4.16.01 - Edge for Private Cloud release notes

On Thursday, March 24, 2016, we released a new version of Apigee Edge for Private Cloud.

Since the previous Edge for Private Cloud quarterly release (4.15.07.00), the following releases have occurred and are included in this Feature Release:

See About release numbering to understand how you can figure out whether a specific cloud release is included in your version of Edge for Private Cloud.

Deprecations

Private Cloud 4.15.07.03

API Description
QPID queue check You can no longer use an API to check QPID queues
You can no longer check for queues that are created on the QPID Server by issuing the following CURL commands:
curl http:// <qpid_IP>:8083/v1/servers/self/queues
That API has been deprecated.

Analytics: Custom Reports Dashboard view of multiple reports (Cloud 15.09.30)

The specific Custom Reports Dashboard feature that provides a view of up to four custom reports is being deprecated and will be removed in a future release. (MGMT-2673). All other aspects of custom reports will still be available.

Cannot override org name length in Private Cloud

You can no longer override organization name length of 20 characters by setting:

  • APIGEE_ORG_NAME_LENGTH=25
    
  • APIGEE_ENV_NAME_LENGTH=25
    

New features and enhancements

Following are the new features and enhancements in this release. In addition to the following enhancements, this release also contains multiple usability, performance, security, and stability enhancements.

Private Cloud

Support added for RedHat, CentOS, and Oracle 6.7 - 7.2

This release adds support for RedHat Enterprise Linux, CentOS, and Oracle Linux versions 6.7 through 7.2.

For a complete list of system requirements, see Supported software and supported versions.

RPM-based install

This release of Edge uses an RPM-based install mechanism which greatly simplifies the installation and migration procedures.

New base directory

The directory structure for version Edge 4.16.01 has changed. In previous releases of Edge, you installed Edge into the base directory:

/<install-dir>/apigee4

Where install-dir could be located anywhere, with a default of /opt. For example:

/opt/apigee4

For version 4.16.01, you must install Edge into the following directory:

/opt/apigee

Notice also that the apigee4 directory has been changed to apigee.

The location of your data directory is not affected. It can be under /opt/apigee, or it can be located elsewhere.

New virtual host requirement

The Edge migrate script handle most of the tasks required to migrate an existing Netty Router to Nginx. However, as part of upgrading, you must also ensure that all of your virtual host definitions include a host alias before you migrate.

See the Edge Installation Guide, available on the Apigee ftp site: ftp://ftp.apigee.com/, for information on how to add a host alias to an existing virtual host for more.

Code with config

In Edge version 4.16.01, you no longer use .properties files under the /<install-dir>/apigee4/conf directory to configure Edge components. As of 4.16.01, you still configure Edge components by using .properties files, but they are now located in the directory:

/opt/apigee/customer/application

For each Edge component installed on a node, there will be a .properties file in that directory. To configure a component, edit the corresponding .properties file to either change the value of an existing property, or add a new property and value. If the file does not exist already, you can create it.

Unlike previous versions of Edge, the .properties files for Edge 4.16.01 do not contain all the properties for a component. One of the changes for this release is that the .properties files only contain overrides to default property values.

The benefit of this architecture is that on an migration to a later version of Edge, the Edge installer never overwrites the files in /opt/apigee/customer/application. That eliminates the chance of Edge accidentally overwriting your settings.

On a migrate, the Edge installer examines your existing .properties files and copies changes to default property values to the /opt/apigee/token directory. Therefore, you should not have to make any edits after the migrate.

For more, see the Apigee Edge Operations Guide, available on the Apigee ftp site: ftp://ftp.apigee.com/.

Edge configuration scripts have been replaced

The configuration scripts that you used in previous releases of Edge have been removed and replaced by either:

  • Commands that you run through Apigee utilities, such as the apigee-service, apigee-all, apigee-setup, apiee-provision, or apigee-migrate utilities.
    For example, the all-start.sh and all-stop.sh scripts have been replaced by the following commands:
    > /opt/apigee/apigee-service/bin/apigee-all start
    > /opt/apigee/apigee-service/bin/apigee-all stop
  • Commands that you run on the Edge components directly. For example, in previous releases you used the chpasswd-openldap.sh script used to change the OpenLDAP password. That script has been replaced by the following command that you run on the apigee-openldap component:
    > /opt/apigee/apigee-service/bin/apigee-service apigee-openldap change-ldap-password -o oldPword -n newPword

See the Apigee Edge Operations Guide, available on the Apigee ftp site: ftp://ftp.apigee.com/, for more on how you now perform configuration through commands.

