ACL (Access Control List)
is an access control list which determines who or what can access an object (program, process or file) and what operations are allowed or denied to the subject (user, user group).
is an open industry standard, first released in December 1996 and jointly developed by HP, Intel, Microsoft, Phoenix, and Toshiba, that defines a common interface for hardware discovery, power management, and motherboard and device configuration.
Active Directory
is an LDAP-compliant implementation of Microsoft’s directory service for the Windows Server family of operating systems. It allows administrators to use Group Policy to ensure a consistent user experience, deploy software to multiple computers through Group Policy or System Center Configuration Manager (formerly Microsoft Systems Management Server), install operating system, application, and server software updates on all computers on the network using Windows Server Update Service.
is a virtual machine running Octavia which does load balancing.
is an open protocol for transferring messages between system components. The main idea is that individual subsystems (or independent applications) can exchange messages in an arbitrary way through an AMQP broker that performs routing, delivery, distribution of data streams and subscription to the required message types.
AMT technology
is an hardware technology that provides remote and out-of-band (via an independent auxiliary TCP/IP channel) access to manage the settings and security of the computer, regardless of the power state (remote power on/off of the computer) and the state of the OS. The technology is available in desktops based on Intel Core 2 processors and laptops based on Intel Centrino processors with Intel vPro technology. Connection requires a system with a chipset that supports Intel AMT.
is a configuration management system written in Python using a declarative markup language to describe configurations. It is used to automate software configuration and deployment. It is usually used to manage Linux nodes, but Windows is also supported.
is OpenStack component Telemetry. It provides an alert function.
Apache Tomcat
is a container that allows Internet applications such as Java servlets and JSPs (Java server pages) to be used.

is the name of the table (encoding, set) in which numeric codes are associated with some common printable and non-printable characters. The ASCII table defines codes for characters:

  • decimal digits;
  • the Latin alphabet;
  • national alphabet;
  • punctuation marks;
  • control characters.

ASCII character table:

