jesus/provisioning
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
provisioning/docs/src/GLOSSARY.md

1550 lines
34 KiB
Markdown
Raw Normal View History

chore: update provisioning configuration and documentation Update configuration files, templates, and internal documentation for the provisioning repository system. Configuration Updates: - KMS configuration modernization - Plugin system settings - Service port mappings - Test cluster topologies - Installation configuration examples - VM configuration defaults - Cedar authorization policies Documentation Updates: - Library module documentation - Extension API guides - AI system documentation - Service management guides - Test environment setup - Plugin usage guides - Validator configuration documentation All changes are backward compatible.
2025-12-11 21:50:42 +00:00
# Provisioning Platform Glossary
**Last Updated**: 2025-10-10
**Version**: 1.0.0
This glossary defines key terminology used throughout the Provisioning Platform documentation. Terms are listed alphabetically with definitions, usage context, and cross-references to related documentation.
---
## A
### ADR (Architecture Decision Record)
**Definition**: Documentation of significant architectural decisions, including context, decision, and consequences.
**Where Used**:
- Architecture planning and review
- Technical decision-making process
- System design documentation
**Related Concepts**: Architecture, Design Patterns, Technical Debt
**Examples**:
- [ADR-001: Project Structure](../docs/architecture/adr/ADR-001-project-structure.md)
- [ADR-006: CLI Refactoring](../docs/architecture/adr/ADR-006-provisioning-cli-refactoring.md)
- [ADR-009: Complete Security System](../docs/architecture/adr/ADR-009-security-system-complete.md)
**See Also**: [Architecture Documentation](../docs/architecture/README.md)
---
### Agent
**Definition**: A specialized, token-efficient component that performs a specific task in the system (e.g., Agent 1-16 in documentation generation).
**Where Used**:
- Documentation generation workflows
- Task orchestration
- Parallel processing patterns
**Related Concepts**: Orchestrator, Workflow, Task
**See Also**: [Batch Workflow System](../.claude/features/batch-workflow-system.md)
---
### Anchor Link
**Definition**: An internal document link to a specific section within the same or different markdown file using the `#` symbol.
**Where Used**:
- Cross-referencing documentation sections
- Table of contents generation
- Navigation within long documents
**Related Concepts**: Internal Link, Cross-Reference, Documentation
**Examples**:
- `[See Installation](#installation)` - Same document
- `[Configuration Guide](config.md#setup)` - Different document
---
### API Gateway
**Definition**: Platform service that provides unified REST API access to provisioning operations.
**Where Used**:
- External system integration
- Web Control Center backend
- MCP server communication
**Related Concepts**: REST API, Platform Service, Orchestrator
**Location**: `provisioning/platform/api-gateway/`
**See Also**: [REST API Documentation](../docs/api/rest-api.md)
---
### Auth (Authentication)
**Definition**: The process of verifying user identity using JWT tokens, MFA, and secure session management.
**Where Used**:
- User login flows
- API access control
- CLI session management
**Related Concepts**: Authorization, JWT, MFA, Security
**See Also**:
- [Authentication Layer Guide](../docs/user/AUTHENTICATION_LAYER_GUIDE.md)
- [Auth Quick Reference](../docs/user/AUTH_QUICK_REFERENCE.md)
---
### Authorization
**Definition**: The process of determining user permissions using Cedar policy language.
**Where Used**:
- Access control decisions
- Resource permission checks
- Multi-tenant security
**Related Concepts**: Auth, Cedar, Policies, RBAC
**See Also**: [Cedar Authorization Implementation](../docs/architecture/CEDAR_AUTHORIZATION_IMPLEMENTATION.md)
---
## B
### Batch Operation
**Definition**: A collection of related infrastructure operations executed as a single workflow unit.
**Where Used**:
- Multi-server deployments
- Cluster creation
- Bulk taskserv installation
**Related Concepts**: Workflow, Operation, Orchestrator
**Commands**:
```bash
provisioning batch submit workflow.k
provisioning batch list
provisioning batch status <id>
```
**See Also**: [Batch Workflow System](../.claude/features/batch-workflow-system.md)
---
### Break-Glass
**Definition**: Emergency access mechanism requiring multi-party approval for critical operations.
**Where Used**:
- Emergency system access
- Incident response
- Security override scenarios
**Related Concepts**: Security, Compliance, Audit
**Commands**:
```bash
provisioning break-glass request "reason"