New Edge Router

This release of Edge for the Private Cloud includes a new router architecture based on the Nginx Router. The Nginx Router replaces the Netty Router used in Edge releases previous to 4.16.01.

The Nginx Routers has the same hardware and port requirements as the Netty Router, so no changes to existing nodes are required.

For more, see Appendix A: About the Nginx Router, in the Edge Installation Guide, available on the Apigee ftp site: ftp://ftp.apigee.com/,

BaaS load balancer removed

The internal load balancer has been removed from the API BaaS portal. Now, you must use your own load balancer between the API BaaS Portal and the three API BaaS Stack nodes.

As an alternative to a load balancer, you could use round-robin DNS. In this scenario, you create a DNS entry with multiple A records corresponding to BaaS stack IP addresses. During a DNS lookup, the DNS server automatically returns A record values in a round robin fashion.

New documentation describing how to add Cassandra and ZooKeeper nodes, and how to add a data center to an existing data center

The documentation ZIP file on the Apigee ftp site now contains "Scaling Edge for Private Cloud" describing how to add Cassandra and ZooKeeper nodes, and how to add a data center to an existing data center.

Orgtool removed

The orgtool could query an Edge installation to get information about an organization. That tool has now been removed. You now use the Edge UI or API calls to get information about the organization.

How to perform tasks in 4.16.01

The following table shows how you performed tasks in 4.15.07.03 and how you perform them now in 4.16.01. For more, see the Edge Operations Guide, available on the Apigee ftp site: ftp://ftp.apigee.com/.

Task 4.15.07.0x 4.16.01

Installation dir

/<inst_dir>/apigee4 /opt/apigee

Log dir

/<inst_dir>/apigee4/var/log /opt/apigee/var/log/comp

Install component

/<inst_root>/apigee4/share/installer/apigee-setup.sh -p comp -f configFile

/opt/apigee/apigee-setup/bin/setup.sh -p component -f configFile

All start, stop, restart, status, version

/<inst_root>/apigee4/bin/all-start.sh
/<inst_root>/apigee4/bin/all-stop.sh
/<inst_root>/apigee4/bin/all-status.sh
/<inst_root>/apigee4/bin/check.sh

/<inst_root>/apigee/apigee-service/bin/apigee-all start|stop|restart|status|version

Comp start, stop, restart, status, version

/<inst_root>/apigee4/bin/apigee-service comp start|stop|restart|status

/<inst_root>/apigee/apigee-service/bin/apigee-service comp start|stop|restart|status|version

Backup/restore

/<inst_root>/apigee4/bin/backup.sh
/<inst_root>/apigee4/bin/restore-comp.sh

/<inst_root>/apigee/apigee-service/bin/apigee-service comp backup

/<inst_root>/apigee/apigee-service/bin/apigee-service comp restore

Test install

/<inst_root>/apigee4/test/test-sa.sh

  1. /opt/apigee/apigee-service/bin/apigee-service apigee-validate install
  2. /opt/apigee/apigee-service/bin/apigee-service apigee-validate setup

Onboard

/<inst_root>/apigee4/bin/setup-org.sh

  1. /opt/apigee/apigee-service/bin/apigee-service apigee-provision install
  2. /opt/apigee/apigee-service/bin/apigee-service apigee-provision setup-org -f configFile

Add org, env, virtual host in one step

/<inst_root>/apigee4/bin/setup-org.sh

/<inst_root>/apigee/apigee-service/bin/apigee-service apigee-provision setup-org -f configFile

Add org

/<inst_root>/apigee4/bin/create-org.sh

/<inst_root>/apigee/apigee-service/bin/apigee-service apigee-provision create-org -f configFile

Add env

/<inst_root>/apigee4/bin/add-env.sh

/<inst_root>/apigee/apigee-service/bin/apigee-service apigee-provision add-env -f configFile

Add user

API call

API call or:

/<inst_root>/apigee/apigee-service/bin/apigee-service apigee-provision create-user -f configFile

