Engineering Glossary

From fundamental principles to cutting-edge practices, this glossary covers the full spectrum of software engineering terminology.

DevOps
Cloud Computing
Git
Containerization & Orchestration

"As code"

Defining and managing infrastructure, configurations, or processes using code, enabling version control, automation, and reproducibility.
DevOps

"Nines"

Measure of system availability, expressed as a percentage. E.g., "five nines" means 99.999% uptime, allowing for minimal downtime.
DevOps

"Single Pane of Glass"

Unified display or interface that integrates data from multiple sources, providing a comprehensive view of system status or operations.
DevOps

A/B Testing

Comparing two versions of a webpage or app to determine which performs better, based on user interaction and conversion rates.
DevOps

AIOps (Artificial Intelligence Operations)

Using AI and machine learning to enhance IT operations, automating tasks and providing insights for better decision-making.
DevOps

ALB (Application Load Balancing)

Distributes incoming application traffic across multiple targets to improve availability and fault tolerance.
DevOps

API

Application Programming Interface; set of protocols and tools for building software applications and enabling communication between systems.
DevOps

API Discovery

Process of identifying and documenting available APIs within an organization or from external sources.
DevOps

API Endpoint

Specific URL where an API can be accessed and where requests are sent to interact with a server or service.
DevOps

API Gateway

Manages, secures, and routes API requests, acting as a single entry point for multiple microservices or backend systems.
DevOps

API Management

Process of creating, publishing, documenting, and analyzing APIs in a secure environment.
DevOps

API Monitoring

Tracking API performance, availability, and usage to ensure optimal functionality and identify issues.
DevOps

API Response Time

The duration between sending a request to an API and receiving the response, crucial for performance evaluation.
DevOps

API Security

Measures and practices to protect APIs from unauthorized access, attacks, and data breaches.
DevOps

API Versioning

Managing different versions of an API to maintain compatibility while allowing updates and improvements.
DevOps

ASG (Auto Scaling Group)

Feature in cloud computing that automatically adjusts the number of instances based on defined conditions.
DevOps

ASP.Net Core Monitoring

Observing and analyzing the performance and behavior of applications built with ASP.Net Core framework.
DevOps

ATO (Account Takeover)

Type of identity theft where an attacker gains unauthorized access to a user's account.
DevOps

AWS (Amazon Web Services)

Cloud computing platform offering a wide range of services for computing, storage, networking, and more.
DevOps

AWS App Development Tools

Suite of tools provided by AWS for building, testing, and deploying applications on their cloud platform.
DevOps

AWS CLI

Command-line interface for interacting with AWS services, allowing users to manage resources and automate tasks.
DevOps

AWS CloudWatch

Monitoring and observability service for AWS resources and applications, providing metrics, logs, and alarms.
DevOps

AWS CodeDeploy

Fully managed deployment service that automates software deployments to various compute services.
DevOps

AWS CodePipeline

Continuous delivery service for fast and reliable application and infrastructure updates.
DevOps

AWS EC2

Elastic Compute Cloud; scalable computing capacity in the AWS cloud for running virtual servers.
DevOps

AWS ELB

Elastic Load Balancing; automatically distributes incoming application traffic across multiple targets.
DevOps

AWS Lambda

Serverless compute service that runs code in response to events and automatically manages the underlying resources.
DevOps

AWS Managed Services

Ongoing management of AWS infrastructure, allowing customers to focus on their applications and business.
DevOps

AWS Monitoring

Process of tracking and analyzing the performance, health, and usage of AWS resources and applications.
DevOps

AWS RDS

Relational Database Service; managed service for setting up, operating, and scaling relational databases in the cloud.
DevOps

AWS RDS Postgres Monitoring

Tracking and analyzing the performance and health of PostgreSQL databases running on AWS RDS.
DevOps

AWS S3

Simple Storage Service; object storage service offering industry-leading scalability, data availability, and performance.
DevOps

AWS S3 Cost Optimization

Strategies and practices to reduce costs associated with storing and accessing data in AWS S3.
DevOps

AWS Security

Set of tools, services, and best practices for protecting data, applications, and infrastructure in the AWS cloud.
DevOps

