2. - CONFIDENTIAL -
WHO?
❑Principal Technologist – NetSol Technologies
❑Hold certifications,
❑Microsoft Valuable Professional (Azure) – Candidate
❑Elasticsearch Certified Engineer I & II
❑AWS Certified Professional – Cloud Solution Architect
❑Oracle Certified Programmer, Developer, Enterprise
Architect.
❑Hands-on Developer, and Technology Evangelist
3. - CONFIDENTIAL -
Agenda
❖Cloud Coverage
❖What makes Microsoft Azure different?
❖What is the global market share?
❖Containers in Cloud
❖Deploying with Kubernetes on Azure
❖Technical Demo with a .NET Core Application
7. - CONFIDENTIAL -
Market Share
7
Start Date %age
Azure Feb-2010 25
AWS Mar-2006 32
Google Mar-2017 5
IBM Apr-2011 8
Ali Baba Sep-2010 4
Others 27
8. - CONFIDENTIAL -
Key Differences between top 2 (Azure / AWS)
8
❖ Compute
❖ Storage
❖ Networking
❖ Database
❖ Analytics & Big Data
❖ Intelligence
❖ Internet of Things
❖ Management and Monitoring
❖ Mobile
❖ Security
❖ Developer Tools
❖ Enterprise Integration
9. - CONFIDENTIAL -
Compute
9
Area AWS service Azure service Description
Virtual servers Elastic Compute Cloud (EC2)
Instances
Azure Virtual Machines Virtual servers allow users to deploy, manage, and maintain OS and server software.
Instance types provide combinations of CPU/RAM. Users pay for what they use with the
flexibility to change sizes.
Amazon Lightsail Azure Marketplace Azure Marketplace includes a selection of preconfigured VM images for various applications.
Container instances EC2 Container Service (ECS) Azure Container Service Azure Container Instances is the fastest and simplest way to run a container in Azure, without
having to provision any virtual machines or adopt a higher-level orchestration service.
EC2 Container Registry Azure Container Registry Allows customers to store Docker formatted images. Used to create all types of container
deployments on Azure.
Microservices / container
orchestrators
Elastic Container Service for
Kubernetes (EKS)
Azure Kubernetes Service (AKS) Deploy orchestrated containerized applications with Kubernetes. Simplify monitoring and
cluster management through auto upgrades and a built-in operations console.
Service Fabric A compute service that orchestrates and manages the execution, lifetime, and resilience of
complex, inter-related code components that can be either stateless or stateful.
Service Fabric Mesh Fully managed service that enables developers to deploy microservices applications without
managing virtual machines, storage, or networking.
Azure Container Service (ACS) Quickly deploy a production ready Kubernetes, DC/OS, or Docker Swarm cluster
Serverless Lambda Azure Functions
Azure Event Grid
Integrate systems and run backend processes in response to events or schedules without
provisioning or managing servers.
Backend process logic Web Jobs Provides an easy way to run background processes in an application context.
Batch computing AWS Batch Azure Batch Run large-scale parallel and high-performance computing applications efficiently in the cloud.
Scalability AWS Auto Scaling Virtual Machine Scale Sets
Azure App Service Scale Capability (PaaS)
Azure AutoScaling
Lets you automatically change the number of instances providing a particular compute
workload. You set defined metric and thresholds that determine if the platform adds or
removes instances.
10. - CONFIDENTIAL -
Storage
10
Area AWS service Azure service Description
Object storage Simple Storage Services (S3) Azure Storage—Block Blob (for content
logs, files) (Standard—Hot)
Object storage service, for use cases including cloud applications, content distribution,
backup, archiving, disaster recovery, and big data analytics.
Virtual Server disk
infrastructure
Elastic Block Store (EBS) Azure Storage Disk—Page Blobs (for VHDs
or other random-write type data)
Azure Storage Disks—Premium Storage
SSD storage optimized for I/O intensive read/write operations. For use as high performance
Azure virtual machine storage.
Shared file storage Elastic File System Azure Files (file share between VMs) Provides a simple interface to create and configure file systems quickly, and share common
files. It’s shared file storage without the need for a supporting virtual machine, and can be
used with traditional protocols that access files over a network.
