Glossary
Access entry
Section titled “Access entry”The block of an Application YAML that exposes a workload to the public. Specifies a protocol (https, http, tcp, udp), a hostname, optionally a TLS strategy, and an auth policy. See Access, hostnames, and TLS.
The Node.js process that runs on every Edgible-managed device. Maintains a WebSocket to the control plane, reconciles desired application state with what’s running, and reports health and lifecycle events.
Application
Section titled “Application”The top-level deployable unit. One canonical-v3 YAML document. Bundles workloads, optional storage, and access entries on a single device. See Applications and workloads.
API key
Section titled “API key”A bearer token issued for a single application, used by the api-key auth mode. Created via edgible application api-keys create.
Auth mode
Section titled “Auth mode”The policy enforced on requests to a public access entry. One of none, org, api-key, short-code. See Authentication modes.
The reverse proxy that runs on every serving device. Terminates TLS, enforces auth policies, proxies to workloads.
Canonical Application (v3)
Section titled “Canonical Application (v3)”The current YAML resource shape — apiVersion: v3, kind: Application. The forward-looking model used by edgible stack deploy.
Control plane
Section titled “Control plane”The Edgible-operated backend (AWS Lambda, DynamoDB, Cognito, WebSocket API). Stores desired state; pushes updates to agents.
Device
Section titled “Device”A machine (physical or virtual) running the agent. Has a fixed role (gateway or serving) chosen at install time.
Device pool
Section titled “Device pool”A per-organization WireGuard subnet that joins all of the organization’s devices in a private mesh. See Device pools and WireGuard.
Edgible CLI / edgible
Section titled “Edgible CLI / edgible”The command-line interface, installed locally, used for everything. See CLI overview.
Gateway
Section titled “Gateway”A device whose role is to receive public traffic and forward it over WireGuard to a serving device. By default, run by Edgible.
Generated hostname
Section titled “Generated hostname”A hostname under a platform-owned domain (e.g. <app>-<id>.edgible.app) automatically minted for an application. The alternative is a custom hostname.
Custom hostname
Section titled “Custom hostname”Any hostname you control, pointed at the Edgible gateway via DNS. See Use a custom domain.
HAProxy
Section titled “HAProxy”The load balancer running on every gateway device. Routes inbound public traffic by SNI to the appropriate WireGuard tunnel.
Managed gateway
Section titled “Managed gateway”The default gateway operated by Edgible. Users don’t provision it; the platform assigns one to each organization.
Organization
Section titled “Organization”The top-level multi-tenancy boundary. Users, devices, applications, and the device pool all belong to one organization.
Reconciliation
Section titled “Reconciliation”The agent process of comparing desired state (last known application YAML for this device) with actual state (what’s running) and applying the diff.
Serving device
Section titled “Serving device”A device whose role is to host workloads. The machine you install the agent on; never accepts inbound public traffic.
Short code
Section titled “Short code”A rotating, time-bounded, optionally use-capped token. Used by the short-code auth mode for short-lived shared access.
In Edgible terminology, a YAML file passed to edgible stack deploy containing one or more Application documents. Not a separate resource — a stack is the set of applications declared in the file.
TLS (managed by Edgible)
Section titled “TLS (managed by Edgible)”The platform requests, installs, and rotates certificates for https access entries. The default for new applications.
WireGuard
Section titled “WireGuard”The encrypted VPN protocol that connects gateways and serving devices in a device pool.
Workload
Section titled “Workload”The thing inside an Application that actually runs your code. One of five types: compose, docker, managed-process, vm, pre-existing.