Acceptance Test-Driven Development (ATDD)

Software development approach where acceptance tests are written before the code, guiding implementation.
DevOps

Active Directory

Microsoft's directory service for Windows domain networks, managing users, computers, groups, and other objects.
DevOps

Advanced Rate Limiting

Technique to control the rate of incoming requests to an API or service, preventing overload and ensuring fair usage.
DevOps

Agent

Software component that performs automated tasks, often used in monitoring, data collection, or system management.
DevOps

Agile

Iterative approach to software development emphasizing flexibility, collaboration, and rapid delivery of working software.
DevOps

Agile Manifesto

Document outlining values and principles of Agile software development, prioritizing individuals, working software, and adaptability.
DevOps

Agile Methodology

Set of practices based on Agile principles, focusing on iterative development, team collaboration, and customer feedback.
DevOps

Agile Organization

Company structure that emphasizes adaptability, quick response to change, and continuous improvement.
DevOps

Agile Project Management

Applying Agile principles to project management, focusing on iterative planning, frequent delivery, and team empowerment.
DevOps

Agile Software Development

Iterative approach to building software, emphasizing flexibility, collaboration, and rapid delivery of working features.
DevOps

Ajax Requests

Technique for creating fast, dynamic web pages by exchanging small amounts of data with the server behind the scenes.
DevOps

Alerting

System for notifying relevant personnel about critical events or issues in IT infrastructure or applications.
DevOps

Amazon Aurora

Fully managed relational database engine compatible with MySQL and PostgreSQL, designed for the cloud.
DevOps

Amazon Web Services (AWS)

A cloud platform offering a wide range of services like computing power, storage, and databases, enabling scalable, flexible solutions.
DevOps

Android Deployment

Process of distributing and installing Android applications on devices or making them available through app stores.
DevOps

Android Emulator

Software tool that simulates Android devices on a computer for testing and development purposes.
DevOps

Android Studio

Official integrated development environment (IDE) for Android app development, offering a comprehensive set of tools and features.
DevOps

Anomaly Detection

Process of identifying unusual patterns or behaviors that deviate from expected norms in data or system behavior.
DevOps

Ansible

Open-source automation tool for configuration management, application deployment, and task automation.
DevOps

Antifragile

Quality of systems that gain strength from disorder or stress, becoming more resilient in the face of challenges.
DevOps

Apache

Popular open-source web server software that can run on various platforms, known for its reliability and extensive feature set.
DevOps

App Store Connect

Apple's platform for managing apps, viewing analytics, and submitting to the App Store.
DevOps

AppDynamics

Application performance management and IT operations analytics platform for monitoring and optimizing application performance.
DevOps

Application Containerization

Packaging software code and dependencies into lightweight, portable containers for consistent deployment across environments.
DevOps

Application Firewall

Security system that monitors, filters, and blocks HTTP/HTTPS traffic to and from web applications.
DevOps

Application Infrastructure

The hardware, software, and networking components required to run and support an application.
DevOps

Application Lifecycle Management

Process of managing an application from ideation through retirement, including development, testing, and maintenance.
DevOps

Application Migration

Process of moving an application from one environment to another, often involving cloud or platform transitions.
DevOps

Application Performance Monitoring (APM)

Tools and practices for monitoring and managing the performance and availability of software applications.
DevOps

Application Platform

Software framework that provides a foundation for developing and running applications, often including runtime services and APIs.
DevOps

Application Program Interface (API)

Set of protocols, routines, and tools for building software applications and enabling communication between different software systems.
DevOps

Application Release Automation (ARA)

Process of packaging and deploying applications automatically across various environments and platforms.
DevOps

Application Security

Measures taken to improve the security of an application by finding, fixing, and preventing vulnerabilities.
DevOps

Application Team

Group responsible for developing, maintaining, and improving a specific application or set of applications.
DevOps

Application Whitelisting

Security practice that specifies which applications are permitted to run on a system, blocking all others.
DevOps

Application Workflow

Sequence of tasks or processes within an application, often automated to improve efficiency and consistency.
DevOps

Aptly

Debian repository management tool that makes it easy to mirror existing repositories and create new ones.
DevOps

