From ee8259eb36e7199aa02095661b77349e00cdfba9 Mon Sep 17 00:00:00 2001 From: Stephan Feurer Date: Mon, 24 Jun 2024 10:05:55 +0200 Subject: [PATCH] Remove LDAP service from decommission documentation --- .../ROOT/pages/how-tos/cloudscale/decommission.adoc | 13 +------------ .../ROOT/pages/how-tos/exoscale/decommission.adoc | 2 -- .../partials/architecture/networking-external.adoc | 1 - 3 files changed, 1 insertion(+), 15 deletions(-) diff --git a/docs/modules/ROOT/pages/how-tos/cloudscale/decommission.adoc b/docs/modules/ROOT/pages/how-tos/cloudscale/decommission.adoc index 565cd0d6..d866d254 100644 --- a/docs/modules/ROOT/pages/how-tos/cloudscale/decommission.adoc +++ b/docs/modules/ROOT/pages/how-tos/cloudscale/decommission.adoc @@ -108,9 +108,6 @@ vault kv delete clusters/kv/${TENANT_ID}/${CLUSTER_ID}/cloudscale # delete registry secret vault kv delete clusters/kv/${TENANT_ID}/${CLUSTER_ID}/registry - -# delete ldap secret -vault kv delete clusters/kv/${TENANT_ID}/${CLUSTER_ID}/vshn-ldap ---- . Decommission Puppet-managed LBs according to the https://wiki.vshn.net/display/VT/How+To%3A+Decommission+a+VM[VSHN documentation] (Internal link). @@ -143,7 +140,7 @@ At this point in the decommissioning process, you'll have to extract the Restic . Delete all other Vault entries -. Delete LDAP service (via portal) +. Delete Keycloak service (via portal) + Go to https://control.vshn.net/vshn/services + @@ -151,14 +148,6 @@ Go to https://control.vshn.net/vshn/services + - Delete cluster entry service using the delete button -. Remove IPs from LDAP allowlist -+ -Edit https://git.vshn.net/vshn-puppet/vshn_hieradata/-/blob/master/corp/prod/ldap.yaml -+ -- Search cluster IPs and remove those lines and any comments related. -+ -- Create a Merge Request and invite a colleague for a review/approve/merge - . Delete all DNS records related with cluster (zonefiles) . Update any related documentation diff --git a/docs/modules/ROOT/pages/how-tos/exoscale/decommission.adoc b/docs/modules/ROOT/pages/how-tos/exoscale/decommission.adoc index de71f295..2435d90d 100644 --- a/docs/modules/ROOT/pages/how-tos/exoscale/decommission.adoc +++ b/docs/modules/ROOT/pages/how-tos/exoscale/decommission.adoc @@ -124,6 +124,4 @@ NOTE: Don't forget to remove the LB configuration in the https://git.vshn.net/ap . Remove cluster DNS records from VSHN DNS -. Remove cluster IPs from LDAP allowlist, if applicable - . https://kb.vshn.ch/vshnsyn/how-tos/decommission.html[Decommission cluster in Project Syn] diff --git a/docs/modules/ROOT/partials/architecture/networking-external.adoc b/docs/modules/ROOT/partials/architecture/networking-external.adoc index 11c622e8..46ad22d6 100644 --- a/docs/modules/ROOT/partials/architecture/networking-external.adoc +++ b/docs/modules/ROOT/partials/architecture/networking-external.adoc @@ -12,7 +12,6 @@ The Project Syn infrastructure components that must be reachable are Additionally, APPUiO Managed OpenShift 4 requires access to VSHN's identity management: -* VSHN LDAP at `ldaps://ldap.vshn.net:636` * VSHN SSO at `\https://id.vshn.net` Finally, APPUiO Managed OpenShift 4 requires access to VSHN's central metrics storage at `\https://metrics-receive.appuio.net`