Terms
| Terminology | Definition |
|---|---|
| Kubernetes | It is a container management system that provides fast and automatic deployment of cloud-based applications, as well as orchestration and scaling of containers. Container orchestration means automating the deployment, management, and scaling of containers. (See https://kubernetes.io/) |
| Cluster | We refer to a Kubernetes cluster, which is a unit consisting of a set of master nodes and worker nodes. |
| Container | A package of files (source code, libraries, etc.) needed to run an application independently on top of a virtualized operating system. It is easy to test and deploy because it behaves the same in the container runtime regardless of the underlying infrastructure or operating system. Container runtime: Software that runs and manages container applications. |
| Worker Node | The components that make up a Kubernetes cluster, primarily the servers (VMs, etc.) on which containers for business services are deployed and operated. |
| Node Group | Manages the worker nodes that make up a Kubernetes cluster as a group to provide features such as scaling in and out. The managed Kubernetes service provided by a public cloud service provider offers the Node Group feature. |
| Edge Node | Among the worker nodes that make up a Kubernetes cluster, a dedicated node on which an Ingress Controller is deployed, responsible for the ingress point for business services deployed in the cluster. |
| Management Node | A dedicated node among the worker nodes that make up a Kubernetes cluster, on which the add-on service provided by the Container Management Service is deployed. |
| Monitoring Node | A node among the worker nodes that make up a Kubernetes cluster, dedicated to the monitoring service provided by the Container Management Service. |
| Logging Node | A node among the worker nodes in a Kubernetes cluster, dedicated to the logging service provided by the Container Management Service. |
| Namesapce | A namespace is a logical unit used to partition and manage a Kubernetes cluster based on its purpose. You can create multiple namespaces within a cluster and set limits on resources (CPU, memory) and Kubernetes resources. Namespaces are typically created for different project phases such as development, staging, and production. |
| Role Based Access Control (RBAC) | Role-based access control is a policy that defines the roles of users and processes in the system and enforces access control by applying the defined roles. It is more flexible than mandatory access control, so it is suitable for use to enhance the security of general systems. |
| Dashboard | A user interface feature that allows you to centralize and view a variety of information on a single screen. |
| Control Plane Cluster | The area where the console provided by the Container Management Service and the software for add-on services required for development and operations are located. It monitors the resources of Kubernetes clusters (Data Plane Clusters), where customer business applications such as AWS EKS and Azure AKS are deployed and operated, and manages resources for workloads, including building and deploying containers, as well as managing users and permissions. |
| Data Plane Cluster | The area where workloads for business services are deployed and operated. One or more Data Plane Clusters can be deployed and managed depending on business requirements. In a Data Plane Cluster, metrics for monitoring Kubernetes clusters and workloads, as well as agents for collecting logs, are installed and managed through the console. |
| Elastic Kubernetes Service (EKS) | A managed Kubernetes service provided by AWS. |
| Azure Kubernetes Service (AKS) | A managed Kubernetes service provided by Azure. |
| Hybrid Cloud | A cloud environment that combines public and private clouds for a single application, integrating the security and control of a private cloud with the cost-effectiveness of a public cloud. For businesses, this allows running workloads in a private cloud and switching to the public cloud to utilize additional resources during workload spikes, then returning to the private cloud when demand decreases. |
| Multi-Cloud | A cloud computing environment that uses multiple public cloud services from two or more independent cloud service providers (such as AWS, Azure, GCP, etc.) in conjunction with each other. |
| Continuous Integration (CI) | The practice of continuously integrating changes into the source code. |
| Continuous Delivery/Deployment (CD) | The practice of continuously delivering or deploying services. |
| Platform as a Service (PaaS) | A cloud computing platform that allows users to develop, deploy, and manage software applications. |
| Workload | A collection of resources and code that creates business value, such as an application or back-end process; in this article, it refers to a business service application. |
| Multi-Cluster Management (MCM) | A service module that manages multiple Kubernetes clusters as a component of the Container Management Service. |
| api-server | The front end of the Kubernetes control plane, acting as the endpoint for your Kubernetes cluster. You can create and manage your cluster and Kubernetes resources through the APIs provided by the api-server. |
| Deployment Group | A feature provided by the Container Management Service for GitOps deployment of containerized applications to multiple Data Plane Clusters. |
| Multi-Factor Authentication (MFA) | Authentication that requires at least two factors, such as something the user knows (e.g., a password), something the user has (e.g., a hardware token), or something unique to the user (e.g., biometric information). |
| One-Time Password (OTP) | A password that is valid for only one use or session. |
| APIM Console | The web UI console for managing APIs, configuring settings, and deploying API policies and documentation. |
| Tenant Manager console | The web UI console for setting up projects, users, and user permissions for the API Management Service. |
