Anthos Config Management

1. Overview

  • Anthos Config Management is designed for cluster operators who manage many clusters. 
  • Spanning workloads multiple environments adds complexity in terms of resource management and consistency. 
  • Configuration as code is a common approach to managing complexity. Anthos provides configuration as code via Anthos Config Management.
  • Operators ensure that clusters meet business and compliance standards.
  • Anthos deploys the Anthos Config Management Operator to GKE clusters, enabling configuration changes detected in a Git repo to be applied without intervention.
  • Centralized config management leverages core Kubernetes concepts, such as Namespaces, labels, and annotations to determine how and where to apply the config changes to Kubernetes clusters, no matter where they reside.
  • Anthos Config Management keeps enrolled clusters in sync using configs. 
  • Configuration for any Kubernetes object in a cluster, a YAML or JSON file that is stored in a repo , can be managed.
  • Anthos Config Management manages namespaces, Roles, RoleBindings, ResourceQuotas, and other important Kubernetes objects. 
  • Some Kubernetes objects, such as Secrets, contain sensitive information that may be inappropriate to store in a Git repository.
  • The repo provides a versioned, secured, and controlled single source of truth for all Kubernetes configurations. 
  • Anthos Config Management applies configs when the annotation configmanagement.gke.io/managed: enabled is applied to the Kubernetes object
  • Anthos Config Management allows configuration changes to be applied to namespaces in a grouped hierarchical way.