provisioning/docs/src/development/glossary.md

Provisioning Platform Glossary\n\nLast Updated: 2025-10-10\nVersion: 1.0.0\n\nThis glossary defines key terminology used throughout the Provisioning Platform documentation. Terms are listed alphabetically with definitions, usage\ncontext, and cross-references to related documentation.\n\n---\n\n## A\n\n### ADR (Architecture Decision Record)\n\nDefinition: Documentation of significant architectural decisions, including context, decision, and consequences.\n\nWhere Used:\n\n- Architecture planning and review\n- Technical decision-making process\n- System design documentation\n\nRelated Concepts: Architecture, Design Patterns, Technical Debt\n\nExamples:\n\n- ADR-001: Project Structure\n- ADR-006: CLI Refactoring\n- ADR-009: Complete Security System\n\nSee Also: Architecture Documentation\n\n---\n\n### Agent\n\nDefinition: A specialized component that performs a specific task in the system orchestration (for example, autonomous execution units in the\norchestrator).\n\nWhere Used:\n\n- Task orchestration\n- Workflow management\n- Parallel execution patterns\n\nRelated Concepts: Orchestrator, Workflow, Task\n\nSee Also: Orchestrator Architecture\n\n---\n\n### Anchor Link\n\nDefinition: An internal document link to a specific section within the same or different markdown file using the # symbol.\n\nWhere Used:\n\n- Cross-referencing documentation sections\n- Table of contents generation\n- Navigation within long documents\n\nRelated Concepts: Internal Link, Cross-Reference, Documentation\n\nExamples:\n\n- [See Installation](#installation) - Same document\n- [Configuration Guide](config.md#setup) - Different document\n\n---\n\n### API Gateway\n\nDefinition: Platform service that provides unified REST API access to provisioning operations.\n\nWhere Used:\n\n- External system integration\n- Web Control Center backend\n- MCP server communication\n\nRelated Concepts: REST API, Platform Service, Orchestrator\n\nLocation: provisioning/platform/api-gateway/\n\nSee Also: REST API Documentation\n\n---\n\n### Auth (Authentication)\n\nDefinition: The process of verifying user identity using JWT tokens, MFA, and secure session management.\n\nWhere Used:\n\n- User login flows\n- API access control\n- CLI session management\n\nRelated Concepts: Authorization, JWT, MFA, Security\n\nSee Also:\n\n- Authentication Layer Guide\n- Auth Quick Reference\n\n---\n\n### Authorization\n\nDefinition: The process of determining user permissions using Cedar policy language.\n\nWhere Used:\n\n- Access control decisions\n- Resource permission checks\n- Multi-tenant security\n\nRelated Concepts: Auth, Cedar, Policies, RBAC\n\nSee Also: Cedar Authorization Implementation\n\n---\n\n## B\n\n### Batch Operation\n\nDefinition: A collection of related infrastructure operations executed as a single workflow unit.\n\nWhere Used:\n\n- Multi-server deployments\n- Cluster creation\n- Bulk taskserv installation\n\nRelated Concepts: Workflow, Operation, Orchestrator\n\nCommands:\n\n\nprovisioning batch submit workflow.ncl\nprovisioning batch list\nprovisioning batch status <id>\n\n\nSee Also: Batch Workflow System\n\n---\n\n### Break-Glass\n\nDefinition: Emergency access mechanism requiring multi-party approval for critical operations.\n\nWhere Used:\n\n- Emergency system access\n- Incident response\n- Security override scenarios\n\nRelated Concepts: Security, Compliance, Audit\n\nCommands:\n\n\nprovisioning break-glass request "reason"\nprovisioning break-glass approve <id>\n\n\nSee Also: Break-Glass Training Guide\n\n---\n\n## C\n\n### Cedar\n\nDefinition: Amazon's policy language used for fine-grained authorization decisions.\n\nWhere Used:\n\n- Authorization policies\n- Access control rules\n- Resource permissions\n\nRelated Concepts: Authorization, Policies, Security\n\nSee Also: Cedar Authorization Implementation\n\n---\n\n### Checkpoint\n\nDefinition: A saved state of a workflow allowing resume from point of failure.