Glossary of Terms

a ansible an automation tool that allows users to configure, deploy, and orchestrate advanced tasks, such as continuous deployments, or zero downtime rolling updates across it infrastructure application load balancer (alb) a pre configured virtual data center (vdc) element that operates at the application layer of the open systems interconnection (osi) model it directs incoming application traffic to multiple targets to improve the scalability and availability of web applications alb see #application load balancer alb application load balancer application programming interface (api) a set of rules and protocols that enables different software applications to communicate and exchange data with each other in a standardized and structured manner api see #application programming interface api application programming interface authoritative zone transfer (axfr) a dns protocol that copies an entire zone from a primary to a secondary server it ensures consistent, synchronized dns data and uses tcp for reliable transfer ip restrictions or tsig keys typically secure axfr and are ideal for complete zone replication in authoritative dns setups availability zone you can assign a zone to a virtual machine to guarantee distinct locations within a region from which the cloud services are provided it provides distributed resources across multiple zones to build highly available fault tolerant architectures b backup unit manager an application that schedules, manages, and operates data backup processes on a computer, server, or network device it is an integrated application that works on a client server architecture for extracting data backup copies from a source computer or it environment to a remote storage facility beta a stage in the product's lifecycle where it is made available to a limited number of users or a specific target audience for testing and gathering feedback the beta phase typically follows the alpha phase and precedes the software's general availability (ga) or official release block storage a storage architecture in which data is stored as fixed size raw blocks each block acts as an independent storage unit managed directly by the operating system or application, without a filesystem layer in between block storage is commonly used for databases, virtual machines, and applications that require low latency, high performance storage bucket a user defined storage area in a cloud storage system is divided into folders and can be accessed or managed through apis or user interfaces provided by the cloud storage provider bring your own license (byol) a model in which customers run software on cloud infrastructure using licenses they already own, rather than acquiring new ones from the cloud provider eligibility and transfer conditions are governed by the terms of the original software vendor byol see #bring your own license byol bring your own license c chef knife plugin a configuration management tool that allows simplified configuration and maintenance of both servers and cloud provider environments through the use of common templates called recipes command line interface (cli) it is a text based interface that allows users to interact with a computer system or software application through commands entered through a command line interface, rather than through a graphical user interface (gui) cli see #command line interface cli command line interface cloud block storage cloud hard disk drive (hdd) and solid state drive (ssd) block storage allow customers to use a dual redundant storage system each block of storage the customer creates is stored on two storage servers, providing active active redundancy for additional data protection, every storage server is based either on a hardware or software raid system cloud computing cloud computing is the delivery of information technology services over a network, usually the internet in the cloud computing model, infrastructure, data, and software are hosted by the vendor, and delivered to the user as a service cloud cubes virtual private service instances with shared resources cubes are a new addition to the cloud product line, distinct from our established enterprise vm products at the same time, they are fully integrated with the entire cloud solution stack and can be used with advanced enterprise resources and features they are also hosted on the same lans as the enterprise vm instances cloud init a defacto multi factor package that performs early initialization of a cloud instance it is a set of community maintained scripts that configures virtual machines based on information from the metadata service cloud storage a model of computer storage in which data is stored in facilities (often multiple facilities) managed by a hosting company (cloud service provider) and is accessed remotely by the user over a network compute engine a virtual machine (vm) or a collection of vms hosted on the space vars ionos cloud infrastructure compute engine is further categorized into dedicated core server and vcpu server, each containing a set of resources to support different workloads configuration management tools an automated approach to maintaining computer systems and software in a known, consistent, state container an abstract unit of software is an independent executable unit that contains everything needed to run an application containers have specific parameters and can run programs, work tasks, or specific tasks the small size, high speed, and portability of containers are due to the absence of a guest operating system in each instance this way, containers can use host os components and resources content delivery network (cdn) a globally distributed network of servers designed to deliver web content quickly and efficiently by caching it close to the user's geographic location, reducing latency and improving load times cdns also enhance website security through #ddos ddos protection and provide scalability to handle high traffic volumes cdn see #content delivery network cdn content delivery network