Migrate

/<install_root>/apigee4/share/installer/apigee-upgrade.sh -c comp

  1. /opt/apigee/apigee-service/bin/apigee-service apigee-migrate install
  2. /opt/apigee/apigee-migrate/bin/migrate.sh -c cs,zk -f configFile

Alpha release of the Monitoring Tool and Dashboard

Included in this release is an Alpha version of the new monitoring tool and dashboard for Edge. This tool allows you to understand the health of various components (Routers, Message Processors, ZooKeeper, Cassandra) as well as http error codes for various orgs and environments in your deployment. You can also take to snapshot of your dashboard data and share it with Apigee to help resolve support incidents.

The documentation, including the install instructions, is included in the ZIP file of the Edge 4.16.01 doc available on the Apigee ftp site: ftp://ftp.apigee.com/.

However, before you can install and use the dashboard, you must complete the Apigee Evaluation Agreement included in the doc ZIP file, and return it to Apigee by emailing it to orders@apigee.com.

Edge Platform

Management UI restyling (Cloud 15.09.30)

Multiple pages in the management UI have gotten a look-and-feel update. (MGMT-2627)

API Services

Redesigned API proxy wizard (Cloud 16.01.20)

The API proxy wizard has been redesigned. When you click "+ API Proxy" on the API Proxies page in the management UI, the new wizard guides you through the API proxy creation process. All the same settings as the previous API proxy wizard are available. (MGMT-1376)

Create API proxies with OpenAPI (Swagger) documents (Cloud 16.01.20)

As part of the new API proxy wizard redesign, you can now create an API proxy from a OpenAPI (Swagger) document. On the first page of the API proxy wizard, click Use OpenAPI when selecting Reverse Proxy, Node.js App, or No Target. In the field that appears, enter the URL to your OpenAPI document. For more information, see Build a simple API proxy. (MGMT-1376)

WSDL 1.2 support for SOAP proxies (Cloud 16.01.20)

Apigee Edge supports WSDL 1.2 in creating API proxies to call SOAP services. (MGMT-2835)

SSLInfo variables in TargetEndpoint configurations (Cloud 16.01.20)

In an API proxy TargetEndpoint, you can dynamically set SSL/TLS details to support flexible runtime requirements. In the following example of how SSLInfo would be set in a TargetEndpoint configuration, the values can be supplied at runtime by a Java Callout, a JavaScript policy, or an Assign Message policy. Use whichever message variables contain the values you want to set.

<TargetEndpoint>
...
  <SSLInfo>
    <Enabled>{myvars.ssl.enabled}</Enabled>
    <ClientAuthEnabled>{myvars.ssl.client.auth.enabled}</ClientAuthEnabled>
    <KeyStore>{myvars.ssl.keystore}</KeyStore>
    <KeyAlias>{myvars.ssl.keyAlias}</KeyAlias>
    <TrustStore>{myvars.ssl.trustStore}</TrustStore>
  </SSLInfo>
...
</TargetEndpoint>

This feature is covered in the following docs:

(APIRT-1475)

RSA_SHA256 algorithm support for SAML assertion policies (Cloud 16.01.20)

The SAML assertion policies now support the RSA_SHA256 algorithm in addition to RSA_SHA1. (APIRT-1779)

Validation on certificate uploads (Cloud 16.01.20)

To help prevent the uploading of expired or invalid certificates to keystores and truststores, the management API validates certificates on upload. Certificates are validated to ensure that the size of the file is not larger than 50KB and that the format is either PEM or DER. Certificate expiry is also validated. To override the default expiry validation (to not validate for certificate expiration on upload), use the following query parameter: ?ignoreExpiryValidation=true

For more information, see Upload a JAR file to a Keystore and Upload a Certificate to a Truststore. (SECENG-516) and (APIRT-2213)

Auto-polling on Node.js Logs page (Cloud 16.01.20)

When viewing Node.js logs from the proxy editor, the Node.js Logs page is automatically refreshed periodically to list new logs that are available. Click "Stop Auto Refresh" to turn off auto-refresh. (MGMT-1692)

X-Forwarded-For HTTP header (Cloud 15.09.30)

For stronger security, Edge by default strips the X-Forwarded-For HTTP request header that may contain one or more IP addresses. The new default behavior means the client IP address received by Edge will be the the IP address it received from the last external TCP handshake, not an address that could potentially be spoofed to bypass the Access Control policy.

