Compilation results for deploy2002.codfw.wmnet: None system changes detected

You can retrieve this result from host.json.

Catalog differences

Summary

Total Resources:	17236
Resources added:	11
Resources removed:	0
Resources modified:	11
Change percentage:	0.13%

Resources only in the new catalog

Nftables::Service[ssh-from-bastion]
Nftables::Service[fundraising-data-uploader sftp]
Nftables::Service[git-daemon]
Nftables::Service[bacula-file-daemon-backup1014.eqiad.wmnet]
Nftables::Service[full-monitoring-metrics-access-udp]
Nftables::Service[deployment-ssh]
Nftables::Service[full-monitoring-metrics-access-tcp]
Nftables::Service[rsyncd_scap_master]
Nftables::Service[http_deployment_server]
Nftables::Service[rsyncd_access_releases]
Nftables::Service[ssh-from-cumin-masters]

Resources modified

Nftables::Service[git-daemon]

Parameters differences:

--- Nftables::Service[git-daemon].orig
+++ Nftables::Service[git-daemon]

+    notrack             => False
+    port                => 9418
+    desc                => Git daemon
+    src_ips             => ['10.192.16.72', '10.64.48.34', '2620:0:860:102:10:192:16:72', '2620:0:861:107:10:64:48:34']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[rsyncd_scap_master]

Parameters differences:

--- Nftables::Service[rsyncd_scap_master].orig
+++ Nftables::Service[rsyncd_scap_master]

+    notrack             => False
+    port                => 873
+    desc                => 
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present
+    src_sets            => ['MW_APPSERVER_NETWORKS', 'ANALYTICS_NETWORKS']

Nftables::Service[full-monitoring-metrics-access-tcp]

Parameters differences:

--- Nftables::Service[full-monitoring-metrics-access-tcp].orig
+++ Nftables::Service[full-monitoring-metrics-access-tcp]

+    notrack             => False
+    desc                => 
+    src_ips             => ['10.192.16.75', '10.192.32.67', '10.192.39.10', '10.192.9.11', '208.80.153.42', '208.80.154.78', '2620:0:860:102:10:192:16:75', '2620:0:860:103:10:192:32:67', '2620:0:860:10a:10:192:9:11', '2620:0:860:11e:10:192:39:10', '2620:0:860:2:208:80:153:42', '2620:0:861:3:208:80:154:78']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    port_range          => [1, 65535]
+    ensure              => present

Nftables::Service[ssh-from-bastion]

Parameters differences:

--- Nftables::Service[ssh-from-bastion].orig
+++ Nftables::Service[ssh-from-bastion]

+    notrack             => False
+    port                => 22
+    desc                => 
+    src_ips             => ['103.102.166.103', '185.15.58.6', '185.15.59.99', '195.200.68.99', '198.35.26.104', '2001:df2:e500:3:103:102:166:103', '208.80.153.110', '208.80.154.7', '2620:0:860:4:208:80:153:110', '2620:0:861:1:208:80:154:7', '2620:0:863:3:198:35:26:104', '2a02:ec80:300:3:185:15:59:99', '2a02:ec80:600:1:185:15:58:6', '2a02:ec80:700:3:195:200:68:99']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[ssh-from-cumin-masters]

Parameters differences:

--- Nftables::Service[ssh-from-cumin-masters].orig
+++ Nftables::Service[ssh-from-cumin-masters]

+    notrack             => False
+    port                => 22
+    desc                => 
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present
+    src_sets            => ['CUMIN_MASTERS']

Nftables::Service[deployment-ssh]

Parameters differences:

--- Nftables::Service[deployment-ssh].orig
+++ Nftables::Service[deployment-ssh]

+    notrack             => False
+    port                => 22
+    desc                => 
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present
+    src_sets            => ['DEPLOYMENT_HOSTS']

Nftables::Service[rsyncd_access_releases]

Parameters differences:

--- Nftables::Service[rsyncd_access_releases].orig
+++ Nftables::Service[rsyncd_access_releases]