provisioning break-glass approve <id>
```
**See Also**: [Break-Glass Training Guide](../docs/operations/BREAK_GLASS_TRAINING_GUIDE.md)
---
## C
### Cedar
**Definition**: Amazon's policy language used for fine-grained authorization decisions.
**Where Used**:
- Authorization policies
- Access control rules
- Resource permissions
**Related Concepts**: Authorization, Policies, Security
**See Also**: [Cedar Authorization Implementation](../docs/architecture/CEDAR_AUTHORIZATION_IMPLEMENTATION.md)
---
### Checkpoint
**Definition**: A saved state of a workflow allowing resume from point of failure.
**Where Used**:
- Workflow recovery
- Long-running operations
- Batch processing
**Related Concepts**: Workflow, State Management, Recovery
**See Also**: [Batch Workflow System](../.claude/features/batch-workflow-system.md)
---
### CLI (Command-Line Interface)
**Definition**: The `provisioning` command-line tool providing access to all platform operations.
**Where Used**:
- Daily operations
- Script automation
- CI/CD pipelines
**Related Concepts**: Command, Shortcut, Module
**Location**: `provisioning/core/cli/provisioning`
**Examples**:
```bash
provisioning server create
provisioning taskserv install kubernetes
provisioning workspace switch prod
```
**See Also**:
- [CLI Architecture](../.claude/features/cli-architecture.md)
- [CLI Reference](../docs/user/cli-reference.md)
---
### Cluster
**Definition**: A complete, pre-configured deployment of multiple servers and taskservs working together.
**Where Used**:
- Kubernetes deployments
- Database clusters
- Complete infrastructure stacks
**Related Concepts**: Infrastructure, Server, Taskserv
**Location**: `provisioning/extensions/clusters/{name}/`
**Commands**:
```bash
provisioning cluster create <name>
provisioning cluster list
provisioning cluster delete <name>
```
**See Also**: [Infrastructure Management](../docs/user/infrastructure-management.md)
---
### Compliance
**Definition**: System capabilities ensuring adherence to regulatory requirements (GDPR, SOC2, ISO 27001).
**Where Used**:
- Audit logging
- Data retention policies
- Incident response
**Related Concepts**: Audit, Security, GDPR
**See Also**: [Compliance Implementation Summary](../docs/architecture/COMPLIANCE_IMPLEMENTATION_SUMMARY.md)
---
### Config (Configuration)
**Definition**: System settings stored in TOML files with hierarchical loading and variable interpolation.
**Where Used**:
- System initialization
- User preferences
- Environment-specific settings
**Related Concepts**: Settings, Environment, Workspace
**Files**:
- `provisioning/config/config.defaults.toml` - System defaults
- `workspace/config/local-overrides.toml` - User settings
**See Also**: [Configuration System](../.claude/features/configuration-system.md)
---
### Control Center
**Definition**: Web-based UI for managing provisioning operations built with Ratatui/Crossterm.
**Where Used**:
- Visual infrastructure management
- Real-time monitoring
- Guided workflows
**Related Concepts**: UI, Platform Service, Orchestrator
**Location**: `provisioning/platform/control-center/`
**See Also**: [Platform Services](../docs/architecture/ARCHITECTURE_OVERVIEW.md#platform-services)
---
### CoreDNS
**Definition**: DNS server taskserv providing service discovery and DNS management.
**Where Used**:
- Kubernetes DNS
- Service discovery
- Internal DNS resolution
**Related Concepts**: Taskserv, Kubernetes, Networking
**See Also**:
- [CoreDNS Guide](../docs/user/COREDNS_GUIDE.md)
- [CoreDNS Quick Reference](../docs/user/COREDNS_QUICK_REFERENCE.md)