To change this default behavior and allow X-Forwarded-For addresses to reach your API proxies, you must set the property feature.enableMultipleXForwardCheckForACL=true in your organization.

JavaScript access to policy properties (Cloud 15.07.08)

When using JavaScript in API proxy flows, you can access properties defined in the JavaScript policy. This is particularly useful if you want to use well-known variables in your JavaScript code. For example, say your JavaScript policy contained the following property definition:

<Properties>
    <Property name='source'>response.content</Property>
</Properties>

In your JavaScript, you could access the message response with a reference to the 'source' property, like this:
var source = properties.get('source'); // returns: response.content
or
var source = properties.source
or
var source = properties['source']

For more information, see JavaScript policy. (APIRT-1460)

Organization-level audits (Cloud 15.07.08)

Organization Administrators can audit the history of actions taken at the organization level. In the management UI, select Admin > Organization History. For more information, see Audits: API, Product, and organization history. (MGMT-2232)

Organization administrator self-removal from role (Cloud 15.07.08)

Organization administrators can remove themselves from the Organization Administrator role in the management UI by going to Admin > Organization Users and clicking Remove next to their name. (MGMT-934)

API proxy bundle import progress indicator (Cloud 15.07.08)

When uploading a large API proxy bundle in the management UI, a "working" animation is displayed to indicate the import is still occurring, which keeps you from interacting with the management UI until the import is complete. (MGMT-1285)

Cache behavior and configuration (Cloud 15.07.22)

For better in-memory cache management and utilization, the "Maximum Elements in Memory" settings on environment cache resources has been deprecated as of Edge cloud release 15.06.10. In Edge Cloud release 15.07.22, this setting has been removed from the Create Cache UI in the Environment Configuration part of the Apigee Edge management UI.

The total elements present across all cache resources (including the default cache) depends on the total memory allocated to the cache. By default, the total memory allocated for in-memory caching on a given message processor is 40% of the total memory available. Elements will be evicted from in-memory cache only when there is insufficient cache memory or the elements expire. (MGMT-2413, APIRT-1140)

Target Server configuration in management UI (Cloud 15.07.22)

The APIs > Environment Configuration page in the management UI now lets you add, edit, and delete target servers.

In addition, the page has been redesigned so that caches can also be created, added, and deleted inline rather than going to a new page. Several cache properties, including "Maximum Elements in Memory", are no longer available in the UI, as setting these properties no longer has any effect on runtime cache behavior. (MGMT-280)

SSL with message logging to syslog (Cloud 15.07.22)

The Message Logging policy supports sending syslog to third-party log management providers over SSL/TLS. Use the following in the policy configuration as a direct child of the parent element:

<SSLInfo>
    <Enabled>true</Enabled>
</SSLInfo>

For more information, see Message Logging policy. (APIRT-942)

Management UI (Cloud 15.07.22)

Apigee engineering made various small bug fixes and usability enhancements in the management UI.

cURL in Trace (Cloud 15.09.02)

When tracing an API proxy call that makes a request to a target server, you can view the request to the target server as a cURL command. Select the "Request sent to target server" stage in the Transaction Map diagram, then click the "Show Curl" button on the "Request sent to target server" column in the Phase Details pane. (MGMT-2589)

Data masking special characters (Cloud 15.09.02)

When using data masking to mask sensitive data in JSON payloads, special characters such as $, *, and { can now be masked. (APIRT-1727)

Key Value Maps in the management UI (Cloud 15.09.30)

You can now create and manage environment-scoped Key Value Maps (KVMs) in the Edge management UI. Environment-scoped KVMs contain key/value pairs that are accessible by any API proxy in an environment, such as test or prod. In the management UI menu, go to APIs > Environment Configuration > select the environment you want > Key Value Maps tab. For more information, see Creating and editing environment key value maps. (MGMT-1393)

PopulateCache policy default expiration in management UI (Cloud 15.09.30)

When adding a PopulateCache policy with the API proxy editor, the <TimeoutInSec> element for cache expiration is pre-populated with a value of 3600 seconds (1 hour). The previous default was 300 seconds (5 minutes). (MGMT-2622)

