- 1. Object storage
- 2. Content delivery Network
- 3. File storage
- 4. Nosql database
This article discusses the main differences and similarities between Azure and Alibaba Cloud of storage & Content Delivery Network (CDN) services. It covers the following products:
|Object storage||Blob Storage||Object Storage Service(OSS)|
|Content Delivery Network||Azure CDN||Alibaba Cloud CDN|
|File Storage||Azure Files||Network Attached Storage (NAS)|
|NoSQL Database||CosmosDB||Table Store|
1. Object storage
This section compares Azure Blob Storage and the distributed Object Storage Service (OSS) of Alibaba Cloud.
Object storage is a type of data storage where data are managed as objects, instead of blocks or files. Typically, object storage is used to store large files that are dominated by read operations. Similar to Azure Blob Storage, Alibaba Cloud OSS boasts high reliability, cost effectiveness, and scalability. OSS is designed for 11 9s of data reliability and guarantees 99,9 % of availability per month. Each object is replicated three times across three different physical machines. Users can request data of any amount, regardless of time or location.
To distinguish between scenarios requiring different data access frequencies, Alibaba Cloud OSS categorizes storage types into Standard, Infrequent Access, and Archive, which are equally reliable but have different availability, shortest storage time, and storage overhead. For details, see Introduction to Storage Types. Azure provides similar storage types which are called Hot, Cool, and Archive, respectively.
1.1 Service models
The following table compares the basic functions and terminologies of Azure Blob Storage vs Alibaba Cloud OSS:
|Function Feature||Azure Blob Storage||Alibaba Cloud OSS|
|Object Storage||Azure Blob Storage||Alibaba Cloud OSS|
|Account / Bucket ACL||Supported||Supported|
|Max Account / Bucket Quantity||200||30|
|Version Control||Not natively supported (Snapshots only)||Not supported|
|Object Metadata||Metadata||Object meta|
|Object Version Control||Not natively supported (Snapshots only)||Not supported|
|Object Lifecycle Management||Supported||Supported|
|Storage type||Hot, Cool, Archive||Standard, Infrequent Access, Archive|
|Replication Options||LRS, ZRS, GRS, RA-GRS||Cross-Region Replication|
1.2 Storage Space & Object
Similar to an Azure Blob Storage Account from a conceptual perspective, Alibaba Cloud OSS uses so-called buckets to store data. As the place where data is stored, a bucket is configured with a region, access permission, and lifecycle to meet user requirements. An Azure Blob Storage account must be named in accordance with the DNS standard. Similarly, a bucket of Alibaba Cloud OSS must be named in line with certain standards. Account names of Azure Blob Storage and bucket names of Alibaba Cloud OSS must be globally unique, and they should not be nested.
By setting a bucket ACL, Alibaba Cloud OSS authenticates a user to see whether the user has access permission for a bucket, thereby implementing access control by storage space levels.Buckets of Alibaba Cloud OSS do not currently support version control. Azure Blob Storage provides the possibility to create snapshots of individual blobs. Snapshot dates (which are used in combination with the blob name as id) need to be managed and stored by the user, though, meaning that no native versioning feature is available but must be implemented on your own by using snapshots. Alibaba Cloud OSS will support a native versioning feature soon, please stay tuned for more information.
Similar to Azure Blob Storage, Alibaba Cloud OSS stores file data in buckets (comparable to accounts in Azure). The file data is composed of a Key-Value and Object Meta pair. The Key is unique within a bucket, the Value stores object content, and the Object Meta is a pair of key values which describe object properties, including last modification time, size, and custom information.
Alibaba Cloud OSS does not place a limit on the quantity and total size of objects in a bucket. In Azure Blob Storage there can be at most 500TB per account with a single blob at most 4.75TB in size. For large files, Alibaba Cloud OSS supports segment-by-segment uploading. The max file size cannot exceed 48.8 TB. The single object upload limit for OSS is 5GB. For Azure Blob Storage it is 256MB.
