Exaba Glossary

Access Key / Secret Key

Credentials used for authenticating and authorizing requests made through the S3 API, equivalent to a username/password combination.

Access Control List (ACL)

A set of rules defining permissions for users or system processes to access objects or buckets within the storage system. ACLs specify who can read, write, or manage specific resources.

Accounting

Accounting refers to the tracking and measurement of usage statistics, operational activity, and storage metrics within Exaba’s object storage system. These metrics are used for billing, monitoring, performance analysis, and policy enforcement.

Key measures collected include:

  • Total Objects Count:: The number of stored objects (files) in a bucket or across the system.

  • Total Storage Used (Bytes):: The cumulative size in bytes of all stored objects, including all object versions and metadata overheads.

  • Small Objects Count:: The number of objects that fall below the system-defined minimum object size (e.g., 128 KiB, 4 MiB etc), often used to adjust billing due to metadata and I/O overhead. A common value for hosted SaaS backup storage may be closer to 4 MiB. For example, storing a 1-byte object, and allowing the 1-byte objects to be versioned requires a lot more than the 1-byte of the object size.

  • Object Versions Size (Bytes):: The count and total size of object versions, if versioning is enabled.

  • PUT Operations:: The total number of PUT operations (uploads), optionally broken down by size class or frequency.

  • GET Operations:: The number of GET operations (downloads), used for bandwidth and usage monitoring.

  • DELETE Operations:: The count of DELETE requests, including deletes of versioned objects.

  • Uploaded Bytes:: The total number of bytes received by the system via PUT, POST, and multipart uploads.

  • Downloaded Bytes:: The total number of bytes served in response to GET or HEAD requests.

  • Bandwidth Usage (95th Percentile) Mb/s (megabits/sec:: The 95th percentile of ingress and egress bandwidth, typically measured over 5-minute or hourly intervals, used for burst-aware billing.

  • Failed or Denied Requests:: Counts of rejected operations, categorized by HTTP status code (e.g., 403, 404, 500), to monitor errors or policy violations.

These metrics may be aggregated per user, per bucket, per tenant, or per access key, and are essential for enforcing quotas, optimizing performance, ensuring fairness, and generating billing reports.

Base-N encoding

Base-N Encoding refers to encoding binary data into textual representations using a set of characters (alphabet). Common variants include:

  • Base32: Encodes binary data using 32 characters (A–Z, 2–7), useful for readable encoding.
  • Base62: Uses digits (0–9), uppercase letters (A–Z), and lowercase letters (a–z). Often utilized for compact, URL-friendly encodings.
  • Base64: Encodes data using 64 characters (A–Z, a–z, 0–9, +, /), widely used in email attachments, URLs, and cryptographic systems.

Billing Unit

A measurement used to calculate storage costs based on factors like data stored, data transferred, and requests made. Understanding billing units helps in managing and optimizing storage expenses. Monthly billing is commonly in units of (decimal) gigabytes (GB) of storage per month. The monthly price is often divided by 720 to get an GB/hour rate.

(b)its vs (B)ytes

MB (Megabyte) and GB (Gigabyte) are decimal-based storage units using powers of 10:

  • 1 MB = 1,000,000 bytes
  • 1 GB = 1,000,000,000 bytes

MiB (Mebibyte) and GiB (Gibibyte) are binary-based storage units using powers of 2:

  • 1 MiB = 1,048,576 bytes (2^20 bytes)
  • 1 GiB = 1,073,741,824 bytes (2^30 bytes)

Exaba consistently uses decimal units (GB/TB/PB) for storage measurement and billing clarity.

Block Storage

A storage method breaking data into fixed-size blocks, ideal for databases and high-performance applications requiring fast, low-latency access. It differs from object and file storage by offering direct control over data placement and retrieval, at the cost of reduced flexibility for scaling large data volumes.

Bonding (see LAG and MLAG)

Bonding (also known as link aggregation or NIC teaming) is the practice of combining multiple physical network interfaces into one logical interface, enhancing reliability, redundancy, and network performance.

Bucket

A container within object storage used to store and organize objects (files). Buckets are fundamental storage units accessed through the S3 API.

Bucket Policy

Rules governing access and permissions for buckets, allowing fine-grained control over who can read, write, or manage data.

Cache

Caching temporarily stores frequently accessed or recently used data to significantly improve storage performance and reduce latency. There are several caching strategies optimized for different workloads:

Write-through Cache

In a write-through cache, data written by a client is simultaneously stored both in cache and primary storage. This ensures data integrity, as there is no risk of data loss in the event of cache failure. However, it introduces higher latency during writes, as each write operation waits for acknowledgment from primary storage.

Write-back Cache

A write-back cache temporarily stores data exclusively in cache memory during write operations, deferring writing to primary storage until later. This dramatically improves write performance and reduces latency. To prevent data loss, write-back caches are typically protected by non-volatile RAM (NVRAM), battery, or capacitive backup solutions. Systems can leverage NVMe-based NVRAM solutions to ensure reliability while maximizing performance.

