diff --git a/doc/arch-design/ch_glossary.xml b/doc/arch-design/ch_glossary.xml
deleted file mode 100644
index 46622576a2..0000000000
--- a/doc/arch-design/ch_glossary.xml
+++ /dev/null
@@ -1,456 +0,0 @@
-
-
- Glossary
-
-
-
-
- Anycast - A network routing methodology that routes
- traffic from a single sender to the nearest node, in a
- pool of nodes.
-
-
- Broadcast Domain - The layer 2 segment shared by a
- group of network connected nodes.
-
-
- Capital Expenditure (CapEx) - A capital expense,
- capital expenditure, CapEx is an initial cost for
- building a product, business, or system.
-
-
- CDN - Content delivery network - a specialized
- network that is used to distribute content to clients,
- typically located close to the client for increased
- performance.
-
-
- CI/CD - Continuous Integration / Continuous
- Deployment, a methodology where software is
- continually built and unit tests run for each change
- that is merged, or proposed for merge. Continuous
- Deployment is a software development methodology where
- changes are deployed into production as they are
- merged into source control, rather than being
- collected into a release and deployed at regular
- intervals
-
-
- Cloud Broker - A cloud broker is a third-party
- individual or business that acts as an intermediary
- between the purchaser of a cloud computing service and
- the sellers of that service. In general, a broker is
- someone who acts as an intermediary between two or
- more parties during negotiations.
-
-
- Cloud Consumer - User that consumes cloud instances,
- storage, or other resources in a cloud environment.
- This user interacts with OpenStack or other cloud
- management tools.
-
-
- Cloud Management Platform (CMP) - Products that
- provide a common interface to manage multiple cloud
- environments or platforms.
-
-
- Connection Broker - In desktop virtualization, a
- connection broker is a software program that allows
- the end-user to connect to an available
- desktop.
-
-
- Direct Attached Storage (DAS) - Data storage that is
- directly connected to a machine.
-
-
- Direct Server Return - A technique in load balancing
- where an initial request is routed through a load
- balancer, and the reply is sent from the responding
- node directly to the requester.
-
-
- Denial of Service (DoS) - In computing, a
- denial-of-service or distributed denial-of-service
- attack is an attempt to make a machine or network
- resource unavailable to its intended users.
-
-
- Distributed Replicated Block Device (DRBD) - The
- Distributed Replicated Block Device (DRBD) is a
- distributed replicated storage system for the Linux
- platform.
-
-
- Differentiated Service Code Point (DSCP) - Defined
- in RFC 2474, this field in IPv4 and IPv6 headers is
- used to define classes of network traffic, for quality
- of service purposes.
-
-
- External Border Gateway Protocol (eBGP) - External
- Border Gateway Protocol describes a specific
- implementation of BGP designed for inter-autonomous
- system communication
-
-
- Elastic IP - An Amazon Web Services concept, which
- is an IP address that can be dynamically allocated and
- reassigned to running instances on the fly. The
- OpenStack equivalent is a Floating IP.
-
-
- External Cloud - A cloud environment that exists
- outside of the control of an organization. Referred to
- for hybrid cloud to indicate a public cloud or an
- off-site hosted cloud.
-
-
- Federated Cloud - A federated cloud describes a
- multiple sets of cloud resources, for example compute
- or storage, that are managed by a centralized
- endpoint.
-
-
- Flow - A series of packets that are stateful in
- nature and represent a session. Usually represented by
- a TCP stream, but can also indicate other packet types
- that when combined comprise a connection between two
- points.
-
-
- Golden Image - An operating system image that
- contains a set of pre-installed software packages and
- configurations. This may be used to build standardized
- instances that have the same base set of configuration
- to improve mean time to functional application
-
-
- Graphics Processing Unit (GPU) - A single chip
- processor with integrated transform, lighting,
- triangle setup/clipping, and rendering engines that is
- capable of processing a minimum of 10 million polygons
- per second. Traditional uses are any compute problem
- that can be represented as a vector or matrix
- operation.
-
-
- Hadoop Distributed File System (HDFS) - A
- distributed file-system that stores data on commodity
- machines, providing very high aggregate bandwidth
- across the cluster.
-
-
- High Performance Computing (HPC) - Also known as
- distributed computing - used for computation intensive
- processes run on a large number of instances
-
-
- Hierarchical Storage Management (HSM) - Hierarchical
- storage management is a data storage technique, which
- automatically moves data between high-cost and
- low-cost storage media
-
-
- Hot Standby Router Protocol (HSRP) - Hot Standby
- Router Protocol is a Cisco proprietary redundancy
- protocol for establishing a fault-tolerant default
- gateway, and has been described in detail in RFC
- 2281.
-
-
- Interior Border Gateway Protocol (iBGP) - Interior
- Border Gateway Protocol is an interior gateway
- protocol designed to exchange routing and reachability
- information within autonomous systems.
-
-
- Interior Gateway Protocol (IGP) - An Interior
- Gateway Protocol is a type of protocol used for
- exchanging routing information between gateways
- (commonly routers) within an Autonomous System (for
- example, a system of corporate local area networks).
- This routing information can then be used to route
- network-level protocols like IP.
-
-
- jClouds - An open source multi-cloud toolkit for the
- Java platform that gives you the freedom to create
- applications that are portable across clouds while
- giving you full control to use cloud-specific
- features.
-
-
- Jitter - Is the deviation from true periodicity of a
- presumed periodic signal in electronics and
- telecommunications, often in relation to a reference
- clock source.
-
-
- Jumbo Frame - Ethernet frames with more than 1500
- bytes of payload.
-
-
- LAG - Link aggregation group is a term to describe
- various methods of combining (aggregating) multiple
- network connections in parallel into a group to
- increase throughput beyond what a single connection
- could sustain, and to provide redundancy in case one
- of the links fail.
-
-
- Legacy System - An old method, technology, computer
- system, or application program that is considered
- outdated.
-
-
- Looking Glass - A tool that provides information on
- backbone routing and network efficiency.
-
-
- Microsoft Azure - A cloud computing platform and
- infrastructure, created by Microsoft, for building,
- deploying and managing applications and services
- through a global network of Microsoft-managed
- datacenters.
-
-
- MongoDB - A cross-platform document-oriented
- database. Classified as a NoSQL database, MongoDB
- eschews the traditional table-based relational
- database structure in favor of JSON-like documents
- with dynamic schemas.
-
-
- Mean Time Before Failures (MTBF) - Mean time before
- failures is the predicted elapsed time before inherent
- failures of a system during operation. MTBF can be
- calculated as the arithmetic mean (average) time
- between failures of a system.
-
-
- Maximum Transmission Unit (MTU) - The maximum
- transmission unit of a communications protocol of a
- layer is the size (in bytes) of the largest protocol
- data unit that the layer can pass onwards.
-
-
- NAT64 - NAT64 is a mechanism to allow IPv6 hosts to
- communicate with IPv4 servers. The NAT64 server is the
- endpoint for at least one IPv4 address and an IPv6
- network segment of 32-bits.
-
-
- Network Functions Virtualization (NFV) - Network
- Functions Virtualization is a network architecture
- concept that proposes using IT virtualization related
- technologies, to virtualize entire classes of network
- node functions into building blocks that may be
- connected, or chained, together to create
- communication services.
-
-
- NoSQL - A NoSQL or Not Only SQL database provides a
- mechanism for storage and retrieval of data that is
- modeled in means other than the tabular relations used
- in relational databases.
-
-
- Operational Expenditure (OPEX) - An operating
- expense, operating expenditure, operational expense,
- operational expenditure or OPEX is an ongoing cost for
- running a product, business, or system.
-
-
- Original Design Manufacturers (ODM) - Original
- Design Manufacturers, a company which designs and
- manufactures a product which is specified and
- eventually branded by another firm for sale.
-
-
- Overlay Network - An overlay network is a computer
- network which is built on the top of another network.
- Nodes in the overlay can be thought of as being
- connected by virtual or logical links, each of which
- corresponds to a path, perhaps through many physical
- links, in the underlying network.
-
-
- Packet Storm - A cause of degraded service or
- failure that occurs when a network system is
- overwhelmed by continuous multicast or broadcast
- traffic.
-
-
- Power Usage Effectiveness (PUE) - Power usage
- effectiveness is a measure of how efficiently a
- computer data center uses energy; specifically, how
- much energy is used by the computing equipment (in
- contrast to cooling and other overhead).
-
-
- Quality of Service (QoS) - Quality of Service is the
- overall performance of a telephony or computer
- network, particularly the performance seen by the
- users of the network.
-
-
- Remote Desktop Host - A server that hosts Remote
- Applications as session-based desktops. Users can
- access a Remote Desktop Host server by using the
- Remote Desktop Connection client.
-
-
- Renumbering - Network renumbering, the exercise of
- renumbering a network consists of changing the IP host
- addresses, and perhaps the network mask, of each
- device within the network that has an address
- associated with it.
-
-
- Rollback - In database technologies, a rollback is
- an operation which returns the database to some
- previous state. Rollbacks are important for database
- integrity, because they mean that the database can be
- restored to a clean copy even after erroneous
- operations are performed.
-
-
- Remote Procedure Call (RPC) - A powerful technique
- for constructing distributed, client-server based
- applications. The communicating processes may be on
- the same system, or they may be on different systems
- with a network connecting them.
-
-
- Recovery Point Objective (RPO) - A recovery point
- objective is defined by business continuity planning.
- It is the maximum tolerable period in which data might
- be lost from an IT service due to a major incident.
- The RPO gives systems designers a limit to work
- to.
