GlossaryUse this glossary to get definitions of OpenStack-related words and
phrases.To add to this glossary, fork the openstack/openstack-manuals
repository and update the source files through the OpenStack
contribution process.Aabsolute limitabsolute limitImpassable limits for guest VMs. Settings include total RAM
size, maximum number of vCPUs, and maximum disk size.access control listaccess control list (ACL)A list of permissions attached to an object. An ACL specifies
which users or system processes have access to objects. It also
defines which operations can be performed on specified objects. Each
entry in a typical ACL specifies a subject and an operation. For
instance, the ACL entry (Alice, delete) for a file gives
Alice permission to delete the file.access keyaccess keyAlternative term for an Amazon EC2 access key. See EC2 access
key.accountaccountsThe Object Storage context of an account. Do not confuse with a
user account from an authentication service, such as Active Directory,
/etc/passwd, OpenLDAP, OpenStack Identity Service, and so on.account auditoraccount auditorChecks for missing replicas and incorrect or corrupted objects
in a specified Object Storage account by running queries against the
backend SQLite database.account databaseaccount databaseA SQLite database that contains Object Storage accounts and
related metadata and that the accounts server accesses.account reaperaccount reaperAn Object Storage worker that scans for and deletes account
databases and that the account server has marked for deletion.account serveraccount serverLists containers in Object Storage and stores container
information in the account database.account serviceaccount serviceAn Object Storage component that provides account services such
as list, create, modify, and audit. Do not confuse with OpenStack
Identity Service, OpenLDAP, or similar user-account services.accountingaccountingThe Compute Service provides accounting information through the
event notification and system usage data facilities.ACLACLaccess control listSee access control list.active/active configurationactive/active configurationIn a high-availability setup with an active/active
configuration, several systems share the load together and if one
fails, the load is distributed to the remaining systems.Active DirectoryActive DirectoryAuthentication and identity service by Microsoft, based on LDAP.
Supported in OpenStack.active/passive configurationactive/passive configurationIn a high-availability setup with an active/passive
configuration, systems are set up to bring additional resources online
to replace those that have failed.address pooladdress poolA group of fixed and/or floating IP addresses that are assigned
to a project and can be used by or assigned to the VM instances in a
project.admin APIadmin APIA subset of API calls that are accessible to authorized
administrators and are generally not accessible to end users or the
public Internet. They can exist as a separate service (keystone) or
can be a subset of another API (nova).admin serveradmin serverIn the context of the Identity Service, the worker process that
provides access to the admin API.Advanced Message Queuing Protocol (AMQP)Advanced Message Queuing Protocol (AMQP)The open standard messaging protocol used by OpenStack
components for intra-service communications, provided by RabbitMQ,
Qpid, or ZeroMQ.Advanced RISC Machine (ARM)Advanced RISC Machine (ARM)Lower power consumption CPU often found in mobile and embedded
devices. Supported by OpenStack.alertalertsdefinition ofThe Compute Service can send alerts through its notification
system, which includes a facility to create custom notification
drivers. Alerts can be sent to and displayed on the horizon
dashboard.allocateallocate, definition ofThe process of taking a floating IP address from the address
pool so it can be associated with a fixed IP on a guest VM
instance.Amazon Kernel Image (AKI)Amazon Kernel Image (AKI)Both a VM container format and disk format. Supported by Image
Service.Amazon Machine Image (AMI)Amazon Machine Image (AMI)Both a VM container format and disk format. Supported by Image
Service.Amazon Ramdisk Image (ARI)Amazon Ramdisk Image (ARI)Both a VM container format and disk format. Supported by Image
Service.AnvilAnvilA project that ports the shell script-based project named
DevStack to Python.ApacheApacheThe Apache Software Foundation supports the Apache community of
open-source software projects. These projects provide software
products for the public good.Apache License 2.0Apache License 2.0All OpenStack core projects are provided under the terms of the
Apache License 2.0 license.Apache Web ServerApache Web ServerThe most common web server software currently used on the
Internet.APIApplication programming interface.API endpointendpointsAPI endpointAPI (application programming interface)API endpointThe daemon, worker, or service that a client communicates with
to access an API. API endpoints can provide any number of services,
such as authentication, sales data, performance metrics, Compute VM
commands, census data, and so on.API extensionAPI (application programming interface)API extensionCustom modules that extend some OpenStack core APIs.API extension plug-inAPI (application programming interface)API extension plug-inAlternative term for a Networking plug-in or Networking API
extension.API keyAPI (application programming interface)API keyAlternative term for an API token.API serverAPI (application programming interface)API serverAny node running a daemon or worker that provides an API
endpoint.API tokenAPI (application programming interface)API tokenPassed to API requests and used by OpenStack to verify that the
client is authorized to run the requested operation.API versionAPI (application programming interface)API versionIn OpenStack, the API version for a project is part of the URL.
For example, example.com/nova/v1/foobar.appletappletA Java program that can be embedded into a web page.Application Programming Interface (API)A collection of specifications used to access a service,
application, or program. Includes service calls, required parameters
for each call, and the expected return values.application serverserversapplication serversapplication serverA piece of software that makes available another piece of
software over a network.Application Service Provider (ASP)Application Service Provider (ASP)Companies that rent specialized applications that help
businesses and organizations provide additional services with less
cost.arptablesarptablesTool used for maintaining Address Resolution Protocol packet
filter rules in the Linux kernel firewall modules. Used along with
iptables, ebtables, and ip6tables in Compute to provide firewall
services for VMs.associateassociate, definition ofThe process associating a Compute floating IP address with a
fixed IP address.Asynchronous JavaScript and XML (AJAX)Asynchronous JavaScript and XML (AJAX)A group of interrelated web development techniques used on the
client-side to create asynchronous web applications. Used extensively
in horizon.ATA over Ethernet (AoE)ATA over Ethernet (AoE)A disk storage protocol tunneled within Ethernet.attachattach, definition ofThe process of connecting a VIF or vNIC to a L2 network in
Networking. In the context of Compute, this process connects a storage
volume to an instance.attachment (network)attachment (network)Association of an interface ID to a logical port. Plugs an
interface into a port.auditingauditingProvided in Compute through the system usage data
facility.auditorauditorA worker process that verifies the integrity of Object Storage
objects, containers, and accounts. Auditors is the collective term for
the Object Storage account auditor, container auditor, and object
auditor.AustinAustinProject name for the initial release of OpenStack.auth nodeauth nodeAlternative term for an Object Storage authorization
node.authenticationauthenticationThe process that confirms that the user, process, or client is
really who they say they are through private key, secret token,
password, fingerprint, or similar method.authentication tokenauthentication tokensA string of text provided to the client after authentication.
Must be provided by the user or process in subsequent requests to the
API endpoint.AuthNAuthNThe Identity Service component that provides authentication
services.authorizationauthorizationThe act of verifying that a user, process, or client is
authorized to perform an action.authorization nodeauthorization nodeAn Object Storage node that provides authorization
services.AuthZAuthZThe Identity Service component that provides high-level
authorization services.Auto ACKAuto ACKConfiguration setting within RabbitMQ that enables or disables
message acknowledgment. Enabled by default.auto declareauto declareA Compute RabbitMQ setting that determines whether a message
exchange is automatically created when the program starts.availability zoneavailability zoneAn Amazon EC2 concept of an isolated area that is used for fault
tolerance. Do not confuse with an OpenStack Compute zone or
cell.AWSAWS (Amazon Web Services)Amazon Web Services.Bbackendbackend interactionsdefinition ofInteractions and processes that are obfuscated from the user,
such as Compute volume mount, data transmission to an iSCSI target by
a daemon, or Object Storage object integrity checks.backend catalogbackend interactionscatalogThe storage method used by the Identity Service catalog service
to store and retrieve information about API endpoints that are
available to the client. Examples include a SQL database, LDAP
database, or KVS backend.backend storebackend interactionsstoreThe persistent data store used to save and retrieve information
for a service, such as lists of Object Storage objects, current state
of guest VMs, lists of usernames, and so on. Also, the method that the
Image Service uses to get and store VM images. Options include Object
Storage, local file system, S3, and HTTP.bandwidthbandwidthdefinition ofThe amount of available data used by communication resources,
such as the Internet. Represents the amount of data that is used to
download things or the amount of data available to download.barebare, definition ofAn Image Service container format that indicates that no
container exists for the VM image.base imagebase imageAn OpenStack-provided image.BexarBexarA grouped release of projects related to OpenStack that came out
in February of 2011. It included Compute (nova) and Object Storage
(swift) only.binarybinarydefinition ofInformation that consists solely of ones and zeroes, which is
the language of computers.bitbits, definition ofA bit is a single digit number that is in base of 2 (either a
zero or one). Bandwidth usage is measured in bits per second.bits per second (BPS)bits per second (BPS)The universal measurement of how quickly data is transferred
from place to place.block deviceblock deviceA device that moves data in the form of blocks. These device
nodes interface the devices, such as hard disks, CD-ROM drives, flash
drives, and other addressable regions of memory.block migrationblock migrationA method of VM live migration used by KVM to evacuate instances
from one host to another with very little downtime during a
user-initiated switchover. Does not require shared storage. Supported
by Compute.Block StorageBlock StorageThe OpenStack core project that enables management of volumes,
volume snapshots, and volume types. The project name of Block Storage
is cinder.BMCBMC (Baseboard Management Controller)Baseboard Management Controller. The intelligence in the IPMI
architecture, which is a specialized micro-controller that is embedded
on the motherboard of a computer and acts as a server. Manages the
interface between system management software and platform
hardware.bootable disk imagebootable disk imageA type of VM image that exists as a single, bootable
file.Bootstrap Protocol (BOOTP)Bootstrap Protocol (BOOTP)A network protocol used by a network client to obtain an IP
address from a configuration server. Provided in Compute through the
dnsmasq daemon when using either the FlatDHCP manager or VLAN manager
network manager.browserbrowsers, definition ofAny client software that enables a computer or device to access
the Internet.builder filebuilder filesContains configuration information that Object Storage uses to
reconfigure a ring or to re-create it from scratch after a serious
failure.button classbutton classesA group of related button types within horizon. Buttons to
start, stop, and suspend VMs are in one class. Buttons to associate
and disassociate floating IP addresses are in another class, and so
on.bytebytes, definition ofSet of bits that make up a single character; there are usually 8
bits to a byte.CCACA (Certificate/Certification Authority)Certificate Authority or Certification Authority. In
cryptography, an entity that issues digital certificates. The digital
certificate certifies the ownership of a public key by the named
subject of the certificate. This enables others (relying parties) to
rely upon signatures or assertions made by the private key that
corresponds to the certified public key. In this model of trust
relationships, a CA is a trusted third party for both the subject
(owner) of the certificate and the party relying upon the certificate.
