Concept

A nonprofit organization providing governance, legal protection, and infrastructure for open-source software projects.

A set of rules and protocols that allows software applications to communicate with each other.

A specification for defining and documenting event-driven and asynchronous APIs in a standardized way.

The process of verifying that a user or system is who they claim to be, typically through credentials like passwords or tokens.

The process of determining what actions or resources an authenticated user or system is permitted to access.

A physical server dedicated to a single tenant with no virtualization layer, offering maximum performance and control.

HTTP Basic Authentication sends a Base64-encoded username and password with each request. Simple but insecure without TLS.

An access token sent in HTTP headers that grants the bearer access to protected resources without additional proof.

A temporary high-speed data storage layer that reduces latency by serving frequently accessed data.

A lightweight, standalone package that includes everything needed to run a piece of software: code, runtime, and libraries.

A specification and plugin framework that defines how container runtimes configure networking for containers.

A service for storing, managing, and distributing container images, acting as the library catalog for your packaged applications.

A Kubernetes plugin interface that defines how the kubelet communicates with container runtimes to manage pod and container lifecycle.

A standard interface that enables container orchestrators to manage and provision storage from any compatible backend.

A system designed to store, organize, and retrieve structured or unstructured data efficiently.

A Linux kernel technology that lets you run sandboxed programs in the kernel without changing kernel code or loading modules.

Outbound network traffic leaving a cluster, network, or security boundary toward external destinations.

A dedicated, controlled exit point that routes and monitors all outbound traffic from a cluster or service mesh.

Describes short-lived, disposable resources designed to be created and destroyed on demand without lasting side effects.

A network security device or software that monitors and filters incoming and outgoing traffic based on defined rules.

A network entry point that routes, filters, and manages traffic between clients and backend services.

A query language for APIs that lets clients request exactly the data they need in a single request.

A high-performance, open-source RPC framework that uses HTTP/2 and Protocol Buffers for efficient communication.

A packaged collection of Kubernetes resource templates and configuration that Helm uses to deploy applications.

The foundational application-layer protocol for transmitting hypermedia documents and powering communication on the World Wide Web.

A property where performing an operation multiple times produces the same result as performing it once.

The practice of managing and provisioning infrastructure through machine-readable definition files rather than manual processes.

Inbound network traffic entering a cluster or network, or the Kubernetes resource that manages external access to services.

A lightweight, human-readable data interchange format based on JavaScript object syntax, used everywhere from APIs to config files.

A compact, URL-safe token format for securely transmitting claims between parties, commonly used for authentication.

A lightweight, stateless RPC protocol that uses JSON for encoding requests and responses.

A neural network trained on massive text datasets that can generate, analyze, and reason about human language.

Recorded events and messages from applications and systems, providing a trail of what happened and when.

Middleware that routes, transforms, and delivers messages between distributed services.

A pattern for asynchronous communication between services using messages passed through intermediaries.

Numerical measurements collected over time that quantify the behavior and performance of systems.

Non-relational databases designed for flexible schemas, horizontal scaling, and specific data models.

An authorization framework that lets third-party apps access resources on behalf of a user without exposing their credentials.

The ability to understand a system's internal state from its external outputs: logs, metrics, and traces.

A computing approach optimized for complex analytical queries across large datasets, using multidimensional data models.

An open governance structure for creating industry standards around container image formats and runtime specifications.

A nonprofit foundation producing widely adopted resources, tools, and standards for application security.

A standard, language-agnostic specification for describing RESTful APIs in a machine-readable format.

An identity layer on top of OAuth 2.0 that lets applications verify user identity and obtain basic profile information.

The native protocol for transmitting telemetry data between OpenTelemetry components and backends.

Redirecting network traffic from one address and port to another, commonly used for local debugging of remote or containerized services.

A language-neutral, platform-neutral binary serialization format developed by Google for structured data.

A modern transport protocol built on UDP that provides multiplexed, encrypted connections and powers HTTP/3.

A protocol that allows a program to execute a procedure on a remote server as if it were a local function call.

An architectural style for designing networked applications using stateless HTTP methods and resource-based URLs.

A protocol for automating user identity provisioning and deprovisioning across multiple systems and services.

A collection of tools, libraries, and documentation that helps developers build software for a specific platform or service.

A cryptographic network protocol for secure remote access, command execution, and tunneling over untrusted networks.

A server push technology enabling a client to receive automatic updates from a server over a single, long-lived HTTP connection.

A cloud execution model where the provider manages infrastructure and dynamically allocates resources per request.

A formal contract between a service provider and customer defining expected service levels and consequences.

A quantitative measure of a specific aspect of service reliability, like latency, availability, or error rate.

A target value or range for a service level measured by an SLI, like 99.9% availability over 30 days.

A dedicated infrastructure layer for managing service-to-service communication, providing observability, security, and reliability.

A protocol for exchanging structured information in web services using XML-based messaging over HTTP and other transports.

A continuous, ordered flow of data or events processed incrementally in real time.

The standard language for managing and querying relational databases.

A connection-oriented transport protocol that provides reliable, ordered delivery of data between applications over IP networks.

A cryptographic protocol that provides end-to-end encryption, authentication, and data integrity for communications over networks.

Records of requests as they flow through distributed systems, showing the path and timing across services.

A connectionless transport protocol that sends datagrams without guarantees of delivery, ordering, or duplicate protection.

A software-based emulation of a physical computer that runs its own OS and applications in an isolated environment.

A technology that creates encrypted tunnels between networks, enabling secure remote access and private communication.

A virtualized server environment that provides dedicated resources on shared physical hardware with root-level access.

A security layer that filters and monitors HTTP traffic to protect web applications from common attacks.

A portable, high-performance binary instruction format designed as a compilation target for multiple programming languages.

A standardized system interface that lets WebAssembly modules securely access OS-level resources like files and networking.

A protocol providing full-duplex, persistent communication channels over a single TCP connection between client and server.

A markup language for encoding documents and data in a format that is both human-readable and machine-readable.

A human-readable data serialization format widely used for configuration files in DevOps tools and Kubernetes manifests.