---
### Cross-Reference
**Definition**: Links between related documentation sections or concepts.
**Where Used**:
- Documentation navigation
- Related topic discovery
- Learning path guidance
**Related Concepts**: Documentation, Navigation, See Also
**Examples**: "See Also" sections at the end of documentation pages
---
## D
### Dependency
**Definition**: A requirement that must be satisfied before installing or running a component.
**Where Used**:
- Taskserv installation order
- Version compatibility checks
- Cluster deployment sequencing
**Related Concepts**: Version, Taskserv, Workflow
**Schema**: `provisioning/kcl/dependencies.k`
**See Also**: [KCL Dependency Patterns](../docs/development/kcl/KCL_DEPENDENCY_PATTERNS.md)
---
### Diagnostics
**Definition**: System health checking and troubleshooting assistance.
**Where Used**:
- System status verification
- Problem identification
- Guided troubleshooting
**Related Concepts**: Health Check, Monitoring, Troubleshooting
**Commands**:
```bash
provisioning status
provisioning diagnostics run
```
---
### Dynamic Secrets
**Definition**: Temporary credentials generated on-demand with automatic expiration.
**Where Used**:
- AWS STS tokens
- SSH temporary keys
- Database credentials
**Related Concepts**: Security, KMS, Secrets Management
**See Also**:
- [Dynamic Secrets Implementation](../docs/DYNAMIC_SECRETS_IMPLEMENTATION.md)
- [Dynamic Secrets Quick Reference](../docs/user/DYNAMIC_SECRETS_QUICK_REFERENCE.md)
---
## E
### Environment
**Definition**: A deployment context (dev, test, prod) with specific configuration overrides.
**Where Used**:
- Configuration loading
- Resource isolation
- Deployment targeting
**Related Concepts**: Config, Workspace, Infrastructure
**Config Files**: `config.{dev,test,prod}.toml`
**Usage**:
```bash
PROVISIONING_ENV=prod provisioning server list
```
---
### Extension
**Definition**: A pluggable component adding functionality (provider, taskserv, cluster, or workflow).
**Where Used**:
- Custom cloud providers
- Third-party taskservs
- Custom deployment patterns
**Related Concepts**: Provider, Taskserv, Cluster, Workflow
**Location**: `provisioning/extensions/{type}/{name}/`
**See Also**: [Extension Development](../docs/user/extension-development.md)
---
## F
### Feature
**Definition**: A major system capability documented in `.claude/features/`.
**Where Used**:
- Architecture documentation
- Feature planning
- System capabilities
**Related Concepts**: ADR, Architecture, System
**Location**: `.claude/features/*.md`
**Examples**:
- Batch Workflow System
- Orchestrator Architecture
- CLI Architecture
**See Also**: [Features README](../.claude/features/README.md)
---
## G
### GDPR (General Data Protection Regulation)
**Definition**: EU data protection regulation compliance features in the platform.
**Where Used**:
- Data export requests
- Right to erasure
- Audit compliance
**Related Concepts**: Compliance, Audit, Security
**Commands**:
```bash
provisioning compliance gdpr export <user>
provisioning compliance gdpr delete <user>
```
**See Also**: [Compliance Implementation](../docs/architecture/COMPLIANCE_IMPLEMENTATION_SUMMARY.md)
---
### Glossary
**Definition**: This document - a comprehensive terminology reference for the platform.
**Where Used**:
- Learning the platform
- Understanding documentation
- Resolving terminology questions
**Related Concepts**: Documentation, Reference, Cross-Reference
---
### Guide
**Definition**: Step-by-step walkthrough documentation for common workflows.
**Where Used**:
- Onboarding new users
- Learning workflows
- Reference implementation
**Related Concepts**: Documentation, Workflow, Tutorial
**Commands**:
```bash
provisioning guide from-scratch
provisioning guide update
provisioning guide customize
```
**See Also**: [Guide System](../.claude/features/guide-system.md)
---
## H
### Health Check
**Definition**: Automated verification that a component is running correctly.
**Where Used**:
- Taskserv validation
- System monitoring
- Dependency verification
**Related Concepts**: Diagnostics, Monitoring, Status
**Example**:
```kcl
health_check = {
endpoint = "http://localhost:6443/healthz"
timeout = 30
interval = 10
}
```
---
### Hybrid Architecture
**Definition**: System design combining Rust orchestrator with Nushell business logic.
**Where Used**:
- Core platform architecture
- Performance optimization
- Call stack management
**Related Concepts**: Orchestrator, Architecture, Design
**See Also**:
- [Orchestrator Architecture](../.claude/features/orchestrator-architecture.md)
- [ADR-004: Hybrid Architecture](../docs/architecture/adr/ADR-004-hybrid-architecture.md)