Developer Services

API product page performance, no developer apps listed (Cloud 16.01.20)

When viewing an API product in the management UI, the developer apps associated with that product are listed. To improve UI performance, the list of developer apps is not shown when editing the API product. (MGMT-2869)

Key column on Developer Apps page (Cloud 15.08.05)

In organizations with a large number of developer apps (thousands), displaying the Key column on the Developer Apps page (shows the number of keys per app) can hamper display performance. To improve display performance in this situation, contact Apigee Support to set the following organization-level property: features.appsNoCredentialsEnabled = true. This property removes the Key column. Note, however, that removing the Key column also removes the ability to search by consumer key and secret. (MGMT-2486)

Developer Details page progress spinner (Cloud 15.09.30)

When the Developer Details page is loaded in the management UI, the Apps section of the page shows a progress spinner if apps are still being loaded. This enhances the previous behavior where the Apps section appeared empty while loading apps. (MGMT-2667)

Monetization

Edit API package names (Cloud 16.01.20)

You can update the name of an API package at any point during the monetization lifecycle, even when the API package contains a published rate plan. (DEVRT-2177)

Decimals allowed in custom attributes (Cloud 16.01.20)

When using a "Rate Card with Custom Attribute" plan, the custom attribute in the message header that is used as a multiplier for the transaction can now be a decimal value of up to four decimal places. For more information on this type of plan, see http://docs.apigee.com/monetization/content/specify-rate-card-custom-attribute-details. ( DEVRT-2191)

Rate Plan name and ID in summary reports (Cloud 15.09.02)

When generating a summary revenue report with the management API, you can add "Rate Plan" name and rate "Plan ID" columns to the report. To do this, add "RATEPLAN" as a groupBy attribute in the API call, as described in Create reports. (Note that this feature is not yet available in the monetization report UI.) In detail reports, the existing rate plan name and ID columns are now located near the front of the report along with the other grouping columns. (DEVRT-1740)

Analytics Services

sum( ) function on response time metrics (Cloud 16.01.20)

In analytics custom reports and API calls, the "sum" aggregate function is now available for Target Response Time, Total Response Time, and end_point_response_time. For example, in the /stats API (http://docs.apigee.com/management/apis/get/organizations/%7Borg_name%7D/environments/%7Benv_name%7D/stats/%7Bdimension_name%7D-0), you can now use the following "select" query parameter: ?select=sum(total_response_time). (AXAPP-2006)

Latency Analysis report: API proxy names sorted (Cloud 16.01.20)

In the Latency Analysis report UI (Apigee Edge enterprise plans only), the API proxies are listed alphabetically in the Proxy drop-down list. (MGMT-2858)

Developer Apps on dashboard shown by display name (Cloud 16.01.20)

On the management UI dashboard, the Developer Apps bar chart lists developer apps by display name rather than internal name. (MGMT-2853)

New date/time widget on custom reports (Cloud 16.01.20)

The date/time picker widget on a custom reports page in the management UI has been enhanced. (MGMT-2881)

City drilldown on GeoMap (Cloud 15.07.22)

The analytics GeoMap includes a "City" drilldown for the United States and Canada. When you click a state or province on the map, a list of cities where calls originated is displayed. (MGMT-2282)

| (pipe) and = characters in analytics custom reports (Cloud 15.09.02)

Analytics custom report definitions support the use of | (pipe) and = symbols. Prior to this, %7C and %3D encoding needed to be used for those symbols. (MGMT-2504)

Proxy Path Suffix dimension (Cloud 15.09.30)

A new Proxy Path Suffix (proxy_pathsuffix) dimension is available in analytics Custom Reports and API calls. Proxy path suffix is the part of an API proxy URL that comes after the base path, such as the path created for conditional flows. (AXAPP-1902)

Reports show developer IDs not display names (Cloud 15.09.30)

When making Edge analytics API calls with the /stats API that returns developers, the developer display name is returned along with developer ID. Previously, only developer ID was returned. (AXAPP-1759)

Bugs fixed

The following bugs are fixed in this release.

Private Cloud 4.16.01

The following table lists the bugs fixed since the Edge for Private Cloud 4.16.01 release. To obtain these fixes, follow the instructions to update your 4.16.01 installation to the latest RPMs and support files as described in Update Apigee Edge 4.16.01.x to latest 4.16.01 release.