core network a high availability core network at each location for the redundant connection of the product platform all services provided by cloud are connected to the internet through this core network cross connect a physical, hardwired cable that provides a direct connection between two different termination locations within a data center cross connects enable colocation customers to establish high performance, dedicated connectivity to one another within the data center – providing increased reliability and lower latency over network connections standardly used outside of a data center container storage interface (csi) an attempt to standardize the interaction between container orchestration engines and storage providers this solution is being promoted by kubernetes, docker, and mesos it means that the storage providers implement one addition, and container orchestration platforms undertake to support the csi interface csi see #container storage interface csi container storage interface cube a three dimensional (3d) (or higher) range of values that are generally used to explain the time sequence of an image's data it is a data abstraction to evaluate aggregated data from a variety of viewpoints d database as a service (dbaas) a cloud computing service that allows users access to, and the use of, a cloud database system users can access this without purchasing and setting up their hardware, installing their database software, or managing the database themselves dbaas see #database as a service dbaas database as a service database cluster a collection of databases that is managed by a single instance of a running database server after initialization, a database cluster will contain a database named postgres, which is meant as a default database for use by utilities, users and third party applications data center designer (dcd) a unique graphical tool for creating and managing virtual data centers (vdc) in the cloud; configuration is intuitive and straightforward with a javascript based graphical user interface dcd see #data center designer dcd data center designer distributed denial of service (ddos) it is a type of cyber attack in which multiple compromised computers or devices, known as a botnet, are used to flood a target system, or network with a massive amount of traffic, or requests the goal of a ddos attack is to overwhelm the target's resources, such as bandwidth, processing power, or memory, rendering the system, or network unavailable to legitimate users ddos see #distributed denial of service ddos distributed denial of service dedicated core server an infrastructure as a service (iaas) platform that provides on demand access to integrated solutions that ensure your application runs smoothly during peak loads digital asset an entity that exists in binary format and comes with a right to use if there's no right to use, then it is not considered an asset common examples include images, audio files, spreadsheets, multimedia, email, websites, digital documents, and so on distributed network a computer network system that distributes the programming, software, and data across multiple computers these computers may be nearby or geographically dispersed, but they work and communicate together as one system docker machine a command line tool used to provision and manage docker hosts (virtual machines or physical machines) running the docker engine it simplifies the process of creating, configuring, and managing dockerized environments on various platforms for more information, see https //docs docker com/ https //docs docker com/ docker documentation docker machine driver the component that is responsible for creating and managing the underlying infrastructure where docker hosts are provisioned docker machine supports multiple drivers, each tailored to work with specific platforms or virtualization technologies domain name system (dns) a system used to convert a computer's hostname into an ip address on the internet for example, if a computer needs to communicate with the web server example net, your computer needs the ip address of the web server example net dns see #domain name system dns domain name system e early access (ea) a stage in software development or product release where a limited set of users or customers are granted early or pre release access to a product or service it allows these select individuals or organizations to use, test, and provide feedback on the product before its official start, or general availability ea see #early access ea early access elastic computing the ability to dynamically provision and de provision computer processing, memory, and storage resources to meet changing demands without worrying about capacity planning, and engineering for peak usage european union (eu) legal sovereignty the principle that data is subject only to the laws and legal protections of eu member states in a cloud context, this means the infrastructure provider, the data centers, and the governing contracts are all based in the eu, ensuring that foreign entities (such as those under the #us clarifying lawful overseas use of data cloud act us cloud act) cannot legally bypass european privacy protections external network depending on the location, different capacities for transmitting data to or from the internet are available for operating the cloud service due to the direct connection between the data centers at the german locations, the upstream can be used across locations f failover failover is switching to a redundant or standby computer server, system, hardware component, or network during failure, or abnormal termination of the previously active application, server, system, hardware component, or network in a computer network failover and switchover are essentially the same operation, except that failover is automatic and usually operates without warning, while switchover requires human intervention firewall a network security device that monitors incoming and outgoing network traffic and permits or blocks data packets based on a