Glossary

Account

A named identity in the admin server that owns volumes and authenticates with an account token. Enterprise only.

Block

A fixed-size chunk of file data stored in object storage. The block size is configured per volume (256 KiB to 8 MiB, default 4 MiB).

Block API

The storage protocol used to access a block store. Supported values: s3, gcs, azure, oci.

Block Store

A configured object storage location (bucket + optional prefix) where flexFS writes block data. Each block store is associated with a provider and region.

CSI (Container Storage Interface)

An industry standard for exposing storage to container orchestrators. csi.flexfs implements CSI to provide flexFS volumes to Kubernetes pods.

Dentry

A directory entry — a name-to-inode mapping within a directory. Dentries are stored in the metadata server.

FUSE (Filesystem in Userspace)

A Linux kernel interface that allows filesystem implementations to run in user space. FlexFS uses FUSE3 to present volumes as local filesystems.

Inode

A metadata record describing a file, directory, symlink, or special file. Contains attributes such as size, ownership, permissions, and timestamps.

Meta Store

A registered metadata server instance in the admin server’s configuration. Linked to volumes to route mount clients to the correct metadata server.

Mount Path

The subdirectory within a volume that a volume token restricts access to. When set, the mount client sees only the subtree below that path.

Provider

A cloud or custom infrastructure provider (e.g., aws, gcp, azure, oci). Providers are registered in the admin server and used to organize regions and block stores.

Proxy Group

A set of one or more proxy servers that cache block data for a region. Mount clients select the lowest-latency group using RTT probing and distribute blocks across group members using rendezvous hashing. Enterprise only.

Region

A geographic or logical zone within a provider (e.g., us-east-1). Regions group block stores and proxy groups by location.

Rendezvous Hashing

A consistent hashing algorithm used by mount clients to distribute blocks across proxy servers within a group. Each block is deterministically assigned to a specific proxy without requiring a central lookup.

Retention

The duration for which deleted data (both metadata and block data) is preserved, enabling time-travel mounting. Configured per volume; -1 means forever. Default is 7 days.

Secret ID

An identifier for the end-to-end encryption key material registered with the admin server. Used to verify that mount clients provide the correct secret when mounting encrypted volumes.

Size Bin

A bin that classifies files by how long since they were last accessed (atime). Bin 0 means accessed within the past 30 days, bin 1 means 30-60 days ago, and so on in 30-day increments. The last bin is a catch-all for any duration not already covered. Used for billing and usage analysis.

Volume

A logical filesystem managed by flexFS. Each volume has its own namespace, block store, metadata store, and configuration (block size, compression, end-to-end encryption, retention).

Volume Token

A UUID that grants access to a specific volume. Volume tokens can be scoped to a mount path (subdirectory) and carry per-token mount flags. Mount clients authenticate using a volume token.

XACL (Extended ACL)

A POSIX.1e access control list that extends standard Unix permissions (owner/group/other) with per-user and per-group entries. Stored as extended attributes (system.posix_acl_access and system.posix_acl_default). Enabled with the --acl mount flag.

XAttr (Extended Attribute)

A name-value pair associated with an inode, extending the standard POSIX attribute set. Used by ACLs, SELinux labels, and user-defined metadata.