Apache Traffic Control - Current Release



Apache Traffic Control 5.1.2 - May 17th, 2021

Apache Traffic Control 5.1.2 is available here:

Release Notes

Added

  • Traffic Ops: added a feature so that the user can specify maxRequestHeaderBytes on a per delivery service basis
  • Traffic Router: log warnings when requests to Traffic Monitor return a 503 status code
  • #5344 - Add a documentation page that addresses migrating from Traffic Ops API v1 for each endpoint
  • Added API endpoints for ACME accounts
  • Traffic Ops: Added validation to ensure that the cachegroups of a delivery services' assigned ORG servers are present in the topology
  • Traffic Ops: Added validation to ensure that the weight parameter of parent.config is a float
  • Traffic Ops Client: New Login function with more options, including falling back to previous minor versions. See traffic_ops/v3-client documentation for details.
  • #5395 - Added validation to prevent changing the Type any Cache Group that is in use by a Topology
  • Added license files to the RPMs
  • Atscfg: Added a rule to ip_allow.config such that PURGE requests are allowed over localhost

Fixed

  • #5296 - Fixed a bug where users couldn't update any regex in Traffic Ops/ Traffic Portal
  • Traffic Portal: #5317 - Clicking IP addresses in the servers table no longer navigates to server details page.
  • #5445 - When updating a registered user, ignore updates on registration_sent field.
  • #5335 - Don't create a change log entry if the delivery service primary origin hasn't changed
  • #5333 - Don't create a change log entry for any delivery service consistent hash query params updates
  • #5341 - For a DS with existing SSLKeys, fixed HTTP status code from 403 to 400 when updating CDN and Routing Name (in TO) and made CDN and Routing Name fields immutable (in TP).
  • #5192 - Fixed TO log warnings when generating snapshots for topology-based delivery services.
  • #5284 - Fixed error message when creating a server with non-existent profile
  • #5287 - Fixed error message when creating a Cache Group with no typeId
  • #5382 - Fixed API documentation and TP helptext for "Max DNS Answers" field with respect to DNS, HTTP, Steering Delivery Service
  • #5396 - Return the correct error type if user tries to update the root tenant
  • #5378 - Updating a non existent DS should return a 404, instead of a 500
  • Fixed a potential Traffic Router race condition that could cause erroneous 503s for CLIENT_STEERING delivery services when loading new steering changes
  • #5195 - Correctly show CDN ID in Changelog during Snap
  • #5438 - Correctly specify nodejs version requirements in traffic_portal.spec
  • Fixed Traffic Router logging unnecessary warnings for IPv6-only caches
  • #5294 - TP ag grid tables now properly persist column filters on page refresh.
  • #5295 - TP types/servers table now clears all filters instead of just column filters
  • #5407 - Make sure that you cannot add two servers with identical content
  • #2881 - Some API endpoints have incorrect Content-Types
  • #5364 - Cascade server deletes to delete corresponding IP addresses and interfaces
  • #5390 - Improve the way TO deals with delivery service server assignments
  • #5339 - Ensure Changelog entries for SSL key changes
  • #5461 - Fixed steering endpoint to be ordered consistently
  • Fixed an issue with 2020082700000000_server_id_primary_key.sql trying to create multiple primary keys when there are multiple schemas.
  • Fix for public schema in 2020062923101648_add_deleted_tables.sql
  • Moved move_lets_encrypt_to_acme.sql, add_max_request_header_size_delivery_service.sql, and server_interface_ip_address_cascade.sql past last migration in 5.0.0
  • #5505 - Make parent_reval_pending for servers in a Flexible Topology CDN-specific on GET /servers/{{name}}/update_status
  • #5565 - TO GET /caches/stats panic converting string to uint64
  • #5558 - Fixed `TM UI` and `/api/cache-statuses` to report aggregate `bandwidth_kbps` correctly.
  • Fix for config gen missing max_origin_connections on mids in certain scenarios
  • #5192 - Fixed TO log warnings when generating snapshots for topology-based delivery services.
  • Fixed Invalid TS logrotate configuration permissions causing TS logs to be ignored by logrotate.
  • #5604 - traffic_monitor.log is no longer truncated when restarting Traffic Monitor
  • #1624 - Fixed ORT to reload Traffic Server if LUA scripts are added or changed.
  • #5554 - TM UI overflows screen width and hides table data
  • Fixed the return error for GET api `cdns/routing` to avoid incorrect success response
  • #5712 - Ensure that 5.x Traffic Stats is compatible with 5.x Traffic Monitor and 5.x Traffic Ops, and that it doesn't log all 0's for cache_stats
  • Fixed ORT being unable to update URLSIG keys for Delivery Services
  • Fixed ORT service category header rewrite for mids and topologies
  • Fixed an issue where Traffic Ops becoming unavailable caused Traffic Monitor to segfault and crash
  • #5754 - Ensure Health Threshold Parameters use legacy format for legacy Monitoring Config handler
  • #5695 - Ensure vitals are calculated only against monitored interfaces
  • Fixed Traffic Monitor to report ONLINE caches as available
  • #5744 - Sort TM Delivery Service States page by DS name
  • #5724 - Set XMPPID to hostname if the server had none, don't error on server update when XMPPID is empty
  • #5739 - Prevent looping in case of a failed login attempt

Changed

  • #5311 - Better TO log messages when failures calling TM CacheStats
  • Refactored the Traffic Ops Go client internals so that all public methods have a consistent behavior/implementation
  • Pinned external actions used by Documentation Build and TR Unit Tests workflows to commit SHA-1 and the Docker image used by the Weasel workflow to a SHA-256 digest
  • Set Traffic Router to only accept TLSv1.1 and TLSv1.2 protocols in server.xml
  • Updated Apache Tomcat from 8.5.57 to 8.5.63
  • Updated Apache Tomcat Native from 1.2.16 to 1.2.23
  • Traffic Portal: #5394 - Converts the tenant table to a tenant tree for usability
  • Traffic Portal: upgraded delivery service UI tables to use more powerful/performant ag-grid component

Signing Keys

It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures.

The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the `ASC` signature file for the relevant distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using:


% pgpk -a KEYS % pgpv apache-trafficcontrol-4.1.0.tar.gz.asc

or

% pgp -ka KEYS
% pgp apache-trafficcontrol-4.1.0.tar.gz.asc

or

% gpg --import KEYS
% gpg --verify apache-trafficcontrol-4.1.0.tar.gz.asc apache-trafficcontrol-4.1.0.tar.gz
 

$ gpg --verify apache-trafficcontrol-4.1.0.tar.gz.asc apache-trafficcontrol-4.1.0.tar.gz
gpg: Signature made Tue Feb 11 09:38:30 2020 MST
gpg:                using RSA key BF4A8D7307B8EEC7BFB4D8CB8A0712500C70C06E
gpg: Good signature from "Rawlin Peters (apache signing key) " [ultimate]

Additionally, you should verify the SHA signature on the files. A unix program called `sha` or `shasum` is included in many unix distributions. It is also available as part of GNU Textutils. An MD5 signature (deprecated) consists of 32 hex characters, and a SHA512 signature consists of 128 hex characters. Ensure your generated signature string matches the signature string published in the files above.


Past Releases

Apache Traffic Control 5.0.0 - January 21st, 2021

Apache Traffic Control 5.0.0 is available here:

