From 80a7d0147d7752297505ad812d9d062c788d008b Mon Sep 17 00:00:00 2001 From: Doug Hellmann Date: Thu, 15 Jun 2017 15:34:49 -0400 Subject: [PATCH] import the glossary from openstack-manuals Change-Id: I01491fe7d24428d4f0ad470c5976feea7caaa157 Signed-off-by: Doug Hellmann --- doc/source/glossary.rst | 4153 +++++++++++++++++++++++++++++++++++++++ doc/source/index.rst | 1 + 2 files changed, 4154 insertions(+) create mode 100644 doc/source/glossary.rst diff --git a/doc/source/glossary.rst b/doc/source/glossary.rst new file mode 100644 index 0000000000..d04f8b2109 --- /dev/null +++ b/doc/source/glossary.rst @@ -0,0 +1,4153 @@ +======== +Glossary +======== + +0-9 +~~~ + +.. glossary:: + + 6to4 + + A mechanism that allows IPv6 packets to be transmitted + over an IPv4 network, providing a strategy for migrating to + IPv6. + +A +~ + +.. glossary:: + + absolute limit + + Impassable limits for guest VMs. Settings include total RAM + size, maximum number of vCPUs, and maximum disk size. + + access control list (ACL) + + A list of permissions attached to an object. An ACL specifies + which users or system processes have access to objects. It also + defines which operations can be performed on specified objects. Each + entry in a typical ACL specifies a subject and an operation. For + instance, the ACL entry ``(Alice, delete)`` for a file gives + Alice permission to delete the file. + + access key + + Alternative term for an Amazon EC2 access key. See EC2 access + key. + + account + + The Object Storage context of an account. Do not confuse with a + user account from an authentication service, such as Active Directory, + /etc/passwd, OpenLDAP, OpenStack Identity, and so on. + + account auditor + + Checks for missing replicas and incorrect or corrupted objects + in a specified Object Storage account by running queries against the + back-end SQLite database. + + account database + + A SQLite database that contains Object Storage accounts and + related metadata and that the accounts server accesses. + + account reaper + + An Object Storage worker that scans for and deletes account + databases and that the account server has marked for deletion. + + account server + + Lists containers in Object Storage and stores container + information in the account database. + + account service + + An Object Storage component that provides account services such + as list, create, modify, and audit. Do not confuse with OpenStack + Identity service, OpenLDAP, or similar user-account services. + + accounting + + The Compute service provides accounting information through the + event notification and system usage data facilities. + + Active Directory + + Authentication and identity service by Microsoft, based on LDAP. + Supported in OpenStack. + + active/active configuration + + In a high-availability setup with an active/active + configuration, several systems share the load together and if one + fails, the load is distributed to the remaining systems. + + active/passive configuration + + In a high-availability setup with an active/passive + configuration, systems are set up to bring additional resources online + to replace those that have failed. + + address pool + + A group of fixed and/or floating IP addresses that are assigned + to a project and can be used by or assigned to the VM instances in a + project. + + Address Resolution Protocol (ARP) + + The protocol by which layer-3 IP addresses are resolved into + layer-2 link local addresses. + + admin API + + A subset of API calls that are accessible to authorized + administrators and are generally not accessible to end users or the + public Internet. They can exist as a separate service (keystone) or + can be a subset of another API (nova). + + admin server + + In the context of the Identity service, the worker process that + provides access to the admin API. + + administrator + + The person responsible for installing, configuring, + and managing an OpenStack cloud. + + Advanced Message Queuing Protocol (AMQP) + + The open standard messaging protocol used by OpenStack + components for intra-service communications, provided by RabbitMQ, + Qpid, or ZeroMQ. + + Advanced RISC Machine (ARM) + + Lower power consumption CPU often found in mobile and embedded + devices. Supported by OpenStack. + + alert + + The Compute service can send alerts through its notification + system, which includes a facility to create custom notification + drivers. Alerts can be sent to and displayed on the dashboard. + + allocate + + The process of taking a floating IP address from the address + pool so it can be associated with a fixed IP on a guest VM + instance. + + Amazon Kernel Image (AKI) + + Both a VM container format and disk format. Supported by Image + service. + + Amazon Machine Image (AMI) + + Both a VM container format and disk format. Supported by Image + service. + + Amazon Ramdisk Image (ARI) + + Both a VM container format and disk format. Supported by Image + service. + + Anvil + + A project that ports the shell script-based project named + DevStack to Python. + + aodh + + Part of the OpenStack :term:`Telemetry service `; provides alarming functionality. + + Apache + + The Apache Software Foundation supports the Apache community of + open-source software projects. These projects provide software + products for the public good. + + Apache License 2.0 + + All OpenStack core projects are provided under the terms of the + Apache License 2.0 license. + + Apache Web Server + + The most common web server software currently used on the + Internet. + + API endpoint + + The daemon, worker, or service that a client communicates with + to access an API. API endpoints can provide any number of services, + such as authentication, sales data, performance meters, Compute VM + commands, census data, and so on. + + API extension + + Custom modules that extend some OpenStack core APIs. + + API extension plug-in + + Alternative term for a Networking plug-in or Networking API + extension. + + API key + + Alternative term for an API token. + + API server + + Any node running a daemon or worker that provides an API + endpoint. + + API token + + Passed to API requests and used by OpenStack to verify that the + client is authorized to run the requested operation. + + API version + + In OpenStack, the API version for a project is part of the URL. + For example, ``example.com/nova/v1/foobar``. + + applet + + A Java program that can be embedded into a web page. + + Application Catalog service (murano) + + The project that provides an application catalog service so that users + can compose and deploy composite environments on an application + abstraction level while managing the application lifecycle. + + Application Programming Interface (API) + + A collection of specifications used to access a service, + application, or program. Includes service calls, required parameters + for each call, and the expected return values. + + application server + + A piece of software that makes available another piece of + software over a network. + + Application Service Provider (ASP) + + Companies that rent specialized applications that help + businesses and organizations provide additional services + with lower cost. + + arptables + + Tool used for maintaining Address Resolution Protocol packet + filter rules in the Linux kernel firewall modules. Used along with + iptables, ebtables, and ip6tables in Compute to provide firewall + services for VMs. + + associate + + The process associating a Compute floating IP address with a + fixed IP address. + + Asynchronous JavaScript and XML (AJAX) + + A group of interrelated web development techniques used on the + client-side to create asynchronous web applications. Used extensively + in horizon. + + ATA over Ethernet (AoE) + + A disk storage protocol tunneled within Ethernet. + + attach + + The process of connecting a VIF or vNIC to a L2 network in + Networking. In the context of Compute, this process connects a storage + volume to an instance. + + attachment (network) + + Association of an interface ID to a logical port. Plugs an + interface into a port. + + auditing + + Provided in Compute through the system usage data + facility. + + auditor + + A worker process that verifies the integrity of Object Storage + objects, containers, and accounts. Auditors is the collective term for + the Object Storage account auditor, container auditor, and object + auditor. + + Austin + + The code name for the initial release of + OpenStack. The first design summit took place in + Austin, Texas, US. + + auth node + + Alternative term for an Object Storage authorization + node. + + authentication + + The process that confirms that the user, process, or client is + really who they say they are through private key, secret token, + password, fingerprint, or similar method. + + authentication token + + A string of text provided to the client after authentication. + Must be provided by the user or process in subsequent requests to the + API endpoint. + + AuthN + + The Identity service component that provides authentication + services. + + authorization + + The act of verifying that a user, process, or client is + authorized to perform an action. + + authorization node + + An Object Storage node that provides authorization + services. + + AuthZ + + The Identity component that provides high-level + authorization services. + + Auto ACK + + Configuration setting within RabbitMQ that enables or disables + message acknowledgment. Enabled by default. + + auto declare + + A Compute RabbitMQ setting that determines whether a message + exchange is automatically created when the program starts. + + availability zone + + An Amazon EC2 concept of an isolated area that is used for fault + tolerance. Do not confuse with an OpenStack Compute zone or + cell. + + AWS CloudFormation template + + AWS CloudFormation allows Amazon Web Services (AWS) users to create and manage a + collection of related resources. The Orchestration service + supports a CloudFormation-compatible format (CFN). + +B +~ + +.. glossary:: + + back end + + Interactions and processes that are obfuscated from the user, + such as Compute volume mount, data transmission to an iSCSI target by + a daemon, or Object Storage object integrity checks. + + back-end catalog + + The storage method used by the Identity service catalog service + to store and retrieve information about API endpoints that are + available to the client. Examples include an SQL database, LDAP + database, or KVS back end. + + back-end store + + The persistent data store used to save and retrieve information + for a service, such as lists of Object Storage objects, current state + of guest VMs, lists of user names, and so on. Also, the method that the + Image service uses to get and store VM images. Options include Object + Storage, locally mounted file system, RADOS block devices, VMware + datastore, and HTTP. + + Backup, Restore, and Disaster Recovery service (freezer) + + The project that provides integrated tooling for backing up, restoring, + and recovering file systems, instances, or database backups. + + bandwidth + + The amount of available data used by communication resources, + such as the Internet. Represents the amount of data that is used to + download things or the amount of data available to download. + + barbican + + Code name of the :term:`Key Manager service + `. + + bare + + An Image service container format that indicates that no + container exists for the VM image. + + Bare Metal service (ironic) + + The OpenStack service that provides a service and associated libraries + capable of managing and provisioning physical machines in a + security-aware and fault-tolerant manner. + + base image + + An OpenStack-provided image. + + Bell-LaPadula model + + A security model that focuses on data confidentiality + and controlled access to classified information. + This model divides the entities into subjects and objects. + The clearance of a subject is compared to the classification of the + object to determine if the subject is authorized for the specific access mode. + The clearance or classification scheme is expressed in terms of a lattice. + + Benchmark service (rally) + + OpenStack project that provides a framework for + performance analysis and benchmarking of individual + OpenStack components as well as full production OpenStack + cloud deployments. + + Bexar + + A grouped release of projects related to + OpenStack that came out in February of 2011. It + included only Compute (nova) and Object Storage (swift). + Bexar is the code name for the second release of + OpenStack. The design summit took place in + San Antonio, Texas, US, which is the county seat for Bexar county. + + binary + + Information that consists solely of ones and zeroes, which is + the language of computers. + + bit + + A bit is a single digit number that is in base of 2 (either a + zero or one). Bandwidth usage is measured in bits per second. + + bits per second (BPS) + + The universal measurement of how quickly data is transferred + from place to place. + + block device + + A device that moves data in the form of blocks. These device + nodes interface the devices, such as hard disks, CD-ROM drives, flash + drives, and other addressable regions of memory. + + block migration + + A method of VM live migration used by KVM to evacuate instances + from one host to another with very little downtime during a + user-initiated switchover. Does not require shared storage. Supported + by Compute. + + Block Storage API + + An API on a separate endpoint for attaching, + detaching, and creating block storage for compute + VMs. + + Block Storage service (cinder) + + The OpenStack service that implement services and libraries to provide + on-demand, self-service access to Block Storage resources via abstraction + and automation on top of other block storage devices. + + BMC (Baseboard Management Controller) + + The intelligence in the IPMI architecture, which is a specialized + micro-controller that is embedded on the motherboard of a computer + and acts as a server. Manages the interface between system management + software and platform hardware. + + bootable disk image + + A type of VM image that exists as a single, bootable + file. + + Bootstrap Protocol (BOOTP) + + A network protocol used by a network client to obtain an IP + address from a configuration server. Provided in Compute through the + dnsmasq daemon when using either the FlatDHCP manager or VLAN manager + network manager. + + Border Gateway Protocol (BGP) + + The Border Gateway Protocol is a dynamic routing protocol + that connects autonomous systems. Considered the + backbone of the Internet, this protocol connects disparate + networks to form a larger network. + + browser + + Any client software that enables a computer or device to access + the Internet. + + builder file + + Contains configuration information that Object Storage uses to + reconfigure a ring or to re-create it from scratch after a serious + failure. + + bursting + + The practice of utilizing a secondary environment to + elastically build instances on-demand when the primary + environment is resource constrained. + + button class + + A group of related button types within horizon. Buttons to + start, stop, and suspend VMs are in one class. Buttons to associate + and disassociate floating IP addresses are in another class, and so + on. + + byte + + Set of bits that make up a single character; there are usually 8 + bits to a byte. + +C +~ + +.. glossary:: + + cache pruner + + A program that keeps the Image service VM image cache at or + below its configured maximum size. + + Cactus + + An OpenStack grouped release of projects that came out in the + spring of 2011. It included Compute (nova), Object Storage (swift), + and the Image service (glance). + Cactus is a city in Texas, US and is the code name for + the third release of OpenStack. When OpenStack releases went + from three to six months long, the code name of the release + changed to match a geography nearest the previous + summit. + + CALL + + One of the RPC primitives used by the OpenStack message queue + software. Sends a message and waits for a response. + + capability + + Defines resources for a cell, including CPU, storage, and + networking. Can apply to the specific services within a cell or a + whole cell. + + capacity cache + + A Compute back-end database table that contains the current + workload, amount of free RAM, and number of VMs running on each host. + Used to determine on which host a VM starts. + + capacity updater + + A notification driver that monitors VM instances and updates the + capacity cache as needed. + + CAST + + One of the RPC primitives used by the OpenStack message queue + software. Sends a message and does not wait for a response. + + catalog + + A list of API endpoints that are available to a user after + authentication with the Identity service. + + catalog service + + An Identity service that lists API endpoints that are available + to a user after authentication with the Identity service. + + ceilometer + + Part of the OpenStack :term:`Telemetry service `; gathers and stores metrics from other + OpenStack services. + + cell + + Provides logical partitioning of Compute resources in a child + and parent relationship. Requests are passed from parent cells to + child cells if the parent cannot provide the requested + resource. + + cell forwarding + + A Compute option that enables parent cells to pass resource + requests to child cells if the parent cannot provide the requested + resource. + + cell manager + + The Compute component that contains a list of the current + capabilities of each host within the cell and routes requests as + appropriate. + + CentOS + + A Linux distribution that is compatible with OpenStack. + + Ceph + + Massively scalable distributed storage system that consists of + an object store, block store, and POSIX-compatible distributed file + system. Compatible with OpenStack. + + CephFS + + The POSIX-compliant file system provided by Ceph. + + certificate authority (CA) + + In cryptography, an entity that issues digital certificates. The digital + certificate certifies the ownership of a public key by the named + subject of the certificate. This enables others (relying parties) to + rely upon signatures or assertions made by the private key that + corresponds to the certified public key. In this model of trust + relationships, a CA is a trusted third party for both the subject + (owner) of the certificate and the party relying upon the certificate. + CAs are characteristic of many public key infrastructure (PKI) + schemes. + In OpenStack, a simple certificate authority is provided by Compute for + cloudpipe VPNs and VM image decryption. + + Challenge-Handshake Authentication Protocol (CHAP) + + An iSCSI authentication method supported by Compute. + + chance scheduler + + A scheduling method used by Compute that randomly chooses an + available host from the pool. + + changes since + + A Compute API parameter that downloads changes to the requested + item since your last request, instead of downloading a new, fresh set + of data and comparing it against the old data. + + Chef + + An operating system configuration management tool supporting + OpenStack deployments. + + child cell + + If a requested resource such as CPU time, disk storage, or + memory is not available in the parent cell, the request is forwarded + to its associated child cells. If the child cell can fulfill the + request, it does. Otherwise, it attempts to pass the request to any of + its children. + + cinder + + Codename for :term:`Block Storage service + `. + + CirrOS + + A minimal Linux distribution designed for use as a test + image on clouds such as OpenStack. + + Cisco neutron plug-in + + A Networking plug-in for Cisco devices and technologies, + including UCS and Nexus. + + cloud architect + + A person who plans, designs, and oversees the creation of + clouds. + + Cloud Auditing Data Federation (CADF) + + Cloud Auditing Data Federation (CADF) is a + specification for audit event data. CADF is + supported by OpenStack Identity. + + cloud computing + + A model that enables access to a shared pool of configurable + computing resources, such as networks, servers, storage, applications, + and services, that can be rapidly provisioned and released with + minimal management effort or service provider interaction. + + cloud controller + + Collection of Compute components that represent the global state + of the cloud; talks to services, such as Identity authentication, + Object Storage, and node/storage workers through a + queue. + + cloud controller node + + A node that runs network, volume, API, scheduler, and image + services. Each service may be broken out into separate nodes for + scalability or availability. + + Cloud Data Management Interface (CDMI) + + SINA standard that defines a RESTful API for managing objects in + the cloud, currently unsupported in OpenStack. + + Cloud Infrastructure Management Interface (CIMI) + + An in-progress specification for cloud management. Currently + unsupported in OpenStack. + + cloud-init + + A package commonly installed in VM images that performs + initialization of an instance after boot using information that it + retrieves from the metadata service, such as the SSH public key and + user data. + + cloudadmin + + One of the default roles in the Compute RBAC system. Grants + complete system access. + + Cloudbase-Init + + A Windows project providing guest initialization features, + similar to cloud-init. + + cloudpipe + + A compute service that creates VPNs on a per-project + basis. + + cloudpipe image + + A pre-made VM image that serves as a cloudpipe server. + Essentially, OpenVPN running on Linux. + + Clustering service (senlin) + + The project that implements clustering services and libraries + for the management of groups of homogeneous objects exposed + by other OpenStack services. + + command filter + + Lists allowed commands within the Compute rootwrap + facility. + + Common Internet File System (CIFS) + + A file sharing protocol. It is a public or open variation of the + original Server Message Block (SMB) protocol developed and used by + Microsoft. Like the SMB protocol, CIFS runs at a higher level and uses + the TCP/IP protocol. + + Common Libraries (oslo) + + The project that produces a set of python libraries containing code + shared by OpenStack projects. The APIs provided by these libraries + should be high quality, stable, consistent, documented and generally + applicable. + + community project + + A project that is not officially endorsed by the OpenStack + Foundation. If the project is successful enough, it might be elevated + to an incubated project and then to a core project, or it might be + merged with the main code trunk. + + compression + + Reducing the size of files by special encoding, the file can be + decompressed again to its original content. OpenStack supports + compression at the Linux file system level but does not support + compression for things such as Object Storage objects or Image service + VM images. + + Compute API (Nova API) + + The nova-api daemon provides access to nova services. Can communicate with + other APIs, such as the Amazon EC2 API. + + compute controller + + The Compute component that chooses suitable hosts on which to + start VM instances. + + compute host + + Physical host dedicated to running compute nodes. + + compute node + + A node that runs the nova-compute daemon that manages VM + instances that provide a wide + range of services, such as web applications and analytics. + + Compute service (nova) + + The OpenStack core project that implements services and associated + libraries to provide massively-scalable, on-demand, self-service + access to compute resources, including bare metal, virtual machines, + and containers. + + compute worker + + The Compute component that runs on each compute node and manages + the VM instance lifecycle, including run, reboot, terminate, + attach/detach volumes, and so on. Provided by the nova-compute daemon. + + concatenated object + + A set of segment objects that Object Storage combines and sends + to the client. + + conductor + + In Compute, conductor is the process that proxies database + requests from the compute process. Using conductor improves security + because compute nodes do not need direct access to the + database. + + congress + + Code name for the :term:`Governance service + `. + + consistency window + + The amount of time it takes for a new Object Storage object to + become accessible to all clients. + + console log + + Contains the output from a Linux VM console in Compute. + + container + + Organizes and stores objects in Object Storage. Similar to the + concept of a Linux directory but cannot be nested. Alternative term + for an Image service container format. + + container auditor + + Checks for missing replicas or incorrect objects in specified + Object Storage containers through queries to the SQLite back-end + database. + + container database + + A SQLite database that stores Object Storage containers and + container metadata. The container server accesses this + database. + + container format + + A wrapper used by the Image service that contains a VM image and + its associated metadata, such as machine state, OS disk size, and so + on. + + Container Infrastructure Management service (magnum) + + The project which provides a set of services for provisioning, scaling, + and managing container orchestration engines. + + container server + + An Object Storage server that manages containers. + + container service + + The Object Storage component that provides container services, + such as create, delete, list, and so on. + + content delivery network (CDN) + + A content delivery network is a specialized network that is + used to distribute content to clients, typically located + close to the client for increased performance. + + controller node + + Alternative term for a cloud controller node. + + core API + + Depending on context, the core API is either the OpenStack API + or the main API of a specific core project, such as Compute, + Networking, Image service, and so on. + + core service + + An official OpenStack service defined as core by + DefCore Committee. Currently, consists of + Block Storage service (cinder), Compute service (nova), + Identity service (keystone), Image service (glance), + Networking service (neutron), and Object Storage service (swift). + + cost + + Under the Compute distributed scheduler, this is calculated by + looking at the capabilities of each host relative to the flavor of the + VM instance being requested. + + credentials + + Data that is only known to or accessible by a user and + used to verify that the user is who he says he is. + Credentials are presented to the server during + authentication. Examples include a password, secret key, + digital certificate, and fingerprint. + + CRL + + A Certificate Revocation List (CRL) in a PKI model is a list of + certificates that have been revoked. End entities presenting + these certificates should not be trusted. + + Cross-Origin Resource Sharing (CORS) + + A mechanism that allows many resources (for example, + fonts, JavaScript) on a web page to be requested from + another domain outside the domain from which the resource + originated. In particular, JavaScript's AJAX calls can use + the XMLHttpRequest mechanism. + + Crowbar + + An open source community project by SUSE that aims to provide + all necessary services to quickly deploy and manage clouds. + + current workload + + An element of the Compute capacity cache that is calculated + based on the number of build, snapshot, migrate, and resize operations + currently in progress on a given host. + + customer + + Alternative term for project. + + customization module + + A user-created Python module that is loaded by horizon to change + the look and feel of the dashboard. + +D +~ + +.. glossary:: + + daemon + + A process that runs in the background and waits for requests. + May or may not listen on a TCP or UDP port. Do not confuse with a + worker. + + Dashboard (horizon) + + OpenStack