DevOps Glossary · MeteorOps

Active Directory
Microsoft Active Directory manages identities and access policies for users, groups, and devices across Windows domains.
Security
AI Gateway
A managed front door for AI models that routes requests and applies security, rate limits, logging, and safety checks.
Networking
Ansible
Open source automation tool that uses playbooks to configure servers, deploy applications, and enforce consistent system state.
Configuration Management
API Gateway
API Gateway is a managed front door for backend APIs that routes client requests and handles common tasks like authentication, rate limiting, and monitoring.
Networking
Argo CD
GitOps continuous delivery tool for Kubernetes that syncs deployments from Git and alerts on configuration drift.
CI/CD
AWS
AWS is Amazon’s cloud platform providing on-demand compute, storage, networking, and managed services for building and running applications.
Cloud Computing
AWS App Mesh
AWS App Mesh controls service-to-service traffic for microservices on AWS with routing, observability, and resiliency policies.
Cloud Computing
AWS IAM Role
AWS IAM Role is an identity with permissions that services, users, or workloads assume to access AWS resources.
Authentication and Authorization
AWS IoT
AWS IoT securely connects devices to AWS, enabling telemetry ingestion, processing, and remote device management.
Cloud Computing
AWS Lambda
AWS Lambda runs code on AWS in response to events, automatically scaling without server management for APIs and background processing.
Cloud Computing
AWS STS AssumeRole
AWS STS AssumeRole is an API call that returns temporary credentials for access allowed by another IAM role.
Authentication and Authorization
Backstage
An open-source framework for building an internal developer portal where teams can find services, docs, and tools in one place.
Branching
Creating a separate copy of the code so people can work on changes without messing up the main version, then merge it back when it’s ready.
Version Control
Chaos Engineering
Chaos Engineering is a practice of safely injecting failures into a system to observe its behavior and improve reliability.
Reliability
CI/CD Pipeline
A CI/CD pipeline is an automated workflow that builds, tests, and deploys code changes through repeatable checks before release.
CI/CD
Circuit Breaker
Circuit Breaker is a pattern that pauses calls to failing services to reduce cascading failures during outages.
Reliability
Cloud
Internet-based servers and managed services that run apps and store data for you, so you don’t need to own and maintain the hardware.
Cloud Computing
Container
A lightweight package that bundles an app with everything it needs so it runs the same way anywhere.
Container Orchestration
Container Registry
A central place to store, version, and share container images so apps can be pulled and run anywhere.
Continuous Delivery
Continuous Delivery automates testing and release readiness for each code change, enabling frequent, reliable deployments with minimal manual effort.
CI/CD
Continuous Integration
Frequent merges to a shared branch with automated builds and tests to detect integration problems early.
CI/CD
Custom Resource Definition (CRD)
A Kubernetes API extension that lets you define new resource types so you can manage your own custom components like built-in Kubernetes objects.
Container Orchestration
DAST (Dynamic Application Security Testing)
Automated security testing that attacks a running app from the outside, like a hacker would, to find vulnerabilities.
Security
Dead Letter Queue (DLQ)
Dead Letter Queue (DLQ) is a queue for failed messages, used to isolate errors for later retry or inspection.
Reliability
Development Environment
Isolated workspace for building, running, and testing software changes safely before deploying to shared or production environments.
Practices and Culture
DevOps
Practices and culture aligning development and operations to automate delivery, improve reliability, and speed up software deployments.
Practices and Culture
Docker
A tool that packages an app and everything it needs into a small, isolated container so it runs the same anywhere.
DORA Metrics
DORA Metrics are four delivery measures tracking deploy frequency, lead time, change failure rate, and recovery time.
CI/CD
eBPF
Linux kernel tech for running tiny safe programs in the kernel to trace, measure, and sometimes control system and network behavior.
Monitoring and Logging
Elasticsearch
Distributed search and analytics engine for indexing, querying, and aggregating large datasets in near real time.
Monitoring and Logging
Error Budget
The allowed amount of downtime or errors a service can have and still hit its reliability target (SLO).
Reliability
Feature Flag
A switch in configuration that turns a feature on or off in a running app without changing or redeploying code.
Configuration Management
Flux CD
GitOps controller for Kubernetes that syncs cluster resources to desired state defined in Git repositories for automated deployments.
CI/CD
GCP
Google Cloud Platform provides Google-managed services for compute, storage, networking, and analytics to build and run applications.