Artifact

Any file or object produced during the software development process, such as compiled code, documentation, or test results.
DevOps

Artifactory

Repository manager for storing and managing software packages, artifacts, and dependencies.
DevOps

Artifacts

Byproducts of software development, including executables, libraries, documentation, and other files created during the process.
DevOps

Artificial Intelligence (AI)

Computer systems capable of performing tasks that typically require human intelligence, such as learning and problem-solving.
DevOps

Asgard

Open-source web-based tool for cloud management and application deployment, primarily used with Amazon Web Services.
DevOps

Asterisk

Open-source framework for building communications applications, particularly used for creating custom telephone systems.
DevOps

Atom

Open-source text and source code editor developed by GitHub, known for its customizability.
DevOps

Attack Surface

Total sum of vulnerabilities in a given system that are accessible to an attacker.
DevOps

Attack Vector

Method or pathway used by a malicious actor to gain unauthorized access to a computer or network.
DevOps

Audit Log

Chronological record of system activities, providing a trail for tracking user actions and system events.
DevOps

Auditd

Linux daemon that monitors and logs system activities to detect security violations.
DevOps

Authentication Factor

Piece of information or process used to verify a user's identity, such as passwords, biometrics, or security tokens.
DevOps

Automated Builds

Process of compiling source code into executable software without manual intervention, often part of CI/CD pipelines.
DevOps

Automation

Use of technology to perform tasks with minimal human intervention, improving efficiency and reducing errors.
DevOps

Autonomy

Degree of independence and self-governance given to teams or systems in making decisions and performing tasks.
DevOps

Awsbox

Tool for deploying node.js apps to Amazon Web Services, simplifying the process of setting up and managing instances.
DevOps

Azure

Microsoft's cloud computing platform providing a wide range of services for building, testing, deploying, and managing applications.
DevOps

Back-end

Server-side of a website or application, responsible for data storage, security, and business logic.
DevOps

Backup

Copy of data created to protect against loss or damage, often stored separately from the original for recovery purposes.
DevOps

Bad/Threat Actor

Individual or entity that attempts to exploit vulnerabilities in systems or networks for malicious purposes.
DevOps

Baklava code

Term describing code that has too many layers, making it overly complex and difficult to understand or maintain.
DevOps

Bamboo

Continuous integration and deployment server by Atlassian, automating the building, testing, and deployment of software.
DevOps

Bare-metal

Physical computer server dedicated to a single tenant, not virtualized or shared among multiple users.
DevOps

Barkeep

Open-source web-based code review system that facilitates collaborative code reviews and discussions.
DevOps

Bash

Unix shell and command language, widely used for scripting and automating tasks in Unix-like operating systems.
DevOps

Bastion host

Specially designed system on a network specifically intended to withstand attacks, usually placed at the edge of a network.
DevOps

Bazel

Open-source build and test tool that enables fast, reproducible builds across multiple platforms and languages.
DevOps

Beats

Lightweight data shippers for various types of data, part of the Elastic Stack for log and metrics collection.
DevOps

Behavior-Driven Development (BDD)

Software development approach that focuses on defining the behavior of an application based on user stories.
DevOps
index entry

index entry

A record in Git's index file representing the state of a file in the repository.
integration

integration

A connection between Git and other tools or services to enhance functionality and workflow.
key fingerprint

key fingerprint

A short sequence of bytes used to identify a longer public key in Git's GPG signing process.
keychain

keychain

A secure storage system for passwords and keys, often integrated with Git clients for credential management.
keyword

keyword

A reserved word in Git commands or configurations with a specific meaning or function.
label

label

A way to categorize and organize issues and pull requests in GitHub repositories.
license

license

A document in a Git repository specifying how the project can be used, modified, and distributed.
line comment

line comment

A feature in Git platforms allowing users to comment on specific lines of code in pull requests or commits.
line ending

line ending

Characters marking the end of a line, which can cause issues in Git when collaborating across different operating systems.
locked personal account

locked personal account

A GitHub account that has been restricted due to a violation of terms of service or suspicious activity.
main

main

The default name for the primary branch in many Git repositories, replacing 'master' in recent conventions.
management console