project which provides an extensible, unified, web-based + user interface for all OpenStack services. + + data encryption + + Both Image service and Compute support encrypted virtual machine + (VM) images (but not instances). In-transit data encryption is + supported in OpenStack using technologies such as HTTPS, SSL, TLS, and + SSH. Object Storage does not support object encryption at the + application level but may support storage that uses disk encryption. + + Data loss prevention (DLP) software + + Software programs used to protect sensitive information + and prevent it from leaking outside a network boundary + through the detection and denying of the data transportation. + + Data Processing service (sahara) + + OpenStack project that provides a scalable + data-processing stack and associated management + interfaces. + + data store + + A database engine supported by the Database service. + + database ID + + A unique ID given to each replica of an Object Storage + database. + + database replicator + + An Object Storage component that copies changes in the account, + container, and object databases to other nodes. + + Database service (trove) + + An integrated project that provides scalable and reliable + Cloud Database-as-a-Service functionality for both + relational and non-relational database engines. + + deallocate + + The process of removing the association between a floating IP + address and a fixed IP address. Once this association is removed, the + floating IP returns to the address pool. + + Debian + + A Linux distribution that is compatible with OpenStack. + + deduplication + + The process of finding duplicate data at the disk block, file, + and/or object level to minimize storage use—currently unsupported + within OpenStack. + + default panel + + The default panel that is displayed when a user accesses the + dashboard. + + default project + + New users are assigned to this project if no project is specified + when a user is created. + + default token + + An Identity service token that is not associated with a specific + project and is exchanged for a scoped token. + + delayed delete + + An option within Image service so that an image is deleted after + a predefined number of seconds instead of immediately. + + delivery mode + + Setting for the Compute RabbitMQ message delivery mode; can be + set to either transient or persistent. + + denial of service (DoS) + + Denial of service (DoS) is a short form for + denial-of-service attack. This is a malicious attempt to + prevent legitimate users from using a service. + + deprecated auth + + An option within Compute that enables administrators to create + and manage users through the ``nova-manage`` command as + opposed to using the Identity service. + + designate + + Code name for the :term:`DNS service `. + + Desktop-as-a-Service + + A platform that provides a suite of desktop environments + that users access to receive a desktop experience from + any location. This may provide general use, development, or + even homogeneous testing environments. + + developer + + One of the default roles in the Compute RBAC system and the + default role assigned to a new user. + + device ID + + Maps Object Storage partitions to physical storage + devices. + + device weight + + Distributes partitions proportionately across Object Storage + devices based on the storage capacity of each device. + + DevStack + + Community project that uses shell scripts to quickly build + complete OpenStack development environments. + + DHCP agent + + OpenStack Networking agent that provides DHCP services + for virtual networks. + + Diablo + + A grouped release of projects related to OpenStack that came out + in the fall of 2011, the fourth release of OpenStack. It included + Compute (nova 2011.3), Object Storage (swift 1.4.3), and the Image + service (glance). + Diablo is the code name for the fourth release of + OpenStack. The design summit took place in + the Bay Area near Santa Clara, + California, US and Diablo is a nearby city. + + direct consumer + + An element of the Compute RabbitMQ that comes to life when a RPC + call is executed. It connects to a direct exchange through a unique + exclusive queue, sends the message, and terminates. + + direct exchange + + A routing table that is created within the Compute RabbitMQ + during RPC calls; one is created for each RPC call that is + invoked. + + direct publisher + + Element of RabbitMQ that provides a response to an incoming MQ + message. + + disassociate + + The process of removing the association between a floating IP + address and fixed IP and thus returning the floating IP address to the + address pool. + + Discretionary Access Control (DAC) + + Governs the ability of subjects to access objects, while enabling + users to make policy decisions and assign security attributes. + The traditional UNIX system of users, groups, and read-write-execute + permissions is an example of DAC. + + disk encryption + + The ability to encrypt data at the file system, disk partition, + or whole-disk level. Supported within Compute VMs. + + disk format + + The underlying format that a disk image for a VM is stored as + within the Image service back-end store. For example, AMI, ISO, QCOW2, + VMDK, and so on. + + dispersion + + In Object Storage, tools to test and ensure dispersion of + objects and containers to ensure fault tolerance. + + distributed virtual router (DVR) + + Mechanism for highly available multi-host routing when using + OpenStack Networking (neutron). + + Django + + A web framework used extensively in horizon. + + DNS record + + A record that specifies information about a particular domain + and belongs to the domain. + + DNS service (designate) + + OpenStack project that provides scalable, on demand, self + service access to authoritative DNS services, in a + technology-agnostic manner. + + dnsmasq + + Daemon that provides DNS, DHCP, BOOTP, and TFTP services for + virtual networks. + + domain + + An Identity API v3 entity. Represents a collection of + projects, groups and users that defines administrative boundaries for + managing OpenStack Identity entities. + On the Internet, separates a website from other sites. Often, + the domain name has two or more parts that are separated by dots. + For example, yahoo.com, usa.gov, harvard.edu, or + mail.yahoo.com. + Also, a domain is an entity or container of all DNS-related + information containing one or more records. + + Domain Name System (DNS) + + A system by which Internet domain name-to-address and + address-to-name resolutions are determined. + DNS helps navigate the Internet by translating the IP address + into an address that is easier to remember. For example, translating + 111.111.111.1 into www.yahoo.com. + All domains and their components, such as mail servers, utilize + DNS to resolve to the appropriate locations. DNS servers are usually + set up in a master-slave relationship such that failure of the master + invokes the slave. DNS servers might also be clustered or replicated + such that changes made to one DNS server are automatically propagated + to other active servers. + In Compute, the support that enables associating DNS entries + with floating IP addresses, nodes, or cells so that hostnames are + consistent across reboots. + + download + + The transfer of data, usually in the form of files, from one + computer to another. + + durable exchange + + The Compute RabbitMQ message exchange that remains active when + the server restarts. + + durable queue + + A Compute RabbitMQ message queue that remains active when the + server restarts. + + Dynamic Host Configuration Protocol (DHCP) + + A network protocol that configures devices that are connected to a + network so that they can communicate on that network by using the + Internet Protocol (IP). The protocol is implemented in a client-server + model where DHCP clients request configuration data, such as an IP + address, a default route, and one or more DNS server addresses from a + DHCP server. + A method to automatically configure networking for a host at + boot time. Provided by both Networking and Compute. + + Dynamic HyperText Markup Language (DHTML) + + Pages that use HTML, JavaScript, and Cascading Style Sheets to + enable users to interact with a web page or show simple + animation. + +E +~ + +.. glossary:: + + east-west traffic + + Network traffic between servers in the same cloud or data center. + See also north-south traffic. + + EBS boot volume + + An Amazon EBS storage volume that contains a bootable VM image, + currently unsupported in OpenStack. + + ebtables + + Filtering tool for a Linux bridging firewall, enabling + filtering of network traffic passing through a Linux bridge. + Used in Compute along with arptables, iptables, and ip6tables + to ensure isolation of network communications. + + EC2 + + The Amazon commercial compute product, similar to + Compute. + + EC2 access key + + Used along with an EC2 secret key to access the Compute EC2 + API. + + EC2 API + + OpenStack supports accessing the Amazon EC2 API through + Compute. + + EC2 Compatibility API + + A Compute component that enables OpenStack to communicate with + Amazon EC2. + + EC2 secret key + + Used along with an EC2 access key when communicating with the + Compute EC2 API; used to digitally sign each request. + + Elastic Block Storage (EBS) + + The Amazon commercial block storage product. + + encapsulation + + The practice of placing one packet type within another for + the purposes of abstracting or securing data. Examples + include GRE, MPLS, or IPsec. + + encryption + + OpenStack supports encryption technologies such as HTTPS, SSH, + SSL, TLS, digital certificates, and data encryption. + + endpoint + + See API endpoint. + + endpoint registry + + Alternative term for an Identity service catalog. + + endpoint template + + A list of URL and port number endpoints that indicate where a + service, such as Object Storage, Compute, Identity, and so on, can be + accessed. + + entity + + Any piece of hardware or software that wants to connect to the + network services provided by Networking, the network connectivity + service. An entity can make use of Networking by implementing a + VIF. + + ephemeral image + + A VM image that does not save changes made to its volumes and + reverts them to their original state after the instance is + terminated. + + ephemeral volume + + Volume that does not save the changes made to it and reverts to + its original state when the current user relinquishes control. + + Essex + + A grouped release of projects related to OpenStack that came out + in April 2012, the fifth release of OpenStack. It included Compute + (nova 2012.1), Object Storage (swift 1.4.8), Image (glance), Identity + (keystone), and Dashboard (horizon). + Essex is the code name for the fifth release of + OpenStack. The design summit took place in + Boston, Massachusetts, US and Essex is a nearby city. + + ESXi + + An OpenStack-supported hypervisor. + + ETag + + MD5 hash of an object within Object Storage, used to ensure data + integrity. + + euca2ools + + A collection of command-line tools for administering VMs; most + are compatible with OpenStack. + + Eucalyptus Kernel Image (EKI) + + Used along with an ERI to create an EMI. + + Eucalyptus Machine Image (EMI) + + VM image container format supported by Image service. + + Eucalyptus Ramdisk Image (ERI) + + Used along with an EKI to create an EMI. + + evacuate + + The process of migrating one or all virtual machine (VM) + instances from one host to another, compatible with both shared + storage live migration and block migration. + + exchange + + Alternative term for a RabbitMQ message exchange. + + exchange type + + A routing algorithm in the Compute RabbitMQ. + + exclusive queue + + Connected to by a direct consumer in RabbitMQ—Compute, the + message can be consumed only by the current connection. + + extended attributes (xattr) + + File system option that enables storage of additional + information beyond owner, group, permissions, modification time, and + so on. The underlying Object Storage file system must support extended + attributes. + + extension + + Alternative term for an API extension or plug-in. In the context + of Identity service, this is a call that is specific to the + implementation, such as adding support for OpenID. + + external network + + A network segment typically used for instance Internet + access. + + extra specs + + Specifies additional requirements when Compute determines where + to start a new instance. Examples include a minimum amount of network + bandwidth or a GPU. + +F +~ + +.. glossary:: + + FakeLDAP + + An easy method to create a local LDAP directory for testing + Identity and Compute. Requires Redis. + + fan-out exchange + + Within RabbitMQ and Compute, it is the messaging interface that + is used by the scheduler service to receive capability messages from + the compute, volume, and network nodes. + + federated identity + + A method to establish trusts between identity providers and the + OpenStack cloud. + + Fedora + + A Linux distribution compatible with OpenStack. + + Fibre Channel + + Storage protocol similar in concept to TCP/IP; encapsulates SCSI + commands and data. + + Fibre Channel over Ethernet (FCoE) + + The fibre channel protocol tunneled within Ethernet. + + fill-first scheduler + + The Compute scheduling method that attempts to fill a host with + VMs rather than starting new VMs on a variety of hosts. + + filter + + The step in the Compute scheduling process when hosts that + cannot run VMs are eliminated and not chosen. + + firewall + + Used to restrict communications between hosts and/or nodes, + implemented in Compute using iptables, arptables, ip6tables, and + ebtables. + + FireWall-as-a-Service (FWaaS) + + A Networking extension that provides perimeter firewall + functionality. + + fixed IP address + + An IP address that is associated with the same instance each + time that instance boots, is generally not accessible to end users or + the public Internet, and is used for management of the + instance. + + Flat