Apache Traffic Control - Current Release

Apache Traffic Control 6.0.1 - November 8^th, 2021

Apache Traffic Control 6.0.1 is available here:

• Tarball
• SHA-512
• BLAKE2
• ASC
• KEYS
• Default Profiles

Release Notes

Traffic Ops

Added

• #2770 Added validation for httpBypassFqdn as hostname in Traffic Ops

Fixed

• #6125 - Fix /cdns/{name}/federations?id=# to search for CDN.
• #6285 - The Traffic Ops Postinstall script will work in CentOS 7, even if Python 3 is installed
• #5373 - Traffic Monitor logs not consistent
• #6197 - TO /deliveryservices/:id/routing makes requests to all TRs instead of by CDN.
• Traffic Ops: Sanitize username before executing LDAP query

Changed

• #5927 Updated CDN-in-a-Box to not run a Riak container by default but instead only run it if the optional flag is provided.
• Changed the DNSSEC refresh Traffic Ops API to only create a new change log entry if any keys were actually refreshed or an error occurred (in order to reduce changelog noise)

Apache Traffic Control 5.1.4 - November 8^th, 2021

Apache Traffic Control 5.1.4 is available here:

• Tarball
• SHA-512
• ASC
• KEYS
• Default Profiles

Release Notes

Added

• Traffic Ops: added a feature so that the user can specify maxRequestHeaderBytes on a per delivery service basis
• Traffic Router: log warnings when requests to Traffic Monitor return a 503 status code
• #5344 - Add a documentation page that addresses migrating from Traffic Ops API v1 for each endpoint
• Added API endpoints for ACME accounts
• Traffic Ops: Added validation to ensure that the cachegroups of a delivery services' assigned ORG servers are present in the topology
• Traffic Ops: Added validation to ensure that the weight parameter of parent.config is a float
• Traffic Ops Client: New Login function with more options, including falling back to previous minor versions. See traffic_ops/v3-client documentation for details.
• #5395 - Added validation to prevent changing the Type any Cache Group that is in use by a Topology
• Added license files to the RPMs
• Atscfg: Added a rule to ip_allow.config such that PURGE requests are allowed over localhost

Fixed

• Traffic Ops: Sanitize username before executing LDAP query
• #5296 - Fixed a bug where users couldn't update any regex in Traffic Ops/ Traffic Portal
• Traffic Portal: #5317 - Clicking IP addresses in the servers table no longer navigates to server details page.
• #5445 - When updating a registered user, ignore updates on registration_sent field.
• #5335 - Don't create a change log entry if the delivery service primary origin hasn't changed
• #5333 - Don't create a change log entry for any delivery service consistent hash query params updates
• #5341 - For a DS with existing SSLKeys, fixed HTTP status code from 403 to 400 when updating CDN and Routing Name (in TO) and made CDN and Routing Name fields immutable (in TP).
• #5192 - Fixed TO log warnings when generating snapshots for topology-based delivery services.
• #5284 - Fixed error message when creating a server with non-existent profile
• #5287 - Fixed error message when creating a Cache Group with no typeId
• #5382 - Fixed API documentation and TP helptext for "Max DNS Answers" field with respect to DNS, HTTP, Steering Delivery Service
• #5396 - Return the correct error type if user tries to update the root tenant
• #5378 - Updating a non existent DS should return a 404, instead of a 500
• Fixed a potential Traffic Router race condition that could cause erroneous 503s for CLIENT_STEERING delivery services when loading new steering changes
• #5195 - Correctly show CDN ID in Changelog during Snap
• #5438 - Correctly specify nodejs version requirements in traffic_portal.spec
• Fixed Traffic Router logging unnecessary warnings for IPv6-only caches
• #5294 - TP ag grid tables now properly persist column filters on page refresh.
• #5295 - TP types/servers table now clears all filters instead of just column filters
• #5407 - Make sure that you cannot add two servers with identical content
• #2881 - Some API endpoints have incorrect Content-Types
• #5364 - Cascade server deletes to delete corresponding IP addresses and interfaces
• #5390 - Improve the way TO deals with delivery service server assignments
• #5339 - Ensure Changelog entries for SSL key changes
• #5461 - Fixed steering endpoint to be ordered consistently
• Fixed an issue with 2020082700000000_server_id_primary_key.sql trying to create multiple primary keys when there are multiple schemas.
• Fix for public schema in 2020062923101648_add_deleted_tables.sql
• Moved move_lets_encrypt_to_acme.sql, add_max_request_header_size_delivery_service.sql, and server_interface_ip_address_cascade.sql past last migration in 5.0.0
• #5505 - Make parent_reval_pending for servers in a Flexible Topology CDN-specific on GET /servers/{{name}}/update_status
• #5565 - TO GET /caches/stats panic converting string to uint64
• #5558 - Fixed `TM UI` and `/api/cache-statuses` to report aggregate `bandwidth_kbps` correctly.
• Fix for config gen missing max_origin_connections on mids in certain scenarios
• #5192 - Fixed TO log warnings when generating snapshots for topology-based delivery services.
• Fixed Invalid TS logrotate configuration permissions causing TS logs to be ignored by logrotate.
• #5604 - traffic_monitor.log is no longer truncated when restarting Traffic Monitor
• #1624 - Fixed ORT to reload Traffic Server if LUA scripts are added or changed.
• #5554 - TM UI overflows screen width and hides table data
• Fixed the return error for GET api `cdns/routing` to avoid incorrect success response
• #5712 - Ensure that 5.x Traffic Stats is compatible with 5.x Traffic Monitor and 5.x Traffic Ops, and that it doesn't log all 0's for cache_stats
• Fixed ORT being unable to update URLSIG keys for Delivery Services
• Fixed ORT service category header rewrite for mids and topologies
• Fixed an issue where Traffic Ops becoming unavailable caused Traffic Monitor to segfault and crash
• #5754 - Ensure Health Threshold Parameters use legacy format for legacy Monitoring Config handler
• #5695 - Ensure vitals are calculated only against monitored interfaces
• Fixed Traffic Monitor to report ONLINE caches as available
• #5744 - Sort TM Delivery Service States page by DS name
• #5724 - Set XMPPID to hostname if the server had none, don't error on server update when XMPPID is empty
• #5739 - Prevent looping in case of a failed login attempt
• Customer names in payloads sent to the /deliveryservices/request Traffic Ops API endpoint can no longer contain characters besides alphanumerics, @, !, #, $, %, ^, &, \*, (, ), [, ], '.', ' ', and '-'. This fixes a vulnerability that allowed email content injection.

Changed

• #5311 - Better TO log messages when failures calling TM CacheStats
• Refactored the Traffic Ops Go client internals so that all public methods have a consistent behavior/implementation
• Pinned external actions used by Documentation Build and TR Unit Tests workflows to commit SHA-1 and the Docker image used by the Weasel workflow to a SHA-256 digest
• Set Traffic Router to only accept TLSv1.1 and TLSv1.2 protocols in server.xml
• Updated Apache Tomcat from 8.5.57 to 8.5.63
• Updated Apache Tomcat Native from 1.2.16 to 1.2.23
• Traffic Portal: #5394 - Converts the tenant table to a tenant tree for usability
• Traffic Portal: upgraded delivery service UI tables to use more powerful/performant ag-grid component