Chapter 1. Red Hat 3scale API Management 2.4 On-Premise Release Notes

1.1. Changes and New Features

1.1.1. Major Changes

  • Introducing Service Discovery to allow API providers to add APIs for management by “discovering” corresponding services in the underlying OpenShift cluster (JIRA #1363).
  • Updates to user experience and user interface in line with other Red Hat’s products (JIRA #1361).
  • First officially supported Command Line Interface (CLI) to copy services within the same or different 3scale instances, both on-premises and SaaS (JIRA #1362).
  • New APIcast IP check policy to accept or deny requests based on IPs (JIRA #1353).

1.1.2. Minor Changes

  • When a tenant is deleted from the Admin Portal, instead of being deleted directly, it is postponed for deletion. The developer will lose access to the provider’s APIs, but it will not actually be removed from the system until 15 days later.
  • APIcast API gateway:

    • Additional metrics for Prometheus monitoring (JIRA #1383).

      • Number of errors of the Lua library that manages the metrics
      • APIcast errors
      • Number of HTTP connections.
      • Capacity of the dictionaries shared between workers
      • Free space of the dictionaries shared between workers
      • Response status codes from 3scale back end
    • Enhanced Headers policy with delete operation (JIRA #1354).
    • Return retry-after quota when the request is denied by the backend because it is being rate limited. It contains the number of seconds the caller needs to wait until the limit expires (JIRA #1380).
  • Deployment. Changes in existing templates:

    • Unified shared configurations via ConfigMaps.
    • Moved existing sensitive information into Secrets.
    • Made all existing databases configurable externally.
  • Removed system-resque pod. Now system-sidekiq pod is handling everything that was handled by system-resque previously. (JIRA #1695).

1.2. Resolved Issues

  • When the ‘Service Settings’ view cannot be accessed, the system handles the error properly by displaying relevant information (JIRA #878).
  • Enhanced perfomance of the wildcard-router feature when dealing with unsecured routes (Resolved in OpenShift Container Platform 3.9.32).
  • Not supported payment gateways have been removed from the Admin Portal (JIRA #1063).
  • Improved performance of APIcast to load configuration and start when there are many services.
  • Refined permission management to avoid having members without permissions to see and modify applications under API services (JIRA #1116).
  • Kept effective email notification options for master users (JIRA #826 and JIRA #873).
  • 3scale Auth Caching policy: Allow returns the first transaction as 200 (OK) for new keys (JIRA #1396).
  • You can see only the relevant information in Account Summary for master accounts (JIRA #974).
  • Developer portal links effectively to Quickstart (JIRA #1212).
  • On update request, Developer Portal is now properly updated when working with this endpoint: /admin/api/authentication_providers/{id} (JIRA #1207).
  • When using HTTPS proxy, nil is not added to the request path anymore (JIRA #1506).
  • Now, you can download a .CSV file about API Usage with Explorer 11 (JIRA #1318).
  • Improved readability of descriptions in [Your API] > Integration > Configuration (JIRA #946).
  • Memcached is now able to verify that a user is non-roots for containers on Openshift (JIRA #665).
  • Now, master is not visible in its own list of tenants (JIRA #990).
  • The signup page from the Developer Portal loads when spam protection is enabled (JIRA #908).
  • With Signup Express endpoint, now setting name as an additional field does not override the org_name value (JIRA #875).
  • Upgraded management of APIcast environment names: sandbox has been replaced by the correct name staging. (JIRA #1429).

1.3. Documentation

1.4. Technology Preview Features

  • HA and Eval openshift templates (JIRA #1168)
  • The “Conditional policy” that only executes a policy chain if a certain condition is met. There is no user interface available for this policy; it must be configured via JSON.

1.5. Known Issues

  • Dashboard stream and email notifications are not filtered according to the admin member permissions (JIRA #629).
  • Invoices not correctly generated in POSTPAID mode when subscribing on the last day of the month (JIRA #534).
  • Backend-listener fails to reconnect to backend-redis (JIRA #608).
  • The master account application is visible, but the master account is not (JIRA #1474).
  • Service deletion might randomly prevent a service to be re-added and discovered in 3scale (JIRA #1194).

    • Workaround: Recreate the OpenShift service with another name. The application itself does not need to be redeployed.
  • Redis High Availability (HA) via Sentinel functionality with the backend for System components is currently not supported through connections with system-redis or backend-redis (JIRA #1132).

1.6. Deprecation and Replacement Notices

1.6.1. Deprecated in 3scale 2.4

  • End User Plans are deprecated in this release. Actual removal of this feature will be in March 2019. This feature will be replaced by the ability to define rate limits for end users using the APIcast policy for edge limiting. For more details, see Edge Limiting Policy
  • Latest transactions are deprecated in this release and will be removed in a future version. With the changes in 3scale user interface, references to the page with a live feed of the transactions reported from your APIs have been removed from the Admin Portal. As a temporary option to view the transactions, you can type the URL: [Your_admin_domain]/apiconfig/transactions.

1.6.2. Replaced in 3scale 2.4

  • Native OAuth 2.0 implementation (Authorization Code flow) for API traffic authentication has been removed in this release. This feature is replaced by the OpenID Connect integration with Red Hat Single Sign-On which includes support for multiple OAuth 2.0 flows. For more details, see OpenID Connect Integration.