4.50.00.09 - Edge for Private Cloud release notes

You're viewing Apigee Edge documentation.
Go to the Apigee X documentation.
info

On August 18, 2021, we released a new version of Apigee Edge for Private Cloud.

Update procedure

Updating this release will update the components in the following list of RPMs:

  • edge-gateway-4.50.00-0.0.20137.noarch.rpm
  • edge-management-server-4.50.00-0.0.20137.noarch.rpm
  • edge-message-processor-4.50.00-0.0.20137.noarch.rpm
  • edge-postgres-server-4.50.00-0.0.20137.noarch.rpm
  • edge-qpid-server-4.50.00-0.0.20137.noarch.rpm
  • edge-router-4.50.00-0.0.20137.noarch.rpm
  • edge-analytics-4.50.00-0.0.40045.noarch.rpm
  • apigee-postgresql-9.6.1-0.0.2519.noarch.rpm
  • apigee-cassandra-2.1.22-0.0.2526.noarch.rpm
  • apigee-service-4.50.00-0.0.1426.noarch.rpm
  • apigee-provision-4.50.00-0.0.615.noarch.rpm
  • apigee-validate-4.50.00-0.0.623.noarch.rpm
  • apigee-sso-4.50.00-0.0.21017.noarch.rpm
  • apigee-tomcat-8.5.64-0.0.915.noarch.rpm
  • edge-ui-4.50.00-0.0.20193.noarch.rpm
  • edge-management-ui-static-4.50.00-0.0.20032.noarch.rpm
  • edge-management-ui-4.50.00-0.0.20017.noarch.rpm
  • apigee-drupal-7.82-0.0.306.noarch.rpm
  • apigee-drupal-devportal-4.50.00-0.0.407.noarch.rpm
  • Apigee-drupal-contrib-4.50.00-0.0.403.noarch.rpm

You can check the RPM versions you currently have installed, to see if they need to be updated, by entering:

apigee-all version

To update your installation, perform the following procedure on the Edge nodes:

  1. On all Edge nodes:

    1. Clean the Yum repos:
      sudo yum clean all
    2. Download the latest Edge 4.50.00 bootstrap_4.50.00.sh file to /tmp/bootstrap_4.50.00.sh:
      curl https://software.apigee.com/bootstrap_4.50.00.sh -o /tmp/bootstrap_4.50.00.sh
    3. Install the Edge 4.50.00 apigee-service utility and dependencies:
      sudo bash /tmp/bootstrap_4.50.00.sh apigeeuser=uName apigeepassword=pWord

      where uName:pWord are the username and password you received from Apigee. If you omit pWord, you will be prompted to enter it.

    4. Update the apigee-setup utility:
      sudo /opt/apigee/apigee-service/bin/apigee-service apigee-setup update
    5. Use the source command to execute the apigee-service.sh script:
      source /etc/profile.d/apigee-service.sh
  2. Update the apigee-validate utility on the Management Server:
    /opt/apigee/apigee-service/bin/apigee-service apigee-validate update
  3. Update the apigee-provision utility on the Management Server:
    /opt/apigee/apigee-service/bin/apigee-service apigee-provision update
  4. Update all Cassandra nodes:
    /opt/apigee/apigee-setup/bin/update.sh -c cs -f configFile

    where configFile specifies the configuration file that you used to install Apigee Edge for Private Cloud. For example, /opt/silent.conf.

  5. Update Postgres nodes (master and standby):
    /opt/apigee/apigee-setup/bin/update.sh -c ps -f /opt/silent.conf
  6. On all Edge nodes, execute the update.sh script for the edge process:
    /opt/apigee/apigee-setup/bin/update.sh -c edge -f configFile
  7. Execute the update.sh script for SSO on all nodes:
    /opt/apigee/apigee-setup/bin/update.sh -c sso -f configFile
  8. Execute the update.sh script for the UI on all nodes:
    /opt/apigee/apigee-setup/bin/update.sh -c ui -f configFile
  9. If you are using the New Edge experience, execute the following command:
    /opt/apigee/apigee-setup/bin/update.sh -c ue -f configFile
  10. On all Apigee Developer Services portal nodes, update the devportal process by executing the following command:
    /opt/apigee/apigee-setup/bin/update.sh -c dp -f configFile

Changes to supported software

There are no changes to supported software in this release.

Deprecations and retirements

There are no new deprecations or retirements in this release.

New features

This release introduces the following new features:

A new pop-up window warns you of end of life (EOL) dates for Edge for Private Cloud

Edge for Private Cloud customers will start seeing warning messages displayed six month prior to the installed version's EOL date. The EOL message will be shown once per browser session: if you close the tab or browser, the session will be lost. If you then re-open Apigee in a browser, the message will be displayed again.

