Hi community,
I wanted to hear your opinion on best practice for a subject that I try to achieve:
I have basically two segments in my architecture: DMZ & LAN.
I want to manage all the APP&DATA layer of Apigee inside LAN: analytics, management, etc.
With this architecture (attached diagram) - I want completely isolate data flows between segments. I want to have R+MP for DMZ so that some routing & logic will flow on the external segment, and then will be routed to LAN Router.
From component POV I want to DMZ's R+MP be separated from LAN R+MP.
As MP's are part of the environment, I can solve MP part with env's: 'DMZ' and 'LAN' and attach MP's accordingly. But Routers are part of the same POD, so they will try to communicate with each other and I want this also to be completely separate. As far as known, Organization can have only one POD, but POD can have multiple organization. So if I will also use different organization for each segment it will completely separate my deployment and components will work only with components in their organization. It will reach my goal, but I want to work with the same organization. So is there any suggestion on correct (based on experience) separation for the traffic flow?
Thanks,
-D
User | Count |
---|---|
1 | |
1 | |
1 | |
1 | |
1 |