Cloud Computing
GCP BigQuery
GCP BigQuery is Google Cloud’s managed data warehouse for running fast SQL analytics on large datasets without managing infrastructure.
Databases
GitOps
GitOps manages application and infrastructure changes by syncing deployments from Git-defined desired state through automated workflows.
CI/CD
Golden Path
Golden Path is a documented, supported way for teams to build, deploy, and run services using approved tools and templates.
CI/CD
Grafana Tempo
Open source distributed tracing backend from Grafana Labs for ingesting, storing, and querying traces to troubleshoot microservices performance.
Monitoring and Logging
Groovy
Dynamic JVM language that extends Java with concise syntax for scripting, automation, and rapid application development.
Programming Languages
gRPC Deadline
A gRPC deadline is a per-RPC time limit that tells services when to stop waiting and fail the request.
Reliability
Helm
Kubernetes package manager that packages manifests into versioned charts for consistent installs, upgrades, and configuration.
Container Orchestration
Helm Chart
A Helm Chart is a package of Kubernetes manifests and templates used to install and manage an app in a cluster.
Container Orchestration
Horizontal Pod Autoscaler (HPA)
Horizontal Pod Autoscaler (HPA) is a Kubernetes controller that scales pod replicas using CPU or custom metrics.
Container Orchestration
Idempotency Key
An idempotency key is a unique API request token that lets services retry operations without duplicate writes or charges.
API Management
Incident Management
Coordinated way to detect, prioritize, fix, and learn from service outages or other unplanned problems so systems get back to normal fast.
Reliability
Infrastructure as Code (IaC)
Managing and setting up servers, networks, and cloud resources using code files so changes are repeatable, reviewable, and automated.
Infrastructure Management
Istio
Istio is a Kubernetes service mesh that manages microservice traffic with security, policy controls, and observability.
Networking
Jenkins
Open source automation server for CI/CD that runs pipelines to build, test, and deploy software.
CI/CD
Karpenter
Automates node scaling in Kubernetes clusters.
Infrastructure Management
KRO
KRO orchestrates related Kubernetes resources as one unit using templates and rules to standardize platform deployments.
Container Orchestration
Kubernetes
Open source container orchestration platform that deploys, scales, and manages containerized applications across clusters.
Container Orchestration
Kubernetes Admission Controller
Kubernetes Admission Controller checks API calls to allow, change, or deny cluster changes before saving them.
Container Orchestration
Kubernetes ClusterRole
Kubernetes ClusterRole is a cluster-wide RBAC role that defines access to namespace and cluster resources.
Authentication and Authorization
Kubernetes ClusterRoleBinding
Kubernetes ClusterRoleBinding maps a ClusterRole to users, groups, or service accounts for cluster-wide RBAC access.
Authentication and Authorization
Kubernetes ConfigMap
A Kubernetes ConfigMap is an API object storing non-sensitive configuration for pods, separate from container images.
Container Orchestration
Kubernetes CronJob
A Kubernetes CronJob creates Jobs on a schedule to automate recurring tasks inside a cluster, like backups or cleanup.
Container Orchestration
Kubernetes Custom Resource Definition (CRD)
Kubernetes CRD extends the Kubernetes API with custom resource types, letting teams manage cluster or app state declaratively.
Container Orchestration
Kubernetes CustomResourceDefinition (CRD)
A Kubernetes CustomResourceDefinition (CRD) adds a custom API resource type to a cluster for domain-specific objects.
Container Orchestration
Kubernetes DaemonSet
Kubernetes DaemonSet is a workload API object that runs one pod on each selected node for cluster-wide node agents.
Container Orchestration
Kubernetes Deployment
A Kubernetes Deployment is a workload API object that manages replicated pods and rolling updates in a cluster.
Container Orchestration
Kubernetes EndpointSlice
Kubernetes EndpointSlice groups Service endpoints into slices so controllers and proxies can route traffic to pods.
Container Orchestration
Kubernetes Gateway API
Kubernetes Gateway API defines Kubernetes resources for managing service traffic routing into clusters with gateway, route, and policy objects.
Networking
Kubernetes HorizontalPodAutoscaler (HPA)
Kubernetes HPA automatically scales pod replicas based on metrics like CPU to match application demand.
Container Orchestration
Kubernetes Ingress
A Kubernetes resource that tells the cluster how to route incoming web traffic from outside to the right internal Service using rules like hostnames and paths.
Networking
Kubernetes IngressClass
Kubernetes IngressClass links an Ingress to the controller that routes outside traffic for cluster services.
