Deprecate Some Old DNSs

[stdavis]

Summary

These SSL certs are about to expire:

DNS	expiration date	can be deprecated
api.mapserv.utah.gov	Oct 25 23:59:59 2021 GMT
developer.mapserv.utah.gov	Oct 25 23:59:59 2021 GMT
secure.mapserv.utah.gov	Oct 25 23:59:59 2021 GMT	X
test.mapserv.utah.gov	Oct 25 23:59:59 2021 GMT
test.secure.mapserv.utah.gov	Oct 25 23:59:59 2021 GMT	X
test2.mapserv.utah.gov	Oct 25 23:59:59 2021 GMT	X
wvc.mapserv.utah.gov	Oct 25 23:59:59 2021 GMT	X

We could just send a ticket to Conn's group (is that hosting?) and he said that they would renew them. However, I'm pretty sure that there are a few of these that could be deprecated/retired. I've marked the ones that I believe can go.

• [x] Validate that they can be deprecated (@steveoh, completed: 2021/10/18)

Also, I asked Conn if we are responsible to remember when they expire. Here is his response:

Yes. We track them as well, but we don't always know if they need to be renewed or not.

We probably shouldn't leave this to chance for next year. It would be a pretty disruptive thing for our certs to expire.

Action items (wait until @steveoh verifies that my proposed deprecations are OK)

• [x] Submit a ticket to retire/remove the deprecated DNS entries - INC1551858 (@nathankota, ticket submitted 2021/10/18; completed: 2021/10/18)
• [x] Submit a ticket to Conn's group to renew the valid DNS entries - INC1551868 (@nathankota, ticket submitted 2021/10/18; completed: 2021/10/18)
• [x] Schedule a reminder about these for next year (@nathankota, completed: 2021/10/18 - reminder scheduled for Monday, October 3, 2022)
• [x] Remove the bindings on the web servers (@stdavis, completed: 2021/10/18)
• [x] Submit ticket to remove the following VIP: 168.180.161.12 (wvc.mapserv.utah.gov) (@stdavis, completed: 2021/10/18)
• [x] Submit a ticket to remove any F5 rules related to the deprecated DNS (@stdavis, completed: 2021/10/18)

Group Task Assignments

1. Check [x] the box when you have assigned all the tasks relevant to your group.

~- [ ] Data Team (@gregbunce)~

• [x] Dev Team (@stdavis)

~- [ ] Cadastre Team (@rkelson)~

[steveoh]

I approve. We should remove any vips and f5 rules of they are empty after the depreciations.

[steveoh]

conductor results for tasks - 158

check	status
@steveoh has completed 0 out of 1 tasks	:no_entry:
@nathankota has completed 0 out of 3 tasks	:no_entry:
@stdavis has completed 1 out of 2 tasks	:no_entry:

[stdavis]

I submitted INC1551805 - for removal of the wvc.mapserv.utah.gov VIP and INC1551816 for removing the rules on the F5.

[stdavis]

I removed the following web server bindings:

• prod server
  • wvc.mapserv.utah.gov

I couldn't find any others on the production or test web servers. I assume that the rest were handled with *s.

[nathankota]

Submit a ticket to retire/remove the deprecated DNS entries

INC1551858

Submit a ticket to Conn's group to renew the valid DNS entries

INC1551868

[steveoh]

@stdavis can you take a look at the vip diagram and make sure any of the deprecations will empty a particular VIP

[stdavis]

@stdavis can you take a look at the vip diagram and make sure any of the deprecations will empty a particular VIP

I did look at the diagram to figure out which VIP needed to be retired. However, I forgot to update it. I removed the VIP and two other DNSs. That was all that needed to be updated from what I could see.

[nathankota]

@stdavis or @steveoh please confirm the following and I will have DTS resolve INC1551858

[stdavis]

please confirm the following and I will have DTS resolve INC1551858

@nathankota: I confirmed that these are cleaned up:

[steveoh]

conductor results for tasks - 158

check	status
steveoh has completed 1 out of 1 tasks	:+1:
nathankota has completed 3 out of 3 tasks	:+1:
stdavis has completed 4 out of 4 tasks	:+1:

[stdavis]

Go team. ✋