Release Notes

Added

  • A transliteration of the traffic_ops_ort.pl Perl script to the Go language. See traffic_ops_ort/t3c/README.md.
  • Traffic Ops API v3
  • Flexible Topologies For full details, refer to the blueprint.
    • Added a Traffic Ops API v3.0 endpoint: /topologies, to create, read, update and delete flexible topologies.
    • Added the ability to queue or dequeue updates for all servers assigned to the Cachegroups in a given Topology.
    • Added new "Topology" property to Delivery Services as an alternative to direct server assignments
    • Added "Topology" section to CDN Snapshot Comparison page
    • The CiaB default Delivery Service is now "Topology-based"
  • Edge Traffic Routing - a feature which allows Traffic Router to localize more DNS record types than just the routing name for DNS Delivery Services
  • Traffic Portal table performance improvements We've begun the process of shifting away from jQuery-plugin-based "data tables" to the much more performant AG-Grid table system. So far the following tables have been improved:
    • Servers - including when viewing the servers assigned to a Delivery Service etc.
    • The API Change Log table
    • DSRs
  • astats_over_http plugin CSV support The astats_over_http plugin for ATS now supports outputting data in CSV format when given the text/csv MIME-Type in the Accept header. Traffic Monitor is capable of requesting this new format (which is faster to parse than the JSON format) in its Profile's http_polling_format Parameter.
    As 5.0.0 also adds support to Traffic Monitor for the more standard stats_over_http plugin, CSV format using that health.polling.format value is also supported - but note that one must also install the system_stats plugin to provide all of the data necessary for Traffic Monitor's evaluations. Note also that this usage requires ATS version 9 or higher.
  • Multi-Interface Servers Servers are now allowed to have multiple network interfaces specified. For full details, refer to the blueprint.
    • Traffic Portal allows editing of a server's interfaces
    • Traffic Ops exposes server interface data in response payloads
    • Traffic Monitor is capable of evaluating a set of network interfaces, optionally with some limited thresholds set on any, all, or none of them
  • The ability to view Hash ID field (aka xmppId) on Traffic Portals' server summary page
  • The ability to delete invalidation requests, accessible in Traffic Portal
  • A UI indiciator to the Traffic Monitor when using a disk backup of configuration from Traffic Ops.
  • Support for the If-Match and If-Unmodified-Since HTTP headers to Traffic Ops and its native Go client
  • The "Status Last Updated" field to servers, which makes visible the time when the last status change took place for a server
  • TR using the default miss location of a Delivery Service in case the location (for the client's IP address) returned was the default location for the country
  • Traffic Ops, Traffic Ops ORT, Traffic Monitor, Traffic Stats, and Grove are now compiled using Go version 1.15
  • User-Agent string to Traffic Router log output
  • locationByDeepCoverageZone to the crs/stats/ip/{ip} endpoint in the Traffic Router API
  • The number of days of API change logs to fetch is now configurable in traffic_portal_properties.json (default is 7 days) and can be overridden by the user in Traffic Portal
  • Support for building RPMs that target CentOS version 8

Fixed

  • #3455 - Alphabetically sorting CDN Read API call
  • #5010 - Fixed Reference urls for Cache Config on Delivery service pages (HTTP, DNS) in Traffic Portal
  • #5147 - GET /servers?dsId={id} should only return mid servers (in addition to edge servers) for the CDN of the Delivery Service if the mid-tier is employed
  • #4981 - Cannot create routing regular expression with a blank pattern param in Delivery Service
  • #4979 - Returns a Bad Request error during server creation with missing profileId
  • #4237 - Do not return an internal server error when Delivery Service's capacity is zero.
  • #2712 - Invalid TM logrotate configuration permissions causing TM logs to be ignored by logrotate
  • #3400 - Allow "0" as a TTL value for Static DNS entries
  • #5050 - Allows the TP administrator to name a TP instance (production, staging, etc) and flag whether it is production or not in traffic_portal_properties.json
  • #4743 - Validate absolute DNS name requirement on Static DNS entry for CNAME type
  • #4848 - GET /api/x/cdns/capacity gives back 500, with the message capacity was zero
  • #2156 - Renaming a host in TC, does not impact xmpp_id and thereby hashid [Related github issue](https://github.com/apache/trafficcontrol/issues/2156)
  • #3661 - Anonymous Proxy ipv4 whitelist does not work
  • #1847 - Delivery Service with SSL keys are no longer allowed to be updated when the fields changed are relevant to the SSL Keys validity.
  • Fixed the /jobs and /jobs/:id Traffic Ops API routes to allow falling back to Perl via the routing blacklist
  • Fixed ORT config generation not using the coalesce_number_v6 Parameter.
  • #4735 - Fixed POST deliveryservices/request (designed to simple send an email) regression which erroneously required deep caching type and routing name
  • Fixed an issue that caused Traffic Monitor to poll caches that did not have the status ONLINE/REPORTED/ADMIN_DOWN
  • #4740 - Fixed /deliveryservice_stats regression restricting metric type to a predefined set of values
  • #4116 - Fixed update procedure of servers, so that if a server is linked to one or more delivery services, you cannot change its CDN
  • Fixed ORT bug miscalculating Mid Max Origin Connections as all servers, usually resulting in 1
  • Added Delivery Service Raw Remap __RANGE_DIRECTIVE__ directive to allow inserting the Range Directive after the Raw Remap text. This allows Raw Remaps which manipulate the Range
  • #4984 - Lets create_tables.sql be run concurrently without issue