Write-around Cache

A write-around cache bypasses the cache entirely during write operations, writing data directly to primary storage. Data is only cached upon subsequent read operations. This method preserves cache capacity for frequently read data, making it suitable for workloads with infrequently accessed or very large datasets, as it avoids polluting the cache with data unlikely to be reused soon.

Cache Eviction

The process of removing data from the cache to free up space for new data. Eviction policies determine which data to remove, often based on factors like usage frequency or age.

Chart

Visual tools used to display data storage metrics clearly. Charts include gauges or graphs showing important information like read/write speeds, total storage used, and operational performance (IOPS and latency).

Checksum

A checksum is a short, computed value used to verify data integrity. It detects accidental or intentional changes to data during storage or transmission. Common checksum algorithms include CRC32, MD5, SHA-1, SHA-256, and SHA-512.

Cloud-Native Storage

Storage solutions designed specifically for cloud environments, emphasizing scalability, flexibility, and integration with cloud services and orchestration tools.

Console

An intuitive command line interface providing simplified management, monitoring, and configuration of Exaba storage clusters and services. It can be accessed via terminals or via a web browser which is ideal for users who prefer graphical tools.

CORS (Cross-Origin Resource Sharing)

A mechanism enabling controlled access to resources stored in S3 buckets from different domains or origins, typically used in web applications.

CLI (Command Line Interface, see Exaba CLI)

A simple, text-based tool allowing administrators and advanced users to interact directly with Exaba storage, manage clusters, set policies, and handle data through commands.

Cluster

A group of storage servers (nodes) working together to ensure data is always available, secure, and quickly accessible. Clusters allow the system to scale easily as data storage needs grow.

Cross-Region Replication

Automatically replicating objects between clusters or geographical locations, improving disaster recovery and compliance.

Data Drives

Storage devices specifically used to store the actual user data objects. Exaba separates data and metadata drives to optimize performance, scalability, and reliability.

Data Availability

The degree to which data is accessible and usable upon demand by an authorized entity, ensuring minimal downtime and disruption.

Data Durability

The measure of a storage system’s ability to protect data against loss or corruption over time, often achieved through redundancy, error correction, and regular integrity checks.

Delta Compression

A technique that saves storage space and bandwidth by storing only the changes between different versions of a file, rather than storing each version separately.

DNS (Domain Name System)

DNS is a hierarchical system that translates human-readable domain names (e.g., objectstore.vendor.com) into numeric IP addresses used by computers and network devices. DNS simplifies network access by allowing users and applications to connect using memorable domain names instead of numeric IP addresses.

DNS supports multiple IP addresses for a single domain name (known as DNS round-robin). For example, objectstore.vendor.com may resolve to multiple IP addresses: objectstore.vendor.com resolves to 192.0.2.1, 192.0.2.2, 192.0.2.3, 192.0.2.4, 192.0.2.5 (practically, using actual external IP addresses).

Exaba leverages DNS round-robin to enable a fully active/active cluster architecture, where all resolved IP addresses represent cluster nodes capable of handling simultaneous read and write operations. This ensures strong consistency, high availability, load balancing, and optimal use of network resources.

Docker

Docker is a lightweight containerization technology that packages software applications and their dependencies into isolated containers, ensuring consistency and portability across development, testing, and production environments.

Docker behaves differently across operating systems: Linux: Containers run natively, leveraging kernel namespaces and cgroups for isolation and resource control, providing direct hardware passthrough performance. Windows: Docker supports both native Windows containers (using Windows kernel isolation) and Linux containers, typically via virtualization (e.g., WSL2) for compatibility. macOS: Docker operates through a lightweight virtual machine, since macOS does not natively support container isolation, leading to slightly reduced performance compared to Linux.

Docker storage configurations include: Internal (Overlay Filesystem): Default, ephemeral storage managed by Docker, suitable for temporary data within containers. External (Persistent Storage): Data is stored outside the container via mounted volumes or bind mounts, enabling persistence and direct integration with host filesystems or external storage.

Docker Deployment

A Docker Deployment runs Exaba services within Docker containers: lightweight, isolated environments that package applications and dependencies. Storage can be configured as:

  • Internal (Ephemeral): Temporary container storage for quick tests or non-persistent data.
  • External: Persistent storage mounted externally via host directories, NFS, or other network storage options, with configurable firewall rules and access controls.

Exaba Topologies

Exaba Topologies define standardized deployment patterns for different usage scenarios:

  • Docker Deployment: Container-based lightweight setups ideal for quick deployment and testing.
  • Standalone Deployment: Single-node installations without redundancy, suitable for smaller or isolated deployments.
  • Highly-Available Deployment: Multiple-node clustered installations providing high reliability, redundancy, and scalability for critical workloads.