New option to log out users when their passwords are changed

A new flag was added to apigee.feature.clearSessionOnPasswordUpdate, which lets you configure whether users are logged out after you change their password. The default is that users are not logged off.

New flag to set TLS version for SMTP

A new flag has been added to mail.smtp.ssl.protocols, which specifies the SSL protocol that are enabled for SMTP connections. This feature lets you configure SSL protocols based on your security requirements.

Configure forward proxy.

The following flags have been added, which let you configure a forward proxy:

  • http.proxyHost
  • http.proxyPort
  • http.proxyUser
  • http.proxyPassword

By default the values of the flags are empty.

Enhanced pg-data-purge script to purge parent fact tables from analytics

To run the script, enter the following command:

/opt/apigee/apigee-service/bin/apigee-service apigee-postgresql pg-data-purge org_name env_name number_of_days_to_retain [Delete-from-parent-fact - N/Y] [Confirm-delete-from-parent-fact - N/Y]

The script has the following options:

  • Delete-from-parent-fact Default : No. Will also delete data older than retention days from parent fact table.
  • Confirm-delete-from-parent-fact. Default: No. If No, the script will prompt for confirmation before deleting data from parent fact. Set to Yes if the purge script is automated.

Option to change the user label in the login page

A new flag, apigee.feature.customLoginUserLabel allows you to configure the user label in the login page based on their preference. The default is Email address.

Bug fixes

This section lists the Private Cloud bugs that were fixed in this release.

Issue ID Description
179989459

Deleting an API product from an API product bundle wasn't working.

This has been fixed.
67151202

Password complexity requirements were not being enforced at installation

This has been fixed.
175942835

Customers were able to make GET requests to dailysummaryreports without any CSRF protection

This has been fixed.
161351690

HMAC policy did not appear in the list of policies in the UI

This has been fixed.
170791446

404 redirect issue in the Developers tab in the UI.

Customers were not able to edit/delete or perform any other operation in the Developers tab in the UI because the developer's email had special characters in it. This has been fixed
168149141

Monetization installation was failing on a second Management server

Fixed some potential issues due to race condition during installation of Mint Management Server
167960487

AND/OR reserved keywords within text of dimensions were causing analytics reports to fail

This has been fixed.
168846482

Postgres restore failed if Apigee databases were missing

We have improved error logging in Postgres restore script.
161155125

Upgrades were failing for apigee-ldap

This has been fixed.
180207712

Customer could not add new Cassandra nodes

Cassandra setup will fail with improved error message if an incorrect CASS_HOSTS property is provided.
173657467

Management Server was not coming up if Cassandra nodes in another data center were down

The enable Cassandra authentication script has been enhanced to handle this.
182456858

Management server was not connecting to a local Postgres region.

Made improvements to the Management Server algorithm for choosing best Postgres to connect to for analytics queries.
189743303

Analytics API filtering issue

This has been fixed.
156623186

Permission restrictions were not working for Audits resource

This has been fixed.
123015330

Misformatted numbers within a component's .properties file were preventing the component from starting

This has been fixed.
183147699

Fixed issue in datastore registrations during Management Server installation/updates when region names not in the dc-x format are used.

See Edge Configuration File Reference.
180373096

Mass rollout of API Proxies was slow

This has been fixed.
182857918

Improved Message Processor logs to better capture error states

193870176

Added a Router level configuration to disable Virtual Host listen options on standard ports 80 & 443.

168560804

A 403 error was returned when creating shared flow

The error occurred because an undefined value was being passed to the API. This has been fixed.
186503861

The ServiceCallout policy was splitting the header values and sending the headers with same key and different values to the backend when the element was used

Added a general configuration (conf_http_HTTPHeader.{ANY}) to control the default multivalued & duplicate behavior of all Headers. This configuration will only apply if specific header configuration is not present.

Security issues fixed

The following is a list of known security issues that have been fixed in this release. To avoid these issues, install the latest version of Edge Private Cloud.

Issue ID Description
CVE-2020-11022

jQuery vulnerability fixed

CVE-2020-11023

jQuery vulnerability fixed

CVE-2018-20801

Highcharts Vulnerability issues in Edge UI (Classic)

CVE-2019-14863

CVE-2020-7676

CVE-2019-10768

Cross-Site Scripting (XSS) vulnerability in jQuery

A vulnerability in jquery which reported cross-site scripting (XSS) was fixed.

CVE-2016-5388

CVE-2020-1745

CVE-2020-8022

Vulnerability in Tomcat servlet.

Existing Tomcat servlet 8.0.53 had a security vulnerability. Upgrading Tomcat servlet to 8.5.34 fixes this vulnerability.

Known issues

See Known issues with Edge for Private Cloud for a complete list of known issues.