Changed

  • When creating invalidation jobs through TO/TP, if an identical regex is detected that overlaps its time, then warnings will be returned indicating that overlap exists.
  • Changed Traffic Portal to disable browser caching on GETs until it utilizes the If-Modified-Since functionality that the TO API now provides.
  • Changed Traffic Portal to use Traffic Ops API v3
  • Changed ORT to find the local ATS config directory and use it when location Parameters don't exist for many required configs, including all Delivery Service files (Header Rewrites, Regex Remap, URL Sig, URI Signing).
  • Changed the access logs in Traffic Ops to now show the route ID with every API endpoint call. The Route ID is appended to the end of the access log line.
  • Changed the format of Traffic Monitor's tmconfig.backup to that of a GET request to /cdns/{{name}}/configs/monitoring instead of a transformed map
  • Changed Tomcat Java dependency to 8.5.57.
  • Changed Spring Framework Java dependency to 4.2.5.
  • Updated CiaB to CentOS 8

Deprecated

  • Importing Traffic Ops Go clients via the un-versioned github.com/apache/trafficcontrol/traffic_ops/client is now deprecated in favor of versioned import paths e.g. github.com/apache/trafficcontrol/traffic_ops/v3-client.

Removed

  • Removed deprecated Traffic Ops Go Client methods.
  • Configuration generation logic in the TO API (v1) for all files and the "meta" route - this means that versions of Traffic Ops ORT earlier than 4.0.0 will not work any longer with versions of Traffic Ops moving forward.
  • Removed from Traffic Portal the ability to view cache server config files as the contents are no longer reliable through the TO API due to the introduction of atstccfg.

Apache Traffic Control 4.1.1 - December 4th, 2020

Apache Traffic Control 4.1.1 is available here:

Release Notes

Added

  • Added the ability to set TLS config provided here: https://golang.org/pkg/crypto/tls/#Config in Traffic Ops
  • Added --traffic_ops_insecure=<0|1> optional option to traffic_ops_ort.pl
  • Added ORT CentOS 8 support

Fixed
  • Fixed #5188 - DSR (delivery service request) incorrectly marked as complete and error message not displaying when DSR fulfilled and DS update fails in Traffic Portal. Related Github issues
  • Fixed #5006 - Traffic Ops now generates the Monitoring on-the-fly if the snapshot doesn't exist, and logs an error. This fixes upgrading to 4.x to not break the CDN until a Snapshot is done.
  • Fixed #5180 - Global Max Mbps and Tps is not send to TM
  • Fixed #3528 - Fix Traffic Ops monitoring.json missing DeliveryServices
  • Fixed #5074 - Traffic Monitor logging "CreateStats not adding availability data for server: not found in DeliveryServices" for MID caches
  • Fixed #5274 - CDN in a Box's Traffic Vault image failed to build due to Basho's repo responding with 402 Payment Required. The repo has been removed from the image.
  • Fixed an issue that causes Traffic Router to mistakenly route to caches that had recently been set from ADMIN_DOWN to OFFLINE
  • Fixed a NullPointerException in Traffic Router that prevented it from properly updating cache health states
  • Fixed an issue where Traffic Router would erroneously return 503s or NXDOMAINs if the caches in a cachegroup were all unavailable for a client's requested IP version, rather than selecting caches from the next closest available cachegroup.
  • Traffic Ops Ort: Disabled ntpd verification (ntpd is deprecated in CentOS)
  • Fixed #5005: Traffic Monitor cannot be upgraded independently of Traffic Ops
  • Fixed an issue with Traffic Router failing to authenticate if secrets are changed
  • Fixed #4825 - Traffic Monitor error log spamming "incomparable stat type int"
  • Fixed #4899 - Traffic Monitor Web UI showing incorrect delivery service availability states
  • Fixed Traffic Monitor Web UI styling for unavailable caches
  • Fixed an issue with Traffic Monitor to fix peer polling to work as expected
  • Fixed #4845 - issue with ATS logging.yaml generation (missing newlines when filters are used)
  • Fixed ORT atstccfg to use log appending and log rotation
  • Fixed a bug in ATS remap.config generation that caused a double range directive if there was a __RANGE_DIRECTIVE__ override
  • Fixed ORT to be backwards compatible with Traffic Ops 3.x
Changed

  • Changed ORT/atstccfg ATS configuration generation to be deterministic in order to simplify diff checking
  • Changed ORT to not update ip_allow.config on SYNCDS runs by default

Deprecated

  • Deprecated the insecure option in traffic_ops_golang in favor of "tls_config": { "InsecureSkipVerify": <bool> }

Upgrade Requirements

  • Reminder: as of Apache Traffic Control 4.0, an IPv6-capable astats_over_http plugin (available since ATC 2.2+) is required for Apache Traffic Server in order to do IPv6 routing.