\n\nWhere Used:\n\n- Workflow recovery\n- Long-running operations\n- Batch processing\n\nRelated Concepts: Workflow, State Management, Recovery\n\nSee Also: Batch Workflow System\n\n---\n\n### CLI (Command-Line Interface)\n\nDefinition: The provisioning command-line tool providing access to all platform operations.\n\nWhere Used:\n\n- Daily operations\n- Script automation\n- CI/CD pipelines\n\nRelated Concepts: Command, Shortcut, Module\n\nLocation: provisioning/core/cli/provisioning\n\nExamples:\n\n\nprovisioning server create\nprovisioning taskserv install kubernetes\nprovisioning workspace switch prod\n\n\nSee Also:\n\n- CLI Reference\n- CLI Reference\n\n---\n\n### Cluster\n\nDefinition: A complete, pre-configured deployment of multiple servers and taskservs working together.\n\nWhere Used:\n\n- Kubernetes deployments\n- Database clusters\n- Complete infrastructure stacks\n\nRelated Concepts: Infrastructure, Server, Taskserv\n\nLocation: provisioning/extensions/clusters/{name}/\n\nCommands:\n\n\nprovisioning cluster create <name>\nprovisioning cluster list\nprovisioning cluster delete <name>\n\n\nSee Also: Infrastructure Management\n\n---\n\n### Compliance\n\nDefinition: System capabilities ensuring adherence to regulatory requirements (GDPR, SOC2, ISO 27001).\n\nWhere Used:\n\n- Audit logging\n- Data retention policies\n- Incident response\n\nRelated Concepts: Audit, Security, GDPR\n\nSee Also: Compliance Implementation Summary\n\n---\n\n### Config (Configuration)\n\nDefinition: System settings stored in TOML files with hierarchical loading and variable interpolation.\n\nWhere Used:\n\n- System initialization\n- User preferences\n- Environment-specific settings\n\nRelated Concepts: Settings, Environment, Workspace\n\nFiles:\n\n- provisioning/config/config.defaults.toml - System defaults\n- workspace/config/local-overrides.toml - User settings\n\nSee Also: Configuration Guide\n\n---\n\n### Control Center\n\nDefinition: Web-based UI for managing provisioning operations built with Ratatui/Crossterm.\n\nWhere Used:\n\n- Visual infrastructure management\n- Real-time monitoring\n- Guided workflows\n\nRelated Concepts: UI, Platform Service, Orchestrator\n\nLocation: provisioning/platform/control-center/\n\nSee Also: Platform Services\n\n---\n\n### CoreDNS\n\nDefinition: DNS server taskserv providing service discovery and DNS management.\n\nWhere Used:\n\n- Kubernetes DNS\n- Service discovery\n- Internal DNS resolution\n\nRelated Concepts: Taskserv, Kubernetes, Networking\n\nSee Also:\n\n- CoreDNS Guide\n- CoreDNS Quick Reference\n\n---\n\n### Cross-Reference\n\nDefinition: Links between related documentation sections or concepts.\n\nWhere Used:\n\n- Documentation navigation\n- Related topic discovery\n- Learning path guidance\n\nRelated Concepts: Documentation, Navigation, See Also\n\nExamples: "See Also" sections at the end of documentation pages\n\n---\n\n## D\n\n### Dependency\n\nDefinition: A requirement that must be satisfied before installing or running a component.\n\nWhere Used:\n\n- Taskserv installation order\n- Version compatibility checks\n- Cluster deployment sequencing\n\nRelated Concepts: Version, Taskserv, Workflow\n\nSchema: provisioning/schemas/dependencies.ncl\n\nSee Also: Nickel Dependency Patterns\n\n---\n\n### Diagnostics\n\nDefinition: System health checking and troubleshooting assistance.\n\nWhere Used:\n\n- System status verification\n- Problem identification\n- Guided troubleshooting\n\nRelated Concepts: Health Check, Monitoring, Troubleshooting\n\nCommands:\n\n\nprovisioning status\nprovisioning diagnostics run\n\n\n---\n\n### Dynamic Secrets\n\nDefinition: Temporary credentials generated on-demand with automatic expiration.\n\nWhere Used:\n\n- AWS STS tokens\n- SSH temporary keys\n- Database credentials\n\nRelated Concepts: Security, KMS, Secrets Management\n\nSee Also:\n\n- Dynamic Secrets Implementation\n- Dynamic Secrets Quick Reference\n\n---\n\n## E\n\n### Environment\n\nDefinition: A deployment context (dev, test, prod) with specific configuration overrides.