Archiving — cool storage S3 Infrequent Access (IA) Azure Storage—Standard Cool Cool storage is a lower cost tier for storing data that is infrequently accessed and long-lived.
Archiving — cold storage S3 Glacier Azure Storage-Standard Archive Archive storage has the lowest storage cost and higher data retrieval costs compared to hot
and cool storage.
Backup AWS Backup Azure Backup Backup and archival solutions allow files and folders to be backed up and recovered from the
cloud, and provide off-site protection against data loss. There are two components of
backup—the software service that orchestrates backup/retrieval and the underlying backup
storage infrastructure.
Hybrid storage Storage Gateway StorSimple Integrates on-premises IT environments with cloud storage. Automates data management
and storage, plus supports disaster recovery.
Bulk data transfer AWS Import/Export Disk Import/Export A data transport solution that uses secure disks and appliances to transfer large amounts of
data. Also offers data protection during transit.
AWS Import/Export Snowball
AWS Snowball Edge
AWS Snowmobile
Azure Data Box Petabyte- to Exabyte-scale data transport solution that uses secure data storage devices to
transfer large amounts of data into and out of the AWS cloud, at lower cost than Internet-
based transfers.
Disaster recovery None Site Recovery Automates protection and replication of virtual machines. Offers health monitoring, recovery
plans, and recovery plan testing.
11. - CONFIDENTIAL -
Networking
11
Area AWS service Azure service Description
Cloud virtual networking Virtual Private Cloud (VPC) Virtual Network Provides an isolated, private environment in the cloud. Users have control over their virtual
networking environment, including selection of their own IP address range, creation of
subnets, and configuration of route tables and network gateways.
Cross-premises connectivity AWS VPN Gateway Azure VPN Gateway Azure VPN Gateways connect Azure virtual networks to other Azure virtual networks, or
customer on-premises networks (Site To Site). It also allows end users to connect to Azure
services through VPN tunneling (Point To Site).
Domain name system
management
Route 53 Azure DNS Manage your DNS records using the same credentials and billing and support contract as
your other Azure services
Route 53 Traffic Manager A service that hosts domain names, plus routes users to Internet applications, connects user
requests to datacenters, manages traffic to apps, and improves app availability with
automatic failover.
Content delivery network CloudFront Azure Content Delivery Network A global content delivery network that delivers audio, video, applications, images, and other
files.
Dedicated network Direct Connect ExpressRoute Establishes a dedicated, private network connection from a location to the cloud provider (not
over the Internet).
Load balancing Classic Load Balancer
Network Load Balancer
Application Load Balancer
Load Balancer
Application Gateway
Automatically distributes incoming application traffic to add scale, handle failover, and route
to a collection of resources.
12. - CONFIDENTIAL -
Database
12
Area AWS service Azure service Description
Relational database RDS SQL Database
Azure Database for MySQL
Azure Database for PostgreSQL
Relational database-as-a-service (DBaaS) where the database resilience, scale, and
maintenance are primarily handled by the platform.
NoSQL—document storage,
key/value storage
DynamoDB and SimpleDB Azure Cosmos DB A globally distributed, multi-model database that natively supports multiple data models:
key-value, documents, graphs, and columnar.
Caching ElastiCache Azure Redis Cache An in-memory–based, distributed caching service that provides a high-performance store
typically used to offload nontransactional work from a database.
Database migration Database Migration Service Azure Database Migration Service Typically is focused on the migration of database schema and data from one database
format to a specific database technology in the cloud.
13. - CONFIDENTIAL -
Analytics & Big Data
13
Area AWS service Azure service Description
Elastic data warehouse Redshift SQL Data Warehouse A fully managed data warehouse that analyzes data using business intelligence tools. It can
transact SQL queries across relational and nonrelational data.
Big data processing EMR Azure Databricks Apache Spark-based analytics platform.
HDInsight Managed Hadoop service. Deploy and manage Hadoop clusters in Azure.
