DevOps glossary 📖
Plain-language definitions of the DevOps, cloud, and infrastructure terms that show up across russ.cloud - 64 entries and growing.
A
-
Agent
An agent is software that uses a model plus tools, context, and instructions to work through a task with some level of autonomy.
-
Agent Skills
Agent skills are reusable instruction packs that teach an AI agent how to handle a specific workflow, tool, format, or domain.
-
AI Coding Assistant
An AI coding assistant is a tool that uses language models to help write, explain, review, refactor, or navigate code.
-
Ansible
Ansible is an agentless automation tool used to configure servers, run repeatable tasks, and provision infrastructure through YAML playbooks.
-
Automation
Automation is the practice of turning repeatable manual work into scripts, workflows, playbooks, pipelines, or services that can run consistently.
-
Azure DevOps
Azure DevOps is Microsoft's suite for source control, work tracking, build pipelines, release workflows, package feeds, and test management.
-
Azure Firewall
Azure Firewall is a managed network firewall service for controlling and logging traffic between Azure networks, the internet, and on-premises environments.
-
Azure Functions
Azure Functions is Microsoft's serverless compute service for running small pieces of code in response to events, schedules, HTTP requests, or messages.
-
Azure Logic Apps
Azure Logic Apps is a workflow service for connecting APIs, schedules, Azure resources, and approval or automation steps with low-code building blocks.
-
Azure Pipelines
Azure Pipelines is the CI/CD service in Azure DevOps, used to run build, test, validation, approval, and deployment jobs from YAML or classic pipeline definitions.
-
Azure Soft Delete
Azure Soft Delete is a protection feature that keeps deleted Azure resources recoverable for a retention period instead of removing them immediately.
-
Azure Virtual Desktop (AVD)
Azure Virtual Desktop is Microsoft's cloud desktop and app virtualisation service, used to deliver Windows desktops or remote apps from Azure.
-
Azure Virtual Network (VNet)
An Azure Virtual Network is a private network boundary in Azure where resources can communicate through subnets, routing, peering, and security controls.
B
-
Bicep
Bicep is Microsoft's domain-specific language for deploying Azure resources, compiling to ARM templates while keeping the source code easier to read.
-
Blue/Green Deployment
Blue/green deployment is a release strategy that runs two identical production environments - one live (blue), one idle (green) - and switches traffic between them to ship a new version with near-zero downtime and a fast rollback path.
C
-
Canary Deployment
A canary deployment rolls out a new version of a service to a small percentage of traffic first, monitors for problems, then gradually shifts more traffic until the rollout completes - or aborts if metrics regress.
-
Checkov
Checkov is a static analysis tool that scans Infrastructure as Code files for security and compliance problems before they are deployed.
-
CI/CD
CI/CD stands for Continuous Integration and Continuous Delivery (or Deployment) - the practice of automatically building, testing, and releasing software changes whenever code is pushed.
-
Claude Code
Claude Code is Anthropic's agentic coding tool for working with a codebase from the terminal, with IDE integrations and support for tool access through MCP.
-
Cloudflare Tunnel
Cloudflare Tunnel exposes a private service to the internet through an outbound connector, avoiding direct inbound firewall rules to the local network.
-
Cloudflare Zero Trust
Cloudflare Zero Trust is Cloudflare's access and security platform for putting identity-aware policies in front of applications, networks, and private services.
-
Codex
Codex is OpenAI's AI coding agent for working with repositories locally through the CLI or IDE, and for delegating coding tasks to a cloud environment.
-
Conda
Conda is a package and environment manager often used to install Python versions, native dependencies, and isolated project environments.
-
Container
A container is a lightweight, isolated runtime for an application - packaging the code, dependencies, and configuration into a single image that runs the same way on any host with a compatible runtime.
-
Container Registry
A container registry stores and distributes container images so they can be pulled by developers, CI systems, and runtime platforms.
D
-
DevOps
DevOps is a set of practices that combines software development and IT operations to shorten the delivery cycle and improve software quality through automation, shared ownership, and tight feedback loops.
-
DNS
DNS is the naming system that translates domain names such as example.com into addresses and records that computers can use.
-
Docker Compose
Docker Compose is a tool for defining and running multi-container applications from a YAML file.