CAs are characteristic of many public key infrastructure (PKI)
schemes.cache prunercache prunersA program that keeps the Image Service VM image cache at or
below its configured maximum size.CactusCactusAn OpenStack grouped release of projects that came out in the
spring of 2011. It included Compute (nova), Object Storage (swift),
and the Image Service (glance).CALLCALLOne of the RPC primitives used by the OpenStack message queue
software. Sends a message and waits for a response.capabilitycapabilitydefinition ofDefines resources for a cell, including CPU, storage, and
networking. Can apply to the specific services within a cell or a
whole cell.capacity cachecapacity cacheA Compute backend database table that contains the current
workload, amount of free RAM, and number of VMs running on each host.
Used to determine on which VM a host starts.capacity updatercapacity updaterA notification driver that monitors VM instances and updates the
capacity cache as needed.CASTCAST (RPC primitive)One of the RPC primitives used by the OpenStack message queue
software. Sends a message and does not wait for a response.catalogcatalogA list of API endpoints that are available to a user after
authentication with the Identity Service.catalog servicecatalog serviceAn Identity Service that lists API endpoints that are available
to a user after authentication with the Identity Service.ceilometerceilometerThe project name for the Telemetry service, which is an
integrated project that provides metering and measuring facilities for
OpenStack.cellcellsdefinition ofProvides logical partitioning of Compute resources in a child
and parent relationship. Requests are passed from parent cells to
child cells if the parent cannot provide the requested
resource.cell forwardingcellscell forwardingA Compute option that enables parent cells to pass resource
requests to child cells if the parent cannot provide the requested
resource.cell managercellscell managersThe Compute component that contains a list of the current
capabilities of each host within the cell and routes requests as
appropriate.CentOSCentOSA Linux distribution that is compatible with OpenStack.CephCephMassively scalable distributed storage system that consists of
an object store, block store, and POSIX-compatible distributed file
system. Compatible with OpenStack.CephFSCephFSThe POSIX-compliant file system provided by Ceph.certificate authoritycertificate authority (Compute)A simple certificate authority provided by Compute for cloudpipe
VPNs and VM image decryption.Challenge-Handshake Authentication Protocol (CHAP)Challenge-Handshake Authentication Protocol
(CHAP)An iSCSI authentication method supported by Compute.chance schedulerchance schedulerA scheduling method used by Compute that randomly chooses an
available host from the pool.changes sincechanges sinceA Compute API parameter that downloads changes to the requested
item since your last request, instead of downloading a new, fresh set
of data and comparing it against the old data.ChefChefAn operating system configuration management tool supporting
OpenStack deployments.child cellcellschild cellschild cellsIf a requested resource such as CPU time, disk storage, or
memory is not available in the parent cell, the request is forwarded
to its associated child cells. If the child cell can fulfill the
request, it does. Otherwise, it attempts to pass the request to any of
its children.cindercinderA core OpenStack project that provides block storage services
for VMs.Cisco neutron plug-inCisco neutron plug-inA Networking plug-in for Cisco devices and technologies,
including UCS and Nexus.cloud architectcloud architectA person who plans, designs, and oversees the creation of
clouds.cloud computingcloud computingdefinition ofA model that enables access to a shared pool of configurable
computing resources, such as networks, servers, storage, applications,
and services, that can be rapidly provisioned and released with
minimal management effort or service provider interaction.cloud controllercloud computingcloud controllersCollection of Compute components that represent the global state
of the cloud; talks to services, such as Identity Service
authentication, Object Storage, and node/storage workers through a
queue.cloud controller nodecloud computingcloud controller nodesA node that runs network, volume, API, scheduler, and image
services. Each service may be broken out into separate nodes for
scalability or availability.Cloud Data Management Interface (CDMI)Cloud Data Management Interface (CDMI)SINA standard that defines a RESTful API for managing objects in
the cloud, currently unsupported in OpenStack.Cloud Infrastructure Management Interface (CIMI)Cloud Infrastructure Management Interface (CIMI)An in-progress specification for cloud management. Currently
unsupported in OpenStack.cloud-initcloud-initA package commonly installed in VM images that performs
initialization of an instance after boot using information that it
retrieves from the metadata service, such as the SSH public key and
user data.cloudadmincloudadminOne of the default roles in the Compute RBAC system. Grants
complete system access.cloudpipecloudpipedefinition ofA compute service that creates VPNs on a per-project
basis.cloudpipe imagecloudpipecloudpipe imageA pre-made VM image that serves as a cloudpipe server.
Essentially, OpenVPN running on Linux.CMDBCMDB (Configuration Management Database)Configuration Management Database.command filtercommand filtersLists allowed commands within the Compute rootwrap
facility.community projectcommunity projectsA project that is not officially endorsed by the OpenStack
Foundation. If the project is successful enough, it might be elevated
to an incubated project and then to a core project, or it might be
merged with the main code trunk.compressioncompressionReducing the size of files by special encoding, the file can be
decompressed again to its original content. OpenStack supports
compression at the Linux file system level but does not support
compression for things such as Object Storage objects or Image Service
VM images.ComputeComputedefinition ofThe OpenStack core project that provides compute services. The
project name of Compute Service is nova.Compute APIComputeCompute APIThe nova-api daemon
provides access to nova services. Can communicate with other APIs,
such as the Amazon EC2 API.compute controllerComputecompute controllerThe Compute component that chooses suitable hosts on which to
start VM instances.compute hostComputecompute hostPhysical host dedicated to running compute nodes.compute nodecompute nodesdefinition ofA node that runs the nova-compute daemon that manages VM
instances that provide a wide
range of services, such as web applications and analytics.Compute ServiceComputeCompute ServiceName for the Compute component that manages VMs.compute workerComputecompute workerThe Compute component that runs on each compute node and manages
the VM instance life cycle, including run, reboot, terminate,
attach/detach volumes, and so on. Provided by the nova-compute daemon.concatenated objectobjectsconcatenated objectsconcatenated objectsA set of segment objects that Object Storage combines and sends
to the client.conductorconductorsIn Compute, conductor is the process that proxies database
requests from the compute process. Using conductor improves security
because compute nodes do not need direct access to the
database.consistency windowconsistency windowThe amount of time it takes for a new Object Storage object to
become accessible to all clients.console logconsole logsContains the output from a Linux VM console in Compute.containercontainersdefinition ofOrganizes and stores objects in Object Storage. Similar to the
concept of a Linux directory but cannot be nested. Alternative term
for an Image Service container format.container auditorcontainerscontainer auditorsChecks for missing replicas or incorrect objects in specified
Object Storage containers through queries to the SQLite backend
database.container databasecontainerscontainer databasesA SQLite database that stores Object Storage containers and
container metadata. The container server accesses this
database.container formatcontainerscontainer formatA wrapper used by the Image Service that contains a VM image and
its associated metadata, such as machine state, OS disk size, and so
on.container servercontainerscontainer serversAn Object Storage server that manages containers.container servicecontainerscontainer serviceThe Object Storage component that provides container services,
such as create, delete, list, and so on.controller nodecontroller nodesunder cloud computingAlternative term for a cloud controller node.core APIcore APIDepending on context, the core API is either the OpenStack API
or the main API of a specific core project, such as Compute,
Networking, Image Service, and so on.core projectcore projectAn official OpenStack project. Currently consists of Compute
(nova), Object Storage (swift), Image Service (glance), Identity
(keystone), Dashboard (horizon), Networking (neutron), and Block
Storage (cinder). The Telemetry module (ceilometer) and Orchestration
module (heat) are integrated projects as of the Havana release. In the
Icehouse release, the Database module (trove) gains integrated project
status.costcostUnder the Compute distributed scheduler, this is calculated by
looking at the capabilities of each host relative to the flavor of the
VM instance being requested.credentialscredentialsData that is only known to or accessible by a user and used to
verify that the user is who he says he is. Credentials are presented
to the server during authentication. Examples include a password,
secret key, digital certificate, and fingerprint.CrowbarCrowbarAn open source community project by Dell that aims to provide
all necessary services to quickly deploy clouds.current workloadcurrent workloadAn element of the Compute capacity cache that is calculated
based on the number of build, snapshot, migrate, and resize operations
currently in progress on a given host.customercustomerstenantsAlternative term for tenant.customization modulecustomization moduleA user-created Python module that is loaded by horizon to change
the look and feel of the dashboard.Ddaemondaemonsdefinition ofA process that runs in the background and waits for requests.
May or may not listen on a TCP or UDP port. Do not confuse with a
worker.DACDAC (discretionary access control)Discretionary access control. Governs the ability of subjects to
access objects, while enabling users to make policy decisions and
assign security attributes. The traditional UNIX system of users,
groups, and read-write-execute permissions is an example of
DAC.dashboarddashboardThe web-based management interface for OpenStack. An alternative
name for horizon.data encryptiondatadata encryptionBoth Image Service and Compute support encrypted virtual machine
(VM) images (but not instances). In-transit data encryption is
supported in OpenStack using technologies such as HTTPS, SSL, TLS, and
SSH. Object Storage does not support object encryption at the
application level but may support storage that uses disk encryption.database IDdatabasesdatabase IDA unique ID given to each replica of an Object Storage
database.database replicatordatabasesdatabase replicatorsAn Object Storage component that copies changes in the account,
container, and object databases to other nodes.deallocatedeallocate, definition ofThe process of removing the association between a floating IP
address and a fixed IP address. Once this association is removed, the
floating IP returns to the address pool.DebianDebianA Linux distribution that is compatible with OpenStack.deduplicationdeduplicationThe process of finding duplicate data at the disk block, file,
and/or object level to minimize storage use—currently unsupported
within OpenStack.default paneldefault panelsThe default panel that is displayed when a user accesses the
horizon dashboard.default tenantdefault tenantsNew users are assigned to this tenant if no tenant is specified
when a user is created.default tokendefault tokensAn Identity Service token that is not associated with a specific
tenant and is exchanged for a scoped token.delayed deletedelayed deleteAn option within Image Service so that an image is deleted after
a predefined number of seconds instead of immediately.delivery modedelivery modeSetting for the Compute RabbitMQ message delivery mode; can be
set to either transient or persistent.deprecated authdeprecated authAn option within Compute that enables administrators to create
and manage users through the nova-manage command as
opposed to using the Identity Service.developerdeveloperOne of the default roles in the Compute RBAC system and the
default role assigned to a new user.device IDdevice IDMaps Object Storage partitions to physical storage
devices.device weightdevice weightDistributes partitions proportionately across Object Storage
devices based on the storage capacity of each device.DevStackDevStackdefinition ofCommunity project that uses shell scripts to quickly build
complete OpenStack development environments.DHCPDHCP (Dynamic Host Configuration Protocol)basics ofDynamic Host Configuration Protocol. A network protocol that
configures devices that are connected to a network so that they can
communicate on that network by using the Internet Protocol (IP). The
protocol is implemented in a client-server model where DHCP clients
request configuration data, such as an IP address, a default route,
and one or more DNS server addresses from a DHCP server.DiabloDiabloA grouped release of projects related to OpenStack that came out
in the fall of 2011, the fourth release of OpenStack. It included
Compute (nova 2011.3), Object Storage (swift 1.4.3), and the Image
Service (glance).direct consumerdirect consumersAn element of the Compute RabbitMQ that comes to life when a RPC
call is executed. It connects to a direct exchange through a unique
exclusive queue, sends the message, and terminates.direct exchangedirect exchangesA routing table that is created within the Compute RabbitMQ
during RPC calls; one is created for each RPC call that is
invoked.direct publisherdirect publishersElement of RabbitMQ that provides a response to an incoming MQ
message.disassociatedisassociateThe process of removing the association between a floating IP
address and fixed IP and thus returning the floating IP address to the
address pool.disk encryptiondisk encryptionThe ability to encrypt data at the file system, disk partition,
or whole-disk level. Supported within Compute VMs.disk formatdisk formatThe underlying format that a disk image for a VM is stored as
within the Image Service backend store. For example, AMI, ISO, QCOW2,
VMDK, and so on.dispersiondispersionIn Object Storage, tools to test and ensure dispersion of
objects and containers to ensure fault tolerance.DjangoDjangoA web framework used extensively in horizon.DNSDNS (Domain Name Server, Service or System)definitions ofDomain Name Server. A hierarchical and distributed naming system
for computers, services, and resources connected to the Internet or a
private network. Associates a human-friendly names to IP
addresses.DNS recordDNS (Domain Name Server, Service or System)DNS recordsA record that specifies information about a particular domain
and belongs to the domain.dnsmasqdnsmasqDaemon that provides DNS, DHCP, BOOTP, and TFTP services, used
by the Compute VLAN manager and FlatDHCP manager.domaindomain, definition ofSeparates a website from other sites. Often, the domain name has
two or more parts that are separated by dots. For example, yahoo.com,
usa.gov, harvard.edu, or mail.yahoo.com.A domain is an entity or container of all DNS-related
information containing one or more records.Domain Name Service (DNS)In Compute, the support that enables associating DNS entries
with floating IP addresses, nodes, or cells so that hostnames are
consistent across reboots.Domain Name System (DNS)A system by which Internet domain name-to-address and
address-to-name resolutions are determined.DNS helps navigate the Internet by translating the IP address
into an address that is easier to remember For example, translating
111.111.111.1 into www.yahoo.com.All domains and their components, such as mail servers, utilize
DNS to resolve to the appropriate locations. DNS servers are usually
set up in a master-slave relationship such that failure of the master
invokes the slave. DNS servers might also be clustered or replicated
such that changes made to one DNS server are automatically propagated
to other active servers.downloaddownload, definition ofThe transfer of data, usually in the form of files, from one
computer to another.DRTMDRTM (dynamic root of trust measurement)Dynamic root of trust measurement.durable exchangedurable exchangeThe Compute RabbitMQ message exchange that remains active when
the server restarts.durable queuedurable queueA Compute RabbitMQ message queue that remains active when the
server restarts.Dynamic Host Configuration Protocol (DHCP)A method to automatically configure networking for a host at
boot time. Provided by both Networking and Compute.Dynamic HyperText Markup Language (DHTML)DHTML (Dynamic HyperText Markup Language)Pages that use HTML, JavaScript, and Cascading Style Sheets to
enable users to interact with a web page or show simple
animation.EEBS boot volumeEBS boot volumeAn Amazon EBS storage volume that contains a bootable VM image,
currently unsupported in OpenStack.ebtablesebtablesUsed in Compute along with arptables, iptables, and ip6tables to
create firewalls and to ensure isolation of network
communications.EC2The Amazon commercial compute product, similar to
Compute.EC2 access keyEC2EC2 access keyUsed along with an EC2 secret key to access the Compute EC2
API.EC2 APIEC2EC2 APIOpenStack supports accessing the Amazon EC2 API through
Compute.EC2 Compatibility APIEC2EC2 compatibility APIA Compute component that enables OpenStack to communicate with
Amazon EC2.EC2 secret keyEC2EC2 secret keyUsed along with an EC2 access key when communicating with the
Compute EC2 API; used to digitally sign each request.Elastic Block Storage (EBS)Elastic Block Storage (EBS)The Amazon commercial block storage product.encryptionencryption, definition ofOpenStack supports encryption technologies such as HTTPS, SSH,
SSL, TLS, digital certificates, and data encryption.endpointSee API endpoint.endpoint registryendpointsendpoint registryAlternative term for an Identity Service catalog.endpoint templateendpointsendpoint templatesA list of URL and port number endpoints that indicate where a
service, such as Object Storage, Compute, Identity, and so on, can be
accessed.entityentity, definition ofAny piece of hardware or software that wants to connect to the
network services provided by Networking, the network connectivity
service. An entity can make use of Networking by implementing a
VIF.ephemeral imageephemeral imagesA VM image that does not save changes made to its volumes and
reverts them to their original state after the instance is
terminated.ephemeral volumeephemeral volumeVolume that does not save the changes made to it and reverts to
its original state when the current user relinquishes control.EssexEssexA grouped release of projects related to OpenStack that came out
in April 2012, the fifth release of OpenStack. It included Compute
(nova 2012.1), Object Storage (swift 1.4.8), Image (glance), Identity
(keystone), and Dashboard (horizon).ESXESX hypervisorAn OpenStack-supported hypervisor.ESXiESXi hypervisorAn OpenStack-supported hypervisor.ebtablesebtablesFiltering tool for a Linux bridging firewall, enabling filtering
of network traffic passing through a Linux bridge. Used to restrict
communications between hosts and/or nodes in OpenStack Compute along
with iptables, arptables, and ip6tables.ETagETagMD5 hash of an object within Object Storage, used to ensure data
integrity.euca2oolseuca2oolsA collection of command-line tools for administering VMs; most
are compatible with OpenStack.Eucalyptus Kernel Image (EKI)Eucalyptus Kernel Image (EKI)Used along with an ERI to create an EMI.Eucalyptus Machine Image (EMI)Eucalyptus Machine Image (EMI)VM image container format supported by Image Service.Eucalyptus Ramdisk Image (ERI)Eucalyptus Ramdisk Image (ERI)Used along with an EKI to create an EMI.evacuateevacuation, definition ofThe process of migrating one or all virtual machine (VM)
instances from one host to another, compatible with both shared
storage live migration and block migration.exchangeexchangeAlternative term for a RabbitMQ message exchange.exchange typeexchange typesA routing algorithm in the Compute RabbitMQ.exclusive queuequeuesexclusive queuesexclusive queuesConnected to by a direct consumer in RabbitMQ—Compute, the
message can be consumed only by the current connection.extended attributes (xattrs)extended attributes (xattrs)File system option that enables storage of additional
information beyond owner, group, permissions, modification time, and
so on. The underlying Object Storage file system must support extended
attributes.extensionextensionsdefinition ofAlternative term for an API extension or plug-in. In the context
of Identity Service, this is a call that is specific to the
implementation, such as adding support for OpenID.extra specsextra specs, definition ofSpecifies additional requirements when Compute determines where
to start a new instance. Examples include a minimum amount of network
bandwidth or a GPU.FFakeLDAPFakeLDAPAn easy method to create a local LDAP directory for testing
Identity Service and Compute. Requires Redis.fan-out exchangefan-out exchangeWithin RabbitMQ and Compute, it is the messaging interface that
is used by the scheduler service to receive capability messages from
the compute, volume, and network nodes.FedoraFedoraA Linux distribution compatible with OpenStack.Fibre ChannelFibre ChannelStorage protocol similar in concept to TCP/IP; encapsulates SCSI
commands and data.Fibre Channel over Ethernet (FCoE)Fibre Channel over Ethernet (FCoE)The fibre channel protocol tunneled within Ethernet.fill-first schedulerfill-first schedulerThe Compute scheduling method that attempts to fill a host with
VMs rather than starting new VMs on a variety of hosts.filterfilteringdefinition ofThe step in the Compute scheduling process when hosts that
cannot run VMs are eliminated and not chosen.firewallfirewallsUsed to restrict communications between hosts and/or nodes,
implemented in Compute using iptables, arptables, ip6tables, and
etables.Firewall-as-a-Service (FWaaS)Firewall-as-a-Service (FWaaS)A Networking extension that provides perimeter firewall
functionality.fixed IP addressIP addressesfixedfixed IP addressesAn IP address that is associated with the same instance each
time that instance boots, is generally not accessible to end users or
the public Internet, and is used for management of the
instance.Flat ManagerFlat ManagerThe Compute component that gives IP addresses to authorized
nodes and assumes DHCP, DNS, and routing configuration and services
are provided by something else.flat mode injectionflat mode injectionA Compute networking method where the OS network configuration
information is injected into the VM image before the instance
starts.flat networkflat networkThe Network Controller provides virtual networks to enable
compute servers to interact with each other and with the public
network. All machines must have a public and private network
interface. A flat network is a private network interface, which is
controlled by the flat_interface option with flat
managers.FlatDHCP ManagerFlatDHCP ManagerThe Compute component that provides dnsmasq (DHCP, DNS, BOOTP,
TFTP) and radvd (routing) services.flavorflavorAlternative term for a VM instance type.flavor IDflavor IDUUID for each Compute or Image Service VM flavor or instance
type.floating IP addressIP addressesfloatingfloating IP addressAn IP address that a project can associate with a VM so that the
instance has the same public IP address each time that it boots. You
create a pool of floating IP addresses and assign them to instances as
they are launched to maintain a consistent IP address for maintaining
DNS assignment.FolsomFolsomA grouped release of projects related to OpenStack that came out
in the fall of 2012, the sixth release of OpenStack. It includes
Compute (nova), Object Storage (swift), Identity (keystone),
Networking (neutron), Image Service (glance), and Volumes or Block
Storage (cinder).FormPostFormPostObject Storage middleware that uploads (posts) an image through
a form on a web page.frontendfrontend, definition ofThe point where a user interacts with a service; can be an API
endpoint, the horizon dashboard, or a command-line tool.GgatewaygatewayHardware or software that translates between two different
protocols.glanceA core project that provides the OpenStack Image Service.glance API serverglanceglance API serverProcesses client requests for VMs, updates Image Service
metadata on the registry server, and communicates with the store
adapter to upload VM images from the backend store.glance registryglanceglance registryAlternative term for the Image Service image registry.global endpoint templateendpointsglobal endpoint templateglobal endpoint templateThe Identity Service endpoint template that contains services
available to all tenants.GlusterFSGlusterFSA file system designed to aggregate NAS hosts, compatible with
OpenStack.golden imagegolden imageA method of operating system installation where a finalized disk
image is created and then used by all nodes without
modification.Graphic Interchange Format (GIF)Graphic Interchange Format (GIF)A type of image file that is commonly used for animated images
on web pages.Graphics Processing Unit (GPU)Graphics Processing Unit (GPU)Choosing a host based on the existence of a GPU is currently
unsupported in OpenStack.Green ThreadsGreen ThreadsThe cooperative threading model used by Python; reduces race
conditions and only context switches when specific library calls are
made. Each OpenStack service is its own thread.GrizzlyGrizzlyProject name for the seventh release of OpenStack.guest OSguest OSAn operating system instance running under the control of a
hypervisor.HHadoopHadoopApache Hadoop is an open source software framework that supports
data-intensive distributed applications.handoverhandoverAn object state in Object Storage where a new replica of the
object is automatically created due to a drive failure.hard reboothard rebootA type of reboot where a physical or virtual power button is
pressed as opposed to a graceful, proper shutdown of the operating
system.HavanaHavanaProject name for the eighth release of OpenStack.heatheatAn integrated project that aims to orchestrate multiple cloud
applications for OpenStack.horizonOpenStack project that provides a dashboard, which is a web
interface.horizon plug-inhorizon plug-insA plug-in for the OpenStack dashboard (horizon).hosthosts, definition ofA physical computer, not a VM instance (node).host aggregatehost aggregateA method to further subdivide availability zones into hypervisor
pools, a collection of common hosts.Host Bus Adapter (HBA)Host Bus Adapter (HBA)Device plugged into a PCI slot, such as a fibre channel or
network card.HTTPHTTP (Hypertext Transfer Protocol)basics ofHypertext Transfer Protocol. HTTP is an application protocol for
distributed, collaborative, hypermedia information systems. It is the
foundation of data communication for the World Wide Web. Hypertext is
structured text that uses logical links (hyperlinks) between nodes
containing text. HTTP is the protocol to exchange or transfer
hypertext.HTTPSHTTPS (Hypertext Transfer Protocol Secure)Hypertext Transfer Protocol Secure (HTTPS) is a communications
protocol for secure communication over a computer network, with
especially wide deployment on the Internet. Technically, it is not a
protocol in and of itself; rather, it is the result of simply layering
the Hypertext Transfer Protocol (HTTP) on top of the SSL/TLS protocol,
thus adding the security capabilities of SSL/TLS to standard HTTP
communications.Hyper-VHyper-VOne of the hypervisors supported by OpenStack.hyperlinkhyperlinkAny kind of text that contains a link to some other site,
commonly found in documents where clicking on a word or words opens up
a different website.Hypertext Transfer Protocol (HTTP)The protocol that tells browsers where to go to find
information.Hypertext Transfer Protocol Secure (HTTPS)Encrypted HTTP communications using SSL or TLS; most OpenStack
API endpoints and many inter-component communications support HTTPS
communication.hypervisorhypervisorsdefinition ofSoftware that arbitrates and controls VM access to the actual
underlying hardware.hypervisor poolhypervisorshypervisor poolsA collection of hypervisors grouped together through host
aggregates.IIaaSIaaS (Infrastructure-as-a-Service)basics ofInfrastructure-as-a-Service. IaaS is a provisioning model in
which an organization outsources physical components of a data center,
such as storage, hardware, servers, and networking components. A
service provider owns the equipment and is responsible for housing,
operating and maintaining it. The client typically pays on a per-use
basis. IaaS is a model for providing cloud services.IcehouseIcehousedefinition ofProject name for the ninth release of OpenStack.ID numberID numberUnique numeric ID associated with each user in Identity Service,
conceptually similar to a Linux or LDAP UID.Identity APIAlternative term for the Identity Service API.Identity backendIdentity ServiceIdentity backendThe source used by Identity Service to retrieve user
information; an OpenLDAP server, for example.Identity ServiceIdentity Servicebasics ofThe OpenStack core project that provides a central directory of
users mapped to the OpenStack services they can access. It also
registers endpoints for OpenStack services. It acts as a common
authentication system. The project name of the Identity Service is
keystone.Identity Service APIIdentity ServiceIdentity Service APIThe API used to access the OpenStack Identity Service provided
through keystone.IDSIDS (Intrusion Detection System)Intrusion Detection System.imageimagesdefinition ofA collection of files for a specific operating system (OS) that
you use to create or rebuild a server. OpenStack provides pre-built
images. You can also create custom images, or snapshots, from servers
that you have launched. Custom images can be used for data backups or
as "gold" images for additional servers.Image APIImage ServiceImage Service APIThe Image Service API endpoint for management of VM
images.image cacheImage Serviceimage cacheUsed by Image Service to obtain images on the local host rather
than re-downloading them from the image server each time one is
requested.image IDIdentity Serviceimage IDCombination of a URI and UUID used to access Image Service VM
images through the image API.image membershipImage Serviceimage membershipA list of tenants that can access a given VM image within Image
Service.image ownerImage Serviceimage ownerThe tenant who owns an Image Service virtual machine
image.image registryImage Serviceimage registryA list of VM images that are available through Image
Service.Image ServiceAn OpenStack core project that provides discovery, registration,
and delivery services for disk and server images. The project name of
the Image Service is glance.Image Service APIAlternative name for the glance image API.image statusImage Serviceimage statusThe current status of a VM image in Image Service, not to be
confused with the status of a running instance.image storeImage Serviceimage storeThe backend store used by Image Service to store VM images,
options include Object Storage, local file system, S3, or HTTP.image UUIDImage Serviceimage UUIDUUID used by Image Service to uniquely identify each VM
image.incubated projectincubated projectsA community project may be elevated to this status and is then
promoted to a core project.ingress filteringfilteringingress filteringingress filteringThe process of filtering incoming network traffic. Supported by
Compute.injectioninjectionThe process of putting a file into a virtual machine image
before the instance is started.instanceinstancesdefinition ofA running VM, or a VM in a known state such as suspended, that
can be used like a hardware server.instance IDinstancesinstance IDAlternative term for instance UUID.instance stateinstancesinstance stateThe current state of a guest VM image.instance typeinstancesinstance typeDescribes the parameters of the various virtual machine images
that are available to users; includes parameters such as CPU, storage,
and memory. Alternative term for flavor.instance type IDinstancesinstance type IDAlternative term for a flavor ID.instance UUIDinstancesinstance UUIDUnique ID assigned to each guest VM instance.interface IDinterface IDUnique ID for a Networking VIF or vNIC in the form of a
UUID.Internet Service Provider (ISP)Internet Service Provider (ISP)Any business that provides Internet access to individuals or
businesses.ironicironicOpenStack project that provisions bare metal, as opposed to
virtual, machines.IP addressIP addressesdefinition ofNumber that is unique to every computer system on the Internet.
Two versions of the Internet Protocol (IP) are in use for addresses:
IPv4 and IPv6.IP Address Management (IPAM)IP Address Management (IPAM)The process of automating IP address allocation, deallocation,
and management. Currently provided by Compute, melange, and
Networking.IPLIPL (Initial Program Loader)Initial Program Loader.IPMIIPMI (Intelligent Platform Management Interface)Intelligent Platform Management Interface. IPMI is a
standardized computer system interface used by system administrators
for out-of-band management of computer systems and monitoring of their
operation. In layman's terms, it
is a way to manage a computer using a direct network connection,
whether it is turned on or not; connecting to the hardware rather than
an operating system or login shell.ip6tablesip6tablesTool used to set up, maintain, and inspect the tables of IPv6
packet filter rules in the Linux kernel. In OpenStack Compute,
ip6tables is used along with arptables, ebtables, and iptables to
create firewalls for both nodes and VMs.iptablesiptablesUsed along with arptables and ebtables, iptables create
firewalls in Compute. iptables are the tables provided by the Linux
kernel firewall (implemented as different Netfilter modules) and the
chains and rules it stores. Different kernel modules and programs are
currently used for different protocols: iptables applies to IPv4,
ip6tables to IPv6, arptables to ARP, and ebtables to Ethernet frames.
Requires root privilege to manipulate.iSCSIiSCSI protocolThe SCSI disk protocol tunneled within Ethernet, supported by
Compute, Object Storage, and Image Service.ISO9960ISO9960 formatOne of the VM image disk formats supported by Image
Service.itsecitsecA default role in the Compute RBAC system that can quarantine an
instance in any project.JJavaJavaA programming language that is used to create systems that
involve more than one computer by way of a network.JavaScriptJavaScriptA scripting language that is used to build web pages.JavaScript Object Notation (JSON)JavaScript Object Notation (JSON)One of the supported response formats in OpenStack.JenkinsJenkinsTool used to run jobs automatically for OpenStack
development.JunoJunoProject name for the 10th release of OpenStack.Kkernel-based VM (KVM)kernel-based VM (KVM) hypervisorAn OpenStack-supported hypervisor.keystonekeystoneThe project that provides OpenStack Identity services.KickstartKickstartA tool to automate system configuration and installation on Red
Hat, Fedora, and CentOS-based Linux distributions.Llarge objectlarge objectAn object within Object Storage that is larger than 5 GB.LaunchpadLaunchpadThe collaboration site for OpenStack.Layer-2 networkLayer-2 networkTerm used for OSI network architecture for the data link
layer.libvirtlibvirtVirtualization API library used by OpenStack to interact with
many of its supported hypervisors.Linux bridgeSoftware that enables multiple VMs to share a single physical
NIC within Compute.Linux Bridge neutron plug-inLinux Bridgeneutron plug-in forEnables a Linux bridge to understand a Networking port,
interface attachment, and other abstractions.Linux containers (LXC)Linux containers (LXC)An OpenStack-supported hypervisor.live migrationlive migrationThe ability within Compute to move running virtual machine
instances from one host to another with only a small service
interruption during switchover.load balancerA load balancer is a logical device that belongs to a cloud
account. It is used to distribute workloads between multiple backend
systems or services, based on the criteria defined as part of its
configuration.load balancingload balancingThe process of spreading client requests between two or more
nodes to improve performance and availability.Load-Balancing-as-a-Service (LBaaS)Load-Balancing-as-a-Service (LBaaS)Enables Networking to distribute incoming requests evenly
between designated instances.Mmanagement APImanagement APIadmin APIAlternative term for an admin API.management networkmanagement networkA network segment used for administration, not accessible to the
public Internet.managermanagerLogical groupings of related code, such as the Block Storage
volume manager or network manager.manifestmanifestsdefinition ofUsed to track segments of a large object within Object
Storage.manifest objectobjectsmanifest objectsmanifestsmanifest objectsA special Object Storage object that contains the manifest for a
large object.marconimarconiOpenStack project that provides a queue service to
applications.melangemelangeProject name for OpenStack Network Information Service. To be
merged with Networking.membershipmembershipThe association between an Image Service VM image and a tenant.
Enables images to be shared with specified tenants.membership listmembership listsA list of tenants that can access a given VM image within Image
Service.memcachedmemcachedA distributed memory object caching system that is used by
Object Storage for caching.memory overcommitmemory overcommitThe ability to start new VM instances based on the actual memory
usage of a host, as opposed to basing the decision on the amount of
RAM each running instance thinks it has available. Also known as RAM
overcommit.message brokermessage brokersThe software package used to provide AMQP messaging capabilities
within Compute. Default package is RabbitMQ.message busmessage busThe main virtual communication line used by all AMQP messages
for inter-cloud communications within Compute.message queuemessage queuePasses requests from clients to the appropriate workers and
returns the output to the client after the job completes.Meta-Data Server (MDS)Meta-Data Server (MDS)Stores CephFS metadata.migrationmigrationThe process of moving a VM instance from one host to
another.multinicFacility in Compute that allows each virtual machine instance to
have more than one VIF connected to it.Modular Layer 2 (ML2) neutron plug-inModular Layer 2 (ML2) neutron plug-inCan concurrently use multiple layer-2 networking technologies,
such as 802.1Q and VXLAN, in Networking.Monitor (LBaaS)Monitor (LBaaS)LBaaS feature that provides availability monitoring using the
ping command, TCP, and HTTP/HTTPS GET.Monitor (Mon)Monitor (Mon)A Ceph component that communicates with external clients, checks
data state and consistency, and performs quorum functions.multi-factor authenticationmulti-factor authenticationAuthentication method that uses two or more credentials, such as
a password and a private key. Currently not supported in Identity
Service.MultiNicMultiNicFacility in Compute that enables a virtual machine instance to
have more than one VIF connected to it.NNebulaNebulaReleased as open source by NASA in 2010 and is the basis for
Compute.netadminnetadminOne of the default roles in the Compute RBAC system. Enables the
user to allocate publicly accessible IP addresses to instances and
change firewall rules.NetApp volume driverNetApp volume driverEnables Compute to communicate with NetApp storage devices
through the NetApp OnCommand
Provisioning Manager.networknetworksdefinition ofA virtual network that provides connectivity between entities.
For example, a collection of virtual ports that share network
connectivity. In Networking terminology, a network is always a layer-2
network.Network Address Translation (NAT)networksNetwork Address Translation (NAT)The process of modifying IP address information while in
transit. Supported by Compute and Networking.network controllernetworksnetwork controllersA Compute daemon that orchestrates the network configuration of
nodes, including IP addresses, VLANs, and bridging. Also manages
routing for both public and private networks.Network File System (NFS)networksNetwork File System (NFS)A method for making file systems available over the network.
Supported by OpenStack.network IDnetworksnetwork IDsUnique ID assigned to each network segment within Networking.
Same as network UUID.network managernetworksnetwork managersThe Compute component that manages various network components,
such as firewall rules, IP address allocation, and so on.network nodenetworksnetwork nodesAny compute node that runs the network worker daemon.network segmentnetworksnetwork segmentsRepresents a virtual, isolated OSI layer-2 subnet in
Networking.Network Time Protocol (NTP)networksNetwork Time Protocol (NTP)A method of keeping a clock for a host or node correct through
communications with a trusted, accurate time source.network UUIDnetworksnetwork UUIDUnique ID for a Networking network segment.network workernetworksnetwork workersThe nova-network worker daemon; provides
services such as giving an IP address to a booting nova
instance.NetworkingA core OpenStack project that provides a network connectivity
abstraction layer to OpenStack Compute. The project name of Networking
is neutron.Networking APINetworking APIAPI used to access OpenStack Networking. Provides an extensible
architecture to enable custom plug-in creation.neutronA core OpenStack project that provides a network connectivity
abstraction layer to OpenStack Compute.neutron APIneutronNetworking APIAn alternative name for Networking API.neutron managerneutronneutron managerEnables Compute and Networking integration, which enables
Networking to perform network management for guest VMs.neutron plug-inneutronneutron plug-inInterface within Networking that enables organizations to create
custom plug-ins for advanced features, such as QoS, ACLs, or
IDS.Nexenta volume driverNexenta volume driverProvides support for NexentaStor devices in Compute.No ACKNo ACKDisables server-side message acknowledgment in the Compute
RabbitMQ. Increases performance but decreases reliability.nodenodesdefinition ofA VM instance that runs on a host.non-durable exchangemessagesnon-durable exchangesnon-durable exchangesMessage exchange that is cleared when the service restarts. Its
data is not written to persistent storage.non-durable queuemessagesnon-durable queuesnon-durable queueMessage queue that is cleared when the service restarts. Its
data is not written to persistent storage.non-persistent volumenon-persistent volumeephemeral volumeAlternative term for an ephemeral volume.novaOpenStack project that provides compute services.Nova APInovaCompute APIAlternative term for the Compute API.nova-networknovanova-networkA Compute component that manages IP address allocation,
firewalls, and other network-related tasks. This is the legacy
networking option and an alternative to Networking.Oobjectobjectsdefinition ofA BLOB of data held by Object Storage; can be in any
format.object auditorobjectsobject auditorsOpens all objects for an object server and verifies the MD5
hash, size, and metadata for each object.object expirationobjectsobject expirationA configurable option within Object Storage to automatically
delete objects after a specified amount of time has passed or a
certain date is reached.object hashobjectsobject hashUniquely ID for an Object Storage object.object path hashobjectsobject path hashUsed by Object Storage to determine the location of an object in
the ring. Maps objects to partitions.object replicatorobjectsobject replicatorsAn Object Storage component that copies an object to remote
partitions for fault tolerance.object serverobjectsobject serversAn Object Storage component that is responsible for managing
objects.Object StorageThe OpenStack core project that provides eventually consistent
and redundant storage and retrieval of fixed digital content. The
project name of OpenStack Object Storage is swift.Object Storage APIswiftObject Storage APIObject StorageObject Storage APIAPI used to access OpenStack Object Storage.Object Storage Device (OSD)Object StorageObject Storage Device (OSD)The Ceph storage daemon.object versioningobjectsobject versioningAllows a user to set a flag on an Object Storage container so
that all objects within the container are versioned.OldieOldieTerm for an Object Storage process that runs for a long time.
Can indicate a hung process.Open Cloud Computing Interface (OCCI)Open Cloud Computing Interface (OCCI)A standardized interface for managing compute, data, and network
resources, currently unsupported in OpenStack.Open Virtualization Format (OVF)Open Virtualization Format (OVF)Standard for packaging VM images. Supported in OpenStack.Open vSwitch neutron plug-inOpen vSwitchneutron plug-in forProvides support for Open vSwitch in Networking.OpenLDAPOpenLDAPAn open source LDAP server. Supported by both Compute and
Identity Service.OpenStackOpenStackbasics ofOpenStack is a cloud operating system that controls large pools
of compute, storage, and networking resources throughout a data
center, all managed through a dashboard that gives administrators
control while empowering their users to provision resources through a
web interface. OpenStack is an open source project licensed under the
Apache License 2.0.openSUSEopenSUSEA Linux distribution that is compatible with OpenStack.operatoroperatorThe person responsible for planning and maintaining an OpenStack
installation.OrchestrationOrchestrationAn integrated project that orchestrates multiple cloud
applications for OpenStack. The project name of Orchestration is
heat.orphanorphansIn the context of Object Storage, this is a process that is not
terminated after an upgrade, restart, or reload of the service.Pparent cellcellsparent cellsparent cellsIf a requested resource, such as CPU time, disk storage, or
memory, is not available in the parent cell, the request is forwarded
to associated child cells.partitionpartitionsdefinition ofA unit of storage within Object Storage used to store objects.
It exists on top of devices and is replicated for fault
tolerance.partition indexpartitionspartition indexContains the locations of all Object Storage partitions within
the ring.partition shift valuepartitionspartition index valueUsed by Object Storage to determine which partition data should
reside on.pausepauseA VM state where no changes occur (no changes in memory, network
communications stop, etc); the VM is frozen but not shut down.PCI passthroughPCI passthroughGives guest VMs exclusive access to a PCI device. Currently
supported in OpenStack Havana and later releases.persistent messagemessagespersistent messagespersistent messagesA message that is stored both in memory and on disk. The message
is not lost after a failure or restart.persistent volumepersistent volumeChanges to these types of disk volumes are saved.personality filepersonality fileA file used to customize a Compute instance. It can be used to
inject SSH keys or a specific network configuration.Platform-as-a-Service (PaaS)Platform-as-a-Service (PaaS)Provides to the consumer the ability to deploy applications
through a programming language or tools supported by the cloud
platform provider. An example of Platform-as-a-Service is an
Eclipse/Java programming platform provided with no downloads
required.plug-inplug-ins, definition ofSoftware component providing the actual implementation for
Networking APIs, or for Compute APIs, depending on the context.policy servicepolicy serviceComponent of Identity Service that provides a rule-management
interface and a rule-based authorization engine.portportsdefinition ofA virtual network port within Networking; VIFs / vNICs are
connected to a port.port UUIDportsport UUIDUnique ID for a Networking port.preseedpreseed, definition ofA tool to automate system configuration and installation on
Debian-based Linux distributions.private imageprivate imageAn Image Service VM image that is only available to specified
tenants.private IP addressIP addressesprivateprivate IP addressAn IP address used for management and administration, not
available to the public Internet.private networknetworksprivate networksprivate networksThe Network Controller provides virtual networks to enable
compute servers to interact with each other and with the public
network. All machines must have a public and private network
interface. A private network interface can be a flat or VLAN network
interface. A flat network interface is controlled by the
flat_interface with flat managers. A VLAN network interface is
controlled by the vlan_interface option with VLAN
managers.projectprojectsdefinition ofA logical grouping of users within Compute; defines quotas and
access to VM images.project IDprojectsproject IDUser-defined alphanumeric string in Compute; the name of a
project.project VPNprojectsproject VPNAlternative term for a cloudpipe.providerproviderAn administrator who has access to all hosts and
instances.proxy nodenodesproxy nodesproxy nodesA node that provides the Object Storage proxy service.proxy serverserversproxy serversproxy serversUsers of Object Storage interact with the service through the
proxy server, which in turn looks up the location of the requested
data within the ring and returns the results to the user.public APIAPI (application programming interface)public APIspublic APIAn API endpoint used for both service-to-service communication
and end-user interactions.public imageImage Servicepublic imagespublic imageAn Image Service VM image that is available to all
tenants.public IP addressIP addressespublicpublic IP addressAn IP address that is accessible to end-users.public networknetworkspublicpublic networkThe Network Controller provides virtual networks to enable
compute servers to interact with each other and with the public
network. All machines must have a public and private network
interface. The public network interface is controlled by the
public_interface option.PuppetPuppetAn operating system configuration-management tool supported by
OpenStack.PythonPythonProgramming language used extensively in OpenStack.QQEMU Copy On Write 2 (QCOW2)QEMU Copy On Write 2 (QCOW2)One of the VM image disk formats supported by Image
Service.QpidQpidMessage queue software supported by OpenStack; an alternative to
RabbitMQ.quarantinequarantineIf Object Storage finds objects, containers, or accounts that
are corrupt, they are placed in this state, are not replicated, cannot
be read by clients, and a correct copy is re-replicated.Quick EMUlator (QEMU)Quick EMUlator (QEMU)QEMU is a generic and open source machine emulator and
virtualizer.One of the hypervisors supported by OpenStack, generally used
for development purposes.quotaquotasIn Compute and Block Storage, the ability to set resource limits
on a per-project basis.RRabbitMQRabbitMQThe default message queue software used by OpenStack.Rackspace Cloud FilesRackspace Cloud FilesReleased as open source by Rackspace in 2010; the basis for
Object Storage.RADOS Block Device (RBD)RADOS Block Device (RBD)Ceph component that enables a Linux block device to be striped
over multiple distributed data stores.radvdradvdThe router advertisement daemon, used by the Compute VLAN
manager and FlatDHCP manager to provide routing services for VM
instances.RAM filterRAM filterThe Compute setting that enables or disables RAM
overcommitment.RAM overcommitRAM overcommitThe ability to start new VM instances based on the actual memory
usage of a host, as opposed to basing the decision on the amount of
RAM each running instance thinks it has available. Also known as
memory overcommit.rate limitrate limitsConfigurable option within Object Storage to limit database
writes on a per-account and/or per-container basis.rawraw formatOne of the VM image disk formats supported by Image Service; an
unstructured disk image.rebalancerebalancingThe process of distributing Object Storage partitions across all
drives in the ring; used during initial ring creation and after ring
reconfiguration.rebootreboothard vs. softEither a soft or hard reboot of a server. With a soft reboot,
the operating system is signaled to restart, which enables a graceful
shutdown of all processes. A hard reboot is the equivalent of power
cycling the server. The virtualization platform should ensure that the
reboot action has completed successfully, even in cases in which the
underlying domain/VM is paused or halted/stopped.rebuildrebuildingRemoves all data on the server and replaces it with the
specified image. Server ID and IP addresses remain the same.ReconReconAn Object Storage component that collects metrics.recordrecordsbasics ofBelongs to a particular domain and is used to specify
information about the domain.
There are several types of DNS records. Each record type contains
particular information used to describe the purpose of that record.
Examples include mail exchange (MX) records, which specify the mail
server for a particular domain; and name server (NS) records, which
specify the authoritative name servers for a domain.record IDrecordsrecord IDsA number within a database that is incremented each time a
change is made. Used by Object Storage when replicating.Red Hat Enterprise Linux (RHEL)Red Hat Enterprise Linux (RHEL)A Linux distribution that is compatible with OpenStack.reference architecturereference architectureA recommended architecture for an OpenStack cloud.regionregionA discrete OpenStack environment with dedicated API endpoints
that typically shares only the Identity Service (keystone) with other
regions.registryregistryunder Image ServiceAlternative term for the Image Service registry.registry serverserversregistry serversregistry serversAn Image Service that provides VM image metadata information to
clients.Reliable, Autonomic Distributed Object Store
(RADOS)Reliable, Autonomic Distributed Object Store
(RADOS)A collection of components that provides object storage within
Ceph. Similar to OpenStack Object Storage.Remote Procedure Call (RPC)Remote Procedure Call (RPC)The method used by the Compute RabbitMQ for intra-service
communications.replicareplicationdefinition ofProvides data redundancy and fault tolerance by creating copies
of Object Storage objects, accounts, and containers so that they are
not lost when the underlying storage fails.replica countreplicationreplica countThe number of replicas of the data in an Object Storage
ring.replicationThe process of copying data to a separate physical device for
fault tolerance and performance.replicatorreplicationreplicatorsThe Object Storage backend process that creates and manages
object replicas.request IDrequest IDsUnique ID assigned to each request sent to Compute.rescue imagerescue imagesA special type of VM image that is booted when an instance is
placed into rescue mode. Allows an administrator to mount the file
systems for an instance to correct the problem.resizeresizingConverts an existing server to a different flavor, which scales
the server up or down. The original server is saved to enable rollback
if a problem occurs. All resizes must be tested and explicitly
confirmed, at which time the original server is removed.RESTfulRESTful web servicesA kind of web service API that uses REST, or Representational
State Transfer. REST is the style of architecture for hypermedia
systems that is used for the World Wide Web.ringringsdefinition ofAn entity that maps Object Storage data to partitions. A
separate ring exists for each service, such as account, object, and
container.ring builderringsring buildersBuilds and manages rings within Object Storage, assigns
partitions to devices, and pushes the configuration to other storage
nodes.Role Based Access Control (RBAC)Role Based Access Control (RBAC)Provides a predefined list of actions that the user can perform,
such as start or stop VMs, reset passwords, and so on. Supported in
both Identity Service and Compute and can be configured using the
horizon dashboard.rolerolesdefinition ofA personality that a user assumes to perform a specific set of
operations. A role includes a set of rights and privileges. A user
assuming that role inherits those rights and privileges.role IDrolesrole IDAlphanumeric ID assigned to each Identity Service role.rootwraprootwrapA feature of Compute that allows the unprivileged "nova" user to
run a specified list of commands as the Linux root user.round-robin schedulerschedulersround-robinround-robin schedulerType of Compute scheduler that evenly distributes instances
among available hosts.routing keyrouting keysThe Compute direct exchanges, fanout exchanges, and topic
exchanges use this key to determine how to process a message;
processing varies depending on exchange type.RPC driverdriversRPC driversRPC driversModular system that allows the underlying message queue software
of Compute to be changed. For example, from RabbitMQ to ZeroMQ or
Qpid.rsyncrsyncUsed by Object Storage to push object replicas.RXTX capRXTX cap/quotaAbsolute limit on the amount of network traffic a Compute VM
instance can send and receive.RXTX quotaSoft limit on the amount of network traffic a Compute VM
instance can send and receive.Ryu neutron plug-inRyu neutron plug-inEnables the Ryu network operating system to function as a
Networking OpenFlow controller.SS3S3 storage serviceObject storage service by Amazon; similar in function to Object
Storage, it can act as a backend store for Image Service VM images.saharasaharaOpenStack project that provides a scalable data-processing stack
and associated management interfaces.scheduler managerscheduler managerA Compute component that determines where VM instances should
start. Uses modular design to support a variety of scheduler
types.scoped tokenscoped tokensAn Identity Service API access token that is associated with a
specific tenant.scrubberscrubbersChecks for and deletes unused VMs; the component of Image
Service that implements delayed delete.secret keysecret keysString of text known only by the user; used along with an access
key to make requests to the Compute API.secure shell (SSH)secure shell (SSH)Open source tool used to access remote hosts through an
encrypted communications channel, SSH key injection is supported by
Compute.security groupsecurity groupsA set of network traffic filtering rules that are applied to a
Compute instance.segmented objectobjectssegmented objectssegmented objectsAn Object Storage large object that has been broken up into
pieces. The re-assembled object is called a concatenated
object.serverserversdefinition ofComputer that provides explicit services to the client software
running on that system, often managing a variety of computer
operations.A server is a VM instance in the Compute system. Flavor and
image are requisite elements when creating a server.server imageserver imageAlternative term for a VM image.server UUIDserversserver UUIDUnique ID assigned to each guest VM instance.serviceservicesdefinition ofAn OpenStack service, such as Compute, Object Storage, or Image
Service. Provides one or more endpoints through which users can access
resources and perform operations.service catalogservice catalogAlternative term for the Identity Service catalog.service IDservice IDUnique ID assigned to each service that is available in the
Identity Service catalog.service registrationservice registrationAn Identity Service feature that enables services, such as
Compute, to automatically register with the catalog.service tenantservice tenantSpecial tenant that contains all services that are listed in the
catalog.service tokenservice tokenAn administrator-defined token used by Compute to communicate
securely with the Identity Service.session backendsessionssession backendThe method of storage used by horizon to track client sessions,
such as local memory, cookies, a database, or memcached.session persistencesessionssession persistenceA feature of the load-balancing service. It attempts to force
subsequent connections to a service to be redirected to the same node
as long as it is online.session storagesessionssession storageA horizon component that stores and tracks client session
information. Implemented through the Django sessions framework.shared IP addressIP addressessharedshared IP addressAn IP address that can be assigned to a VM instance within the
shared IP group. Public IP addresses can be shared across multiple
servers for use in various high-availability scenarios. When an IP
address is shared to another server, the cloud network restrictions
are modified to enable each server to listen to and respond on that IP
address. You can optionally specify that the target server network
configuration be modified. Shared IP addresses can be used with many
standard heartbeat facilities, such as keepalive, that monitor for
failure and manage IP failover.shared IP groupshared IP groupsA collection of servers that can share IPs with other members of
the group. Any server in a group can share one or more public IPs with
any other server in the group. With the exception of the first server
in a shared IP group, servers must be launched into shared IP groups.
A server may be a member of only one shared IP group.shared storageshared storageBlock storage that is simultaneously accessible by multiple
clients, for example, NFS.SheepdogSheepdogDistributed block storage system for QEMU, supported by
OpenStack.Simple Cloud Identity Management (SCIM)Simple Cloud Identity Management (SCIM)Specification for managing identity in the cloud, currently
unsupported by OpenStack.Single-root I/O Virtualization (SR-IOV)Single-root I/O Virtualization (SR-IOV)A specification that, when implemented by a physical PCIe
device, enables it to appear as multiple separate PCIe devices. This
enables multiple virtualized guests to share direct access to the
physical device, offering improved performance over an equivalent
virtual device. Currently supported in OpenStack Havana and later
releases.SmokeStackSmokeStackRuns automated tests against the core OpenStack API; written in
Rails.snapshotsnapshotA point-in-time copy of an OpenStack storage volume or image.
Use storage volume snapshots to back up volumes. Use image snapshots
to back up data, or as "gold" images for additional servers.soft rebootreboothard vs. softsoft rebootA controlled reboot where a VM instance is properly restarted
through operating system commands.SolidFire Volume DriverSolidFire Volume DriverThe Block Storage driver for the SolidFire iSCSI storage
appliance.SPICESPICE (Simple Protocol for Independent Computing
Environments)The Simple Protocol for Independent Computing Environments
(SPICE) provides remote desktop access to guest virtual machines. It
is an alternative to VNC. SPICE is supported by OpenStack.spread-first schedulerschedulersspread-firstspread-first schedulerThe Compute VM scheduling algorithm that attempts to start a new
VM on the host with the least amount of load.SQL-AlchemySQL-AlchemyAn open source SQL toolkit for Python, used in OpenStack.SQLiteSQLiteA lightweight SQL database, used as the default persistent
storage method in many OpenStack services.StackTachStackTachCommunity project that captures Compute AMQP communications;
useful for debugging.static IP addressIP addressesstaticstatic IP addressesAlternative term for a fixed IP address.StaticWebStaticWebWSGI middleware component of Object Storage that serves
container data as a static web page.storage backendstorage backendThe method that a service uses for persistent storage, such as
iSCSI, NFS, or local disk.storage nodenodesstorage nodesstorage nodeAn Object Storage node that provides container services, account
services, and object services; controls the account databases,
container databases, and object storage.storage managerstoragestorage managerA XenAPI component that provides a pluggable interface to
support a wide variety of persistent storage backends.storage manager backendstoragestorage manager backendA persistent storage method supported by XenAPI, such as iSCSI
or NFS.storage servicesstoragestorage servicesCollective name for the Object Storage object services,
container services, and account services.strategystrategySpecifies the authentication source used by Image Service or
Identity Service.subdomainsubdomainsA domain within a parent domain. Subdomains cannot be
registered. Subdomains enable you to delegate domains. Subdomains can
themselves have subdomains, so third-level, fourth-level, fifth-level,
and deeper levels of nesting are possible.SUSE Linux Enterprise Server (SLES)SUSE Linux Enterprise Server (SLES)A Linux distribution that is compatible with OpenStack.suspendsuspend, definition ofAlternative term for a paused VM instance.swapswap, definition ofDisk-based virtual memory used by operating systems to provide
more memory than is actually available on the system.swawthswawthAn authentication and authorization service for Object Storage,
implemented through WSGI middleware; uses Object Storage itself as the
persistent backing store.swiftAn OpenStack core project that provides object storage
services.swift All in One (SAIO)swift All in One (SAIO)Creates a full Object Storage development environment within a
single VM.swift middlewareswiftswift middlewareCollective term for Object Storage components that provide
additional functionality.swift proxy serverswiftswift proxy serverActs as the gatekeeper to Object Storage and is responsible for
authenticating the user.swift storage nodestorageswift storage nodesnodesswift storage nodesswiftswift storage nodesA node that runs Object Storage account, container, and object
services.sync pointsync pointPoint in time since the last container and accounts database
sync among nodes within Object Storage.sysadminsysadminOne of the default roles in the Compute RBAC system. Enables a
user to add other users to a project, interact with VM images that are
associated with the project, and start and stop VM instances.system usagesystem usageA Compute component that, along with the notification system,
collects metrics and usage information. This information can be used
for billing.TTelemetryTelemetryAn integrated project that provides metering and measuring
facilities for OpenStack. The project name of Telemetry is
ceilometer.TempAuthTempAuthAn authentication facility within Object Storage that enables
Object Storage itself to perform authentication and authorization.
Frequently used in testing and development.TempestTempestAutomated software test suite designed to run against the trunk
of the OpenStack core project.TempURLTempURLAn Object Storage middleware component that enables creation of
URLs for temporary object access.tenantA group of users; used to isolate access to Compute resources.
An alternative term for a project.Tenant APItenantTenant APIAn API that is accessible to tenants.tenant endpointendpointstenant endpointtenanttenant endpointAn Identity Service API endpoint that is associated with one or
more tenants.tenant IDtenanttenant IDUnique ID assigned to each tenant within the Identity Service.
The project IDs map to the tenant IDs.tokentokensAn alpha-numeric string of text used to access OpenStack APIs
and resources.token servicestoken servicesAn Identity Service component that manages and validates tokens
after a user or tenant has been authenticated.tombstonetombstoneUsed to mark Object Storage objects that have been
deleted; ensures that the object is not updated on another node after
it has been deleted.topic publishertopic publisherA process that is created when a RPC call is executed; used to
push the message to the topic exchange.TorpedoTorpedoCommunity project used to run automated tests against the
OpenStack API.transaction IDtransaction IDsUnique ID assigned to each Object Storage request; used for
debugging and tracing.transienttransient exchangesnon-durable exchangesAlternative term for non-durable.transient exchangeAlternative term for a non-durable exchange.transient messagemessagestransient messagestransient messagesA message that is stored in memory and is lost after the server
is restarted.transient queuequeuestransient queuestransient queuesAlternative term for a non-durable queue.trovetroveOpenStack project that provides database services to
applications.UUbuntuUbuntuA Debian-based Linux distribution.unscoped tokenunscoped tokenAlternative term for an Identity Service default token.updaterupdatersCollective term for a group of Object Storage components that
processes queued and failed updates for containers and objects.userusers, definition ofIn Identity Service, each user is associated with one or more
tenants, and in Compute can be associated with roles, projects, or
both.user datauser dataA blob of data that can be specified by the user when launching
an instance. This data can be accessed by the instance through the
metadata service or config drive.config drive Commonly used for passing a shell script that is
executed by the instance on boot.User Mode Linux (UML)User Mode Linux (UML)An OpenStack-supported hypervisor.VVIF UUIDVIF UUIDUnique ID assigned to each Networking VIF.Virtual Central Processing Unit (vCPU)Virtual Central Processing Unit (vCPU)Subdivides physical CPUs. Instances can then use those
divisions.Virtual Disk Image (VDI)Virtual Disk Image (VDI)One of the VM image disk formats supported by Image
Service.Virtual Hard Disk (VHD)Virtual Hard Disk (VHD)One of the VM image disk formats supported by Image
Service.virtual IPvirtual IPAn Internet Protocol (IP) address configured on the load
balancer for use by clients connecting to a service that is load
balanced. Incoming connections are distributed to backend nodes based
on the configuration of the load balancer.virtual machine (VM)virtual machine (VM)An operating system instance that runs on top of a hypervisor.
Multiple VMs can run at the same time on the same physical
host.virtual networknetworksvirtualvirtual networkAn L2 network segment within Networking.Virtual Network Computing (VNC)Virtual Network Computing (VNC)Open source GUI and CLI tools used for remote console access to
VMs. Supported by Compute.Virtual Network InterFace (VIF)Virtual Network InterFace (VIF)An interface that is plugged into a port in a Networking
network. Typically a virtual network interface belonging to a
VM.virtual portportsvirtualvirtual portAttachment point where a virtual interface connects to a virtual
network.virtual private network (VPN)virtual private network (VPN)Provided by Compute in the form of cloudpipes, specialized
instances that are used to create VPNs on a per-project basis.virtual serverserversvirtualvirtual serversAlternative term for a VM or guest.virtual switch (vSwitch)virtual switch (vSwitch)Software that runs on a host or node and provides the features
and functions of a hardware-based network switch.virtual VLANvirtual VLANAlternative term for a virtual network.VirtualBoxVirtualBoxAn OpenStack-supported hypervisor.VLAN managerVLAN managerA Compute component that provides dnsmasq and radvd and sets up
forwarding to and from cloudpipe instances.VLAN networknetworksVLANVLAN networkThe Network Controller provides virtual networks to enable
compute servers to interact with each other and with the public
network. All machines must have a public and private network
interface. A VLAN network is a private network interface, which is
controlled by the vlan_interface option with VLAN
managers.VM disk (VMDK)VM disk (VMDK)One of the VM image disk formats supported by Image
Service.VM imageVM imageAlternative term for an image.VM Remote Control (VMRC)VM Remote Control (VMRC)Method to access VM instance consoles using a web browser.
Supported by Compute.VMware APIVMware APISupports interaction with VMware products in Compute.VMware NSX Neutron plug-inProvides support for VMware NSX in Neutron.VNC proxyVNC proxyA Compute component that provides users access to the consoles
of their VM instances through VNC or VMRC.volumeDisk-based data storage generally represented as an iSCSI target
with a file system that supports extended attributes; can be
persistent or ephemeral.Volume APIvolumeVolume APIAn API on a separate endpoint for attaching, detaching, and
creating block storage for compute VMs.volume controllervolumevolume controllerA Block Storage component that oversees and coordinates storage
volume actions.volume drivervolumevolume driverAlternative term for a volume plug-in.volume IDvolumevolume IDUnique ID applied to each storage volume under the Block Storage
control.volume managervolumevolume managerA Block Storage component that creates, attaches, and detaches
persistent storage volumes.volume nodevolumevolume nodeA Block Storage node that runs the cinder-volume daemon.volume plug-involumevolume plug-inProvides support for new and specialized types of backend
storage for the Block Storage volume manager.Volume Service APIVolume Service APIAlternative term for the Compute volume API.volume workervolume workersA cinder component that interacts with backend storage to manage
the creation and deletion of volumes and the creation of compute
volumes, provided by the cinder-volume daemon.vSpherevSphereAn OpenStack-supported hypervisor.WweighingweighingA Compute process that determines the suitability of the VM
instances for a job for a particular host. For example, not enough RAM
on the host, too many CPUs on the host, and so on.weightweightUsed by Object Storage devices to determine which storage
devices are suitable for the job. Devices are weighted by size.weighted costweighted costThe sum of each cost used when deciding where to start a new VM
instance in Compute.workerworkersA daemon that listens to a queue and carries out tasks in
response to messages. For example, the cinder-volume worker manages volume
creation and deletion on storage arrays.XXen APIThe Xen administrative API, which is supported by
Compute.Xen Cloud Platform (XCP)Xen APIXen Cloud Platform (XCP)An OpenStack-supported hypervisor.Xen Storage Manager Volume DriverXen APIXen Storage Manager Volume DriverA Block Storage volume plug-in that enables communication with
the Xen Storage Manager API.XenServerXen APIXenServer hypervisorAn OpenStack-supported hypervisor.YZZeroMQZeroMQMessage queue software supported by OpenStack. An alternative to
RabbitMQ. Also spelled 0MQ.ZuulZuulTool used in OpenStack development to ensure correctly ordered
testing of changes in parallel.