Manager + + The Compute component that gives IP addresses to authorized + nodes and assumes DHCP, DNS, and routing configuration and services + are provided by something else. + + flat mode injection + + A Compute networking method where the OS network configuration + information is injected into the VM image before the instance + starts. + + flat network + + Virtual network type that uses neither VLANs nor tunnels to + segregate project traffic. Each flat network typically requires + a separate underlying physical interface defined by bridge + mappings. However, a flat network can contain multiple + subnets. + + FlatDHCP Manager + + The Compute component that provides dnsmasq (DHCP, DNS, BOOTP, + TFTP) and radvd (routing) services. + + flavor + + Alternative term for a VM instance type. + + flavor ID + + UUID for each Compute or Image service VM flavor or instance + type. + + floating IP address + + An IP address that a project can associate with a VM so that the + instance has the same public IP address each time that it boots. You + create a pool of floating IP addresses and assign them to instances as + they are launched to maintain a consistent IP address for maintaining + DNS assignment. + + Folsom + + A grouped release of projects related to OpenStack that came out + in the fall of 2012, the sixth release of OpenStack. It includes + Compute (nova), Object Storage (swift), Identity (keystone), + Networking (neutron), Image service (glance), and Volumes or Block + Storage (cinder). + Folsom is the code name for the sixth release of + OpenStack. The design summit took place in + San Francisco, California, US and Folsom is a nearby city. + + FormPost + + Object Storage middleware that uploads (posts) an image through + a form on a web page. + + freezer + + Code name for the :term:`Backup, Restore, and Disaster Recovery service + `. + + front end + + The point where a user interacts with a service; can be an API + endpoint, the dashboard, or a command-line tool. + +G +~ + +.. glossary:: + + gateway + + An IP address, typically assigned to a router, that + passes network traffic between different networks. + + generic receive offload (GRO) + + Feature of certain network interface drivers that + combines many smaller received packets into a large packet + before delivery to the kernel IP stack. + + generic routing encapsulation (GRE) + + Protocol that encapsulates a wide variety of network + layer protocols inside virtual point-to-point links. + + glance + + Codename for the :term:`Image service`. + + glance API server + + Alternative name for the :term:`Image API`. + + glance registry + + Alternative term for the Image service :term:`image registry`. + + global endpoint template + + The Identity service endpoint template that contains services + available to all projects. + + GlusterFS + + A file system designed to aggregate NAS hosts, compatible with + OpenStack. + + gnocchi + + Part of the OpenStack :term:`Telemetry service `; provides an indexer and time-series + database. + + golden image + + A method of operating system installation where a finalized disk + image is created and then used by all nodes without + modification. + + Governance service (congress) + + The project that provides Governance-as-a-Service across + any collection of cloud services in order to monitor, + enforce, and audit policy over dynamic infrastructure. + + Graphic Interchange Format (GIF) + + A type of image file that is commonly used for animated images + on web pages. + + Graphics Processing Unit (GPU) + + Choosing a host based on the existence of a GPU is currently + unsupported in OpenStack. + + Green Threads + + The cooperative threading model used by Python; reduces race + conditions and only context switches when specific library calls are + made. Each OpenStack service is its own thread. + + Grizzly + + The code name for the seventh release of + OpenStack. The design summit took place in + San Diego, California, US and Grizzly is an element of the state flag of + California. + + Group + + An Identity v3 API entity. Represents a collection of users that is + owned by a specific domain. + + guest OS + + An operating system instance running under the control of a + hypervisor. + +H +~ + +.. glossary:: + + Hadoop + + Apache Hadoop is an open source software framework that supports + data-intensive distributed applications. + + Hadoop Distributed File System (HDFS) + + A distributed, highly fault-tolerant file system designed to run + on low-cost commodity hardware. + + handover + + An object state in Object Storage where a new replica of the + object is automatically created due to a drive failure. + + HAProxy + + Provides a load balancer for TCP and HTTP-based applications that + spreads requests across multiple servers. + + hard reboot + + A type of reboot where a physical or virtual power button is + pressed as opposed to a graceful, proper shutdown of the operating + system. + + Havana + + The code name for the eighth release of OpenStack. The + design summit took place in Portland, Oregon, US and Havana is + an unincorporated community in Oregon. + + health monitor + + Determines whether back-end members of a VIP pool can + process a request. A pool can have several health monitors + associated with it. When a pool has several monitors + associated with it, all monitors check each member of the + pool. All monitors must declare a member to be healthy for + it to stay active. + + heat + Codename for the :term:`Orchestration service + `. + + Heat Orchestration Template (HOT) + + Heat input in the format native to OpenStack. + + high availability (HA) + + A high availability system design approach and associated + service implementation ensures that a prearranged level of + operational performance will be met during a contractual + measurement period. High availability systems seek to + minimize system downtime and data loss. + + horizon + + Codename for the :term:`Dashboard `. + + horizon plug-in + + A plug-in for the OpenStack Dashboard (horizon). + + host + + A physical computer, not a VM instance (node). + + host aggregate + + A method to further subdivide availability zones into hypervisor + pools, a collection of common hosts. + + Host Bus Adapter (HBA) + + Device plugged into a PCI slot, such as a fibre channel or + network card. + + hybrid cloud + + A hybrid cloud is a composition of two or more clouds + (private, community or public) that remain distinct entities + but are bound together, offering the benefits of multiple + deployment models. Hybrid cloud can also mean the ability + to connect colocation, managed and/or dedicated services + with cloud resources. + + Hyper-V + + One of the hypervisors supported by OpenStack. + + hyperlink + + Any kind of text that contains a link to some other site, + commonly found in documents where clicking on a word or words opens up + a different website. + + Hypertext Transfer Protocol (HTTP) + + An application protocol for distributed, collaborative, + hypermedia information systems. It is the foundation of data + communication for the World Wide Web. Hypertext is structured + text that uses logical links (hyperlinks) between nodes containing + text. HTTP is the protocol to exchange or transfer hypertext. + + Hypertext Transfer Protocol Secure (HTTPS) + + An encrypted communications protocol for secure communication + over a computer network, with especially wide deployment on the + Internet. Technically, it is not a protocol in and of itself; + rather, it is the result of simply layering the Hypertext Transfer + Protocol (HTTP) on top of the TLS or SSL protocol, thus adding the + security capabilities of TLS or SSL to standard HTTP communications. + Most OpenStack API endpoints and many inter-component communications + support HTTPS communication. + + hypervisor + + Software that arbitrates and controls VM access to the actual + underlying hardware. + + hypervisor pool + + A collection of hypervisors grouped together through host + aggregates. + +I +~ + +.. glossary:: + + Icehouse + + The code name for the ninth release of OpenStack. The + design summit took place in Hong Kong and Ice House is a + street in that city. + + ID number + + Unique numeric ID associated with each user in Identity, + conceptually similar to a Linux or LDAP UID. + + Identity API + + Alternative term for the Identity service API. + + Identity back end + + The source used by Identity service to retrieve user + information; an OpenLDAP server, for example. + + identity provider + + A directory service, which allows users to login with a user + name and password. It is a typical source of authentication + tokens. + + Identity service (keystone) + + The project that facilitates API client authentication, service + discovery, distributed multi-project authorization, and auditing. + It provides a central directory of users mapped to the OpenStack + services they can access. It also registers endpoints for OpenStack + services and acts as a common authentication system. + + Identity service API + + The API used to access the OpenStack Identity service provided + through keystone. + + IETF + + Internet Engineering Task Force (IETF) is an open standards + organization that develops Internet standards, particularly the + standards pertaining to TCP/IP. + + image + + A collection of files for a specific operating system (OS) that + you use to create or rebuild a server. OpenStack provides pre-built + images. You can also create custom images, or snapshots, from servers + that you have launched. Custom images can be used for data backups or + as "gold" images for additional servers. + + Image API + + The Image service API endpoint for management of VM + images. + Processes client requests for VMs, updates Image service + metadata on the registry server, and communicates with the store + adapter to upload VM images from the back-end store. + + image cache + + Used by Image service to obtain images on the local host rather + than re-downloading them from the image server each time one is + requested. + + image ID + + Combination of a URI and UUID used to access Image service VM + images through the image API. + + image membership + + A list of projects that can access a given VM image within Image + service. + + image owner + + The project who owns an Image service virtual machine + image. + + image registry + + A list of VM images that are available through Image + service. + + Image service (glance) + + The OpenStack service that provide services and associated libraries + to store, browse, share, distribute and manage bootable disk images, + other data closely associated with initializing compute resources, + and metadata definitions. + + image status + + The current status of a VM image in Image service, not to be + confused with the status of a running instance. + + image store + + The back-end store used by Image service to store VM images, + options include Object Storage, locally mounted file system, + RADOS block devices, VMware datastore, or HTTP. + + image UUID + + UUID used by Image service to uniquely identify each VM + image. + + incubated project + + A community project may be elevated to this status and is then + promoted to a core project. + + Infrastructure Optimization service (watcher) + + OpenStack project that aims to provide a flexible and scalable resource + optimization service for multi-project OpenStack-based clouds. + + Infrastructure-as-a-Service (IaaS) + + IaaS is a provisioning model in which an organization outsources + physical components of a data center, such as storage, hardware, + servers, and networking components. A service provider owns the + equipment and is responsible for housing, operating and maintaining + it. The client typically pays on a per-use basis. + IaaS is a model for providing cloud services. + + ingress filtering + + The process of filtering incoming network traffic. Supported by + Compute. + + INI format + + The OpenStack configuration files use an INI format to + describe options and their values. It consists of sections + and key value pairs. + + injection + + The process of putting a file into a virtual machine image + before the instance is started. + + Input/Output Operations Per Second (IOPS) + + IOPS are a common performance measurement used to benchmark computer + storage devices like hard disk drives, solid state drives, and + storage area networks. + + instance + + A running VM, or a VM in a known state such as suspended, that + can be used like a hardware server. + + instance ID + + Alternative term for instance UUID. + + instance state + + The current state of a guest VM image. + + instance tunnels network + + A network segment used for instance traffic tunnels + between compute nodes and the network node. + + instance type + + Describes the parameters of the various virtual machine images + that are available to users; includes parameters such as CPU, storage, + and memory. Alternative term for flavor. + + instance type ID + + Alternative term for a flavor ID. + + instance UUID + + Unique ID assigned to each guest VM instance. + + Intelligent Platform Management Interface (IPMI) + + IPMI is a standardized computer system interface used by system + administrators for out-of-band management of computer systems and + monitoring of their operation. In layman's terms, it is a way to + manage a computer using a direct network connection, whether it is + turned on or not; connecting to the hardware rather than an operating + system or login shell. + + interface + + A physical or virtual device that provides connectivity + to another device or medium. + + interface ID + + Unique ID for a Networking VIF or vNIC in the form of a + UUID. + + Internet Control Message Protocol (ICMP) + + A network protocol used by network devices for control messages. + For example, :command:`ping` uses ICMP to test + connectivity. + + Internet protocol (IP) + + Principal communications protocol in the internet protocol + suite for relaying datagrams across network boundaries. + + Internet Service Provider (ISP) + + Any