Skip to main content

Internal Glossary

Use this page when an internal docs page mentions a platform or infrastructure term you do not recognize.

The goal is not to replace the deeper reference docs. It is to give each unfamiliar term a short plain-language anchor and a stable link target.

AWS Secrets Manager

The AWS service that stores shared secret values before they are copied into Kubernetes.

ArgoCD

The GitOps deployment system that keeps the cluster aligned with what is committed in Git.

Application Resource

The Kubernetes object ArgoCD uses to describe how one deployable component should be synced.

cert-manager

The controller that requests, renews, and stores TLS certificates inside Kubernetes.

ClusterIP Service

A Kubernetes service that is reachable only from inside the cluster.

ClusterIssuer

The cluster-wide cert-manager object that knows how to obtain certificates.

CrashLoopBackOff

A Kubernetes restart state where a container keeps crashing and retries are spaced farther apart.

Cursor Pagination

A pagination style that returns opaque cursor tokens instead of page numbers.

DNS-01

A certificate-validation method that proves domain control by creating DNS records.

DOKS

DigitalOcean Kubernetes, the managed Kubernetes service used for the Crawbl cluster.

DOCR

DigitalOcean Container Registry, where Crawbl stores container images.

Envoy Gateway

The public gateway that receives incoming traffic and routes it to internal services.

External Secrets Operator

The controller that copies secrets from AWS Secrets Manager into Kubernetes Secrets.

external-dns

The controller that creates and updates DNS records from Kubernetes or gateway resources.

FCM

Firebase Cloud Messaging, used for device push notifications.

Firebase JWT

The signed Firebase identity token used to authenticate a user request.

GitOps

An operations model where Git is the source of truth for live cluster state.

Helm Chart

A packaged set of Kubernetes templates and values used to deploy an application.

HMAC

A shared-secret signature scheme used to prove a request came from a trusted client.

HTTPRoute

The routing rule that tells the gateway which hostname and path should reach which service.

JWKS

The public-key document a provider publishes so other systems can verify token signatures.

Metacontroller

A controller framework used to create and clean up user runtime resources from custom resources.

OAuth

The delegated login and consent flow used to connect external apps without storing user passwords.

Pulumi

The infrastructure-as-code tool that creates the cluster and foundational platform resources.

PVC

A PersistentVolumeClaim, which requests persistent storage for a workload.

SecurityPolicy

The gateway rule that validates bearer tokens before traffic reaches the backend.

Socket.IO

The realtime transport layer used to push events from the backend to connected clients.

StatefulSet

The Kubernetes workload type used when pods need stable identities and persistent storage.

Sync Wave

The deployment order number ArgoCD uses to make dependent apps start in sequence.

UserSwarm

The Crawbl custom resource that represents one user runtime and its lifecycle.