Introducción a Azure, comparativa con Amazon Web Services y comentarios sobre experiencias de desarrollo y uso reales. Usada en el Meetup de Software Craftsmaship CLM de Toledo.
4. Acerca de Office 365…
…en realidad también es Azure.
https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
6. Principales proveedores de cloud computing
• 2002 – AWS
• 2003
• 2004
• 2005
• 2006 – Rackspace Cloud
• 2007
• 2008
• 2009 – Azure
• 2010
• 2011 – Google Cloud
• 2012
• 2013
• 2014 – IBM Bluemix (PaaS)
Más proveedores: https://en.wikipedia.org/wiki/Category:Cloud_computing_providers
7. ¿Por qué se elige Azure?
1. Fácil de usar viniendo del stack de Microsoft.
2. Pago por uso y acuerdos empresariales (Enterprise Agreement) que
reducen aun más el coste.
3. Buen soporte empresarial.
4. Alta disponibilidad, infraestructuras muy seguras.
5. Soporta multitud regiones en sus CPDs
6. Gran cantidad de certificaciones
=> Opción por defecto si estás en el stack Microsoft o eres empresa grande
no tecnológica (90% de las Fortune 500).
9. ¿Por qué NO se elige Azure? (mi opinión)
• Mala prensa de Micro$oft
• Miedo al vendor lockin (especialmente en PaaS)
• Coste ligeramente superior en según qué casos (vs Amazon y Google)
• Amazon está mejor orientado y posicionado en IaaS.
• Miedo a la pérdida de control por parte de IT (aplicable a toda la
nube).
10. Detalles importantes
• ¿Qué perfiles típicos usan Azure?
• Enterprise: https://azure.microsoft.com/es-es/pricing/enterprise-agreement/
• Startups: https://msdn.microsoft.com/es-es/start-ups.aspx
• ¿Qué costes tiene?
• Pago por uso, Acuerdos y descuentos (EA, Developer, Spark…).
• Licencias de software propietario incluidas en muchos casos.
• Calculadora de costes: https://azure.microsoft.com/en-us/pricing/calculator/
• ¿Cómo de estable es?
• Disponibilidad del servicio: 99,9%-99,95%. Depende del servicio:
https://azure.microsoft.com/en-us/support/legal/sla/summary/
15. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Compute (1/12)
Subcategory AWS Service Azure Service Description
Virtual servers EC2 Virtual Machines
Virtual servers allow users to deploy, manage, and maintain OS and server software. Instance types provide
combinations of CPU/RAM. Users pay for what they use with the flexibility to change sizes.
Container management EC2 Container Service Container Service
A container management service that supports Docker containers and allows users to run applications on managed
instance clusters. It eliminates the need to operate cluster management software or design fault-tolerant cluster
architectures.
Web application Elastic Beanstalk
- Web Apps A fully managed web infrastructure that provides the underlying web server instances and surrounding security,
management, resilience, and shared storage capabilities.- Cloud Services
Auto scale Auto Scaling
- VM Scale Sets
Lets you automatically change the number of instances providing a particular compute workload. You set defined
metric and thresholds that determine if the platform adds or removes instances.- App Service AutoScaling
Virtual server disk infrastructure Elastic Block Store (EBS)
- Page Blobs Provides persistent, durable storage volumes for use with virtual machines, and offers the option to select
different underlying physical storage types and performance characteristics.- Premium Storage
Backend process logic Lambda
- Functions
Used to integrate systems and run backend processes in response to events or schedules without provisioning or
managing servers.
- Web Jobs
- Logic Apps
Job-based applications Batch
Orchestration of the tasks and interactions between compute resources that are needed when you require
processing across hundreds or thousands of compute nodes.
Microservice-based applications Service Fabric
A compute service that orchestrates and manages the execution, lifetime, and resilience of complex, inter-related
code components that can be either stateless or stateful.
API-based application runtime API Apps Build, manage, and host APIs enabling a variety of languages and SDKs with built-in authentication and analytics.