Data orchestration Data Pipeline Data Factory Processes and moves data between different compute and storage services, as well as on-
premises data sources at specified intervals. Users can create, schedule, orchestrate, and
manage data pipelines.
AWS Glue Data Factory
Data Catalog
Cloud-based ETL/data integration service that orchestrates and automates the movement
and transformation of data from various sources.
Analytics Kinesis Analytics Stream Analytics
Data Lake Analytics
Data Lake Store
Storage and analysis platforms that create insights from large quantities of data, or data that
originates from many sources.
Visualization QuickSight PowerBI Business intelligence tools that build visualizations, perform ad hoc analysis, and develop
business insights from data.
None Power BI Embedded Allows visualization and data analysis tools to be embedded in applications.
Search Elasticsearch Service Marketplace—Elasticsearch A scalable search server based on Apache Lucene.
CloudSearch Azure Search Delivers full-text search and related search analytics and capabilities.
Machine learning SageMaker Azure Machine Learning Studio
Azure Machine Learning Service
Produces an end-to-end workflow to create, process, refine, and publish predictive models
that can be used to understand what might happen from complex data sets.
Data discovery None Data Catalog Provides the ability to better register, enrich, discover, understand, and consume data
sources.
Amazon Athena Azure Data Lake Analytics Provides a serverless interactive query service that uses standard SQL for analyzing
databases.
14. - CONFIDENTIAL -
Intelligence
14
Area AWS service Azure service Description
Conversational user
interfaces virtual personal
assistant
Alexa Skills Kits Cortana Intelligence Suite —Cortana
Integration
Services cover intelligence cognitive services, machine learning, analytics, information
management, big data and dashboards and visualizations.
Microsoft Bot Framework + Azure Bot
Service
Builds and connects intelligent bots that interact with your users using text/SMS, Skype,
Teams, Slack, Office 365 mail, Twitter, and other popular services.
Speech recognition Amazon Lex Bing Speech API API capable of converting speech to text, understanding intent, and converting text back to
speech for natural responsiveness.
Language Understanding Intelligent
Service (LUIS)
Allows your applications to understand user commands contextually.
Speaker Recognition API Gives your app the ability to recognize individual speakers.
Custom Recognition Intelligent Service
(CRIS)
Fine-tunes speech recognition to eliminate barriers such as speaking style, background
noise, and vocabulary.
Text to Speech Amazon Polly Bing Speech API Enables both Speech to Text, and Text into Speech capabilities.
Visual recognition Amazon Rekognition Computer Vision API Distills actionable information from images, generates captions and identifies objects in
images.
Face API Detects, identifies, analyzes, organizes, and tags faces in photos.
Emotions API Recognizes emotions in images.
Video API Intelligent video processing produces stable video output, detects motion, creates intelligent
thumbnails, detects and tracks faces.
15. - CONFIDENTIAL -
Internet of Things (IoT)
15
Area AWS service Azure service Description
Internet of Things AWS IoT Other Services
(Kinesis, Machine Learning,
EMR, Data Pipeline, SNS,
QuickSight)
Azure IoT Suite (IoT Hub, Machine
Learning, Stream Analytics, Notification
Hubs, PowerBI)
Provides a preconfigured solution for monitoring, maintaining, and deploying common IoT
scenarios.
AWS IoT Azure IoT Hub A cloud gateway for managing bidirectional communication with billions of IoT devices,
securely and at scale.
Edge compute for IoT AWS Greengrass Azure IoT Edge Managed service that deploys cloud intelligence directly on IoT devices to run in on-
premises scenarios.
Streaming data Kinesis Firehose
Kinesis Streams
Event Hubs Services that allow the mass ingestion of small data inputs, typically from devices and
sensors, to process and route the data.
16. - CONFIDENTIAL -
Management & Monitoring (1/2)
16
Area AWS service Azure service Description
Cloud advisor Trusted Advisor Azure Advisor Provides analysis of cloud resource configuration and security so subscribers can ensure
they’re making use of best practices and optimum configurations.
Deployment orchestration
(DevOps)
OpsWorks (Chef-based) Azure Automation Configures and operates applications of all shapes and sizes, and provides templates to
create and manage a collection of resources.
CloudFormation Azure Resource Manager
VM extensions
Azure Automation
Provides a way for users to automate the manual, long-running, error-prone, and frequently
repeated IT tasks.
Management & monitoring
(DevOps)
CloudWatch Azure portal
Azure Monitor
A unified console that simplifies building, deploying, and managing your cloud resources.
CloudWatch Azure Application Insights + Azure Monitor An extensible analytics service that helps you understand the performance and usage of
your live web application. It's designed for developers, to help you continuously improve the
performance and usability of your app.
AWS X-Ray Azure Application Insights + Azure Monitor An extensible application performance management service for web developers on multiple
platforms. You can use it to monitor your live web application, detect performance
anomalies, and diagnose issues with your app.
AWS Usage and Billing Report Azure Billing API Services to help generate, monitor, forecast, and share billing data for resource usage by
time, organization, or product resources.
AWS Management Console Azure portal A unified management console that simplifies building, deploying, and operating your cloud
resources.
17. - CONFIDENTIAL -
Management & Monitoring (2/2)
17
Area AWS service Azure service Description
Administration AWS Application Discovery
Service
Azure Log Analytics in Operations
Management Suite
Provides deeper insights into your application and workloads by collecting, correlating and
visualizing all your machine data, such as event logs, network logs, performance data, and
much more, from both on-premises and cloud assets.
Amazon EC2 Systems
Manager
Microsoft Operations Management Suite—
Automation and Control functionalities
Enables continuous IT services and compliance through process automation and
configuration management. You can transform complex and repetitive tasks with IT
automation.
AWS Personal Health
Dashboard
Azure Resource Health Provides detailed information about the health of resources as well as recommended
actions for maintaining resource health.
Third Party Azure Storage Explorer Standalone app from Microsoft that allows you to easily work with Azure Storage data on
Windows, Mac OS, and Linux.
18. - CONFIDENTIAL -
Mobile
18
Area AWS service Azure service Description
Pro app development Mobile Hub Mobile Apps
Xamarin Apps
Provides backend mobile services for rapid development of mobile solutions, identity
management, data synchronization, and storage and notifications across devices.
Mobile SDK Mobile Apps Provides the technology to rapidly build cross-platform and native apps for mobile devices.
Cognito Mobile Apps Provides authentication capabilities for mobile applications.
App testing AWS Device Farm Xamarin Test Cloud (front end) Provides services to support testing mobile applications.
Analytics Mobile Analytics HockeyApp
Application Insights
Supports monitoring, and feedback collection for the debugging and analysis of a mobile
application service quality.
Enterprise mobility
management
None Intune Provides mobile device management, mobile application management, and PC
management capabilities from the cloud.
19. - CONFIDENTIAL -
Security (1/2)
19
Area AWS service Azure service Description
Authentication and
authorization
Identity and Access
Management (IAM)
Azure Active Directory
Azure Active Directory Premium
Allows users to securely control access to services and resources while offering data
security and protection. Create and manage users and groups, and use permissions to
allow and deny access to resources.
AWS Organizations Azure Subscription and Service
Management + Azure RBAC
Security policy and role management for working with multiple accounts.
Multi-Factor Authentication Multi-Factor Authentication Helps safeguard access to data and applications while meeting user demand for a simple
sign-in process. It delivers strong authentication with a range of verification options,
allowing users to choose the method they prefer.
Information protection None Azure Information Protection Service to help control and secure email, documents, and sensitive data that you share
outside your company walls.
Encryption Server-side encryption with
Amazon S3 Key Management
Service
Azure Storage Service Encryption Helps you protect and safeguard your data and meet your organizational security and
compliance commitments.
Key Management Service
CloudHSM
Key Vault Provides security solution and works with other services by providing a way to manage,
create, and control encryption keys stored in hardware security modules (HSM).
Firewall Web Application Firewall Application Gateway Web Application
Firewall
A firewall that protects web applications from common web exploits. Users can define
customizable web security rules.