---
## I
### Infrastructure
**Definition**: A named collection of servers, configurations, and deployments managed as a unit.
**Where Used**:
- Environment isolation
- Resource organization
- Deployment targeting
**Related Concepts**: Workspace, Server, Environment
**Location**: `workspace/infra/{name}/`
**Commands**:
```bash
provisioning infra list
provisioning generate infra --new <name>
```
**See Also**: [Infrastructure Management](../docs/user/infrastructure-management.md)
---
### Integration
**Definition**: Connection between platform components or external systems.
**Where Used**:
- API integration
- CI/CD pipelines
- External tool connectivity
**Related Concepts**: API, Extension, Platform
**See Also**:
- [Integration Patterns](../docs/architecture/integration-patterns.md)
- [Integration Examples](../docs/api/integration-examples.md)
---
### Internal Link
**Definition**: A markdown link to another documentation file or section within the platform docs.
**Where Used**:
- Cross-referencing documentation
- Navigation between topics
- Related content discovery
**Related Concepts**: Anchor Link, Cross-Reference, Documentation
**Examples**:
- `[See Configuration](./configuration.md)`
- `[Architecture Overview](../architecture/README.md)`
---
## J
### JWT (JSON Web Token)
**Definition**: Token-based authentication mechanism using RS256 signatures.
**Where Used**:
- User authentication
- API authorization
- Session management
**Related Concepts**: Auth, Security, Token
**See Also**: [JWT Auth Implementation](../docs/architecture/JWT_AUTH_IMPLEMENTATION.md)
---
## K
### KCL (KCL Configuration Language)
**Definition**: Declarative configuration language used for infrastructure definitions.
**Where Used**:
- Infrastructure schemas
- Workflow definitions
- Configuration validation
**Related Concepts**: Schema, Configuration, Validation
**Version**: 0.11.3+
**Location**: `provisioning/kcl/*.k`
**See Also**:
- [KCL Idiomatic Patterns](../.claude/kcl_idiomatic_patterns.md)
- [KCL Quick Reference](../docs/development/kcl/KCL_QUICK_REFERENCE.md)