Disaster recovery Site recovery
Automates protection and replication of virtual machines. Offers health monitoring, recovery plans, and recovery
plan testing.
Predefined templates AWS Quick Start Azure Quickstart Templates Community-led templates for creating and deploying virtual machine-based solutions.
Marketplace AWS Marketplace Azure Marketplace
Easy-to-deploy and automatically configured third-party applications, including single virtual machine or multiple
virtual machine solutions.
16. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Storage and Content Delivery Services (2/12)
Subcategory AWS Service Azure Service Description
Object storage S3 Blob Storage
Object storage service, for use cases including cloud applications, content distribution, backup,
archiving, disaster recovery, and big data analytics.
Shared file storage Elastic File System (Preview) File Storage
Provides a simple interface to create and configure file systems quickly, and share common
files. It’s shared file storage without the need for a supporting virtual machine, and can be
used with traditional protocols that access files over a network.
Archiving and backup
N/A (software) - Backup (software) Backup and archival solutions allow files and folders to be backed up and recovered from the
cloud, and provides off-site protection against data loss. There are two components of backup
software service that orchestrates backup/retrieval and the underlying backup storage
infrastructure.
Glacier and S3 (storage) - Blob Storage (storage)
Hybrid storage Storage Gateway StorSimple
Integrates on-premises IT environments with cloud storage. Automates data management and
storage, plus supports in disaster recovery.
Data transport Import/Export Snowball Import/Export
A data transport solution that uses secure disks and appliances to transfer large amounts of
data. Also offers data protection during transit.
Content delivery CloudFront Content Delivery Network
A global content delivery network that delivers audio, video, applications, images, and other
files.
17. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Databases (3/12)
Subcategory AWS Service Azure Service Description
Relational database RDS SQL Database
Relational database-as-a-service (DBaaS) where the database resilience, scale, and
maintenance are primarily handled by the platform.
NoSQL database DynamoDB DocumentDB
A NoSQL document database service that automatically indexes JSON data for applications
that require rich query and multi-document transactions.
Data warehouse Redshift SQL Data Warehouse
A fully managed data warehouse that analyzes data using business intelligence tools. It can
transact SQL queries across relational and non-relational data.
Table storage
DynamoDB
Table Storage
A non-relational data store for semi-structured data. Developers store and query data items
via web services requests.SimpleDB
Caching ElastiCache Azure Redis Cache
An in-memory based, distributed caching service that provides a high-performance store
typically used to offload non-transactional work from a database.
Database migration
Database Migration Service
(Preview)
SQL Database Migration Wizard
Typically is focused on the migration of database schema and data from one database format
to a specific database technology in the cloud.
18. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Networking Services (4/12)
Subcategory AWS Service Azure Service Description
Networking Virtual Private Cloud Virtual Network
Provides an isolated, private environment in the cloud. Users have control over their virtual
networking environment, including selection of their own IP address range, creation of
subnets, and configuration of route tables and network gateways.
Domain name system (DNS) Route 53
- DNS A service that hosts domain names, plus routes users to Internet applications, connects user
requests to datacenters, manages traffic to apps, and improves app availability with automatic
failover.
- Traffic Manager
Dedicated network Direct Connect ExpressRoute
Establishes a dedicated, private network connection from a location to the cloud provider (not
over the Internet).
Load balancing Elastic Load Balancing
- Load Balancer Automatically distributes incoming application traffic to add scale, handle failover, and route
to a collection of resources.- Application Gateway
20. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Management Tools (6/12)
Subcategory AWS Service Azure Service Description
Deployment orchestration
OpsWorks - Resource Manager
Configures and operates applications of all shapes and sizes, and provides templates to create
and manage a collection of resources.
CloudFormation - Automation
- VM extensions
Management and monitoring
CloudWatch - Log Analytics
Management and monitoring services for cloud resources and applications to collect, track,
store, analyze, and deliver metrics and log files.