Security Inspector Security Center An automated security assessment service that improves the security and compliance of
applications. Automatically assess applications for vulnerabilities or deviations from best
practices.
Certificate Manager App Service Certificates available on the
Portal
Service that allows customers to create, manage and consume certificates seamlessly in
the cloud.
GuardDuty Azure AD, Operations Management Suite
(OMS), Security Center
Azure offers built-in advanced threat detection functionality, which can be configured and
customized to meet your requirements.
20. - CONFIDENTIAL -
Security (2/2)
20
Area AWS service Azure service Description
Security AWS Macie Azure Advanced Threat Protection
Azure SQL Database Threat Detection
Detect and investigate advanced attacks on-premises and in the cloud.
Detects anomalous activities indicating unusual and potentially harmful attempts to access
or exploit databases.
Directory services AWS Directory Service +
Windows Server Active
Directory on AWS
Azure Active Directory Domain Services +
Windows Server Active Directory on Azure
IaaS
Comprehensive identity and access management cloud solution that provides a robust set
of capabilities to manage users and groups. It helps secure access to on-premises and
cloud applications, including Microsoft online services like Office 365 and many non-
Microsoft SaaS applications.
Cognito Azure Active Directory B2C A highly available, global, identity management service for consumer-facing applications
that scales to hundreds of millions of identities.
AWS Directory Service Windows Server Active Directory Services for supporting Microsoft Active Directory in the cloud.
Compliance AWS Artifact Service Trust Platform Provides access to audit reports, compliance guides, and trust documents from across
cloud services.
Security AWS Shield Azure DDos Protection Service Provides cloud services with protection from distributed denial of services (DDoS) attacks.
21. - CONFIDENTIAL -
Developer Tools (1/2)
21
Area AWS service Azure service Description
Media transcoding Elastic Transcoder Media Services Services that offer broadcast-quality video streaming services, including various
transcoding technologies.
Email Simple Email Service (SES) Marketplace—Email Services for integrating email functionality into applications.
Messaging Simple Queue Service (SQS) Azure Queue Storage Provides a managed message queueing service for communicating between decoupled
application components.
Messaging Simple Queue Service (SQS) Service Bus Queues, Topics, Relays Supports a set of cloud-based, message-oriented middleware technologies including
reliable message queuing and durable publish/subscribe messaging.
Workflow Simple Workflow Service
(SWF)
Logic Apps Serverless technology for connecting apps, data and devices anywhere—on-premises or in
the cloud for large ecosystems of SaaS and cloud based connectors.
API management API Gateway API Management A turnkey solution for publishing APIs to external and internal consumers.
Elastic Beanstalk Web Apps (App Service)
Cloud Services
API Apps (App Service)
Managed hosting platforms providing easy to use services for deploying and scaling web
applications and services.
CodeDeploy
CodeCommit
CodePipeline
Azure DevOps A cloud service for collaborating on code development.
AWS Developer Tools Azure Developer Tools Collection of tools for building, debugging, deploying, diagnosing, and managing multi-
platform, scalable apps and services.
Power Apps Technology to rapidly build business solutions, connecting to existing services and data
sources such as Excel, SharePoint, Dynamics 365, and more using a visual designer.
22. - CONFIDENTIAL -
Developer Tools (1/2)
22
Area AWS service Azure service Description
App testing None Azure DevTest Labs (backend) Testing technology to build out heterogeneous solutions for testing cross-platform
functionality to your dev/test environment. Integrates to a full DevOps Continuous
Integration/Deployment with Visual Studio Online service and 3rd parties such as Jenkins,
Chef, Puppet, CloudTest Lite, Octopus Deploy, and others.
App customer payment
service
Amazon Flexible Payment
Service and Amazon Dev Pay
None Cloud service that provides developers a payment service for their cloud based
applications.
DevOps AWS CodeBuild Azure DevOps Fully managed build service that supports continuous integration and deployment.
Backend process logic AWS Step Functions Logic Apps Cloud technology to build distributed applications using out-of-the-box connectors to reduce
integration challenges. Connect apps, data and devices on-premises or in the cloud.