management console

An administrative interface for managing Git hosting services, often used in enterprise environments.
markup

markup

A system of annotation used to format text, often used in Git documentation and comments.
members graph

members graph

A visual representation of an organization's membership on Git hosting platforms.
merge conflict

merge conflict

A situation in Git where incompatible changes have been made to the same part of a file, requiring manual resolution.
milestone

milestone

A way to track progress on groups of issues or pull requests in GitHub projects.
mirror

mirror

A complete copy of a repository, including all branches and history, often used for backup or as a full replica.
nested team

nested team

A team within a GitHub organization that is a subset of a larger team, inheriting its permissions.
network graph

network graph

A visual representation of the commit history and branch structure of a Git repository.
news feed

news feed

A personalized list of recent activity on Git platforms, showing updates from followed users and repositories.
non-fast-forward

non-fast-forward

A Git push that introduces new commits to the remote branch that aren't direct descendants of the current remote HEAD.
notification

notification

An alert system on Git platforms to inform users about relevant activities and mentions.
object

object

A fundamental unit in Git's data model, representing content, commits, trees, or tags, identified by a unique SHA-1 hash.
object database

object database

The storage system in Git that contains all versions of project files and metadata, organized by SHA-1 hashes.
object identifier (oid)

object identifier (oid)

A unique SHA-1 hash that identifies a Git object, ensuring data integrity and enabling content-addressable storage.
object name

object name

Another term for the SHA-1 hash that uniquely identifies a Git object in the repository.
object type

object type

The classification of Git objects, including blob (file content), tree (directory structure), commit, and tag.
octopus

octopus

A Git merge involving more than two branches simultaneously, creating a commit with multiple parents.
organization

organization

A shared account on Git hosting platforms where businesses and open-source projects can collaborate across many projects.
organization owner

organization owner

A user with administrative privileges for an organization account on Git hosting platforms.
orphan

orphan

A branch in Git with no parent commit, typically used to start a new history unrelated to existing branches.
outside collaborator

outside collaborator

A user granted access to a repository but not a member of the organization that owns the repository.
overlay

overlay

A Git feature that allows files from one branch to temporarily override files in another branch without merging.
owner

owner

The user or organization with administrative rights to a Git repository, controlling access and settings.
pack

pack

A compressed file format used by Git to store multiple objects efficiently, reducing repository size.
pack index

pack index

A file that provides fast random access to objects stored within a packfile in Git.
parent

parent

A commit from which another commit is derived, establishing the hierarchical relationship in Git history.
parent team

parent team

A team in a Git platform that grants its permissions to nested sub-teams within an organization.
participating notifications

participating notifications

Alerts received when you're directly involved in repository activities like being assigned or mentioned.
pathspec

pathspec

A pattern used in Git commands to limit the scope of operations to specific files or directories.
peel

peel

The process of recursively dereferencing a Git object to reveal its underlying object type.
per-worktree ref

per-worktree ref

A reference specific to a particular working tree in a Git repository with multiple worktrees.
permalink

permalink

A URL that points to a specific version of a file or directory in a Git repository, ensuring consistent reference.
personal account

personal account

An individual account on Git platforms, used for personal projects and contributions.
pickaxe

pickaxe

A Git feature for searching the repository history to find when a particular change was introduced.
pinned repository

pinned repository

A featured repository prominently displayed on a user's or organization's profile page on their Git hosting platform of choice.
plumbing

plumbing

Low-level Git commands that expose internal workings, primarily used for scripting and advanced operations.
porcelain

porcelain

High-level Git commands designed for everyday use, providing a user-friendly interface to common version control tasks.
pre-receive hooks

pre-receive hooks

Server-side scripts that run before pushed commits are accepted, used to enforce policies or perform checks.
primary email address

primary email address

The main email associated with a Git account, used for communications and commit author identification.
private contributions

private contributions

Contributions made to private repositories, typically only visible to repository collaborators.
private repository

private repository

A Git repository with restricted access, visible only to the owner and explicitly granted collaborators.
production branch

production branch

A Git branch that represents the stable, deployed version of a project, often protected from direct changes.
profile

profile

A user's public page on a Git platform, displaying information about their activity and repositories.
profile photo

profile photo

An image representing a user on a Git platform, displayed alongside their contributions and activities.
project board

project board

A kanban-style board in Git platforms for organizing and prioritizing project issues and pull requests.
protected branch

protected branch

A branch with rules enforcing certain conditions before changes can be pushed, merged, or deleted.
pseudoref

pseudoref

A Git reference that doesn't follow the standard refs format but is treated similarly, like HEAD or MERGE_HEAD.
public contributions

public contributions

Contributions made to public repositories, visible on a user's profile and activity feed.
public repository

public repository

A Git repository that is openly accessible to anyone, allowing viewing and often cloning without authentication.
pull access

pull access

Permission level in Git allowing a user to clone a repository and fetch updates, but not push changes.
pull request review

pull request review

The process of examining proposed changes in a pull request before they are merged into the main codebase.
pulse graph

pulse graph

A visual representation of a GitHub repository's recent activity, including commits, issues, and pull requests.
punch graph

punch graph

A visualization of commit frequency over time, often displayed as a heatmap on Git platforms.
push a branch

push a branch

The act of uploading commits from a local branch to a corresponding branch in a remote Git repository.
push access

push access

Permission to upload local changes to a remote Git repository, allowing direct modification of shared branches.
reachability bitmaps

reachability bitmaps

Data structures used to optimize Git operations by quickly determining which objects are reachable from a given commit.
reachable

reachable

Git objects that can be accessed by following the commit history from a given reference point.
read access

read access

Permission to view and clone a Git repository without the ability to make changes or push commits.
recovery code

recovery code

A backup method for accessing a Git account if two-factor authentication is enabled but unavailable.
ref

ref

A name that points to a specific Git object, typically a commit, such as branches or tags.
refs

refs

The collection of references in a Git repository, including branches, tags, and other named pointers to commits.
remote URL

remote URL

The address of a remote Git repository, used for fetching and pushing changes between local and remote repositories.
remote repository

remote repository

A version of a Git project hosted on a server, serving as a central point for collaboration and backup.
remote-tracking branch

remote-tracking branch

A local reference that represents the state of a corresponding branch in a remote repository.
replica

replica

A copy of a Git repository, often used in distributed systems for redundancy and load balancing.
repository cache

repository cache

A local storage of repository data used to improve performance in Git operations.
repository graph

repository graph

A visual representation of the commit history and branch structure in a Git repository.
repository maintainer

repository maintainer

A person responsible for managing a Git repository, reviewing contributions, and maintaining project quality.
required pull request review

required pull request review

A protection rule requiring one or more reviewers to approve changes before merging in Git platforms.
required status check

required status check

A condition that must be met, such as passing tests, before changes can be merged into a protected branch.
resolve

resolve

The process of addressing and fixing merge conflicts in Git, typically done manually by the developer.
revert

revert

A Git operation that creates a new commit that undoes the changes made by a previous commit.
review

review

The process of examining proposed changes in a pull request before merging them into the main codebase.
revision

revision

A specific version of a file, directory, or entire repository in Git, often referenced by a commit hash.
rewind

rewind

The act of moving a branch pointer to an earlier commit in Git, effectively undoing more recent commits.
root directory

root directory

The top-level directory of a Git repository, containing all project files and the .git subdirectory.
root filesystem

root filesystem

The base filesystem of a Git repository, from which all other directories and files are organized.
saved reply

saved reply

A pre-written response that can be quickly inserted into issues or pull request comments on Git platforms.
scope

scope

The range of access or permissions granted to a token or application in Git-based systems.
seat

seat

A licensed user in enterprise Git hosting plans, typically representing a single user account.
secret team

secret team

A team in a Git organization that is hidden from non-members and other teams within the organization.
security log

security log

A record of security-related events and actions in a system, used for monitoring and auditing purposes.
server-to-server request

server-to-server request

An authenticated request between Git servers, often used in integrations or automated processes.
service hook

service hook

A mechanism for Git platforms to send event notifications to external services or applications.
shallow repository

shallow repository

A Git repository with an intentionally truncated history, often created through shallow cloning.
single sign-on

single sign-on

An authentication process allowing users to access multiple Git-related services with one set of credentials.
special ref

special ref

A Git reference with a specific meaning or function, such as HEAD or FETCH_HEAD.
staging instance

staging instance

A deployment environment used for testing changes before releasing to production in Git-based workflows.
star

star

A feature on Git hosting platforms allowing users to bookmark repositories of interest.

