DevOps glossary 📖
Plain-language definitions of the DevOps, cloud, and infrastructure terms that show up across russ.cloud - 64 entries and growing.
A
Agent
An agent is software that uses a model plus tools, context, and instructions to work through a task with some level of autonomy.
Agent Skills
Agent skills are reusable instruction packs that teach an AI agent how to handle a specific workflow, tool, format, or domain.
AI Coding Assistant
An AI coding assistant is a tool that uses language models to help write, explain, review, refactor, or navigate code.
Ansible
Ansible is an agentless automation tool used to configure servers, run repeatable tasks, and provision infrastructure through YAML playbooks.
Automation
Automation is the practice of turning repeatable manual work into scripts, workflows, playbooks, pipelines, or services that can run consistently.
Azure DevOps
Azure DevOps is Microsoft's suite for source control, work tracking, build pipelines, release workflows, package feeds, and test management.
Azure Firewall
Azure Firewall is a managed network firewall service for controlling and logging traffic between Azure networks, the internet, and on-premises environments.
Azure Functions
Azure Functions is Microsoft's serverless compute service for running small pieces of code in response to events, schedules, HTTP requests, or messages.
Azure Logic Apps
Azure Logic Apps is a workflow service for connecting APIs, schedules, Azure resources, and approval or automation steps with low-code building blocks.
Azure Pipelines
Azure Pipelines is the CI/CD service in Azure DevOps, used to run build, test, validation, approval, and deployment jobs from YAML or classic pipeline definitions.
Azure Soft Delete
Azure Soft Delete is a protection feature that keeps deleted Azure resources recoverable for a retention period instead of removing them immediately.
Azure Virtual Desktop (AVD)
Azure Virtual Desktop is Microsoft's cloud desktop and app virtualisation service, used to deliver Windows desktops or remote apps from Azure.
Azure Virtual Network (VNet)
An Azure Virtual Network is a private network boundary in Azure where resources can communicate through subnets, routing, peering, and security controls.
B
Bicep
Bicep is Microsoft's domain-specific language for deploying Azure resources, compiling to ARM templates while keeping the source code easier to read.
Blue/Green Deployment
Blue/green deployment is a release strategy that runs two identical production environments - one live (blue), one idle (green) - and switches traffic between them to ship a new version with near-zero downtime and a fast rollback path.
C
Canary Deployment
A canary deployment rolls out a new version of a service to a small percentage of traffic first, monitors for problems, then gradually shifts more traffic until the rollout completes - or aborts if metrics regress.
Checkov
Checkov is a static analysis tool that scans Infrastructure as Code files for security and compliance problems before they are deployed.
CI/CD
CI/CD stands for Continuous Integration and Continuous Delivery (or Deployment) - the practice of automatically building, testing, and releasing software changes whenever code is pushed.
Claude Code
Claude Code is Anthropic's agentic coding tool for working with a codebase from the terminal, with IDE integrations and support for tool access through MCP.
Cloudflare Tunnel
Cloudflare Tunnel exposes a private service to the internet through an outbound connector, avoiding direct inbound firewall rules to the local network.
Cloudflare Zero Trust
Cloudflare Zero Trust is Cloudflare's access and security platform for putting identity-aware policies in front of applications, networks, and private services.
Codex
Codex is OpenAI's AI coding agent for working with repositories locally through the CLI or IDE, and for delegating coding tasks to a cloud environment.
Conda
Conda is a package and environment manager often used to install Python versions, native dependencies, and isolated project environments.
Container
A container is a lightweight, isolated runtime for an application - packaging the code, dependencies, and configuration into a single image that runs the same way on any host with a compatible runtime.
Container Registry
A container registry stores and distributes container images so they can be pulled by developers, CI systems, and runtime platforms.
D
DevOps
DevOps is a set of practices that combines software development and IT operations to shorten the delivery cycle and improve software quality through automation, shared ownership, and tight feedback loops.
DNS
DNS is the naming system that translates domain names such as example.com into addresses and records that computers can use.
Docker Compose
Docker Compose is a tool for defining and running multi-container applications from a YAML file.
