Architecting Hybrid Cloud Infrastructure with Anthos

Duration : 2 Days (16 Hours)

Architecting Hybrid Cloud Infrastructure with Anthos Course Overview:

Through a combination of engaging presentations, hands-on labs, and practical exercises, participants will acquire hands-on experience with essential technologies such as Kubernetes Engine (GKE), GKE Connect, Istio service mesh, and Anthos Config Management. These tools empower operators to effectively handle modern applications, even across multiple clusters hosted by different providers or in on-premises environments.

During the course, participants will explore various aspects of hybrid cloud infrastructure architecture, focusing on optimizing application deployment, management, and observability using Kubernetes. They will also delve into Anthos Config Management, which ensures consistent configuration across diverse environments.

Intended Audience:

  • Technical employees using GCP, including customer companies, partners and system integrators: deployment engineers, cloud architects, cloud administrators, system engineers, and SysOps/DevOps engineers.
  • Individuals using GCP to create, integrate, or modernize solutions using secure, scalable microservices architectures in hybrid environments.

Course Objectives:

  • Connect and manage Anthos GKE clusters from GCP Console whether clusters are part of Anthos on Google Cloud or Anthos deployed on VMware.
  • Understand how service mesh proxies are installed, configured and managed.
  • Configure centralized logging, monitoring, tracing, and service visualizations wherever the Anthos GKE clusters are hosted.
  • Understand and configure fine-grained traffic management.
  • Use service mesh security features for service-service authentication, user authentication, and policy-based service authorization.
  • Install a multi-service application spanning multiple clusters in a hybrid environment. Understand how services communicate across clusters.
  • Migrate services between clusters.
  • Install Anthos Config Management, use it to enforce policies, and explain how it can be used across multiple clusters.

Module 1: Anthos Overview

• Describe challenges of hybrid cloud
• Discuss modern solutions
• Describe the Anthos Technology Stack

• Understand Anthos GKE hybrid environments, with Admin and User clusters
• Register and authenticate remote Anthos GKE clusters in GKE Hub
• View and manage registered clusters, in cloud and on-premises, using GKE Hub
• View workloads in all clusters from GKE Hub
• Lab: Managing Hybrid Clusters using Kubernetes Engine

• Understand service mesh, and problems it solves
• Understand Istio architecture and components
• Explain Istio on GKE add on and it’s lifecycle, vs OSS Istio
• Understand request network traffic flow in a service mesh
• Create a GKE cluster, with a service mesh
• Configure a multi-service application with service mesh
• Enable external access using an ingress gateway
• Explain the multi-service example applications: Hipster Shop, and Bookinfo
• Lab: Installing Open Source Istio on Kubernetes Engine
• Lab: Installing the Istio on GKE Add-On with Kubernetes Engine

• Understand service mesh flexible adapter model
• Understand service mesh telemetry processing
• Explain Stackdriver configurations for logging and monitoring
• Compare telemetry defaults for cloud and on-premises environments
• Configure and view custom metrics using service mesh
• View cluster and service metrics with pre-configured dashboards
• Trace microservice calls with timing data using service mesh adapters
• Visualize and discover service attributes with service mesh
• Lab: Telemetry and Observability with Istio

• Understand the service mesh abstract model for traffic management
• Understand service mesh service discovery and load balancing
• Review and compare traffic management use cases and configurations
• Understand ingress configuration using service mesh
• Visualize traffic routing with live generated requests
• Configure a service mesh gateway to allow access to services from outside the mesh
• Apply virtual services and destination rules for version-specific routing
• Route traffic based on application-layer configuration
• Shift traffic from one service version to another, with fine-grained control, like a canary deployment
• Lab: Managing Traffic Routing with Istio and Envoy

• Understand authentication and authorization in service mesh
• Explain mTLS flow for service to service communication
• Adopt mutual TLS authentication across the service mesh incrementally
• Enable end-user authentication for the frontend service
• Use service mesh access control policies to secure access to the frontend service
• Lab: Managing Policies and Security with Service Mesh

