To enable strict SSL on southbound connections to a proxy target endpoint, add the tag true in the target block. (Fixed in Apigee hybrid v1.11.0)įixed issue with default validation of TLS target endpoint certificates. If you are using security controls with gatekeeper, ensure that apigee-cassandra-ulimit-init initContainer can runAs user, group as 0 and allow capabilities IPC_LOCK and SYS_RESOURCES. (Fixed in Apigee X)ĭisable privilege escalation on the cassandra container by moving the ulimit settings to the newly introduced initContainer "apigee-cassandra-ulimit-init". Note: There may be a delay between removal of the proxy and termination of the target server health checks. Target health checks are now terminated as soon as the proxy is removed from the runtime (undeployed or deleted). (Fixed in Apigee hybrid v1.10.3)įixed issue causing target server HealthMonitors to continue beyond revision or deletion of the proxy. Security context has been corrected for apigee-prom-prometheus to avoid privilege escalation. Implemented a fix to prevent failure of proxy deployments that include the OASValidation policy. (Fixed in Apigee hybrid v1.10.3)įixed UDCA regression in Hybrid 1.10.1 where UDCA would ignore forward proxy configuration. Updated the security context settings for the Apigee Hybrid Backup and Restore pod.Īn error with support for CSI backup and restore for Cassandra was fixed. Installation of Hybrid 1.10.x would fail on OpenShift due to out of memory issues. Save money with our transparent approach to pricing Migrate from PaaS: Cloud Foundry, OpenshiftĬOVID-19 Solutions for the Healthcare Industry
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |