Apache Traffic Control 8.0.0 is available here:
maxOriginConnections
SSL-KEY_EXPIRATION:READ
, ACME:READ
, etc.) to various roles. Also created a new role (trouter
) to monitor Traffic Ops resources. Return empty array when no permission are given for a roles API (PUT, POST)oauth_user_attribute
for OAuth login credentials along with usage of ID token instead of Access Token for authentication.profileparameters
when POST body is emptyapply_time
query parameters on the servers/{id-name}/update
when the CDN is locked.deliveryservices/sslkeys/add
now checks that each cert in the chain is related./servers/{id}/deliveryservices
endpoint to responding with all DS’s on cache that are directly assigned and inherited through topology./phys_locations
PUT API to remove error related to mismatching region name and ID.sharedUserNames
display while retrieving CDN locks.iloPassword
and xmppPassword
, now based on permissions and instead of priv-level.Active
property of Delivery Services from a boolean to an enumerated string constant that can represent three different “Activity States” for a Delivery Service.LastUpdated
field across multiple APIs to use RFC3339
instead of deprecated time.Time
.
Delivery Service (DS):
Certs: Added visuals to DS cert expiration grid rows and the the ability to inspect a user provider cert, or the cert chain on DS SSL keys, and to delete a cert. Also added a revert certificate functionality.
Servers: Improved information about profile priorities with respect to layered profile.
Change Log: Ability to view entire log message by clicking on it.
CDN: Added TTLOverride
field to allow a quick turnaround time when performing TR maintenance that involves restarts.
UI Beautification: Added better labels for widgets, simplifying DS button bar by moving DS changes/ DSRs under More menu, obscure sensitive text in raw remap
fields, private SSL keys, “Header Rewrite” rules, and ILO interface passwords.
Fair Queueing Pacing Rate Bps
DS field to Cache Configuration Settings
section.
dnssec.zone.diffing.enabled
and dnssec.rrsig.cache.enabled
parametersminimum
field to a custom value defined in the tld.soa.minimum
param, and remove the previously added dns.negative.caching.ttl
property.cqhv
field when absent.czCount
, by resetting the count to max value when it overflows.Content-Length
header in the response.
t3c apply
to run concurrently.
Added a peer monitoring flag in strategies.yaml
Added three health mechanisms: L4 health (a TCP syn-ack-rst), L7 health (a successful HTTP response), and a meta-parent poll which polls the parent’s own health client parent health and uses a heuristic of unavailable parents on the parent.
T3C Traffic Control Health Client upgraded to Apache Traffic Server (ATS) 9.2.
CDN in a Box, the t3c integration tests, and the tc health client integration tests now use 9.1.
#7896 ATC Build system: Count commits since the last release, not commits.
It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures.
The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the `ASC` signature file for the relevant distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using:
% pgpk -a KEYS % pgpv apache-trafficcontrol-8.0.0.tar.gz.asc
or% pgp -ka KEYS % pgp apache-trafficcontrol-8.0.0.tar.gz.asc
or% gpg --import KEYS % gpg --verify apache-trafficcontrol-8.0.0.tar.gz.asc apache-trafficcontrol-8.0.0.tar.gz
$ gpg --verify apache-trafficcontrol-8.0.0.tar.gz.asc apache-trafficcontrol-8.0.0.tar.gz
gpg: Signature made Wed Jan 24 09:16:15 2024 MST
gpg: using RSA key 383FAA8E2028BB4796DFE5A177B0253DC9954099
gpg: Good signature from "Rima Shah <rshah@apache.org>" [ultimate]
Additionally, you should verify the SHA signature on the files. A unix program called `sha` or `shasum` is included in many unix distributions. It is also available as part of GNU Textutils. An MD5 signature (deprecated) consists of 32 hex characters, and a SHA512 signature consists of 128 hex characters. Ensure your generated signature string matches the signature string published in the files above.
Apache Traffic Control 7.0.1 is available here:
PUT
a requested configuration change for a full configuration or per host and an endpoint to approve or deny the request.GET
capacity and telemetry data for CDNi integration.status
field logging with the addition of the filed to publish/CrStates
GET
/deliveryservices/{id}/servers/ and /deliveryservices/{id}/servers/eligible.GET
/servers/, POST
/servers/, PUT
/servers/{id} and DELETE
/servers/{id}.tm_query_status_override
-- to override which status of Traffic Monitors to query (default: ONLINE).ats
#6879.distributed_polling
which enables the ability for Traffic Monitor to poll a subset of the CDN and divide into "local peer groups" and "distributed peer groups". Traffic Monitors in the same group are local peers, while Traffic Monitors in other groups are distibuted peers. Each TM group polls the same set of cachegroups and gets availability data for the other cachegroups from other TM groups. This allows each TM to be responsible for polling a subset of the CDN while still having a full view of CDN availability. In order to use this, stat_polling
must be disabled.access.log
to TM.cdn.conf
option -- server_update_status_cache_refresh_interval_sec
-- which enables an in-memory server update status cache to improve performance. Default: 0 (disabled).cdn.conf
option -- user_cache_refresh_interval_sec
-- which enables an in-memory users cache to improve performance. Default: 0 (disabled).file
-protocol URLs for the geolocation.polling.url
for the Geolocation database.status
and lastPoll
fields to the publish/CrStates
endpoint of Traffic Monitor (TM) #6448.
__HOSTNAME__
in "unknown" files (others than the defaults ones), was being replaced by the full FQDN instead of the shot hostname.GET /deliveryservicesserver
causing error when an IMS request is made with the cdn
and maxRevalDurationDays
parameters set.PUT /servers/:id/status
to only queue updates on the same CDN as the updated serverRHEL_VERSION=7
operations
and admin
roles should have the DELIVERY-SERVICE:UPDATE
permission.npm audit
issues.api/{{version}/deliveryservices/{id}/health
returns no info if the delivery service uses a topology./acme_accounts
/acme_accounts
endpoint to validate email and URL fieldsPOST
and response code for PUT
to /acme_accounts
endpointcreate_tables.sql
more than once./server/details
associated with query parameters.GET
for /servers
to display all profiles irrespective of the index position. Also, replaced query param profileId
with profileName
.POST api/cachegroups/id/queue_updates
endpoint so that it doesn't give an internal server error anymore.dequeueing
server updates should not require checking for cdn locks.
client.steering.forced.diversity
feature flag(profile parameter) from Traffic Router (TR). Client steering responses now have cache diversity by default.npm audit
issues, specifically grunt-concurrent
, grunt-contrib-concat
, grunt-contrib-cssmin
, grunt-contrib-jsmin
, grunt-contrib-uglify
, grunt-contrib-htmlmin
, grunt-newer
, and grunt-wiredep
peer_polling_protocol
option. Traffic Monitor now just uses hostnames to request peer states, which can be handled via IPv4 or IPv6 depending on the underlying IP version in use.forever
with pm2
for process management of the traffic portal node server to remediate security issues./servers/details
endpoint of the Traffic Ops API has been dropped in version 4.0, and marked deprecated in earlier versions.
deliveryservice_tmuser
table from Traffic Ops databaseTRAFFIC_ROUTER
-type Profiles no longer need to have names that match any kind of pattern (e.g. CCR_.*
)