Book X. Codex Zero
For those who have never opened a terminal. One line of meaning and one metaphor per concept.
v10.1 — PKI
Public Key Infrastructure. A system that tells the Internet "this certificate can be trusted."Like a passport office for websites — without queues, and with mathematics instead of stamps.
v10.2 — Certificate
A digital document proving that a website is in fact that website. Like an ID card, but with an expiration date that always somehow falls on a Saturday.
v10.3 — HSM
Hardware Security Module. An iron safe for secrets. Like a safety-deposit box for the soul. The key is inside, but you can't take it out — you can only ask the box to sign things for you.
v10.4 — CRL
Certificate Revocation List. A list of certificates that have been invalidated early. Like a blacklist of ex-partners. Once you're on it, no one trusts you — even if you've changed.
v10.5 — OCSP
Online Certificate Status Protocol. A fast way to ask: "is this certificate still valid?"Like phoning the passport office to check. Sometimes no one picks up, and then you just have to believe.
v10.6 — YAML
Yet Another Markup Language. A configuration language where every single space matters. Like a borscht recipe: one missing pinch of salt and it isn't borscht any more. Only the computer swears about it in red.
v10.7 — DRBG
Deterministic Random Bit Generator. A clever way to turn a single dose of real randomness into an endless stream. Like a storyteller who builds an entire TV series out of one dream.
v10.8 — AES
Advanced Encryption Standard. The main encryption algorithm of our day. Like a good door: you can't tell what's inside without the key.
v10.9 — SHA
Secure Hash Algorithm. Turns any text into a short, unique fingerprint. Like the smell of soup: easy to recognize the soup from the smell, impossible to cook the soup from it.
v10.10 — Kubernetes (k8s)
A system that watches programs and restarts them automatically when they fall. Like a kindergarten for server applications. The teacher is strict, but fair.
v10.11 — Pod
The smallest living unit in Kubernetes: one or more programs in one room. Like a communal apartment — neighbors are different, but there is only one door and one shared stove.
v10.12 — Docker / Container
A way to pack a program together with all its belongings, so it runs the same anywhere. Like a suitcase with clothes, shoes, and a toothbrush. Wherever you go, you are at home.
v10.13 — CI/CD
Continuous Integration / Continuous Delivery. A conveyor belt that builds, checks, and delivers each new version of a program. Like a biscuit factory: you throw in the ingredients — you get packaged boxes. Sometimes slightly burnt.
v10.14 — Prometheus / Grafana
A system that counts what is happening on your servers, and draws graphs. Like a thermometer and an ECG — but for a whole data center.
v10.15 — systemctl restart
The "turn it off and on again" command for server programs. Works in 73 % of cases. In the remaining 27 %, things get worse — but beautifully.
v10.16 — Entropy
The amount of true randomness available. The more, the safer the encryption. Like fresh air in a room: while there is some, everything is alive. When it runs out, the place gets stuffy and predictable.
v10.17 — Namespace
A separate naming space, so that different things don't collide. Like different apartments in one building: everyone has a "kitchen", but each one is their own.
v10.18 — openssl rand -hex 32
A command that produces 32 random bytes written as hexadecimal text. This is the symbolic end of the sūtra — the breath of a new epoch. Try it in the terminal. Then turn off the light.