\n\nWhere Used:\n\n- Configuration loading\n- Resource isolation\n- Deployment targeting\n\nRelated Concepts: Config, Workspace, Infrastructure\n\nConfig Files: config.{dev,test,prod}.toml\n\nUsage:\n\n\nPROVISIONING_ENV=prod provisioning server list\n\n\n---\n\n### Extension\n\nDefinition: A pluggable component adding functionality (provider, taskserv, cluster, or workflow).\n\nWhere Used:\n\n- Custom cloud providers\n- Third-party taskservs\n- Custom deployment patterns\n\nRelated Concepts: Provider, Taskserv, Cluster, Workflow\n\nLocation: provisioning/extensions/{type}/{name}/\n\nSee Also: Extension Development\n\n---\n\n## F\n\n### Feature\n\nDefinition: A major system capability providing key platform functionality.\n\nWhere Used:\n\n- Architecture documentation\n- Feature planning\n- System capabilities\n\nRelated Concepts: ADR, Architecture, System\n\nExamples:\n\n- Batch Workflow System\n- Orchestrator Architecture\n- CLI Architecture\n- Configuration System\n\nSee Also: Architecture Overview\n\n---\n\n## G\n\n### GDPR (General Data Protection Regulation)\n\nDefinition: EU data protection regulation compliance features in the platform.\n\nWhere Used:\n\n- Data export requests\n- Right to erasure\n- Audit compliance\n\nRelated Concepts: Compliance, Audit, Security\n\nCommands:\n\n\nprovisioning compliance gdpr export <user>\nprovisioning compliance gdpr delete <user>\n\n\nSee Also: Compliance Implementation\n\n---\n\n### Glossary\n\nDefinition: This document - a comprehensive terminology reference for the platform.\n\nWhere Used:\n\n- Learning the platform\n- Understanding documentation\n- Resolving terminology questions\n\nRelated Concepts: Documentation, Reference, Cross-Reference\n\n---\n\n### Guide\n\nDefinition: Step-by-step walkthrough documentation for common workflows.\n\nWhere Used:\n\n- Onboarding new users\n- Learning workflows\n- Reference implementation\n\nRelated Concepts: Documentation, Workflow, Tutorial\n\nCommands:\n\n\nprovisioning guide from-scratch\nprovisioning guide update\nprovisioning guide customize\n\n\nSee Also: Guides\n\n---\n\n## H\n\n### Health Check\n\nDefinition: Automated verification that a component is running correctly.\n\nWhere Used:\n\n- Taskserv validation\n- System monitoring\n- Dependency verification\n\nRelated Concepts: Diagnostics, Monitoring, Status\n\nExample:\n\n\nhealth_check = {\n endpoint = "http://localhost:6443/healthz"\n timeout = 30\n interval = 10\n}\n\n\n---\n\n### Hybrid Architecture\n\nDefinition: System design combining Rust orchestrator with Nushell business logic.\n\nWhere Used:\n\n- Core platform architecture\n- Performance optimization\n- Call stack management\n\nRelated Concepts: Orchestrator, Architecture, Design\n\nSee Also:\n\n- Orchestrator Architecture\n- ADR-004: Hybrid Architecture\n\n---\n\n## I\n\n### Infrastructure\n\nDefinition: A named collection of servers, configurations, and deployments managed as a unit.\n\nWhere Used:\n\n- Environment isolation\n- Resource organization\n- Deployment targeting\n\nRelated Concepts: Workspace, Server, Environment\n\nLocation: workspace/infra/{name}/\n\nCommands:\n\n\nprovisioning infra list\nprovisioning generate infra --new <name>\n\n\nSee Also: Infrastructure Management\n\n---\n\n### Integration\n\nDefinition: Connection between platform components or external systems.\n\nWhere Used:\n\n- API integration\n- CI/CD pipelines\n- External tool connectivity\n\nRelated Concepts: API, Extension, Platform\n\nSee Also:\n\n- Integration Patterns\n- Integration Examples\n\n---\n\n### Internal Link\n\nDefinition: A markdown link to another documentation file or section within the platform docs.\n\nWhere Used:\n\n- Cross-referencing documentation\n- Navigation between topics\n- Related content discovery\n\nRelated Concepts: Anchor Link, Cross-Reference, Documentation\n\nExamples:\n\n- [See Configuration](configuration.md)\n- [Architecture Overview](../architecture/README.md)\n\n---\n\n## J\n\n### JWT (JSON Web Token)\n\nDefinition: Token-based authentication mechanism using RS256 signatures.