Alibaba Cloud OSS and Azure Storage use different methods to manage object permissions. Azure offers two authentication methods, namely Shared Key Authentication and Shared Access Signatures (SAS). The latter one is recommended for providing temporary access to resources without exposing the master keys. Note that Shared Access Keys and SAS, respectively, are not integrated with Azure’s Role-based Access Control which is comparable to Alibaba’s Resource Access Management.
Each Alibaba Cloud OSS object can be configured with read and write permissions for the root account or any sub-account. By default, access permissions inherit bucket ACL properties. Users can set an ACL to Private-Read-Write, Public-Read, or Public-Read-Write. You are strongly discouraged from using the Public-Read-Write permission and should use it cautiously.
In addition, in combination with Alibaba Cloud Security Token Service (STS), OSS can employ the temporary security credentials of STS to implement object access, without exposing the account AccessKey, thereby achieving highly secure access control.
Alibaba Cloud OSS provides similar data encryption functions as Azure Blob Storage to protect data during transmission and storage. Users can protect data in transmission by encrypting it through a client.
Alibaba Cloud OSS uses AES256 algorithms to implement data encryption on a server. After data is uploaded to OSS, the server encrypts the data and stores it on OSS. If an authorized user downloads the data, OSS decrypts the data and returns original data to the user.
Both Alibaba Cloud OSS and Azure Blob Storage provide event notification functions. On Azure, Blob Storage is currently integrated with Azure Functions and Azure EventGrid which allows to configure routing rules from Blob storage to other services on the platform.
To enable users to receive notifications in case of an event in the storage space, Alibaba Cloud OSS allows users to create event notification rules. Based on these rules, a message will be sent to a target after the corresponding event.OSS allows an event message to be sent to a specified URL over HTTP or a topic of Alibaba Cloud Message Service. Users can obtain event messages after subscribing to the topic.
1.4 OSS image processing service (Image service)
Alibaba Cloud OSS provides easy-to-use image processing functions for image files. After a user uploads images to OSS, the user can process the images through the RESTful API, for example, converting the image format, zooming, cropping, rotating, or adding watermarks. This is currently not natively supported by Azure Blob Storage.The following table compares the features and terminologies of the object function between Azure Blob Storage and Alibaba Cloud OSS:
|Function Feature||Azure Storage||Alibaba Cloud OSS|
|Max object size||4.75TB||48.8T|
|Data reliability||Depending on redundancy level: between 11 9s and 16 9s||99.99999999%(11s 9)|
|Object metadata||Metadata||Object meta|
|Object lifecycle management||Not Supported||Supported|
|Object version control||Not natively supported (only snapshots)||Not Supported|
|Update event notification||upported (GRS and RA-GRS redundancy level, to paired region only)||Supported|
|Cross-region Replication||upported (GRS and RA-GRS redundancy level, to paired region only)||Supported|
|Object append write||Supported by AppendBlobs||Supported|
|Concurrent or segment upload||Supported||Supported|
|Image processing function||Not Supported||Supported|
1.5 Service level agreement (SLA)Both Azure Storage and Alibaba Cloud OSS provide service availability guarantees. For KPIs that do not reach the guarantee standard, the cloud providers will provide compensation according to the time the service is unavailable. For details about the Alibaba Cloud OSS SLA, see Alibaba Cloud OSS Service Level Agreement.
1.6 PricingAt Azure Blob Storage users only pay for the resources they have consumed. The pricing is dependent on the storage usage by storage type and size, redundancy level, request type and quantity, storage management fees, and outbound internet traffic. Like Azure Blob Storage, Object Storage Service (OSS) fees are calculated based on the total volume of storage used, the amount of data transferred, OSS Pricing.
2. Content delivery NetworkContent delivery network refers to the network of edge or proxy servers, which cache data in order to accelerate access to certain files. Azure CDN and Alibaba Cloud CDN are two global content delivery network (CDN) vendors that provide network of Edge Locations and Edge Nodes distributed globally.Note that Azure CDN currently consists of four different product offerings which differ in price and features: Azure CDN Standard from Akamai, Verizon, or Microsoft (Preview), and Azure CDN Premium from Verizon. Premium from Verizon currently offers the most features, so in our comparison we will always refer to this offering unless otherwise noted.This section compares the Azure CDN and Alibaba Cloud CDN across different dimensions.