Workflows as Code

Defining and managing complex business processes using code in cloud environments.

Workload Placement Optimization

Techniques for efficiently distributing applications and data across cloud resources.

Workload Portability

Ability to move applications and data between different cloud environments with minimal modifications.

Workload-Aware Data Placement

Optimizing data storage location based on application requirements in cloud environments.

Zero Trust Network Access (ZTNA)

Security model that requires strict identity verification for every person and device accessing cloud resources.

Zero Trust Security Model

Approach assuming no automatic trust, requiring continuous verification in cloud environments.

Zero UI Cloud Interactions

Interfacing with cloud services through ambient intelligence, without traditional user interfaces.

Zero-Knowledge Proof Services

Cloud-based cryptographic methods allowing data verification without revealing the data itself.

Zero-Knowledge Proof Systems

Cryptographic protocols enabling data verification without disclosing the actual data in cloud environments.

Zero-Trust Microsegmentation

Fine-grained network segmentation approach in cloud environments, limiting lateral movement of threats.

Zero-Trust Network Access (ZTNA)

Security framework requiring strict authentication and authorization for all cloud network access.

Zoned Namespaces (ZNS) SSDs

Storage devices optimized for cloud workloads, improving performance and reducing write amplification.

eBPF (extended Berkeley Packet Filter)

Technology for running sandboxed programs in the Linux kernel, often used in cloud environments.

eBPF-based Networking

Using eBPF technology to enhance network performance and security in cloud environments.

Pod Anti-Affinity

Kubernetes scheduling constraint that prevents pods from being co-located with other pods based on labels.

Pod Disruption Budget

Kubernetes object that limits the number of pods of a replicated application that can be down simultaneously.

Pod Lifecycle

Stages a pod goes through from creation to termination, including pending, running, succeeded, failed, and unknown phases.

Pod Monitors

Custom resources in Prometheus Operator for declaratively defining how groups of pods should be monitored.

Pod Networking

Mechanisms and configurations for enabling network communication between pods in a Kubernetes cluster.

Pod Overhead

Additional resources consumed by pod infrastructure on top of the container requests and limits.

Pod Phase

High-level summary of where a pod is in its lifecycle, used for pod status reporting and monitoring.

Pod Priority and Preemption

Kubernetes feature allowing importance-based scheduling and eviction of pods when resources are constrained.

Pod Security Context

Kubernetes object defining privilege and access control settings for a pod or container, enhancing security.

Pod Security Policies (PSP)

Deprecated Kubernetes feature for cluster-level control over pod security sensitive aspects.

Pod Security Standards

Kubernetes-defined levels (privileged, baseline, restricted) of security settings for pods.

PodDisruptionBudget

Kubernetes object limiting the number of pods that can be down simultaneously for a given application.

PodSandbox

Isolation boundary for one or more containers in a pod, providing shared kernel namespaces and cgroups.

PodSecurityPolicy

Deprecated cluster-level resource controlling security-sensitive aspects of pod specification.

Podman for Daemonless Containers

Tool for managing containers and images without a container daemon, compatible with Docker CLI.

Polaris for Best Practices Validation

Open-source tool for checking Kubernetes resources against configurable best practices, enhancing reliability.

Polyglot Persistence

Use of multiple data storage technologies in microservices architectures to best fit varying data storage needs.

Port Address Translation (PAT)

Network address translation technique used in container networking for mapping ports, enabling external access.

Port Mapping

Process of forwarding a network port from the host to a container, enabling external access to containerized services.

Portainer for Container Management

Web-based management UI for Docker environments, simplifying container operations and monitoring.

Portworx

Cloud-native storage platform providing persistent storage for containerized applications in multi-cloud environments.

Portworx PX-Store

Software-defined storage solution by Portworx for containerized stateful applications in Kubernetes.