\n\nWhere Used:\n\n- User authentication\n- API authorization\n- Session management\n\nRelated Concepts: Auth, Security, Token\n\nSee Also: JWT Auth Implementation\n\n---\n\n## K\n\n### Nickel (Nickel Configuration Language)\n\nDefinition: Declarative configuration language with type safety and lazy evaluation for infrastructure definitions.\n\nWhere Used:\n\n- Infrastructure schemas\n- Workflow definitions\n- Configuration validation\n\nRelated Concepts: Schema, Configuration, Validation\n\nVersion: 1.15.0+\n\nLocation: provisioning/schemas/*.ncl\n\nSee Also: Nickel Quick Reference\n\n---\n\n### KMS (Key Management Service)\n\nDefinition: Encryption key management system supporting multiple backends (RustyVault, Age, AWS, Vault).\n\nWhere Used:\n\n- Configuration encryption\n- Secret management\n- Data protection\n\nRelated Concepts: Security, Encryption, Secrets\n\nSee Also: RustyVault KMS Guide\n\n---\n\n### Kubernetes\n\nDefinition: Container orchestration platform available as a taskserv.\n\nWhere Used:\n\n- Container deployments\n- Cluster management\n- Production workloads\n\nRelated Concepts: Taskserv, Cluster, Container\n\nCommands:\n\n\nprovisioning taskserv create kubernetes\nprovisioning test quick kubernetes\n\n\n---\n\n## L\n\n### Layer\n\nDefinition: A level in the configuration hierarchy (Core → Workspace → Infrastructure).\n\nWhere Used:\n\n- Configuration inheritance\n- Customization patterns\n- Settings override\n\nRelated Concepts: Config, Workspace, Infrastructure\n\nSee Also: Configuration Guide\n\n---\n\n## M\n\n### MCP (Model Context Protocol)\n\nDefinition: AI-powered server providing intelligent configuration assistance.\n\nWhere Used:\n\n- Configuration validation\n- Troubleshooting guidance\n- Documentation search\n\nRelated Concepts: Platform Service, AI, Guidance\n\nLocation: provisioning/platform/mcp-server/\n\nSee Also: Platform Services\n\n---\n\n### MFA (Multi-Factor Authentication)\n\nDefinition: Additional authentication layer using TOTP or WebAuthn/FIDO2.\n\nWhere Used:\n\n- Enhanced security\n- Compliance requirements\n- Production access\n\nRelated Concepts: Auth, Security, TOTP, WebAuthn\n\nCommands:\n\n\nprovisioning mfa totp enroll\nprovisioning mfa webauthn enroll\nprovisioning mfa verify <code>\n\n\nSee Also: MFA Implementation Summary\n\n---\n\n### Migration\n\nDefinition: Process of updating existing infrastructure or moving between system versions.\n\nWhere Used:\n\n- System upgrades\n- Configuration changes\n- Infrastructure evolution\n\nRelated Concepts: Update, Upgrade, Version\n\nSee Also: Migration Guide\n\n---\n\n### Module\n\nDefinition: A reusable component (provider, taskserv, cluster) loaded into a workspace.\n\nWhere Used:\n\n- Extension management\n- Workspace customization\n- Component distribution\n\nRelated Concepts: Extension, Workspace, Package\n\nCommands:\n\n\nprovisioning module discover provider\nprovisioning module load provider <ws> <name>\nprovisioning module list taskserv\n\n\nSee Also: Module System\n\n---\n\n## N\n\n### Nushell\n\nDefinition: Primary shell and scripting language (v0.107.1) used throughout the platform.\n\nWhere Used:\n\n- CLI implementation\n- Automation scripts\n- Business logic\n\nRelated Concepts: CLI, Script, Automation\n\nVersion: 0.107.1\n\nSee Also: Nushell Guidelines\n\n---\n\n## O\n\n### OCI (Open Container Initiative)\n\nDefinition: Standard format for packaging and distributing extensions.\n\nWhere Used:\n\n- Extension distribution\n- Package registry\n- Version management\n\nRelated Concepts: Registry, Package, Distribution\n\nSee Also: OCI Registry Guide\n\n---\n\n### Operation\n\nDefinition: A single infrastructure action (create server, install taskserv, etc.).