business that provides Internet access to individuals or + businesses. + + Internet Small Computer System Interface (iSCSI) + + Storage protocol that encapsulates SCSI frames for transport + over IP networks. + Supported by Compute, Object Storage, and Image service. + + IP address + + Number that is unique to every computer system on the Internet. + Two versions of the Internet Protocol (IP) are in use for addresses: + IPv4 and IPv6. + + IP Address Management (IPAM) + + The process of automating IP address allocation, deallocation, + and management. Currently provided by Compute, melange, and + Networking. + + ip6tables + + Tool used to set up, maintain, and inspect the tables of IPv6 + packet filter rules in the Linux kernel. In OpenStack Compute, + ip6tables is used along with arptables, ebtables, and iptables to + create firewalls for both nodes and VMs. + + ipset + + Extension to iptables that allows creation of firewall rules + that match entire "sets" of IP addresses simultaneously. These + sets reside in indexed data structures to increase efficiency, + particularly on systems with a large quantity of rules. + + iptables + + Used along with arptables and ebtables, iptables create + firewalls in Compute. iptables are the tables provided by the Linux + kernel firewall (implemented as different Netfilter modules) and the + chains and rules it stores. Different kernel modules and programs are + currently used for different protocols: iptables applies to IPv4, + ip6tables to IPv6, arptables to ARP, and ebtables to Ethernet frames. + Requires root privilege to manipulate. + + ironic + + Codename for the :term:`Bare Metal service `. + + iSCSI Qualified Name (IQN) + + IQN is the format most commonly used for iSCSI names, which uniquely + identify nodes in an iSCSI network. + All IQNs follow the pattern iqn.yyyy-mm.domain:identifier, where + 'yyyy-mm' is the year and month in which the domain was registered, + 'domain' is the reversed domain name of the issuing organization, and + 'identifier' is an optional string which makes each IQN under the same + domain unique. For example, 'iqn.2015-10.org.openstack.408ae959bce1'. + + ISO9660 + + One of the VM image disk formats supported by Image + service. + + itsec + + A default role in the Compute RBAC system that can quarantine an + instance in any project. + +J +~ + +.. glossary:: + + Java + + A programming language that is used to create systems that + involve more than one computer by way of a network. + + JavaScript + + A scripting language that is used to build web pages. + + JavaScript Object Notation (JSON) + + One of the supported response formats in OpenStack. + + jumbo frame + + Feature in modern Ethernet networks that supports frames up to + approximately 9000 bytes. + + Juno + + The code name for the tenth release of OpenStack. The + design summit took place in Atlanta, Georgia, US and Juno is + an unincorporated community in Georgia. + +K +~ + +.. glossary:: + + Kerberos + + A network authentication protocol which works on the basis of + tickets. Kerberos allows nodes communication over a non-secure + network, and allows nodes to prove their identity to one another in a + secure manner. + + kernel-based VM (KVM) + + An OpenStack-supported hypervisor. KVM is a full + virtualization solution for Linux on x86 hardware containing + virtualization extensions (Intel VT or AMD-V), ARM, IBM + Power, and IBM zSeries. It consists of a loadable kernel + module, that provides the core virtualization infrastructure + and a processor specific module. + + Key Manager service (barbican) + + The project that produces a secret storage and + generation system capable of providing key management for + services wishing to enable encryption features. + + keystone + + Codename of the :term:`Identity service `. + + Kickstart + + A tool to automate system configuration and installation on Red + Hat, Fedora, and CentOS-based Linux distributions. + + Kilo + + The code name for the eleventh release of OpenStack. The + design summit took place in Paris, France. Due to delays in the name + selection, the release was known only as K. Because ``k`` is the + unit symbol for kilo and the kilogram reference artifact is stored + near Paris in the Pavillon de Breteuil in Sèvres, the community + chose Kilo as the release name. + +L +~ + +.. glossary:: + + large object + + An object within Object Storage that is larger than 5 GB. + + Launchpad + + The collaboration site for OpenStack. + + Layer-2 (L2) agent + + OpenStack Networking agent that provides layer-2 + connectivity for virtual networks. + + Layer-2 network + + Term used in the OSI network architecture for the data link + layer. The data link layer is responsible for media access + control, flow control and detecting and possibly correcting + errors that may occur in the physical layer. + + Layer-3 (L3) agent + + OpenStack Networking agent that provides layer-3 + (routing) services for virtual networks. + + Layer-3 network + + Term used in the OSI network architecture for the network + layer. The network layer is responsible for packet + forwarding including routing from one node to another. + + Liberty + + The code name for the twelfth release of OpenStack. The + design summit took place in Vancouver, Canada and Liberty is + the name of a village in the Canadian province of + Saskatchewan. + + libvirt + + Virtualization API library used by OpenStack to interact with + many of its supported hypervisors. + + Lightweight Directory Access Protocol (LDAP) + + An application protocol for accessing and maintaining distributed + directory information services over an IP network. + + Linux + + Unix-like computer operating system assembled under the model of + free and open-source software development and distribution. + + Linux bridge + + Software that enables multiple VMs to share a single physical + NIC within Compute. + + Linux Bridge neutron plug-in + + Enables a Linux bridge to understand a Networking port, + interface attachment, and other abstractions. + + Linux containers (LXC) + + An OpenStack-supported hypervisor. + + live migration + + The ability within Compute to move running virtual machine + instances from one host to another with only a small service + interruption during switchover. + + load balancer + + A load balancer is a logical device that belongs to a cloud + account. It is used to distribute workloads between multiple back-end + systems or services, based on the criteria defined as part of its + configuration. + + load balancing + + The process of spreading client requests between two or more + nodes to improve performance and availability. + + Load-Balancer-as-a-Service (LBaaS) + + Enables Networking to distribute incoming requests evenly + between designated instances. + + Load-balancing service (octavia) + + The project that aims to provide scalable, on demand, self service + access to load-balancer services, in technology-agnostic manner. + + Logical Volume Manager (LVM) + + Provides a method of allocating space on mass-storage + devices that is more flexible than conventional partitioning + schemes. + +M +~ + +.. glossary:: + + magnum + + Code name for the :term:`Containers Infrastructure Management + service`. + + management API + + Alternative term for an admin API. + + management network + + A network segment used for administration, not accessible to the + public Internet. + + manager + + Logical groupings of related code, such as the Block Storage + volume manager or network manager. + + manifest + + Used to track segments of a large object within Object + Storage. + + manifest object + + A special Object Storage object that contains the manifest for a + large object. + + manila + + Codename for OpenStack :term:`Shared File Systems service`. + + manila-share + + Responsible for managing Shared File System Service devices, specifically + the back-end devices. + + maximum transmission unit (MTU) + + Maximum frame or packet size for a particular network + medium. Typically 1500 bytes for Ethernet networks. + + mechanism driver + + A driver for the Modular Layer 2 (ML2) neutron plug-in that + provides layer-2 connectivity for virtual instances. A + single OpenStack installation can use multiple mechanism + drivers. + + melange + + Project name for OpenStack Network Information Service. To be + merged with Networking. + + membership + + The association between an Image service VM image and a project. + Enables images to be shared with specified projects. + + membership list + + A list of projects that can access a given VM image within Image + service. + + memcached + + A distributed memory object caching system that is used by + Object Storage for caching. + + memory overcommit + + The ability to start new VM instances based on the actual memory + usage of a host, as opposed to basing the decision on the amount of + RAM each running instance thinks it has available. Also known as RAM + overcommit. + + message broker + + The software package used to provide AMQP messaging capabilities + within Compute. Default package is RabbitMQ. + + message bus + + The main virtual communication line used by all AMQP messages + for inter-cloud communications within Compute. + + message queue + + Passes requests from clients to the appropriate workers and + returns the output to the client after the job completes. + + Message service (zaqar) + + The project that provides a messaging service that affords a + variety of distributed application patterns in an efficient, + scalable and highly available manner, and to create and maintain + associated Python libraries and documentation. + + Meta-Data Server (MDS) + + Stores CephFS metadata. + + Metadata agent + + OpenStack Networking agent that provides metadata + services for instances. + + migration + + The process of moving a VM instance from one host to + another. + + mistral + + Code name for :term:`Workflow service `. + + Mitaka + + The code name for the thirteenth release of OpenStack. + The design summit took place in Tokyo, Japan. Mitaka + is a city in Tokyo. + + Modular Layer 2 (ML2) neutron plug-in + + Can concurrently use multiple layer-2 networking technologies, + such as 802.1Q and VXLAN, in Networking. + + monasca + + Codename for OpenStack :term:`Monitoring `. + + Monitor (LBaaS) + + LBaaS feature that provides availability monitoring using the + ``ping`` command, TCP, and HTTP/HTTPS GET. + + Monitor (Mon) + + A Ceph component that communicates with external clients, checks + data state and consistency, and performs quorum functions. + + Monitoring (monasca) + + The OpenStack service that provides a multi-project, highly scalable, + performant, fault-tolerant monitoring-as-a-service solution for metrics, + complex event processing and logging. To build an extensible platform for + advanced monitoring services that can be used by both operators and + projects to gain operational insight and visibility, ensuring availability + and stability. + + multi-factor authentication + + Authentication method that uses two or more credentials, such as + a password and a private key. Currently not supported in + Identity. + + multi-host + + High-availability mode for legacy (nova) networking. + Each compute node handles NAT and DHCP and acts as a gateway + for all of the VMs on it. A networking failure on one compute + node doesn't affect VMs on other compute nodes. + + multinic + + Facility in Compute that allows each virtual machine instance to + have more than one VIF connected to it. + + murano + + Codename for the :term:`Application Catalog service `. + +N +~ + +.. glossary:: + + Nebula + + Released as open source by NASA in 2010 and is the basis for + Compute. + + netadmin + + One of the default roles in the Compute RBAC system. Enables the + user to allocate publicly accessible IP addresses to instances and + change firewall rules. + + NetApp volume driver + + Enables Compute to communicate with NetApp storage devices + through the NetApp OnCommand + Provisioning Manager. + + network + + A virtual network that provides connectivity between entities. + For example, a collection of virtual ports that share network + connectivity. In Networking terminology, a network is always a layer-2 + network. + + Network Address Translation (NAT) + + Process of modifying IP address information while in transit. + Supported by Compute and Networking. + + network controller + + A Compute daemon that orchestrates the network configuration of + nodes, including IP addresses, VLANs, and bridging. Also manages + routing for both public and private networks. + + Network File System (NFS) + + A method for making file systems available over the network. + Supported by OpenStack. + + network ID + + Unique ID assigned to each network segment within Networking. + Same as network UUID. + + network manager + + The Compute component that manages various network components, + such as firewall rules, IP address allocation, and so on. + + network namespace + + Linux kernel feature that provides independent virtual + networking instances on a single host with separate routing + tables and interfaces. Similar to virtual routing and forwarding + (VRF) services on physical network equipment. + + network node + + Any compute node that runs the network worker daemon. + + network segment + + Represents a virtual, isolated OSI layer-2 subnet in + Networking. + + Network Service Header (NSH) + + Provides a mechanism for metadata exchange along the + instantiated service path. + + Network Time Protocol (NTP) + + Method of keeping a clock for a host or node correct via + communication with a trusted, accurate time source. + + network UUID + + Unique ID for a Networking network segment. + + network worker + + The ``nova-network`` worker daemon; provides + services such as giving an IP address to a booting nova + instance. + + Networking API (Neutron API) + + API used to access OpenStack Networking. Provides an extensible + architecture to enable custom plug-in creation. + + Networking service (neutron) + + The OpenStack project which implements services and associated + libraries