Release Notes for Red Hat 3scale API Management 2.15 On-premises

Red Hat 3scale API Management 2.15

Document intended for use with Red Hat 3scale API Management 2.15

Red Hat Customer Content Services

Abstract

This document informs users about the latest and Technology Preview features, as well as resolved issues, associated documentation, and known issues in Red Hat 3scale API Management 2.15

Preface

This document is intended for use with Red Hat 3scale API Management 2.15 and related patch releases.

Providing feedback on Red Hat documentation

We appreciate your feedback on our documentation.

To propose improvements, open a Jira issue and describe your suggested changes. Provide as much detail as possible to enable us to address your request quickly.

Prerequisite

You have a Red Hat Customer Portal account. This account enables you to log in to the Red Hat Jira Software instance. If you do not have an account, you will be prompted to create one.

Procedure

Click the following Create issue.
In the Summary text box, enter a brief description of the issue.
In the Description text box, provide the following information:
- The URL of the page where you found the issue.
- A detailed description of the issue.
  You can leave the information in any other fields at their default values.
Click Create to submit the Jira issue to the documentation team.

Thank you for taking the time to provide feedback.

Chapter 1. Red Hat 3scale API Management 2.15.2 - Patch release

1.1. New features

Red Hat 3scale API Management 2.15.2 introduces the following enhancements:

Added compatibility with Red Hat OpenShift Service on AWS (ROSA) with hosted control planes (HCP).
Added compatibility with Red Hat build of Keycloak version 26.

1.2. Resolved issues

Red Hat 3scale API Management 2.15.2 addresses the following issues:

Fixed an issue preventing reconnection to Redis after a dropped connection (THREESCALE-11528).
Applied security and stability improvements.

Chapter 2. Red Hat 3scale API Management 2.15.1 - Patch release

2.1. Resolved issues

Red Hat 3scale API Management 2.15.1 resolves the following issue:

Fixed a security vulnerability by addressing CVE-2024-10295.

Chapter 3. Red Hat 3scale API Management 2.15.0

Chapter 4. New features

Red Hat 3scale API Management 2.15 provides the following new features and enhancements:

Support for Red Hat build of Keycloak (THREESCALE-10712)
Support for Redis 7.2 as an external datastore (THREESCALE-10735)
API gateway (APIcast) enhancements:
- APIcast compatibility with ARM64 architecture (THREESCALE-10586)
- Added support for chunked requests (THREESCALE-9542)
- Ability to use Basic Authentication on the HTTP proxy (THREESCALE-4393)
3scale Operator Enhancements:
- Allow enabling OpenTelemetry on APIcast (THREESCALE-10643)
- Auth-keys support for Application CR (THREESCALE-10613)
- Improved status reporting (THREESCALE-10037)
- Improved proxy configuration promotion (THREESCALE-10381)
- Extended capabilities in Tenant CR (THREESCALE-10525)
Security, performance, and other general improvements:
- Introducing Openshift APIs for Data Protection as the standard backup and restore mechanism in 3scale (THREESCALE-9326)
- Horizontal Pod Autoscaling for Backend Listener, Backend worker and APIcast (THREESCALE-5894)
- Transitioned from using DeploymentConfigs to Deployments for improved alignment with OpenShift standards (THREESCALE-10163)
- Enable support for the content-type 'application/problem+json' in the Error Responses (THREESCALE-8909)
- Improved user experience in login page preventing automatic re-entries (THREESCALE-10797)
- Improvements in the User Interface (THREESCALE-9847, THREESCALE-8748, THREESCALE-8747, THREESCALE-10455)

Chapter 5. Resolved issues

Red Hat 3scale API Management 2.15 resolves the following issues:

Table 5.1. Resolved issues
Issue number	Description
THREESCALE-1752	Messages counter in the Dashboard is not correct
THREESCALE-5225	Upstream cannot be null error in APIcast logs
THREESCALE-7491	Member user in Analytics group getting Access Denied when accessing the Backend analytics
THREESCALE-7570	Unable to delete application key when it has a dot in the key name
THREESCALE-8383	Need to redeploy Sidekiq when updating Email Templates
THREESCALE-9437	Internal Error occurs when changing password for users in member role
THREESCALE-9537	Batcher Policy storage ran out of memory
THREESCALE-9711	Provide a way to get 3scale patch version details from 3scale installation
THREESCALE-10065	Messages deleted from Sent mailbox are deleted immediately instead of being moved to Trash
THREESCALE-10147	Finalized option missing in dropdown for Invoice API
THREESCALE-10212	Broken "Buyer Account approved" email template
THREESCALE-10238	The Operator reconciles a Product created with the ProductCR when mapping rules are duplicated
THREESCALE-10259	Special character "#" is breaking the Downalod CSV functionality on the Analytics page
THREESCALE-10308	JWT claim check policy fails to match resource and skips the check
THREESCALE-10582	Upstream timeouts don’t work with Camel Service
THREESCALE-10752	Account edit form in admin portal incorrectly rendering country field
THREESCALE-10792	The operator doesn’t delete the objects in the correct order
THREESCALE-10934	Batcher policy does not accept the same chars specified in Porta regex for app_id, app_key & user_key
THREESCALE-11183	Backend CR can’t be created when using wss protocol

Chapter 6. Known issues

Known issues in Red Hat 3scale API Management 2.15:

Table 6.1. Known issues
Issue number	Description
THREESCALE-7514	Nginx filter policy is not working as expected when using content-caching
THREESCALE-9033	Some special characters in Application Keys are not supported
THREESCALE-10761	Problem with special chars in application_id in utilization
THREESCALE-10762	Command from Configuration page cause apicast to return 403
THREESCALE-10763	Command from Configuration page cause apicast to return 403
THREESCALE-10875	DeveloperAccount backup and restore needs to be hardened
THREESCALE-11532	Backend clients cannot re-establish the connection Issue resolved in 2.15.2

Chapter 7. Documentation

Supported configurations

Check the latest information about 3scale 2.15 supported configurations at the Red Hat 3scale API Management Supported Configurations website.

Security updates

Check the latest information about 3scale 2.15 security updates in the Red Hat Product Advisories portal.

Erratas

Advisory for the Container Images: RHEA-2023:112722

Upgrade guides

Check the procedures to upgrade your 3scale installation from 2.13 to 2.14, for the following deployments:
- Based on operators
- APIcast in operator-based deployments

Chapter 8. Changes in 3scale

Note

In 3scale 2.14, support for deploying databases within the cluster as part of the standard 3scale deployment was deprecated. In 3scale 2.16, Red Hat supports only self-deployed databases, whether within the cluster or external to it.

This section lists current and future 3scale changes.

Deprecated features

3scale support for OpenTracing is now deprecated in favor of OpenTelemetry. In the upcoming version, 3scale 2.16, OpenTracing will no longer be available.
3scale Toolbox Command Line Tool is deprecated and we will no longer incorporate further enhancements. The recommended way for provisioning and automation needs, is the 3scale Application Capabilities operator.
OpenShift APIs for Data Protection is now the standard and recommended backup and restore mechanism in 3scale. The old backup and restore procedures are deprecated and will be removed from future versions documentation.
3scale no longer supports slaves for Redis configurations. If slaves are enabled on internal Redis configurations, the operator will override and disable them.

Legal Notice

The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.

Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.

Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.

Linux® is the registered trademark of Linus Torvalds in the United States and other countries.

Java® is a registered trademark of Oracle and/or its affiliates.

XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.

MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.

Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.

The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.

All other trademarks are the property of their respective owners.