Programmatic access Command Line Interface Azure Command Line Interface (CLI)
Azure PowerShell
Built on top of the native REST API across all cloud services, various programming
language-specific wrappers provide easier ways to create solutions.
Predefined templates AWS Quick Start Azure Quickstart templates Community-led templates for creating and deploying virtual machine–based solutions.
23. - CONFIDENTIAL -
Enterprise Integration
23
Area AWS service Azure service Description
Enterprise app integration None Logic Apps Provides out-of-the box line-of-business application integration for SAP, Oracle, SQL
Server, and Websphere MQ. Connect apps, data, and devices on-premises or in the cloud
with our large ecosystem of SaaS and cloud-based connectors, including Salesforce, Office
365, Twitter, Dropbox, Google Services, and more.
Enterprise application
services
None Dynamics 365 Dynamics 365 delivers the full spectrum of CRM through five individual apps— Sales,
Customer Service, Field Service, Project Service Automation, and Marketing —that work
seamlessly together.
Amazon WorkMail
Amazon WorkDocs
Office 365 Fully integrated Cloud service providing communications, email, document management in
the cloud and available on a wide variety of devices.
Content management in the
cloud
None SharePoint Online Provides a collaborative way for individuals, teams, and organizations to intelligently
discover, share, and collaborate on content from anywhere and on any device.
Commercial PaaS-IaaS-
DBaaS framework
None Azure Stack A hybrid cloud platform that lets you deliver Azure services from your organization’s
datacenter.
24. - CONFIDENTIAL -
Enterprise Integration
24
Area AWS service Azure service Description
Scalable game servers GameLift PlayFab Managed services for hosting dedicated game servers.
Gaming services and
LiveOps
GameSparks PlayFab Services for things like identity, authentication, leaderboards, real-time analytics, and more.
Automated 3D optimization None Simplygon Adapt 3D assets to run smoothly on any platform.
25. AKS – Azure Kubernettes
Service
SECURE SOFTWARE LIFE CYCLE
26. - CONFIDENTIAL -
1. Open Azure Cloud Shell
26
❖ Open command line and check if azure cloud CLI is installed or not
❖ az –version
❖ If not installed, go to https://docs.microsoft.com/en-us/cli/azure/install-azure-
cli to install that.
❖ You can check it from the browser shell as well
27. - CONFIDENTIAL -
2. Create a Resource Group
27
❖ Create a Resource Group with the name azurebootcamp
❖ az group create --name azurebootcamp --location eastus
28. - CONFIDENTIAL -
3. Create a AKS Cluster
28
❖ Create a AKS Cluster
❖ az aks create
--resource-group azurebootcamp
--name bootcampcluster
--node-count 1
--enable-addons monitoring
--generate-ssh-keys
This command
will return in
around 3-5
minutes, so
hang-in there
29. - CONFIDENTIAL -
4. Connect and Check Nodes
29
❖ In order to manage the Kubernettes cluster, kubectl is required. If you are
using Azure Cloud Shell – then its already installed.
❖ Install kubectl
❖ az aks install-cli
❖ Connect Cluster
❖ az aks get-credentials --resource-group azurebootcamp --name bootcampcluster
❖ Check Nodes
❖ kubectl get nodes
31. - CONFIDENTIAL -
6. Test the application
31
❖ kubectl get service azure-vote-front --watch
32. - CONFIDENTIAL -
7. Monitor Health & Logs
32
❖ Open a web browser to the Azure portal https://portal.azure.com.
❖ Select your resource group, such as azurebootcamp, then select your AKS
cluster, such as bootcampcluster.
❖ Under Monitoring on the left-hand side, choose Insights
❖ Across the top, choose to + Add Filter
❖ Select Namespace as the property, then choose <All but kube-system>
❖ Choose to view the Containers.
33. - CONFIDENTIAL -
8. Delete the cluster
33
❖ az group delete --name myResourceGroup --yes --no-wait
34. - CONFIDENTIAL -
References
❖ Application used for demo is taken from azure demo applications
(https://github.com/Azure-Samples/azure-voting-app-redis)