+    notrack             => False
+    port                => [873, 1873]
+    desc                => 
+    src_ips             => ['10.192.10.6', '10.192.12.30', '10.192.14.8', '10.192.14.9', '10.192.15.22', '10.192.15.23', '10.192.21.22', '10.192.22.11', '10.192.22.7', '10.192.26.10', '10.192.28.11', '10.192.28.7', '10.192.29.15', '10.192.31.9', '10.192.32.41', '10.192.32.7', '10.192.37.10', '10.192.39.13', '10.192.39.14', '10.192.4.12', '10.192.41.16', '10.192.41.20', '10.192.5.11', '10.192.5.14', '10.192.5.15', '10.192.5.27', '10.192.5.28', '10.192.5.29', '10.192.5.30', '10.192.5.31', '10.192.5.32', '10.192.5.34', '10.192.5.7', '10.192.6.14', '10.192.7.10', '10.192.7.11', '10.192.7.20', '10.192.7.6', '10.192.7.7', '10.192.7.8', '10.192.8.12', '10.192.8.14', '10.64.0.105', '10.64.131.5', '10.64.131.8', '10.64.154.6', '10.64.16.114', '10.64.16.116', '10.64.16.117', '10.64.16.118', '10.64.16.120', '10.64.16.123', '10.64.16.131', '10.64.16.220', '10.64.16.93', '10.64.164.12', '10.64.164.8', '10.64.32.171', '10.64.48.55', '2620:0:860:100:10:192:4:12', '2620:0:860:103:10:192:32:41', '2620:0:860:103:10:192:32:7', '2620:0:860:105:10:192:26:10', '2620:0:860:106:10:192:5:11', '2620:0:860:106:10:192:5:14', '2620:0:860:106:10:192:5:15', '2620:0:860:106:10:192:5:27', '2620:0:860:106:10:192:5:28', '2620:0:860:106:10:192:5:29', '2620:0:860:106:10:192:5:30', '2620:0:860:106:10:192:5:31', '2620:0:860:106:10:192:5:32', '2620:0:860:106:10:192:5:34', '2620:0:860:106:10:192:5:7', '2620:0:860:107:10:192:6:14', '2620:0:860:108:10:192:7:10', '2620:0:860:108:10:192:7:11', '2620:0:860:108:10:192:7:20', '2620:0:860:108:10:192:7:6', '2620:0:860:108:10:192:7:7', '2620:0:860:108:10:192:7:8', '2620:0:860:109:10:192:8:12', '2620:0:860:109:10:192:8:14', '2620:0:860:10b:10:192:10:6', '2620:0:860:10d:10:192:12:30', '2620:0:860:10f:10:192:14:8', '2620:0:860:10f:10:192:14:9', '2620:0:860:110:10:192:15:22', '2620:0:860:110:10:192:15:23', '2620:0:860:111:10:192:21:22', '2620:0:860:112:10:192:22:11', '2620:0:860:112:10:192:22:7', '2620:0:860:115:10:192:28:11', '2620:0:860:115:10:192:28:7', '2620:0:860:116:10:192:29:15', '2620:0:860:11a:10:192:31:9', '2620:0:860:11c:10:192:37:10', '2620:0:860:11e:10:192:39:13', '2620:0:860:11e:10:192:39:14', '2620:0:860:120:10:192:41:16', '2620:0:860:120:10:192:41:20', '2620:0:861:101:10:64:0:105', '2620:0:861:102:10:64:16:114', '2620:0:861:102:10:64:16:116', '2620:0:861:102:10:64:16:117', '2620:0:861:102:10:64:16:118', '2620:0:861:102:10:64:16:120', '2620:0:861:102:10:64:16:123', '2620:0:861:102:10:64:16:131', '2620:0:861:102:10:64:16:220', '2620:0:861:102:10:64:16:93', '2620:0:861:103:10:64:32:171', '2620:0:861:107:10:64:48:55', '2620:0:861:10a:10:64:131:5', '2620:0:861:10a:10:64:131:8', '2620:0:861:122:10:64:154:6', '2620:0:861:12c:10:64:164:12', '2620:0:861:12c:10:64:164:8']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[fundraising-data-uploader sftp]

Parameters differences:

--- Nftables::Service[fundraising-data-uploader sftp].orig
+++ Nftables::Service[fundraising-data-uploader sftp]

+    notrack             => False
+    port                => 22
+    desc                => sftp access for FR Tech Donor Export role user
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present
+    src_sets            => ['FRACK_NETWORKS']

Nftables::Service[http_deployment_server]

Parameters differences:

--- Nftables::Service[http_deployment_server].orig
+++ Nftables::Service[http_deployment_server]

+    notrack             => False
+    port                => 80
+    desc                => HTTP on deployment servers, for serving actual files to deploy
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present
+    src_sets            => ['MW_APPSERVER_NETWORKS', 'ANALYTICS_NETWORKS']

Nftables::Service[bacula-file-daemon-backup1014.eqiad.wmnet]

Parameters differences:

--- Nftables::Service[bacula-file-daemon-backup1014.eqiad.wmnet].orig
+++ Nftables::Service[bacula-file-daemon-backup1014.eqiad.wmnet]

+    notrack             => False
+    port                => 9102
+    desc                => 
+    src_ips             => ['10.64.183.10', '2620:0:861:13d:10:64:183:10']
+    proto               => tcp
+    unrestricted_access => False
+    prio                => 10
+    ensure              => present

Nftables::Service[full-monitoring-metrics-access-udp]

Parameters differences:

--- Nftables::Service[full-monitoring-metrics-access-udp].orig
+++ Nftables::Service[full-monitoring-metrics-access-udp]

+    notrack             => False
+    desc                => 
+    src_ips             => ['10.192.16.75', '10.192.32.67', '10.192.39.10', '10.192.9.11', '208.80.153.42', '208.80.154.78', '2620:0:860:102:10:192:16:75', '2620:0:860:103:10:192:32:67', '2620:0:860:10a:10:192:9:11', '2620:0:860:11e:10:192:39:10', '2620:0:860:2:208:80:153:42', '2620:0:861:3:208:80:154:78']
+    proto               => udp
+    unrestricted_access => False
+    prio                => 10
+    port_range          => [1, 65535]
+    ensure              => present

Compilation results for deploy2002.codfw.wmnet: None system changes detected

Catalog differences

Summary

Resources only in the new catalog

Resources modified

Relevant files