Dotfiles
Dotfiles are user configuration files, usually stored in a home directory and often version-controlled so a workstation can be rebuilt consistently.
F
G
GitHub
GitHub is a Git hosting and collaboration platform that also provides automation, package hosting, pull requests, Codespaces, and security tooling.
GitHub Container Registry (GHCR)
GitHub Container Registry is GitHub's container image registry, commonly used to publish OCI images next to the source repositories that build them.
H
I
Immutable Infrastructure
Immutable infrastructure is a deployment pattern where servers and other infrastructure components are never modified after they are created - instead, changes are deployed by replacing them with a new version.
Infracost
Infracost estimates the cost impact of Infrastructure as Code changes, usually by reading Terraform plan output and showing the expected monthly difference.
Infrastructure as Code (IaC)
Infrastructure as Code (IaC) is the practice of defining cloud and on-premises infrastructure in machine-readable configuration files, then provisioning and changing it through automated tools rather than clicking through a console.
K
Kubernetes
Kubernetes is a container orchestration platform that schedules containers across a cluster and manages rollout, service discovery, scaling, and recovery.
Kusto Query Language (KQL)
KQL is Microsoft's query language for exploring logs, metrics, and telemetry in services such as Azure Monitor, Log Analytics, and Microsoft Sentinel.
L
M
Microsoft Fabric Capacity
A Microsoft Fabric capacity is a reserved compute pool used to run Fabric workloads such as Power BI, data engineering, data warehousing, and real-time analytics.
Model Context Protocol (MCP)
Model Context Protocol is a standard way for AI tools to connect models to external context, tools, data sources, and services.
N
O
Observability
Observability is the ability to understand the internal state of a running system from the data it emits - logs, metrics, and traces - without having to change the system or attach a debugger.
Ollama
Ollama is a local runtime and model manager for running large language models on a workstation or server.
P
Packer
Packer is a HashiCorp tool for building repeatable machine images for virtual machines, cloud platforms, and local development environments.
Podman
Podman is a daemonless container engine that can build and run OCI containers, often using Docker-compatible commands.
Policy as Code
Policy as Code means writing security, compliance, or operational rules as version-controlled code that can be tested automatically before changes are deployed.
Prompt Engineering
Prompt engineering is the practice of writing and refining instructions so a language or image model produces more useful output.
Python
Python is a general-purpose programming language often used for automation, scripting, web services, data work, and command-line tools.
S
Secrets Management
Secrets management is the practice of storing, rotating, and controlling access to credentials such as tokens, passwords, keys, and certificates.
Security
Security is the set of practices that reduce the chance of systems, data, credentials, and users being misused or exposed.
Serverless
Serverless is a cloud model where the provider manages the runtime infrastructure and users deploy functions or workflows that scale on demand.
Service Principal
A service principal is an identity used by an application, script, or pipeline to authenticate to Microsoft Entra ID and access Azure resources.
Shared Access Signature (SAS)
A Shared Access Signature is a time-limited token that grants scoped access to Azure Storage without sharing the account key.
SSH Key
An SSH key is a public/private key pair used to authenticate securely to remote systems and Git services without sending a password.
Starship
Starship is a cross-shell prompt that shows contextual information such as Git status, language versions, cloud context, and command timing.
Supply Chain Attack
A supply chain attack compromises software indirectly by targeting dependencies, build systems, package registries, maintainers, or deployment workflows.
T
Terraform
Terraform is an Infrastructure as Code tool that reads declarative configuration, builds an execution plan, and changes infrastructure through provider APIs.
Terraform State
Terraform state is the data Terraform keeps about the infrastructure it manages, mapping configuration resources to real cloud or platform objects.
TLS Certificate
A TLS certificate proves the identity of a service and allows clients to establish encrypted HTTPS or TLS connections.
V
Vibe Coding
Vibe coding is an informal style of building software by steering an AI coding tool through prompts, feedback, and repeated review rather than writing every line manually.
Virtual Environment
A virtual environment is an isolated project environment that keeps language runtimes and packages separate from the system install and other projects.