4.51.00 Edge for Private Cloud release notes

You're viewing Apigee Edge documentation.
Go to the Apigee X documentation. info

On July 29, 2021, we released version 4.51.00 of the Edge for Private Cloud Feature Release.

Release summary

The following table summarizes the changes in this release:

This release includes the following new features:

○ A new pop-up window warns you of end of life (EOL) dates
○ Option to log out users when their passwords are changed
○ Set TLS version for SMTP
○ Added an enhanced pg-data-purge script to optionally purge data from parent fact tables
○ Added sosreport, a new system level diagnostic and data collection tool.

For more information about each of these new features, see New features.

Backward Compatibility

The following issues affecting backward compatibility were introduced in this version of Apigee Edge for Private Cloud:

Java Management Extensions (JMX) is no longer enabled by default for the Apigee SSO (single sign-on) module.
Due to the fix for issue 132443137 (as described in the 19.03.01 Public Cloud release notes), Message Processors now ignore headers that begin with X-Apigee-*. As a result, you must refactor any code that uses X-Apigee-* headers and replace those headers with supported ones.
The name of the Cassandra log files has changed. It is now:
```
/opt/apigee/var/log/apigee-cassandra/system.log
```

Included Releases

Since the previous Edge for Private Cloud Feature Release, the following releases have occurred and are included in this release:

○ Edge:
   20.08.03 (Router)
   20.09.18 (Management Server)
   21.03.08 (Router, Management Server, Message Processor)

Retirements None

Deprecations

With the release of 4.51.00:

4.19.06: Version 4.19.06 of Apigee Edge for Private Cloud is now deprecated.

For more detailed information about the deprecations including removal timelines, see Apigee deprecations and retirements.

Known Issues

This release includes the following known issues:

For more information about each of these known issues, including workarounds, see Known issues.

Upgrade paths

For instructions on upgrading to Edge for Private Cloud 4.51.00, see Update Apigee Edge 4.19.06 or 4.50.00 to 4.51.00.

New features

This section lists new features in this release. Additionally, this release includes all features in the Edge UI, Edge Management, and Portal releases listed in Included Releases.

In addition to the following enhancements, this release also contains multiple usability, performance, security, and stability enhancements.

A new pop-up window warns you of end of life (EOL) dates for Edge for Private Cloud

Edge for Private Cloud customers will start seeing warning messages displayed six month prior to the installed version's EOL date. The EOL message will be shown once per browser session: if you close the tab or browser, the session will be lost. If you then re-open Apigee in a browser, the message will be displayed again.

New option to log out users when their passwords are changed

A new flag was added to apigee.feature.clearSessionOnPasswordUpdate, which lets you configure whether users are logged out after you change their password. The default is that users are not logged off.

New flag to set TLS version for SMTP

A new flag has been added to mail.smtp.ssl.protocols, which specifies the SSL protocol that are enabled for SMTP connections. This feature lets you configure SSL protocols based on your security requirements.

You can set this flag by adding the following entry to the properties file, /opt/apigee/customer/application/ui.properties:

conf_apigee.mail.smtp.ssl.protocols=ssl-protocol

Possible values for ssl-protocol are SSLv2Hello, SSLv3, TLSv1, TLSv1.1, and TLSv1.2.

New diagnostic tool, sosreport

Added Sosreport, a new system level diagnostic and data collection tool.

Added support for new software versions

Apigee has added support for the following software versions:

Postgres version 10.17
Nginx version 1.20.1
TLS 1.3 Northbound support

Configure forward proxy.

The following flags have been added, which let you configure a forward proxy:

http.proxyHost
http.proxyPort
http.proxyUser
http.proxyPassword

By default the values of the flags are empty.

Enhanced pg-data-purge script to purge parent fact tables from analytics

To run the script, enter the following command:

/opt/apigee/apigee-service/bin/apigee-service apigee-postgresql pg-data-purge org_name env_name number_of_days_to_retain [Delete-from-parent-fact - N/Y] [Confirm-delete-from-parent-fact - N/Y]

The script has the following options:

Delete-from-parent-fact Default : No. Will also delete data older than retention days from parent fact table.
skip-prompt. Default: No. If No, the script will prompt for confirmation before deleting data from parent fact. Set to Yes if the purge script is automated.

A new flag, apigee.feature.customLoginUserLabel allows you to configure the user label in the login page based on their preference. The default is Email address.

Supported software

This release includes the following changes to supported software:

Support Added	No Longer Supported
This release supports the following software versions: Red Hat Enterprise Linux (RHEL) 7.5, 7.6, 7.7, 7.8, 7.9, 8.0 Amazon Linux AMI 2 Postgres 10.17 Nginx 1.20.1	The following software versions are no longer supported with this release: Red Hat Enterprise Linux (RHEL) 6.X Amazon Linux AMI 1 Node.js 0.10.32

Support Added

No Longer Supported

This release supports the following software versions:

Red Hat Enterprise Linux (RHEL) 7.5, 7.6, 7.7, 7.8, 7.9, 8.0
Amazon Linux AMI 2
Postgres 10.17
Nginx 1.20.1

The following software versions are no longer supported with this release:

Red Hat Enterprise Linux (RHEL) 6.X
Amazon Linux AMI 1
Node.js 0.10.32

For a complete list of supported platforms, see Supported software and supported versions.