2.1 Service model
Similar to Azure CDN, Alibaba Cloud CDN publishes source content to an edge node over a transmission network that is composed of edge nodes deployed globally. In combination with a precise scheduling system, the CDN improves users’ web request speed.
2.2 Basic functions
The following table compares the basic features and terminologies of content delivery network between Azure CDN and Alibaba Cloud CDN:
|Function Feature||Azure CDN||Alibaba Cloud CDN|
|Source Station Type||Storage Account, Azure Cloud Service, Azure WebApp, custom domain name||OSS domain name, custom domain name, and IP address|
|Cache Request Type||GET||GET|
|Transparently Transmitted Request Type||The following requests are supported but not configurable: GET, POST, HEAD, PUT, DELETE, OPTIONS, PATCH||The following requests are supported but not configurable: GET, POST, HEAD, PUT, DELETE, OPTIONS|
|Cache Failure||Not supported||Not supported|
|HTTP Jump to HTTPS||Supported (Verizon Premium only)||Supported|
|CDN Cache TTL Configuration||Supported||Supported|
|Access Log||Access to core reports through supplemental Verizon portal but no access to raw logs||Console|
|Geographic Location Limit||Supported||Not Supported|
Alibaba Cloud CDN can be configured with an origin site, including OSS domain name, custom origin domain name, and IP address.
To reduce transmission content and accelerate delivery speed, both Alibaba Cloud CDN and Azure CDN provide the data compression function.
Azure CDN and Alibaba Cloud CDN caches GET requests and transmits POST/HEAD/PUT/DELETE/OPTIONS requests to the origin site transparently.
In certain scenarios, for example, origin site updates or static content modifications, users may need to refresh the CDN cache manually. Alibaba Cloud CDN allows users to pull the latest content from the origin site manually to refresh the CDN content. Alibaba Cloud CDN supports URL refresh, directory refresh, and URL push. Azure CDN supports purging content based on a content path and allows to pre-load / URL push cached assets.
In certain scenarios, users may need to remove CDN cache content in advance. On Azure CDN, users either purge old content from the CDN or access objects based on a file name that carries a version of the objects using the object version management function. This is realized by using “Cache every unique URL” mode in combination with custom query parameters. Alibaba Cloud CDN does not currently support forcibly configuring cache invalidation.
Azure CDN does not provide access to the raw logs. It provides access to core reports through supplemental Verizon portal which can be manually downloaded.Alibaba Cloud CDN provides log download/combination tools. Alibaba Cloud CDN implements log download on the console.
To specify the regions where content is delivered, Azure CDN allows users to geo-filter content-based country codes. Alibaba Cloud CDN does not support this function.
The following table compares the security functions and terminologies of content delivery network between Azure CDN and Alibaba Cloud CDN:
|Function Feature||Azure CDN||Alibaba Cloud CDN|
|Full Link HTTPS||Supported||Supported|
|Integrated Certificate Management||Yes, through SAN certificate only.||Supported|
|Sub-account Access Control / RBAC Integration||Supported||Supported|
|WAF Security Defense||Supported through Application Gateway + WAF||Supported|
Similar to Azure CDN, Alibaba Cloud CDN supports full link HTTPS speedup. Alibaba Cloud users can select a certificate using the certificate service or upload a custom certificate/private key and query and update the certificate in online mode.
With Azure CDN, customers can only use SAN certificates published by DigiCert and cannot bring their own certificates yet. Own certificates are currently only supported by Azure CDN Verizon Premium.
The two cloud providers support redirect HTTP to HTTPS. Alibaba Cloud CDN supports HTTP and HTTPS, redirect HTTP to HTTPS, and redirect to HTTP or HTTPS.
Alibaba Cloud CDN does not currently support SNI back-to-source.
Azure CDN and Alibaba Cloud CDN support access authentication for private content. Azure uses a token-based approach, while Alibaba Cloud CDN uses signature URLs through which a user initiates a request to the CDN. Upon receiving the request, the CDN node checks the request for its validity and rejects invalid requests.