to provide on-demand, scalable, and technology-agnostic + network abstraction. + + neutron + + Codename for OpenStack :term:`Networking service `. + + neutron API + + An alternative name for :term:`Networking API `. + + neutron manager + + Enables Compute and Networking integration, which enables + Networking to perform network management for guest VMs. + + neutron plug-in + + Interface within Networking that enables organizations to create + custom plug-ins for advanced features, such as QoS, ACLs, or + IDS. + + Newton + + The code name for the fourteenth release of OpenStack. The + design summit took place in Austin, Texas, US. The + release is named after "Newton House" which is located at + 1013 E. Ninth St., Austin, TX. which is listed on the + National Register of Historic Places. + + Nexenta volume driver + + Provides support for NexentaStor devices in Compute. + + NFV Orchestration Service (tacker) + + OpenStack service that aims to implement Network Function Virtualization + (NFV) orchestration services and libraries for end-to-end life-cycle + management of network services and Virtual Network Functions (VNFs). + + Nginx + + An HTTP and reverse proxy server, a mail proxy server, and a generic + TCP/UDP proxy server. + + No ACK + + Disables server-side message acknowledgment in the Compute + RabbitMQ. Increases performance but decreases reliability. + + node + + A VM instance that runs on a host. + + non-durable exchange + + Message exchange that is cleared when the service restarts. Its + data is not written to persistent storage. + + non-durable queue + + Message queue that is cleared when the service restarts. Its + data is not written to persistent storage. + + non-persistent volume + + Alternative term for an ephemeral volume. + + north-south traffic + + Network traffic between a user or client (north) and a + server (south), or traffic into the cloud (south) and + out of the cloud (north). See also east-west traffic. + + nova + + Codename for OpenStack :term:`Compute service `. + + Nova API + + Alternative term for the :term:`Compute API `. + + nova-network + + A Compute component that manages IP address allocation, + firewalls, and other network-related tasks. This is the legacy + networking option and an alternative to Networking. + +O +~ + +.. glossary:: + + object + + A BLOB of data held by Object Storage; can be in any + format. + + object auditor + + Opens all objects for an object server and verifies the MD5 + hash, size, and metadata for each object. + + object expiration + + A configurable option within Object Storage to automatically + delete objects after a specified amount of time has passed or a + certain date is reached. + + object hash + + Unique ID for an Object Storage object. + + object path hash + + Used by Object Storage to determine the location of an object in + the ring. Maps objects to partitions. + + object replicator + + An Object Storage component that copies an object to remote + partitions for fault tolerance. + + object server + + An Object Storage component that is responsible for managing + objects. + + Object Storage API + + API used to access OpenStack :term:`Object Storage`. + + Object Storage Device (OSD) + + The Ceph storage daemon. + + Object Storage service (swift) + + The OpenStack core project that provides eventually consistent + and redundant storage and retrieval of fixed digital content. + + object versioning + + Allows a user to set a flag on an :term:`Object Storage` container so that all objects within the container are + versioned. + + Ocata + + The code name for the fifteenth release of OpenStack. The + design summit will take place in Barcelona, Spain. Ocata is + a beach north of Barcelona. + + Octavia + + Code name for the :term:`Load-balancing service + `. + + Oldie + + Term for an :term:`Object Storage` + process that runs for a long time. Can indicate a hung process. + + Open Cloud Computing Interface (OCCI) + + A standardized interface for managing compute, data, and network + resources, currently unsupported in OpenStack. + + Open Virtualization Format (OVF) + + Standard for packaging VM images. Supported in OpenStack. + + Open vSwitch + + Open vSwitch is a production quality, multilayer virtual + switch licensed under the open source Apache 2.0 license. It + is designed to enable massive network automation through + programmatic extension, while still supporting standard + management interfaces and protocols (for example NetFlow, + sFlow, SPAN, RSPAN, CLI, LACP, 802.1ag). + + Open vSwitch (OVS) agent + + Provides an interface to the underlying Open vSwitch service for + the Networking plug-in. + + Open vSwitch neutron plug-in + + Provides support for Open vSwitch in Networking. + + OpenLDAP + + An open source LDAP server. Supported by both Compute and + Identity. + + OpenStack + + OpenStack is a cloud operating system that controls large pools + of compute, storage, and networking resources throughout a data + center, all managed through a dashboard that gives administrators + control while empowering their users to provision resources through a + web interface. OpenStack is an open source project licensed under the + Apache License 2.0. + + OpenStack code name + + Each OpenStack release has a code name. Code names ascend in + alphabetical order: Austin, Bexar, Cactus, Diablo, Essex, + Folsom, Grizzly, Havana, Icehouse, Juno, Kilo, Liberty, + Mitaka, Newton, Ocata, Pike, Queens, and Rocky. + Code names are cities or counties near where the + corresponding OpenStack design summit took place. An + exception, called the Waldon exception, is granted to + elements of the state flag that sound especially cool. Code + names are chosen by popular vote. + + openSUSE + + A Linux distribution that is compatible with OpenStack. + + operator + + The person responsible for planning and maintaining an OpenStack + installation. + + optional service + + An official OpenStack service defined as optional by + DefCore Committee. Currently, consists of + Dashboard (horizon), Telemetry service (Telemetry), + Orchestration service (heat), Database service (trove), + Bare Metal service (ironic), and so on. + + Orchestration service (heat) + + The OpenStack service which orchestrates composite cloud + applications using a declarative template format through + an OpenStack-native REST API. + + orphan + + In the context of Object Storage, this is a process that is not + terminated after an upgrade, restart, or reload of the service. + + Oslo + + Codename for the :term:`Common Libraries project`. + +P +~ + +.. glossary:: + + panko + + Part of the OpenStack :term:`Telemetry service `; provides event storage. + + parent cell + + If a requested resource, such as CPU time, disk storage, or + memory, is not available in the parent cell, the request is forwarded + to associated child cells. + + partition + + A unit of storage within Object Storage used to store objects. + It exists on top of devices and is replicated for fault + tolerance. + + partition index + + Contains the locations of all Object Storage partitions within + the ring. + + partition shift value + + Used by Object Storage to determine which partition data should + reside on. + + path MTU discovery (PMTUD) + + Mechanism in IP networks to detect end-to-end MTU and adjust + packet size accordingly. + + pause + + A VM state where no changes occur (no changes in memory, network + communications stop, etc); the VM is frozen but not shut down. + + PCI passthrough + + Gives guest VMs exclusive access to a PCI device. Currently + supported in OpenStack Havana and later releases. + + persistent message + + A message that is stored both in memory and on disk. The message + is not lost after a failure or restart. + + persistent volume + + Changes to these types of disk volumes are saved. + + personality file + + A file used to customize a Compute instance. It can be used to + inject SSH keys or a specific network configuration. + + Pike + + The code name for the sixteenth release of OpenStack. The design + summit will take place in Boston, Massachusetts, US. The release + is named after the Massachusetts Turnpike, abbreviated commonly + as the Mass Pike, which is the easternmost stretch of + Interstate 90. + + Platform-as-a-Service (PaaS) + + Provides to the consumer an operating system and, often, a + language runtime and libraries (collectively, the "platform") + upon which they can run their own application code, without + providing any control over the underlying infrastructure. + Examples of Platform-as-a-Service providers include Cloud Foundry + and OpenShift. + + plug-in + + Software component providing the actual implementation for + Networking APIs, or for Compute APIs, depending on the context. + + policy service + + Component of Identity that provides a rule-management + interface and a rule-based authorization engine. + + policy-based routing (PBR) + + Provides a mechanism to implement packet forwarding and routing + according to the policies defined by the network administrator. + + pool + + A logical set of devices, such as web servers, that you + group together to receive and process traffic. The load + balancing function chooses which member of the pool handles + the new requests or connections received on the VIP + address. Each VIP has one pool. + + pool member + + An application that runs on the back-end server in a + load-balancing system. + + port + + A virtual network port within Networking; VIFs / vNICs are + connected to a port. + + port UUID + + Unique ID for a Networking port. + + preseed + + A tool to automate system configuration and installation on + Debian-based Linux distributions. + + private image + + An Image service VM image that is only available to specified + projects. + + private IP address + + An IP address used for management and administration, not + available to the public Internet. + + private network + + The Network Controller provides virtual networks to enable + compute servers to interact with each other and with the public + network. All machines must have a public and private network + interface. A private network interface can be a flat or VLAN network + interface. A flat network interface is controlled by the + flat_interface with flat managers. A VLAN network interface is + controlled by the ``vlan_interface`` option with VLAN + managers. + + project + + Projects represent the base unit of “ownership” in OpenStack, + in that all resources in OpenStack should be owned by a specific project. + In OpenStack Identity, a project must be owned by a specific domain. + + project ID + + Unique ID assigned to each project by the Identity service. + + project VPN + + Alternative term for a cloudpipe. + + promiscuous mode + + Causes the network interface to pass all traffic it + receives to the host rather than passing only the frames + addressed to it. + + protected property + + Generally, extra properties on an Image service image to + which only cloud administrators have access. Limits which user + roles can perform CRUD operations on that property. The cloud + administrator can configure any image property as + protected. + + provider + + An administrator who has access to all hosts and + instances. + + proxy node + + A node that provides the Object Storage proxy service. + + proxy server + + Users of Object Storage interact with the service through the + proxy server, which in turn looks up the location of the requested + data within the ring and returns the results to the user. + + public API + + An API endpoint used for both service-to-service communication + and end-user interactions. + + public image + + An Image service VM image that is available to all + projects. + + public IP address + + An IP address that is accessible to end-users. + + public key authentication + + Authentication method that uses keys rather than + passwords. + + public network + + The Network Controller provides virtual networks to enable + compute servers to interact with each other and with the public + network. All machines must have a public and private network + interface. The public network interface is controlled by the + ``public_interface`` option. + + Puppet + + An operating system configuration-management tool supported by + OpenStack. + + Python + + Programming language used extensively in OpenStack. + +Q +~ + +.. glossary:: + + QEMU Copy On Write 2 (QCOW2) + + One of the VM image disk formats supported by Image + service. + + Qpid + + Message queue software supported by OpenStack; an alternative to + RabbitMQ. + + Quality of Service (QoS) + + The ability to guarantee certain network or storage requirements to + satisfy a Service Level Agreement (SLA) between an application provider + and end users. + Typically includes performance requirements like networking bandwidth, + latency, jitter correction, and reliability as well as storage + performance in Input/Output Operations Per Second (IOPS), throttling + agreements, and performance expectations at peak load. + + quarantine + + If Object Storage finds objects, containers, or accounts that + are corrupt, they are placed in this state, are not replicated, cannot + be read by clients, and a correct copy is re-replicated. + + Queens + + The code name for the seventeenth release of OpenStack. The + design summit will take place in Sydney, Australia. The release + is named after the Queens Pound river in the South Coast region + of New South Wales. + + Quick EMUlator (QEMU) + + QEMU is a generic and open source machine emulator and + virtualizer. + One of the hypervisors supported by OpenStack, generally used + for development purposes. + + quota + + In Compute and Block Storage, the ability to set resource limits + on a per-project basis. + +R +~ + +.. glossary:: + + RabbitMQ + + The default message queue software used by OpenStack. + + Rackspace Cloud Files + + Released as open source by Rackspace in 2010; the basis for + Object Storage. + + RADOS Block Device (RBD) + + Ceph component that enables a Linux block device to be striped + over multiple distributed data stores. + + radvd + + The