Bug fixes

This section lists the Private Cloud bugs that were fixed in this release. Additionally, this release includes all bug fixes in the Edge UI, Edge Management, and Portal releases shown in Included Releases.

Issue ID	Description
112262604	Mint Management Server needs to be updated when Postgres failover is performed An enhanced script was created to change Postgres connection details for Mint Management Server. See Handling a PostgreSQL database failover.
150844280	Without an internet connection, Apigee SSO tried to download an external font library during login. The Google Sans font for headers, which doesn't have an open source license, has been replaced with the Noto Sans font.
161351690	The HMAC policy did not appear in the policy chooser. The policy is now displayed in the policy chooser.
168149141	Monetization installation was failing on the second management server. Some potential issues due to a race condition during installation of Mint Management Server have been fixed.
170089960	Unable to change the user label in the login page A new flag has been added to `apigee.feature.customLoginUserLabel`. With this flag, you can configure the user label in the login page. The default is the existing label, i.e., Email Address..
170791446	In the Developers UI, a forbidden character in the developer's email address prevented editing the developer's details. This has been fixed.
173657467	Management Server wasn't coming up if Cassandra nodes in other data centers were down. The enable Cassandra authentication script has been enhanced to prevent this problem.
175638733	AWS Linux 1 is being deprecated Support has been added for AWS Linux 2.
175942835	GET requests to dailysummaryreports were being allowed without CSRF protection This has been fixed
178305317	Consul connect client was not using all the available Consul servers for automatic failover This has been fixed
180207712	Customers weren't able to add new Cassandra nodes due to incorrect `CASS_HOSTS` property. The Cassandra setup now returns an improved error message if an incorrect `CASS_HOSTS` property is provided.
186503861	ServiceCallout policy was incorrectly splitting the header values when the element was used. Added a general configuration (conf_http_HTTPHeader.{ANY}) to control default multivalued & duplicate behavior of all Headers. This configuration will only apply if specific header configuration is not present.
182456858	Management server was not always connecting to the local region's Postgress server. The Management server's Postgres selection algorithm has been optimized so that it connects to a Postgres node in local region
182857918	Log messages when Message Processor reaches its connection limit have been improved. This simplifies troubleshooting.
183147699	Customer dc-4 expansion failed due to custom region name. A new property, `REGION_MAPPING`, lets you assign your custom region names to standard region names (dc-1, dc2, and so on). See Edge Configuration File Reference .
185285557	Added an optional feature to make developer emails case insensitive. This feature is turned off by default, so developer emails continue to be case sensitive (the current behavior).
189743303	Analytics API with filter to exclude API proxies was returning an error. An issue with parsing filters during execution of custom reports has been fixed.
171240470	Management update was failing when Cassandra JMX Authentication or SSL was enabled Added feature to provide Cassandra JMX authentication and SSL configurations when running setup or update on Management server.
168560804	When creating a shared flow in the Edge UI, the UI was returning a 403 error for insufficient permissions. Fixed an undefined value that was being passed to the API.
171985727	Made improvements in JMX configurations of Cassandra so configurations follow other Apigee configuration standards and changes are not overridden during Cassandra upgrade.
188526117	An IP command was not prefixed with the absolute path. The absolute path is now included in the command.
123015330	Misformatted numbers within a component's .properties file were causing the component to fail to start This has been fixed.
161934168	PostgreSQL PassTheHash protocol design vulnerability, by PostgreSQL to Postgres v10.17 This has been fixed.
185115206	Made enhancements to improve performance of analytics queries on Management Server
193870176	Added a Router level configuration to disable Virtual Host listen options on standard ports 80 & 443.
197331224	Get org would return a 403-unauthorized error instead of 404-not found if org is not present.
184573211	Java Management Extensions (JMX) is no longer enabled by default for the Apigee SSO module.

Security issues fixed

The following is a list of known security issues that have been fixed in this release. To avoid these issues, install the latest version of Edge Private Cloud.

Issue ID	Description
CVE-2018-16131	Vulnerability: [Denial of Service (DoS)] found in for project: unified-experience/navbar (SNYK-JAVA-COMTYPESAFEAKKA-32493). This has been fixed.
CVE-2020-7676	Cross-Site Scripting (XSS) vulnerability in jQuery. A vulnerability in jQuery which reported cross-site scripting (XSS) was fixed.
CVE-2016-5388	Vulnerability in Tomcat servlet. Existing Tomcat servlet 8.0.53 had a security vulnerability. Upgrading Tomcat servlet to 8.5.34 fixed this vulnerability.

Known issues

The following table lists known issues in this release:

Issue ID Description

194249507

Issue ID	Description
194249507	`apigee-mirror` does not work on Red Hat Enterprise Linux (RHEL) 8.0. As a workaround, install `apigee-mirror` on a server running a lower version of RHEL or another supported operating system for Apigee. You can then use the mirror to add packages even if you installed Apigee on RHEL 8.0 servers.

apigee-mirror does not work on Red Hat Enterprise Linux (RHEL) 8.0.

As a workaround, install apigee-mirror on a server running a lower version of RHEL or another supported operating system for Apigee. You can then use the mirror to add packages even if you installed Apigee on RHEL 8.0 servers.

See Known issues with Edge for Private Cloud for a complete list of known issues.

Next step

To get started with Edge for Private Cloud 4.51.00, use the following links:

New installations:

New installation overview

Existing installations

Update Apigee Edge 4.19.06 or 4.50.00 to 4.51.00.