Description
Follow-up to #36244. When the OpenSearch (OS) startup connection gate fails, the failure cause is currently indistinguishable: the connection probe is wrapped in a broad catch (Exception), so a TLS scheme mismatch, an HTTP 403 (auth), and a plain connection-refused all surface as the same opaque error. This produces fatal/fallback messages that don't tell the operator what to actually fix.
This was the diagnostic gap that motivated #36244: the real failure during the 2026-06-12 Phase 3 smoke against the os-migration limited-user stack was a TLS scheme mismatch — dotCMS configured with http://localhost:9201 talking to an OS 3.x port that only accepts https. The server closed the socket → ConnectionClosedException: Connection closed by peer (curl: HTTP 000 / exit 52), which at the catch (Exception) level is indistinguishable from "host unreachable" or a 403.
This issue is intentionally orthogonal to #36244: that issue reworks when/where the gate runs and how it behaves per migration phase (retry → abort vs fallback). This one improves how the failure cause is classified and reported once a connection attempt fails. Keeping them separate keeps each PR focused and reviewable.
Acceptance Criteria
Priority
Low — diagnostic/observability improvement. It does not change startup gating behavior (that is #36244); it makes failures self-explanatory.
Additional Context
Description
Follow-up to #36244. When the OpenSearch (OS) startup connection gate fails, the failure cause is currently indistinguishable: the connection probe is wrapped in a broad
catch (Exception), so a TLS scheme mismatch, an HTTP 403 (auth), and a plain connection-refused all surface as the same opaque error. This produces fatal/fallback messages that don't tell the operator what to actually fix.This was the diagnostic gap that motivated #36244: the real failure during the 2026-06-12 Phase 3 smoke against the
os-migrationlimited-user stack was a TLS scheme mismatch — dotCMS configured withhttp://localhost:9201talking to an OS 3.x port that only acceptshttps. The server closed the socket →ConnectionClosedException: Connection closed by peer(curl: HTTP 000 / exit 52), which at thecatch (Exception)level is indistinguishable from "host unreachable" or a 403.This issue is intentionally orthogonal to #36244: that issue reworks when/where the gate runs and how it behaves per migration phase (retry → abort vs fallback). This one improves how the failure cause is classified and reported once a connection attempt fails. Keeping them separate keeps each PR focused and reviewable.
Acceptance Criteria
httpconfigured against a TLS-only port → socket closed /ConnectionClosedException), authentication/authorization failure (HTTP 401/403), and unreachable / connection-refused (host down, wrong port, DNS).http://…but the server requireshttps— updateOS_ENDPOINTS").Priority
Low — diagnostic/observability improvement. It does not change startup gating behavior (that is #36244); it makes failures self-explanatory.
Additional Context
catch (Exception)sites are the OS connection probes exercised by the startup gate:OSIndexAPIImpl.waitUtilIndexReady()/getClusterStats()andIndexStartupValidator.validateOSVersion()(theosClientProvider.getClient().info()probe).