Similar to Azure RBAC, Alibaba Cloud CDN authorizes sub-accounts with a policy to access CDN resources based on the Resource Access Management (RAM) service, thereby limiting or authorizing permissions on the CDN resources.
Alibaba Cloud CDN can combine with WAF to implement security defence. Similar to that, Azure CDN can be combined with Application Gateway and its add-on WAF.
2.4 Streaming media
Alibaba Cloud CDN supports live streaming, on-demand, RTMP video scenarios, and provides video transcoding, slicing, and playback functions.
The following table compares the streaming media functions of Azure CDN and Alibaba Cloud CDN:
|Function Feature||Azure CDN||Alibaba Cloud CDN|
|Live Streaming||Not supported (only through Azure Media Service)||Supported|
|Video Transcoding||Not supported (only through Azure Media Service)||Supported|
|Format||HLS, HDS, DASH, Smooth||HLS, RTMP|
Azure CDN bills outgoing (internet / region) data transfer in a tiered pay-as-you-go pricing model (the more you consume the cheaper). The exact fees depend on the CDN tier (standard vs premium), optional separate acceleration data transfers, and the node location from where the transfers are served, not the end user’s location.
The pricing of Alibaba Cloud CDN is comprised of data transfer traffic and HTTPS requests for secure acceleration. There are two billing methods for data transfer fees: Pay-By-Bandwidth and Pay-By-Traffic. You can also subscribe to one or more Traffic Packages for a year.
For the duration of the resource package, fees are deducted for your use of the traffic quota. For traffic exceeding the quota, fees are billed based on the traffic usage.
3. File storage
Azure and Alibaba Cloud both provide file storage services. In this section we are going to compare and contrast Azure Files with Alibaba Cloud Network Attached Storage (NAS).
3.1 Service model
Azure Files is accessed by Azure Virtual Machines running inside a VNET through SMB only. It allows users to create and configure file systems. You can mount an Azure Files file system on Azure virtual machines through a standard file system interface and file system access semantic.
Like Azure Files, you can access the Alibaba Cloud NAS file system through standard POSIX interfaces when using Alibaba Cloud ECS instances or other nodes such as HPC or Docker.
|Function Feature||Azure Files||Alibaba Cloud NAS|
|Access Point||Mount target||Mount Point|
|Storage Capacity||5TB per share, 500TB per storage account||10 PB (Capacity-type),1 PB (Performance-type)*|
|Scale Up/Down||Supported (size only)||Supported|
|Performance||No different performance tiers||Supported|
|Cross Instance Access||Supported||Supported|
|Multiple Client Access||Supported||Supported|
|Protocol||> SMB2.0||NFSv3, NFSv4, >SMB2.0*|
|Compute Node||Virtual Machines, AKS Node||ECS, HPC, Docker|
Azure Files does not offer different performance tiers but provides static performance metrics. Per Azure Files share there is hard limit at 1000 IOPS and 60MB/s throughput independent from the size of the share. The share size can seamlessly be scaled up or down in increments of 1GB.
Alibaba Cloud NAS also offers two performance modes: capacity-type and performance-type. Each model offers different performance and storage capability.
Total throughput for each performance-type file system (MB/s) = minimum [0.6MB/s * capacity of file system (GB) + 600MB/s, 20GB/s]
Total throughput for each capacity-type file system (MB/s) = minimum [0.15MB/s * capacity of file system (GB) + 150MB/s, 10GB/s]
The upper limit of the storage capacity of an SSD performance-type file system is 1 petabyte, and that of a capacity-type file system is 10 petabytes.
|Performance||Azure Files||Alibaba Cloud NAS|
|Latency||Millisecond level||Millisecond level|
|Total throughput for Each File System||60MB/s||10 GB/s (Capacity-type),20 GB/s(Performance-type)|
|Concurrent Clients per File System||2000||10,000+|
Azure Files employs the same authentication concept as Azure Blob Storage, meaning it relies on Shared Access Keys, and Shared Access Signatures only. Currently, there is no integration with Azure Active Directory or RBAC.