Container Orchestration
Kubernetes Init Container
A Kubernetes init container runs before app containers in a pod to prepare dependencies, config, or setup tasks.
Container Orchestration
Kubernetes Job
A Kubernetes Job runs one or more pods to completion for finite tasks, such as batch processing inside a cluster.
Container Orchestration
Kubernetes Labels and Selectors
Kubernetes labels are key-value tags on objects, and selectors match them to group Pods for services or controllers.
Container Orchestration
Kubernetes LimitRange
Kubernetes LimitRange is a namespace policy setting CPU and memory requests or limits for pods at admission time.
Container Orchestration
Kubernetes Liveness Probe
A Kubernetes liveness probe checks whether a container is alive and restarts it when the app stops responding.
Container Orchestration
Kubernetes MutatingAdmissionWebhook
Kubernetes MutatingAdmissionWebhook is a webhook that edits API requests before storage to set defaults or labels.
Container Orchestration
Kubernetes Namespace
A Kubernetes Namespace is a logical partition in a cluster used to group resources and scope access, policies, or quotas.
Container Orchestration
Kubernetes Network Policy
Rules that say which pods in a Kubernetes cluster are allowed to talk to which other pods or services over the network.
Networking
Kubernetes NetworkPolicy
Kubernetes NetworkPolicy sets rules for pod traffic in a cluster, controlling which pods can connect to other pods.
Container Orchestration
Kubernetes Node
A Kubernetes Node is a worker machine in a cluster that runs pods and provides CPU, memory, and networking for workloads.
Container Orchestration
Kubernetes Operator
A Kubernetes Operator is a controller that automates app lifecycle management in a cluster using custom resources.
Container Orchestration
Kubernetes Operators
Kubernetes-native controllers that run an app for you by automating deploys, configuration, and ongoing operations using custom resources.
Container Orchestration
Kubernetes PersistentVolume (PV)
A Kubernetes PV is a cluster storage resource that lets pods keep data beyond restarts through bound claims.
Container Orchestration
Kubernetes PersistentVolumeClaim (PVC)
A PersistentVolumeClaim (PVC) is a storage request that binds a pod to a PersistentVolume for durable data.
Container Orchestration
Kubernetes Pod
A Kubernetes Pod is the smallest deployable cluster unit, running one or more containers that share a network.
Container Orchestration
Kubernetes Pod Affinity and Anti-Affinity
Kubernetes Pod Affinity and Anti-Affinity are scheduling rules that place pods together or apart using labels and topology.
Container Orchestration
Kubernetes Pod Security Admission
Kubernetes Pod Security Admission checks pod specs against Pod Security Standards before create or update.
Security
Kubernetes Pod Security Standards (PSS)
Built-in Kubernetes security levels that restrict what pods can do, like running as root or using privileged access.
Security
Kubernetes Pod Topology Spread Constraints
Kubernetes Pod Topology Spread Constraints are scheduler rules that spread pods across zones or nodes to cut skew.
Container Orchestration
Kubernetes PodDisruptionBudget (PDB)
Kubernetes PodDisruptionBudget (PDB) limits voluntary pod evictions so a minimum number or percentage stays available.
Container Orchestration
Kubernetes PriorityClass
Kubernetes PriorityClass sets pod priority, allowing critical workloads to preempt lower-priority pods when cluster resources are scarce.
Container Orchestration
Kubernetes RBAC
Kubernetes RBAC controls which users, groups, or service accounts can perform actions on cluster resources to limit access.
Authentication and Authorization
Kubernetes Readiness Probe
A Kubernetes readiness probe checks whether a pod is ready for traffic before adding it to Service endpoints.
Container Orchestration
Kubernetes ReplicaSet
A Kubernetes ReplicaSet keeps a set number of matching pods running in a cluster, replacing failed ones as needed.
Container Orchestration
Kubernetes Resource Requests and Limits
Kubernetes resource requests and limits set pod CPU and memory needs and caps, guiding scheduling and capping use.
Container Orchestration
Kubernetes ResourceQuota
Kubernetes ResourceQuota is a namespace limit for CPU, memory, storage, and objects that controls cluster use.
Container Orchestration
Kubernetes Role
Kubernetes Role is a namespaced RBAC object that defines allowed actions on resources, applied through RoleBindings.
Authentication and Authorization
Kubernetes RoleBinding
Kubernetes RoleBinding assigns a Role’s namespace permissions to users, groups, or service accounts for RBAC control.