Issue ID Description Build number
PRC-736

apigee-lib no longer requires GCC

apigee-lib-4.16.01-0.0.901
PRC-735

apigee-validate no longer fails because Yahoo Weather API requires Oauth

apigee-validate-4.16.01-0.0.910
PRC-739

Allow users to extract mirror under any file system folder

apigee-mirror-4.16.01-0.0.904
PRC-756

BaaS Usergrid check_cassandra_availability.sh no longer uses the nc command

baas-usergrid-2.1.0-0.0.112
PRC-778

Zookeeper cluster information no longer lost after upgrade

apigee-migrate-4.16.01-0.0.873
PRC-787

API BaaS now supports Cassandra Authentication

baas-usergrid-2.1.1-0.0.122
PRC-804

Can now specify location of log files

apigee-service-4.16.05-0.0.435
PRC-840

Broken symlinks for Edge components

edge-gateway-4.16.01-0.0.538

EDGEUI-538
EDGEUI-524

Soap Proxy Generation Hanging for WSDL import/ Issue generating an API proxy from a WSDL

edge-ui-4.16.01-0.0.3650
EDGEUI-543

Unable to import WSDL from URL option when URL is a local address

edge-ui-4.16.01-0.0.3650
APIRT-2719
APIRT-2918

target.url is now getting set when making target callouts

edge-gateway-4.16.01-0.0.538

Cloud 16.01.20

Issue ID Description
MGMT-2964 New proxy editor does not accept comments inside Flows tag
MGMT-2957 Adding a new pod to an org returns the deployment status of the bundle as error for routers in the new pod
MGMT-2937 Insufficient Permissions errors with custom roles
MGMT-2875 WSDL SOAP generation has incorrect headers for SOAP 1.2
MGMT-2739 Developer Apps report, Analytics tab doesn't show anomaly graph
MGMT-2735 Refreshing Node.js logs never completes/stops
MGMT-2734 Save button doesn't get enabled after any error while trying to save a deployed bundle
MGMT-2729 Updating port for TargetServer in the UI wipes out SSLInfo
MGMT-2702 Cross-site security vulnerability for Firefox and IE
Fixed a security vulnerability that could happen because of FireFox and IE vulnerabilities that improperly allow cross-site requests.
MGMT-2681 Proxy Editor: When using a Regex match in the Condition, the Flow Navigator does not show the verb
MGMT-2361 Deployment of proxies fails with RPCException: Call timed out
MGMT-1662 API proxy deployment fails during Apigee Public Cloud releases
DEVRT-2286 sync-organization Monetization API is broken
The API used to synchronize Apigee Edge data with monetization has been fixed with the latest refresh of the 16.01.20 release.
DEVRT-2173 Need to rename the Package but unable to edit because of active rate plan
DEVRT-1661 Developer is blocked for making API requests before rate plan start date, but block is never released
If an API developer accepted a monthly flat, volume-banded, or bundle rate plat that starts at a future date, and then sends API requests before the specified start date, the API developer is blocked from making further requests. Once the rate plan start date is reached, the block is now released.
DEVRT-1643 Draft rate plan corrupted after it is saved
AXAPP-1991 OptOut of Apigee Analytics Summary and emails don't stop
AXAPP-1946 Analytics cleanup not releasing disk space
AXAPP-1708 Analytics API appears to produce different numbers for the same statistic depending on how I ask
AXAPP-1293 Non-existing Developer App names in Analytics Summary email
APIRT-2518 Problems connecting to https backend with JavaScript policy
APIRT-2398 Invalid/expired authorization code counted as Apigee error
APIRT-2397 steps.assignmessage.SetVariableFailed counted as Apigee error
APIRT-2396 IllegalArgumentException, ArrayIndexOutofBoundsException in OAuth counted as Apigee error
APIRT-2362 JavaScript compilation error
APIRT-2322 Invalid Client ID incorrectly reported as Apigee error
APIRT-2159 Add message_id to the logging prefix
APIRT-2145 High failure of transactions for Facebook API
Validation for header values starting with ':' has been removed.
APIRT-2137 MP: Chunked transfer encoding and 205 with content length 0
APIRT-2124 Nginx router does not update the MP pool for newly added MPs
APIRT-2117 Message Logging policy not respect DNS updates
APIRT-2110 Only one X-Forwarded-For header is passed on by router
APIRT-2062 Response cache doesn't work correctly when SkipCacheLookup condition is met
APIRT-2061 Message processor not pushing messages to QPID
APIRT-2052 High number of CLOSE_WAITs due to management port not responding
APIRT-2024 Nginx without a load balancer is not properly populating X-Forwarded-For HTTP headers
X-Forwarded-For deprecation notice added to the 150930 release notes and the Access Control policy.
APIRT-1933 Proxy-specific classloaders still delegate to MP classloader
APIRT-1877 Unable to mask XML responses that have namespaces
APIRT-1838 Apigee-127: VerifyAPIKey returns only one API product when multiple products exist
APIRT-1827 Low concurrent streaming limit observed
APIRT-1820 Intermittent latency (> 1%) in 4.15.04 Private Cloud environment
APIRT-707 NPE during runtime if the <GenerateResponse> element is in the VerifyAccessToken policy