router advertisement daemon, used by the Compute VLAN + manager and FlatDHCP manager to provide routing services for VM + instances. + + rally + + Codename for the :term:`Benchmark service`. + + RAM filter + + The Compute setting that enables or disables RAM + overcommitment. + + RAM overcommit + + The ability to start new VM instances based on the actual memory + usage of a host, as opposed to basing the decision on the amount of + RAM each running instance thinks it has available. Also known as + memory overcommit. + + rate limit + + Configurable option within Object Storage to limit database + writes on a per-account and/or per-container basis. + + raw + + One of the VM image disk formats supported by Image service; an + unstructured disk image. + + rebalance + + The process of distributing Object Storage partitions across all + drives in the ring; used during initial ring creation and after ring + reconfiguration. + + reboot + + Either a soft or hard reboot of a server. With a soft reboot, + the operating system is signaled to restart, which enables a graceful + shutdown of all processes. A hard reboot is the equivalent of power + cycling the server. The virtualization platform should ensure that the + reboot action has completed successfully, even in cases in which the + underlying domain/VM is paused or halted/stopped. + + rebuild + + Removes all data on the server and replaces it with the + specified image. Server ID and IP addresses remain the same. + + Recon + + An Object Storage component that collects meters. + + record + + Belongs to a particular domain and is used to specify + information about the domain. + There are several types of DNS records. Each record type contains + particular information used to describe the purpose of that record. + Examples include mail exchange (MX) records, which specify the mail + server for a particular domain; and name server (NS) records, which + specify the authoritative name servers for a domain. + + record ID + + A number within a database that is incremented each time a + change is made. Used by Object Storage when replicating. + + Red Hat Enterprise Linux (RHEL) + + A Linux distribution that is compatible with OpenStack. + + reference architecture + + A recommended architecture for an OpenStack cloud. + + region + + A discrete OpenStack environment with dedicated API endpoints + that typically shares only the Identity (keystone) with other + regions. + + registry + + Alternative term for the Image service registry. + + registry server + + An Image service that provides VM image metadata information to + clients. + + Reliable, Autonomic Distributed Object Store + (RADOS) + + A collection of components that provides object storage within + Ceph. Similar to OpenStack Object Storage. + + Remote Procedure Call (RPC) + + The method used by the Compute RabbitMQ for intra-service + communications. + + replica + + Provides data redundancy and fault tolerance by creating copies + of Object Storage objects, accounts, and containers so that they are + not lost when the underlying storage fails. + + replica count + + The number of replicas of the data in an Object Storage + ring. + + replication + + The process of copying data to a separate physical device for + fault tolerance and performance. + + replicator + + The Object Storage back-end process that creates and manages + object replicas. + + request ID + + Unique ID assigned to each request sent to Compute. + + rescue image + + A special type of VM image that is booted when an instance is + placed into rescue mode. Allows an administrator to mount the file + systems for an instance to correct the problem. + + resize + + Converts an existing server to a different flavor, which scales + the server up or down. The original server is saved to enable rollback + if a problem occurs. All resizes must be tested and explicitly + confirmed, at which time the original server is removed. + + RESTful + + A kind of web service API that uses REST, or Representational + State Transfer. REST is the style of architecture for hypermedia + systems that is used for the World Wide Web. + + ring + + An entity that maps Object Storage data to partitions. A + separate ring exists for each service, such as account, object, and + container. + + ring builder + + Builds and manages rings within Object Storage, assigns + partitions to devices, and pushes the configuration to other storage + nodes. + + Rocky + + The code name for the eightteenth release of OpenStack. The + design summit will take place in Vancouver, Kanada. The release + is named after the Rocky Mountains. + + role + + A personality that a user assumes to perform a specific set of + operations. A role includes a set of rights and privileges. A user + assuming that role inherits those rights and privileges. + + Role Based Access Control (RBAC) + + Provides a predefined list of actions that the user can perform, + such as start or stop VMs, reset passwords, and so on. Supported in + both Identity and Compute and can be configured using the dashboard. + + role ID + + Alphanumeric ID assigned to each Identity service role. + + Root Cause Analysis (RCA) service (Vitrage) + + OpenStack project that aims to organize, analyze and visualize OpenStack + alarms and events, yield insights regarding the root cause of problems + and deduce their existence before they are directly detected. + + rootwrap + + A feature of Compute that allows the unprivileged "nova" user to + run a specified list of commands as the Linux root user. + + round-robin scheduler + + Type of Compute scheduler that evenly distributes instances + among available hosts. + + router + + A physical or virtual network device that passes network + traffic between different networks. + + routing key + + The Compute direct exchanges, fanout exchanges, and topic + exchanges use this key to determine how to process a message; + processing varies depending on exchange type. + + RPC driver + + Modular system that allows the underlying message queue software + of Compute to be changed. For example, from RabbitMQ to ZeroMQ or + Qpid. + + rsync + + Used by Object Storage to push object replicas. + + RXTX cap + + Absolute limit on the amount of network traffic a Compute VM + instance can send and receive. + + RXTX quota + + Soft limit on the amount of network traffic a Compute VM + instance can send and receive. + +S +~ + +.. glossary:: + + sahara + + Codename for the :term:`Data Processing service`. + + SAML assertion + + Contains information about a user as provided by the identity + provider. It is an indication that a user has been authenticated. + + scheduler manager + + A Compute component that determines where VM instances should + start. Uses modular design to support a variety of scheduler + types. + + scoped token + + An Identity service API access token that is associated with a + specific project. + + scrubber + + Checks for and deletes unused VMs; the component of Image + service that implements delayed delete. + + secret key + + String of text known only by the user; used along with an access + key to make requests to the Compute API. + + secure boot + + Process whereby the system firmware validates the authenticity of + the code involved in the boot process. + + secure shell (SSH) + + Open source tool used to access remote hosts through an + encrypted communications channel, SSH key injection is supported by + Compute. + + security group + + A set of network traffic filtering rules that are applied to a + Compute instance. + + segmented object + + An Object Storage large object that has been broken up into + pieces. The re-assembled object is called a concatenated + object. + + self-service + + For IaaS, ability for a regular (non-privileged) account to + manage a virtual infrastructure component such as networks without + involving an administrator. + + SELinux + + Linux kernel security module that provides the mechanism for + supporting access control policies. + + senlin + + Code name for the :term:`Clustering service + `. + + server + + Computer that provides explicit services to the client software + running on that system, often managing a variety of computer + operations. + A server is a VM instance in the Compute system. Flavor and + image are requisite elements when creating a server. + + server image + + Alternative term for a VM image. + + server UUID + + Unique ID assigned to each guest VM instance. + + service + + An OpenStack service, such as Compute, Object Storage, or Image + service. Provides one or more endpoints through which users can access + resources and perform operations. + + service catalog + + Alternative term for the Identity service catalog. + + Service Function Chain (SFC) + + For a given service, SFC is the abstracted view of the required + service functions and the order in which they are to be applied. + + service ID + + Unique ID assigned to each service that is available in the + Identity service catalog. + + Service Level Agreement (SLA) + + Contractual obligations that ensure the availability of a + service. + + service project + + Special project that contains all services that are listed in the + catalog. + + service provider + + A system that provides services to other system entities. In + case of federated identity, OpenStack Identity is the service + provider. + + service registration + + An Identity service feature that enables services, such as + Compute, to automatically register with the catalog. + + service token + + An administrator-defined token used by Compute to communicate + securely with the Identity service. + + session back end + + The method of storage used by horizon to track client sessions, + such as local memory, cookies, a database, or memcached. + + session persistence + + A feature of the load-balancing service. It attempts to force + subsequent connections to a service to be redirected to the same node + as long as it is online. + + session storage + + A horizon component that stores and tracks client session + information. Implemented through the Django sessions framework. + + share + + A remote, mountable file system in the context of the :term:`Shared + File Systems service`. You can + mount a share to, and access a share from, several hosts by several + users at a time. + + share network + + An entity in the context of the :term:`Shared File Systems + service` that encapsulates + interaction with the Networking service. If the driver you selected + runs in the mode requiring such kind of interaction, you need to + specify the share network to create a share. + + Shared File Systems API + + A Shared File Systems service that provides a stable RESTful API. + The service authenticates and routes requests throughout the Shared + File Systems service. There is python-manilaclient to interact with + the API. + + Shared File Systems service (manila) + + The service that provides a set of services for + management of shared file systems in a multi-project cloud + environment, similar to how OpenStack provides block-based storage + management through the OpenStack :term:`Block Storage service` project. + With the Shared File Systems service, you can create a remote file + system and mount the file system on your instances. You can also + read and write data from your instances to and from your file system. + + shared IP address + + An IP address that can be assigned to a VM instance within the + shared IP group. Public IP addresses can be shared across multiple + servers for use in various high-availability scenarios. When an IP + address is shared to another server, the cloud network restrictions + are modified to enable each server to listen to and respond on that IP + address. You can optionally specify that the target server network + configuration be modified. Shared IP addresses can be used with many + standard heartbeat facilities, such as keepalive, that monitor for + failure and manage IP failover. + + shared IP group + + A collection of servers that can share IPs with other members of + the group. Any server in a group can share one or more public IPs with + any other server in the group. With the exception of the first server + in a shared IP group, servers must be launched into shared IP groups. + A server may be a member of only one shared IP group. + + shared storage + + Block storage that is simultaneously accessible by multiple + clients, for example, NFS. + + Sheepdog + + Distributed block storage system for QEMU, supported by + OpenStack. + + Simple Cloud Identity Management (SCIM) + + Specification for managing identity in the cloud, currently + unsupported by OpenStack. + + Simple Protocol for Independent Computing Environments (SPICE) + + SPICE provides remote desktop access to guest virtual machines. It + is an alternative to VNC. SPICE is supported by OpenStack. + + Single-root I/O Virtualization (SR-IOV) + + A specification that, when implemented by a physical PCIe + device, enables it to appear as multiple separate PCIe devices. This + enables multiple virtualized guests to share direct access to the + physical device, offering improved performance over an equivalent + virtual device. Currently supported in OpenStack Havana and later + releases. + + SmokeStack + + Runs automated tests against the core OpenStack API; written in + Rails. + + snapshot + + A point-in-time copy of an OpenStack storage volume or image. + Use storage volume snapshots to back up volumes. Use image snapshots + to back up data, or as "gold" images for additional servers. + + soft reboot + + A controlled reboot where a VM instance is properly restarted + through operating system commands. + + Software Development Lifecycle Automation service (solum) + + OpenStack project that aims to make cloud services easier to + consume and integrate with application development process + by automating the source-to-image process, and simplifying + app-centric deployment. + + Software-defined networking (SDN) + + Provides an approach for network administrators to manage computer + network services through abstraction of lower-level