• Understand the challenge of managing resources across multiple clusters
• Understand how a Git repository is as a configuration source of truth
• Explain the Anthos Config Management components, and object lifecycle
• Install and configure Anthos Config Management, operators, tools, and related Git repository
• Verify cluster configuration compliance and drift management
• Update workload configuration using repo changes
• Lab: Managing Policies in Kubernetes Engine using Anthos Config

• Understand how multiple clusters work together using DNS, root CA, and service discovery
• Explain service mesh control-plane architectures for multi-cluster
• Configure a multi-service application using service mesh across multiple clusters with multiple control-planes
• Configure a multi-service application using service mesh across multiple clusters with a shared control-plane
• Configure service naming/discovery between clusters
• Review ServiceEntries for cross-cluster service discovery
• Migrate workload from a remote cluster to an Anthos GKE cluster
• Lab: Configuring GKE for Multi-Cluster Operation with Istio
• Lab: Configuring GKE for Shared Control Plane Multi-Cluster Operation

Architecting Hybrid Cloud Infrastructure with Anthos Course Prerequisites:

To get the most out of this Architecting Hybrid Cloud Infrastructure with Anthos course, participants should have completed the Architecting with Google Kubernetes Engine course and its prerequisites, or have equivalent experience.

Q: What is the “Architecting Hybrid Cloud Infrastructure with Anthos” course?

A: “Architecting Hybrid Cloud Infrastructure with Anthos” is a training course that focuses on teaching participants how to design and architect hybrid cloud solutions using Google’s Anthos platform. Anthos enables organizations to build and manage applications across both on-premises and cloud environments, providing a consistent and scalable infrastructure.

A: This course is suitable for architects, system administrators, DevOps engineers, and IT professionals who want to learn how to design and deploy hybrid cloud solutions using Anthos. It is designed for individuals who have a basic understanding of cloud computing concepts and want to gain expertise in architecting hybrid infrastructures.

A: The “Architecting Hybrid Cloud Infrastructure with Anthos” course covers a range of topics, including understanding Anthos architecture, designing hybrid cloud solutions, integrating on-premises environments with Google Cloud, implementing security and identity management, managing and scaling applications, and ensuring operational efficiency.

A: Participants should have a fundamental understanding of cloud computing concepts, including virtualization, networking, and security. Familiarity with Google Cloud Platform (GCP) and Kubernetes is beneficial but not mandatory.

A: By completing this course, participants will gain the skills and knowledge to architect and deploy hybrid cloud infrastructures using Anthos. They will learn how to design scalable and secure solutions, integrate on-premises environments with Google Cloud, implement identity and access management, manage and scale applications effectively, and ensure operational efficiency in hybrid environments.

A: This course is not directly associated with a specific certification. However, the knowledge and skills acquired through this course can be beneficial for individuals pursuing various Google Cloud certifications, such as the “Google Cloud Certified – Professional Cloud Architect” or “Google Cloud Certified – Associate Cloud Engineer” certifications.

Discover the perfect fit for your learning journey

Choose Learning Modality

Live Online

  • Convenience
  • Cost-effective
  • Self-paced learning
  • Scalability


  • Interaction and collaboration
  • Networking opportunities
  • Real-time feedback
  • Personal attention


  • Familiar environment
  • Confidentiality
  • Team building
  • Immediate application

Training Exclusives

This course comes with following benefits:

  • Practice Labs.
  • Get Trained by Certified Trainers.
  • Access to the recordings of your class sessions for 90 days.
  • Digital courseware
  • Experience 24*7 learner support.

Got more questions? We’re all ears and ready to assist!

Request More Details

Please enable JavaScript in your browser to complete this form.

Subscribe to our Newsletter

Please enable JavaScript in your browser to complete this form.