Encryption

Encryption is the process of transforming data into an unreadable format using cryptographic algorithms, protecting confidentiality and preventing unauthorized access. The widely-used Advanced Encryption Standard (AES) provides strong encryption commonly used in storage systems.

In the context of S3 storage, encryption typically includes three Key Management Service (KMS) modes:

  • SSE-S3: Server-side encryption with one encryption key per tenant (or bucket). Simple and transparent to clients.
  • SSE-KMS: Server-side encryption managed by KMS, with a unique encryption key generated for each file, providing enhanced security and fine-grained control.
  • SSE-C (server-side encryption with customer-provided keys): the client supplies an encryption key with each request; the server encrypts with it and does not store it. Not supported by Exaba (use SSE-S3 or SSE-KMS).

Exaba CLI

The command-line interface (CLI) for interacting directly with Exaba MaxIO object storage, enabling operations like uploading, downloading, listing objects, syncing data, managing buckets, and performing advanced storage tasks.

 _____           _
  ____|_  ____ _| |__   __ _
|  _| \ \/ / _` | '_ \ / _` |
| |___ >  < (_| | |_) | (_| |
|_____/_/\_\__,_|_.__/ \__,_|

Version: exaba-cli/3.1.0R x86_64/64-bit root
Date: 2025-04-04 08:37:04 +13:00

OS Type: Rocky Linux
Memory:  Free 119.5 GiB / Total 192.5 GiB

exaba> help
Commands:
  node      Configure nodes
  storage   Configure storage
  cluster   Configure cluster
  bom       Generate Bill of Materials
  random    Generate random values
  kms       Exaba Key Management System (KMS)
  top       Display process information
  version   Print component versions
  xc        Exaba S3 commands (buckets, objects, syncing)
  host      Perform DNS lookup
  acc       Exaba Account commands (login/billing)
  ip        Print internal IP(s)
  extip     Print external IP
  info      Print system information
  setenv    Set ENV
  env       Print ENVs
  cwd       Print current working directory
  feedback  Send feedback to Exaba
  history   Print command history
  source    Source a file of valid commands
exaba>

Erasure Coding

A method for protecting data by splitting it into multiple parts, adding special parity information, and distributing it across several nodes. Even if parts of the data are lost or corrupted, the original data can still be reconstructed seamlessly.

Erasure Set

A group of drives within an object storage system configured to work together for data protection using erasure coding. Data and parity information are distributed across the erasure set to ensure redundancy and fault tolerance.

ETag

A unique identifier assigned to an object upon upload, commonly used to verify data integrity or detect changes.

Exaba IAM/Account

Exaba’s secure authentication service, managing user logins and security through JWT (JSON Web Tokens). It holds information specific to each user or tenant account.

Exaba Drive

An easy-to-use, web-based application allowing users to drag-and-drop files for backup, storage, and ransomware recovery directly into Exaba’s object storage system.

Exaba KMS (Key Management Service)

A highly secure, distributed service that manages encryption keys, certificates, and secrets for Exaba’s data storage solutions. It ensures data protection and compliance, especially for sensitive environments.

Exaba MaxIO (MaxIO)

Exaba’s core object storage technology built with Rust, designed for speed, scalability, and compatibility with the industry-standard AWS S3 API. MaxIO ensures efficient storage and retrieval of vast amounts of data.

Exaba Monitor

A dedicated service collecting and displaying real-time statistics and performance metrics from various Exaba components, helping users monitor system health and resource usage.

Exaba Topologies

Exaba Topologies define standardized deployment patterns including Docker-based, single instance (Standalone), or clustered setups for High Availability:

  • Docker: Lightweight containerized deployment ideal for rapid testing, small-scale usage, or development environments.
  • Standalone (Single Instance): Single-node deployments suitable for small to mid-scale installations without redundancy.
  • Clustered (Highly-Available): Multiple nodes deployed as a cluster to ensure redundancy, high availability, fault tolerance, and optimal performance at scale.

File Storage

A traditional storage method that organizes data into hierarchical structures (folders/directories). It’s easy to use for everyday documents but less efficient for massive, unstructured data.

File System

A file system is software that manages how data is organized, stored, and retrieved on storage devices. It defines structures for files, directories, permissions, metadata, and how these are stored physically on drives. Exaba supports various modern file systems optimized for performance, reliability, and scalability, including ext4, XFS, ZFS, and Btrfs, depending on deployment needs.

Firewall

A firewall is a security system (either software or hardware) that monitors and controls incoming and outgoing network traffic based on predetermined rules. Firewalls protect infrastructure by allowing legitimate traffic while blocking unauthorized access, thus reducing exposure to security threats and vulnerabilities.

Exaba uses the host firewall to expose only the ports it needs: the S3 protocol port (443, HTTPS), the management console / UX port, and the internal ports used by the cluster for node discovery and storage traffic. All other ports stay closed.

FIPS (Federal Information Processing Standards)

High-security standards required by governments and regulated industries. Exaba ensures compliance with FIPS, providing secure encryption and data handling.

Flutter/Dart

Flutter is a framework developed by Google for building fast, responsive cross-platform apps for web, desktop, and mobile. Dart is the programming language used by Flutter, known for ease-of-use, rapid development, and strong community support.

Hardened Linux

Hardened Linux refers to a Linux OS configured with strict security measures, reducing vulnerabilities through minimized services, enhanced kernel protection, secure defaults, and mandatory access controls.

Hashing

The use of algorithms to generate a unique, fixed-length value (hash) representing data. Hashing is employed for tasks like data integrity verification and efficient data retrieval.

Healing

The process of automatically detecting and repairing corrupted or lost data within the storage system. Healing mechanisms work to restore data integrity without manual intervention.

Highly-Available Deployment

A Highly-Available Deployment is a clustered Exaba topology designed for maximum uptime, redundancy, and scalability, currently supported only on Linux environments. The Exaba solution is modular, allowing the Exaba MaxIO service (object storage endpoints) and the Exaba Drives (storage nodes) to operate in either:

  • Converged Mode: MaxIO services and storage drives run on the same physical nodes.
  • Independent Mode: MaxIO services run independently from storage nodes, enabling flexible scaling of data-serving endpoints relative to storage capacity.

Immutable Storage

Storage configuration preventing any modifications or deletions of objects for compliance purposes (such as legal hold, governance, or regulatory requirements) .

IO/s (IOPS)

Input/Output Operations per Second (IOPS) is a measure of how many distinct storage operations (reads or writes) Exaba can process in one second. Higher IOPS indicates better performance, particularly for workloads involving frequent small data operations, such as databases or metadata-intensive tasks.

IP Address

An IP Address (Internet Protocol Address) is a numerical identifier assigned to devices on a network, enabling them to communicate and locate each other. Examples include the local host address (127.0.0.1) used for internal loopback testing. IP addresses are often defined with CIDR notation (e.g., 192.168.1.10/24), where the suffix indicates the network portion length.

IP addresses were historically categorized into three main classes:

  • Class A: 0.0.0.0 to 127.255.255.255 – Large networks, fewer network addresses but many hosts.
  • Class B: 128.0.0.0 to 191.255.255.255 – Medium-sized networks.
  • Class C: 192.0.0.0 to 223.255.255.255 – Smaller networks, numerous networks with fewer hosts each.

Today, CIDR notation is predominantly used for flexible IP allocation.

IP networking often includes bonding, combining multiple network interfaces for redundancy, load balancing, or increased bandwidth.

Key Protection

Key Protection in Exaba KMS refers to safeguarding cryptographic keys using robust methods. Exaba supports multiple protections:

  • PlaintextHSM: Simple, transparent storage (primarily for development).
  • Passphrase Protection: Root keys are encrypted with user-provided secure passphrases.
  • YubiKey/TPM 2.0 HSM: Hardware-backed protection via secure YubiKey / TPM 2.0 devices, ensuring root keys are securely generated, stored, and inaccessible outside the hardware.

KMS (see Exaba KMS)

Combines multiple physical network links into a single logical connection, enhancing bandwidth and redundancy. LAG helps Exaba achieve high availability and improved network performance.

Latency

The response time measured in milliseconds (ms) to receive or write the first byte of data. Lower latency indicates faster system responsiveness, crucial for performance-sensitive applications. The server-side delay between initiating and completing an individual storage operation within Exaba. Specifically, latency includes the time required to write the first byte during a write operation or receive the first byte during a read operation. Lower latency represents quicker responses from storage, enhancing real-time performance and responsiveness. This measure excludes any delays introduced by client-side networks or applications.

Key Rotation

Key Rotation is the security practice of regularly updating or replacing cryptographic keys to limit exposure in case a key is compromised. Exaba KMS supports:

  • Manual Rotation: Initiated explicitly by administrators when required.
  • Automatic Rotation: Scheduled periodic rotations (e.g., every 14 days) to maintain continuous compliance and security hygiene.

LAG (Link Aggregation Group) combines multiple physical network links into a single logical connection to increase bandwidth and provide redundancy. LAG requires compatible networking equipment, typically using protocols like IEEE 802.3ad (LACP).

Lifecycle Policy

Automated rules to manage the lifespan of stored data. Lifecycle policies define when data should be moved, archived, or permanently deleted, helping optimize storage costs and compliance. Roadmap.

Limits

Exaba has limits that vary based on physical equipment. Specifically:

  • the number of nodes in a cluster
  • number and size of the metadata drives
  • number and size of data drives

Locking/Unlocking a Vault (see Sealing/Unsealing)

Locking is a synonym for Sealing a vault.

Unlock in a synonym for Unsealing a vault.

M.A.R.S. (Multiple Area Reed-Solomon)

Exaba’s erasure coding method, designed for high data durability and bounded recovery time (see Durability). It encodes objects into data and parity shards across drives and nodes, supporting parallel recovery and configurable resilience.

MaxIO (see Exaba Maxio)

Metadata

Descriptive information about an object, such as creation date, size, content type, and custom tags. Metadata aids in organizing, searching, and managing data within the storage system.

Metadata Drives

Dedicated storage devices specifically optimized to hold metadata: information about the stored data objects (e.g., location, permissions, and attributes). Having separate metadata drives ensures rapid access and management of storage objects.

An advanced form of LAG that aggregates network links across multiple network switches. MLAG provides increased redundancy, fault tolerance, and seamless failover within Exaba’s data center infrastructure.

Multi-Tenancy

An architecture where a single instance of the software serves multiple customers (tenants), ensuring data isolation and customized configurations for each tenant.

Multipart Upload

An S3 API feature allowing large files to be uploaded in multiple parts independently, improving reliability and upload speed.

Namespace

A logical container that groups objects like files and metadata. Namespaces help separate data between different users, teams, or applications, ensuring privacy and security.

Networking

Networking in object storage deployments refers to how storage nodes communicate, manage, and serve data. Typically, Exaba deployments utilize three dedicated networks:

Management Network (BMC): Used for out-of-band management, hardware monitoring, and remote administration through Baseboard Management Controllers (BMC). Usually isolated and secured for maintenance and diagnostics tasks.

Upstream Network (Internet-Facing): Handles client requests, external API traffic, authentication, and access from outside the storage environment. Often includes load balancers and firewalls to manage security and traffic flow.

Data Network: High-performance internal network optimized for storage traffic, including data replication, erasure coding, and synchronization between nodes. Usually utilizes low-latency, high-bandwidth protocols such as RoCE v2 or high-speed Ethernet to ensure maximum throughput and minimal latency.

NFS (Network File System)

Network File System (NFS) is a standardized protocol enabling file sharing over networks, primarily used in Unix/Linux environments. It allows multiple clients to mount and access shared storage remotely, behaving like local storage. Exaba utilizes NFS to provide easy, secure, and scalable file-sharing across multiple hosts, ideal for clustered deployments and collaborative workflows.

Node

An individual server within a cluster that stores data or handles requests. Each node is a building block of a larger, highly available storage system.

Node Rebalancing

The process of evenly distributing data across nodes whenever nodes are added or removed from a cluster, maintaining optimal performance and efficient storage usage.

NTP (Network Time Protocol)

Network Time Protocol (NTP) is a standardized networking protocol used to synchronize system clocks accurately across multiple devices within Exaba infrastructure. NTP ensures consistent timekeeping, essential for accurate logs, security auditing, and coordination between distributed nodes and clusters.

NVMe (Non-Volatile Memory Express)

A modern storage protocol optimized for solid-state drives (SSDs), enabling very high speeds, low latency, and efficient parallel processing of data, essential for Exaba’s high-performance storage solutions.

Object Lifecycle

Policies that define the stages an object goes through from creation to deletion. Lifecycle rules can automate transitions between storage classes or schedule deletions after a certain period. Roadmap.

Object Lock

A compliance feature ensuring stored objects cannot be deleted or altered for a defined period, providing protection against ransomware and accidental deletion.

Object Storage (also see S3)

A storage method designed for scalability and handling large amounts of unstructured data (e.g., images, videos, backups). Object storage stores data as “objects” with unique IDs, accessible via APIs. Key attributes include compatibility with AWS S3, object locking (preventing deletion), immutability (unchangeable data), governance and compliance controls, metadata handling, and flexible access.

Object Tagging

Assigning metadata tags (key-value pairs) to objects for easier management, categorization, lifecycle policy application, and billing insights.

OpenStack

An open-source cloud computing platform that includes components for managing object storage, compute resources, and networking. OpenStack Swift is the object storage component.

Physical ports (Copper vs Fibre)

Exaba networking equipment supports two primary port types:

  • Copper Ports (RJ45):

    • Typically used for shorter distances within data centers.
    • Support speeds of up to 1 Gb/s, 2.5 Gb/s, 5 Gb/s, and 10 Gb/s (10GBASE-T).
    • Maximum practical cable lengths: up to 100 meters for 1G and approximately 30–55 meters for 10G.
  • Fibre Ports (Optical):

    • Use fiber optic cables to transmit data via light signals.
    • Support significantly higher speeds (10G, 25G, 40G, 100G, 200G, 400G) and longer distances (from hundreds of meters to several kilometers).
    • Preferred for high-bandwidth, low-latency, long-distance networking in Exaba’s storage infrastructure.

