3scale API Management featured image

We continue to update the Red Hat Integration product portfolio to provide a better operational and development experience for modern cloud- and container-native applications. The Red Hat Integration 2020-Q3 release includes Red Hat 3scale API Management 2.9, which provides new features and capabilities for 3scale. Among other features, we have updated the 3scale API Management and Gateway Operators.

This article introduces the Red Hat 3scale API Management 2.9 release highlights, including air-gapped installation for 3scale on Red Hat OpenShift and new APIcast policies for custom metrics and upstream mutual Transport Layer Security (TLS).

Note: See the end of the article for registration information for the Red Hat-sponsored APIDays LIVE London: The Road to Embedded Finance, Banking, and Insurance with APIs. Registration is free and includes two recorded Red Hat sessions.

Air gapped installation on OpenShift

The 3scale Operator now fully supports air gapped installation for 3scale API Management on OpenShift. Air gapped or restricted networks are isolated from the Internet and physically isolated from any other network. Secure environments such as government agencies and financial institutions typically require an air gapped installation for Red Hat Integration on OpenShift. This type of installation differs from a regular installation in three ways:

  • OpenShift software channels and repositories are not available from Red Hat’s content distribution network.
  • You cannot pull OpenShift images directly from Red Hat’s container registry.
  • You cannot connect to the Maven mirrors hosted by Red Hat.

To allow for installation on restricted networks, a 3scale Operator must list all container images that the Operator requires in the relatedImages parameter of its ClusterServiceVersion (CSV) object. The Operator uses a digest (Secure Hash Algorithm) and not a tag to reference the specified images.

APIcast Gateway's new Custom Metrics policy

APIcast Gateway's new Custom Metrics policy lets you add metrics beyond hits. You can use this policy to add metrics on upstream response code or headers after a response is received from the back-end API.

Use cases include tracking HTTP 2xx responses or HTTP 4xx or 5xx responses from the back end. You would use the HTTP 2xx custom metric for application plan rate limits or pricing rules where you only wanted to track successful response codes. You would use a 4xx or 5xx custom metric to report multiple error codes from an upstream API in the Analytics section of your 3scale admin portal. Another common use case is a custom metric based on the content-length header response sent from the back-end API. You could use this metric for application plans to track the payload size rather than hits based on rate limits or billing.

Custom metrics are based on the back-end API's response, so consider these factors when implementing the new policy:

  • Before you can use a custom metric, you must create the metric definition using the Admin Portal or Admin API.
  • When authentication happens before a request is sent to the upstream API, you must make a second call to the back-end API Manager to report the new metrics.
  • The Custom Metrics policy does not work with the 3scale Batcher policy.

Watch the video

See a quick, live demonstration of creating custom metrics with the new APIcast Custom Metrics policy.

More new features in 3scale Management API 2.9

Additional new features in the 3scale Management API 2.9 release include the new Upstream Mutual TLS policy, a new configuration for billing currencies, and analytics data for API back ends. See the release documentation for other minor feature updates.

The 3scale Management API 2.9 release also features the new 3scale Operator, which brings new functionality for backup-and-restore, custom resources, and metering and monitoring resources with Prometheus and Grafana. The 3scale Management API 2.9 release supports the OpenAPI 3.0 specification on ActiveDocs.

APIDays London: Watch now

APIDays is the leading industry technology and business series of conferences for APIs and the programmable economy. On October 27 and 28, 2020, Red Hat sponsored APIDays LIVE London: The Road to Embedded Finance, Banking, and Insurance with APIs.​ This virtual event hosts technical and business leaders from retail and investment banking, insurance, and finance, explaining how they are using APIs to create new business value.

Registration is free to view the recorded sessions from APIDays LIVE London, including the two Red Hat sessions this year:

  • Tuesday, October 27, 2020, at 12:30 PM GMT: Why your digital identity is critical in the post-COVID world, by EMEA Senior Consultant Luca Ferrari.
  • Wednesday, October 28, 2020, at 10:50 AM GMT: A cloud-native approach for open banking in action, by FSI Marketing Manager Rafael Marins.

Both sessions are recorded and can be viewed by registering on the APIDays London event page.

Last updated: March 30, 2023