Predicates

Kubernetes scheduling policies that filter out nodes that cannot run a pod, based on resource requirements and constraints.

Preemption

Kubernetes process of evicting lower-priority pods to schedule higher-priority pods when resources are constrained.

PrintColumn

CustomResourceDefinition feature for defining custom columns in kubectl output for custom resources.

Priorities

Kubernetes scheduling policies that rank nodes that have passed the predicate phase, determining the best placement for a pod.

Priority Classes

Kubernetes objects defining the relative importance of pods, used in scheduling and preemption decisions.

Priority and Preemption

Kubernetes feature allowing pods to be assigned different priorities, influencing scheduling and eviction decisions.

Privileged Containers

Containers running with elevated permissions, potentially accessing host resources and devices.

Progressive Delivery

Deployment strategy gradually rolling out changes to a subset of users or servers, monitoring for issues.

Project Calico eBPF Datapath

High-performance networking mode in Calico using extended Berkeley Packet Filter for packet processing.

Projected Volumes

Kubernetes volume type that maps several existing volume sources into the same directory, combining multiple configs.

Prometheus

Open-source systems monitoring and alerting toolkit, widely used for Kubernetes and container monitoring.

Prometheus Alertmanager

Component of Prometheus handling alerts, including silencing, inhibition, aggregation, and notifications.

Prometheus Operator

Kubernetes operator that makes it easy to deploy and manage Prometheus instances, simplifying monitoring setup.

Prometheus Pushgateway

Component allowing ephemeral and batch jobs to expose their metrics to Prometheus, enhancing monitoring coverage.

Prometheus Remote Write

Feature allowing Prometheus to send samples to compatible remote storage systems, enabling long-term storage.

Prometheus Rules

Definitions for recording rules and alerting rules in Prometheus, allowing for complex queries and alert conditions.

Protocol Selection

Process of choosing the appropriate network protocol for container communication based on requirements.

Quality of Service (QoS) Classes

Kubernetes classifications (Guaranteed, Burstable, BestEffort) for pods based on resource requirements and limits.

Qualys Container Security

Platform providing vulnerability management, policy compliance, and runtime defense for containers.

Quay.io

Container registry by Red Hat offering advanced features like vulnerability scanning and fine-grained access controls.

RBAC (Role-Based Access Control)

Kubernetes authorization mechanism for fine-grained control over the actions users can perform.

RBAC Best Practices

Guidelines for implementing secure and manageable role-based access control in Kubernetes environments.

RBAC for Multitenancy

Use of role-based access control to implement isolation and access management in multi-tenant Kubernetes clusters.

RDMA in Container Networks

Integration of Remote Direct Memory Access for high-performance, low-latency container networking.

Rancher for Multi-cluster Management

Platform for managing multiple Kubernetes clusters across different cloud providers and on-premises.

Rate Limiting Pattern

Technique to control the rate of requests or traffic in distributed systems, often implemented in API gateways.

Raw Block Volumes

Kubernetes volume type providing direct access to a block device for applications requiring this capability.

Reactive Systems

Architectural approach emphasizing responsiveness, resilience, elasticity, and message-driven communication in distributed systems.

Read-only Root Filesystem

Security practice of mounting a container's root filesystem as read-only to prevent runtime modifications.

ReadOnly Volumes

Kubernetes volumes mounted with read-only access, enhancing security by preventing modifications.

Registry

Service for storing and distributing container images, crucial for managing and deploying containerized applications.

Registry API

HTTP API provided by container registries for image management, authentication, and metadata retrieval.

Registry Authentication

Process of verifying the identity of clients making requests to containerized services or APIs.

Registry Caching

Technique of locally caching container images to improve pull times and reduce network usage.

Registry Mirroring

Process of replicating container images across multiple registries for improved availability and reduced latency.

Registry Webhooks

Mechanism for registries to send notifications about events such as image pushes, pulls, or deletions.

Release Trains

Scheduled, periodic releases of software components, often used in microservices architectures for coordinated updates.

ReplicaSet

Kubernetes controller ensuring a specified number of pod replicas are running at any given time.

Request Authentication

Process of verifying the identity of clients making requests to containerized services or APIs.