| System users | Users of the API Management Service who can be members of a project. |
| System user permissions | The permissions granted to system users in the API Management Service; you can assign permissions to both system users and system members. |
| Project | A unit of organization or work that includes project users, gateways, and APIs. |
| Project Users | Users who are added to a project to manage it. |
| Project user permissions | Permissions assigned to users added to a project. You can grant permissions to project administrators and project members. |
| Gateway | The system that functions as the API Gateway, where APIs are deployed, exposed as services, and where API policies are enforced. |
| Gateway URL | The host address of the API Gateway, typically registered in the form of a domain. |
| API | Application Programming Interface, a mechanism that allows frontend services to request and utilize backend services. |
| API URL | The URL used by the frontend service to call the backend service; this is also known as the API endpoint. |
| Backend URL | The host address of the target backend service to which the API is routed through the Gateway. |
| API policies | Functions such as authentication, security, traffic control, and specialized transformations that are applied when an API passes through the Gateway. |
| API documentation | Documentation that describes how to use, define, and specify an API, provided by the API Management Service in a syntax based on Swagger 2.0. |
| API Test | The process of performing request tests using API parameters and methods based on the API documentation specifications, and checking the response results. |
| Deploying the API | The process of deploying an API to the Gateway and exposing it as an external service. |
| Command Line | A command that includes information such as host, port, username, and password required to access the database, and can be used to connect to the database. |
| ConfigMap | A ConfigMap is a Kubernetes API object used to store non-confidential data as key-value pairs. Pods can use ConfigMaps as environment variables, command-line arguments, or configuration files mounted on volumes. |
| Connection String | A string that contains information such as host, port, username, and password required to connect to a database, used for establishing a connection between the system and the database. |
| Credential | The authentication information, such as a password, used to verify the user when accessing the database or integrating with the system. |
| Deployment | In Kubernetes, a Deployment provides declarative updates to Pods and ReplicaSets. You specify the desired state in a Deployment, and the Deployment Controller adjusts the current state to match the desired state, including scaling and rolling updates. You can create a new ReplicaSet with a Deployment or replace an existing Deployment to update all related resources. |
| Event | An action or occurrence resulting from performing functions such as creating or managing databases is called an event. |
| Master-Slave | To ensure availability in case of failure, a database can be organized in a master-slave structure with data replication. The master handles both reads and writes, while the slave is used for read-only operations. |
| Node | The machines that make up a Kubernetes cluster are called nodes. Nodes can be physical or virtual machines and are where containers are actually deployed and run. |
| PersistentVolume | In Kubernetes, a PersistentVolume (PV) is storage in a cluster that is either provisioned by an administrator or dynamically provisioned using a storage class. PVs are cluster resources, similar to nodes, and have a lifecycle independent of the individual pods that use them. This API object contains details about the storage implementation, such as NFS, iSCSI, or cloud provider-specific storage systems. |
| PersistentVolumeClaim | A PersistentVolumeClaim (PVC) is a user's request for storage in Kubernetes. A PVC uses a PersistentVolume (PV) resource and can specify the required size and access mode. |
| Pod | The smallest deployable unit of computing in Kubernetes, consisting of one or more containers. |
| Private Endpoint | A network endpoint that is isolated from the public network, inaccessible from outside, and only accessible to systems on the same subnet. |
| Provisioning Group | A way to efficiently manage nodes by grouping multiple nodes based on the characteristics of the services or projects to be deployed. Services are deployed only to nodes that belong to the selected Provisioning Group during service creation. |
| Public Endpoint | A network endpoint that can be accessed from anywhere with an internet connection. |
| Resource | The physical capacity (CPU, memory, disk, etc.) allocated to create a database instance. |
| Scale Out | Increasing the number of database nodes (usually slaves) as needed. |
| Scale Up | Increasing the resources of the database, such as CPU, memory, or disk, as needed. |
| Service | Refers to database instances, such as Redis, MariaDB, etc., created by CloudZ DB. |
| Statefulset | A workload API object in Kubernetes used to manage stateful applications. It manages the deployment and scaling of a set of pods, ensuring their order and uniqueness. |
| StorageClass | StorageClasses in Kubernetes provide a way to describe different "classes" of storage offered by an administrator. Different classes can correspond to quality-of-service levels, backup policies, or other custom policies set by the cluster administrator. Kubernetes itself does not interpret what these classes represent. In other storage systems, this concept is sometimes called a "profile.” |
| Zone | In AWS, a zone refers to an isolated location within a region, which consists of one or more data centers. These Availability Zones provide higher availability, fault tolerance, and scalability. Example: Seoul’s ap-northeast-2a, ap-northeast-2b, ap-northeast-2c, ap-northeast-2d. |