Compilation results for deploy1003.eqiad.wmnet: System changes detected

Catalog differences

Summary

Resources only in the new catalog

• Envoyproxy::Cluster[opensearch-toolhub-test_cluster]
• Envoyproxy::Conf[opensearch-toolhub-test]
• Envoyproxy::Conf[opensearch-toolhub-test_cluster]
• File[/etc/envoy/listeners.d/50-opensearch_toolhub_test.yaml]
• Envoyproxy::Conf[opensearch-ttmserver-test_cluster]
• File[/etc/envoy/listeners.d/50-opensearch_ttmserver_test.yaml]
• Envoyproxy::Conf[opensearch-ttmserver-test]
• File[/etc/envoy/clusters.d/50-opensearch_ttmserver_test_cluster.yaml]
• Envoyproxy::Listener[opensearch-toolhub-test]
• File[/etc/envoy/clusters.d/50-opensearch_toolhub_test_cluster.yaml]
• Envoyproxy::Cluster[opensearch-ttmserver-test_cluster]
• Envoyproxy::Listener[opensearch-ttmserver-test]

Resources modified

• Class[Mediawiki::Tlsproxy::Yaml_defs]

  Parameters differences:

  --- Class[Mediawiki::Tlsproxy::Yaml_defs].orig
  +++ Class[Mediawiki::Tlsproxy::Yaml_defs]
  
  @@
  -    listeners => ['mathoid', 'eventgate-analytics', 'eventgate-analytics-external', 'eventgate-main', 'sessionstore', 'echostore', 'termbox', 'push-notifications', 'restbase', 'rest-gateway', 'cxserver', 'shellbox', 'shellbox-constraints', 'shellbox-media', 'shellbox-syntaxhighlight', 'shellbox-timeline', 'shellbox-video', 'swift-eqiad', 'swift-codfw', 'search-chi-eqiad', 'search-chi-codfw', 'search-chi', 'search-omega-eqiad', 'search-omega-codfw', 'search-omega', 'search-psi-eqiad', 'search-psi-codfw', 'search-psi', 'cloudelastic-chi-eqiad', 'cloudelastic-omega-eqiad', 'cloudelastic-psi-eqiad', 'mw-api-int', 'linkrecommendation', 'device-analytics', 'inference', 'wikifunctions', 'ipoid', 'test-kitchen', 'chart-renderer', 'wdqs-internal-main', 'wdqs-internal-scholarly', 'data-gateway', 'analytics-web', 'page-analytics', 'opensearch-semantic-search', 'opensearch-ipoid']
  +    listeners => ['mathoid', 'eventgate-analytics', 'eventgate-analytics-external', 'eventgate-main', 'sessionstore', 'echostore', 'termbox', 'push-notifications', 'restbase', 'rest-gateway', 'cxserver', 'shellbox', 'shellbox-constraints', 'shellbox-media', 'shellbox-syntaxhighlight', 'shellbox-timeline', 'shellbox-video', 'swift-eqiad', 'swift-codfw', 'search-chi-eqiad', 'search-chi-codfw', 'search-chi', 'search-omega-eqiad', 'search-omega-codfw', 'search-omega', 'search-psi-eqiad', 'search-psi-codfw', 'search-psi', 'cloudelastic-chi-eqiad', 'cloudelastic-omega-eqiad', 'cloudelastic-psi-eqiad', 'mw-api-int', 'linkrecommendation', 'device-analytics', 'inference', 'wikifunctions', 'ipoid', 'test-kitchen', 'chart-renderer', 'wdqs-internal-main', 'wdqs-internal-scholarly', 'data-gateway', 'analytics-web', 'page-analytics', 'opensearch-semantic-search', 'opensearch-ipoid', 'opensearch-ttmserver-test', 'opensearch-toolhub-test']
  

• Envoyproxy::Conf[opensearch-ttmserver-test_cluster]

  Parameters differences:

