diff --git a/web/compute/vm.rst b/web/compute/vm.rst
index cb2030d61521656025ed9c2cb10e13a9dd2c22b7..ee4c0f2f8c5970c794301c76e2a69960b9fd3055 100644
--- a/web/compute/vm.rst
+++ b/web/compute/vm.rst
@@ -20,8 +20,8 @@ The following predefined machine types are currently offered:
+-------------+---------+--------+-------+
| m1.xxl | 16 | 64GB | 80GB |
+-------------+---------+--------+-------+
-
-
+ | c1.large | 32 | 32GB | 800GB |
+ +-------------+---------+--------+-------+
.. raw:: html
diff --git a/web/support/kb/cloud/federated_auth.rst b/web/support/kb/cloud/federated_auth.rst
index 2471216c4e30f184060b577485caaaa157a95628..64d5830aea80f632798f16d399d385087ada52e3 100644
--- a/web/support/kb/cloud/federated_auth.rst
+++ b/web/support/kb/cloud/federated_auth.rst
@@ -65,21 +65,20 @@ file.
Open `/etc/keystone/keystone.conf` and add/modify directives as instructed.
-
-In the `[auth]` section the property `methods` should look like:
+- In the `[auth]` section the property `methods` should look like:
.. code-block:: ini
methods = external,password,token,oauth1,oidc,saml2
-In the `[auth]` section you should add:
+- In the `[auth]` section you should add:
.. code-block:: ini
saml2 = keystone.auth.plugins.mapped.Mapped
oidc = keystone.auth.plugins.mapped.Mapped
-Add three new sections at the end of the file:
+- Add three new sections at the end of the file:
.. code-block:: ini
@@ -92,7 +91,7 @@ Add three new sections at the end of the file:
[federation]
trusted_dashboard = https://OPENSTACK_DASHBOARD_FQDN/auth/websso/
-Finally, restart the Apache HTTP Server to enable the new configuration:
+- Finally, restart the Apache HTTP Server to enable the new configuration:
.. code-block:: bash
@@ -156,7 +155,7 @@ certificate:
$ wget https://www.idem.garr.it/documenti/doc_download/321-idem-metadata-signer-2019 -O /etc/shibboleth/idem_signer_2019.pem
$ chmod 444 /etc/shibboleth/idem_signer_2019.pem
-.. seealso:: To publish your service and make it recognized by all the
+.. seealso:: To publish your service and have it recognized by all the
eduGAIN IdPs, you first need to register the Service Provider
in a national R&E identity federation.
@@ -178,7 +177,6 @@ import the metadata aggregate.
entityID
^^^^^^^^
-
To configure the entityID insert your `SERVICE_PROVIDER_ENTITY_ID`
as an attribute of the `<ApplicationDefaults>` tag:
@@ -189,7 +187,6 @@ as an attribute of the `<ApplicationDefaults>` tag:
Discovery Service
^^^^^^^^^^^^^^^^^
-
A discovery service let users choose to which IdP they should be
redirected for authentication. It goes without saying that the local
discovery service that better integrates into Shibboleth Service Provider
@@ -256,7 +253,7 @@ Restart Apache to enable the new directive.
Configure the discovery service in Shibboleth Service Provider. Open the file
`/etc/shibboleth/shibboleth2.xml` and add the attribute `discoveryURL` to the
-tag `SSO` with the URL of the local discovery service:
+tag `SSO` with the URL of the local discovery service:
.. code-block:: xml
@@ -271,14 +268,15 @@ Metadata
Configure a metadata provider in Shibboleth Service Provider.
-.. warning:: Please note that configuring metadata is not at all
- sufficient to use federated authentication. You MUST
- register in a R&E National Identity Federation, see
- above the section 'Shibboleth Service Provider' for
+.. warning:: Please note that configuring metadata is not enough
+ for using the federated authentication. You *must*
+ register in a `R&E National Identity Federation`, see
+ above the section `Shibboleth Service Provider` for
instructions.
-Insert a new `<MetadataProvider>` with the eduGAIN metadata aggregate
-(in the example the aggregate is provided by the IDEM federation):
+Insert a new `<MetadataProvider>` with the `eduGAIN` metadata aggregate
+(in the example the aggregate is provided by the `IDEM federation`)
+:
.. code-block:: xml
@@ -305,20 +303,20 @@ the definitions of the following attributes:
<Attribute name="urn:mace:dir:attribute-def:displayName" id="displayName"/>
<Attribute name="urn:mace:dir:attribute-def:mail" id="mail"/>
-Finally there are a number of changes required in the Keystone Apache
-VirtualHost in order to enable the module and configure the endpoints.
+Finally there are a number of changes required in the `Keystone Apache
+VirtualHost` in order to enable the module and configure the endpoints.
Open the `/etc/apache/sites-enabled/wsgi-openstack-api.conf` with an editor
of your choice and follow the instruction below.
-Enable the ShibCompatValidUser (necessary to make `mod_shib` works
-well with other Apache authZ modules), insert the following at the
-very beginning of the VirtualHost conf file:
+Enable the `ShibCompatValidUser` (necessary to make `mod_shib` works
+well with other `Apache authZ` modules), insert the following at the
+very beginning of the `VirtualHost` conf file:
.. code-block:: apacheconf
ShibCompatValidUser On
-Configure ServerName and enable canonical name in the `<VirtualHost *:4990>`
+Configure `ServerName` and enable canonical name in the `<VirtualHost *:4990>`
instance:
.. code-block:: apacheconf
@@ -326,14 +324,14 @@ instance:
ServerName https://FQDN:5000
UseCanonicalName On
-Configure a WSGIScriptAlilas to call back the WSGI daemon for federated
+Configure a `WSGIScriptAlilas` to call back the `WSGI` daemon for federated
auth (again inside the `<VirtualHost *:4990>` instance):
.. code-block:: apacheconf
WSGIScriptAlias ^(/v3/OS-FEDERATION/identity_providers/.*?/protocols/.*?/auth)$ /usr/bin/keystone-wsgi-public/$1
-Add the Locations for the federated authZ and the Service Providers
+Add the Locations for the federated `authZ` and the Service Providers
handlers (again inside the `<VirtualHost *:4990>` instance):
.. code-block:: apacheconf
@@ -690,5 +688,5 @@ this list of log files you can check for warnings and errors:
- /var/log/apache2/error.log
-Needless to say, the more instances of Keystone and Dashboard you have,
-the more urgent become the adoption of a centralyzed syslog solution.
+Needless to say, the more instances of `Keystone` and `Dashboard` you have,
+the more urgent the adoption of a centralyzed syslog solution becomes.