Alibaba Cloud NAS provides multiple security mechanisms including support for network isolation (VPC) and user isolation (classic network), file system standard access and group permissions control, and RAM master account and sub-account authorization. These features are implemented to ensure complete data security in the file system.
Azure Files provides Azure File Sync which is a multi-master sync solution that replicates and caches data between Azure File shares and on-premises Windows servers. Users need to download and deploy a File Sync agent into the source environment, configure the source and destination file systems, and start the sync.
Alibaba Cloud NAS also provides migration tool named nasimport. It supports migration to Alibaba Cloud NAS from a wide variety of source storage including:
- Local data centers
- Alibaba Cloud OSS
- Third-party storage services (Amazon S3, Baidu Object Storage, Tencent Cloud COS, Jinshan Object Storage, UPYUN, Qiniu, and HTTP links)
Learn more about Nasimport Tools.
With Azure Files, you pay only for the storage used by your file system and not the quota set. In addition, you are charged for both REST and SMB operations. These prices vary based on the redundancy option (LRS, ZRS, GRS) you select. You don’t need to provision storage in advance and there is no minimum fee or setup cost.
Like Azure Files, Alibaba Cloud NAS fees are calculated based on the total volume of storage used per month. There is no minimum fee and there are no set-up charges. There are also no charges for bandwidth or requests. Furthermore, NAS provides a storage plan for users who want to create a NAS file system. By purchasing a storage plan ahead of time, you realize significant cost savings compared to Pay-As-You-Go storage fee per GB.Learn more about Alibaba Cloud NAS pricing.
4. Nosql database
Azure CosmosDB Table and Alibaba Cloud Table Store are two similar fully managed cloud NoSQL database services. With cloud-based NoSQL database service, users do not have to care about hardware provisioning, setup and configuration, replication, partitioning, software patching, and cluster scaling.
4.1 Service model
Azure CosmosDB is a fully managed NoSQL database service whose service-side latencies are typically within a single-digit millisecond which is also covered by the SLA. Azure CosmosDB storage is constrained by disk space or by a hard limit on the maximum number of indexes, document, or other high-level resources, whichever comes first. From a storage perspective there can be at most 12 partitions each 200GB, that is in total 2.4TB per database. It automatically partitions (based on your partition key) and replicates data based on so-called request units (RUs) that you manually choose. Request units measure Azure CosmosDB throughput per second, and request unit consumption varies by operation.It supports different APIs including, MongoDB, Cassandra, Gremlin, and proprietary Table and Document.
Similarly, Alibaba Cloud Table Store is a fully managed NoSQL database service based on automatic data partitioning and load balancing technologies. Based on SSD technology, this cloud NoSQL database service enables you to store large quantities of structured and semi-structured data with real-time access. Table Store also features strong consistency and single-digit millisecond latency. You can query Table Store by RESTful API, web-based Management Console, or SDKs.
|Function Feature||Azure CosmosDB Table||Alibaba Cloud Table Store|
|Latency||Single-digit milliseconds (backed by SLA)||Single-digit milliseconds|
|Scale||Limited by space and/or number of indexes||Any|
|Data structure||Key/Value, Document, Graph||Structured and semi-structured|
|Access method||SDKs, Portal, REST API||RESTful API and SDKs|
4.2 Data model
A table is a collection of data in Azure CosmosDB Table. Each table contains multiple entities. An entity is a group of properties and can have its own distinct attributes. All of the attributes are scalar, which means that they can have only one value.In order to determine the partition for each entity, you must specify the primary key in each table. A primary key can be either a partition key or a partition key & row key. In Azure CosmosDB Table every key is indexed by default at no additional cost.
Similar to Azure CosmosDB Table, the data model of Alibaba Cloud Table Store is described by Table, Row, Primary Key, and Attribute. A table is a set of rows, and a row consists of the Primary Key and Attribute. The Primary Key and Attribute consist of names and values.A table must define at least a Primary Key and the first primary key will be the partition key. Each Attribute column can contain multiple versions, and each version (that is, the timestamp) corresponds to a value, which is different from that of a Primary Key column.
