Chapter 3. Red Hat 3scale API Management 2.14.0
3.1. New features
Red Hat 3scale API Management 2.14 provides the following new features and enhancements:
Content Management System API (THREESCALE-7891):
- Introducing the new Content Management System API (CMS API) that allows programmatic control and provision of the Developer Portal content.
3scale API Management Operator for Application Capabilities (THREESCALE-3486):
- Full support for the 3scale operator application capabilities by enabling custom resource definitions for 3scale tenants, APIs, and more. Check the Using the 3scale API Management operator to configure and provision 3scale guide and its important considerations.
- New application custom resource definition (CRD) (THREESCALE-7668)
STS authentication for Amazon S3 (THREESCALE-7132):
- Added support for AWS Security Token Service (STS) authentication in S3 buckets used by 3scale.
API gateway (APIcast) enhancements:
- Added support for OpenTelemetry distributed tracing in APIcast (THREESCALE-7735)
-
Loading configuration via
/admin/api/account/proxy_configs
is now supported (THREESCALE-8508) -
Ability to set the
APICAST_SERVICE_CACHE_SIZE
for improved caching (THREESCALE-8749)
3scale Operator Enhancements:
- Definition of pod priorities for components via APIManager CR (THREESCALE-8997)
- Setting of zone topology spread constraints for components via APIManager CR (THREESCALE-8998)
- Addition of labels to components via APIManager CR (THREESCALE-8999)
- Support for OAuth2/OIDC in the OpenAPI CRD (THREESCALE-9573)
Toolbox CLI Enhancements:
- Support for OpenAPI specifications with multiple flows in OAuth2 security schemes (THREESCALE-9768)
Security, performance, and other general improvements:
- Improved JSON spec invalid error feedback in the Admin Portal UI (THREESCALE-8034)
- Hits metrics display as integers for easier interpretation (THREESCALE-8036)
- Added support for policy chains with sizes greater than 65,535 bytes (THREESCALE-8377)
- Improved integration with Oracle databases (THREESCALE-1175)
-
Use of
secretKeyRef
enabled for APIcast policies configurations (THREESCALE-8002) - Upgrade of 3scale APIs and online documentation to OpenAPI version 3 (THREESCALE-3927)
- Allowed disabling Redis client ID for Sidekiq connection (THREESCALE-9210)
- Improved security in the password update form: current password is now required. (THREESCALE-6648). For more information, see this article.
- Added primary keys to all tables for Group Replication compatibility in MySQL (THREESCALE-9655)
- Improved security with keys and access tokens masked in system logs (THREESCALE-5442)
- Audition of new objects included in the 3scale audit logs (THREESCALE-6853)
- Added ability to fetch whether Active Docs are published or not (THREESCALE-7403)
3.2. Resolved issues
Red Hat 3scale API Management 2.14 resolves the following issues:
Issue number | Description |
---|---|
Zync requires zync-que redeploy for routes to be created | |
Failing to deploy APIManager via the operator with external Oracle database - service name and PDB mismatch | |
Developer portal’s spam protection 'Suspicious only' doesn’t work correctly | |
Review warning displayed in apicast logs about variables_hash_max_size & variables_hash_bucket_size | |
Apicast logs shows permission denied in a tmp file | |
APICAST_PATH_ROUTING=true causes 404 when it should use the stale config object | |
Fix New Product form | |
APIcast does not load all pages of services or proxy configs | |
Search in on prem doesn’t work for records older than 24 hours | |
Products and backend can’t be found by searching for system name | |
3scale Backend Operator capability does not allow creating more than 500 methods | |
Toolbox command "application apply" returning error after API Credentials regenerated through the Portal | |
The default metric should be a Product’s metric | |
Loss of APICast configuration | |
When downloading the Active Doc 3scale adds "schemes":["http"]" at the end | |
APIcast fails to connect to upstreams that require TLS v1.3 | |
3scale Backend Operator capability does not allow creating more than 500 Backends | |
"Service plan" created in another "Product" is displayed in the service plan list | |
ActiveDocs shows Error when a response body is blank |
3.3. Known issues
Known issues in Red Hat 3scale API Management 2.14:
Issue number | Description |
---|---|
Nginx filter policy is not working as expected when using content-caching | |
Some migrations from 2.13 to 2.14 fail due to a bug. Follow the instructions in this solution from the Red Hat Customer Portal to avoid a potential upgrade failure. |
Usernames in 3scale must be 40 characters or fewer. When a username has more than 40 characters, 3scale usually truncates it. Consider this when you do any of the following:
- Create a developer account.
- Create a provider account as the master.
- Add a user to a provider account as the provider or as the master.
- Add a user to a developer account in the Developer Portal or in the Admin Portal.
- Usernames must be 40 characters or fewer when using Red Hat Single Sign-On to authenticate access to the Admin Portal or Developer Portal.