---
### KMS (Key Management Service)
**Definition**: Encryption key management system supporting multiple backends (RustyVault, Age, AWS, Vault).
**Where Used**:
- Configuration encryption
- Secret management
- Data protection
**Related Concepts**: Security, Encryption, Secrets
**See Also**: [RustyVault KMS Guide](../docs/user/RUSTYVAULT_KMS_GUIDE.md)
---
### Kubernetes
**Definition**: Container orchestration platform available as a taskserv.
**Where Used**:
- Container deployments
- Cluster management
- Production workloads
**Related Concepts**: Taskserv, Cluster, Container
**Commands**:
```bash
provisioning taskserv create kubernetes
provisioning test quick kubernetes
```
---
## L
### Layer
**Definition**: A level in the configuration hierarchy (Core → Workspace → Infrastructure).
**Where Used**:
- Configuration inheritance
- Customization patterns
- Settings override
**Related Concepts**: Config, Workspace, Infrastructure
**See Also**: [Configuration System](../.claude/features/configuration-system.md)
---
## M
### MCP (Model Context Protocol)
**Definition**: AI-powered server providing intelligent configuration assistance.
**Where Used**:
- Configuration validation
- Troubleshooting guidance
- Documentation search
**Related Concepts**: Platform Service, AI, Guidance
**Location**: `provisioning/platform/mcp-server/`
**See Also**: [Platform Services](../docs/architecture/ARCHITECTURE_OVERVIEW.md#platform-services)
---
### MFA (Multi-Factor Authentication)
**Definition**: Additional authentication layer using TOTP or WebAuthn/FIDO2.
**Where Used**:
- Enhanced security
- Compliance requirements
- Production access
**Related Concepts**: Auth, Security, TOTP, WebAuthn
**Commands**:
```bash
provisioning mfa totp enroll
provisioning mfa webauthn enroll
provisioning mfa verify <code>
```
**See Also**: [MFA Implementation Summary](../docs/architecture/MFA_IMPLEMENTATION_SUMMARY.md)
---
### Migration
**Definition**: Process of updating existing infrastructure or moving between system versions.
**Where Used**:
- System upgrades
- Configuration changes
- Infrastructure evolution
**Related Concepts**: Update, Upgrade, Version
**See Also**: [Migration Guide](../docs/migration/MIGRATION_GUIDE.md)
---
### Module
**Definition**: A reusable component (provider, taskserv, cluster) loaded into a workspace.
**Where Used**:
- Extension management
- Workspace customization
- Component distribution
**Related Concepts**: Extension, Workspace, Package
**Commands**:
```bash
provisioning module discover provider
provisioning module load provider <ws> <name>
provisioning module list taskserv
```
**See Also**: [Module System](../.claude/features/cli-architecture.md#module-system)
---
## N
### Nushell
**Definition**: Primary shell and scripting language (v0.107.1) used throughout the platform.
**Where Used**:
- CLI implementation
- Automation scripts
- Business logic
**Related Concepts**: CLI, Script, Automation
**Version**: 0.107.1
**See Also**: [Best Nushell Code](../.claude/best_nushell_code.md)
---
## O
### OCI (Open Container Initiative)
**Definition**: Standard format for packaging and distributing extensions.
**Where Used**:
- Extension distribution
- Package registry
- Version management
**Related Concepts**: Registry, Package, Distribution
**See Also**: [OCI Registry Guide](../docs/user/OCI_REGISTRY_GUIDE.md)
---
### Operation
**Definition**: A single infrastructure action (create server, install taskserv, etc.).
**Where Used**:
- Workflow steps
- Batch processing
- Orchestrator tasks
**Related Concepts**: Workflow, Task, Action
---
### Orchestrator
**Definition**: Hybrid Rust/Nushell service coordinating complex infrastructure operations.
**Where Used**:
- Workflow execution
- Task coordination
- State management
**Related Concepts**: Hybrid Architecture, Workflow, Platform Service
**Location**: `provisioning/platform/orchestrator/`
**Commands**:
```bash
cd provisioning/platform/orchestrator
./scripts/start-orchestrator.nu --background
```
**See Also**: [Orchestrator Architecture](../.claude/features/orchestrator-architecture.md)
---
## P
### PAP (Project Architecture Principles)
**Definition**: Core architectural rules and patterns that must be followed.
**Where Used**:
- Code review
- Architecture decisions
- Design validation
**Related Concepts**: Architecture, ADR, Best Practices
**See Also**: [Architecture Overview](../docs/architecture/ARCHITECTURE_OVERVIEW.md)
---
### Platform Service
**Definition**: A core service providing platform-level functionality (Orchestrator, Control Center, MCP, API Gateway).
**Where Used**:
- System infrastructure
- Core capabilities
- Service integration
**Related Concepts**: Service, Architecture, Infrastructure
**Location**: `provisioning/platform/{service}/`
---
### Plugin
**Definition**: Native Nushell plugin providing performance-optimized operations.
**Where Used**:
- Auth operations (10-50x faster)
