Glossary

This page contains simplified definitions of abbreviations and terms for users who are not infrastructure specialists, such as network engineers, system administrators, or DevOps specialists. At the same time, SHIPOPS users should understand the basic principles of how networks work.

Core Terms

DNS

Domain Name System. SHIPOPS documentation uses the concepts of root domain and local root domain. A root domain is the common part of all domain names inside a VPC. Local means that such a domain is not visible on the public network, is not resolved by external DNS services, and is not published on public DNS servers. Local domains are served by a local DNS server, which is implemented in SHIPOPS as a separate role.

VPC

Virtual Private Cloud. In the context of SHIPOPS, this is a set of servers connected to a single private network and sharing a common local root domain. This abbreviation is also used by many cloud providers for sets of servers joined into a single private network, although implementation details may differ. What they have in common is that they define an expandable group of servers.

OCI Image

An OCI-compatible image is a container image of an application. There are many public repositories that store such images. One of the most popular is docker.io. Images are marked with version tags. The reserved tag name latest means the newest version.
For more about OCI, see Open Container Initiative (OCI).

CIDR

This is a compact way to write an IP address range using a slash. For example, instead of listing addresses from 192.168.1.0 to 192.168.1.255, you can write 192.168.1.0/24. The number after the / character shows which part of the address is fixed and which part can change. For a more complete definition, search for the term classless addressing.

Firewall

This is a packet filter that allows or blocks traffic according to rules for IP addresses, ports, protocols (TCP/UDP/ICMP), and flags, such as SYN. For an application, this is a transparent barrier: if a packet is not allowed through, the application will not even know that someone tried to establish a connection.

Infrastructure and Traffic Terms

S3

This is object storage for files and binary data, available over HTTP/HTTPS. The protocol was originally developed by AWS, but is now widely provided by most cloud providers as a backup storage service, and can also be deployed on private servers, for example with MinIO. S3 uses the concept of a bucket as a container for managing access policies.

Load Balancing Service

LBaaS means Load Balancer as a Service. This is a managed cloud service that automatically distributes incoming traffic (HTTP, HTTPS, TCP, UDP) across multiple servers. It hides the real servers behind one public IP address or DNS name, provides fault tolerance, and simplifies scaling.

Tunnel

In SHIPOPS documentation, this term means a stable communication channel built on outgoing traffic. When direct incoming traffic is impossible, for example because of NAT or a firewall, the client software establishes an outgoing TCP connection to an intermediary server, such as Cloudflare or an SSH server. Because TCP creates a reliable two-way connection, this channel can be used to receive incoming requests from external clients. In examples with Cloudflare Tunnel or an SSH tunnel, this channel is also encrypted.

Core Terms​

DNS​

VPC​

OCI Image​

CIDR​

Firewall​

Infrastructure and Traffic Terms​

S3​

Load Balancing Service​

Tunnel​