  --- Envoyproxy::Conf[opensearch-ttmserver-test_cluster].orig
  +++ Envoyproxy::Conf[opensearch-ttmserver-test_cluster]
  
  +    conf_type => cluster
  +    priority  => 50
  

• Envoyproxy::Conf[opensearch-toolhub-test_cluster]

  Parameters differences:

  --- Envoyproxy::Conf[opensearch-toolhub-test_cluster].orig
  +++ Envoyproxy::Conf[opensearch-toolhub-test_cluster]
  
  +    conf_type => cluster
  +    priority  => 50
  

• File[/etc/helmfile-defaults/sophroid/listeners.yaml]

  Content differences:

  --- /etc/helmfile-defaults/sophroid/listeners.yaml.orig
  +++ /etc/helmfile-defaults/sophroid/listeners.yaml
  @@ -623,4 +623,6 @@
   - page-analytics
   - opensearch-semantic-search
   - opensearch-ipoid
  +- opensearch-ttmserver-test
  +- opensearch-toolhub-test
   profile::services_proxy::envoy::local_otel_reporting_pct: 0.0

• Class[Profile::Services_proxy::Envoy]

  Parameters differences:

  --- Class[Profile::Services_proxy::Envoy].orig
  +++ Class[Profile::Services_proxy::Envoy]
  
  @@
  -    enabled_listeners => ['mathoid', 'eventgate-analytics', 'eventgate-analytics-external', 'eventgate-main', 'sessionstore', 'echostore', 'termbox', 'push-notifications', 'restbase', 'rest-gateway', 'cxserver', 'shellbox', 'shellbox-constraints', 'shellbox-media', 'shellbox-syntaxhighlight', 'shellbox-timeline', 'shellbox-video', 'swift-eqiad', 'swift-codfw', 'search-chi-eqiad', 'search-chi-codfw', 'search-chi', 'search-omega-eqiad', 'search-omega-codfw', 'search-omega', 'search-psi-eqiad', 'search-psi-codfw', 'search-psi', 'cloudelastic-chi-eqiad', 'cloudelastic-omega-eqiad', 'cloudelastic-psi-eqiad', 'mw-api-int', 'linkrecommendation', 'device-analytics', 'inference', 'wikifunctions', 'ipoid', 'test-kitchen', 'chart-renderer', 'wdqs-internal-main', 'wdqs-internal-scholarly', 'data-gateway', 'analytics-web', 'page-analytics', 'opensearch-semantic-search', 'opensearch-ipoid']
  +    enabled_listeners => ['mathoid', 'eventgate-analytics', 'eventgate-analytics-external', 'eventgate-main', 'sessionstore', 'echostore', 'termbox', 'push-notifications', 'restbase', 'rest-gateway', 'cxserver', 'shellbox', 'shellbox-constraints', 'shellbox-media', 'shellbox-syntaxhighlight', 'shellbox-timeline', 'shellbox-video', 'swift-eqiad', 'swift-codfw', 'search-chi-eqiad', 'search-chi-codfw', 'search-chi', 'search-omega-eqiad', 'search-omega-codfw', 'search-omega', 'search-psi-eqiad', 'search-psi-codfw', 'search-psi', 'cloudelastic-chi-eqiad', 'cloudelastic-omega-eqiad', 'cloudelastic-psi-eqiad', 'mw-api-int', 'linkrecommendation', 'device-analytics', 'inference', 'wikifunctions', 'ipoid', 'test-kitchen', 'chart-renderer', 'wdqs-internal-main', 'wdqs-internal-scholarly', 'data-gateway', 'analytics-web', 'page-analytics', 'opensearch-semantic-search', 'opensearch-ipoid', 'opensearch-ttmserver-test', 'opensearch-toolhub-test']
  

• File[/etc/envoy/listeners.d/50-opensearch_toolhub_test.yaml]

  Parameters differences:

  --- File[/etc/envoy/listeners.d/50-opensearch_toolhub_test.yaml].orig
  +++ File[/etc/envoy/listeners.d/50-opensearch_toolhub_test.yaml]
  
