Private cloud

Apigee Edge for Private Cloud 4.19.01 Is Here!

We’re excited to announce the general availability of Apigee Edge for Private Cloud 4.19.01. This release gives our customers even more flexibility to manage their APIs with features like Open API 3.0 support (OAS 3.0), self-healing with apigee-monit, TLS security, virtual host management improvements, and additional software support. Most notably, we are making the New Edge experience generally available to all customers.

The New Edge experience sits on top of the same platform that powers the "classic" Edge experience but adds several enhancements, particularly in the areas of API design and publishing. You’ll also notice an updated, modern look across all parts of Apigee Edge.

The New Edge experience supports full backwards compatibility; your current API proxies and applications will continue to work, so no migration is required. You can easily switch back to classic view in the UI.

Some of the features we’ve released are only available in the New Edge experience, including:

  • Virtual hosts management in the UI
  • OAS 3.0 support

With this release, Apigee Edge Monetization, which was previously only in the classic UI, is now generally available in the New Edge experience.

SAML Single-Sign-On, the recommended way for securing modern enterprise apps, is required in the New Edge experience.

Virtual hosts management enhancements

With the New Edge experience, you can now easily create, update, and delete virtual hosts from the UI itself rather than through the command line interface.

 

 

Open API Specification 3.0 support

API proxies can now be created from OAS 3.0 (the most recent spec) in the proxy wizard.

Self-healing and monitoring

Several of our customers have told us about the benefits they’ve experienced from using Apigee in conjunction with Monit, an open-source process supervision tool. These benefits include increased uptime and resilience of the overall system.

To better enable all our customers to use Monit, we’re launching apigee-monit, which adds self-healing capabilities to help ensure all Apigee Edge components remain up and running all the time. It does this by providing the following services:

  • Restarting failed services
  • Displaying summary information
  • Logging monitoring status
  • Sending notifications
  • Monitoring non-Edge services

Apigee-monit architecture

TLS improvements

We’ve added more TLS configuration options to provide our customers with more choices in selecting the protocol and cypher suites that best fit their needs. These options now include TLS protocols (default 1.2) and TLS cipher parameters.

Software support

This release adds support for RHEL 7.6, CentOS 7.6, and Oracle Linux 7.5. The full list of supported versions can be found here. Apigee recommends running the Apigee stack on the latest OS releases.  

Other improvements

  • New best practices for Private Cloud deployment on AWS around networking and Cassandra.
  • Org validation is enforced in setup script with an optional silent config parameter SKIP_ORG_NAME_VALIDATION=y

How to upgrade

We encourage you to upgrade to this new release to start benefiting from the added features, UI enhancements, and bug fixes. You can update Apigee Edge versions 4.17.09, 4.18.01 and 4.18.05 to 4.19.01 directly. If you have a version that is older than 4.17.09, you must first migrate to version 4.18.01 and then update to the latest version 4.19.01.

Here are some links to get you started:

If you’re new to Apigee Edge for Private Cloud, you can install a new instance by following the installation instructions.

There’s a lot more to share than what we’ve covered here; additional details can be found in our release notes. Visit the Apigee Community to ask questions, leave feedback, or start a conversation.

Apigee Edge for Private Cloud 4.18.05 Is Here!

We’re excited to announce the general availability of Apigee Edge for Private Cloud 4.18.05. This release features native policies for JSON web tokens and RHEL 6.9/7.0 support.  

JSON Web Tokens

JSON Web Tokens, or JWT, is now generally available. JWT is a token standard defined in IETF RFC 1759; it enables you to sign a set of claims (key value pairs) that can later be verified reliably by the JWT recipient.

Apigee Edge unified experience

The unified Apigee Edge experience, which is now in beta, improves API lifecycle management, from API design to development to publishing. This release includes improvements to the installation and configuration experience.

Software support

This release comes with support of RHEL 6.9, CentOS6.9, and OEL 6.9. Apigee recommends running the Apigee stack on the most recent OS releases.

We’ve also retired Apigee API BaaS and the Apigee monitoring dashboard. For more information, visit the deprecated features page in our documentation.

How to upgrade

We strongly encourage customers to upgrade to this new release to start benefiting from the added features, UI enhancements, and bug fixes. You can update Apigee Edge version 4.17.05, 4.17.09, and 4.18.01 to 4.18.05 directly. If you have a version that’s older than 4.17.05, you must first migrate to version 4.18.01 and then update to the latest version.

There’s a lot more to share than what we’ve covered here; additional details can be found in our release notes. Visit Apigee Community to ask questions, leave feedback, or start a conversation.