\n\nWhere Used:\n\n- Workflow steps\n- Batch processing\n- Orchestrator tasks\n\nRelated Concepts: Workflow, Task, Action\n\n---\n\n### Orchestrator\n\nDefinition: Hybrid Rust/Nushell service coordinating complex infrastructure operations.\n\nWhere Used:\n\n- Workflow execution\n- Task coordination\n- State management\n\nRelated Concepts: Hybrid Architecture, Workflow, Platform Service\n\nLocation: provisioning/platform/orchestrator/\n\nCommands:\n\n\ncd provisioning/platform/orchestrator\n./scripts/start-orchestrator.nu --background\n\n\nSee Also: Orchestrator Architecture\n\n---\n\n## P\n\n### PAP (Project Architecture Principles)\n\nDefinition: Core architectural rules and patterns that must be followed.\n\nWhere Used:\n\n- Code review\n- Architecture decisions\n- Design validation\n\nRelated Concepts: Architecture, ADR, Best Practices\n\nSee Also: Architecture Overview\n\n---\n\n### Platform Service\n\nDefinition: A core service providing platform-level functionality (Orchestrator, Control Center, MCP, API Gateway).\n\nWhere Used:\n\n- System infrastructure\n- Core capabilities\n- Service integration\n\nRelated Concepts: Service, Architecture, Infrastructure\n\nLocation: provisioning/platform/{service}/\n\n---\n\n### Plugin\n\nDefinition: Native Nushell plugin providing performance-optimized operations.\n\nWhere Used:\n\n- Auth operations (10-50x faster)\n- KMS encryption\n- Orchestrator queries\n\nRelated Concepts: Nushell, Performance, Native\n\nCommands:\n\n\nprovisioning plugin list\nprovisioning plugin install\n\n\nSee Also: Nushell Plugins Guide\n\n---\n\n### Provider\n\nDefinition: Cloud platform integration (AWS, UpCloud, local) handling infrastructure provisioning.\n\nWhere Used:\n\n- Server creation\n- Resource management\n- Cloud operations\n\nRelated Concepts: Extension, Infrastructure, Cloud\n\nLocation: provisioning/extensions/providers/{name}/\n\nExamples: aws, upcloud, local\n\nCommands:\n\n\nprovisioning module discover provider\nprovisioning providers list\n\n\nSee Also: Quick Provider Guide\n\n---\n\n## Q\n\n### Quick Reference\n\nDefinition: Condensed command and configuration reference for rapid lookup.\n\nWhere Used:\n\n- Daily operations\n- Quick reminders\n- Command syntax\n\nRelated Concepts: Guide, Documentation, Cheatsheet\n\nCommands:\n\n\nprovisioning sc # Fastest\nprovisioning guide quickstart\n\n\nSee Also: Quickstart Cheatsheet\n\n---\n\n## R\n\n### RBAC (Role-Based Access Control)\n\nDefinition: Permission system with 5 roles (admin, operator, developer, viewer, auditor).\n\nWhere Used:\n\n- User permissions\n- Access control\n- Security policies\n\nRelated Concepts: Authorization, Cedar, Security\n\nRoles: Admin, Operator, Developer, Viewer, Auditor\n\n---\n\n### Registry\n\nDefinition: OCI-compliant repository for storing and distributing extensions.\n\nWhere Used:\n\n- Extension publishing\n- Version management\n- Package distribution\n\nRelated Concepts: OCI, Package, Distribution\n\nSee Also: OCI Registry Guide\n\n---\n\n### REST API\n\nDefinition: HTTP endpoints exposing platform operations to external systems.\n\nWhere Used:\n\n- External integration\n- Web UI backend\n- Programmatic access\n\nRelated Concepts: API, Integration, HTTP\n\nEndpoint: http://localhost:9090\n\nSee Also: REST API Documentation\n\n---\n\n### Rollback\n\nDefinition: Reverting a failed workflow or operation to previous stable state.\n\nWhere Used:\n\n- Failure recovery\n- Deployment safety\n- State restoration\n\nRelated Concepts: Workflow, Checkpoint, Recovery\n\nCommands:\n\n\nprovisioning batch rollback <workflow-id>\n\n\n---\n\n### RustyVault\n\nDefinition: Rust-based secrets management backend for KMS.\n\nWhere Used:\n\n- Key storage\n- Secret encryption\n- Configuration protection\n\nRelated Concepts: KMS, Security, Encryption\n\nSee Also: RustyVault KMS Guide\n\n---\n\n## S\n\n### Schema\n\nDefinition: Nickel type definition specifying structure and validation rules.