source foundations.
At the Cloud Next event Google trotted out some happy customers, one of whom is convinced that Anthos, rather than just K8s, is the standard that counts. Falko Lameter CIO at global Compressed air specialists Kaeser Kompressoren, remarked that, after years of watching the cloud space, his company chose GKE because it was from "the inventor of Kubernetes." The company was a beta tester for GKE on-premises, which became Anthos. "For my opinion, Anthos is the new standard for multi-cloud, which means running software on different clouds. This is what we need," he said. "Anthos is the tool to manage K8s."
Despite these remarks, the reality is that open source K8s, Istio and Knative are the de facto standards, not vendor-specific expanded versions, even when they come from Google. That said, it is not surprising to find Google trying to capitalise on the success of K8s in every way that it can. ®