CloudTrail - Azure portal
- Application Insights
Optimization Trusted Advisor Advisor (preview)
Provides analysis of cloud resource configuration and security so subscribers can ensure
they’re using best practices and optimum configurations.
Job scheduling Scheduler Runs jobs on simple or complex recurring schedules—now, later, or recurring.
Catalog service Service Catalog
Creates and manages catalogs of approved IT services so users can quickly find and deploy
them.
Administration Config Azure portal (audit logs)
Provides resource inventory, configuration history, and configuration change notifications for
security and governance.
Programmatic access Command Line Interface
- Azure Command Line Interface
(CLI)
Built on top of the native REST API across all cloud services, various programming language-
specific wrappers provide easier ways to create solutions.
- Azure PowerShell
21. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Security and identity services (7/12)
Subcategory AWS Service Azure Service Description
Authentication and authorization
Identity and Access Management
- Azure AD/Role-based access
control
Lets users securely control access to services and resources while offering data security and
protection. Create and manage users and groups, and use permissions to allow and deny
access to resources.Multi-Factor Authentication - Multi-Factor Authentication
Encryption
Key Management Service
Key Vault
Creates, controls, and protects the encryption keys used to encrypt data. HSM provides
hardware-based key storage.CloudHSM
Firewall Web Application Firewall Web Application Firewall (preview)
A firewall that protects web applications from common web exploits. Users can define
customizable web security rules.
Security Inspector (Preview) Security Center
An automated security assessment service that improves the security and compliance of
applications. Automatically assess applications for vulnerabilities or deviations from best
practices.
Directory Directory Service
- Azure Active Directory
Typically provides user/group properties that can be queried and used in applications. Also can
provide capabilities to integrate to on-premises Active Directory services for single sign-on
scenarios and SaaS management.
- Azure Active Directory B2C
- Azure Active Directory Domain
Services
22. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Analytics services (8/12)
Subcategory AWS Service Azure Service Description
Big data processing Elastic MapReduce (EMR) HDInsight
Supports technologies that break up large data processing tasks into multiple jobs, and then
combine the results together to enable massive parallelism.
Data orchestration Data Pipeline Data Factory
Processes and moves data between different compute and storage services, as well as on-
premises data sources at specified intervals. Users can create, schedule, orchestrate, and
manage data pipelines.
Analytics Kinesis Analytics (Preview)
- Stream Analytics
Storage and analysis platforms that creates insights from large quantities of data, or data that
originates from many sources.
- Data Lake Analytics
- Data Lake Store
Visualization QuickSight (Preview) PowerBI
Business intelligence tools that build visualizations, perform ad-hoc analysis, and develop
business insights from data.
Machine learning Machine Learning Machine Learning
Produces an end-to-end workflow to create, process, refine, and publish predictive models
that can be used to understand what might happen from complex data sets.
Search Elasticsearch Service Search Delivers full-text search and related search analytics and capabilities.
Data discovery Data Catalog Provides the ability to better register, enrich, discover, understand, and consume data sources.
23. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Mobile services (9/12)
Subcategory AWS Service Azure Service Description
Pro app development
Mobile Hub (Beta)
Mobile Apps
Backend mobile services for rapid development of mobile solutions, plus provide identity
management, data synchronization, and storage and notifications across devices.Cognito
High-level app development PowerApps Model-driven application development for business applications with SaaS integration.
Analytics Mobile Analytics Mobile Engagement
Provides real-time analytics from mobile apps data, highlights app users’ behavior, measures
app usage, and tracks key trends.
Notification Simple Notification Service Notification Hubs
A push notification service that delivers messages instantly to applications or users. Messages
can be sent to individual devices or can be broadcasted.
24. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
Application services (10/12)
Subcategory AWS Service Azure Service Description
Email Simple Email Service
Lets users send transactional email, marketing messages, or any other type of content to
customers.
Messaging Simple Queue Service
- Queue Storage Stores large numbers of messages that can be accessed from anywhere through authenticated
calls using HTTP or HTTPS. A queue can contain millions of messages, up to the total capacity
limit of a storage account, and may also support more complex topologies such as
publish/subscribe.
