Azure Compute Service Landscape
Virtual MachinesIaaS compute with full OS-level control. Supports custom software, drivers, specialized workloads, and legacy applications. Requires OS patching, security updates, and infrastructure management. Use when no PaaS alternative satisfies the workload's compatibility or control requirements.Azure App ServiceA fully managed PaaS platform for web applications and APIs. Supports .NET, Java, Node.js, Python, PHP, and container images. App Service Plans define the compute tier. Includes built-in scaling, deployment slots for safe releases, and integration with Application Insights.Azure Kubernetes Service (AKS)Managed Kubernetes for containerized workloads. Microsoft manages the control plane; you manage node pools. Supports multiple node pools, Cluster Autoscaler, Horizontal Pod Autoscaler, private clusters, workload identity, and Azure Container Registry integration. Highest operational complexity among compute options.Azure FunctionsEvent-driven serverless compute. Triggers include HTTP, Timer, Queue, Blob, Cosmos DB change feed, Event Hubs, and Service Bus. Consumption plan: pay-per-execution, auto-scales to zero. Premium plan: pre-warmed instances, VNet integration, no cold start. Best for short-lived, event-triggered workloads.Azure Container AppsServerless container hosting built on Kubernetes (Dapr, KEDA) without exposing Kubernetes complexity. Supports HTTP-triggered scaling, event-driven scaling via KEDA, and Dapr for microservice communication. Positioned between ACI (no orchestration) and AKS (full Kubernetes).Compute Decision Framework
| Question | Yes → | No → |
|---|---|---|
| Need full OS control? | Virtual Machines | Continue |
| Containerized microservices with Kubernetes control? | AKS | Continue |
| Serverless preferred, short-lived or event-driven? | Azure Functions or Container Apps | Continue |
| Managed platform for web/API (no containers)? | App Service | Continue |
| Large-scale parallel/HPC batch processing? | Azure Batch | VM Scale Sets |
Compute Service Comparison
| Service | Management | Scaling | Orchestration | Best For |
|---|---|---|---|---|
| Virtual Machines | Manual (IaaS) | VMSS auto-scale | None | Legacy, full control |
| App Service | Managed (PaaS) | Built-in, slot-based | None | Web apps, APIs |
| AKS | Managed K8s | HPA + Cluster Autoscaler | Full Kubernetes | Production containers |
| Container Apps | Serverless | Auto (KEDA) | Managed K8s | Microservices, serverless |
| ACI | None | Manual | None | Burst containers, sidecar |
| Azure Functions | Serverless | Auto to zero | None | Event-driven, lightweight |
| Azure Batch | Managed | Pool auto-scale | Job-based | HPC, rendering, ML |
Cost Optimization for Compute
VM Cost Models
| Option | Discount | Commitment | Best For |
|---|---|---|---|
| Pay-as-you-go | Baseline | None | Dev/test, unpredictable |
| Reserved Instances (1-year) | ~30–40% | 1 year | Predictable steady workloads |
| Reserved Instances (3-year) | ~50–60% | 3 years | Long-term stable workloads |
| Spot VMs | Up to 90% | None (evictable) | Fault-tolerant batch, testing |
| Azure Hybrid Benefit | 40–50% | Existing licenses | Workloads with Windows/SQL licenses |
Spot VMs are evicted when Azure needs capacity — suitable for stateless batch processing, CI/CD agents, and rendering but NOT for production databases or stateful services.
App Service Tier Selection
| Tier | HA | Custom Domain | Deployment Slots | Isolation |
|---|---|---|---|---|
| Free/Shared | No | No | No | Shared |
| Basic | No | Yes | No | Dedicated |
| Standard | Yes | Yes | 5 slots | Dedicated |
| Premium v3 | Yes + AZ | Yes | 20 slots | Dedicated |
| Isolated (ASE) | Yes + VNet | Yes | 20 slots | Full VNet isolation |
Key Rule: Standard tier minimum for production. Premium v3 for availability zone support. App Service Environment (ASE) for compliance requiring full network isolation (PCI, HIPAA).
AKS Architecture Patterns
- System node pool: Runs Kubernetes core services (coredns, kube-proxy) — dedicated, not evictable
- User node pools: Run application workloads — can use Spot VMs for cost savings
- Private cluster: API server in VNet — no public endpoint, required for compliance scenarios
Azure Functions Plan Comparison
| Plan | Cold Start | Scale | VNet | Max Duration |
|---|---|---|---|---|
| Consumption | Yes | Auto to zero | No (Basic) | 10 minutes |
| Premium | No (pre-warmed) | Auto (min instances) | Yes | Unlimited |
| Dedicated (App Service) | No | Manual/auto | Yes | Unlimited |
| Flex Consumption | Minimal | Auto (per-function) | Yes | Unlimited |
Consumption Plan = lowest cost, scale to zero, cold start possible. Use for infrequent event-driven tasks. Premium Plan = no cold start, VNet integration. Use when Functions need VNet access to private resources or require guaranteed response time.