 

It's Here! The Latest Apigee Edge Private Cloud Installer for PCF

The Apigee Edge API platform has been integrated with Pivotal Cloud Foundry for some time now. This has been great because developers and operators alike benefit from pre-integrated API management and get out-of-the-box security, traffic management, and visibility into the APIs.

We haven’t stopped there, though. We’ve been working to streamline how operators install,  manage, and monitor Apigee Edge, so they can do so in the same way they are accustomed to for PCF.

So we’re excited to announce the general availability of Apigee Edge BOSH Installer for PCF for our Private Cloud 17.05 version. BOSH is an open-source project that unifies release engineering, deployment, and lifecycle management of cloud software. This is the third BOSH installer that Apigee has released and marks another important step in our relationship with Pivotal.  

Operators who deploy PCF use BOSH to install, manage, and maintain it. The latest installer makes it simple for operators to do the same for Apigee Edge 17.05.

The new release offers some key features, including:

  • API proxy URL rendering
  • Zero-downtime shared flows deployment
  • Simplified deletion of monetization data for an organization
  • Stricter input validation across all entities in an organization
  • Support for setting the API timeout duration used by Edge UI

 

A full list of features is available here.

The Apigee Edge Installer for PCF is delivered as a tile on the Pivotal Network.This tile provides a BOSH release to deploy Apigee Edge, an enterprise-grade, purpose-built, intelligent API management platform on your IaaS (Infrastructure as a Service). This makes it easy to perform monitoring, failure recovery, and software updates with little to no downtime.

 

 

We encourage you to try this new installer—it’ll simplify your Apigee Edge deployment, management, and maintenance experience. All you need is an account on Pivotal Network (to download the tile) and your Apigee Edge license file (you can get that from your Apigee account team). Please check out  the full documentationrelease notes, and this post for more, and visit Apigee Community with any questions or feedback.

Apigee Edge for Private Cloud 4.17.05 Is Here!

We’re excited to announce the general availability of Apigee Edge for Private Cloud 4.17.05. This release includes several features and bug fixes that help you better control and secure your APIs, standardize deployment, enable reusability of existing infrastructure components, and make it easy to manage developer apps.

API proxy URL rendering

In most cases, the URL displayed in the Edge UI is the correct URL for making external requests to the proxy. However, for some configurations, the displayed URL is not correct. Any one of the following configurations can cause the displayed URL to not correspond to the actual URL used to make external requests to the proxy:

  • SSL termination occurs at a load balancer
  • Port mapping occurs between a load balancer and Apigee routers
  • Path rewriting is configured in a load balancer

Edge for Private Cloud 4.17.05 provides support for overriding the URL displayed by the Edge UI.

Zero-downtime shared flows deployment

To minimize the potential for downtime during deployment, you can now employ shared flows, which enable you to combine policies and resources that are consumable from multiple API proxies, with an override option.

In essence, by setting the override to “true,” the current revision of the shared flow is removed once the new revision’s deployment is complete.

Deleting monetization data for an organization

You can now delete monetization data for your organization. This is important if, for example, you create a monetization package or rate plan for testing purposes, and need to clear it when done.

Still using the Apigee secure store?

The Apigee secure store, or vault, which provides encrypted storage of key/value pairs, is created with the management API and accessed at runtime with functions in the apigee-access Node.js module.

We’ve deprecated the secure store. Now, you should use encrypted key value maps (KVMs), as described in Working with Key Value maps. Encrypted KVMs are as secure as vaults, but provide more options for creation and retrieval.

Other improvements

We’ve made a host of other improvements, including: 

  • Stricter input validation across all entities in an organization. The allowed characters are alphabets (upper and lower cases), numbers, and underscore.
  • We’ve introduced the SMTPMAILFROM parameter in the Edge installation. This parameter specifies the “from/sender” email address used when Edge sends automated emails.
  • We’ve written new documentation on changing default system user, enabling debug logging, and Edge install tasks roles (root and non-root).
  • Support for setting API timeout duration used by Edge UI to control how long the UI waits for an API management call to return  before issuing a timeout error message.

How to upgrade

We strongly encourage customers to upgrade to this new release to start benefitting from the newly added features, UI enhancements, and bug fixes as soon as possible. You can update Apigee Edge version 4.17.01.0x to 4.17.05. If you have a version of Edge previous to version 4.16.01, then you must first migrate to version 4.16.x and update to version 4.17.05.

Hope you’re as excited as we are about this new release. There’s a lot more to share than what can fit here; additional details can be found in our release notes.