Authentication and Authorization
Kubernetes Secret
A Kubernetes Secret is an API object for sensitive data, such as tokens or passwords, used by pods.
Secrets Management
Kubernetes SecurityContext
Kubernetes SecurityContext defines Pod or container security settings, controlling runtime privileges, user IDs, and Linux capabilities.
Security
Kubernetes Service
A Kubernetes Service is a stable network endpoint that exposes pods and routes traffic within or outside a cluster.
Container Orchestration
Kubernetes ServiceAccount
A Kubernetes ServiceAccount is an identity for pods to authenticate to the API server and access cluster resources.
Authentication and Authorization
Kubernetes StatefulSet
Kubernetes StatefulSet is a workload API object for stateful pods, giving each pod stable identity and storage.
Container Orchestration
Kubernetes StorageClass
Kubernetes StorageClass defines volume provisioning settings for PVCs, letting teams request storage by class.
Container Orchestration
Kubernetes Taints and Tolerations
Kubernetes taints and tolerations control scheduling by marking nodes and allowing only matching pods to run there.
Container Orchestration
Kubernetes ValidatingAdmissionPolicy
Kubernetes ValidatingAdmissionPolicy validates API requests with CEL rules before storage as admission control.
Container Orchestration
Kubernetes ValidatingAdmissionWebhook
Kubernetes ValidatingAdmissionWebhook is an admission webhook that accepts or rejects API requests before storage.
Container Orchestration
Kubernetes VerticalPodAutoscaler (VPA)
Kubernetes VerticalPodAutoscaler (VPA) adjusts pod CPU and memory requests based on workload usage for better scheduling.
Container Orchestration
Kubernetes Volume
Kubernetes Volume is a storage resource attached to a pod, used to persist or share data across containers.
Container Orchestration
Kubernetes VolumeSnapshot
A Kubernetes VolumeSnapshot captures a point-in-time PVC copy for backup, restore, or storage cloning workflows.
Container Orchestration
Linux
Open source Unix-like kernel powering Linux distributions for servers, desktops, and embedded systems with reliable process and memory management.
Virtualization
Linux Kali
Debian-based Linux distribution for penetration testing and security auditing with preinstalled tools for scanning exploitation and forensics.
Security
Log Rotation
Automated rotation, compression, and retention of log files to prevent unbounded growth and simplify troubleshooting and storage.
Monitoring and Logging
Microservices
An app split into small services that talk over APIs, so each piece can be deployed, updated, and scaled independently.
Scalability
MongoDB
MongoDB is a NoSQL document database that stores JSON-like data for flexible schemas and scalable application workloads.
Data Management
NginX
NginX is an open source web server and reverse proxy for serving HTTP traffic, caching responses, and balancing load across backends.
Networking
Observability
Observability uses logs, metrics, and traces to infer system state and quickly troubleshoot performance and reliability issues.
Monitoring and Logging
Observability
Live view of system operations.
Monitoring and Logging
OIDC (OpenID Connect)
OAuth 2.0-based identity layer that lets apps verify who a user is and get basic profile info via standardized tokens.
Authentication and Authorization
On-Premise
IT solutions hosted on company-owned hardware.
Infrastructure Management
On-Premise
IT solutions hosted on company-owned hardware.
Infrastructure Management
On-Premise
Running applications and storing data on company-owned servers, providing direct control over infrastructure, security, and compliance.
Infrastructure Management
Open Policy Agent (OPA)
Open Policy Agent (OPA) is an open source policy engine that evaluates rules against requests and configurations to enforce authorization and security checks.
Authentication and Authorization
Open Policy Agent (OPA)
Open Policy Agent (OPA) is an open source policy engine that checks rules for requests, deployments, and access.
Authentication and Authorization
OpenSearch
Open-source search and analytics engine that indexes data so you can find and explore it fast, even at huge scale.
Data Management
OpenTelemetry
OpenTelemetry is an open-source observability framework that standardizes traces, metrics, and logs from app services.
Monitoring and Logging
OpenTelemetry Collector
OpenTelemetry Collector is a component that receives, processes, and exports traces, metrics, and logs.
Observability
OpenVPN
OpenVPN is open source VPN software that builds encrypted tunnels between clients and servers to secure network traffic.
Networking
Pod Disruption Budget (PDB)
A Pod Disruption Budget (PDB) is a Kubernetes policy limiting voluntary pod evictions to keep replicas available.
Container Orchestration
PostgreSQL
Open-source relational database for storing and querying structured data with SQL, with optional JSON support for semi-structured data.