Hands-On: Deploy App Service and Configure AKS
Step 1: Create App Service with Deployment Slots
- Navigate to App Services > Create
- Select runtime stack (.NET, Node.js, Python) and OS
- App Service Plan: Standard S1 minimum for slots; Premium v3 for AZ support
- Review and create
- Go to Deployment > Deployment slots > Add slot (name:
staging) - Deploy to staging slot; test application
- Click Swap to promote staging to production with zero downtime
Step 2: Create AKS Cluster
- Navigate to Kubernetes services > Create
- Configure:
- Kubernetes version: Latest GA
- Node size: Standard_D2s_v3 (system pool)
- Node count: 3 (spread across zones)
- Availability zones: 1, 2, 3
- Enable: OIDC Issuer, Workload Identity, Container Insights
- Networking: Azure CNI (recommended), private cluster for compliance
- Review and create
Step 3: Configure Horizontal Pod Autoscaler (HPA)
- Deploy application to AKS
- Apply HPA:
apiVersion: autoscaling/v2 kind: HorizontalPodAutoscaler metadata: name: app-hpa spec: scaleTargetRef: apiVersion: apps/v1 kind: Deployment name: my-app minReplicas: 2 maxReplicas: 20 metrics: - type: Resource resource: name: cpu target: type: Utilization averageUtilization: 70 - HPA automatically scales pods between 2–20 based on CPU
Step 4: Deploy Azure Functions (Consumption Plan)
- Navigate to Function Apps > Create
- Hosting plan: Consumption (serverless, pay-per-execution)
- Runtime: .NET, Node.js, Python, etc.
- Review and create
- Add a function with HTTP trigger or Timer trigger
- Monitor execution in Application Insights
AZ-305 Exam Focus
AZ-305 tests your ability to select the right compute service for a given workload description. The most frequent question pattern is a scenario description followed by "which Azure service is most appropriate?" — you must apply the decision framework rapidly.
Exam Trap
AKS for All Containers: AKS is not the right answer for every container scenario. ACI (Azure Container Instances) is for single containers with no orchestration need. Container Apps is for serverless container microservices. AKS is for production workloads requiring full Kubernetes control. Recommending AKS for simple container workloads is over-engineering.
Exam Trap
Spot VMs for All Cost Savings: Spot VMs can be evicted with 30-second notice when Azure needs capacity. Never use Spot VMs for production workloads, databases, or stateful services. They are only suitable for fault-tolerant batch processing, CI/CD runners, and rendering pipelines that can restart on eviction.
Exam Trap
Functions Consumption Plan for VNet: Consumption plan Functions cannot connect to VNet-isolated resources (private endpoints, private databases) without additional configuration. Premium plan with VNet integration is required. The exam frequently tests this networking limitation.
Exam Trap
App Service Free/Basic for Production: Free and Basic tiers do not support deployment slots and have no SLA guarantee. Standard tier minimum for production with slots; Premium v3 for availability zone support.
Exam Tip
ACI for Burst Workloads: Azure Container Instances is the answer for supplemental burst compute with AKS (virtual nodes), one-off container jobs without orchestration, and sidecar containers for testing. It starts instantly with no infrastructure management but has no auto-scaling or orchestration.
Must Memorize
Compute Selection Summary: Legacy/custom OS → VM. Web/API managed → App Service. Containerized production Kubernetes → AKS. Serverless containers/microservices → Container Apps. Event-driven/lightweight → Functions. HPC/batch → Azure Batch. Each service occupies a distinct niche in the decision tree.
Question — click to flip
Q: When should you choose AKS over Azure Container Apps for a containerized microservices workload?
Question — click to flip
Q: What is the difference between Azure Functions Consumption plan and Premium plan?
Question — click to flip
Q: When are Spot VMs appropriate and when should they never be used?
Question — click to flip
Q: What App Service tier is minimum for production workloads with zero-downtime deployments?
Question — click to flip
Q: A company wants to migrate a legacy Windows application that requires specific OS drivers and custom registry settings. Which compute service is appropriate?
Question — click to flip
Q: Azure Batch is the answer for which type of workload?