- Service Bus queues
- Service Bus topics
- Service Bus relay
Workflow Simple Workflow Service Logic Apps
A state tracker and task coordinator service that allows developers to build, run, and scale
background activities using a visual processes flow creation.
App testing Device Farm (Front End)
- Xamarin Test Cloud (Front End) A range of services geared toward the orchestration of dev/test backend server and service
application infrastructure, as well as front-end client device and software testing and
simulation.
- Azure DevTest Labs (Back End)
API management API Gateway API Management
Allows developers to create, publish, maintain, monitor, and secure APIs. Handles processing
concurrent API calls, including traffic management, authorization, access control, monitoring,
and API version management.
Application streaming AppStream RemoteApp
Streams and delivers existing applications from the cloud to reach more users on more
devices—without any code modifications.
Search CloudSearch Search Sets up, manages, and scales a search solution for websites and applications.
Media transcoding Elastic Transcoder Encoding
A media transcoding service in the cloud that transcodes media files from their source format
into versions that play back on devices such as smartphones, tablets, and PCs.
Streaming Live and on-demand streaming Delivers content to virtually any device. Offers scalable streaming.
Others
- Media Player
Additional services related to the playing, protection, and analysis of the content within the
media service.
- Media Indexer
- Content Protection
26. https://docs.microsoft.com/en-us/azure/guidance/guidance-azure-for-aws-professionals-service-map
IoT (12/12)
Subcategory AWS Service Azure Service Description
Streaming data
Kinesis Firehose
Event Hubs
Services that allow the mass ingestion of small data inputs, typically from devices and sensors,
to process and route the data.Kinesis Streams
Internet of Things IoT (Preview) IoT Hub
Lets connected devices interact with cloud applications and other devices to capture and
analyze real-time data.
27.
28. Markeplaces de VSO & Azure
• Si no tienes un servicio de Microsoft, puedes encontrar servicios
adicionales en el Marketplace, como en el caso de Sendgrid. O vender
los tuyos.
• https://marketplace.visualstudio.com/items?itemName=louisgerard.s
lackposter
• https://azure.microsoft.com/es-
es/marketplace/partners/bitnami/liferay/
• Aplicaciones
• Datos (antiguo “datamarket”) y Algoritmos entrenados (ML)
29. Algunas notas respecto de Azure vs Amazon
• El número de servicios disponibles da flexibilidad pero aumenta la
complejidad del ecosistema.
• Está claro que hay una carrera entre Amazon y Microsoft.
• Elegir el stack de servicios para tratar de mantenerse compatible es
complejo como poco.
• Cada servicio PaaS ofrece abstracción. Las abstracciones tienen sus
pros y contras.
• Cada servicio va adquiriendo complejidad y cambiando rápidamente.
30. Recuerda: Azure y AWS son solo herramientas
https://twitter.com/jessethanley/status/813904788702183425
31. AWS de BrainSINS by Andrés/@avc_conti
http://www.slideshare.net/avcconti/brainsins-and-aws-meetup-keynote
32. Azure de una plataforma empresarial
Working
Planned
Replaced
33. Virtual Machines para… (1/12)
• Integración con SSO de SaaS de terceros y un certificado peculiar.
34. Web Apps para… (2/12)
• Aplicaciones web internas (CMS…)
• Ejecución de tareas programadas (webjobs)
35. SQL Database para… (3/12)
• Almacenamiento de datos relacionales del sistema
• Escalabilidad asegurada
• Backups automáticos
36. Storage: Blobs, Tables y Queues para… (4/12)
• Blob: Almacenamiento de archivos relacionados con la base de datos.
• Tables: Almacenamiento de logs y cacheado de tokens.
• Queques: Colas de peticiones a procesar de forma asíncrona.
37. Search para… (5/12)
• Simplificar la arquitectura de búsquedas
• Mejorar el control de qué se indexa y qué no
• Reducir costes (SQL es más caro)
38. Virtual Network y Load Balancer para… (6/12)
• Necesario para conectar las máquinas virtuales y asegurar la alta
disponibilidad.