Cloud 15.07.08

Issue ID Description
MGMT-2381 Unable to deploy proxies using the new proxy editor
MGMT-2374 Space in BasePath element should be trimmed before saving the ProxyEndpoint
MGMT-2355 UI does not correctly calculate permissions for multiple roles if one role is orgadmin
MGMT-2324 Importing a Swagger model produces incorrect SmartDocs nodes
MGMT-1518 UI shows proxy as deployed even though deployment failed on MPs
MGMT-1489 API Product not generating correct resources
DOC-1246 Contradicting statement in the docs about access tokens
DEVRT-1661

NextRecurringFeeDate is empty when developer accept feature rate plan
If a developer accepted a monthly flat, volume banded, or bundle rate plan that starts at a future date, made a couple of API calls on the rate plan before the start date, and was then blocked from making calls (expected behavior), the developer was not automatically unblocked when the rate plan went into effect. This issue has been fixed.

Cloud 15.07.22

Issue ID Description
TBD-73 Static IP for Inbound traffic to Apigee
MGMT-2422 Unable to edit company app
MGMT-2419 User belonging to 'User' role gets permission errors on login
MGMT-2341 Custom report filter incorrectly builds query
MGMT-2207 JSONThreatProtection - ArrayElementCount does not work if the contained element is non-primitive
In the JSON Threat Protection policy, the ArrayElementCount element wasn't accurately limiting the number of items allowed in arrays. This issue has been fixed.
MGMT-2158 Cannot import WSDL if output references a part with no type

Cloud 15.08.05

Issue ID Description
multiple A number of small bugs were fixed in the API proxy editor.

Cloud 15.09.02

Issue ID Description
multiple A number of small bugs were fixed in the API proxy editor.
MGMT-2618 Frequent deployment problems
MGMT-2588 Developers history page executes html/code -- XSS persistence vulnerability
MGMT-2543 New proxy editor modifies XML in the <Payload> of AssignMessage policy, which breaks existing API proxies
MGMT-2521 Trace session hangs at times
MGMT-2519 Environment Configuration UI not working
AXAPP-1814 Custom variables (Statistics Collector policy) are not getting created in prod when zk curator is turned on
APIRT-1927 Invalid virtual host causes the router to not load config for the env
APIRT-1863 Deployment failure due to a white space in the bundle
APIRT-1823 API calls with POST bodies containing & (ampersand) characters hang
APIRT-1789 Message processors for certain orgs experiencing out-of-memory errors
APIRT-1776 Calling "print" in JavaScript policies causes excessive logging
APIRT-1766 Timeouts on WebSockets
APIRT-1600 ConcurrentModificationException in router
Router logs showed multiple instances of ConcurrentModification in the logs on a regular basis. The reason for this was connections were being added to the reaper list while the reaper was removing older connections. This issue has been fixed.
APIRT-1491 503 service unavailable exception
APIRT-1421 JavaCallout policies intermittently taking long times to process
DEVRT-1843 Mint UI should support updating custom attributes in TRP better
DEVRT-1472 Updating developer resulted in 500 server error