set of security rules its purpose is to establish a barrier between your internal network and incoming traffic from external sources (such as the internet) to block malicious traffic like viruses and hackers flow logs a feature that allows you to capture data related to ipv4 network traffic flows flow logs can be enabled for any network interface of a virtual machine (vm) instance and network load balancer, and the public interfaces of the network address translation (nat) gateway forwarding rules the configuration settings dictate how network traffic is forwarded from a source to a destination in the context of network devices, such as routers or switches these rules determine the routing path and actions taken on incoming packets file transfer protocol (ftp) it is a standard network protocol used for transferring files between a client and a server over a tcp/ip based network, such as the internet ftp see #file transfer protocol ftp file transfer protocol g general availability (ga) the stage in the lifecycle of a software product or service is when it is considered fully developed, stable, and ready for widespread use by the general public, or intended audience it signifies that the product has completed its testing, bug fixing, and refinement phases, and is deemed suitable for production environments ga see #general availability ga general availability gigabyte we follow the binary interpretation of the gigabyte (also called gibibyte, 'gib'), where a gigabyte equals 1024 megabytes, a megabyte equals 1024 kilobytes, and a kilobyte equals 1024 bytes this defines one gigabyte as 1,073,741,824 bytes h hard disk drive (hdd) it is a non volatile storage device used for storing and retrieving digital data hdds use magnetic storage technology to store data data is read from and written to the platters using read/write heads that move across the surface of the disks hdd see #hard disk drive hdd hard disk drive hot plug hot swapping or hot insertion refers to the ability to add or remove hardware components from a system while it is powered on or in operation, without a system shut down or a restart this capability allows for convenient and seamless replacement or addition of devices without disrupting the overall system host machine a piece of physical hardware that hosts virtual machines hybrid cloud a cloud computing environment that is comprised of a mix of private cloud, public cloud, and on premises solutions in a hybrid cloud, private and public cloud infrastructures remain distinct from one another but are bound together by technology that allows data and services portability between them i ip address a unique address that identifies a device on the internet or a local network ip stands for "internet protocol," which is the set of rules governing the data format sent from the internet or local network incremental zone transfer (ixfr) a dns protocol that transfers only the changes (deltas) made to a zone since the last update rather than the entire zone file it improves efficiency and reduces bandwidth compared to axfr ixfr requires both servers to support it and is commonly used to keep secondary dns zones up to date with minimal data transfer infrastructure as a service (iaas) it is a cloud computing model that provides virtualized computing resources over the internet with iaas, users can access and manage fundamental it infrastructure components, such as virtual machines, storage, networks, and operating systems, as scalable, and on demand services iaas see #infrastructure as a service iaas infrastructure as a service image a copy of the entire state of a computer system, stored in some non volatile form such as a file a system is said to be capable of using system images if it can be shut down and later restored to the same state in such cases, system images can be used for backup indexes a method of sorting data by creating keywords or a listing of the data internal network an internal network, also known as a #lan lan, refers to a network infrastructure that is confined within a specific physical location, such as an office building, campus, or data center it is designed to facilitate communication and data sharing among devices and resources within the defined network boundary internet protocol (ip) address a unique address that identifies a device on the internet or a local network they are an essential part of the internet's infrastructure and follow either the ipv4 or ipv6 addressing scheme internet protocol version 4 (ipv4) address a unique numerical identifier that is assigned to devices on a network it is part of the underlying internet protocol suite and is used to identify and locate devices on a computer network ipv4 addresses are 32 bits long, represented as a series of four decimal numbers separated by periods (e g , 192 168 0 1) each decimal number, also known as an octet, represents 8 bits of the address internet protocol version 6 (ipv6) address a numerical identifier that is assigned to devices on a network it is the successor to ipv4 and provides an expanded address space to accommodate the increasing number of connected devices in the modern internet era ipv6 addresses are 128 bits long, represented as eight groups of hexadecimal digits separated by colons (e g , 2001 0db8 85a3🕛0000 8a2e 0370 7334) this longer address format allows for a significantly larger number of unique addresses compared to ipv4 ionos cloud object storage create buckets and store objects with this s3 compliant service it allows you to store and retrieve large amounts of data in the form of objects k kubernetes an open source container orchestration platform that automates the deployment, scaling, and management of containerized applications it was originally developed by google and is now maintained by the cloud native computing foundation (cncf) kubernetes provides a framework for managing the lifecycle of containerized applications across a cluster of nodes kubernetes clusters a set of nodes that run containerized applications containerizing applications