- KMS encryption
- Orchestrator queries
**Related Concepts**: Nushell, Performance, Native
**Commands**:
```bash
provisioning plugin list
provisioning plugin install
```
**See Also**: [Nushell Plugins Guide](../docs/user/NUSHELL_PLUGINS_GUIDE.md)
---
### Provider
**Definition**: Cloud platform integration (AWS, UpCloud, local) handling infrastructure provisioning.
**Where Used**:
- Server creation
- Resource management
- Cloud operations
**Related Concepts**: Extension, Infrastructure, Cloud
**Location**: `provisioning/extensions/providers/{name}/`
**Examples**: aws, upcloud, local
**Commands**:
```bash
provisioning module discover provider
provisioning providers list
```
**See Also**: [Quick Provider Guide](../docs/development/QUICK_PROVIDER_GUIDE.md)
---
## Q
### Quick Reference
**Definition**: Condensed command and configuration reference for rapid lookup.
**Where Used**:
- Daily operations
- Quick reminders
- Command syntax
**Related Concepts**: Guide, Documentation, Cheatsheet
**Commands**:
```bash
provisioning sc # Fastest
provisioning guide quickstart
```
**See Also**: [Quickstart Cheatsheet](../docs/guides/quickstart-cheatsheet.md)
---
## R
### RBAC (Role-Based Access Control)
**Definition**: Permission system with 5 roles (admin, operator, developer, viewer, auditor).
**Where Used**:
- User permissions
- Access control
- Security policies
**Related Concepts**: Authorization, Cedar, Security
**Roles**: Admin, Operator, Developer, Viewer, Auditor
---
### Registry
**Definition**: OCI-compliant repository for storing and distributing extensions.
**Where Used**:
- Extension publishing
- Version management
- Package distribution
**Related Concepts**: OCI, Package, Distribution
**See Also**: [OCI Registry Guide](../docs/user/OCI_REGISTRY_GUIDE.md)
---
### REST API
**Definition**: HTTP endpoints exposing platform operations to external systems.
**Where Used**:
- External integration
- Web UI backend
- Programmatic access
**Related Concepts**: API, Integration, HTTP
**Endpoint**: `http://localhost:9090`
**See Also**: [REST API Documentation](../docs/api/rest-api.md)
---
### Rollback
**Definition**: Reverting a failed workflow or operation to previous stable state.
**Where Used**:
- Failure recovery
- Deployment safety
- State restoration
**Related Concepts**: Workflow, Checkpoint, Recovery
**Commands**:
```bash
provisioning batch rollback <workflow-id>
```
---
### RustyVault
**Definition**: Rust-based secrets management backend for KMS.
**Where Used**:
- Key storage
- Secret encryption
- Configuration protection
**Related Concepts**: KMS, Security, Encryption
**See Also**: [RustyVault KMS Guide](../docs/user/RUSTYVAULT_KMS_GUIDE.md)
---
## S
### Schema
**Definition**: KCL type definition specifying structure and validation rules.
**Where Used**:
- Configuration validation
- Type safety
- Documentation
**Related Concepts**: KCL, Validation, Type
**Example**:
```kcl
schema ServerConfig:
hostname: str
cores: int
memory: int
check:
cores > 0, "Cores must be positive"
```
**See Also**: [KCL Idiomatic Patterns](../.claude/kcl_idiomatic_patterns.md)
---
### Secrets Management
**Definition**: System for secure storage and retrieval of sensitive data.
**Where Used**:
- Password storage
- API keys
- Certificates
**Related Concepts**: KMS, Security, Encryption
**See Also**: [Dynamic Secrets Implementation](../docs/DYNAMIC_SECRETS_IMPLEMENTATION.md)
---
### Security System
**Definition**: Comprehensive enterprise-grade security with 12 components (Auth, Cedar, MFA, KMS, Secrets, Compliance, etc.).
