Red Hat SummitRelease Notes for Red Hat 3scale API Management 2.14 On-premises
Document intended for use with Red Hat 3scale API Management 2.14
Abstract
Preface
This document is intended for use with Red Hat 3scale API Management 2.14 and related patch releases.
Providing feedback on Red Hat documentation
We appreciate your feedback on our documentation.
To propose improvements, open a Jira issue and describe your suggested changes. Provide as much detail as possible to enable us to address your request quickly.
Prerequisite
- You have a Red Hat Customer Portal account. This account enables you to log in to the Red Hat Jira Software instance. If you do not have an account, you will be prompted to create one.
Procedure
- Click the following Create issue.
- In the Summary text box, enter a brief description of the issue.
In the Description text box, provide the following information:
- The URL of the page where you found the issue.
-
A detailed description of the issue.
You can leave the information in any other fields at their default values.
- Click Create to submit the Jira issue to the documentation team.
Thank you for taking the time to provide feedback.
Chapter 1. Red Hat 3scale API Management 2.14.3 - Patch release
1.1. Resolved issues and enhancements
Red Hat 3scale API Management 2.14.3 provides the following improvements and fixes:
- Addressed security vulnerabilities, including the fix for CVE-2024-10295.
- Applied minor stability improvements.
Chapter 2. Red Hat 3scale API Management 2.14.2 - Patch release
2.1. New features
Red Hat 3scale API Management 2.14.2 provides the following new features and enhancements:
- Added compatibility for OpenShift version 4.16.
- Applied CVE patches to the base images for improved security.
Chapter 3. Red Hat 3scale API Management 2.14.1 - Patch release
3.1. New features
Red Hat 3scale API Management 2.14.1 provides the following new feature:
- Added compatibility for Red Hat OpenShift version 4.15.
3.2. Resolved issues
Red Hat 3scale API Management 2.14.1 resolves the following issue:
- Resolved Token Introspection policy compatibility issue with Red Hat Single Sign-On 7.5 or later.
Chapter 4. Red Hat 3scale API Management 2.14.0
4.1. New features
Red Hat 3scale API Management 2.14 provides the following new features and enhancements:
Content Management System API (THREESCALE-7891):
- Introducing the new Content Management System API (CMS API) that allows programmatic control and provision of the Developer Portal content.
3scale API Management Operator for Application Capabilities (THREESCALE-3486):
- Full support for the 3scale operator application capabilities by enabling custom resource definitions for 3scale tenants, APIs, and more. Check the Using the 3scale API Management operator to configure and provision 3scale guide and its important considerations.
- New application custom resource definition (CRD) (THREESCALE-7668)
STS authentication for Amazon S3 (THREESCALE-7132):
- Added support for AWS Security Token Service (STS) authentication in S3 buckets used by 3scale.
API gateway (APIcast) enhancements:
- Added support for OpenTelemetry distributed tracing in APIcast (THREESCALE-7735)
-
Loading configuration via
/admin/api/account/proxy_configsis now supported (THREESCALE-8508) -
Ability to set the
APICAST_SERVICE_CACHE_SIZEfor improved caching (THREESCALE-8749)
3scale Operator Enhancements:
- Definition of pod priorities for components via APIManager CR (THREESCALE-8997)
- Setting of zone topology spread constraints for components via APIManager CR (THREESCALE-8998)
- Addition of labels to components via APIManager CR (THREESCALE-8999)
- Support for OAuth2/OIDC in the OpenAPI CRD (THREESCALE-9573)
Toolbox CLI Enhancements:
- Support for OpenAPI specifications with multiple flows in OAuth2 security schemes (THREESCALE-9768)
Security, performance, and other general improvements:
- Improved JSON spec invalid error feedback in the Admin Portal UI (THREESCALE-8034)
- Hits metrics display as integers for easier interpretation (THREESCALE-8036)
- Added support for policy chains with sizes greater than 65,535 bytes (THREESCALE-8377)
- Improved integration with Oracle databases (THREESCALE-1175)
-
Use of
secretKeyRefenabled for APIcast policies configurations (THREESCALE-8002) - Upgrade of 3scale APIs and online documentation to OpenAPI version 3 (THREESCALE-3927)
- Allowed disabling Redis client ID for Sidekiq connection (THREESCALE-9210)
- Improved security in the password update form: current password is now required. (THREESCALE-6648). For more information, see this article.
- Added primary keys to all tables for Group Replication compatibility in MySQL (THREESCALE-9655)
- Improved security with keys and access tokens masked in system logs (THREESCALE-5442)
- Audition of new objects included in the 3scale audit logs (THREESCALE-6853)
- Added ability to fetch whether Active Docs are published or not (THREESCALE-7403)
4.2. Resolved issues
Red Hat 3scale API Management 2.14 resolves the following issues:
| Issue number | Description |
|---|---|
| Zync requires zync-que redeploy for routes to be created | |
| Failing to deploy APIManager via the operator with external Oracle database - service name and PDB mismatch | |
| Developer portal’s spam protection 'Suspicious only' doesn’t work correctly | |
| Review warning displayed in apicast logs about variables_hash_max_size & variables_hash_bucket_size | |
| Apicast logs shows permission denied in a tmp file | |
| APICAST_PATH_ROUTING=true causes 404 when it should use the stale config object | |
| Fix New Product form | |
| APIcast does not load all pages of services or proxy configs | |
| Search in on prem doesn’t work for records older than 24 hours | |
| Products and backend can’t be found by searching for system name | |
| 3scale Backend Operator capability does not allow creating more than 500 methods | |
| Toolbox command "application apply" returning error after API Credentials regenerated through the Portal | |
| The default metric should be a Product’s metric | |
| Loss of APICast configuration | |
| When downloading the Active Doc 3scale adds "schemes":["http"]" at the end | |
| APIcast fails to connect to upstreams that require TLS v1.3 | |
| 3scale Backend Operator capability does not allow creating more than 500 Backends | |
| "Service plan" created in another "Product" is displayed in the service plan list | |
| ActiveDocs shows Error when a response body is blank |
4.3. Known issues
Known issues in Red Hat 3scale API Management 2.14:
| Issue number | Description |
|---|---|
| Nginx filter policy is not working as expected when using content-caching | |
| Some migrations from 2.13 to 2.14 fail due to a bug. Follow the instructions in this solution from the Red Hat Customer Portal to avoid a potential upgrade failure. |
Usernames in 3scale must be 40 characters or fewer. When a username has more than 40 characters, 3scale usually truncates it. Consider this when you do any of the following:
- Create a developer account.
- Create a provider account as the master.
- Add a user to a provider account as the provider or as the master.
- Add a user to a developer account in the Developer Portal or in the Admin Portal.
- Usernames must be 40 characters or fewer when using Red Hat Single Sign-On to authenticate access to the Admin Portal or Developer Portal.
Chapter 5. Documentation
Supported configurations
- Check the latest information about 3scale 2.14 supported configurations at the Red Hat 3scale API Management Supported Configurations website.
Security updates
- Check the latest information about 3scale 2.14 security updates in the Red Hat Product Advisories portal.
Erratas
- Advisory for the Container Images: RHEA-2023:7844
Upgrade guides
Check the procedures to upgrade your 3scale installation from 2.13 to 2.14, for the following deployments:
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}