Data Management
Postmortem
Postmortem is a written review after an incident that explains what happened, why it happened, and what changes will prevent it from happening again.
Production Environment
Live deployment environment where applications handle real users and data with production-grade security, performance, and reliability.
Practices and Culture
Prometheus
Prometheus is an open-source monitoring and alerting toolkit that scrapes time-series metrics from services and evaluates queries and alert rules.
Monitoring and Logging
Prometheus Recording Rule
Prometheus Recording Rule is a Prometheus rule that precomputes PromQL into time series for faster alerts.
Monitoring and Logging
Pulumi
Manage cloud resources using code.
Infrastructure Management
Quarkus
Quarkus is a Kubernetes-native Java framework for containerized microservices, optimized for fast startup and low memory usage.
Cloud Computing
RabbitMQ
RabbitMQ is an open source message broker that queues and routes messages between services for asynchronous communication.
Networking
Rook
Rook orchestrates persistent storage on Kubernetes, automating deployment and operations for stateful container workloads.
Container Orchestration
Scaling
Adjusting compute resources up or down to match workload demand, maintaining performance while controlling infrastructure cost.
Scalability
Secrets Management
Securely storing and controlling access to passwords, API keys, tokens, and other sensitive values so apps and systems can use them without exposing them.
Security
Service Catalog
A searchable list of the services a team offers, with what each one does, who owns it, and how to request it.
Practices and Culture
Service Level Agreement (SLA)
A contract that defines expected service uptime, performance, and support response times between a provider and a customer.
Reliability
Service Level Indicator (SLI)
A specific number that measures what users actually experience from a service, like success rate, response time, or error rate.
Monitoring and Logging
Service Level Objective (SLO)
A measurable target for how reliably or fast a service should work over a set time period.
Reliability
Service Mesh
Infrastructure layer that routes, secures, and observes traffic between microservices without changing app code.
Networking
SIEM
Tool for quick threat detection and response.
Security
SLSA Provenance
SLSA Provenance is signed build metadata recording an artifact’s source, build steps, and builder for verification.
Security
Software Bill of Materials (SBOM)
Software Bill of Materials (SBOM) is a component list used to track dependencies, licenses, and security risks.
Security
Software Supply Chain Security
Protecting how software is built and shipped so attackers cannot sneak in bad code or tampered dependencies.
Security
SonarQube
Static code analysis platform that scans code for bugs, vulnerabilities, and maintainability issues during development and CI.
CI/CD
Spinnaker
Open-source continuous delivery platform that manages deployment pipelines across Kubernetes and major cloud providers.
CI/CD
SRE (Site Reliability Engineering)
Using software engineering to keep production services reliable, available, and fast.
Reliability
SSL
SSL secures client server traffic using encryption and authentication to prevent eavesdropping and tampering.
Security
Tekton
Tekton provides Kubernetes-native CI/CD pipeline components for building, testing, and deploying software through declarative, reusable tasks.
CI/CD
Terraform
HashiCorp Terraform provisions and manages cloud and on-prem infrastructure from declarative code for repeatable, versioned deployments.
Infrastructure Management
Terraform State
Terraform State is data mapping config to infrastructure, letting Terraform track and change its managed resources.
Infrastructure as Code
Terragrunt
Terragrunt wraps Terraform to manage multi-environment infrastructure with shared configuration and reduced code duplication.
Configuration Management
Terragrunt
Terragrunt wraps Terraform to share configuration and reduce duplication when managing infrastructure across multiple environments.
Configuration Management
Terragrunt
Terragrunt wraps Terraform to reuse shared configuration and manage multi-environment infrastructure with less duplicated code.
Configuration Management
Uptime
The percentage of time a system or service is up, running, and available to users.
Reliability
Vagrant
Tool that creates and manages repeatable virtual machine dev environments from a simple config file, so everyone works on the same setup.
Virtualization
Vulnerability Scanning
Automated scanning of systems, apps, and networks to spot known security weaknesses so you can fix them early.
Security
Workload
A workload runs an application, job, or service and consumes compute, memory, storage, and network resources.
Infrastructure Management
Xen
An open-source bare-metal hypervisor that lets one physical server run many separate virtual machines safely.
Virtualization
YAML
YAML is a human-readable data serialization format used to define configuration files and structured settings for applications and infrastructure.
Configuration Management
Zero Trust
Zero Trust requires continuous verification and least privilege access so breaches are contained across users, devices, apps, and networks.
Security