Notes application architecture and deployment considerations
Before we get into deploying the Notes application, we need to review its architecture. To deploy the Notes application, we must understand what we're planning to do. We have segmented the services into two groups, as shown in the following diagram:
The user authentication server should be the more secure portion of the system. On our laptop, we weren't able to create the envisioned protective wall around that service, but we're about to implement such protection.
One strategy to enhance security is to expose as few ports as possible. That reduces the so-called attack surface, simplifying our work in hardening the application against security bugs. With the Notes application, we have exactly one port to expose, the HTTP service through which users access the application. The other ports, the two for MySQL servers and the user authentication service port, should be hidden.
Internally, the Notes application needs to access both the...