is a process of verifying the identity of a user, another process, or client using a private key, secret token, password, fingerprint, or similar.
Automatic (forced) migration
is a stopping instances and starting them on free resources when certain conditions are met.
Automatic evacuation
is an automatic transfer of instances when problems are detected on the computational node on which they were located. The moving is carried out to other computational nodes of the cluster only if there are free resources.
Availability storages
are storages that connect to compute hosts and to a controller with CloudManager installed and using CloudManager module tools are used to further check the availability of the compute node host. If the additional check with the help of storages is successful, then the auto-evacuation mechanism will not be applied to this node.
Availability zone
is an isolated area that is used to provide fault tolerance.
AWS (Amazon Web Services)
is a commercial public cloud maintained and developed by Amazon. It provides services on both an infrastructure model (virtual servers, storage resources) and platform-level (cloud databases, cloud middleware, cloud serverless computing, development tools).
is a cross-platform client/server software that allows you to manage backup, restore and validation of data over the network for computers and operating systems of various types.
BGP (Border Gateway Protocol)
is dynamic routing protocol. It belongs to the class of external gateway protocol (EGP). Currently it is the main dynamic routing protocol on the Internet.
Boot disk image
is a type of virtual machine image as a single boot file.
is set of tools for collecting, normalizing and transforming data provided by OpenStack services. The collected data is used to implement various scenarios for responding to events.
is an asynchronous task queue that is based on distributed message passing.
is a scalable, high-volume distributed storage system that consists of object storage, block storage, and POSIX compatible distributed file system. It is compatible with OpenStack.
is a POSIX compatible filesystem provided by Ceph.
Certification authority (CA)
is a cryptographic term for a party whose integrity is undeniable and the public key is widely known. The task of a certification authority is to verify the authenticity of encryption keys using electronic signature certificates.
is an interface standard used for communication between an external program and a web server.
is an operating system configuration management tool supported by OpenStack.
it is an operation to change the root directory on Unix-like operating systems. A program launched with a modified root directory will only have access to the files contained in that directory. Therefore if you need to give a program access to other directories or filesystems (for example/proc) you must first mount the required directories or devices in the target directory.
is a block storage service in the OpenStack system.
Classless Inter-Domain Routing (CIDR)
is a method of IP addressing that allows flexible management of the IP address space without using a rigid classful addressing framework. Using this method allows economical use of a limited resource of IP addresses, since it is possible to apply different subnet masks to different subnets.
Cloud data storage
is an online storage model, in which data is stored on numerous servers distributed over a network, provided for use by clients, mainly by a third party. Unlike the model of storing data on our own dedicated servers, purchased or leased specifically for such purposes, the number or any internal structure of servers is generally not visible to the client. Data is stored and processed in the so-called “cloud”, which is, from the client’s point of view, one large virtual server. Physically, such servers can be located geographically distant from each other.
is an initialization package for instances after they are loaded. It uses information from metadata services such as public key SSH and user data.
is a group of computers connected by high-speed communication channels representing from the user’s point of view a single hardware resource. Cluster is a loosely coupled collection of several computing systems that work together to run common applications and appear to the user as a single system.
is a Linux provisioning server that facilitates and automates the network-based system installation of multiple computer operating systems from a central point using services such as DHCP, TFTP, and DNS. It can be configured for PXE, reinstallations, and virtualized guests using Xen, KVM or VMware. Cobbler interacts with the koan program for re-installation and virtualization support. koan and Cobbler use libvirt to integrate with different virtualization software. Cobbler is able to manage complex network scenarios like bridging on a bonded Ethernet link.
Command line interface (CLI)
is a kind of human-to-human interface.
Common Internet File System (CIFS)
is a file sharing protocol. It is a public and open version of the original Server Message Block (SMB) protocol developed and used by Microsoft. Like SMB, CIFS runs at the top layer and uses the TCP/IP protocol.
Compute node
is a multiprocessor, multicore computer where the user’s tasks are performed. A user task can occupy one compute node, several compute nodes, or all compute nodes.
is service discovery and configuration system. It provides many different features such as service and node discovery, health check, system-wide storage of keys and values.
Container format
is a wrapper used by the image service, which contains a instance image and associated metadata such as computer state, disk size, operating system size, and more.
