On Sun, Sep 23, 2012 at 10:13 PM, Kevin Fenzi <kevin@scrye.com> wrote:
On Sun, 23 Sep 2012 21:44:19 +0530
vipin kumar <vipinkumar41@gmail.com> wrote:

> Hi Team,
> The page is almost ready for reviews and feedback. Please have a look
> at following page and provide feedback.
> https://fedoraproject.org/wiki/User:Vipin

Awesome. :)

Just a few minor nitpicks:

- I'd just say we should remove any mention of pix firewalls or nat in
  the diagrams. In phx2 we are behind a firewall setup, but all our
  other sites are just directly on the net, and we don't control or
  have any knowledge of the phx2 firewall stuff anyhow. ;)
fixed. its just "Firewall" now at one place and removed second one from fig.

- Might make the vpn lines bi directional. For app servers and such
  data travels back and forth both ways over the vpn for requests.
point noted....done

- "Authorization can be done at Proxy Server though it should be done at
  application level for security reasons" Depending on what auth you
  mean here, it should always be done at the application level... when
  someone logs into FAS it is a request: proxy->fasserver and then they
  have a cookie that lasts for X minutes to authenticate against the
  various FAS using applications. Nothing should really auth on the
  proxy directly that I can think of...
this information I just copied from old fig and moved to description......removed it from description and flow chart updated.

- For the 'data layer' in the last diagram, might note that that is
  mostly database servers. I guess in the case of the wiki it's also
  nfs storage (for attachements).
 Fig just mentioned "data layer" but no information about it like "proxy layer" cloud in that fig......updated fig....done! I guess :)

thanks & regards,

Overall this looks great!

Thanks again for working on it.


infrastructure mailing list

Vipin K.
Research Engineer,
C-DOTB, India