Glossary

Active Directory — a directory service for Windows Server family operating systems. It was initially created as an LDAP-compatible implementation of a directory service. However, starting with Windows Server 2008, it includes integration capabilities with other authorization services, performing an integrating and unifying role for them.

A function that computes a single result from a set of input values. See: Aggregate functions.

A temporary name for a table or a column. See: Use tables and column aliases in queries.

An operation that collects statistics of data in tables and other relations to help the query planner make decisions about how to execute queries. See: Analyze queries.

Application programming interface — a set of ready-made classes, procedures, functions, structures, and constants provided by an application (library, service) or operating system for use in external software products.

Autovacuum reclaims storage occupied by dead tuples — tuples that are deleted or obsoleted by an update, but are not physically removed from tables.

B-Tree index is a multi-level tree structure used to efficiently organize and search data. See: B-Tree.

A process that performs server-side operations.

Command-line interface — a kind of text user interface (TUI) where users give instructions to a computer by typing text strings (commands) from a keyboard. Other names are console and terminal.

A group of servers and coordinating software that are united logically and can process the same requests and act as a single resource.

A checkpoint is a point in the WAL sequence at which all data files are updated to reflect the information in WAL and are stored to the disk.

One of the parts into which PostgreSQL divides a value for storing in TOAST tables.

A situation where two (or more) transactions hold locks in such a way that they block each other. See Deadlocks.

A tuple that is deleted or obsolete after an update operation, but is not physically removed from a table.

Domain name system — a distributed and hierarchical system used to identify computers, domains, services, and other resources accessible through the Internet or other network protocols. It is most often used to get an IP address by a host name (computer or device), obtain information about mail routing and/or service nodes for protocols in a domain.

An application designed to respond to DNS queries using the appropriate protocol. This term can also be used to refer to a host where the corresponding application is running.

A software add-on package that can be installed on an ADPG/PostgreSQL instance to get extra functionality.

A software package designed to monitor and filter network traffic.

A foreign key constraint specifies that the values in a column (or in a group of columns) must match the values from some row of another table.

A free and open-source identity management system for Linux/UNIX networked environments. It is based on Fedora Linux, 389 Directory Server, MIT Kerberos, NTP, DNS, the DogTag certificate system, SSSD, and other free/open-source components. FreeIPA is designed with an intent to provide the same services as Active Directory.

Fully qualified domain name — a domain name that has no ambiguities in its definition. Includes the names of all the parent domains in the DNS hierarchy.

A network device designed to transfer a user traffic between two networks that have different characteristics, use different protocols or technologies. One of the most common ways to use a gateway is the provision of access from a local area network (LAN) to an external one (Internet).

A computer or another device connected to a network. A host can work as a server providing information about resources, services, and applications to users or other hosts. Each host on a network is assigned at least one network address.

Index in ADPG/PostgreSQL is a special data structure that provides fast search of required data without a full table scan. See: Indexes.

A group of backend and auxiliary processes that communicate using a common shared memory area. A single postmaster process manages an instance. One instance controls exactly one database cluster with all its databases.

Internet protocol address — a unique network address of a node in a computer network built on the IP protocol stack.

It is a protocol for authentication service requests between trusted hosts across an untrusted network. See: Kerberos authentication.

A file containing one or more principals and their keys. It is used for authentication in the Kerberos infrastructure and allows users not to enter usernames and passwords manually.

A unique name of a user or service.

A Kerberos network that includes Key Distribution Center and several clients.

Lightweight Directory Access Protocol — a simple protocol that uses TCP/IP and allows authentication, search, and compare operations, as well as operations for adding, modifying, or deleting records.

A relation that is defined by a SELECT statement (just like a view), but stores data in the same way that a table does. It cannot be modified via the INSERT, UPDATE, DELETE, or MERGE operations. See: Materialized views.

Multi-version concurrency control — a mechanism designed to allow several transactions to be reading and writing the same rows without one process causing other processes to stall. In PostgreSQL, MVCC is implemented by creating copies (versions) of tuples as they are modified.

A device connected to other devices via a network. It has its own IP address and can exchange data with other nodes in the network. Nodes can be computers, mobile phones, pocket computers, as well as special network devices (such as routers, switches, hubs).

Network time protocol — a network protocol for synchronizing the internal computer clock using networks with variable latency.

One of several non-overlapping subsets of a larger set.

A relation that is semantically similar to a table, but whose storage is distributed across several partitions (separate tables). See: Partitioning.

The first process of an ADPG/PostgreSQL instance. It starts and manages the auxiliary processes and creates backend processes on demand.

The part of ADPG/PostgreSQL that is devoted to determine the most efficient way to execute queries. Also known as query optimizer, optimizer, or simply planner.

Redundant array of independent disks — a data virtualization technology that involves combining multiple disks into a logical element for redundancy and performance improvement.

A mechanism for synchronizing the contents of multiple copies of the same object (for example, the contents of a database). Duplicating data across multiple replica hosts provides higher data availability and increases system reliability.

A command to undo all operations performed since the beginning of a transaction.

Superuser — a special account in Unix-like systems that has the rights to perform any operations.

The search path is a list of schemas to look in. In most cases, tables are referenced by unqualified names (without schema names) in queries. The system uses the search path to determine which table should be processed.

A special type of digital certificate signed by its subject. Technically, such a certificate is no different from a certificate signed by a certification authority (CA), only that the user creates its own signature. A certificate creator is also the certification authority in this case. All root certificates of trusted CAs are self-signed.

A type of relation that is used to generate values. Typically, the generated values are sequential non-repeating numbers. They are commonly used to generate surrogate primary key values. See: Sequences.

RAM used by the processes common to an instance. It mirrors parts of database files, provides a temporary space for WAL records, and stores additional shared information. Note that shared memory belongs to the entire instance, not to a single database.

A copy of files and directories of the database at a certain point in time.

Secure shell — an application-level network protocol that allows remote control of the operating system and tunneling of TCP connections. SSH allows you to choose different encryption algorithms. SSH clients and SSH servers are available for most network operating systems.

Secure sockets layer — a cryptographic protocol that implies secure communication. It uses asymmetric cryptography to authenticate exchange keys, symmetric encryption to maintain confidentiality, and message authentication codes to ensure message integrity.

Substitute user and do — a command for system administration of Unix-like operating systems that allows delegating certain privileges to users with the maintenance of the work protocol. The main idea is to give users as few rights as possible, but enough to solve the tasks.

Switch user — a command in Unix-like operating systems that allows a user to log in under a different name without terminating the current session. It is usually used by the superuser for temporarily login to perform administrative work.

A mechanism that splits large attributes of table rows and stores them in a secondary table called the TOAST table. Each relation with large attributes has its own TOAST table. See: TOAST.

Transactions per second — an average number of transactions that are executed per second, totaled across all active sessions. This characteristic is used as a measure of the instance’s performance.

Uniform resource identifier — a unified sequence of characters that identifies an abstract or physical resource.

Uniform resource locator — a uniform identifier for the location of an abstract or physical resource.

The process of removing outdated tuple versions from tables or materialized views, and other closely related processing required by PostgreSQL’s implementation of MVCC. This can be initiated through the use of the VACUUM command, but can also be handled automatically via autovacuum processes. See: Vacuuming.

A relation that is defined by a SELECT statement, but has no storage of its own. Any time a query references a view, the definition of the view is substituted into the query as if the user had typed it as a subquery instead of the name of the view. See: Views and materialized views.

Write-ahead log — the journal that keeps track of the changes in the database cluster made by user- and system-invoked operations. See: Continuous archiving and point-in-time recovery (PITR).