On Sun, 23 Sep 2012 21:44:19 +0530 vipin kumar <vipinkumar41@xxxxxxxxx> wrote: > Hi Team, > The page is almost ready for reviews and feedback. Please have a look > at following page and provide feedback. > > https://fedoraproject.org/wiki/User:Vipin Awesome. :) Just a few minor nitpicks: - I'd just say we should remove any mention of pix firewalls or nat in the diagrams. In phx2 we are behind a firewall setup, but all our other sites are just directly on the net, and we don't control or have any knowledge of the phx2 firewall stuff anyhow. ;) - Might make the vpn lines bi directional. For app servers and such data travels back and forth both ways over the vpn for requests. - "Authorization can be done at Proxy Server though it should be done at application level for security reasons" Depending on what auth you mean here, it should always be done at the application level... when someone logs into FAS it is a request: proxy->fasserver and then they have a cookie that lasts for X minutes to authenticate against the various FAS using applications. Nothing should really auth on the proxy directly that I can think of... - For the 'data layer' in the last diagram, might note that that is mostly database servers. I guess in the case of the wiki it's also nfs storage (for attachements). Overall this looks great! Thanks again for working on it. kevin
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
