Tillered Docs

Glossary

Definitions for key terms used in Tillered Self-Hosted documentation

Agent

The Arctic process that runs on each Linux host in your cluster. The agent accelerates the TCP traffic routed through it, manages the encrypted tunnels, and synchronizes state with the other peers. See Installation for how to install the agent.

Bootstrap

The initial operation that registers an Arctic agent with a license and establishes its identity within a cluster. Bootstrapping is the first step after installing the agent. See CLI reference for the bootstrap command.

Cluster

A group of Arctic agents that coordinate to accelerate TCP traffic between hosts. Cluster membership is defined by the CustomerID carried in the license: two peers merge state only when their CustomerIDs match. Peers in a cluster discover each other, prove their identity, synchronize configuration, and establish encrypted tunnels automatically. See Clustering for how clusters work.

Compose

A declarative configuration format for Arctic deployments. Compose files define peers, services, and routes in a single YAML document, letting you manage your cluster as infrastructure as code. See Declarative Cluster Management for usage.

License

An Ed25519-signed document that authorizes an Arctic deployment. It supplies the CustomerID that forms the cluster identity boundary, bounds the node and service counts, and sets the enabled feature set. The agent verifies it against keys baked into the binary, at bootstrap and on every startup. See Licensing for verification and enforcement.

License state

The position of a license in its expiry machine: valid, warning, grace period, read-only, or suspended. The state determines what a degraded license still permits, from a warning that changes nothing to a suspended state that stops services. Check it with arctic license status. See Licensing for what each state blocks.

MACVLAN interface

A virtual network interface created by Arctic on a peer to attach services to a dedicated IP address on the host's network. MACVLAN interfaces allow Arctic to receive and route traffic without conflicting with the host's primary network configuration. See Service management for how services use MACVLAN interfaces.

Peer

An individual Arctic agent participating in a cluster. Each peer has a unique identity, maintains encrypted connections to other peers, and can host services and routes. See Peer management for how to add and remove peers.

Recovery token

A credential used to reach a peer through its recovery path. Peers configured with api_access: internal reject ordinary user-facing requests and are reachable only with a recovery token, which keeps internal-only peers out of the operator surface while still allowing recovery. See Clustering for deployment modes and internal-only peers.

Route

A rule within a service that matches traffic by source and destination CIDR and directs it to the target peer. Routes are the CIDR-based way a service classifies traffic; the alternative is a MACVLAN interface. Arctic selects the most specific matching route, breaking ties by priority where a lower value wins. See Routing for how routes are evaluated.

Service

The unit of traffic Arctic accelerates. A service carries traffic from a source peer (the entry) to a target peer (the exit) and sets the transport, source-IP handling, and bandwidth for it. It matches the traffic it carries either through a MACVLAN interface or through CIDR routes. See Service management for how to create and manage services.

Tombstone

A signed marker left behind when a peer or service is deleted, in place of removing the record outright. The tombstone gossips like any other update so the deletion propagates across the cluster, and its signature stops a stale copy from resurrecting the record. Tombstones are pruned 30 days after the deletion. See Clustering for how deletions propagate.

Transparent mode

A feature that preserves the original source IP address when routing TCP traffic through Arctic. By default, the destination sees the exit peer's IP. With transparent mode enabled, the in-process TProxy engine maintains the client's real address all the way to the destination. It applies to TCP only and requires specific kernel settings on the exit peer. See Transparent Mode for details.

Voucher

A short-lived signed statement that lets a peer be trusted before it has completed a direct handshake. If A trusts B and B vouches for C, then A accepts C: the voucher carries C's public key and is signed by B. Vouchers have a 24-hour TTL by default and are refreshed within a 6-hour window of expiry. See Clustering for how vouchers establish transitive trust.

Configuration reference

Reference for Arctic CLI and compose configuration files

Release Notes

What changed in each Arctic release, with upgrade notes for self-hosted clusters.

On this page

AgentBootstrapClusterComposeLicenseLicense stateMACVLAN interfacePeerRecovery tokenRouteServiceTombstoneTransparent modeVoucher