**Where Used**:
- User authentication
- Access control
- Data protection
**Related Concepts**: Auth, Authorization, MFA, KMS, Audit
**See Also**: [Security System Implementation](../docs/SECURITY_SYSTEM_IMPLEMENTATION_COMPLETE.md)
---
### Server
**Definition**: Virtual machine or physical host managed by the platform.
**Where Used**:
- Infrastructure provisioning
- Compute resources
- Deployment targets
**Related Concepts**: Infrastructure, Provider, Taskserv
**Commands**:
```bash
provisioning server create
provisioning server list
provisioning server ssh <hostname>
```
**See Also**: [Infrastructure Management](../docs/user/infrastructure-management.md)
---
### Service
**Definition**: A running application or daemon (interchangeable with Taskserv in many contexts).
**Where Used**:
- Service management
- Application deployment
- System administration
**Related Concepts**: Taskserv, Daemon, Application
**See Also**: [Service Management Guide](../docs/user/SERVICE_MANAGEMENT_GUIDE.md)
---
### Shortcut
**Definition**: Abbreviated command alias for faster CLI operations.
**Where Used**:
- Daily operations
- Quick commands
- Productivity enhancement
**Related Concepts**: CLI, Command, Alias
**Examples**:
- `provisioning s create``provisioning server create`
- `provisioning ws list``provisioning workspace list`
- `provisioning sc` → Quick reference
**See Also**: [CLI Architecture](../.claude/features/cli-architecture.md#command-shortcuts-reference)
---
### SOPS (Secrets OPerationS)
**Definition**: Encryption tool for managing secrets in version control.
**Where Used**:
- Configuration encryption
- Secret management
- Secure storage
**Related Concepts**: Encryption, Security, Age
**Version**: 3.10.2
**Commands**:
```bash
provisioning sops edit <file>
```
---
### SSH (Secure Shell)
**Definition**: Encrypted remote access protocol with temporal key support.
**Where Used**:
- Server administration
- Remote commands
- Secure file transfer
**Related Concepts**: Security, Server, Remote Access
**Commands**:
```bash
provisioning server ssh <hostname>
provisioning ssh connect <server>
```
**See Also**: [SSH Temporal Keys User Guide](../docs/user/SSH_TEMPORAL_KEYS_USER_GUIDE.md)
---
### State Management
**Definition**: Tracking and persisting workflow execution state.
**Where Used**:
- Workflow recovery
- Progress tracking
- Failure handling
**Related Concepts**: Workflow, Checkpoint, Orchestrator
---
## T
### Task
**Definition**: A unit of work submitted to the orchestrator for execution.
**Where Used**:
- Workflow execution
- Job processing
- Operation tracking
**Related Concepts**: Operation, Workflow, Orchestrator
---
### Taskserv
**Definition**: An installable infrastructure service (Kubernetes, PostgreSQL, Redis, etc.).
**Where Used**:
- Service installation
- Application deployment
- Infrastructure components
**Related Concepts**: Service, Extension, Package
**Location**: `provisioning/extensions/taskservs/{category}/{name}/`
**Commands**:
```bash
provisioning taskserv create <name>
provisioning taskserv list
provisioning test quick <taskserv>
```
**See Also**: [Taskserv Developer Guide](../docs/development/TASKSERV_DEVELOPER_GUIDE.md)
---
### Template
**Definition**: Parameterized configuration file supporting variable substitution.
**Where Used**:
- Configuration generation
- Infrastructure customization
- Deployment automation
**Related Concepts**: Config, Generation, Customization
**Location**: `provisioning/templates/`
---
### Test Environment
**Definition**: Containerized isolated environment for testing taskservs and clusters.
**Where Used**:
- Development testing
- CI/CD integration
- Pre-deployment validation
**Related Concepts**: Container, Testing, Validation
**Commands**:
```bash
provisioning test quick <taskserv>
provisioning test env single <taskserv>
provisioning test env cluster <cluster>
```
**See Also**: [Test Environment Service](../.claude/features/test-environment-service.md)
---
### Topology
**Definition**: Multi-node cluster configuration template (Kubernetes HA, etcd cluster, etc.).
**Where Used**:
- Cluster testing
- Multi-node deployments
- Production simulation
**Related Concepts**: Test Environment, Cluster, Configuration
**Examples**: kubernetes_3node, etcd_cluster, kubernetes_single
---
### TOTP (Time-based One-Time Password)
**Definition**: MFA method generating time-sensitive codes.
**Where Used**:
- Two-factor authentication
- MFA enrollment
- Security enhancement
**Related Concepts**: MFA, Security, Auth
**Commands**:
```bash
provisioning mfa totp enroll
provisioning mfa totp verify <code>
```
---
### Troubleshooting
**Definition**: System problem diagnosis and resolution guidance.
**Where Used**:
- Problem solving
- Error resolution
- System debugging
**Related Concepts**: Diagnostics, Guide, Support
**See Also**: [Troubleshooting Guide](../docs/user/troubleshooting-guide.md)
---
## U
### UI (User Interface)
**Definition**: Visual interface for platform operations (Control Center, Web UI).
**Where Used**:
- Visual management
- Guided workflows
- Monitoring dashboards
**Related Concepts**: Control Center, Platform Service, GUI
---
### Update
**Definition**: Process of upgrading infrastructure components to newer versions.
**Where Used**:
- Version management
- Security patches
- Feature updates
**Related Concepts**: Version, Migration, Upgrade
**Commands**:
```bash
provisioning version check
provisioning version apply
```
**See Also**: [Update Infrastructure Guide](../docs/migration/guides/update-infrastructure.md)
---
## V
### Validation
**Definition**: Verification that configuration or infrastructure meets requirements.
**Where Used**:
- Configuration checks
- Schema validation
- Pre-deployment verification
**Related Concepts**: Schema, KCL, Check
**Commands**:
```bash
provisioning validate config