  +    ensure => present
  +    mode   => 0444
  +    notify => Exec[verify-envoy-config]
  +    group  => root
  +    owner  => root
  

  Content differences:

  --- /etc/envoy/listeners.d/50-opensearch_toolhub_test.yaml.orig
  +++ /etc/envoy/listeners.d/50-opensearch_toolhub_test.yaml
  @@ -0,0 +1,92 @@
  +- address:
  +    socket_address: {protocol: TCP, address: "::", port_value: 6047}
  +  filter_chains:
  +  - filters:
  +    - name: envoy.filters.network.http_connection_manager
  +      typed_config:
  +        "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
  +        access_log:
  +        - filter:
  +            status_code_filter:
  +              comparison:
  +                op: "GE"
  +                value:
  +                  default_value: 500
  +                  runtime_key: opensearch-toolhub-test_min_log_code
  +          typed_config:
  +            "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
  +            path: "/var/log/envoy/opensearch-toolhub-test.log"
  +        stat_prefix: opensearch-toolhub-test_egress
  +        http_filters:
  +        - name: envoy.filters.http.router
  +          typed_config:
  +            "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
  +        route_config:
  +          name: opensearch-toolhub-test_route
  +          virtual_hosts:
  +          - name: opensearch-toolhub-test
  +            domains: ["*"]
  +            routes:
  +            - match:
  +                prefix: "/"
  +              route:
  +                auto_host_rewrite: true
  +                cluster: opensearch-toolhub-test
  +                timeout: 50s
  +                retry_policy:
  +                  retry_on: "gateway-error"
  +        internal_address_config:
  +          unix_sockets: true
  +          cidr_ranges:
  +          - address_prefix: 10.0.0.0
  +            prefix_len: 8
  +          - address_prefix: 127.0.0.1
  +            prefix_len: 32
  +          - address_prefix: ::1
  +            prefix_len: 128
  +- address:
  +    socket_address: {protocol: TCP, address: 0.0.0.0, port_value: 6047}
  +  filter_chains:
  +  - filters:
  +    - name: envoy.filters.network.http_connection_manager
  +      typed_config:
  +        "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
  +        access_log:
  +        - filter:
  +            status_code_filter:
  +              comparison:
  +                op: "GE"
  +                value:
  +                  default_value: 500
  +                  runtime_key: opensearch-toolhub-test_min_log_code
  +          typed_config:
  +            "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
  +            path: "/var/log/envoy/opensearch-toolhub-test.log"
  +        stat_prefix: opensearch-toolhub-test_egress
  +        http_filters:
  +        - name: envoy.filters.http.router
  +          typed_config:
  +            "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
  +        route_config:
  +          name: opensearch-toolhub-test_route
  +          virtual_hosts:
  +          - name: opensearch-toolhub-test
  +            domains: ["*"]
  +            routes:
  +            - match:
  +                prefix: "/"
  +              route:
  +                auto_host_rewrite: true
  +                cluster: opensearch-toolhub-test
  +                timeout: 50s
  +                retry_policy:
  +                  retry_on: "gateway-error"
  +        internal_address_config:
  +          unix_sockets: true
  +          cidr_ranges:
  +          - address_prefix: 10.0.0.0
  +            prefix_len: 8
  +          - address_prefix: 127.0.0.1
  +            prefix_len: 32
  +          - address_prefix: ::1
  +            prefix_len: 128

• Envoyproxy::Conf[opensearch-ttmserver-test]

  Parameters differences:

  --- Envoyproxy::Conf[opensearch-ttmserver-test].orig
  +++ Envoyproxy::Conf[opensearch-ttmserver-test]
  
  +    conf_type => listener
  +    priority  => 50
  

• Envoyproxy::Cluster[opensearch-toolhub-test_cluster]

  Parameters differences:

  --- Envoyproxy::Cluster[opensearch-toolhub-test_cluster].orig
  +++ Envoyproxy::Cluster[opensearch-toolhub-test_cluster]
  
