Skip to content

Glossary

Terms and acronyms used throughout the tomoda devops docs.

ACM — AWS Certificate Manager. Issues the public TLS certificate used by CloudFront. Certificates for CloudFront must be provisioned in us-east-1. See infrastructure/aws/acm.tf.

Argo CD — Declarative GitOps controller for Kubernetes. The single reconciler for everything in k8s/. Installed by Terraform in infrastructure/gcp/argocd.tf; UI at argo-app.tomoda.life.

Artifact Registry — GCP's private Docker registry. Tomoda has two repos in asia-east1: tomoda-dev-repo and tomoda-prod-repo. See infrastructure/gcp/registry.tf.

Barmanpg_basebackup-based PostgreSQL backup tool integrated with CloudNativePG. Writes WAL segments and base backups to a Barman object store — in our case the GCS bucket tomoda-db-backups-development-485000. Provides point-in-time recovery.

Bitnami — Maintainer of the upstream Helm chart used for the in-cluster Redis (registry-1.docker.io/bitnamicharts/redis). We pin a specific version in k8s/envs/{dev,prod}/middleware/redis/application.yaml.

CDN — Content Delivery Network. Tomoda uses CloudFront for static assets only.

CloudFront — AWS CDN. One distribution per environment, fronts the corresponding S3 bucket. Alias assets.tomoda.life (prod) or assets-dev.tomoda.life (dev). See infrastructure/aws/cloudfront.tf.

CNPG — CloudNativePG. The Postgres operator running both postgres-dev and postgres-prod clusters in the data namespace. Image: ghcr.io/cloudnative-pg/postgis:17-3.5.

Dex — OIDC connector bundled with Argo CD. Configured with the Google connector + hostedDomains: ["tomoda.life"] so only company Google accounts can sign in. See infrastructure/gcp/argocd.tf.

External-DNS — Controller that syncs Kubernetes Ingress and Service objects to DNS records. In our case it writes to the Cloudflare tomoda.life zone. See k8s/envs/dev/sys/external-dns/values.yaml.

External Secrets Operator (ESO) — Controller that pulls secrets from GCP Secret Manager (and AWS Secrets Manager) and materializes them as native Kubernetes Secret objects via ExternalSecret and ClusterSecretStore resources. Authenticates via Workload Identity.

GitOps — The pattern where the cluster's desired state lives in git, and a controller (Argo CD) reconciles the live state to match. Direct kubectl apply is reserved for bootstrap.

GKE — Google Kubernetes Engine. The cluster name is gke-tomoda, in zone asia-east1-a. See infrastructure/gcp/gke.tf.

IAP — Identity-Aware Proxy. GCP's project-level OAuth brand resource is provisioned via infrastructure/gcp/oauth.tf even though we use Dex for Argo SSO; the brand is a prerequisite for OAuth clients in the project.

Kustomize — The templating layer for k8s/apps/. Base manifests live in k8s/apps/<app>/base/; per-env patches live in k8s/apps/<app>/overlays/{dev,prod}/.

Let's Encrypt — TLS certificate authority used by cert-manager via the letsencrypt-prod ClusterIssuer for in-cluster Traefik-served hosts (api.*, app.*, argo-app.*). The CloudFront-served assets.* hosts use ACM instead.

OAC — Origin Access Control. The AWS feature that makes the S3 bucket accessible only via the CloudFront distribution (and not directly). Replaces the older OAI mechanism. See infrastructure/aws/cloudfront.tf.

oauth2-proxy — Reverse-proxy authenticator deployed in-cluster. Used to gate ancillary admin UIs (pgAdmin, Redis Insight, dashboards) behind Google OAuth. See k8s/envs/dev/sys/oauth2-proxy/.

PDB — PodDisruptionBudget. Prevents voluntary disruptions (node drains, rollouts) from taking all replicas of a Deployment offline. Only the prod backend has a PDB today — see k8s/apps/tomoda/overlays/prod/pdb.yaml.

Photon — Multilingual geocoder backed by an OSM-derived Lucene index. Runs in-cluster from the rtuszik/photon-docker image. The index is built externally and uploaded to the GCS bucket <project>-photon-index.

PostGIS — PostgreSQL extension for geospatial data. Used by tomoda for location features. Included in the CNPG image; loaded via the postInitSQL hook in k8s/envs/{dev,prod}/middleware/postgres/manifests/cluster.yaml.

PVC — PersistentVolumeClaim. CNPG and Redis both use PVCs backed by GKE-managed persistent disks for their on-disk state.

Spot instance — A preemptible compute VM that can be reclaimed on short notice in exchange for a steep price discount. Both GKE node pools are spot — see infrastructure/gcp/gke.tf.

Traefik — In-cluster ingress controller. Terminates TLS, routes by host header, integrates with cert-manager via Ingress annotations. Exposed as an external L4 GCP LoadBalancer. See k8s/envs/dev/sys/traefik/values.yaml.

VPC — Virtual Private Cloud. The custom VPC gke-tomoda-vpc hosts the GKE cluster. Primary subnet 10.0.0.0/24; secondary ranges 10.1.0.0/16 (Pods) and 10.2.0.0/20 (Services). See infrastructure/gcp/vpc.tf.

Workload Identity — GKE's mechanism for binding Kubernetes service accounts to GCP service accounts without static credentials. CNPG uses it to write to GCS; the (suspended) Photon indexer is set up to use it for the same.

Tomoda-specific terms

data namespace — The shared K8s namespace holding stateful workloads: postgres-dev, postgres-prod, Redis (dev + prod), Photon, pgAdmin, Redis Insight.

tomoda namespace — The dev app namespace. Backend, frontend, and dev-specific config live here.

prod namespace — The prod app namespace. Same shape as tomoda but with the prod overlay applied.

gsm-tomoda — The ClusterSecretStore resource that points External Secrets Operator at GCP Secret Manager for the development-485000 project.

Bootstrap manifestk8s/envs/{dev,prod}/bootstrap.yaml. The single Argo Application manifest that, once applied, recursively pulls in every other Application in the env. This is the only thing applied by hand.

App-of-apps — The pattern where Argo Applications reference other Argo Applications. See Environments.

tomoda-db-backups-development-485000 — The GCS bucket where CNPG writes Barman backups for both dev and prod (under /dev/ and /prod/ prefixes).