If you have questions, comments, or feedback, start a conversation on Apigee Community.

Image: Flickr Creative Commons / debaird

 

Apigee Edge Private Cloud 17.01 Is Here!

We’re excited to announce the general availability of Apigee Edge for Private Cloud 17.01. This release includes several features that help you better control and secure your APIs, standardize deployment, enable reusability of existing infrastructure components, and make it easy to manage developer apps.

Shared flows and flow hooks

Shared flows let you operationalize functionality in API proxies. By combining conditionalized policies and resources into a shared flow, you can reference the shared flow from any API proxy to execute single-source, reusable logic. For example, a shared flow might verify the API key, protect against spike arrests, and log data.

Flow hooks let you attach these shared flows at key enforcement points (pre-proxy, pre-target, post-target and post-proxy) within the API proxy lifecycle. This make is easy to enforce some common compliance and security requirements such as OAuth, threat protection, traffic management, and logging across all API traffic without having to rely on the API developer to do that in each and every proxy. See additional details about this feature here.

Encrypted key value maps

Key value maps (KVMs), which were already an Edge feature for long-term persistence of key-value pairs, can now be encrypted for stronger data security. You can now store service accounts, system credentials, or any secure information to access third-party APIs.

Encrypted KVMs are encrypted with an Apigee-generated AES-128 cipher key. Just like regular KVMs, encrypted KVMs are scoped. They can be scoped at the “organization,” “environment,” or “apiproxy” level.

Multi-data center API BaaS

API BaaS provides developers with access to a flexible data store and enables you to quickly integrate valuable features into your app, including social graphs, user management, data storage, push notifications, performance monitoring, and more.

In the past you could only install API BaaS in a single data center. With this release, API BaaS can be deployed in multiple data centers. Any data collection that is created automatically gets replicated across the different data centers. With this, BaaS can be supported in a active-active configuration and provides higher levels of availability.

RPM-based install for the developer portal

In previous releases you had to download and install the developer portal from a tarball. But now the Developer Services portal is installed from RPMs, using the same repo and tools as Edge and API BaaS. This means the admins can use  the same process for deploying the developer portal as they use for installing rest of the Edge components. It makes for a seamless installation experience.

Fewer components

The Developer Services portal now uses Postgres (used for analytics) as its database and Nginx (used as a router) as its web server. Customers upgrading to 4.17.01 from a previous version continue to use MySQL or MariaDB (for all new installations, the portal uses Postgres as its database instead of MySQL and MariaDB). New installations also install Nginx as the web server. Customers upgrading to 4.17.01 from a previous version continue to use Apache.

Developer apps

Developer app management in the Edge UI has gotten more powerful, thanks to several enhancements. You can revoke and approve apps (in edit mode) in a new "App Status" field. API key expiry dates are now shown on the Developer App Details page, and keys are organized by expiry dates in a "Credentials" section. Additionally, you can generate API keys with specific expiration times or dates (or with no expiration).

Other improvements

  • You can now display a consent banner when a user first accesses the Edge UI. The consent banner displays HTML-formatted text and a button that the user selects to proceed to the log-in screen.
  • We have updated versions of Cassandra and Qpid.
  • When you create a "pass-through SOAP" proxy based on a WSDL, Edge hosts the WSDL and creates a flow in the proxy to let you access it. You can access the hosted WSDL at http(s)://[edge_domain]/[proxy_base_path]?wsdl, which is the new service endpoint URL for clients calling the SOAP service through the proxy.
  • We added “data for average transactions per second” (average TPS) to the main proxy traffic dashboard. In addition, when you hover over individual data points on the proxy traffic and proxy performance charts, TPS for that time interval is displayed in the tooltip.
  • This release also contains a bunch of bug fixes. Some examples include “Intermittent errors (such as SNI errors) on JavaScript service callouts,” “Invalid URL parsing returns a 500 status with ApplicationNotFound,” “SOAP WSDL passthrough operation name issue,” and “Error in creating node.js API Proxy when Enable Cors option is selected.”

How to upgrade

We strongly encourage customers to upgrade to this new release as soon as possible. You can update Apigee Edge version 4.16.09.0x to 4.17.01. If you have a version of Edge previous to version 4.16.01, then you must first migrate to version 4.16.01.x and then update to version 4.17.01.

Hope you’re as excited as we are about this new release. There’s a lot more to share than what can fit in here; additional details can be found in our release notes. We strongly encourage customers to try out these new features, ask questions, and provide feedback on the Apigee Community.