  +    priority => 50
  

• Envoyproxy::Listener[opensearch-ttmserver-test]

  Parameters differences:

  --- Envoyproxy::Listener[opensearch-ttmserver-test].orig
  +++ Envoyproxy::Listener[opensearch-ttmserver-test]
  
  +    priority => 50
  

• File[/etc/helmfile-defaults/mediawiki/tlsproxy.yaml]

  Content differences:

  --- /etc/helmfile-defaults/mediawiki/tlsproxy.yaml.orig
  +++ /etc/helmfile-defaults/mediawiki/tlsproxy.yaml
  @@ -47,6 +47,8 @@
     - page-analytics
     - opensearch-semantic-search
     - opensearch-ipoid
  +  - opensearch-ttmserver-test
  +  - opensearch-toolhub-test
   mesh:
     error_page: |
       <!DOCTYPE html>

• File[/etc/envoy/clusters.d/50-opensearch_ttmserver_test_cluster.yaml]

  Parameters differences:

  --- File[/etc/envoy/clusters.d/50-opensearch_ttmserver_test_cluster.yaml].orig
  +++ File[/etc/envoy/clusters.d/50-opensearch_ttmserver_test_cluster.yaml]
  
  +    ensure => present
  +    mode   => 0444
  +    notify => Exec[verify-envoy-config]
  +    group  => root
  +    owner  => root
  

  Content differences:

  --- /etc/envoy/clusters.d/50-opensearch_ttmserver_test_cluster.yaml.orig
  +++ /etc/envoy/clusters.d/50-opensearch_ttmserver_test_cluster.yaml
  @@ -0,0 +1,38 @@
  +name: opensearch-ttmserver-test
  +connect_timeout: 0.25s
  +typed_extension_protocol_options:
  +  envoy.extensions.upstreams.http.v3.HttpProtocolOptions:
  +    "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions
  +    common_http_protocol_options:
  +      idle_timeout: 50s
  +      # Given we go through a load-balancer, we want to keep the number of requests that go through a single connection pool small
  +      max_requests_per_connection: 1000
  +    use_downstream_protocol_config: {}
  +type: STRICT_DNS
  +dns_lookup_family: V4_ONLY
  +lb_policy: ROUND_ROBIN
  +load_assignment:
  +  cluster_name: cluster_opensearch-ttmserver-test
  +  endpoints:
  +  - lb_endpoints:
  +    - endpoint:
  +        address:
  +          socket_address:
  +            address: opensearch-ttmserver-test.discovery.wmnet
  +            port_value: 30443
  +# Let's not enable circuit-breaking for now. It would look something like
  +#circuit_breakers:
  +#  thresholds:
  +#    - max_pending_requests: 30
  +transport_socket:
  +  name: envoy.transport_sockets.tls
  +  typed_config:
  +    "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
  +    sni: opensearch-ttmserver-test.discovery.wmnet
  +    common_tls_context:
  +       tls_params:
  +         cipher_suites: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384
  +       validation_context:
  +         trusted_ca:
  +           filename: /etc/ssl/certs/ca-certificates.crt
  +

• File[/etc/envoy/listeners.d/50-opensearch_ttmserver_test.yaml]

  Parameters differences:

  --- File[/etc/envoy/listeners.d/50-opensearch_ttmserver_test.yaml].orig
  +++ File[/etc/envoy/listeners.d/50-opensearch_ttmserver_test.yaml]
  
  +    ensure => present
  +    mode   => 0444
  +    notify => Exec[verify-envoy-config]
  +    group  => root
  +    owner  => root
  

  Content differences:

  --- /etc/envoy/listeners.d/50-opensearch_ttmserver_test.yaml.orig
  +++ /etc/envoy/listeners.d/50-opensearch_ttmserver_test.yaml
  @@ -0,0 +1,92 @@
  +- address:
  +    socket_address: {protocol: TCP, address: "::", port_value: 6046}
  +  filter_chains:
  +  - filters:
  +    - name: envoy.filters.network.http_connection_manager
  +      typed_config:
  +        "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
  +        access_log:
  +        - filter:
  +            status_code_filter:
  +              comparison:
  +                op: "GE"
  +                value:
  +                  default_value: 500
  +                  runtime_key: opensearch-ttmserver-test_min_log_code
  +          typed_config:
  +            "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
  +            path: "/var/log/envoy/opensearch-ttmserver-test.log"
  +        stat_prefix: opensearch-ttmserver-test_egress
  +        http_filters:
  +        - name: envoy.filters.http.router
  +          typed_config:
  +            "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
  +        route_config:
  +          name: opensearch-ttmserver-test_route
  +          virtual_hosts:
  +          - name: opensearch-ttmserver-test
  +            domains: ["*"]
  +            routes:
  +            - match:
  +                prefix: "/"
  +              route:
  +                auto_host_rewrite: true
  +                cluster: opensearch-ttmserver-test
  +                timeout: 50s
  +                retry_policy:
  +                  retry_on: "gateway-error"
  +        internal_address_config:
  +          unix_sockets: true
  +          cidr_ranges:
  +          - address_prefix: 10.0.0.0
  +            prefix_len: 8
  +          - address_prefix: 127.0.0.1
  +            prefix_len: 32
  +          - address_prefix: ::1
  +            prefix_len: 128
  +- address:
  +    socket_address: {protocol: TCP, address: 0.0.0.0, port_value: 6046}
  +  filter_chains:
  +  - filters:
  +    - name: envoy.filters.network.http_connection_manager
  +      typed_config:
  +        "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
  +        access_log:
  +        - filter:
  +            status_code_filter:
  +              comparison:
  +                op: "GE"
  +                value:
  +                  default_value: 500
  +                  runtime_key: opensearch-ttmserver-test_min_log_code
  +          typed_config:
  +            "@type": type.googleapis.com/envoy.extensions.access_loggers.file.v3.FileAccessLog
  +            path: "/var/log/envoy/opensearch-ttmserver-test.log"
  +        stat_prefix: opensearch-ttmserver-test_egress
  +        http_filters:
  +        - name: envoy.filters.http.router
  +          typed_config:
  +            "@type": type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
  +        route_config:
  +          name: opensearch-ttmserver-test_route
  +          virtual_hosts:
  +          - name: opensearch-ttmserver-test
  +            domains: ["*"]
  +            routes:
  +            - match:
  +                prefix: "/"
  +              route:
  +                auto_host_rewrite: true
  +                cluster: opensearch-ttmserver-test
  +                timeout: 50s
  +                retry_policy:
  +                  retry_on: "gateway-error"
  +        internal_address_config:
  +          unix_sockets: true
  +          cidr_ranges:
  +          - address_prefix: 10.0.0.0
  +            prefix_len: 8
  +          - address_prefix: 127.0.0.1
  +            prefix_len: 32
  +          - address_prefix: ::1
  +            prefix_len: 128

• Envoyproxy::Listener[opensearch-toolhub-test]

  Parameters differences:

  --- Envoyproxy::Listener[opensearch-toolhub-test].orig
  +++ Envoyproxy::Listener[opensearch-toolhub-test]
  
  +    priority => 50
  

• Envoyproxy::Conf[opensearch-toolhub-test]

  Parameters differences:

  --- Envoyproxy::Conf[opensearch-toolhub-test].orig
  +++ Envoyproxy::Conf[opensearch-toolhub-test]
  
  +    conf_type => listener
  +    priority  => 50
  

• Class[Profile::Kubernetes::Deployment_server::Sophroid_config]

  Parameters differences:

  --- Class[Profile::Kubernetes::Deployment_server::Sophroid_config].orig
  +++ Class[Profile::Kubernetes::Deployment_server::Sophroid_config]
  