Cloud 15.09.30

Issue ID Description
MGMT-2687 Custom Reports freeze the browser with more than 14K dimensional elements
MGMT-2677 Monetization: Developers page in management UI freezes with thousands of developers and pagination isn't enabled on an org
MGMT-2674 Edge UI tries to download from Internet at user login
MGMT-2658 OPDK version dependent Management Server UI issues on upgrading Revision of API Proxy
MGMT-2616 New API proxy editor does not handle XML entities correctly
MGMT-2541 External Authentication System ID added as sysadmin with + in password is broken
MGMT-2510 Dropdown not showing all developers belonging to the org
MGMT-2508 Broken-link icon on policies shown inaccurately
MGMT-2334 Unable to access resources from second proxy endpoint
MGMT-1967 Developer Apps with the same Display Name shows same Traffic in analytics
DEVRT-1839 Monetization: Country select list in management UI are sorted incorrectly
AXAPP-1887 Filter conditions not working as per documentation
AXAPP-1869 Removing a user from an org should unsubscribe them from analytics emails
AXAPP-1533 Analytics Geomap throws "Invalid API Call" error
APIRT-2061 Message processor not pushing messages to QPID
APIRT-2052 High number of CLOSE_WAITs due to management port not responding
APIRT-2024 Nginx without a load balancer is not properly populating X-Forwarded-For HTTP headers
APIRT-1838 Apigee-127: VerifyAPIKey returns only one API product when multiple products exist

Private Cloud 4.15.07.03

Issue ID Description
APIRT-1600 ConcurrentModificationException in Router logs
APIRT-1734 Zero downtime resource file updates at org/env level
APIRT-1820 Intermittent latency (> 1%) in 4.15.04 Private Cloud environment
APIRT-2159 Add message_id to the logging prefix
APIRT-2160 Exclude the SSL handshake from request_processing_latency in analytics data
AXAPP-1882 Consumer watcher thread connects to wrong queue in active/active deployment
AXAPP-1946 Data moves to parent fact table instead of child fact table when in timezone other than UTC
MGMT-1590 Fixed a security vulnerability
MGMT-1662 Deployment fails during release
MGMT-2361 Deployment of proxies fails with RPCException: Call timed out
MGMT-2397 Code view is not parsing end of line characters correctly
MGMT-2466 Cluster check against Message Processor shows non-reachable Router as CONNECTED member
OPDK-1981 backup-cassandra.sh does not backup the system keyspace
OPDK-1982 apigee-upgrade.sh needs to check Cassandra SSTable version before upgrade

Private Cloud 4.15.07.01

Issue ID Description
OPDK-1927 Monetization upgrade missing tables; duplicate indexes being created
OPDK-1878 Changing the gateway POD name in setup causes issues
OPDK-1886 Node cannot access local IP addresses such as 192.168.x.y
MGMT-2521 Trace session hangs at times
MGMT-2543 New proxy editor modifies XML in the <Payload> of AssignMessage policy, which breaks existing API proxies
MGMT-2599 New Proxy Editor restores namespace prefix after you delete it
MGMT-2702 Cross-site security vulnerability for FireFox and IE
APIRT-1074 Gzipped content not handled properly when Connection: Close header is sent without Content-Length or Transfer-Encoding headers

Known issues

This release has the following known issues.

Issue ID Description
APIRT-2742 Edge JMX integration is not available with Edge for Private Cloud 4.16.01 with the introduction of the Nginx server that replaced the Netty router.
APIRT-2978

Router fails to start Nginx or Router fails to start

If the Edge Router fails to start Nginx or fails to start at all, as shown in the /opt/apigee/var/log/edge-router/logs/system.log file, then delete all files in the /opt/nginx/conf.d directory, and restart the router:

> rm -f /opt/nginx/conf.d/*
> /opt/apigee/apigee-service/bin/apigee-service edge-router restart
DOC-1687 Due to a known package dependency conflict, the Katello agent used in Satellite Server 6 will not install properly on Apigee Edge hosts running the Qpid daemon.
PRC-1118

Error when running "apigee-service apigee-postgresql pg-data-purge" command

If you run the "apigee-service apigee-postgresql pg-data-purge" command and see an error in the form:

ERROR: must be owner of relation

Edit /opt/apigee/apigee-postgresql-4.16.05-0.0.894/lib/actions/pg-data-purge and set the following property to 'apigee':

POSTGRES_USER=apigee