Throughput is defined as reserved read/write throughput units. It reserves the necessary capacity to meet the specified throughput requirements.
Unlike Azure CosmosDB, Alibaba Cloud Table Store provides version management for each attribute columns. The version is a timestamp defined by the number of milliseconds that have elapsed since 01/01/1970 00:00:00 UTC. When you read from each row, you can specify the maximum number of versions per attribute column, or the version range. The earlier versions will be discarded when the number of version exceeds the value of Max Versions.
Similar to Azure CosmosDB, Alibaba Cloud offers TTL attribute which provide a mechanism to set a specific timestamp for expiring items from your table. Table Store clears any data asynchronously that exceeds the TTL.The following table compares the data model of each service:
|Data Model||AAzure CosmosDB Table||Alibaba Cloud Table Store|
|Unique Identifier||PartitionKey + RowKey||Primary Key|
|Primary Key Type||String, Int64, Int32, Guid, Double, DateTime, Binary||String, integer, or binary|
|Secondary Indexes||Auto-Indexing||Not Supported|
|Nested Attribute||Supported||Not Supported|
With Azure CosmosDB you specify the throughput capacity in terms of so-called request units (RUs) when creating a table. When a request gets rate-limited, the server pre-emptively ends the request with RequestRateTooLargeException (HTTP status code 429) and returns the x-ms-retry-after-ms header indicating the amount of time, in milliseconds, that the user must wait before retrying the request.
Azure CosmosDB provides two options for specifying request units: on a second level and, in addition, on a minute level, to smoothen out sudden spikes.
Similar to Azure CosmosDB, the read/write throughput of Alibaba Cloud Table Store is measured by read/write capacity units (CUs). Table Store provides two options for managing throughput:
Reserved throughput: Set the reserved read/write throughput to a value greater than 0, and Table Store will assign and reserve enough resources for the table according to this configuration to guarantee low resource costs.
Additional throughput: If the actual consumed read/write throughput exceed the reserved read/write throughput, Table Store will give an additional throughput automatically to meet user’s requests.
|Performance||Azure CosmosDB Table||Alibaba Cloud Table Store|
|Read Capacity Units(per second)||Depends on consistency level and operation. For session consistency:1KB / RU||4 KB/item|
|Write Capacity Units(per second)||Depends on consistency level and operation. For session consistency:1KB / 5 RU||4 KB/item|
Azure CosmosDB provides two authentication schemas. One uses hash-based message authentication code (HMAC) for authorization by using shared keys.
The other one integrates with Azure Active Directory and RBAC for fine-grained access control for users within your organization. You can assign unique security credentials to each user and control each user’s access to services and resources.
Alibaba Cloud Table Store also offers user-level data isolation, access control and permission management. With Resource Access Management (RAM) and Security Token Service (STS), Table Store enable users to access the tables through subaccounts with different permissions and grant users temporary access authorization.
4.5 Backup and restore
Azure CosmosDB automates the backup process. Automated backups are taken approximately every four hours and the latest 2 backups are stored at all times. Backups are per default geo-redundantly (GRS) stored on Azure Blob Storage in the region of the current write database region (and hence also its paired region). If the data is accidentally dropped or corrupted, Azure support must be contacted within 8 hours.
Similar to Azure CosmosDB, Alibaba Cloud Table Store automates the backup and restore process. Table Store manages data with multiple cloud data backups across different servers in different racks. When any node of the backups fails, the other servers with backup copies will immediately restore to achieve virtually zero data loss.
Azure CosmosDB offers a free 7-day trial. The pricing model works in a pay-as-you-go fashion. Azure CosmosDB fees depend on the traffic of data transfer “out”, the size of the storage, and the request units per table. Note that request units must be provisioned per table, not per database.
In contrast, Alibaba Cloud Table Store pricing is divided into four parts: data storage that exceed free quota, the reserved read/write throughput, the additional read/write throughput and the Internet downstream traffic. Learn more about https://www.alibabacloud.com/help/doc-detail/27291.htm