  @@
  -    enabled_listeners => ['mathoid', 'eventgate-analytics', 'eventgate-analytics-external', 'eventgate-main', 'sessionstore', 'echostore', 'termbox', 'push-notifications', 'restbase', 'rest-gateway', 'cxserver', 'shellbox', 'shellbox-constraints', 'shellbox-media', 'shellbox-syntaxhighlight', 'shellbox-timeline', 'shellbox-video', 'swift-eqiad', 'swift-codfw', 'search-chi-eqiad', 'search-chi-codfw', 'search-chi', 'search-omega-eqiad', 'search-omega-codfw', 'search-omega', 'search-psi-eqiad', 'search-psi-codfw', 'search-psi', 'cloudelastic-chi-eqiad', 'cloudelastic-omega-eqiad', 'cloudelastic-psi-eqiad', 'mw-api-int', 'linkrecommendation', 'device-analytics', 'inference', 'wikifunctions', 'ipoid', 'test-kitchen', 'chart-renderer', 'wdqs-internal-main', 'wdqs-internal-scholarly', 'data-gateway', 'analytics-web', 'page-analytics', 'opensearch-semantic-search', 'opensearch-ipoid']
  +    enabled_listeners => ['mathoid', 'eventgate-analytics', 'eventgate-analytics-external', 'eventgate-main', 'sessionstore', 'echostore', 'termbox', 'push-notifications', 'restbase', 'rest-gateway', 'cxserver', 'shellbox', 'shellbox-constraints', 'shellbox-media', 'shellbox-syntaxhighlight', 'shellbox-timeline', 'shellbox-video', 'swift-eqiad', 'swift-codfw', 'search-chi-eqiad', 'search-chi-codfw', 'search-chi', 'search-omega-eqiad', 'search-omega-codfw', 'search-omega', 'search-psi-eqiad', 'search-psi-codfw', 'search-psi', 'cloudelastic-chi-eqiad', 'cloudelastic-omega-eqiad', 'cloudelastic-psi-eqiad', 'mw-api-int', 'linkrecommendation', 'device-analytics', 'inference', 'wikifunctions', 'ipoid', 'test-kitchen', 'chart-renderer', 'wdqs-internal-main', 'wdqs-internal-scholarly', 'data-gateway', 'analytics-web', 'page-analytics', 'opensearch-semantic-search', 'opensearch-ipoid', 'opensearch-ttmserver-test', 'opensearch-toolhub-test']
  

• Envoyproxy::Cluster[opensearch-ttmserver-test_cluster]

  Parameters differences:

  --- Envoyproxy::Cluster[opensearch-ttmserver-test_cluster].orig
  +++ Envoyproxy::Cluster[opensearch-ttmserver-test_cluster]
  
  +    priority => 50
  

• Class[Profile::Kubernetes::Deployment_server::Mediawiki::Config]

  Parameters differences:

  --- Class[Profile::Kubernetes::Deployment_server::Mediawiki::Config].orig
  +++ Class[Profile::Kubernetes::Deployment_server::Mediawiki::Config]
  
