We currently run workloads on both AWS and GCP. Managing two different sets of security policies and deployment pipelines is becoming a nightmare. I’ve heard Anthos can provide a "single pane of glass" for management. Does it actually simplify multi-cloud operations, or does it just add another layer of complexity and cost that a mid-sized company might not need?
3 answers
Anthos is powerful but it is a significant commitment. For mid-sized companies, the "Config Management" and "Service Mesh" components are the real winners. They allow you to define a security policy once and have it enforced across your GKE clusters on GCP and your EKS clusters on AWS. If you are struggling with "configuration drift" between clouds, Anthos will solve that. However, be mindful of the licensing costs. It’s a premium product, so you need to weigh the cost of the software against the hours your engineers currently spend manually syncing environments.
Does your current team have high-level expertise in Istio? Because Anthos Service Mesh is heavily based on it.
Anthos is great if you have regulatory requirements for on-prem data. Otherwise, for just two clouds, a good Terraform setup might be enough.
I agree with Mary. We did a POC with Anthos and realized that for our scale, just improving our CI/CD pipelines with Terraform was more cost-effective.
Richard, we have some experience, but it's not deep. Is the managed version of Istio in Anthos easier to handle than the open-source version? Yes, significantly. Google handles the control plane upgrades and lifecycle, which is the hardest part of Istio. It makes mTLS and observability much more "plug-and-play" than doing it yourself.