\n\nWhere Used:\n\n- Configuration validation\n- Type safety\n- Documentation\n\nRelated Concepts: Nickel, Validation, Type\n\nExample:\n\n\nlet ServerConfig = {\n hostname | string,\n cores | number,\n memory | number,\n} in\nServerConfig\n\n\nSee Also: Nickel Development\n\n---\n\n### Secrets Management\n\nDefinition: System for secure storage and retrieval of sensitive data.\n\nWhere Used:\n\n- Password storage\n- API keys\n- Certificates\n\nRelated Concepts: KMS, Security, Encryption\n\nSee Also: Dynamic Secrets Implementation\n\n---\n\n### Security System\n\nDefinition: Comprehensive enterprise-grade security with 12 components (Auth, Cedar, MFA, KMS, Secrets, Compliance, etc.).\n\nWhere Used:\n\n- User authentication\n- Access control\n- Data protection\n\nRelated Concepts: Auth, Authorization, MFA, KMS, Audit\n\nSee Also: Security System Implementation\n\n---\n\n### Server\n\nDefinition: Virtual machine or physical host managed by the platform.\n\nWhere Used:\n\n- Infrastructure provisioning\n- Compute resources\n- Deployment targets\n\nRelated Concepts: Infrastructure, Provider, Taskserv\n\nCommands:\n\n\nprovisioning server create\nprovisioning server list\nprovisioning server ssh <hostname>\n\n\nSee Also: Infrastructure Management\n\n---\n\n### Service\n\nDefinition: A running application or daemon (interchangeable with Taskserv in many contexts).\n\nWhere Used:\n\n- Service management\n- Application deployment\n- System administration\n\nRelated Concepts: Taskserv, Daemon, Application\n\nSee Also: Service Management Guide\n\n---\n\n### Shortcut\n\nDefinition: Abbreviated command alias for faster CLI operations.\n\nWhere Used:\n\n- Daily operations\n- Quick commands\n- Productivity enhancement\n\nRelated Concepts: CLI, Command, Alias\n\nExamples:\n\n- provisioning s create → provisioning server create\n- provisioning ws list → provisioning workspace list\n- provisioning sc → Quick reference\n\nSee Also: CLI Reference\n\n---\n\n### SOPS (Secrets OPerationS)\n\nDefinition: Encryption tool for managing secrets in version control.\n\nWhere Used:\n\n- Configuration encryption\n- Secret management\n- Secure storage\n\nRelated Concepts: Encryption, Security, Age\n\nVersion: 3.10.2\n\nCommands:\n\n\nprovisioning sops edit <file>\n\n\n---\n\n### SSH (Secure Shell)\n\nDefinition: Encrypted remote access protocol with temporal key support.\n\nWhere Used:\n\n- Server administration\n- Remote commands\n- Secure file transfer\n\nRelated Concepts: Security, Server, Remote Access\n\nCommands:\n\n\nprovisioning server ssh <hostname>\nprovisioning ssh connect <server>\n\n\nSee Also: SSH Temporal Keys User Guide\n\n---\n\n### State Management\n\nDefinition: Tracking and persisting workflow execution state.\n\nWhere Used:\n\n- Workflow recovery\n- Progress tracking\n- Failure handling\n\nRelated Concepts: Workflow, Checkpoint, Orchestrator\n\n---\n\n## T\n\n### Task\n\nDefinition: A unit of work submitted to the orchestrator for execution.\n\nWhere Used:\n\n- Workflow execution\n- Job processing\n- Operation tracking\n\nRelated Concepts: Operation, Workflow, Orchestrator\n\n---\n\n### Taskserv\n\nDefinition: An installable infrastructure service (Kubernetes, PostgreSQL, Redis, etc.).\n\nWhere Used:\n\n- Service installation\n- Application deployment\n- Infrastructure components\n\nRelated Concepts: Service, Extension, Package\n\nLocation: provisioning/extensions/taskservs/{category}/{name}/\n\nCommands:\n\n\nprovisioning taskserv create <name>\nprovisioning taskserv list\nprovisioning test quick <taskserv>\n\n\nSee Also: Taskserv Developer Guide\n\n---\n\n### Template\n\nDefinition: Parameterized configuration file supporting variable substitution.\n\nWhere Used:\n\n- Configuration generation\n- Infrastructure customization\n- Deployment automation\n\nRelated Concepts: Config, Generation, Customization\n\nLocation: provisioning/templates/\n\n---\n\n### Test Environment\n\nDefinition: Containerized isolated environment for testing taskservs and clusters.