Request Mirroring

Technique of duplicating incoming requests to a separate service instance for testing or debugging purposes.

Resource Bin Packing

Scheduling strategy aiming to consolidate workloads onto a minimal number of nodes for efficient resource utilization.

Resource Limits

Constraints set on the amount of compute resources (CPU, memory) a container can consume, preventing resource hogging.

Resource Quotas

Kubernetes objects for limiting aggregate resource consumption per namespace, ensuring fair resource allocation.

Resource Requests

Specifications of the minimum amount of compute resources required by a container, aiding in scheduling decisions.

Resource Requests and Limits Tuning

Process of optimizing resource allocations for containers to balance performance and efficiency.

ResourceQuota

Kubernetes object providing constraints that limit aggregate resource consumption per namespace.

Retry Budgets

Limits on the number of retry attempts for failed operations in distributed systems to prevent cascading failures.

Retry Logic

Implementation of automatic reattempts for failed operations in microservices to improve system resilience.

Retry Pattern

Design pattern for handling transient failures in distributed systems by automatically repeating failed operations.

Role

Kubernetes RBAC object defining a set of permissions within a particular namespace, controlling access to resources.

RoleBinding

Kubernetes RBAC object that binds a role to a set of users or service accounts within a namespace.

RoleBindings and ClusterRoleBindings

Kubernetes objects associating Roles and ClusterRoles with users, groups, or service accounts.

Roles and ClusterRoles

Kubernetes RBAC objects defining sets of permissions at namespace or cluster level respectively.

Rollbacks

Process of reverting a deployment to a previous version in case of issues with the current version.

Rolling Updates

Deployment strategy where new versions of an application are gradually rolled out by replacing instances incrementally.

Romana for Layer 3 Networking

Networking solution for Kubernetes providing native Layer 3 networking without overlays for improved performance.

Rook

Open-source cloud-native storage orchestrator for Kubernetes, providing the platform, framework, and support for storage solutions.

Rook Storage Orchestrator

Kubernetes operator for file, block, and object storage systems, automating deployment and management of storage services.

Rootless Containers

Containers running without root privileges, enhancing security by reducing the potential impact of container breakouts.

RunC

Lightweight, portable container runtime adhering to the OCI specification, used as a low-level runtime by container engines.

RunC Internals

Inner workings and components of the RunC container runtime, including its interaction with Linux kernel features.

Runtime Application Self-Protection (RASP)

Security technology that detects and prevents real-time attacks on containerized applications.

Runtime Security

Measures and tools for protecting containerized applications during execution, including threat detection and prevention.

Runtime Threat Detection

Process of identifying and alerting on security threats to running containers and orchestration platforms.

RuntimeService

CRI component responsible for managing the entire lifecycle of a container, including creation, execution, and deletion.

SELinux Policies

Security policies enforcing mandatory access controls on containers and pods in Linux-based systems.

SLO-based Monitoring

Monitoring approach focusing on Service Level Objectives to ensure application performance and reliability.

SMI (Service Mesh Interface)

Standard specification for service meshes on Kubernetes, providing a common interface for various implementations.

SPIFFE/SPIRE for Workload Identity

Standards and implementation for securely identifying and authenticating workloads in dynamic environments.

SR-IOV for Container Networks

Use of Single Root I/O Virtualization to provide high-performance networking for containers.

Saga Pattern

Design pattern for managing data consistency across microservices in distributed transactions.

Saga Pattern for Distributed Transactions

Implementation of the Saga pattern to maintain data consistency in microservices architectures.

Sandbox Runtimes

Container runtimes providing additional isolation between the container and the host system for enhanced security.

Sandboxing

Techniques for isolating running containers from the host system and each other to enhance security.

Scale Subresource

Kubernetes API for directly managing the number of replicas of a workload without modifying the entire object.

Scheduler

Kubernetes component responsible for assigning pods to nodes based on resource requirements, policies, and constraints.

Scheduler Extender

External process allowing custom logic to be added to the Kubernetes scheduling decisions.

Scheduling Algorithms

Methods used by Kubernetes scheduler to determine the best node placement for pods based on various factors.