-
Dotfiles
Dotfiles are user configuration files, usually stored in a home directory and often version-controlled so a workstation can be rebuilt consistently.
F
G
-
GitHub
GitHub is a Git hosting and collaboration platform that also provides automation, package hosting, pull requests, Codespaces, and security tooling.
-
GitHub Container Registry (GHCR)
GitHub Container Registry is GitHub's container image registry, commonly used to publish OCI images next to the source repositories that build them.
H
I
-
Immutable Infrastructure
Immutable infrastructure is a deployment pattern where servers and other infrastructure components are never modified after they are created - instead, changes are deployed by replacing them with a new version.
-
Infracost
Infracost estimates the cost impact of Infrastructure as Code changes, usually by reading Terraform plan output and showing the expected monthly difference.
-
Infrastructure as Code (IaC)
Infrastructure as Code (IaC) is the practice of defining cloud and on-premises infrastructure in machine-readable configuration files, then provisioning and changing it through automated tools rather than clicking through a console.
K
-
Kubernetes
Kubernetes is a container orchestration platform that schedules containers across a cluster and manages rollout, service discovery, scaling, and recovery.
-
Kusto Query Language (KQL)
KQL is Microsoft's query language for exploring logs, metrics, and telemetry in services such as Azure Monitor, Log Analytics, and Microsoft Sentinel.
L
M
-
Microsoft Fabric Capacity
A Microsoft Fabric capacity is a reserved compute pool used to run Fabric workloads such as Power BI, data engineering, data warehousing, and real-time analytics.
-
Model Context Protocol (MCP)
Model Context Protocol is a standard way for AI tools to connect models to external context, tools, data sources, and services.
N
O
-
Observability
Observability is the ability to understand the internal state of a running system from the data it emits - logs, metrics, and traces - without having to change the system or attach a debugger.
-
Ollama
Ollama is a local runtime and model manager for running large language models on a workstation or server.
P
-
Packer
Packer is a HashiCorp tool for building repeatable machine images for virtual machines, cloud platforms, and local development environments.
-
Podman
Podman is a daemonless container engine that can build and run OCI containers, often using Docker-compatible commands.
-
Policy as Code
Policy as Code means writing security, compliance, or operational rules as version-controlled code that can be tested automatically before changes are deployed.
-
Prompt Engineering
Prompt engineering is the practice of writing and refining instructions so a language or image model produces more useful output.
-
Python
Python is a general-purpose programming language often used for automation, scripting, web services, data work, and command-line tools.
S
-
Secrets Management
Secrets management is the practice of storing, rotating, and controlling access to credentials such as tokens, passwords, keys, and certificates.
-
Security
Security is the set of practices that reduce the chance of systems, data, credentials, and users being misused or exposed.
-
Serverless
Serverless is a cloud model where the provider manages the runtime infrastructure and users deploy functions or workflows that scale on demand.
-
Service Principal
A service principal is an identity used by an application, script, or pipeline to authenticate to Microsoft Entra ID and access Azure resources.
-
Shared Access Signature (SAS)
A Shared Access Signature is a time-limited token that grants scoped access to Azure Storage without sharing the account key.
-
SSH Key
An SSH key is a public/private key pair used to authenticate securely to remote systems and Git services without sending a password.
-
Starship
Starship is a cross-shell prompt that shows contextual information such as Git status, language versions, cloud context, and command timing.
-
Supply Chain Attack
A supply chain attack compromises software indirectly by targeting dependencies, build systems, package registries, maintainers, or deployment workflows.
T
-
Terraform
Terraform is an Infrastructure as Code tool that reads declarative configuration, builds an execution plan, and changes infrastructure through provider APIs.
-
Terraform State
Terraform state is the data Terraform keeps about the infrastructure it manages, mapping configuration resources to real cloud or platform objects.
-
TLS Certificate
A TLS certificate proves the identity of a service and allows clients to establish encrypted HTTPS or TLS connections.
V
-
Vibe Coding
Vibe coding is an informal style of building software by steering an AI coding tool through prompts, feedback, and repeated review rather than writing every line manually.
-
Virtual Environment
A virtual environment is an isolated project environment that keeps language runtimes and packages separate from the system install and other projects.