\n\nWhere Used:\n\n- Development testing\n- CI/CD integration\n- Pre-deployment validation\n\nRelated Concepts: Container, Testing, Validation\n\nCommands:\n\n\nprovisioning test quick <taskserv>\nprovisioning test env single <taskserv>\nprovisioning test env cluster <cluster>\n\n\nSee Also: Test Environment Guide\n\n---\n\n### Topology\n\nDefinition: Multi-node cluster configuration template (Kubernetes HA, etcd cluster, etc.).\n\nWhere Used:\n\n- Cluster testing\n- Multi-node deployments\n- Production simulation\n\nRelated Concepts: Test Environment, Cluster, Configuration\n\nExamples: kubernetes_3node, etcd_cluster, kubernetes_single\n\n---\n\n### TOTP (Time-based One-Time Password)\n\nDefinition: MFA method generating time-sensitive codes.\n\nWhere Used:\n\n- Two-factor authentication\n- MFA enrollment\n- Security enhancement\n\nRelated Concepts: MFA, Security, Auth\n\nCommands:\n\n\nprovisioning mfa totp enroll\nprovisioning mfa totp verify <code>\n\n\n---\n\n### Troubleshooting\n\nDefinition: System problem diagnosis and resolution guidance.\n\nWhere Used:\n\n- Problem solving\n- Error resolution\n- System debugging\n\nRelated Concepts: Diagnostics, Guide, Support\n\nSee Also: Troubleshooting Guide\n\n---\n\n## U\n\n### UI (User Interface)\n\nDefinition: Visual interface for platform operations (Control Center, Web UI).\n\nWhere Used:\n\n- Visual management\n- Guided workflows\n- Monitoring dashboards\n\nRelated Concepts: Control Center, Platform Service, GUI\n\n---\n\n### Update\n\nDefinition: Process of upgrading infrastructure components to newer versions.\n\nWhere Used:\n\n- Version management\n- Security patches\n- Feature updates\n\nRelated Concepts: Version, Migration, Upgrade\n\nCommands:\n\n\nprovisioning version check\nprovisioning version apply\n\n\nSee Also: Update Infrastructure Guide\n\n---\n\n## V\n\n### Validation\n\nDefinition: Verification that configuration or infrastructure meets requirements.\n\nWhere Used:\n\n- Configuration checks\n- Schema validation\n- Pre-deployment verification\n\nRelated Concepts: Schema, Nickel, Check\n\nCommands:\n\n\nprovisioning validate config\nprovisioning validate infrastructure\n\n\nSee Also: Config Validation\n\n---\n\n### Version\n\nDefinition: Semantic version identifier for components and compatibility.\n\nWhere Used:\n\n- Component versioning\n- Compatibility checking\n- Update management\n\nRelated Concepts: Update, Dependency, Compatibility\n\nCommands:\n\n\nprovisioning version\nprovisioning version check\nprovisioning taskserv check-updates\n\n\n---\n\n## W\n\n### WebAuthn\n\nDefinition: FIDO2-based passwordless authentication standard.\n\nWhere Used:\n\n- Hardware key authentication\n- Passwordless login\n- Enhanced MFA\n\nRelated Concepts: MFA, Security, FIDO2\n\nCommands:\n\n\nprovisioning mfa webauthn enroll\nprovisioning mfa webauthn verify\n\n\n---\n\n### Workflow\n\nDefinition: A sequence of related operations with dependency management and state tracking.\n\nWhere Used:\n\n- Complex deployments\n- Multi-step operations\n- Automated processes\n\nRelated Concepts: Batch Operation, Orchestrator, Task\n\nCommands:\n\n\nprovisioning workflow list\nprovisioning workflow status <id>\nprovisioning workflow monitor <id>\n\n\nSee Also: Batch Workflow System\n\n---\n\n### Workspace\n\nDefinition: An isolated environment containing infrastructure definitions and configuration.\n\nWhere Used:\n\n- Project isolation\n- Environment separation\n- Team workspaces\n\nRelated Concepts: Infrastructure, Config, Environment\n\nLocation: workspace/{name}/\n\nCommands:\n\n\nprovisioning workspace list\nprovisioning workspace switch <name>\nprovisioning workspace create <name>\n\n\nSee Also: Workspace Switching Guide\n\n---\n\n## X-Z\n\n### YAML\n\nDefinition: Data serialization format used for Kubernetes manifests and configuration.