For Use with Red Hat 3scale API Management 2.6
This document is intended for use with Red Hat 3scale API Management and related patch releases.
Chapter 1. Red Hat 3scale API Management 2.6.1 - Patch release
This document is intended for use with Red Hat 3scale API Management 2.6.1 On-premises.
1.1. Resolved issues
- The upgrade process of 3scale with Oracle Database, from version 2.5 to 2.6, now runs successfully due to updates in the image files (JIRA #4793).
Chapter 2. Red Hat 3scale API Management 2.6
This document is intended for use with Red Hat 3scale API Management 2.6 On-premises.
2.1. Supported configurations
- Check the latest information about 3scale 2.6 supported configurations at the Red Hat 3scale API Management Supported Configurations website.
- The operator image should only be installed using the supported Operator Lifecycle Manager (OLM) installation procedure. It is not intended to be installed manually.
2.2. New features
2.2.1. Major features
- Introducing 3scale 2.6 certification on OpenShift 4.1 (JIRA #2657).
- 3scale operator with installation is based on OLM (JIRA #2384).
- Redis High Availability and Disaster Recovery (HA/DR) are now supported (JIRA #2584).
- Automated API lifecycle supports Toolbox and Jenkins pipelines (JIRA #2201), with limitations regarding the edition of exported YAML files (JIRA #2350).
- Audit logs trail: You can forward existing audit logs to the standard container and pod logs (JIRA #2593)
- OpenID Connect integration features are extended to facilitate work of third-party identity providers with Zync for client synchronization (JIRA #1131).
3scale containerized images are now hosted at the authenticated registry located in
- 3scale provides PostgreSQL support for system (JIRA #2839).
2.2.2. Minor features
- We have improved filtering of APIcast services by using URL paths and regular expressions (JIRA #2446).
- Now you can include additional information for metrics when setting up Prometheus alerts at the API Level (JIRA #2532).
- Changes in the OpenID and OAuth token validation flow to improve access control (JIRA #2262).
- Optimized features are now available so you can configure APIcast for better performance (JIRA #2337).
- With 3scale toolbox, now you can choose if new methods and metrics are enabled or disabled, both for new and existing plans (JIRA #2448).
- Matches operator was added to Edge Limiting policy to use this policy as a mapping rule that can limit rates on the second time scale (JIRA #2590).
- Added a new variable environment called APICAST_PATH_ROUTING_ONLY. When the variable is set to true, APIcast uses path-based routing and does not fallback to the default host-based routing (JIRA #1150).
- Now you can manage access to different HTTP methods using Red Hat Single Sign On (RH-SSO) role check policy (JIRA #2236).
- You can enable OpenID Connect (OIDC) via user interface when you select Istio as an integration option (JIRA #2435).
- We have included additional information to differentiate between metrics with a limit of 0 (disabled) and exceeded limit errors (JIRA #2756).
- Introducing Patternfly 4 integration (JIRA #2296).
- With 3scale toolbox, you can run commands to create, list, show, update and delete application plans (JIRA #2798).
- CLI Toolbox now include operations to enabled and to disable current application plans (JIRA #2437).
2.3. Resolved issues
- Dashboard stream and email notifications are filtered according to the admin member permissions (JIRA #629).
- Fixed the bootstrap reference in the Main layout template which causes an issue with OpenAPI Specification (JIRA #1067).
- Service settings are correctly copied and updated (JIRA #1537).
- Solved configuration issues in the UI for the IP check policy (JIRA #1692).
- APIcast correctly parses uppercase letters in the back-end url (JIRA #2540).
- Caching policy works as expected when combined with the batching policy (JIRA #2705).
IP Check policy can be applied on multiple
x-forwarded-forheaders (JIRA #2775).
With 3scale toolbox, now you can:
- You can see feedback in the Integration settings page when policies are not available (JIRA #2312).
- Integration Settings works properly when APIcast is not available (JIRA #2327).
- Fixed Oracle schema for deleted objects (JIRA #2298).
- Improvements in automatic suspension and deletion of tenants (JIRA #2132).
Updated name (
Developer Account - Applications) for member permissions (JIRA #2610).
- Zync correctly deletes accounts (JIRA #1346).
- Now the application page displays long metric names while keeping the layout, by adjusting line breaks (JIRA #1382).
- AJAX request for Service Discovery fetches credentials policy (JIRA #2254).
- Installation via operator works successfully with S3 storage (JIRA #2774).
Application update events do not trigger zync when
first*traffic_atfields are changed (JIRA #2072).
2.5. Technology Preview features
2.6. Known issues
- Pipeline examples from end-to-end solution for API lifecycle with 3scale toolbox are supported only on OCP 3.11 (JIRA #2583).
When you change the OpenID Connect Authorization Flow in 3scale, Zync does not update the Red Hat Single Sign-On (RH-SSO) clients of 3scale applications (JIRA #3025). To work around this issue, you have these alternatives:
- For existing applications, update 3scale application such as a change in the description: This will trigger an update that will modify the RH-SSO client for the application.
- Create a new application: This will create a new RH-SSO client with the correct authorization flows.
When importing or exporting application plan features and limits, modifying the exported YAML file is not supported (JIRA #2350).
- The sample pipelines and applications are provided as examples only. Any modifications that you make to the pipelines are not directly supported by Red Hat. The underlying APIs, CLIs, and interfaces leveraged by the sample pipelines are fully supported by Red Hat.
- When using 3scale toolbox from an OpenShift image, you cannot add custom certificates (JIRA #3102).
Makefileavailable to support customers migrating 3scale 2.5 to Redis Enterprise, and any other single-logical database Redis deployment.
Operator does not accept REDIS_STORAGE_SENTINEL_HOSTS and REDIS_QUEUES_SENTINEL_HOSTS in the
backend-redissecret when configuring 3scale HA using Redis Sentinels (JIRA #3258).
2.7. Changes in 3scale 2.6
2.7.1. Removed features
As OpenShift 4.x has removed wildcard routes, this feature is not available in 3scale 2.6. Instead, routes are created automatically with Zync. For more details about route creation, see the following documentation:
- In 3scale 2.6, Oracle database with OpenShift 4.1 is not supported.
- As announced in 3scale 2.5, compatibility with Microsoft Internet Explorer 11 (IE11) is not supported from 2.6.
2.7.2. Deprecated and removed features
- Adyen payment gateway. In 3scale 2.6 it is removed but still supported for the existing configurations. For current installations where the accounts have their billing configured to use Adyen, it will keep visible and working. Users using another payment gateway will not be able to choose or see Adyen.
2.7.3. Future changes
- The installation process is changing from template-based to operator-based. In this release we are introducing support for installing 3scale using the 3scale operator. In future releases we are planning on introducing support for upgrade-based operator and also for capabilities regarding service provisioning.