Container Management Service (Magnum)
is an OpenStack project that provides a framework for orchestrating containers such as Kubernetes, Docker Swarm, or Mesos.
Control node/controller
is a node that manages the cloud. The node hosts communication services that support the entire cloud, including the queue server, database, Horizon control panel, and monitoring system. The node can also host the nova-scheduler service and API servers, which are controlled by the end node to balance the load balancing.
CUPS (Common UNIX Printing System)
is a modular printing system for Unix-like computer operating systems which allows a computer to act as a print server. A computer running CUPS is a host that can accept print jobs from client computers, process them, and send them to the appropriate printer.
is a cross-platform command line utility that allows to interact with many different servers over many different protocols with URL syntax.
is a computer program on UNIX-class systems that is launched by the system itself and runs in the background without direct user interaction. Daemons are usually started at boot time. Typical tasks for daemons are network protocol servers (HTTP, FTP, email, etc.), equipment management, print queue support, scheduled job management, etc. Technically a daemon is a process that does not have a controlling terminal.
Data center
is a specialized building for hosting (hosting) server and network equipment and connecting subscribers to the Internet.
Data Processing Service (Sahara)
is an OpenStack project that provides a scalable data stack and associated management interfaces.
is a set of all data (tables, procedures, triggers, etc.), static data (unchangeable data stored in lookup tables) and user data (which change while working with the application).
DCC (Dynamic Configuration Components)
is a mode of dynamic configuration of components on nodes.
is a process for detecting duplicate data at the block, file, or object level that helps free up disk space. Currently it is not supported by OpenStack.
Delta image
is a difference between base and modified way Glance, typically a layer (a collection of software ready to be added to the base image).
Device mapper (dm)
is a Linux kernel module that allows to create virtual block devices. When accessing such devices a number of actions are performed, which usually include reading/writing data from other block devices. The subsystem is used to implement the LVM logical volume manager, software RAID, dm-crypt disk encryption system. One of the features of the subsystem is creating snapshots of the file system.
is a set of scripts that install all OpenStack components. It is ideal for testing and development.
is a network protocol that allows computers to automatically obtain an IP address and other parameters necessary to operate on a TCP/IP network. This protocol works on a client-server model.
DHCP agent
is an OpenStack Networking agent that provides DHCP services for virtual networks.
Direct SCSI
is a mode that allows direct SCSI commands to be sent to a device bypassing the hypervisor.
Disc format
is a base format in which a disk image for a virtual machine is stored in the internal storage of the image service. For example, AMI, ISO, QCOW2, VMDK, etc.
Distributed lock manager (DLM)
is a software package that enables computers in a cluster to coordinate access to shared resources. It runs on every machine in the cluster with an identical copy of the cluster’s lock database.
is Linux kernel component for caching data. The solution allows a high speed block device (SSD) to be used as a cache for one or more slow storage devices like hard drives such as HDDs.
is a software for automation of deployment and management of applications in a virtualization environment with support for containerization. Also it allows to package application with all its environment and dependencies into a container.
Docker compose
is a tool for managing multi-container Docker applications. It allows to describe and run the required structure using a single configuration file.
is a script that automates the process of building Docker containers.
is a collection of users, groups and projects in the OpenStack system. Each group and project belongs to only one domain.
Domain Name
is a symbolic name of domain used to identify areas on the Internet.
Domain Name System (DNS)
is a system that allows to get the IP address of a computer on the Internet, knowing its domain name, and vice versa. DNS makes it easy to navigate the Internet by translating IP addresses into easy-to-remember domain names. For example, the IP address might translate to All domains and their components, such as mail servers, use DNS to find the correct IP addresses for computers from their domain names. Typically, domain information is stored on two DNS servers - primary and secondary. If the primary server fails, it is replaced by the secondary. DNS servers can be clustered or replicated so that changes made on one server are automatically propagated to all active servers. DNS provides a mapping of DNS records to floating IP addresses, hosts, and cells so that hostnames remain the same after a reboot in computing service.
is the process of downgrading hardware or software.
DRS (Distributed Resource Scheduling)
is a balancing tool designed to conduct and apply audits of possible balancing of instances on nodes within host aggregates.
DSCP (Differentiated Services Code Poin)
is an element of computer network architecture that describes a simple scalable mechanism for classification, traffic management, and quality of service.
ELK stack

is an integrated solution that includes:

  • ElasticSearch;
  • Logstash;
  • Kibana.
is an URL to access a specific service. Each service can have one or more entry points.
is a continuous area of ​​the storage medium in file systems. Typically, in extent-aware file systems, large files consist of multiple extents that are not directly related to each other.
Failover Cluster/High Availability Cluster
is a cluster (group of servers), designed in accordance with the high availability method and ensuring minimal downtime due to hardware redundancy. Without clustering, a server failure will cause the applications or network services it supports to be unavailable until it is fully operational. Failover Clustering corrects this situation by restarting applications on another system without administrator intervention if hardware or software errors are detected. The restart process is known as failover. As part of this process, the clustering software can configure the node before running an application on it (for example, import and install the appropriate file systems or restart some supporting applications). Failover clusters typically use a special signal that is used to monitor the health and status of each node in the cluster.
Fault tolerance
is a property of a technical system to maintain its operability after the failure of one or more composite components. Fault tolerance is determined by the number of any consecutive single component failures, after which the system as a whole remains operational. The basic level of fault tolerance implies protection against failure of any one element - the elimination of a single point of failure. The main way to improve fault tolerance is redundancy. The most efficient method of redundancy is hardware redundancy, which is achieved through redundancy. Fault tolerance by means of redundancy is a mandatory requirement imposed by government supervisory authorities for technical systems in a number of applications.
Fixed IP address
is an IP address associated with the same instance on every boot is usually not available to end users on the Internet and is used to manage the instance.
is certain parameters of instances that are available for user creation. It includes parameters such as RAM size, disk size, number of cores, etc.
Floating IP
is an IP address assigned by the project to the instance so that the virtual machine receives the same public IP address each time it boots. You can create a pool of floating IP addresses and assign them to instances at startup to keep the IP address constant and keep the assigned DNS names.
is a free implementation of Remote Desktop Protocol (RDP).
Fully Qualified Domain Name (FQDN)
is a domain name that is not ambiguous in its definition. It includes the names of all parent domains in the DNS hierarchy.
is scalable distributed monitoring system for clusters of parallel and distributed computing and cloud systems with a hierarchical structure. It allows you to track statistics and history (processor load, network) of calculations in real time for each of the monitored nodes.
is an IP address usually assigned to a router that carries network traffic to other networks.
is open source load and performance testing platform.
is an OpenStack project that is responsible for cataloging, registering, and delivering instance images.
is a distributed, parallel, linearly scalable file system with failover capability. GlusterFS can combine data stores located on different servers into one parallel network file system using InfiniBand RDMA or TCP/IP. GlusterFS works in user space using FUSE technology, therefore it does not require support from the operating system kernel and works on top of existing file systems (ext3, ext4, XFS, reiserfs, etc.). Unlike other distributed file systems such as Luster and Ceph, GlusterFS does not require a separate server to store metadata.
is an OpenStack service for storing and managing aggregated dimensions at a very large scale. It includes a multi-user database of time series, metrics and resources. The measured data source can be Ceilometer.
GNU Privacy Guard (GnuPG, GPG)
is a free software for encrypting information and creating electronic digital signatures. It is developed as an alternative to PGP and released under the GNU General Public License. GnuPG is fully compliant with the IETF OpenPGP standard.
Golden image
is image to be included in the image library Glance. It is a base image with a set already added to it delt.
Google Authenticator
is an application for two-step authentication using Time-based One-time Password Algorithm (TOTP) and HMAC-based One-time Password Algorithm (HOTP) from Google LLC. Authenticator generates a 6- or 8-digit one-time digital password that the user must provide in addition to the username and password in order to log in to Google services or third-party services.
Graphical user interface (GUI)
is a kind of user interface in which the interface elements (menus, buttons, icons, lists, etc.) presented to the user on the display are executed in the form of graphic images. It is also called a graphical management shell.
is an operating system loader from the GNU project. GRUB allows a user to have multiple operating systems installed and choose one to boot when the computer is turned on.
is a statistically unique 128-bit identifier.
is a Web Server Gateway Interface HTTP Server (WSGI) ​​Python. It is based on the pre-fork model which means that the main process manages the initiated worker processes of various types, creates sockets, connections, etc.
is a project by the Apache Software Foundation. It is an open source software development framework that supports distributed applications that handle large amounts of data.
is a server software for high availability and load balancing for TCP and HTTP applications by distributing incoming requests to multiple back-end servers.
is an OpenStack Orchestration Service that orchestrates composite cloud applications using declarative patterns through the native REST API of the OpenStack platform.
Horizontal scaling
is a dividing the system into smaller structural components and spreading them across individual physical machines (or groups of them), and (or) increasing the number of servers performing the same function in parallel. Scalability in this context means the ability to add new nodes, servers, processors to the system to increase overall performance. This way of scaling may require changes to programs so that programs can take full advantage of the increased resources.
Host aggregates
are a mechanism for partitioning hosts in an OpenStack cloud, or a region of an OpenStack cloud, based on arbitrary characteristics.
Hot plug (HotPlug)
is disconnection or connection of electronic equipment in a system while it is operating without turning off the power or stopping it.
is a server software for working with HTTP protocol in daemon mode.
is a program or hardware circuit that allows multiple operating systems to run in parallel on the same host. The hypervisor also provides OS isolation from each other, protection and security, resource sharing between different running OSes, and resource management.
IKE (Internet Key Exchange)
is a standard protocol in the IPsec suite of protocols used to secure communications in virtual private networks.
is a temporary file system used by Linux kernel during initial booting. Initrd is usually used for initial initialization before mounting “real” filesystems.
Input/Output Operations Per Second (IOPS)
is a general performance measure used for computer storage devices such as hard drives, solid state drives, and storage area networks.
is a software and/or hardware system that emulates the hardware of a certain platform, virtualizes a certain platform and creates environments on it that isolate programs and even operating systems from each other.
Instance image
contains a bootable file system with specific parameters and data, which is used to start instances.
Inter-process communication (IPC)
is a data exchange between threads of one or different processes. It is implemented through mechanisms provided by the OS kernel or by a process that uses OS mechanisms and implements new IPC capabilities. It can be carried out both on one computer and between several computers on the network.