\n\nWhere Used:\n\n- Kubernetes deployments\n- Configuration files\n- Data interchange\n\nRelated Concepts: Config, Kubernetes, Data Format\n\n---\n\n## Symbol and Acronym Index\n\n| Symbol/Acronym | Full Term | Category |\n| ---------------- | ----------- | ---------- |\n| ADR | Architecture Decision Record | Architecture |\n| API | Application Programming Interface | Integration |\n| CLI | Command-Line Interface | User Interface |\n| GDPR | General Data Protection Regulation | Compliance |\n| JWT | JSON Web Token | Security |\n| Nickel | Nickel Configuration Language | Configuration |\n| KMS | Key Management Service | Security |\n| MCP | Model Context Protocol | Platform |\n| MFA | Multi-Factor Authentication | Security |\n| OCI | Open Container Initiative | Packaging |\n| PAP | Project Architecture Principles | Architecture |\n| RBAC | Role-Based Access Control | Security |\n| REST | Representational State Transfer | API |\n| SOC2 | Service Organization Control 2 | Compliance |\n| SOPS | Secrets OPerationS | Security |\n| SSH | Secure Shell | Remote Access |\n| TOTP | Time-based One-Time Password | Security |\n| UI | User Interface | User Interface |\n\n---\n\n## Cross-Reference Map\n\n### By Topic Area\n\nInfrastructure:\n\n- Infrastructure, Server, Cluster, Provider, Taskserv, Module\n\nSecurity:\n\n- Auth, Authorization, JWT, MFA, TOTP, WebAuthn, Cedar, KMS, Secrets Management, RBAC, Break-Glass\n\nConfiguration:\n\n- Config, Nickel, Schema, Validation, Environment, Layer, Workspace\n\nWorkflow & Operations:\n\n- Workflow, Batch Operation, Operation, Task, Orchestrator, Checkpoint, Rollback\n\nPlatform Services:\n\n- Orchestrator, Control Center, MCP, API Gateway, Platform Service\n\nDocumentation:\n\n- Glossary, Guide, ADR, Cross-Reference, Internal Link, Anchor Link\n\nDevelopment:\n\n- Extension, Plugin, Template, Module, Integration\n\nTesting:\n\n- Test Environment, Topology, Validation, Health Check\n\nCompliance:\n\n- Compliance, GDPR, Audit, Security System\n\n### By User Journey\n\nNew User:\n\n1. Glossary (this document)\n2. Guide\n3. Quick Reference\n4. Workspace\n5. Infrastructure\n6. Server\n7. Taskserv\n\nDeveloper:\n\n1. Extension\n2. Provider\n3. Taskserv\n4. Nickel\n5. Schema\n6. Template\n7. Plugin\n\nOperations:\n\n1. Workflow\n2. Orchestrator\n3. Monitoring\n4. Troubleshooting\n5. Security\n6. Compliance\n\n---\n\n## Terminology Guidelines\n\n### Writing Style\n\nConsistency: Use the same term throughout documentation (for example, "Taskserv" not "task service" or "task-serv")\n\nCapitalization:\n\n- Proper nouns and acronyms: CAPITALIZE (Nickel, JWT, MFA)\n- Generic terms: lowercase (server, cluster, workflow)\n- Platform-specific terms: Title Case (Taskserv, Workspace, Orchestrator)\n\nPluralization:\n\n- Taskservs (not taskservices)\n- Workspaces (standard plural)\n- Topologies (not topologys)\n\n### Avoiding Confusion\n\n| Don't Say | Say Instead | Reason |\n| ----------- | ------------- | -------- |\n| "Task service" | "Taskserv" | Standard platform term |\n| "Configuration file" | "Config" or "Settings" | Context-dependent |\n| "Worker" | "Agent" or "Task" | Clarify context |\n| "Kubernetes service" | "K8s taskserv" or "K8s Service resource" | Disambiguate |\n\n---\n\n## Contributing to the Glossary\n\n### Adding New Terms\n\n1. Alphabetical placement in appropriate section\n2. Include all standard sections:\n - Definition\n - Where Used\n - Related Concepts\n - Examples (if applicable)\n - Commands (if applicable)\n - See Also (links to docs)\n\n3. Cross-reference in related terms\n4. Update Symbol and Acronym Index if applicable\n5. Update Cross-Reference Map\n\n### Updating Existing Terms\n\n1. Verify changes don't break cross-references\n2. Update "Last Updated" date at top\n3. Increment version if major changes\n4. Review related terms for consistency\n\n---\n\n## Version History\n\n| Version | Date | Changes |\n| --------- | ------ | --------- |\n| 1.0.0 | 2025-10-10 | Initial comprehensive glossary |\n\n---\n\nMaintained By: Documentation Team\nReview Cycle: Quarterly or when major features are added\nFeedback: Please report missing or unclear terms via issues