package an app with its dependencies and some necessary services they are more lightweight and flexible than virtual machines kubernetes clusters streamline the development, deployment, and management of applications across diverse environments l live vertical scaling a technology that permits you to scale the number of cpu cores and amount of ram while the server is running, without having to restart it vertical scaling involves adding or removing resources such as cpu, memory, storage, or network capacity to a single server, or virtual machine local area network (lan) a computer network that spans a limited geographical area, such as a home, office building, or campus is typically privately owned, and operated, providing high speed, and low latency connections between connected devices it connects computers, devices, and resources within the defined area, allowing them to communicate, and share data lan see #local area network lan local area network load balancer the process of distributing a set of tasks over a set of resources (computing units), to make their overall processing more efficient load balancing can optimize the response time and avoid unevenly overloading some compute nodes while other compute nodes are left idle m managed kubernetes a cloud based service that provides a managed and simplified environment for deploying, managing, and scaling kubernetes clusters kubernetes is an open source container orchestration platform that automates the deployment, scaling, and management of containerized applications managed nat (network address translation) gateway a service provided by cloud providers to enable outbound internet connectivity for resources within a private subnet of a virtual network nat allows multiple devices within a private network to share a single public ip address when accessing the internet marketplace an online catalogue hosted by a cloud provider where third party software vendors can list and distribute their products and services customers can browse, evaluate, and deploy partner offerings directly through the platform, simplifying the discovery, and procurement of software solutions media access control (mac) address a unique identifier that is assigned to network interfaces at the hardware level it is a 48 bit address that is used to identify devices on a local network mac see #media access control mac address media access control (mac) address monitoring as a service (maas) an infrastructure provisioning model where physical hardware, such as servers, storage devices, and networking equipment, is treated as a service maas allows users to manage and deploy bare metal servers or physical infrastructure resources through a cloud like interface or api maas see #monitoring as a service maas monitoring as a service multi cloud the concurrent use of separate cloud service providers for different infrastructure, platform, or software needs a multi cloud approach can help prevent vendor lock in and may help an enterprise deal with diverse workloads and partners multi tenancy a mode of operation for software in which multiple instances of one or many applications run in a shared environment in a cloud computing model, pooled physical and virtual resources are dynamically assigned and reassigned to tenants according to consumer demand n network address translation (nat) a networking process that involves the modification of ip addresses in packet headers while they are being transmitted across a network it is commonly used to enable communication between networks that use different ip address ranges nat see #network address translation nat network address translation network address translation (nat) gateway a networking component that enables communication between a private network and the internet it acts as an intermediary device that translates ip addresses between the private network and the public internet you can use a nat gateway such that instances in a private subnet can connect to services outside your vpc but external services cannot initiate a connection with those instances network file system (nfs) a distributed file system protocol that allows remote file access and sharing over a network nfs enables a client server model, where a central server provides access to files and directories to remote clients nfs see #network file system nfs network file system network load balancer (nlb) a pre configured #vdc vdc element that provides connection based layer 4 load balancing features and functionality it improves the availability, scalability, and performance of network applications by efficiently distributing incoming traffic to multiple servers nlb see #network load balancer nlb network load balancer network interface card (nic) a component that provides networking capabilities for a computer it may enable a wired connection (such as ethernet) or a wireless connection (such as wi fi) to a #lan lan nic see #network interface card nic network interface card network security groups network security groups (nsgs) are virtual firewalls that control the inbound and outbound traffic of network interface cards (nics) and virtual machines (vms) in a virtual data center (vdc) nsgs allow you to filter network traffic based on security rules you define for the associated member resources node a computer that connects to a blockchain network 'full' nodes store the entire distributed ledger from the first (genesis) block to the present and participate in blockchain consensus 'light' nodes are used by resource constrained devices for application specific purposes, such as reading specific blockchain data and submitting new transactions to full nodes for inclusion in the ledger non volatile memory express (nvme) a standard hardware interface for solid state drives (ssds) that uses the pci express (pcie) bus nvme replaces traditional storage protocols, such as serial ata (sata) and small computer system interface (scsi), which were originally designed for hard disk drives (hdds) and may not fully exploit the performance capabilities