IP Fabric
is a developer of IP network infrastructure management services for the visualization and secure management of corporate networks.
IPMI interface
is an intelligent platform management interface for autonomous monitoring and control of functions built directly into the hardware and firmware of server platforms. Key features of IPMI are monitoring, recovery of management functions, logging and inventory, which are available regardless of processor, BIOS, and operating system. Platform control functions can be accessed even when the system is off.
are tables provided by the Linux kernel firewall (implemented as various firewall modules), as well as chains and rules stored in it. It is used along with arptables, ebtables, and ip6tables to create firewalls in compute resources service. Currently, different kernel modules and programs are used for different protocols: iptables for IPv4, ip6tables for IPv6, arptables for ARP, and ebtables for Ethernet frames. It is need root rights to manage the tool.
is a free software for creating bootable ROMs (Read Only Memory) to boot Linux and other operating systems on x86 computers over a network using Internet protocols.
is a protocol that is based on TCP/IP and is designed to communicate and manage storage systems, servers and clients.
iSCSI target
is a program or hardware controller (HBA) that emulates a disk and makes iSCSI requests.
is an open source software system in Java, designed to ensure the continuous integration of software under development as well as code review. It is also used to develop software based on OpenStack.
is a load testing tool developed by the Apache Software Foundation.
is JavaScript library that focuses on the interaction of JavaScript and HTML.
is claim-based network authentication protocol. Kerberos maintains insecure communication between nodes and also provides mutual secure authentication for them.
Kernel-based virtual machine (KVM)
is hypervisor supported by OpenStack. KVM is a complete virtualization solution for Linux on 32-bit hardware containing virtualization extensions (Intel VT or AMD-V), ARM, IBM Power and IBM zSeries. It consists of loadable kernel modules that provide the core virtualization infrastructure and processor-specific module.
Key Management Service (Barbican)
is an OpenStack project that provides a secret storage and creation system that provides key management to encrypt required services.
is an OpenStack Identity project (service) that provides functionality such as identity, tokens, policies and directories through the OpenStack API.
is a container orchestration platform built on top of etcd and systemd that allows you to manage clusters of virtual machines and Linux containers created using toolkits such as Docker and Rocket as a single unit.
is a load balancer. It allows the network service to evenly distribute incoming requests between virtual machines.
is a simple protocol that uses TCP/IP and allows for authentication (bind), search and compare, and add, modify, or delete records. The LDAP server typically accepts incoming connections on port 389 over TCP or UDP. For SSL-encapsulated LDAP sessions, port 636 is typically used.
is a free API implementation, daemon and set of tools for managing virtualization. Allows to manage Xen, KVM hypervisors, VirtualBox, OpenVZ, LXC, VMware ESX/GSX/Workstation/Player, QEMU and other virtualization tools, provides the ability to control instances over a network located on other computers.
is display manager X which aims to be lightweight, fast, extensible and supports multiple desktops. Ubuntu’s Unity Greeter frontend uses WebKit to display an HTML-based login interface.
Live migration
ia a moving instance from one physical server to another without interrupting the instance work and stopping services. Live migration is possible between servers located in a cluster.
is a clustered file system that spreads data across multiple physical servers, making it visible to the end user as a single file system.
Load balancing
is an even distribution of the load on compute nodes and storage systems.
Log file
is a protocol, file with event records in chronological order. A distinction is made between the registration of external events and the logging of the operation of the program itself - the source of records (although often everything is recorded in a single file).
is a process of recording all system processes in text file with the ability to set different levels of recording detail.
Logical volume manager/LVM
is a subsystem of Linux and OS/2 operating system that allows uses different areas of one hard disk and/or areas of different disks as one logical volume.
LUN (Logical Unit Number)
is an address of the disk device in storage networks.
MAC address
is a unique identifier assigned to each unit of active equipment or some of their interfaces in computer Ethernet networks.
Management Information Base (MIB)
is a virtual database used to manage objects in a communications network. Most often this concept is associated with Simple Network Management Protocol (SNMP). Although the term MIB is intended to refer to all of the available information about an object, it is also often used to refer to a specific subset, which is more properly referred to as a MIB module.
Master boot record (MBR)
is code and data required for the subsequent loading of the operating system and located in the first physical sectors (most often in the very first) on the hard disk.
is a desktop environment that is a fork of the currently unsupported GNOME 2 codebase. MATE is an intuitive desktop with a traditional interface concept.
is an utility for managing software RAID-arrays in Linux.
is a software that implements a data caching service in RAM based on a hash table.
Memory dump
is the contents of the working memory of one process, kernel, or the entire operating system. It may also include additional information about the state of a program or system, such as processor register values ​​and stack contents. Many operating systems allow you to save a memory dump for program debugging. Typically a process memory dump is saved automatically when the process terminates due to a critical error (for example, a segmentation fault). The dump can also be saved manually through the debugger or any other special program.
Message broker
is a software package used to provide AMQP. It provides exchanging messages between the components of the software system. RabbitMQ package is used by default.
is an OpenStack service (project) that provides a simple YAML-like language for describing workflows, tasks, and navigation rules. It allows you to download, modify and run them in high availability mode, manage and monitor the progress of the workflow, as well as the status of individual tasks.
is an open communication protocol based on the master-slave architecture. It is widely used in industry to organize communication between electronic devices. It can be used to transfer data via serial communication lines RS-485, RS-422, RS-232, as well as TCP/IP networks (Modbus TCP).
is an open source document-oriented database management system (DBMS) that does not require a description of the table schema. Written in C ++.
Multipath I/O
is a technology for connecting storage network nodes using multiple routes. For example, one SCSI device can be connected to two SCSI controllers. If one of the controllers fails, the operating system will use the other to access the device. This architecture increases system resiliency and allows load balancing.
is a mechanism used in programming to synchronize simultaneously running threads.
is some set by which we mean a model, abstract storage or environment, created for a logical grouping of unique identifiers (that is, names).
Network File System (NFS)
is a file system network access protocol. It is based on the ONC RPC remote procedure call protocol. It allows to connect remote file systems over the network.
Network Functions Virtualization (NFV)

