You're viewing Apigee Edge documentation.
Go to the
Apigee X documentation. info
The following sections describe the known issues with Apigee. In most cases, the issues listed will be fixed in a future release.
Miscellaneous Edge known issues
The following sections describe miscellaneous known issues with Edge.
Area | Known issues |
---|---|
Cache expire results in incorrect cachehit value |
When the Workaround: Repeat the process (make second call) again right after the first call. |
Setting InvalidateCache Policy
PurgeChildEntries to true does not work correctly |
Setting Workaround: Use the KeyValueMapOperations policy to iterate cache versioning and bypass the need for cache invalidation. |
Known issues with the Edge UI
The following sections describe the known issues with the Edge UI.
Area | Known issues |
---|---|
Can't access Edge SSO Zone Administration page from navigation bar after organization is mapped to an identity zone | When you connect an organization to an identity zone, you can no longer access the Edge SSO Zone Administration page from the left navigation bar by selecting Admin > SSO. As a workaround, navigate to the page directly using the following URL: https://apigee.com/sso |
Known issues with the integrated portal
The following sections describe the known issues with the integrated portal.
Area | Known issues |
---|---|
SmartDocs |
|
SAML identity provider | Single logout (SLO) with the SAML identity provider is not supported for custom domains. To enable a custom domain with a SAML identity provider, leave the Sign-out URL field blank when you configure SAML settings. |
Portal admin |
|
Portal features |
|
Known issues with Edge for Private Cloud
The following sections describe the known issues with Edge for Private Cloud.
Area | Known issues |
---|
4.53.00 Edge-router functionality |
The Component affected: Edge-router Issue: These issues may be caused due to errors in setting capabilities during the installation of Workaround: You can manually set capabilities by executing the following command: setcap CAP_NET_BIND_SERVICE=+ep CAP_KILL=+ep /opt/nginx/sbin/nginx |
4.53.00 SSO and new UI installation |
This issue affects users attempting to install SSO or the new UI on FIPS-enabled RHEL 8 on Edge for Private Cloud 4.53.00. Component affected: SSO and new UI Issue: If you are installing SSO or the new UI on FIPS-enabled RHEL 8 operating system, the installation fails. Workaround: You are encouraged to use the Classic UI, which is feature-complete and meets the UI functionality needs. |
Edge for Private Cloud 4.52.01 Mint update |
This issue affects only those who are using MINT or have MINT enabled in Edge for Private Cloud installations. Component affected: edge-message-processor Issue: If you have monetization enabled and are installing 4.52.01 as a fresh install or upgrading from previous Private Cloud versions, you will encounter an issue with message processors. There will be a gradual increase in open thread count leading to resource exhaustion. The following exception is seen in edge-message-processor system.log: Error injecting constructor, java.lang.OutOfMemoryError: unable to create new native thread |
Apigee HTTP/2 vulnerability | A Denial-of-Service (DoS) vulnerability was recently discovered in multiple implementations of the HTTP/2 protocol (CVE-2023-44487), including in Apigee Edge for Private Cloud. The vulnerability could lead to a DoS of Apigee API management functionality. For more details, see Apigee Security Bulletin GCP-2023-032. The Edge for Private Cloud router and management server components are exposed to the internet and can potentially be vulnerable. Although HTTP/2 is enabled on the management port of other Edge-specific components of Edge for Private Cloud, none of those components are exposed to the internet. On non-Edge components, like Cassandra, Zookeeper and others, HTTP/2 is not enabled. We recommend that you take the following steps to address the Edge for Private Cloud vulnerability:
Follow these steps if you are using Edge Private Cloud versions 4.51.00.11 or newer:
Follow these steps if you are using Edge for Private Cloud versions older than 4.51.00.11:
|
Postgresql upgrade when updating to version 4.52 | Apigee-postgresql is having issues with upgrading from Edge for Private Cloud version 4.50 or 4.51 to version 4.52. The issues mainly occur when the number of tables is greater than 500. You can check the total number of tables in Postgres by running the SQL query below: select count(*) from information_schema.tables Workaround: When Updating Apigee Edge 4.50.00 or 4.51.00 to 4.52.00, be sure to perform the preliminary step before upgrading Apigee-postgresql. |
apigee-mirror on RHEL 8.0 |
Workaround:
As a workaround, install |
LDAP policy | 149245401: LDAP connection pool settings for JNDI configured through the LDAP resource are not reflected, and JNDI defaults cause single-use connections each time. As a result, connections are being opened and closed each time for single use, creating a large number of connections per hour to the LDAP server. Workaround: In order to change the LDAP connection pool properties, do the following steps to set a global change across all LDAP policies.
To verify that your connection pool JNDI properties are taking effect, you can perform a tcpdump to observe the behavior of the LDAP connection pool over time. |
High Request Processing Latency | 139051927: High proxy processing latencies found in the Message Processor are affecting all API Proxies. Symptoms include 200-300ms delays in processing times over normal API response times and can occur randomly even with low TPS. This can occur when than more than 50 target servers in which a message processor makes connections. Root cause: Message processors keep a cache that maps target server URL to HTTPClient object for outgoing connections to target servers. By default this setting is set to 50 which may be too low for most deployments. When a deployment has multiple org/env combinations in a setup, and have a large number of target servers that exceed 50 altogether, the target server URLs keep getting evicted from cache, causing latencies. Validation: To determine if target server URL eviction is causing the latency problem, search the Message Processor system.logs for keyword "onEvict" or "Eviction". Their presence in the logs indicate that target server URLs are getting evicted from the HTTPClient cache because the cache size is too small. Workaround:
For Edge for Private Cloud versions 19.01 and 19.06, you can edit and configure the HTTPClient
cache, conf/http.properties+HTTPClient.dynamic.cache.elements.size=500 Then restart the message processor. Make the same changes for all message processors. The value 500 is an example. The optimal value for your setup should be greater than the number of target servers that the message processor would connect to. There are no side effects from setting this property higher, and the only affect would be an improved message processor proxy request processing times.
Note: Edge for Private Cloud version 50.00 has the default setting of 500. |
Multiple entries for key value maps | 157933959: Concurrent inserts and updates to the same key value map (KVM) scoped to the organization or environment level causes inconsistent data and lost updates. Note: This limitation only applies to Edge for Private Cloud. Edge for Public Cloud and Hybrid do not have this limitation. For a workaround in Edge for Private Cloud, create the KVM at the
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-11-27 UTC.