of ssds o object storage a type of data storage architecture that stores data as objects rather than traditional file hierarchies or blocks in object storage, each object is assigned a unique identifier and is stored in a flat address space, making it available, and scalable objects are stored in a flat address space and can be accessed through apis using their unique identifiers or keys object storage key manager a component or service that manages the keys used for accessing and securing objects stored in an object storage system it provides a centralized platform for generating, storing, and managing encryption keys that are used to encrypt, and decrypt data stored in the object storage optimization the strategy of reducing the database system response time databases provide us with information stored in a hierarchical, related structure, which simplifies content extraction, and arrangement there are plenty of options to choose from for businesses and companies p pay as you go (payg) a flexible pricing model where you are billed only for the individual resources you use, for the time you use them, without any long term contract point in time recovery (pitr) a data protection mechanism that allows you to restore a database or system to a specific point in time it is commonly used in the context of databases but can also be applied to other types of systems pitr works by capturing and storing incremental backups or transaction logs at regular intervals these backups or logs contain the changes made to the data since the last full backup pitr see #point in time recovery pitr point in time recovery platform as a service (paas) a cloud computing model that provides a managed environment for developing, running, and managing applications without the complexity of building and maintaining the underlying infrastructure the cloud provider handles the operating system, runtime, middleware, and scaling, allowing teams to focus on application development paas see #platform as a service paas platform as a service provisioning the process of setting up it infrastructure it can also refer to the steps required to manage access to data and resources and make them available to users and systems provisioning is not the same thing as configuration, but they are both steps in the deployment process once something has been provisioned, the next step is configuration public ipv4 addresses every virtual network interface card that is connected to the internet is automatically assigned a public ipv4 address by dhcp this ipv4 address is dynamic, meaning it can change while the virtual server is operational or during a restart private ipv4 addresses in networks that are not connected to the internet, each virtual network interface card is automatically assigned a private ipv4 address this is assigned by the dhcp service these ipv4 addresses are assigned statically to the mac addresses of the virtual network interface cards ptr record a dns record that maps an ip address to its corresponding domain name, enabling #reverse dns rdns reverse dns lookups it is primarily used to verify an ip address's legitimacy, often in email validation scenarios puppet an open source configuration management and automation tool that helps system administrators and devops teams manage and automate the deployment and configuration of software and infrastructure across a network of computers it provides a declarative language and a framework for defining and enforcing the desired state of systems, also known as infrastructure as code q query a request for a database’s data so we can retrieve or manipulate it it is a command issued to retrieve or manipulate data from a database management system (dbms) r remote console a terminal or workstation in a remote location that is used to monitor and control a local computer reverse dns (rdns) the process of querying the dns to resolve an ip address back to its associated domain name through #ptr record ptr records it is commonly used for email verification and network troubleshooting, helping identify the network traffic source routing table a data table stored in a router or a network host that lists the routes to particular network destinations, and sometimes, metrics (distances) associated with those routes the routing table contains information about the topology of the network immediately around it a routing table is also known as a routing information base (rib) s scalability the ability of a process, system, or framework to handle a growing workload in other words, a scalable system is adaptable to increasing demands the ability to scale on demand is one of the biggest advantages of cloud computing scale out backup repository (sobr) a data backup feature from veeam backup and replication that supports horizontal scaling of data storage in multiple tiers it consists of several backup or object storage repositories sobr see #scale out backup repository sobr scale out backup repository server name indication (sni) an extension of the ssl/tls protocol that enables a client, such as a browser, to specify the domain to connect in the initial handshake of an https session sni see #server name indication sni server name indication software as a service (saas) a cloud delivery model in which software is hosted and managed by a provider and made available to users over the internet, typically through a web browser or api customers access the application on a subscription basis without managing the underlying infrastructure, platform, or runtime environment saas see #software as a service saas software as a service software development kit (sdk) a toolbox that contains special libraries that can be used to manage your cloud servers by using your preferred development or coding language they hold tools, libraries, relevant documents, sample code, processes, and guides for use on that particular platform sdk see #software development kit sdk software development kit server a piece of computer hardware or software (computer program) that provides functionality