is a concept of network architecture which proposes the use of virtualization technologies to virtualize entire classes of functions of network nodes in the form of constituent elements that can be connected together or linked in a chain to create telecommunication services (services). The NFV architecture includes the following main elements:

VNF (Virtual Network Function) is virtual network function like: DNS, DHCP, switch, router, balancer or base station, etc.

Element Management System (EMS) is software designed to manage and administer one or more VNFs.

NFV Orchestrator is administers the NFV infrastructure with software resources, creates a ready-made service from several VNFs.

VNF Manager (VNFM) is manager, responsible for the VNF life cycle: installation, activation, scaling, updating and disposal. It may be responsible for the operation of one or several VNFs.

NFVI (Network Function Virtualization Infrastructure) is hardware and software resources in physical and virtual form on which the virtual network VNF functions run. They can be located locally or be distributed geographically and connected by the operator’s network.

Hardware Resources (hardware resources, i.e. computing, networking and storage resources) is physical part of the NFVI infrastructure - any standard switch, or physical server, or storage device, etc.

Virtualized Infrastructure Manager (virtual infrastructure manager) is responsible for the interaction of the virtual networking function with hardware and software resources and an inventory of available resources, and is also responsible for event collection and performance issues.

Network NameSpace (netns)
is a logically separate network protocol stack in Linux. The entire network stack is emulated: network interfaces, routing table, firewall, etc.
Network switch
is a device designed to connect several nodes of a computer network within one or more network segments.
is an OpenStack service that provides network as a service between device interfaces (vNICs) that are managed by other OpenStack services.
is web server and reverse proxy server running on Unix-like operating systems.
is a technology that secures virtual infrastructure by scanning all instructions passing through the hypervisor, detecting threats, and preventing the impact of malware.
is the OpenStack project, basic architecture component that manages computing resources. All actions required to support the instance lifecycle in the OpenStack cloud are handled by Nova. The service can work with various virtualization technologies (hypervisors), such as KVM, VMware, Xen, as well as Hyper-V and virtualization systems at the operating system level such like LXC.
NUMA (Non-Uniform Memory Access)
is a scheme for the implementation of computer memory used in multiprocessor systems when the memory access time is determined by its location in relation to the processor.
OCFS (Oracle Cluster File System)
is a clustered file system that supports shared use across multiple Linux systems, developed by Oracle Corporation under the GNU General Public License. The file system has the semantics of a local file system and can be used by almost any application.
is a scalable open source load balancer with support for various operator categories. It is designed to work with OpenStack.
it is a string or sequence of decimal digits that uniquely identifies an object. These objects are usually object classes or attributes.
Open vSwitch
is an open source, multi-tier, production-grade virtual switch, licensed under Apache 2.0. It is designed to automate the management of large networks using software tools, but at the same time supports standard network protocols and interfaces (for example, NetFlow, sFlow, SPAN, RSPAN, CLI, LACP, 802.1ag).
is an open source implementation of LDAP, developed by the project of the same name, is distributed under its own free license OpenLDAP Public License. Among others, there are implementations for various BSD modifications, as well as Linux, AIX, HP-UX, Mac OS X, Solaris, Microsoft Windows (NT and successors - 2000, XP, Vista, Windows 7) and z/OS.
is a full-fledged open source cryptographic library widely known for the SSL/TLS extension used in the web protocol HTTPS.
is a free open standard cloud computing platform, mostly deployed as infrastructure-as-a-service (IaaS) in both public and private clouds where virtual servers and other resources are made available to users.
Openstack Client
is an official OpenStack command line utility. It provides a unified client for accessing the OpenStack API.
OpenStack Horizon/Dashboard
is an OpenStack resource management GUI.
OSD (Object Storage Device)
is a storage unit Ceph which stores the data and processes client requests by exchanging data with other OSDs. This is usually a disk. And usually a separate OSD daemon is responsible for each OSD, which can be run on any machine on which this disk is installed.
Overcommitting RAM (RAM overcommit)
is an ability to launch new instances of virtual machines based on actual host memory usage rather than based on the amount of RAM allocated for each running instance.
is a free, cross-platform virtualization management system.
is a state of the instance in which no changes occur (no changes in memory, network connections are stopped, etc.). The instance is stopped but not turned off.
pbr (Python Build Reasonableness)
is a library for managing configuration tools, required to install OpenStack packages.
Performance Measurement Service (Rally)
is an OpenStack project that provides a platform for analyzing the performance and efficiency of individual OpenStack components, as well as full-blown cloud deployments of OpenStack.
is a package management system used to install and manage software packages written in the Python programming language.
is a package management system used to install and manage software packages written in the Python3 programming language.
is a basic unit for managing and running applications in Kubernetes. A pod is one or more containers that are guaranteed to run on a single node (that is, a single physical or virtual machine), share resources, and provide an IP address that is unique within the cluster. The latter allows pod applications to use fixed and predefined port numbers without the risk of conflict. For sharing from containers deployed inside a module, you can define a volume (volume), which is a directory on a local or network drive.
POSIX (Portable Operating Systems Interface)
is a set of standards that describe the interfaces between the operating system and an application program (system API), a C language library, and a set of applications and their interfaces. The standard was created to ensure compatibility of various UNIX-like operating systems and portability of application programs at the source code level, but it can also be used for non-Unix systems.
is a free object-relational database management system.
is a container for separating OpenStack resources. All OpenStack resources must belong to a specific project. The project must belong to a specific domain in OpenStack Identity Service.
Protocol stack
it is a hierarchically organized set of network protocols sufficient for organizing the interaction of nodes in a network. Protocols work in the network at the same time which means that the work of the protocols must be organized so that there are no conflicts or unfinished operations. Therefore the protocol stack is divided into hierarchically structured levels, each of which performs a specific task: preparation, reception, transmission of data and subsequent actions with them.
is cross-platform sound server. PulseAudio runs on POSIX platforms such as Linux, Solaris and FreeBSD, as well as the Microsoft Windows platform. PulseAudio is free software: the server is licensed under the GNU GPL, and the libraries under the GNU LGPL.
PXE (Preboot eXecution Environment)
is an environment for booting a computer using a network card without using local storage media (hard disk, USB drive, etc.). PXE uses IP, UDP, BOOTP and TFTP to organize the system boot.
PyPI (Python Package Index)
is a directory of software written in the Python programming language.
QEMU Copy On Write 2 (QCOW2)
is the one of the disk formats for instance images supported by Image Service.
is cross-platform framework for software development in the C ++ programming language. Qt allows software written with it to run on most modern operating systems by simply compiling the program for each system without changing the source code.
Quality of Service (QoS)
is an ability to guarantee specific network or storage requirements in accordance with a service level agreement (SLA) between the application provider and end users. Typically QoS includes performance requirements such as throughput, latency, jitter correction, and reliability, and storage device IOPS (IOPS), agreements on acceptable number of requests and expected performance under peak loads.
Quick EMUlator (QEMU)
is an open source emulator and virtualizer for various computer platforms. One of the hypervisors supported by OpenStack is used for development purposes.
RAID (Redundant Array of Independent Disks)
is a data virtualization technology that combines multiple disks into a logical unit for redundancy and increased performance. Different types of array configurations are marked with different numbers: 1, 2, 3, 4, etc.
is the one of the disk formats for instance images supported by Image Service. It is unstructured disk image.
RBAC (Role Based Access Control)
is role-based access control in which the access rights of system subjects to objects are grouped taking into account the specifics of their use forming roles.
(Remote Desktop Protocol) is a proprietary application-level protocol used to provide remote user work with the server running the terminal connection service.
is an open source key-value network journaling. It is non-relational high performance database management system.
is the largest building block in the cloud. Regions allow to combine cloud platforms into a single infrastructure. Each region is a full-fledged standalone cloud platform, which are united by a single Keystone authentication and authorization server and the Horizon panel.
Remote Procedure Call (RPC)
is a class of technologies that allow computer programs to call functions or procedures in a different address space (usually on remote computers).
is a process of copying data from one source to another (or to many others) and vice versa.
is a place where any data is stored and maintained. Most often, data in a repository is stored in the form of files available for further distribution over the network.
is a set of functions that developers can query and receive responses to. The interaction takes place over the HTTP protocol. The advantage of this approach is the widespread use of the HTTP protocol, so the REST API can be used from almost any programming language.
Reverse proxy
is a type of proxy server that relays client requests from the external network to one or more servers that are logically located on the internal network. For the client it looks like the requested resources are located directly on the proxy server at the same time.
Role Based Access Control (RBAC)
is a policy of selective access control, while the access rights of the system subjects to objects are grouped taking into account the specifics of their application, forming roles.
is a special account in UNIX-like systems with an identifier (UID, User IDentifier) of 0, the owner of which has the right to perform all operations without exception, or a user who can log into the administrator interface.
is a specialized networked computer that has two or more network interfaces and forwards data packets between different network segments. Router can interconnect heterogeneous networks of different architectures. Information about the network topology and certain rules set by the administrator are used to make decisions about packet forwarding.
is a public-key cryptographic algorithm based on the computational complexity of the problem of factoring large integers.
is a program for UNIX-like systems that synchronizes files and directories in two places, minimizing traffic, using data encryption as needed.
is a configuration management system and remote execution of operations. It is open source software written in Python. It supports an IaaS approach for deploying and managing cloud computing.
is a package of programs that allow to access network drives and printers on various operating systems using the SMB/CIFS protocol. It has client and server parts. It is free software released under the GPL license.
is a multi-paradigm programming language designed to be concise and type-safe for easy and fast creation of component software, combining functional and object-oriented programming capabilities.
is a special RCP file copying protocol that uses SSH instead of RSH as a transport.
is a set of standards for the physical connection and transfer of data between computers and peripheral devices. SCSI standards define commands, protocols, and electrical and optical interfaces.
Security group
is a set of network traffic filtering rules that are applied to the instance.
is a tool for automated browser management. The most popular use of Selenium is in the automation of web application testing.
is an implementation of a compulsory access control system that can work in parallel with the classic selective access control system.
is a system for tracking and aggregating errors. More detailed description is available on the official site Sentry.
Server reboot
there are two types: hot and cold server reboots. During a hot reboot, the operating system receives a restart signal, which allows all processes to terminate normally. A cold reboot is the process of turning off and on the power of the server. The virtualization platform must ensure that the reboot succeeds even when the base domain or instances are stopped or suspended.
Server URI
is a server uniform identifier, for example: `` http: // 10002``.
Service Level Agreement (SLA)
is a contractual obligations that guarantee the availability of the service.
is a session of interaction between user and TRS instance.
Smart card
is a plastic card with a built-in microcircuit. Smart cards contain a microprocessor and an operating system that controls the device and controls access to objects in its memory in most cases. The purpose of smart cards is one- or two-factor user authentication, storage of key information and carrying out cryptographic operations in a trusted environment.
is a quick copy of a virtual machine image, term OpenStack. It allows you to take a snapshot of a running virtual machine without suspending it.
is a fragment of source text or program code used in search engines, text editors and development environments.
is a standard Internet protocol for device control in IP networks based on TCP/UDP architectures. SNMP-enabled devices include routers, switches, servers, workstations, printers, modem racks, and others.
is a SNMP agent that responds to SNMP requests for this host.
Software metric
is a measure that allows one to obtain the numerical value of a certain property of the software and its specifications.
Software-defined networking (SDN)
is a data transmission network in which the network control layer is separated from the data transmission devices and is implemented in software. It is one form of network virtualization.
Software-defined storage (SDS)
is a storage system based on software functionality.
is a remote display protocol that allows you to view a virtual “desktop” of a computing environment, not only on the machine on which it is running, but from anywhere over the Internet.
is a an application-level network protocol that allows remote control of the operating system and tunneling of TCP connections.
is cryptographic protocol that assumes more secure communication. It uses asymmetric cryptography to authenticate exchange keys, symmetric encryption to preserve confidentiality, message authentication codes for message integrity.
is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user, by default the superuser.

is a system for managing processes in the operating system. Main components:

  • supervisord - server side;
  • supervisorctl - client side.

A more detailed description is available on the official supervisor documentation site.

is a cloud file storage.
is a special file in the file system, which instead of user data contains the path to the file that is opened when this link or file is accessed.
Syslog (system log)
is a standard for sending and registering messages about events occurring in the system (that is, creating logs) used in computer networks operating over IP.
is a system manager, daemon for initializing other daemons in Linux. Its feature is intensive parallelization of the launch of services during the system boot process, which significantly accelerates the launch of the operating system.
is an OpenStack project that uses VNF Manager and NFV Orchestrator to deploy and manage network services and VNF in architecture NFV.
is one of the main data transmission protocols of the Internet designed to control data transmission. Networks and subnets that share TCP and IP are called TCP/IP networks.
Telemetry service
is an OpenStack project that collects measurement data on the physical and virtual resource usage of deployed clouds. The telemetry service provides this data for further analysis and activates certain actions when the specified indicators are reached.
is a package of automated software tests designed to be executed against the trunk of an official OpenStack project.
is a transport layer security protocol. It uses asymmetric encryption for authentication, symmetric encryption for confidentiality, and message authentication codes to preserve the integrity of messages.
is a character string used to access APIs and resources. The token is issued for a limited time and, if necessary, can be revoked before expiration. The token also contains a list of roles that determine the permissions available to the user.
TOTP (Time-based One-Time Password Algorithm)
is OATH is an algorithm for generating one-time passwords for secure authentication which is a one-way authentication algorithm - the server verifies the identity of the client.
is protocol for decentralized text, voice and video communications on the Internet based on asymmetric encryption.
is a process of stepping through the program. In trace mode, the user sees the sequence of command execution and the values ​​of variables at a given step in the program execution, which makes it easier to detect errors. Tracing can be started and ended anywhere in the program, program execution can stop at each command or at breakpoints, tracing can be performed with or without calls, and can also be performed in reverse order (a step back).
is a form of problem solving often applied to the repair of non-working devices or processes. It is a systematic, mediated by a certain logic, search for the source of a problem in order to solve it. Troubleshooting is essential for maintaining and evolving complex systems where a problem can have many different causes.
Two-factor authentication
is a method of identifying a user in a service by requesting authentication data of two different types, which provides a two-step, more effective account protection against unauthorized access.
User interface/UI
is an interface that provides information transfer between a human user and software and hardware components of a computer system.
(Coordinated Universal Time) is a standard by which society regulates clocks and times.
UUID (universally unique identifier)
is identification standard used in the creation of software. The main purpose of UUIDs is to allow distributed systems to uniquely identify information without a focal point. Thus, anyone can create a UUID and use it to identify something with an acceptable level of confidence that the given identifier will inadvertently never be used for anything else. Therefore, information tagged with a UUID can be pushed later into a shared database without having to resolve the name conflict. The UUID is a 16-byte (128-bit) number. In hexadecimal notation, the UUID looks like this: 550e8300-e29b-41d4-a716-444655440000.
is a web server and a web application server originally implemented to run Python applications over the WSGI protocol. Version 2.0 also supports running web applications Lua, Perl, Ruby and others.
is a virtual processor containing one core and occupying one socket.
VDI (Virtual Desktop Infrastructure)
is a technology that allows to create a virtual IT infrastructure and deploy full-fledged workstations on the basis of one server on which many virtual machines are running.
VDO (Virtual Data Optimizer)
is a block device virtualization technology that allows to create virtual pools from block devices with support for online compression and online deduplication.
Vertical scaling
is an icreasing the performance of each component of the system to improve overall performance. Scalability in this context means the ability to replace components in an existing computing system with more powerful and faster components as requirements increase and technology advances. This is the easiest way to scale, since it does not require any changes in the application programs running on such systems.
is a console command that displays a list of virtual domains and information about them. virt-top utility uses libvirt virtualization management library.
Virtual Extensible LAN (VXLAN)
is a network virtualization technology designed to address scalability issues in large cloud computing systems.
Virtual file system (VFS)
is a layer of abstraction on top of a specific filesystem implementation. The goal of VFS is to provide client applications with uniform access to different types of file systems. VFS can be used to access local devices and files (fat32, ext4, ntfs), network devices and files on them (nfs), as well as non-storage devices. VFS declares a programming interface between the kernel and a driver for a specific file system, so no kernel changes are required to add support for a new file system.
VLAN (Virtual Local Area Network)
is a logical (“virtual”) local computer network, it is a group of hosts with a common set of requirements that interact as if they were connected to a broadcast domain, regardless of their physical location. A VLAN has the same properties as a physical LAN, but allows end stations to be grouped together even if they are not on the same physical network. This reorganization can be done in software instead of physically moving devices.
is a tool for measuring network performance within the OpenStack cloud.
is a system of remote access to a computer desktop using the RFB protocol. Control is carried out by transmitting keystrokes on the keyboard and mouse movements from one computer to another and relaying the screen contents through a computer network. The VNC system is platform independent: A VNC client called a VNC viewer and running on one operating system can connect to a VNC server running on any other operating system.
is a block persistent storage that can be attached to instance.
is a technology that allows you to remotely turn on a computer by sending a special sequence of bytes through a local network - a data packet (magic packet). This packet can be inserted into packets of any standard higher layer protocols such as UDP or IPX.
is a service for optimizing the computational load of cloud resources in the OpenStack system.
World Wide Name (WWN)/World Wide Identifier (WWID)
is a unique identifier that identifies a specific Fiber Channel, Advanced Technology Attachment (ATA), or Serial Attached SCSI (SAS) target.
WSGI (Web Server Gateway Interface)
is a standard for communication between a Python server-side program and the web server itself such as Apache.
X Window System (X11, X)
is a windowing system that provides standard tools and protocols for building a graphical user interface. It is used in UNIX-like operating systems.
X.Org Server (Xorg)
is a server-side library implementation X Window System open source.
gives remote access to the Linux GUI. Connection security is provided by using SSH.
is high performance 64-bit journaling file system. XFS differs from other file systems in that it was originally designed for use on large disks (over 2 terabytes, see for example, RAID arrays).
is server for Unix-systems, implemented on top of VNC and providing access to the terminal server desktop using the RDP protocol.
is a free system for monitoring and tracking the statuses of various services of a computer network, servers and network equipment.
is Linux kernel module. It improves performance by preventing paging to disk using a compressed block device in RAM until the paging file on the hard drive becomes necessary. The speed of exchange with RAM is higher than with a hard disk, therefore, zRam allows Linux to perform more swap operations, especially on older computers with a small amount of RAM.