If you know the Amazon Web Services or Azure portfolio, and you are interested in OpenShift or the OKD OpenShift community distribution, this is a table of corresponding technologies.
OpenShift is Red Hat’s Kubernetes distribution: it is basically the upstream Kubernetes delivered with monitoring, logging, CI/CD, underlying OS, tested upgrade paths not found with a manual kubernetes.io kubeadm
install.
After passing the two corresponding certifications, my opinion on cloud operators is that it is very much a step back in the direction of proprietary software. You can rebuild their cloud stack with opensource components, but it is also a lot of integration work, similar to using the Linux from scratch distribution instead of something like Debian. A good middle point are the OpenShift and OKD Kubernetes distributions, who integrate the most common cloud components, but allow an installation on your own hardware or cloud provider of your choice.
AWS | Azure | OpenShift | *OpenShift upstream project& |
---|---|---|---|
Cloud Trail | Kubernetes API Server audit log | Kubernetes | |
Cloud Watch | Azure Monitor, Azure Log Analytics | OpenShift Monitoring | Prometheus, Kubernetes Metrics |
AWS Artifact | Compliance Operator | OpenSCAP | |
AWS Trusted Advisor | Azure Advisor | Insights | |
AWS Marketplace | Red Hat Market place | Operator Hub | |
AWS Identity and Access Management (IAM) | Azure Active Directory, Azure AD DS | Red Hat SSO | Keycloack |
AWS Elastisc Beanstalk | Azure App Services | OpenShift Source2Image (S2I) | Source2Image (S2I) |
AWS S3 | Azure Blob Storage** |
ODF Rados Gateway | Rook RGW |
AWS Elastic Block Storage | Azure Disk Storage | ODF Rados Block Device | Rook RBD |
AWS Elastic File System | Azure Files | ODF Ceph FS | Rook CephFS |
AWS ELB – Classic | Azure Load Balancer | MetalLB Operator | MetalLB |
AWS ELB – Application Load Balancer | Azure Application Gateway | OpenShift Router | HAProxy |
Amazon Simple Notification Service | OpenShift Streams for Apache Kafka | Apache Kafka | |
Amazon Guard Duty | Microsoft Defender for Cloud | API Server audit log review, ACS Runtime detection | Stackrox |
Amazon Inspector | Microsoft Defender for Cloud | Quay.io container scanner, ACS Vulnerability Assessment | Clair, Stackrox |
AWS Lambda | Azure Serverless | Openshift Serverless* |
Knative |
AWS Key Management System | Azure Key Vault | could be done with Hashicorp Vault | Vault |
AWS WAF | NGINX Ingress Controller Operator with ModSecurity | NGINX ModSecurity | |
Amazon Elasticache | Redis Enterprise Operator | Redis, memcached as alternative | |
AWS Relational Database Service | Azure SQL | Crunchy Data Operator | PostgreSQL |
Azure Arc | OpenShift ACM | Open Cluster Management | |
AWS Scaling Group | Azure Scale Set | OpenShift Autoscaler | OKD Autoscaler |
*
OpenShift Serverless requires the application to be packaged as a container, something AWS Lambda does not require.
**
Azure Blob Storage covers the object storage use case of S3, but is itself not S3 compatible