  @@
  -    enabled_listeners => ['mathoid', 'eventgate-analytics', 'eventgate-analytics-external', 'eventgate-main', 'sessionstore', 'echostore', 'termbox', 'push-notifications', 'restbase', 'rest-gateway', 'cxserver', 'shellbox', 'shellbox-constraints', 'shellbox-media', 'shellbox-syntaxhighlight', 'shellbox-timeline', 'shellbox-video', 'swift-eqiad', 'swift-codfw', 'search-chi-eqiad', 'search-chi-codfw', 'search-chi', 'search-omega-eqiad', 'search-omega-codfw', 'search-omega', 'search-psi-eqiad', 'search-psi-codfw', 'search-psi', 'cloudelastic-chi-eqiad', 'cloudelastic-omega-eqiad', 'cloudelastic-psi-eqiad', 'mw-api-int', 'linkrecommendation', 'device-analytics', 'inference', 'wikifunctions', 'ipoid', 'test-kitchen', 'chart-renderer', 'wdqs-internal-main', 'wdqs-internal-scholarly', 'data-gateway', 'analytics-web', 'page-analytics', 'opensearch-semantic-search', 'opensearch-ipoid']
  +    enabled_listeners => ['mathoid', 'eventgate-analytics', 'eventgate-analytics-external', 'eventgate-main', 'sessionstore', 'echostore', 'termbox', 'push-notifications', 'restbase', 'rest-gateway', 'cxserver', 'shellbox', 'shellbox-constraints', 'shellbox-media', 'shellbox-syntaxhighlight', 'shellbox-timeline', 'shellbox-video', 'swift-eqiad', 'swift-codfw', 'search-chi-eqiad', 'search-chi-codfw', 'search-chi', 'search-omega-eqiad', 'search-omega-codfw', 'search-omega', 'search-psi-eqiad', 'search-psi-codfw', 'search-psi', 'cloudelastic-chi-eqiad', 'cloudelastic-omega-eqiad', 'cloudelastic-psi-eqiad', 'mw-api-int', 'linkrecommendation', 'device-analytics', 'inference', 'wikifunctions', 'ipoid', 'test-kitchen', 'chart-renderer', 'wdqs-internal-main', 'wdqs-internal-scholarly', 'data-gateway', 'analytics-web', 'page-analytics', 'opensearch-semantic-search', 'opensearch-ipoid', 'opensearch-ttmserver-test', 'opensearch-toolhub-test']
  

• File[/etc/envoy/clusters.d/50-opensearch_toolhub_test_cluster.yaml]

  Parameters differences:

  --- File[/etc/envoy/clusters.d/50-opensearch_toolhub_test_cluster.yaml].orig
  +++ File[/etc/envoy/clusters.d/50-opensearch_toolhub_test_cluster.yaml]
  
  +    ensure => present
  +    mode   => 0444
  +    notify => Exec[verify-envoy-config]
  +    group  => root
  +    owner  => root
  

  Content differences:

  --- /etc/envoy/clusters.d/50-opensearch_toolhub_test_cluster.yaml.orig
  +++ /etc/envoy/clusters.d/50-opensearch_toolhub_test_cluster.yaml
  @@ -0,0 +1,38 @@
  +name: opensearch-toolhub-test
  +connect_timeout: 0.25s
  +typed_extension_protocol_options:
  +  envoy.extensions.upstreams.http.v3.HttpProtocolOptions:
  +    "@type": type.googleapis.com/envoy.extensions.upstreams.http.v3.HttpProtocolOptions
  +    common_http_protocol_options:
  +      idle_timeout: 50s
  +      # Given we go through a load-balancer, we want to keep the number of requests that go through a single connection pool small
  +      max_requests_per_connection: 1000
  +    use_downstream_protocol_config: {}
  +type: STRICT_DNS
  +dns_lookup_family: V4_ONLY
  +lb_policy: ROUND_ROBIN
  +load_assignment:
  +  cluster_name: cluster_opensearch-toolhub-test
  +  endpoints:
  +  - lb_endpoints:
  +    - endpoint:
  +        address:
  +          socket_address:
  +            address: opensearch-toolhub-test.discovery.wmnet
  +            port_value: 30443
  +# Let's not enable circuit-breaking for now. It would look something like
  +#circuit_breakers:
  +#  thresholds:
  +#    - max_pending_requests: 30
  +transport_socket:
  +  name: envoy.transport_sockets.tls
  +  typed_config:
  +    "@type": type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.UpstreamTlsContext
  +    sni: opensearch-toolhub-test.discovery.wmnet
  +    common_tls_context:
  +       tls_params:
  +         cipher_suites: ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384
  +       validation_context:
  +         trusted_ca:
  +           filename: /etc/ssl/certs/ca-certificates.crt
  +

Relevant files

• Production catalog
• Change catalog
• Production errors/warnings
• Change errors/warnings
• Core Diff
• Standard Diff