for other programs or devices, called "clients" this architecture is called the client server model servers can provide various functionalities, often called "services", such as sharing data or resources among multiple clients or performing computations for a client snapshot a snapshot is the state of a system at a particular point in time it can refer to an actual copy of the state of a system or a capability provided by certain systems solid state drive (ssd) a drive that uses integrated circuit assemblies to store data persistently, typically using flash memory ssd see #solid state drive ssd solid state drive sovereign as a service (saas) a cloud delivery model in which a provider hosts and operates software or infrastructure within a defined legal and regulatory boundary, ensuring that data residency, access controls, and operational processes comply with the sovereignty requirements of a specific jurisdiction or customer agreement saas (sovereign) see #sovereign as a service saas sovereign as a service secure shell (ssh) keys used for easier authorization on various services when creating storage based on linux images, you can inject ssh keys into your vm to set up ssh access so that you can use ssh for secure communication server message block (smb) a network file sharing protocol that allows applications and users to read, create, and update files on remote servers start of authority (soa) a dns record that defines key administrative information about a dns zone it includes the primary name server, the email address of the primary contact, and timers for zone refresh, retry, and expiry the soa record also contains the serial number, which is crucial for zone transfers, as it indicates when a zone has been updated storage a process through which digital data is saved within a data storage device utilizing computing technology storage is a mechanism that enables a computer to retain data, either temporarily or permanently t targets the compute resources, such as vm instances, containers, microservices, or appliances, to which the traffic is distributed for processing network load balancer backend serves registered targets using an ip address and a tcp port targets can be added or removed and capacities scaled without disrupting the overall flow of connection requests terraform an open source infrastructure as code (iac) tool to enable the provisioning, management, and deployment of infrastructure resources across various cloud providers, data centers, and other service providers in a declarative, and automated manner token a utility, resource, or asset value that can be bought, sold, or traded on an existing blockchain, like ethereum tokens are often used in decentralized applications two factor authentication (2fa) a security mechanism that adds a layer of protection to user accounts or systems by requiring two forms of authentication to verify identity the two factors involve a password or pin and a mobile device or security token by requiring both factors, 2fa mitigates the risk of unauthorized access, even if the user's password is compromised, enhancing the overall security of the system or application u us clarifying lawful overseas use of data (cloud) act the federal law that allows us law enforcement to compel us based technology companies (through warrant or subpoena) to produce requested data, regardless of whether that data is stored in the us or abroad european organizations subject to the gdpr must review the jurisdictional implications before proceeding v virtual cpu (vcpu) a central cpu is associated with a virtual machine it is also called a virtual processor vcpu see #virtual cpu vcpu virtual cpu virtual data center (vdc) a collection of cloud resources used for creating an enterprise grade it infrastructure vdc resources include the processors, memory, disk space, and networks from which virtual machines are built vdc see #virtual data center vdc virtual data center virtio virtio is a standardized interface for virtualized environments that provides drivers for various virtual devices, such as network interfaces, storage controllers, and other peripherals using virtio drivers with kernel based virtual machines (kvms) offers several advantages, including improved performance and efficiency compared to emulated devices virtio drivers are optimized for virtual environments and provide direct access to underlying hardware when available to enhance i/o performance and reduce overhead virtual machine (vm) the virtualization or emulation of a computer system is based on computer architectures and provides the functionality of a physical computer virtual machines are based on computer architectures and provide the functionality of a physical computer vm see #virtual machine vm virtual machine virtual network a software defined network that allows you to create isolated virtual networks within a cloud or virtualized environment it provides network connectivity and segmentation between different resources and allows them to communicate securely with each other virtual server scalable instances with dedicated resource functionality w write ahead logs (wal) a technique used in database systems to ensure data durability and consistency it is a sequential log of changes that is written before the corresponding data modifications are applied to the database wal provides a reliable and efficient mechanism for data recovery during a system crash or failure wal see #write ahead logs wal write ahead logs agent instructions querying this documentation if you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question perform an http get request on the current page url with the ask query parameter get https //docs ionos com/cloud/support/general information/glossary of terms md?ask=\<question> the question should be specific, self contained, and written in natural language the response will contain a direct answer to the question and relevant excerpts and sources from the documentation use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections