Glossary
QuickStack-specific terms and the key underlying technologies.
Application (App)
A container workload managed by QuickStack. An app belongs to a project and can be sourced from a Git repository (built with BuildKit) or a Docker image.
Basic Authentication
HTTP-level username/password protection implemented via a Traefik middleware. Authentication happens at the ingress level before requests reach the app container. See Basic Auth.
BuildKit
The container image building toolkit QuickStack uses to build Docker images from Git repositories. GitHub
Cluster
A group of servers (nodes) that work together as a single Kubernetes environment. See Cluster Nodes.
Cordon
Kubernetes operation that marks a node as non-schedulable — new pods are not placed there, but existing ones keep running.
CPU Limit
The maximum CPU a container can use, measured in millicores (m). 1000m = 1 full CPU core.
Deploy
In QuickStack, clicking Deploy applies all staged configuration changes to the running container. Config edits by themselves do not update the running app. See Redeploy.
Domain
A DNS hostname that routes public traffic to an app via Traefik. See Custom Domains.
File Mount
A read-only file injected into a container at a specified path. Content is stored in the QuickStack database. See File Mounts.
Internal Hostname / Service Name
The svc-<app-id> hostname used for service-to-service communication within a project. See Internal Networking.
k3s
A lightweight Kubernetes distribution. QuickStack runs on k3s. k3s.io
Let's Encrypt
Free TLS certificate authority. QuickStack uses Let's Encrypt to provision HTTPS certificates for custom domains and quickstack.me subdomains automatically.
Longhorn
Distributed block storage for Kubernetes. Used as the longhorn storage class for volumes in multi-node clusters. Required when volumes must survive node failure. longhorn.io
Master Node
The primary server in a k3s cluster that runs the Kubernetes control plane and the QuickStack application. Can also run workloads.
Memory Limit
The maximum RAM a container can use. Exceeding this causes the container to be terminated (OOMKilled).
Memory Reservation
Guaranteed amount of RAM Kubernetes ensures is always available to a container.
Network Policy
A Kubernetes resource that controls ingress and egress traffic for a pod. QuickStack provides pre-configured templates. See Network Policies.
Project
A logical grouping of apps and databases in QuickStack. All apps in a project share a network namespace and can communicate via internal hostnames.
QuickStack.me Domain
A built-in "magic" domain that automatically resolves to your server's public IP, providing instant HTTPS without DNS configuration. See QuickStack.me.
Registry
A Docker registry bundled with QuickStack for storing built images. Images built from Git repositories are pushed here before deployment. Docker Hub registry image
Replica
An instance of an application running in the cluster. Multiple replicas provide horizontal scaling and availability.
S3 Target
An S3-compatible bucket configured in QuickStack as a backup destination. See S3 Targets.
Storage Class
A Kubernetes concept defining the type of storage. QuickStack uses:
local-path— fast, single-node, no replicationlonghorn— distributed, multi-node, with replication
System Backup
A snapshot of the QuickStack SQLite database (data.db) containing all configuration: projects, users, app definitions, secrets. See System Backups.
System Upgrade Controller
A Kubernetes controller that manages automated k3s upgrades across cluster nodes.
TOTP
Time-based One-Time Password. A standard algorithm used by authenticator apps (Google Authenticator, Bitwarden, etc.) to generate 6-digit codes that change every 30 seconds. Used for QuickStack 2FA.
Traefik
The reverse proxy and load balancer that handles all inbound HTTP/HTTPS traffic and routes it to the correct containers. Also manages Let's Encrypt TLS certificate provisioning. traefik.io
Two-Factor Authentication (2FA)
An extra security layer requiring a TOTP code from an authenticator app in addition to the password. See 2FA setup.
Volume
Persistent storage mounted into a container. Data on a volume survives container restarts and redeployments. See Volumes.
Webhook
A URL that triggers a QuickStack deployment when called via HTTP POST. Used for CI/CD automation. See Webhooks.
Worker Node
A server joined to the k3s cluster that runs application workloads. It does not run the Kubernetes control plane.