Ping

Ping is a diagnostic tool that tests network connectivity and measures latency between hosts. It sends small packets (“echo requests”) to a target server and waits for responses (“echo replies”). Ping is used at Exaba to verify connectivity, troubleshoot latency issues, and monitor network health and performance.

PDU (Power Distribution Unit)

A Power Distribution Unit (PDU) is a device mounted in data center racks that distributes electrical power to servers, storage devices, and networking hardware. PDUs often include features like remote power monitoring, remote outlet switching (for rebooting devices), surge protection, and redundancy. Exaba uses managed PDUs to enhance reliability and allow remote power cycling for efficient hardware management.

Percentile billing (95th)

Percentile billing, commonly known as 95th percentile billing, is a pricing method to fairly charge customers based on their sustained network usage rather than short bursts of high traffic.

  • The process
    • Network traffic is continually recorded in both directions (incoming and outgoing) at consistent intervals, typically every 5 minutes, over the entire billing period (usually monthly).
    • Data Buckets: Each 5-minute interval generates a bucket that records the average throughput (e.g., MB/s or GB/s) during that specific interval.
  • 95th Percentile Calculation:
    • At the end of the billing period, Exaba sorts all collected buckets from highest to lowest usage.
    • The top 5% of these buckets (representing the highest peaks of traffic) are discarded.
    • The remaining 95% of buckets reflect the customer’s consistent and sustained traffic usage.
    • The billing rate is set at the highest usage value within this remaining 95% (the 95th percentile mark).
  • Advantages
    • Fair Pricing: Customers are not penalized heavily for occasional spikes or bursts in traffic, as short-lived peaks are removed from billing calculations.
    • Predictability: Encourages customers to maintain steady and predictable network usage, reducing surprise costs from transient peaks.
    • Cost Efficiency: Customers benefit financially by optimizing their usage patterns to minimize sustained high traffic periods.
  • Example
    • For example, consider a month with approximately 30 days × 24 hours × 12 intervals per hour = 8,640 buckets. Exaba discards the top 5% (432 buckets) with the highest usage spikes. The customer is billed based on the highest bucket remaining in the lower 95% (8,208 buckets). This approach helps ensure that charges reflect real, sustained usage rather than brief anomalies or infrequent high-demand events.

Pod

A dedicated, isolated cluster allocated to a specific customer or tenant. Pods ensure data privacy, independent resource management, and tailored performance.

Ports

Ports are numeric identifiers used by network protocols to distinguish between services running on a device, enabling multiple applications to share network resources simultaneously.

Common ports used by Exaba and other network services include:

  • Port 80 (HTTP): Standard legacy port for unencrypted web traffic.
  • Port 443 (HTTPS): Default secure port for encrypted HTTP (web) communications.
  • Port 9000 (S3 API): Standard port commonly used by Exaba, MinIO, and other S3-compatible object storage services.
  • Port 9006 (Exaba UX): Default port used by Exaba’s User Experience (UX) management interface and dashboards.

Presigned URL

A secure, temporary URL granting time-limited access to a specific object, typically used for sharing private files or uploading without direct credentials.

PUT / GET / DELETE / HEAD

Core HTTP operations within the S3 API, defining standard actions for uploading, retrieving, deleting, and querying objects.

QR Codes

QR Codes (Quick Response Codes) are two-dimensional barcodes designed to store data in a compact, machine-readable format. They encode URLs, credentials, configuration details, or other information, accessible by scanning with smartphones or scanners. Exaba uses QR codes for secure configuration sharing, quick login authentication, device pairing, and simplified data transfer processes.

Quota

A limit set on the amount of storage space or number of objects a user or group can utilize within the storage system. Quotas help manage resources and prevent overuse.

Rack

A rack is a standardized metal frame used in data centers to securely mount, organize, and manage servers, storage arrays, networking equipment, and other hardware. The width is typically 19 inches. Height is expressed in rack units (U), where 1U equals 1.75 inches. Depth varies significantly and should always be checked when discussing rack options.

RoCE (RDMA over Converged Ethernet)

An implementation of RDMA technology that operates over standard Ethernet networks, allowing the benefits of RDMA (such as ultra-low latency and high throughput) without requiring specialized hardware. Exaba utilizes RoCE to deliver high performance, scalable, and cost-effective storage networking.

RDMA (Remote Direct Memory Access)

A high-performance networking technology enabling direct memory access between servers over a network, bypassing the CPU and operating system layers. RDMA significantly reduces latency, increases throughput, and lowers CPU utilization, making it essential for Exaba’s high-speed storage solutions.

Realm

A high-level organizational boundary (like a customer account) within Exaba, containing multiple namespaces, clusters, and storage settings.

Rebalancing

The automated process of redistributing stored data evenly across nodes or clusters whenever new nodes or storage capacity are added or removed, ensuring optimal performance, storage efficiency, and availability.

RedHat Linux (RHEL)

RedHat Linux (RHEL) is a widely-used enterprise-grade Linux operating system known for stability, security, and support, commonly used in data centres and large-scale deployments.

Ring

A group of multiple clusters within the same namespace, enabling data redundancy, geographic distribution, and consistent management. Rings ensure that even if one location faces issues, data remains accessible from other locations.

Rocky Linux

Rocky Linux is a community-driven, free, and fully compatible alternative to RedHat Linux, created as a direct replacement for CentOS after its discontinuation by RedHat.

Root Keys

Root Keys (or Master Keys) are high-value cryptographic keys used by the Exaba KMS to protect encryption keys for stored data. Root keys are critical to the security of the entire system and require special protection.

Rolling Node Test

Exaba’s capability to seamlessly add, remove, or rebalance nodes and drives within a cluster without interrupting normal operation, ensuring continuous data availability.

Rotation (Key Rotation)

The security practice of regularly changing encryption keys to minimize risks. Exaba automates key rotation, keeping sensitive data protected over time.

Rust

Rust is a modern, memory-safe programming language designed for performance, concurrency, and safety. Widely used in security-critical and enterprise-grade projects, Rust offers:

  • Memory Safety: Prevents buffer overflows, memory leaks, and data races.
  • High Security: Supports auditable, signed binaries and secure coding practices.
  • Performance: Offers speed comparable to C/C++ without sacrificing safety.
  • Department of Defense Interest: Recognized by government agencies (e.g., U.S. Department of Defense, NSA) for future projects due to enhanced security and reduced vulnerabilities.
  • Concurrent Programming: Safe and efficient multi-threaded execution.
  • Community Audited Crates: Security-vetted libraries available through cargo, Rust’s package manager.

S3 (a.k.a. Object Store)

S3 stands for “Simple Storage Service.” Originally created by Amazon Web Services (AWS), it provides an HTTP-based interface to store and retrieve data (objects) at any scale. Exaba’s S3-compatible interface (part of Exaba MaxIO) implements a subset of Amazon S3 APIs, enabling applications and tools designed for AWS S3 to easily migrate to or integrate with Exaba. This includes common operations such as uploading (PUT), downloading (GET), listing objects (LIST), managing multipart uploads, encryption, tagging, and versioning. Exaba’s S3 implementation ensures compatibility with popular backup software and storage workflows.

Samba (SMB/CIFS)

Samba is an open-source software implementation of the Server Message Block/Common Internet File System (SMB/CIFS) protocol. SMB/CIFS is primarily used in Windows environments, enabling clients to share files, printers, and resources seamlessly over the network. Exaba leverages Samba to ensure compatibility and interoperability with Windows-based clients, facilitating easy integration into mixed OS infrastructures.

Scalability

The capability of a storage system to expand its capacity and performance efficiently in response to increasing data volumes or user demands.

SDK (Software Development Kit)

A set of tools, libraries, and documentation provided to developers for easier integration and interaction with Exaba’s storage through code. Exaba’s Rust-based Software Development Kit (SDK) for interacting with Exaba’s object storage platform. The SDK supports parallel operations across multiple IP addresses, threading, pipelining, and load balancing, useful for throughput-bound and latency-bound workloads.

Sealing/Unsealing a Vault

Sealing refers to securely locking the Vault, encrypting its contents, and preventing unauthorized access. Unsealing is the controlled unlocking of a Vault, typically requiring passphrases, hardware tokens, or multiple authorized keyholders, ensuring secure operational management.

SELinux

SELinux (Security-Enhanced Linux) is a Linux security module originally developed by the NSA that enforces mandatory access controls, restricting applications and users to only necessary operations, significantly enhancing system security.

Shortening (URL Shortener)

URL shortening transforms long URLs into shorter, compact versions that redirect to the original web address. Short URLs are easier to share, type, and embed in messages, social media posts, and QR codes. Exaba uses URL shortening to simplify user interactions, improve readability, and facilitate tracking of shared links.

Software-Defined Storage (SDS)

An approach to data storage in which the storage software is decoupled from the hardware, allowing for more flexibility, scalability, and cost-effective management.

Speed / Throughput

The total amount of data transferred to or from Exaba storage over a period of time, typically measured in megabytes per second (MB/s) or gigabytes per second (GB/s). High throughput indicates efficient data movement, critical for backups, restores, and large-scale data processing.

Spine/Leaf Networking

A network architecture featuring a scalable two-layer design. “Leaf” switches connect directly to servers, while “spine” switches connect multiple leaf switches. Exaba uses spine/leaf designs for enhanced scalability, predictable latency, and simplified network management.

SPDK (Storage Performance Development Kit)

An open-source toolkit designed to significantly accelerate storage performance, particularly for NVMe storage devices. Exaba uses SPDK to optimize speed and reduce latency for storage-intensive operations.

SSH

SSH (Secure Shell) is a secure network protocol used for encrypted remote access, command execution, and file transfer between computers. SSH provides strong authentication and confidentiality, making it essential for secure system administration and management.

Staging Area

A replicated area on the NVMe metadata drives where incoming writes are landed durably and acknowledged to the client before being written to the data drives.

Standalone Deployment

A Standalone Deployment consists of a single Exaba node running all services on dedicated hardware or a virtual machine. It’s suitable for smaller workloads or non-critical environments that do not require redundancy or failover.

Storage Classes

Categories of storage designed for specific data access patterns and cost profiles, such as standard, infrequent access, archive, or deep archive.

Stripe Width

Exaba uses variable-width erasure-coded stripes: the number of data shards adapts to the cluster while parity is maintained, so the cluster can shrink or grow without re-encoding existing data. See Durability.


Striping

A method of distributing data across multiple storage drives or nodes to enhance performance and storage efficiency. Exaba employs striping to ensure fast and simultaneous data access, significantly improving read/write speeds.

supervisord

supervisord is a lightweight, cross-platform process control system used to monitor and manage long-running processes and services. It offers automatic restarts, detailed logging, and simplified configuration through an easy-to-use interface.

At Exaba, supervisord is optionally used in containerized or development environments to manage and monitor multiple storage processes, APIs, and utilities. Its straightforward configuration makes it ideal for simplified deployments or smaller-scale environments that require efficient supervision without system-wide management overhead.

systemd

systemd is a widely used Linux system and service manager responsible for managing system initialization, processes, daemons, and services. It provides dependency management, automated service recovery, detailed logging (via journald), and efficient startup sequencing.

Exaba uses systemd to reliably control the startup, monitoring, and recovery of its core storage services, APIs, and management interfaces. Systemd service files (.service) define how Exaba’s applications start, stop, and restart, ensuring robust uptime and easy administration.

Tenant

A customer or user account within Exaba’s storage environment. Each tenant has its own isolated resources, storage, and security policies.

TLS (Transport Layer Security)

A security protocol used to encrypt internet communications, commonly recognized by the https:// prefix in web addresses. TLS ensures data transmitted between users and Exaba services remains private and secure.

TLS Certificates

Digital certificates issued to authenticate Exaba services over TLS. These certificates confirm the identity of a website or service, enable secure HTTPS connections, and require periodic renewal, often managed through automated tools like Certbot.

Topology

Topology refers to the physical or logical layout of nodes, services, and networks within an Exaba deployment. A topology defines aspects such as:

  • Number of Nodes: The count and arrangement of servers in the deployment.
  • KMS Location: Whether the Key Management Service (KMS) is integrated, centralized, or distributed.
  • IAM/Auth/Account Services: Placement and redundancy configuration for authentication and account management components.
  • Network Configuration: Connections, load balancing, VLAN or subnet designs, and network redundancy considerations.
  • Node Specification: Size and capability of nodes in terms of metadata drives (e.g., NVMe SSD) and data drives (e.g., HDD or SAS SSD), including total number of drive bays per node.

TOTP (Time-Based One-Time Password)

A security method generating temporary, unique codes used during login. It provides enhanced security for user and administrator accounts.

Transceivers

Transceivers are modular, hot-swappable components used to convert electrical signals into optical signals (and vice versa). Common form factors and standards used at Exaba include:

TypeSpeedTypical DistanceNotes
SFP1 Gb/s (Gigabit)Up to 550 m (multi-mode), 10+ km (single-mode)Standard gigabit connections
SFP+10 Gb/sUp to 300 m (multi-mode), 10+ km (single-mode)Common 10G fiber connectivity
SFP2825 Gb/sUp to 100 m (DAC), 10+ km (single-mode)Ideal for 25G data center networks
QSFP+40 Gb/sUp to 100–150 m (multi-mode), 10 km (single-mode)Widely used for aggregation
QSFP28100 Gb/sUp to 100–150 m (multi-mode), 10 km (single-mode)Standard for high-speed data centers
QSFP56200 Gb/sUp to 100 m (multi-mode), multiple kilometers (single-mode)Advanced data center networking
QSFP-DD400 Gb/sUp to 100 m (multi-mode), multiple kilometers (single-mode)Highest-speed transceiver for large-scale infrastructure

Unified File and Object Storage

A storage system that supports both file-based and object-based access methods, allowing users to store and retrieve data using either paradigm within the same infrastructure.

Vault

A Vault is a secure storage component within Exaba’s Key Management Service (KMS) designed for protecting sensitive cryptographic keys, credentials, and secrets. Vaults enforce strict access controls, audit trails, and support secure sealing and unsealing mechanisms.

Versioning

A feature that allows multiple versions of an object to be stored, helping users recover from accidental deletion or overwrites.

VLAN (Virtual Local Area Network)

A virtual network segment that logically groups devices across different physical locations or switches, allowing secure isolation of network traffic within Exaba’s infrastructure for better performance, security, and simplified network management.