GCP and Azure

Spotify runs on GCP (one of the largest GCP clients - a $450M contract). Spotify chose GCP for BigQuery analytics and machine learning. But Spotify also uses AWS for some workloads and Cloudflare for CDN. Cloud choice is not ideology - it is matching the tool to the problem.

• **Spotify** deploys 10 million Kubernetes pods per day on GKE - a scale requiring Autopilot and Workload Identity for secure BigQuery access from every pod.
• **SAP** migrated enterprise clients from on-premise to Azure - Active Directory integration allowed 80,000 employees to use existing corporate credentials.
• **Twitter/X** uses multi-cloud: primary infrastructure in its own datacenters + GCP for ML workloads + Cloudflare for CDN - a typical hybrid Tier-1 architecture.

GKE (Google Kubernetes Engine)

GKE is Google's managed Kubernetes. Google invented Kubernetes (internal project Borg), so GKE receives new Kubernetes features first and has the most mature managed offering. GKE Autopilot removes all node management: Google provisions, scales, and patches nodes automatically.

Workload Identity eliminates the key file antipattern: no JSON credentials mounted in pods, no manual rotation, no risk of key files leaking via Docker image layers.

Cloud Run

Cloud Run is a serverless container platform in GCP. Unlike Lambda, it deploys any Docker container without language or timeout restrictions. Unlike GKE, it requires zero cluster management. Scales from 0 to 1000 instances in seconds.

Cloud Run is the correct choice when an existing containerized application needs serverless deployment: no code changes required, no Lambda packaging constraints, no timeout anxiety.

Azure DevOps

Azure DevOps is an all-in-one platform: Repos (Git), Pipelines (CI/CD), Boards (Jira equivalent), Artifacts (package registry), Test Plans. Azure is the dominant cloud for enterprise companies already using Microsoft products.

Azure Active Directory (now Entra ID) integration is Azure's enterprise advantage: 80,000 employees can use existing corporate credentials for cloud services without a separate identity provider setup.

Multi-Cloud Strategy

Multi-cloud uses multiple cloud providers. Motivations: avoid vendor lock-in, compliance requirements (data sovereignty), best-of-breed services (GCP BigQuery + AWS EC2), or geographic coverage. The operational cost is significant: teams need expertise in multiple platforms.

Multi-cloud does not automatically provide high availability. Automatic failover between providers requires complex routing, data synchronization, and testing that most teams underestimate.

Key Ideas

• **GKE Autopilot** - the most mature managed Kubernetes from the creators of Kubernetes; Workload Identity eliminates key files for GCP service access.
• **Cloud Run** - serverless for any Docker container without Kubernetes complexity; better than Lambda for existing containerized applications.
• **Azure DevOps + Multi-cloud** - Azure wins with enterprises using the Microsoft stack; multi-cloud is justified when benefits outweigh operational complexity.

Related Topics

GCP and Azure offer cloud-agnostic patterns that mirror AWS equivalents:

• AWS: Core Services — GKE is the GCP equivalent of EKS, Cloud Run is the equivalent of Lambda+Fargate, Cloud Storage is the equivalent of S3.
• Autoscaling and HPA — GKE Autopilot and Cloud Run autoscaling use the same K8s HPA concepts but without manual node pool management.

Вопросы для размышления

• For a 5-engineer startup - which managed Kubernetes (GKE Autopilot, EKS, AKS) is optimal and why?
• If a company has already invested $2M in Azure AD and Office 365 licenses - how does that influence cloud provider choice for new applications?
• When is Cloud Run preferable to GKE for deploying microservices?

Связанные уроки

• net-52-multi-cloud