functionality. + + SolidFire Volume Driver + + The Block Storage driver for the SolidFire iSCSI storage + appliance. + + solum + + Code name for the :term:`Software Development Lifecycle Automation + service `. + + spread-first scheduler + + The Compute VM scheduling algorithm that attempts to start a new + VM on the host with the least amount of load. + + SQLAlchemy + + An open source SQL toolkit for Python, used in OpenStack. + + SQLite + + A lightweight SQL database, used as the default persistent + storage method in many OpenStack services. + + stack + + A set of OpenStack resources created and managed by the + Orchestration service according to a given template (either an + AWS CloudFormation template or a Heat Orchestration + Template (HOT)). + + StackTach + + Community project that captures Compute AMQP communications; + useful for debugging. + + static IP address + + Alternative term for a fixed IP address. + + StaticWeb + + WSGI middleware component of Object Storage that serves + container data as a static web page. + + storage back end + + The method that a service uses for persistent storage, such as + iSCSI, NFS, or local disk. + + storage manager + + A XenAPI component that provides a pluggable interface to + support a wide variety of persistent storage back ends. + + storage manager back end + + A persistent storage method supported by XenAPI, such as iSCSI + or NFS. + + storage node + + An Object Storage node that provides container services, account + services, and object services; controls the account databases, + container databases, and object storage. + + storage services + + Collective name for the Object Storage object services, + container services, and account services. + + strategy + + Specifies the authentication source used by Image service or + Identity. In the Database service, it refers to the extensions + implemented for a data store. + + subdomain + + A domain within a parent domain. Subdomains cannot be + registered. Subdomains enable you to delegate domains. Subdomains can + themselves have subdomains, so third-level, fourth-level, fifth-level, + and deeper levels of nesting are possible. + + subnet + + Logical subdivision of an IP network. + + SUSE Linux Enterprise Server (SLES) + + A Linux distribution that is compatible with OpenStack. + + suspend + + The VM instance is paused and its state is saved to disk of the host. + + swap + + Disk-based virtual memory used by operating systems to provide + more memory than is actually available on the system. + + swauth + + An authentication and authorization service for Object Storage, + implemented through WSGI middleware; uses Object Storage itself as the + persistent backing store. + + swift + + Codename for OpenStack :term:`Object Storage service`. + + swift All in One (SAIO) + + Creates a full Object Storage development environment within a + single VM. + + swift middleware + + Collective term for Object Storage components that provide + additional functionality. + + swift proxy server + + Acts as the gatekeeper to Object Storage and is responsible for + authenticating the user. + + swift storage node + + A node that runs Object Storage account, container, and object + services. + + sync point + + Point in time since the last container and accounts database + sync among nodes within Object Storage. + + sysadmin + + One of the default roles in the Compute RBAC system. Enables a + user to add other users to a project, interact with VM images that are + associated with the project, and start and stop VM instances. + + system usage + + A Compute component that, along with the notification system, + collects meters and usage information. This information can be used + for billing. + +T +~ + +.. glossary:: + + tacker + + Code name for the :term:`NFV Orchestration service ` + + Telemetry service (telemetry) + + The OpenStack project which collects measurements of the utilization + of the physical and virtual resources comprising deployed clouds, + persists this data for subsequent retrieval and analysis, and triggers + actions when defined criteria are met. + + TempAuth + + An authentication facility within Object Storage that enables + Object Storage itself to perform authentication and authorization. + Frequently used in testing and development. + + Tempest + + Automated software test suite designed to run against the trunk + of the OpenStack core project. + + TempURL + + An Object Storage middleware component that enables creation of + URLs for temporary object access. + + tenant + + A group of users; used to isolate access to Compute resources. + An alternative term for a project. + + Tenant API + + An API that is accessible to projects. + + tenant endpoint + + An Identity service API endpoint that is associated with one or + more projects. + + tenant ID + + An alternative term for :term:`project ID`. + + token + + An alpha-numeric string of text used to access OpenStack APIs + and resources. + + token services + + An Identity service component that manages and validates tokens + after a user or project has been authenticated. + + tombstone + + Used to mark Object Storage objects that have been + deleted; ensures that the object is not updated on another node after + it has been deleted. + + topic publisher + + A process that is created when a RPC call is executed; used to + push the message to the topic exchange. + + Torpedo + + Community project used to run automated tests against the + OpenStack API. + + transaction ID + + Unique ID assigned to each Object Storage request; used for + debugging and tracing. + + transient + + Alternative term for non-durable. + + transient exchange + + Alternative term for a non-durable exchange. + + transient message + + A message that is stored in memory and is lost after the server + is restarted. + + transient queue + + Alternative term for a non-durable queue. + + TripleO + + OpenStack-on-OpenStack program. The code name for the + OpenStack Deployment program. + + trove + + Codename for OpenStack :term:`Database service `. + + trusted platform module (TPM) + + Specialized microprocessor for incorporating cryptographic keys + into devices for authenticating and securing a hardware platform. + +U +~ + +.. glossary:: + + Ubuntu + + A Debian-based Linux distribution. + + unscoped token + + Alternative term for an Identity service default token. + + updater + + Collective term for a group of Object Storage components that + processes queued and failed updates for containers and objects. + + user + + In OpenStack Identity, entities represent individual API + consumers and are owned by a specific domain. In OpenStack Compute, + a user can be associated with roles, projects, or both. + + user data + + A blob of data that the user can specify when they launch + an instance. The instance can access this data through the + metadata service or config drive. + Commonly used to pass a shell script that the instance runs on boot. + + User Mode Linux (UML) + + An OpenStack-supported hypervisor. + +V +~ + +.. glossary:: + + VIF UUID + + Unique ID assigned to each Networking VIF. + + Virtual Central Processing Unit (vCPU) + + Subdivides physical CPUs. Instances can then use those + divisions. + + Virtual Disk Image (VDI) + + One of the VM image disk formats supported by Image + service. + + Virtual Extensible LAN (VXLAN) + + A network virtualization technology that attempts to reduce the + scalability problems associated with large cloud computing + deployments. It uses a VLAN-like encapsulation technique to + encapsulate Ethernet frames within UDP packets. + + Virtual Hard Disk (VHD) + + One of the VM image disk formats supported by Image + service. + + virtual IP address (VIP) + + An Internet Protocol (IP) address configured on the load + balancer for use by clients connecting to a service that is load + balanced. Incoming connections are distributed to back-end nodes based + on the configuration of the load balancer. + + virtual machine (VM) + + An operating system instance that runs on top of a hypervisor. + Multiple VMs can run at the same time on the same physical + host. + + virtual network + + An L2 network segment within Networking. + + Virtual Network Computing (VNC) + + Open source GUI and CLI tools used for remote console access to + VMs. Supported by Compute. + + Virtual Network InterFace (VIF) + + An interface that is plugged into a port in a Networking + network. Typically a virtual network interface belonging to a + VM. + + virtual networking + + A generic term for virtualization of network functions + such as switching, routing, load balancing, and security using + a combination of VMs and overlays on physical network + infrastructure. + + virtual port + + Attachment point where a virtual interface connects to a virtual + network. + + virtual private network (VPN) + + Provided by Compute in the form of cloudpipes, specialized + instances that are used to create VPNs on a per-project basis. + + virtual server + + Alternative term for a VM or guest. + + virtual switch (vSwitch) + + Software that runs on a host or node and provides the features + and functions of a hardware-based network switch. + + virtual VLAN + + Alternative term for a virtual network. + + VirtualBox + + An OpenStack-supported hypervisor. + + Vitrage + + Code name for the :term:`Root Cause Analysis service `. + + VLAN manager + + A Compute component that provides dnsmasq and radvd and sets up + forwarding to and from cloudpipe instances. + + VLAN network + + The Network Controller provides virtual networks to enable + compute servers to interact with each other and with the public + network. All machines must have a public and private network + interface. A VLAN network is a private network interface, which is + controlled by the ``vlan_interface`` option with VLAN + managers. + + VM disk (VMDK) + + One of the VM image disk formats supported by Image + service. + + VM image + + Alternative term for an image. + + VM Remote Control (VMRC) + + Method to access VM instance consoles using a web browser. + Supported by Compute. + + VMware API + + Supports interaction with VMware products in Compute. + + VMware NSX Neutron plug-in + + Provides support for VMware NSX in Neutron. + + VNC proxy + + A Compute component that provides users access to the consoles + of their VM instances through VNC or VMRC. + + volume + + Disk-based data storage generally represented as an iSCSI target + with a file system that supports extended attributes; can be + persistent or ephemeral. + + Volume API + + Alternative name for the Block Storage API. + + volume controller + + A Block Storage component that oversees and coordinates storage + volume actions. + + volume driver + + Alternative term for a volume plug-in. + + volume ID + + Unique ID applied to each storage volume under the Block Storage + control. + + volume manager + + A Block Storage component that creates, attaches, and detaches + persistent storage volumes. + + volume node + + A Block Storage node that runs the cinder-volume daemon. + + volume plug-in + + Provides support for new and specialized types of back-end + storage for the Block Storage volume manager. + + volume worker + + A cinder component that interacts with back-end storage to manage + the creation and deletion of volumes and the creation of compute + volumes, provided by the cinder-volume daemon. + + vSphere + + An OpenStack-supported hypervisor. + +W +~ + +.. glossary:: + + Watcher + + Code name for the :term:`Infrastructure Optimization service + `. + + weight + + Used by Object Storage devices to determine which storage + devices are suitable for the job. Devices are weighted by size. + + weighted cost + + The sum of each cost used when deciding where to start a new VM + instance in Compute. + + weighting + + A Compute process that determines the suitability of the VM + instances for a job for a particular host. For example, not enough RAM + on the host, too many CPUs on the host, and so on. + + worker + + A daemon that listens to a queue and carries out tasks in + response to messages. For example, the cinder-volume worker manages volume + creation and deletion on storage arrays. + + Workflow service (mistral) + + The OpenStack service that provides a simple YAML-based language to + write workflows (tasks and transition rules) and a service that + allows to upload them, modify, run them at scale and in a highly + available manner, manage and monitor workflow execution state and state + of individual tasks. + +X +~ + +.. glossary:: + + X.509 + + X.509 is the most widely used standard for defining digital + certificates. It is a data structure that contains the subject + (entity) identifiable information such as its name along with + its public key. The certificate can contain a few other + attributes as well depending upon the version. The most recent + and standard version of X.509 is v3. + + Xen + + Xen is a hypervisor using a microkernel design, providing + services that allow multiple computer operating systems to + execute on the same computer hardware concurrently. + + Xen API + + The Xen administrative API, which is supported by + Compute. + + Xen Cloud Platform (XCP) + + An OpenStack-supported hypervisor. + + Xen Storage Manager Volume Driver + + A Block Storage volume plug-in that enables communication with + the Xen Storage Manager API. + + XenServer + + An OpenStack-supported hypervisor. + + XFS + + High-performance 64-bit file system created by Silicon + Graphics. Excels in parallel I/O operations and data + consistency. + +Z +~ + +.. glossary:: + + zaqar + + Codename for the :term:`Message service `. + + ZeroMQ + + Message queue software supported by OpenStack. An alternative to + RabbitMQ. Also spelled 0MQ. + + Zuul + + Tool used in OpenStack development to ensure correctly ordered + testing of changes in parallel. diff --git a/doc/source/index.rst b/doc/source/index.rst index 7f99db0ec3..21202fd176 100644 --- a/doc/source/index.rst +++ b/doc/source/index.rst @@ -41,6 +41,7 @@ OpenStack Swift project. configuration/index cli/index contributor/index + glossary Ocata ~~~~~