• Para que los sistemas IaaS sean escalables.
42. Site Recovery para… (10/12)
• Backup de sites (código) para escenarios de Disaster Recovery
• Permite mejorar los procesos de despliegues de nuevas aplicaciones
43. Visual Studio Online y Dev Test para… (11/12)
• Gestión de versionado de código
• Pruebas de carga/estrés
44. Azure Portal para… (12/12)
• Gestionar la suscripción. Es una web app.
• En realidad hay 2 portales y aun es necesario usar el antiguo portal.
• Todo lo que es automatizable (PowerShell, API…) es mejor hacerlo
desde consola.
https://buildazure.com/2016/09/20/why-is-the-azure-portal-a-web-app/
45. Mención especial
• Functions (equivalente al Lambda de AWS, serverless code) y
DocumentDB (equivalente a y compatible con MongoDB)
• Permiten escenarios de integración muy sencillos y escalables, como el
mostrado por Andrés Velasco (@avc_conti) en AWS.
• La integración con SaaS de terceros se realizarán con estas herramientas.
• Cognitive Services (Content Moderator para moderación de
comentarios y Bing para crawling e indexación de contenidos web)
• https://www.microsoft.com/cognitive-services/en-us/apis
47. Arquitecturas Recomendadas por Microsoft
• Hay una variedad enorme de posibilidades pero Microsoft suele
ofrecer su experiencia con “plantillas” para consumo rápido/seguro.
• https://docs.microsoft.com/en-us/azure/guidance/guidance-ra-app-
service
48. Sobre las plantillas
• Son una buena forma de empezar
• Van apareciendo nuevas y
actualizándose con el tiempo
• Es mejor empezar por la más
simple y modular posible para
poder cambiar en el futuro
• Evitar el IaaS tanto como sea
posible, al menos inicialmente
52. Running Windows VMs for an N-tier
architecture on Azure
Similar a las anteriores pero en IaaS, con un coste muy superior en
desarrollo, administración y consumo.
53. Otras arquitecturas
• Sistemas hibridados con IaaS
• Integración con SaaS de terceros
• Más información (contribuible vía GitHub):
https://docs.microsoft.com/en-us/azure/guidance/guidance-
compute-multiple-datacenters
55. Casos típicos de problemas o errores:
• SSL desde Azure. No exportable.
• IaaS y Cloud Services vs PaaS. Certificados confiables y escalado.
• Ficheros en bases de datos en onpremises. Coste y escalado Vs Blob.
• Aplicaciones con estado (sesión) y escalado.
• Velocidades de disco.
• Aplicaciones instaladas que no escalan en vertical u horizontal.
• Uso de disco no persistente para almacenar datos persistentes.
• Mala elección de la región: http://azurespeedtest.azurewebsites.net/
56. A tener en cuenta con el paso del tiempo…
• Al evolucionar el servicio hay decisiones tomadas que deberían
reconsiderarse.
• Al cambiar los requisitos del sistema con el tiempo, hay decisiones
que pesan.
• No se puede evitar la deuda, pero se debe ser consciente de qué
deudas se adquieren.
• Moraleja: entiende el problema que resuelven los servicios y reevalúa
las soluciones al aparecer y mejorar nuevos servicios.
57. Consejos tras 6 años…
• Cuenta con un equipo de desarrollo dedicado.
• Tiende a PaaS frente a IaaS.
• Experimenta y prueba antes de prometer e implementar.
• Usa el soporte siempre que dudes.
• Mantente al día y refactoriza.
• Automatizar mejor que documentar. Al ser un “servicio” los scripts
son una buena documentación. Rendimiento y errores “manuales”
bajo control.
58. Posibles Workshops
• Aplicaciones web escalables y sticky sessions.
• Despliegue automático en Azure desde diferentes proveedores
(Github, TFS, etc).
• Azure Functions. Serverless code.