provisioning validate infrastructure
```
**See Also**: [Config Validation](../provisioning/docs/CONFIG_VALIDATION.md)
---
### Version
**Definition**: Semantic version identifier for components and compatibility.
**Where Used**:
- Component versioning
- Compatibility checking
- Update management
**Related Concepts**: Update, Dependency, Compatibility
**Commands**:
```bash
provisioning version
provisioning version check
provisioning taskserv check-updates
```
---
## W
### WebAuthn
**Definition**: FIDO2-based passwordless authentication standard.
**Where Used**:
- Hardware key authentication
- Passwordless login
- Enhanced MFA
**Related Concepts**: MFA, Security, FIDO2
**Commands**:
```bash
provisioning mfa webauthn enroll
provisioning mfa webauthn verify
```
---
### Workflow
**Definition**: A sequence of related operations with dependency management and state tracking.
**Where Used**:
- Complex deployments
- Multi-step operations
- Automated processes
**Related Concepts**: Batch Operation, Orchestrator, Task
**Commands**:
```bash
provisioning workflow list
provisioning workflow status <id>
provisioning workflow monitor <id>
```
**See Also**: [Batch Workflow System](../.claude/features/batch-workflow-system.md)
---
### Workspace
**Definition**: An isolated environment containing infrastructure definitions and configuration.
**Where Used**:
- Project isolation
- Environment separation
- Team workspaces
**Related Concepts**: Infrastructure, Config, Environment
**Location**: `workspace/{name}/`
**Commands**:
```bash
provisioning workspace list
provisioning workspace switch <name>
provisioning workspace create <name>
```
**See Also**: [Workspace Switching Guide](../docs/user/WORKSPACE_SWITCHING_GUIDE.md)
---
## X-Z
### YAML
**Definition**: Data serialization format used for Kubernetes manifests and configuration.
**Where Used**:
- Kubernetes deployments
- Configuration files
- Data interchange
**Related Concepts**: Config, Kubernetes, Data Format
---
## Symbol and Acronym Index
| Symbol/Acronym | Full Term | Category |
|----------------|-----------|----------|
| ADR | Architecture Decision Record | Architecture |
| API | Application Programming Interface | Integration |
| CLI | Command-Line Interface | User Interface |
| GDPR | General Data Protection Regulation | Compliance |
| JWT | JSON Web Token | Security |
| KCL | KCL Configuration Language | Configuration |
| KMS | Key Management Service | Security |
| MCP | Model Context Protocol | Platform |
| MFA | Multi-Factor Authentication | Security |
| OCI | Open Container Initiative | Packaging |
| PAP | Project Architecture Principles | Architecture |
| RBAC | Role-Based Access Control | Security |
| REST | Representational State Transfer | API |
| SOC2 | Service Organization Control 2 | Compliance |
| SOPS | Secrets OPerationS | Security |
| SSH | Secure Shell | Remote Access |
| TOTP | Time-based One-Time Password | Security |
| UI | User Interface | User Interface |
---
## Cross-Reference Map
### By Topic Area
**Infrastructure**:
- Infrastructure, Server, Cluster, Provider, Taskserv, Module
**Security**:
- Auth, Authorization, JWT, MFA, TOTP, WebAuthn, Cedar, KMS, Secrets Management, RBAC, Break-Glass
**Configuration**:
- Config, KCL, Schema, Validation, Environment, Layer, Workspace
**Workflow & Operations**:
- Workflow, Batch Operation, Operation, Task, Orchestrator, Checkpoint, Rollback
**Platform Services**:
- Orchestrator, Control Center, MCP, API Gateway, Platform Service
**Documentation**:
- Glossary, Guide, ADR, Cross-Reference, Internal Link, Anchor Link
**Development**:
- Extension, Plugin, Template, Module, Integration
**Testing**:
- Test Environment, Topology, Validation, Health Check
**Compliance**:
- Compliance, GDPR, Audit, Security System
### By User Journey
**New User**:
1. Glossary (this document)
2. Guide
3. Quick Reference
4. Workspace
5. Infrastructure
6. Server
7. Taskserv
**Developer**:
1. Extension
2. Provider
3. Taskserv
4. KCL
5. Schema
6. Template
7. Plugin
**Operations**:
1. Workflow
2. Orchestrator
3. Monitoring
4. Troubleshooting
5. Security
6. Compliance
---
## Terminology Guidelines
### Writing Style
**Consistency**: Use the same term throughout documentation (e.g., "Taskserv" not "task service" or "task-serv")
**Capitalization**:
- Proper nouns and acronyms: CAPITALIZE (KCL, JWT, MFA)
- Generic terms: lowercase (server, cluster, workflow)
- Platform-specific terms: Title Case (Taskserv, Workspace, Orchestrator)
**Pluralization**:
- Taskservs (not taskservices)
- Workspaces (standard plural)
- Topologies (not topologys)
### Avoiding Confusion
| Don't Say | Say Instead | Reason |
|-----------|-------------|--------|
| "Task service" | "Taskserv" | Standard platform term |
| "Configuration file" | "Config" or "Settings" | Context-dependent |
| "Worker" | "Agent" or "Task" | Clarify context |
| "Kubernetes service" | "K8s taskserv" or "K8s Service resource" | Disambiguate |
---
## Contributing to the Glossary
### Adding New Terms
1. Alphabetical placement in appropriate section
2. Include all standard sections:
- Definition
- Where Used
- Related Concepts
- Examples (if applicable)
- Commands (if applicable)
- See Also (links to docs)
3. Cross-reference in related terms
4. Update Symbol and Acronym Index if applicable
5. Update Cross-Reference Map
### Updating Existing Terms
1. Verify changes don't break cross-references
2. Update "Last Updated" date at top
3. Increment version if major changes
4. Review related terms for consistency
---
## Version History
| Version | Date | Changes |
|---------|------|---------|
| 1.0.0 | 2025-10-10 | Initial comprehensive glossary |
---
**Maintained By**: Documentation Team
**Review Cycle**: Quarterly or when major features are added
**Feedback**: Please report missing or unclear terms via issues
Reference in New Issue Copy Permalink