-
-
- Recovery Time Objective (RTO) - The recovery time
- objective is the duration of time and a service level
- within which a business process must be restored after
- a disaster (or disruption) in order to avoid
- unacceptable consequences associated with a break in
- business continuity.
-
-
- Software Development Kit (SDK) - A software
- development kit is typically a set of software
- development tools that allows for the creation of
- applications for a certain software package, software
- framework, hardware platform, computer system, video
- game console, operating system, or similar development
- platform.
-
-
- Service Level Agreement (SLA) - A service-level
- agreement is a part of a service
- contract[disambiguation needed] where a service is
- formally defined. In practice, the term SLA is
- sometimes used to refer to the contracted delivery
- time (of the service or performance).
-
-
- Software Development Lifecycle (SDLC) - Software
- development life cycle - A software development
- process, also known as a software development
- life-cycle (SDLC), is a structure imposed on the
- development of a software product.
-
-
- Top of Rack Switch (ToR Switch) - A Top of the Rack
- or (TOR) switch is a small port count switch that sits
- on the very top or near the top of a Telco rack you
- see in Datacenters.
-
-
- Traffic Shaping - Traffic shaping (also known as
- "packet shaping") is a computer network traffic
- management technique which delays some or all
- datagrams to bring them into compliance with a desired
- traffic profile. Traffic shaping is a form of rate
- limiting.
-
-
- Tunneling - Computer networks use a tunneling
- protocol when one network protocol (the delivery
- protocol) encapsulates a different payload protocol.
- By using tunneling one can (for example) carry a
- payload over an incompatible delivery-network, or
- provide a secure path through an untrusted
- network.
-
-
- Virtual Desktop Infrastructure (VDI) - Virtual
- Desktop Infrastructure is a desktop-centric service
- that hosts user desktop environments on remote
- servers, which are accessed over a network using a
- remote display protocol. A connection brokering
- service is used to connect users to their assigned
- desktop sessions.
-
-
- Virtual Local Area Networks (VLAN) - In computer
- networking, a single layer-2 network may be
- partitioned to create multiple distinct broadcast
- domains, which are mutually isolated so that packets
- can only pass between them via one or more routers;
- such a domain is referred to as a virtual local area
- network, virtual LAN or VLAN.
-
-
- Voice over Internet Protocol (VoIP) -
- Voice-over-Internet Protocol (VoIP) is a methodology
- and group of technologies for the delivery of voice
- communications and multimedia sessions over Internet
- Protocol (IP) networks, such as the Internet.
-
-
- Virtual Router Redundancy Protocol (VRRP) - The
- Virtual Router Redundancy Protocol (VRRP) is a
- computer networking protocol that provides for
- automatic assignment of available Internet Protocol
- (IP) routers to participating hosts. This increases
- the availability and reliability of routing paths via
- automatic default gateway selections on an IP
- sub-network.
-
-
- VXLAN Tunnel Endpoint (VTEP) - VXLAN Tunnel Endpoint
- - Used for frame encapsulation. VTEP functionality can
- be implemented in software such as a virtual switch or
- in the form a physical switch.
-
-
- Virtual Extensible Local Area Network (VXLAN) -
- Virtual Extensible LAN is a network virtualization
- technology that attempts to ameliorate the scalability
- problems associated with large cloud computing
- deployments. It uses a VLAN-like encapsulation
- technique to encapsulate MAC-based OSI layer 2
- Ethernet frames within layer 3 UDP packets.
-
-
- Wide Area Network (WAN) - A wide area network is a
- network that covers a broad area using leased or
- private telecommunication lines.
-
-
-
diff --git a/doc/arch-design/hybrid/section_architecture_hybrid.xml b/doc/arch-design/hybrid/section_architecture_hybrid.xml
index aaa40a683e..640e528b2c 100644
--- a/doc/arch-design/hybrid/section_architecture_hybrid.xml
+++ b/doc/arch-design/hybrid/section_architecture_hybrid.xml
@@ -157,7 +157,8 @@
Security considerations, such as how data is secured
between client and endpoint and any traffic that
traverses the multiple clouds, from eavesdropping to
- DoS activities must be addressed. Business and
+ DoS
+ activities must be addressed. Business and
regulatory requirements dictate the security approach
that needs to be taken.
diff --git a/doc/glossary/glossary-terms.xml b/doc/glossary/glossary-terms.xml
index 0f453730f5..a3a7b4aff8 100644
--- a/doc/glossary/glossary-terms.xml
+++ b/doc/glossary/glossary-terms.xml
@@ -2325,6 +2325,20 @@
+
+ denial of service (DoS)
+
+ denial of service (DoS)
+
+
+
+
+ Denial of service (DoS) is a short form for
+ denial-of-service attack. This is a malicious attempt to
+ prevent legitimate users from using a service.
+
+
+
deprecated auth